예제 #1
0
def create_assertion_session(conf_file, scopes, subject=None):
    import json
    from authlib.client import AssertionSession

    with open(conf_file, 'r') as f:
        conf = json.load(f)

    token_url = conf['token_uri']
    issuer = conf['client_email']
    key = conf['private_key']
    key_id = conf.get('private_key_id')

    header = {'alg': 'RS256'}
    if key_id:
        header['kid'] = key_id

    # Google puts scope in payload
    claims = {'scope': ' '.join(scopes)}
    return AssertionSession(
        grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
        token_url=token_url,
        issuer=issuer,
        audience=token_url,
        claims=claims,
        subject=subject,
        key=key,
        header=header,
    )
예제 #2
0
    def load_conf(self):
        with open(settings.google_confs, "r") as f:
            conf = json.load(f)

        token_url = conf["token_uri"]
        issuer = conf["client_email"]
        key = conf["private_key"]
        key_id = conf.get("private_key_id")

        header = {"alg": "RS256"}
        scopes = ["https://spreadsheets.google.com/feeds",
                    "https://www.googleapis.com/auth/drive"]

        if key_id:
            header["kid"] = key_id

        # Google puts scope in payload
        claims = {"scope": " ".join(scopes)}
        return AssertionSession(
            grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
            token_url=token_url,
            issuer=issuer,
            audience=token_url,
            claims=claims,
            subject=subject,
            key=key,
            header=header,
        )
예제 #3
0
def create_assertion_session(conf_file, scopes, subject=None):
    with open(conf_file, 'r') as f:
        try:
            conf = json.load(f)
        except json.decoder.JSONDecodeError:
            print("unable to decode Credential file")
            return None

    token_url = conf["token_uri"]
    issuer = conf["client_email"]
    key = conf["private_key"]
    key_id = conf.get('private_key_id')

    header = {'alg': 'RS256'}
    if key_id:
        header["kid"] = key_id

    # Google puts scope in payload
    claims = {'scope': ' '.join(scopes)}
    return AssertionSession(
        grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
        token_url=token_url,
        issuer=issuer,
        audience=token_url,
        claims=claims,
        subject=subject,
        key=key,
        header=header,
    )
예제 #4
0
def google_api_auth(arqv_json='credenciais/colaborabot-gAPI.json',
                    subject=None):
    with open(arqv_json, 'r') as f:
        conf = json.load(f)

    token_url = conf['token_uri']
    issuer = conf['client_email']
    key = conf['private_key']
    key_id = conf.get('private_key_id')

    header = {'alg': 'RS256'}
    scopes = [
        'https://spreadsheets.google.com/feeds',
        'https://www.googleapis.com/auth/drive'
    ]

    if key_id:
        header['kid'] = key_id

    # Google puts scope in payload
    claims = {'scope': ' '.join(scopes)}
    return AssertionSession(
        grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
        token_url=token_url,
        issuer=issuer,
        audience=token_url,
        claims=claims,
        subject=subject,
        key=key,
        header=header,
    )
def createSession(subject=None):
    scopes = [
        'https://spreadsheets.google.com/feeds',
        'https://www.googleapis.com/auth/drive',
    ]
    creds = config.ServiceAccount.creds

    token_url = creds['token_uri']
    issuer = creds['client_email']
    key = creds['private_key']
    key_id = creds.get('private_key_id')

    header = {'alg': 'RS256'}
    if key_id:
        header['kid'] = key_id

    # Google puts scope in payload
    claims = {'scope': ' '.join(scopes)}
    return AssertionSession(
        grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
        token_url=token_url,
        issuer=issuer,
        audience=token_url,
        claims=claims,
        subject=subject,
        key=key,
        header=header,
    )
 def test_without_alg(self):
     sess = AssertionSession(
         token_url='https://i.b/token',
         grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
         issuer='foo',
         subject='foo',
         audience='foo',
         key='secret',
     )
     self.assertRaises(ValueError, sess.get, 'https://i.b')
    def test_refresh_token(self):
        def verifier(r, **kwargs):
            resp = mock.MagicMock()
            if r.url == 'https://i.b/token':
                self.assertIn('assertion=', r.body)
                resp.json = lambda: self.token
            return resp

        sess = AssertionSession(
            token_url='https://i.b/token',
            grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
            issuer='foo',
            subject='foo',
            audience='foo',
            alg='HS256',
            key='secret',
        )
        sess.send = verifier
        sess.get('https://i.b')

        # trigger more case
        now = int(time.time())
        sess = AssertionSession(
            token_url='https://i.b/token',
            grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
            issuer='foo',
            subject=None,
            audience='foo',
            issued_at=now,
            expires_at=now + 3600,
            header={'alg': 'HS256'},
            key='secret',
            scope='email',
            claims={'test_mode': 'true'})
        sess.send = verifier
        sess.get('https://i.b')
        # trigger for branch test case
        sess.get('https://i.b')