def RevokeCredsInWellKnownFile(brief): """Revoke the credentials in ADC's well-known file.""" # pylint:disable=protected-access, refactor as per TODO above credentials_filename = client._get_well_known_file() if not os.path.isfile(credentials_filename): if not brief: log.status.write( '\nApplication Default Credentials have not been\n' 'set up by a tool, so nothing was revoked.\n') return # We only want to get the credentials from the well-known file, because # no other credentials can be revoked. # pylint:disable=protected-access, refactor as per TODO above creds = client._get_application_default_credential_from_file( credentials_filename) if creds.serialization_data['type'] != 'authorized_user': if not brief: log.status.write( '\nThe credentials set up for Application Default Credentials\n' 'through the Google Cloud SDK are service account credentials,\n' 'so they were not revoked.\n') else: c_store.RevokeCredentials(creds) if not brief: log.status.write( '\nThe credentials set up for Application Default Credentials\n' 'through the Google Cloud SDK have been revoked.\n') os.remove(credentials_filename) if not brief: log.status.write( '\nThe file storing the Application Default Credentials\n' 'has been removed.\n')
def ADCFilePath(): """Gets the ADC default file path. Returns: str, The path to the default ADC file. """ # pylint:disable=protected-access return client._get_well_known_file()
def test_get_well_known_file_on_windows(self): ORIGINAL_ISDIR = os.path.isdir try: os.path.isdir = lambda path: True well_known_file = datafile( os.path.join(client._CLOUDSDK_CONFIG_DIRECTORY, 'application_default_credentials.json')) os.name = 'nt' os.environ['APPDATA'] = DATA_DIR self.assertEqual(well_known_file, _get_well_known_file()) finally: os.path.isdir = ORIGINAL_ISDIR
def _get_project_id(self): project_id = self.args.project_id if not project_id: # try to get it from credentials credentials_filename = oauth2client._get_environment_variable_file() if not credentials_filename: credentials_filename = oauth2client._get_well_known_file() if credentials_filename: with open(credentials_filename) as file_obj: client_credentials = json.load(file_obj) project_id = client_credentials['project_id'] return project_id
def test_get_well_known_file_with_custom_config_dir(self): ORIGINAL_ENVIRON = os.environ ORIGINAL_ISDIR = os.path.isdir CUSTOM_DIR = 'CUSTOM_DIR' EXPECTED_FILE = os.path.join(CUSTOM_DIR, 'application_default_credentials.json') try: os.environ = {client._CLOUDSDK_CONFIG_ENV_VAR: CUSTOM_DIR} os.path.isdir = lambda path: True well_known_file = _get_well_known_file() self.assertEqual(well_known_file, EXPECTED_FILE) finally: os.environ = ORIGINAL_ENVIRON os.path.isdir = ORIGINAL_ISDIR
def _authenticate_and_get_creds_file_path(existing_creds_file=None): """Ensures agent will be able to authenticate and returns creds.""" # Can't disable near "else" (https://github.com/PyCQA/pylint/issues/872). # pylint:disable=protected-access if existing_creds_file: creds_file_path = _expand_path(existing_creds_file) if not os.path.exists(creds_file_path): raise OSError( 'Credentials file not found at {}. Check for typos and ensure a' ' creds file exists at the path, then re-run the command.'. format(creds_file_path)) else: creds_file_path = oauth2_client._get_well_known_file() # pylint:enable=protected-access if not os.path.exists(creds_file_path): creds = login_util.DoInstalledAppBrowserFlowGoogleAuth( scopes=(login_util.DEFAULT_SCOPES + [config.REAUTH_SCOPE])) auth_util.DumpADCOptionalQuotaProject(creds) return creds_file_path
def CreateWellKnownFileDir(): """Create the directory for ADC's well-known file.""" # pylint:disable=protected-access, refactor as per TODO above credentials_filename = client._get_well_known_file() files.MakeDir(os.path.dirname(credentials_filename))
def test_get_well_known_file_on_windows_no_file(self): os.name = 'nt' os.environ['APPDATA'] = os.path.join(DATA_DIR, 'nonexistentpath') self.assertEqual(None, _get_well_known_file())
def test_get_well_known_file_on_windows(self): well_known_file = datafile( os.path.join('gcloud', 'credentials_default.json')) os.name = 'nt' os.environ['APPDATA'] = DATA_DIR self.assertEqual(well_known_file, _get_well_known_file())
def test_get_well_known_file_on_windows(self): well_known_file = datafile( os.path.join('gcloud', 'application_default_credentials.json')) os.name = 'nt' os.environ['APPDATA'] = DATA_DIR self.assertEqual(well_known_file, _get_well_known_file())
def test_get_well_known_file_on_windows(self): well_known_file = datafile(os.path.join("gcloud", "application_default_credentials.json")) os.name = "nt" os.environ["APPDATA"] = DATA_DIR self.assertEqual(well_known_file, _get_well_known_file())