예제 #1
0
    def get_hmac_key_metadata(
        self, access_id, project_id=None, user_project=None, timeout=_DEFAULT_TIMEOUT
    ):
        """Return a metadata instance for the given HMAC key.

        :type access_id: str
        :param access_id: Unique ID of an existing key.

        :type project_id: str
        :param project_id: (Optional) project ID of an existing key.
            Defaults to client's project.

        :type timeout: float or tuple
        :param timeout: (optional) The amount of time, in seconds, to wait
            for the server response.

            Can also be passed as a tuple (connect_timeout, read_timeout).
            See :meth:`requests.Session.request` documentation for details.

        :type user_project: str
        :param user_project: (Optional) This parameter is currently ignored.
        """
        metadata = HMACKeyMetadata(self, access_id, project_id, user_project)
        metadata.reload(timeout=timeout)  # raises NotFound for missing key
        return metadata
예제 #2
0
    def create_hmac_key(self, service_account_email, project_id=None):
        """Create an HMAC key for a service account.

        :type service_account_email: str
        :param service_account_email: e-mail address of the service account

        :type project_id: str
        :param project_id: (Optional) explicit project ID for the key.
            Defaults to the client's project.

        :rtype:
            Tuple[:class:`~google.cloud.storage.hmac_key.HMACKeyMetadata`, str]
        :returns: metadata for the created key, plus the bytes of the key's secret, which is an 40-character base64-encoded string.
        """
        if project_id is None:
            project_id = self.project

        path = "/projects/{}/hmacKeys".format(project_id)
        qs_params = {"serviceAccountEmail": service_account_email}
        api_response = self._connection.api_request(
            method="POST", path=path, query_params=qs_params
        )
        metadata = HMACKeyMetadata(self)
        metadata._properties = api_response["metadata"]
        secret = api_response["secret"]
        return metadata, secret
예제 #3
0
    def get_hmac_key_metadata(self, access_id, project_id=None):
        """Return a metadata instance for the given HMAC key.

        :type access_id: str
        :param access_id: Unique ID of an existing key.

        :type project_id: str
        :param project_id: (Optional) project ID of an existing key.
            Defaults to client's project.
        """
        metadata = HMACKeyMetadata(self, access_id, project_id)
        metadata.reload()  # raises NotFound for missing key
        return metadata
예제 #4
0
    def create_hmac_key(
        self,
        service_account_email,
        project_id=None,
        user_project=None,
        timeout=_DEFAULT_TIMEOUT,
    ):
        """Create an HMAC key for a service account.

        :type service_account_email: str
        :param service_account_email: e-mail address of the service account

        :type project_id: str
        :param project_id: (Optional) Explicit project ID for the key.
            Defaults to the client's project.

        :type user_project: str
        :param user_project: (Optional) This parameter is currently ignored.

        :type timeout: float or tuple
        :param timeout: (Optional) The amount of time, in seconds, to wait
            for the server response.

            Can also be passed as a tuple (connect_timeout, read_timeout).
            See :meth:`requests.Session.request` documentation for details.

        :rtype:
            Tuple[:class:`~google.cloud.storage.hmac_key.HMACKeyMetadata`, str]
        :returns: metadata for the created key, plus the bytes of the key's secret, which is an 40-character base64-encoded string.
        """
        if project_id is None:
            project_id = self.project

        path = "/projects/{}/hmacKeys".format(project_id)
        qs_params = {"serviceAccountEmail": service_account_email}

        if user_project is not None:
            qs_params["userProject"] = user_project

        api_response = self._connection.api_request(
            method="POST",
            path=path,
            query_params=qs_params,
            timeout=timeout,
            retry=None,
        )
        metadata = HMACKeyMetadata(self)
        metadata._properties = api_response["metadata"]
        secret = api_response["secret"]
        return metadata, secret
예제 #5
0
def test_hmac_key_crud(storage_client, scrubbed_hmac_keys, service_account):
    from google.cloud.storage.hmac_key import HMACKeyMetadata

    before_hmac_keys, hmac_keys_to_delete = scrubbed_hmac_keys

    email = service_account.service_account_email

    metadata, secret = storage_client.create_hmac_key(email)
    hmac_keys_to_delete.append(metadata)

    assert isinstance(secret, str)
    assert len(secret) == 40

    after_hmac_keys = set(storage_client.list_hmac_keys())
    assert metadata not in before_hmac_keys
    assert metadata in after_hmac_keys

    another = HMACKeyMetadata(storage_client)
    another._properties["accessId"] = "nonesuch"

    assert not another.exists()

    another._properties["accessId"] = metadata.access_id
    assert another.exists()

    another.reload()

    assert another._properties == metadata._properties

    metadata.state = HMACKeyMetadata.INACTIVE_STATE
    metadata.update()

    metadata.delete()
    hmac_keys_to_delete.remove(metadata)
예제 #6
0
def _item_to_hmac_key_metadata(iterator, item):
    """Convert a JSON key metadata resource to the native object.

    :type iterator: :class:`~google.api_core.page_iterator.Iterator`
    :param iterator: The iterator that has retrieved the item.

    :type item: dict
    :param item: An item to be converted to a key metadata instance.

    :rtype: :class:`~google.cloud.storage.hmac_key.HMACKeyMetadata`
    :returns: The next key metadata instance in the page.
    """
    metadata = HMACKeyMetadata(iterator.client)
    metadata._properties = item
    return metadata
예제 #7
0
def hmac_key_update(client, _preconditions, **resources):
    access_id = resources.get("hmac_key").access_id
    etag = resources.get("hmac_key").etag
    hmac_key = HMACKeyMetadata(client, access_id=access_id)
    if _preconditions:
        pytest.skip("Etag is not yet supported")
        hmac_key.etag = etag
    hmac_key.state = "INACTIVE"
    hmac_key.update()
예제 #8
0
def hmac_key_delete(client, _preconditions, **resources):
    access_id = resources.get("hmac_key").access_id
    hmac_key = HMACKeyMetadata(client, access_id=access_id)
    hmac_key.state = "INACTIVE"
    hmac_key.update()
    hmac_key.delete()
예제 #9
0
def hmac_key_reload(client, _preconditions, **resources):
    access_id = resources.get("hmac_key").access_id
    hmac_key = HMACKeyMetadata(client, access_id=access_id)
    hmac_key.reload()