def __init__(self): #credentials = SignedJwtAssertionCredentials(config.CLIENT_EMAIL, PRIVATE_KEY, #'https://www.googleapis.com/auth/analytics.readonly') credentials = ServiceAccountCredentials.from_p12_keyfile(config.CLIENT_EMAIL, config.KEY_FILE, scopes='https://www.googleapis.com/auth/analytics.readonly') http_auth = credentials.authorize(Http()) ga_service = build('analytics', 'v3', http=http_auth) self.ga = ga_service.data().ga()
def do_auth(): credentials = ServiceAccountCredentials.from_p12_keyfile(GOOGLE_SERVICE_EMAIL, 'auth/fusiontable.p12', scopes=['https://www.googleapis.com/auth/drive']) http = httplib2.Http() auth = credentials.authorize(http) if credentials.access_token_expired: auth.login() return auth
def http(self, sub=None): credentials = ServiceAccountCredentials.from_p12_keyfile( 'faf-server', 'faf-server.pem', scopes='write_achievements write_events' ) return credentials.authorize(Http())
def get_service_acct_creds(key_file, verbose=False): '''Generate service account credentials using the given key file. key_file: path to file containing private key. ''' ### backcompatability for .p12 keyfiles if key_file.endswith('.p12') or key_file.endswith('.pem'): from edx2bigquery_config import auth_service_acct as SERVICE_ACCT if verbose: print "using key file" print "service_acct=%s, key_file=%s" % (SERVICE_ACCT, KEY_FILE) try: creds = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCT, key_file, scopes=BIGQUERY_SCOPE) except Exception as err: # fallback to old google SignedJwtAssertionCredentials call with open (key_file, 'rb') as f: key = f.read(); creds = SignedJwtAssertionCredentials( SERVICE_ACCT, key, BIGQUERY_SCOPE) return creds ### creds = ServiceAccountCredentials.from_json_keyfile_name( key_file, BIGQUERY_SCOPE) return creds
def main(): # Load the key in PKCS 12 format that you downloaded from the Google APIs # Console when you created your Service account. with open('.ci/play_developer.p12', 'rb') as f: key = f.read() # Create an httplib2.Http object to handle our HTTP requests and authorize it # with the Credentials. Note that the first parameter, service_account_name, # is the Email address created for the Service account. It must be the email # address associated with the key that was created. credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, '.ci/play_developer.p12', scopes='https://www.googleapis.com/auth/androidpublisher') http = httplib2.Http() http = credentials.authorize(http) service = build('androidpublisher', 'v3', http=http) # Process flags and read their values. flags = argparser.parse_args() package_name = flags.package_name apk_files = flags.apk_files try: edit_request = service.edits().insert(body={}, packageName=package_name) result = edit_request.execute() edit_id = result['id'] version_codes = list() for filepath in apk_files: apk_response = service.edits().apks().upload( editId=edit_id, packageName=package_name, media_body=filepath).execute() print('Version code {version_code} has been uploaded'.format( version_code=apk_response['versionCode'])) version_codes.append(apk_response['versionCode']) track_response = service.edits().tracks().update( editId=edit_id, track=TRACK, packageName=package_name, body={u'versionCodes': version_codes}).execute() print('Track {track} is set for version code(s) {version_code}'.format( track=track_response['track'], version_code=track_response['versionCodes'] )) commit_request = service.edits().commit( editId=edit_id, packageName=package_name).execute() print('Edit "{id}" has been committed'.format(id=commit_request['id'])) except client.AccessTokenRefreshError: print('The credentials have been revoked or expired, please re-run the ' 'application to re-authorize')
def _get_service(self, api_name, api_version, scope): # Use the developer console and replace the values with your # service account email and relative location of your key file. service_account_email = '*****@*****.**' key_file_location = 'scrt/Profireader analytics-1fe3311c276b.p12' DISCOVERY_URI = ('https://analyticsreporting.googleapis.com/$discovery/rest') """Get a service that communicates to a Google API. Args: api_name: The name of the api to connect to. api_version: The api version to connect to. scope: A list auth scopes to authorize for the application. key_file_location: The path to a valid service account p12 key file. service_account_email: The service account email address. Returns: A service that is connected to the specified API. """ credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email, key_file_location, scopes=scope) http = credentials.authorize(httplib2.Http()) # Build the service object. service = build('analytics', 'v4', http=http, discoveryServiceUrl=DISCOVERY_URI) return service
def get_for_service_account_p12(client_email, private_key_path, scope=None): """Gets the credentials for a service account with PKCS12 / p12 key. .. note:: This method is not used by default, instead :func:`get_credentials` is used. This method is intended to be used when the environment is known explicitly and detecting the environment implicitly would be superfluous. :type client_email: string :param client_email: The e-mail attached to the service account. :type private_key_path: string :param private_key_path: The path to a private key file (this file was given to you when you created the service account). This file must be in P12 format. :type scope: string or tuple of string :param scope: The scope against which to authenticate. (Different services require different scopes, check the documentation for which scope is required for the different levels of access to any particular API.) :rtype: :class:`oauth2client.service_account.ServiceAccountCredentials` :returns: A new ``ServiceAccountCredentials`` instance with the needed service account settings. """ return ServiceAccountCredentials.from_p12_keyfile( client_email, private_key_path, scopes=scope)
def get_service(api_name, api_version, scopes, key_file_location, service_account_email): """Get a service that communicates to a Google API. Args: api_name: The name of the api to connect to. api_version: The api version to connect to. scope: A list auth scopes to authorize for the application. key_file_location: The path to a valid service account p12 key file. service_account_email: The service account email address. Returns: A service that is connected to the specified API. """ credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email, key_file_location, scopes=scopes ) http = credentials.authorize(httplib2.Http()) # Build the service object. service = build(api_name, api_version, http=http) return service
def _from_p12_keyfile_helper(self, private_key_password=None, scopes='', token_uri=None, revoke_uri=None): service_account_email = '*****@*****.**' filename = data_filename('privatekey.p12') with open(filename, 'rb') as file_obj: key_contents = file_obj.read() creds_from_filename = ServiceAccountCredentials.from_p12_keyfile( service_account_email, filename, private_key_password=private_key_password, scopes=scopes, token_uri=token_uri, revoke_uri=revoke_uri) creds_from_file_contents = ( ServiceAccountCredentials.from_p12_keyfile_buffer( service_account_email, BytesIO(key_contents), private_key_password=private_key_password, scopes=scopes, token_uri=token_uri, revoke_uri=revoke_uri)) for creds in (creds_from_filename, creds_from_file_contents): self.assertIsInstance(creds, ServiceAccountCredentials) self.assertIsNone(creds.client_id) self.assertEqual(creds._service_account_email, service_account_email) self.assertIsNone(creds._private_key_id) self.assertIsNone(creds._private_key_pkcs8_pem) self.assertEqual(creds._private_key_pkcs12, key_contents) if private_key_password is not None: self.assertEqual(creds._private_key_password, private_key_password) self.assertEqual(creds._scopes, ' '.join(scopes)) self.assertEqual(creds.token_uri, token_uri) self.assertEqual(creds.revoke_uri, revoke_uri)
def _build_service(self, api_name, api_version, scopes): if self._keyfile_path is None: credentials = GoogleCredentials.get_application_default() service = build(api_name, api_version, credentials=credentials) return credentials, service else: if self._keyfile_path.lower().endswith(".json"): credentials = ServiceAccountCredentials.from_json_keyfile_name( self._keyfile_path, scopes=scopes) elif self._keyfile_path.lower().endswith(".p12"): if self._account_email is None: raise Exception("Input account email.") credentials = ServiceAccountCredentials.from_p12_keyfile( self._account_email, self._keyfile_path, scopes=scopes) else: error_message = """ Key file format [{0}] is illegal. Key file must be .json or .p12. """.format(self._keyfile_path) raise Exception(error_message) #http = httplib2.Http() #auth_http = credentials.authorize(http) #service = build(api_name, api_version, http=auth_http) service = build(api_name, api_version, credentials=credentials) return credentials, service
def from_service_account_p12(cls, client_email, private_key_path, *args, **kwargs): """Factory to retrieve P12 credentials while creating client. .. note:: Unless you have an explicit reason to use a PKCS12 key for your service account, we recommend using a JSON key. :type client_email: string :param client_email: The e-mail attached to the service account. :type private_key_path: string :param private_key_path: The path to a private key file (this file was given to you when you created the service account). This file must be in P12 format. :type args: tuple :param args: Remaining positional arguments to pass to constructor. :type kwargs: dict :param kwargs: Remaining keyword arguments to pass to constructor. :rtype: :class:`gcloud.client.Client` :returns: The client created with the retrieved P12 credentials. :raises: :class:`TypeError` if there is a conflict with the kwargs and the credentials created by the factory. """ if "credentials" in kwargs: raise TypeError("credentials must not be in keyword arguments") credentials = ServiceAccountCredentials.from_p12_keyfile(client_email, private_key_path) kwargs["credentials"] = credentials return cls(*args, **kwargs)
def setup_auth(args): """Set up and authentication httplib. Args: args: ArgumentParser with additional command-line flags to pass to the OAuth authentication flow. Returns: An http client library with authentication enabled. """ # Perform OAuth 2.0 authorization. if args.service_account: # Service accounts will follow the following authenication. client_email = args.service_account secret_file = args.service_account_secrets_file if secret_file.endswith('json'): credentials = ServiceAccountCredentials.from_json_keyfile_name( secret_file, SCOPES) elif secret_file.endswith('p12'): credentials = ServiceAccountCredentials.from_p12_keyfile( client_email, secret_file, SCOPES) else: flow = flow_from_clientsecrets(args.client_secrets_file, scope=SCOPES) storage = oauth_file.Storage(OAUTH2_STORAGE) credentials = storage.get() if credentials is None or credentials.invalid: credentials = tools.run_flow(flow, storage, args) http = httplib2.Http() return credentials.authorize(http)
def __init__(self): self._service_account_credentials = ServiceAccountCredentials.from_p12_keyfile( 'faf-server', 'faf-server.pem', scopes='write_achievements write_events' ) self._service_account_credentials.token_uri = API_TOKEN_URI
def _create_drive_service(self, google_p12_path, google_service_email): credentials = ServiceAccountCredentials.from_p12_keyfile( google_service_email, google_p12_path, scopes=['https://www.googleapis.com/auth/drive']) http_auth = credentials.authorize(Http()) return build('drive', 'v2', http=http_auth)
def _make_svc_account_creds(self, private_key_file='privatekey.p12'): filename = data_filename(private_key_file) credentials = ServiceAccountCredentials.from_p12_keyfile( '*****@*****.**', filename, scopes='read+write') credentials._kwargs['sub'] ='*****@*****.**' return credentials
def get_driveclient(config): """ Return an authorized apiclient """ credentials = ServiceAccountCredentials.from_p12_keyfile( config['service_account'], "CSCAP-6886c10d6ffb.p12", scopes=['https://www.googleapis.com/auth/drive']) http_auth = credentials.authorize(Http()) return build('drive', 'v2', http=http_auth)
def get_service(api_name, api_version, scope, key_file_location, service_account_email): credentials = ServiceAccountCredentials.from_p12_keyfile(service_account_email, key_file_location, scopes=scope) http = credentials.authorize(httplib2.Http()) # Build the service object. service = build(api_name, api_version, http=http) return service
def authenticate_using_service_account( service_account_email, impersonation_user_email, p12_file): """Authorizes an Http instance using service account credentials.""" credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email, p12_file, scopes=dfareporting_utils.API_SCOPES) # Delegate domain-wide authority. delegated_credentials = credentials.create_delegated(impersonation_user_email) return delegated_credentials.authorize(httplib2.Http())
def connect(self, username=None, password=None): if gee.MY_SERVICE_ACCOUNT != '' and gee.MY_PRIVATE_KEY_FILE != '': #ee.ServiceAccountCredentials(gee.MY_SERVICE_ACCOUNT, gee.MY_PRIVATE_KEY_FILE) from oauth2client.service_account import ServiceAccountCredentials authorization = ServiceAccountCredentials.from_p12_keyfile(gee.MY_SERVICE_ACCOUNT, gee.MY_PRIVATE_KEY_FILE, scopes=oauth.SCOPE) ee.Initialize(authorization) elif username != None and password != None: pass else: raise Exception('No valid user authentication found')
def init(): credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email=sys.argv[1], filename=sys.argv[2], private_key_password='******', scopes=ee.oauth.SCOPE + ' ' + DriveCleanup.SCOPES) ee.Initialize(credentials) global drive_cleanup drive_cleanup = DriveCleanup(credentials) drive_cleanup.start()
def __init__(self): # Create the JWT credentials = ServiceAccountCredentials.from_p12_keyfile(config[u'gserviceaccount'], config[u'secret'], scopes=config[u'scopes']) # Create an authorized http instance http = httplib2.Http() http = credentials.authorize(http) # Create a service call to the calendar API self.service = discovery.build('calendar', 'v3', http=http)
def prepare(self): self.http = Http() credentials = ServiceAccountCredentials.from_p12_keyfile( self.email, self.keyfile, scopes='https://www.googleapis.com/auth/analytics.readonly' ) self.http = credentials.authorize(self.http) self.analytics = build('analytics', 'v3', http=self.http)
def authorize(self): credentials = ServiceAccountCredentials.from_p12_keyfile(Connection.username, self.key_file, scopes=['https://www.googleapis.com/auth/doubleclickbidmanager']) _API_VERSION = 'v1' # Create an httplib2.Http object to handle our HTTP requests and authorize it # with our good Credentials. http = httplib2.Http() Connection.authorization_token = credentials.authorize(http) return Connection.authorization_token
def inser_data(schema,dataset_name,table_name,file_path,filename,user_id=None,tenant=None): credentials = ServiceAccountCredentials.from_p12_keyfile(service_account, key) bigquery = discovery.build('bigquery', 'v2', credentials=credentials) insert_request = bigquery.jobs().insert( projectId=project_id, # https://cloud.google.com/bigquery/docs/reference/v2/jobs#resource body={ 'configuration': { 'load': { 'schema': { 'fields': schema }, 'destinationTable': { 'projectId': project_id, 'datasetId': dataset_name, 'tableId': table_name }, 'sourceFormat': 'CSV', } } }, media_body=MediaFileUpload( file_path + '/' + filename, mimetype='application/octet-stream')) job = insert_request.execute() print('Waiting for job to finish...') status_request = bigquery.jobs().get( projectId= job['jobReference']['projectId'], jobId=job['jobReference']['jobId']) while True: result = status_request.execute(num_retries=3) if result['status']['state'] == 'DONE': if result['status'].get('errors'): raise RuntimeError('\n'.join( e['message']for e in result['status']['errors'])) print('Job complete.') usages = {'upload_bq': int(result['statistics']['load']['inputFileBytes']), 'storage_bq': int(result['statistics']['load']['inputFileBytes'])} try: obj = dre.RatingEngine(user_id, tenant, **usages) p1 = threading.Thread(target=obj.set_usage(), args=()) p1.start() except Exception, err: print err return result
def get_service_credentials(): """Get credentials to access Google services.""" user_agent = 'dataflow-python-sdk/1.0' if is_running_in_gce: # We are currently running as a GCE taskrunner worker. # # TODO(ccy): It's not entirely clear if these credentials are thread-safe. # If so, we can cache these credentials to save the overhead of creating # them again. return GCEMetadataCredentials(user_agent=user_agent) else: # We are currently being run from the command line. google_cloud_options = PipelineOptions( sys.argv).view_as(GoogleCloudOptions) if google_cloud_options.service_account_name: if not google_cloud_options.service_account_key_file: raise AuthenticationException( 'key file not provided for service account.') if not os.path.exists(google_cloud_options.service_account_key_file): raise AuthenticationException( 'Specified service account key file does not exist.') client_scopes = [ 'https://www.googleapis.com/auth/bigquery', 'https://www.googleapis.com/auth/cloud-platform', 'https://www.googleapis.com/auth/devstorage.full_control', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/datastore' ] # The following code uses oauth2client >=2.0.0 functionality and if this # is not available due to import errors will use 1.5.2 functionality. try: from oauth2client.service_account import ServiceAccountCredentials return ServiceAccountCredentials.from_p12_keyfile( google_cloud_options.service_account_name, google_cloud_options.service_account_key_file, client_scopes, user_agent=user_agent) except ImportError: with file(google_cloud_options.service_account_key_file) as f: service_account_key = f.read() from oauth2client.client import SignedJwtAssertionCredentials return SignedJwtAssertionCredentials( google_cloud_options.service_account_name, service_account_key, client_scopes, user_agent=user_agent) else: return _GCloudWrapperCredentials(user_agent)
def init(): credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email=sys.argv[1], filename=sys.argv[2], private_key_password='******', scopes=ee.oauth.SCOPE + ' https://www.googleapis.com/auth/drive') ee.Initialize(credentials) download_dir = sys.argv[3] global username username = sys.argv[4] global downloader downloader = Downloader( credentials=credentials, download_dir=download_dir)
def initialize_analyticsreporting(): """Initializes an analyticsreporting service object. Returns: analytics an authorized analyticsreporting service object. """ credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, KEY_FILE_LOCATION, scopes=SCOPES) http = credentials.authorize(httplib2.Http()) # Build the service object. analytics = build('analytics', 'v4', http=http, discoveryServiceUrl=DISCOVERY_URI) return analytics
def connect_to_play(self): """ Connect to the google play interface """ # Create an httplib2.Http object to handle our HTTP requests an # authorize it with the Credentials. Note that the first parameter, # service_account_name, is the Email address created for the Service # account. It must be the email address associated with the key that # was created. scope = 'https://www.googleapis.com/auth/androidpublisher' credentials = ServiceAccountCredentials.from_p12_keyfile(self.config["service_account"], self.config["google_play_credentials_file"], scopes=scope) http = httplib2.Http() http = credentials.authorize(http) service = build('androidpublisher', 'v2', http=http) return service
def _get_credentials(self): if self.account_p12: credentials = ServiceAccountCredentials.from_p12_keyfile(self.account_email, self.account_p12, scopes=self.DEFAULT_SCOPES) else: storage = Storage(self.dat_file) credentials = storage.get() if credentials is None: #step 1 auth_uri = self._flow.step1_get_authorize_url() print 'Go to the following link in your browser: ' + auth_uri code = raw_input('Enter verification code: ').strip() #step 2 credentials = self._flow.step2_exchange(code) storage.put(credentials) return credentials
def initialize(ee_account='', ee_key_path='', ee_user_token=''): try: if ee_user_token: credentials = OAuth2Credentials(ee_user_token, None, None, None, None, None, None) ee.InitializeThread(credentials) elif ee_account and ee_key_path: credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email=ee_account, filename=ee_key_path, private_key_password='******', scopes=ee.oauth.SCOPE + ' https://www.googleapis.com/auth/drive') ee.Initialize(credentials) else: ee.Initialize() except (EEException, TypeError): pass
def connect(service_account, credentials_file_path): """ Connect to the google play interface """ # Create an httplib2.Http object to handle our HTTP requests an # authorize it with the Credentials. Note that the first parameter, # service_account_name, is the Email address created for the Service # account. It must be the email address associated with the key that # was created. scope = 'https://www.googleapis.com/auth/androidpublisher' credentials = ServiceAccountCredentials.from_p12_keyfile( service_account, credentials_file_path, scopes=scope) http = httplib2.Http() http = credentials.authorize(http) service = build('androidpublisher', 'v2', http=http) return service
def getAnalytics(self): """Initializes an analyticsreporting service object""" if hasattr(self, 'oAnalytics'): return self.oAnalytics try: oCredentials = ServiceAccountCredentials.from_p12_keyfile( self.SERVICE_ACCOUNT_EMAIL, self.KEY_FILE_LOCATION, scopes=self.SCOPES) oHttp = oCredentials.authorize(httplib2.Http()) self.oAnalytics = build('analytics', 'v4', http=oHttp, discoveryServiceUrl=self.DISCOVERY_URI) return self.oAnalytics except BaseException as e: errorMsg("Unable to build Google Analytics authorization: " + str(e))
def initialize_analytics_api(): """Initializes an analyticsreporting and sheets service object. Returns: analytics an authorized analyticsreporting service object. """ credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, KEY_FILE_LOCATION, scopes=SCOPES) http = credentials.authorize(httplib2.Http()) # Build the service object. analytics = build('analytics', 'v4', http=http, discoveryServiceUrl=ANALYTICS_DISCOVERY_URI) return analytics
def _from_p12_keyfile_helper(self, private_key_password=None, scopes=''): service_account_email = '*****@*****.**' filename = data_filename('privatekey.p12') with open(filename, 'rb') as file_obj: key_contents = file_obj.read() creds = ServiceAccountCredentials.from_p12_keyfile( service_account_email, filename, private_key_password=private_key_password, scopes=scopes) self.assertIsInstance(creds, ServiceAccountCredentials) self.assertEqual(creds.client_id, None) self.assertEqual(creds._service_account_email, service_account_email) self.assertEqual(creds._private_key_id, None) self.assertEqual(creds._private_key_pkcs8_pem, None) self.assertEqual(creds._private_key_pkcs12, key_contents) if private_key_password is not None: self.assertEqual(creds._private_key_password, private_key_password) self.assertEqual(creds._scopes, ' '.join(scopes))
def __init__(self, project=None, zone=None, file_type=None, **kwargs): """ The last three argumets are optional and required only if you want to use json or p12 files. By default, we expecting that service_account arg contains service account data. Args: project: name of the project, so called project_id zone: zone of cloud service_account: service_account_content scope: compute engine, container engine, sqlservice end etc file_path: path to json or p12 file file_type: p12 or json client_email: Require for p12 file Returns: A :py:class:`GoogleCloudSystem` object. """ super(GoogleCloudSystem, self).__init__(kwargs) self._project = project self._zone = zone scope = kwargs.get('scope', self.default_scope) service_account = kwargs.get('service_account', None) if service_account: service_account = dict(service_account.items()) service_account['private_key'] = service_account[ 'private_key'].replace('\\n', '\n') credentials = ServiceAccountCredentials.from_json_keyfile_dict( service_account, scopes=scope) elif file_type == 'json': file_path = kwargs.get('file_path', None) credentials = ServiceAccountCredentials.from_json_keyfile_name( file_path, scopes=scope) elif file_type == 'p12': file_path = kwargs.get('file_path', None) client_email = kwargs.get('client_email', None) credentials = ServiceAccountCredentials.from_p12_keyfile( client_email, file_path, scopes=scope) http_auth = credentials.authorize(httplib2.Http()) self._compute = build('compute', 'v1', http=http_auth) self._storage = build('storage', 'v1', http=http_auth) self._instances = self._compute.instances() self._buckets = self._storage.buckets()
def publish(email, keyfile, package_name, track, track_status, apkfile): credentials = ServiceAccountCredentials.from_p12_keyfile( email, keyfile, scopes=['https://www.googleapis.com/auth/androidpublisher']) http = credentials.authorize(httplib2.Http()) service = build('androidpublisher', 'v3', http=http) insert_request = service.edits().insert(body={}, packageName=package_name) insert_response = insert_request.execute() edit_id = insert_response['id'] print(f'Edits.insert response. {insert_response}') upload_response = service.edits().apks().upload( editId=edit_id, packageName=package_name, media_body=apkfile).execute() version_code = upload_response['versionCode'] print(f'Edits.apks.upload response. {upload_response}') update_response = service.edits().tracks().update(editId=edit_id, track=track, packageName=package_name, body={ u'track': track, u'releases': [{ u'versionCodes': [version_code], u'status': track_status }] }).execute() print(f'Edits.tracks.update response. {update_response}') commit_response = service.edits().commit( editId=edit_id, packageName=package_name).execute() print(f'Edits.commit response. {commit_response}') print( f'[GooglePlayConsole] versionCode={version_code} has been uploaded to {track} as {track_status}.' )
def __init__(self, *args, **kwargs): if len(kwargs) == 0: if len(args) == 1: config_path = args[0] else: config_path = CONFIG_PATH print 'loading config from %s...' % config_path with open(config_path, 'r') as fp: self.config = json.load(fp) else: self.config = kwargs if 'oauth2_key_file' not in self.config: raise Exception('oauth2_key_file is not given') if 'client_email' not in self.config: raise Exception('client_email is not given') self.default_spreadsheet_key = self.config.get( 'default_spreadsheet_key', None) self.default_worksheet_id = self.config.get('default_worksheet_id', None) if _use_old_oauth2client: # use .pem key_file_path = self.config['oauth2_key_file'] if key_file_path[-4:] == '.p12': key_file_path = key_file_path.replace('.p12', '.pem') with open(key_file_path, 'rb') as f: private_key = f.read() self.credentials = SignedJwtAssertionCredentials( self.config['client_email'], private_key, scope=["https://spreadsheets.google.com/feeds"]) else: # use .p12 self.credentials = ServiceAccountCredentials.from_p12_keyfile( self.config['client_email'], self.config['oauth2_key_file'], scopes=['https://spreadsheets.google.com/feeds']) self.client = SpreadsheetsClient() self.auth_token = OAuth2TokenFromCredentials(self.credentials) self.auth_token.authorize(self.client)
def __init__(self): self.token = '--' # 分割pagePath和pageviews scope = ['https://www.googleapis.com/auth/analytics.readonly'] discoveryURI = ( 'https://analyticsreporting.googleapis.com/$discovery/rest') email = '*****@*****.**' key = './client_secrets.p12' password = '******' credentials = ServiceAccountCredentials.from_p12_keyfile( email, key, private_key_password=password, scopes=scope) http = credentials.authorize(httplib2.Http()) api_name = 'analytics' api_version = 'v4' self.service = build(api_name, api_version, http=http, discoveryServiceUrl=discoveryURI)
def out_reply(name, email): ''' gsuiste ooo reply function ''' credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, SERVICE_ACCOUNT_FILE, scopes=SCOPES) out_of_office = { 'enableAutoReply': True, 'responseBodyHtml': "<p>Hi, I am no longer working at COMPANY.</p>" "<p>Regards,</p> <p>{}</p>".format(name), 'restrictToDomain': False, } credentials = credentials.create_delegated(email) service = build('gmail', 'v1', credentials=credentials) result = service.users().settings().updateVacation( userId='me', body=out_of_office).execute() return result
def getCreds(): ''' This function gets the Service Account Credentials for your domain so autofilter can impersonate each of your users. ''' ''' Reads all auth information from a JSON file you will need to configure. ''' with open("auth.json", 'r') as a: data = json.loads(a.read()) ''' Google provides each Service Account with a unique email. ''' serviceaccountemail = data["service_account_email"][0] ''' This is the path to a keyfile you should be given by your G Suite Administrator. ''' serviceaccountpkcs12filepath = data["service_account_pkcs12_file_path"][0] password = data["password"][0] ''' Scopes need to be authorized by a G Suite administrator in the "advanced settings" section. ''' scopes = data["scopes"] ''' This generates your credentials using all the information acquired above. ''' credentials = ServiceAccountCredentials.from_p12_keyfile( serviceaccountemail, serviceaccountpkcs12filepath, password, scopes=scopes) return credentials
def create_directory_service(user_email): """Build and returns an Admin SDK Directory service object authorized with the service accounts that act on behalf of the given user. Args: user_email: The email of the user. Needs permissions to access the Admin APIs. Returns: Admin SDK directory service object. """ credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, SERVICE_ACCOUNT_PKCS12_FILE_PATH, 'notasecret', scopes=['https://www.googleapis.com/auth/admin.directory.user']) credentials = credentials.create_delegated(user_email) return build('admin', 'directory_v1', credentials=credentials)
def add_to_calendar(booking): # Certificate Fingerprint: 8634ef128fc6289f0e961aede36ad69498b515a8 client_email = '*****@*****.**' credentials = ServiceAccountCredentials.from_p12_keyfile( client_email, 'keys_and_pws/bookings_calendar_cert.p12', scopes=['https://www.googleapis.com/auth/calendar']) http_auth = credentials.authorize(Http()) service = build('calendar', 'v3', http=http_auth) events = service.events().list(calendarId=booking.calendar_id, timeMin=booking.start.isoformat(), timeMax=booking.end.isoformat()).execute() logger.info("{}".format(events)) if not events[u'items']: try: event = { 'summary': booking.event_name + " - " + booking.organisation, 'start': { 'dateTime': booking.start.strftime("%Y-%m-%dT%H:%M:00"), 'timeZone': booking.start.tzinfo._tzname }, 'end': { 'dateTime': booking.end.strftime("%Y-%m-%dT%H:%M:00"), 'timeZone': booking.end.tzinfo._tzname }, 'attendees': [{ 'email': booking.contact_email, 'displayName': booking.contact_name, }], } created_event = service.events().insert( calendarId=booking.calendar_id, body=event).execute() return None except Exception as e: logger.error("Could not insert calendar event: {}".format(e)) return "Received an error from the Google Calendar API when trying to add event" else: return "Event overlaps with another"
def _create_google_edit_resource(contact_google_play, service_account, credentials_file_name): if contact_google_play: # Create an httplib2.Http object to handle our HTTP requests an # authorize it with the Credentials. Note that the first parameter, # service_account_name, is the Email address created for the Service # account. It must be the email address associated with the key that # was created. scope = 'https://www.googleapis.com/auth/androidpublisher' credentials = ServiceAccountCredentials.from_p12_keyfile( service_account, credentials_file_name, scopes=scope) http = httplib2.Http() http = credentials.authorize(http) service = build(serviceName='androidpublisher', version='v3', http=http, cache_discovery=False) return service.edits() else: logger.warning( 'Not a single request to Google Play will be made, since `contact_google_play` was set to `False`' ) edit_resource_mock = MagicMock() edit_resource_mock.insert = lambda *args, **kwargs: _ExecuteDummy( {'id': 'fake-transaction-id'}) edit_resource_mock.commit = lambda *args, **kwargs: _ExecuteDummy(None) apks_mock = MagicMock() apks_mock.upload = lambda *args, **kwargs: _ExecuteDummy( {'versionCode': 'fake-version-code'}) edit_resource_mock.apks = lambda *args, **kwargs: apks_mock update_mock = MagicMock() update_mock.update = lambda *args, **kwargs: _ExecuteDummy( 'fake-update-response') edit_resource_mock.tracks = lambda *args, **kwargs: update_mock edit_resource_mock.listings = lambda *args, **kwargs: update_mock edit_resource_mock.apklistings = lambda *args, **kwargs: update_mock return edit_resource_mock
def build_from_p12(self, p12_keyfile, client_email): """ Instantiates the REST API client for the Proximity API. Full PyDoc for this client is available here: https://developers.google.com/resources/api-libraries/documentation/proximitybeacon/v1beta1/python/latest/index.html Args: p12_keyfile: file path to the key for this service client. client_email: email identifier for this service client. Usually of the form '*****@*****.**' Returns: self, with a ready-to-use PB API client. """ if self._client is not None: return self._client credentials = ServiceAccountCredentials.from_p12_keyfile( client_email, p12_keyfile, 'notasecret', PROXIMITY_API_SCOPE) return self.build_from_credentials(credentials)
def get_service(api_name, api_version, scope, key_file_location, service_account_email): """ Get a service that communicates to a Google API. Args: api_name: The name of the api to connect to. api_version: The api version to connect to. scope: A list auth scopes to authorize for the application. key_file_location: The path to a valid service account p12 key file. service_account_email: The service account email address. Returns: A service that is connected to the specified API. """ credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email, key_file_location, scopes=scope) http = credentials.authorize(httplib2.Http()) service = build(api_name, api_version, http=http) # Build the service object. return service
def initialize_analyticsreporting(): """Initializes an analyticsreporting service object. Returns: analytics an authorized analyticsreporting service object. """ SCOPES = ['................................'] DISCOVERY_URI = ('..........................') #KEY_FILE_LOCATION = "./......................p12" ##in uluc local SERVICE_ACCOUNT_EMAIL = '.........................count.com' credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, KEY_FILE_LOCATION, scopes=SCOPES) http = credentials.authorize(httplib2.Http()) # Build the service object. analytics = build('analytics', 'v4', http=http, discoveryServiceUrl=DISCOVERY_URI) return analytics
def authenticate_google_docs(data): scope = 'https://www.googleapis.com/auth/spreadsheets.readonly' email = data["email"] private_p12 = data["private_p12"] credentials = ServiceAccountCredentials.from_p12_keyfile(email, private_p12, scopes=scope) data = { 'refresh_token': data["refresh_token"], 'client_id': data["client_id"], 'client_secret': data["client_secret"], 'grant_type': 'refresh_token', } r = requests.post('https://accounts.google.com/o/oauth2/token', data=data) credentials.access_token = ast.literal_eval(r.text)['access_token'] gc = gspread.authorize(credentials) return gc
def main(): # Load the key in PKCS 12 format that you downloaded from the Google APIs # Console when you created your Service account. filename = 'key.p12' scope = 'https://www.googleapis.com/auth/androidpublisher' # Create an httplib2.Http object to handle our HTTP requests and authorize it # with the Credentials. Note that the first parameter, service_account_name, # is the Email address created for the Service account. It must be the email # address associated with the key that was created. credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, filename, scope) http = httplib2.Http() http = credentials.authorize(http) service = build('androidpublisher', 'v3', http=http) # Process flags and read their values. flags = argparser.parse_args() package_name = flags.package_name try: edit_request = service.edits().insert(body={}, packageName=package_name) result = edit_request.execute() edit_id = result['id'] apks_result = service.edits().apks().list( editId=edit_id, packageName=package_name).execute() for apk in apks_result['apks']: print 'versionCode: %s, binary.sha1: %s' % (apk['versionCode'], apk['binary']['sha1']) except client.AccessTokenRefreshError: print( 'The credentials have been revoked or expired, please re-run the ' 'application to re-authorize')
def __init__(self, email, key, package_name): # setup Google API Service mandatory parameters: self.package_name = package_name # compose credential, (scopes always the same): credentials = ServiceAccountCredentials.from_p12_keyfile( email, key, scopes='https://www.googleapis.com/auth/androidpublisher') try: # build service connection: http = httplib2.Http() http = credentials.authorize(http) self.service = build('androidpublisher', 'v3', http=http) # setup Edit request, use ID for the Edit in actions: edit_request_result = self.service.edits().insert( body={}, packageName=package_name).execute() self.edit_id = edit_request_result['id'] except Exception as e: ErrorHandler(e)
def authenticate(): """Build and return a Plus service object authorized with the service accounts that act on behalf of the given user. Returns: Plus service object. """ print 'Authenticate the domain for %s' % USER_EMAIL # Make service account credentials credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, SERVICE_ACCOUNT_PKCS12_FILE_PATH, scopes=SCOPES) # Setting the sub field with USER_EMAIL allows you to make API calls using the # special keyword 'me' in place of a user id for that user. delegate_credentials = credentials.create_delegated(USER_EMAIL) http = httplib2.Http() http = delegate_credentials.authorize(http) # Create and return the Plus service object return build('plusDomains', 'v1', http=http)
def initialize_analyticsreporting_from_p12(self, private_key_password=None): #.p12金鑰的 email service_account_email = contentutil.GA_ACCOUNT_EMAIL #.p12金鑰的檔案路徑 key_file_location = contentutil.GA_P12_KEY_FILE_PATH #固定參數 scopes = ['https://www.googleapis.com/auth/analytics.readonly'] #驗證.p12金鑰的函數 credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email, key_file_location, private_key_password, scopes) # credentials = ServiceAccountCredentials.from_json_keyfile_name(key_file_location, scopes) # Build the service object. analytics = build('analyticsreporting', 'v4', credentials=credentials) return analytics
def get_session(**kwargs): # service_email = '*****@*****.**' service_email = '*****@*****.**' key_file = '/home/forte/airflow/key.p12' credentials = ServiceAccountCredentials.from_p12_keyfile(service_email, key_file, scopes=scope) http = credentials.authorize(Http()) service = build(api_name, api_version, http=http) # accounts = service.management().accounts().list().execute() # profile_id = get_first_profile_id(service) profile_id = '180700913' records = service.data().ga().get(\ ids='ga:' + profile_id,\ start_date='today',\ end_date='today',\ dimensions='ga:date',\ metrics='ga:sessions').execute() task_instance = kwargs['ti'] task_instance.xcom_push(key="ga_data", value=records)
def get_service_acct_creds(key_file, verbose=False): '''Generate service account credentials using the given key file. key_file: path to file containing private key. ''' ### backcompatability for .p12 keyfiles if key_file.endswith('.p12'): from edx2bigquery_config import auth_service_acct as SERVICE_ACCT if verbose: print "using key file" print "service_acct=%s, key_file=%s" % (SERVICE_ACCT, KEY_FILE) try: creds = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCT, key_file, scopes=BIGQUERY_SCOPE) except Exception as err: # fallback to old google SignedJwtAssertionCredentials call with open(key_file, 'rb') as f: key = f.read() creds = SignedJwtAssertionCredentials(SERVICE_ACCT, key, BIGQUERY_SCOPE) return creds ### creds = ServiceAccountCredentials.from_json_keyfile_name( key_file, BIGQUERY_SCOPE) return creds
def get_Android_reviews(playStoreInfo): #Download all reviews for app from Play Store and return as a json dict #Also store it in output.json file import googleapiclient, oauth2client, httplib2 from googleapiclient import errors from googleapiclient.discovery import build from oauth2client import client from oauth2client.service_account import ServiceAccountCredentials credentials = ServiceAccountCredentials.from_p12_keyfile( playStoreInfo["service_account_email"], playStoreInfo["p12FileName"], playStoreInfo["p12Password"], playStoreInfo["scope"]) """ #Uncomment this section if using a json file instead of a p12 file. credentials = ServiceAccountCredentials.from_json_keyfile( playStoreInfo["jsonFileName"], playStoreInfo["scope"] ) """ http = httplib2.Http() http = credentials.authorize(http) service = build('androidpublisher', 'v2', http=http) reviews_resource = service.reviews() reviews_page = reviews_resource.list(packageName=playStoreInfo["appID"], maxResults=100).execute() reviews_list = reviews_page["reviews"] if (os.path.isdir('output') == False): os.makedirs('output') with open('output' + os.sep + 'android_output.json', "w", encoding='UTF-8') as outfile: json.dump(reviews_list, outfile, indent=4, sort_keys=True) return reviews_list
def create_directory_service(user_email, group=False): """ Create an Admin SDK Directory Service object authorized with the service accounts that act on behalf of the given user. Args: user_email: The user's email address. Needs permission to access the Admin API. Returns: Admin SDK Directory Service object. """ logging.getLogger('googleapiclient.discovery_cache').setLevel(logging.ERROR) credentials = ServiceAccountCredentials.from_p12_keyfile( settings.SERVICE_ACCOUNT_EMAIL, settings.SERVICE_ACCOUNT_PKCS12_FILE_PATH, settings.GCP_SECRET_KEY, scopes=['https://www.googleapis.com/auth/admin.directory.group', 'https://www.googleapis.com/auth/apps.groups.settings']) # The email for delegating credentials to the service account is required. credentials = credentials.create_delegated(user_email) if group: return build('groupssettings', 'v1', credentials=credentials) return build('admin', 'directory_v1', credentials=credentials)
def main(): credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCT_EMAIL, KEY, scopes=['https://www.googleapis.com/auth/androidpublisher']) http = httplib2.Http() http = credentials.authorize(http) service = build('androidpublisher', 'v2', http=http) try: edit_request = service.edits().insert(body={}, packageName=PKG_NAME) result = edit_request.execute() edit_id = result['id'] apk_response = service.edits().apks().upload( editId=edit_id, packageName=PKG_NAME, media_body=APK).execute() print 'Version code %d has been uploaded' % apk_response['versionCode'] track_response = service.edits().tracks().update( editId=edit_id, track=TRACK, packageName=PKG_NAME, body={u'versionCodes': [apk_response['versionCode']]}).execute() print 'Track %s is set for version code(s) %s' % ( track_response['track'], str(track_response['versionCodes'])) commit_request = service.edits().commit( editId=edit_id, packageName=PKG_NAME).execute() print 'Edit "%s" has been committed' % (commit_request['id']) except client.AccessTokenRefreshError: print ('The credentials have been revoked/expired, please re-run the' ' application to re-authorize')
def get_authenticated_service(): try: # Grab the application's default credentials from the environment. credentials = ServiceAccountCredentials.from_p12_keyfile( secrets.SERVICE_ACCOUNT_EMAIL, secrets.KEY_FILE) # Construct the service object for interacting with the BigQuery API. return build('bigquery', 'v2', credentials=credentials) except HttpError as err: print('Error: {}'.format(err.content)) raise err except TypeError as error: # Handle errors in constructing a query. print('There was an error in constructing your query : %s' % error) except AccessTokenRefreshError as error: print error # Handle Auth errors. print( 'The credentials have been revoked or expired, please re-run ' 'the application to re-authorize')
def initialize_analyticsreporting(proxy_host=PROXY_HOST, proxy_port=PROXY_PORT): """Initializes an analyticsreporting service object. Returns: analytics an authorized analyticsreporting service object. """ credentials = ServiceAccountCredentials.from_p12_keyfile( SERVICE_ACCOUNT_EMAIL, KEY_FILE_LOCATION, scopes=SCOPES) socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, proxy_host, proxy_port) socks.wrapmodule(httplib2) # p = httplib2.proxy_info_from_url("http://192.168.1.2:1690") # proxy = httplib2.ProxyInfo(socks.PROXY_TYPE_HTTP, "192.168.1.2", 1690) http = credentials.authorize(httplib2.Http(timeout=35)) # http = credentials.authorize(httplib2.Http()) # Build the service object. analytics = build('analytics', 'v4', http=http, discoveryServiceUrl=DISCOVERY_URI) return analytics
from __future__ import print_function, division import ee import math from ee.ee_exception import EEException import datetime import pandas as pd import random import string try: ee.Initialize() except EEException as e: from oauth2client.service_account import ServiceAccountCredentials credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email='', filename='', private_key_password='******', scopes=ee.oauth.SCOPE + ' https://www.googleapis.com/auth/drive ') ee.Initialize(credentials) # ---- global variables ---- # ... to prevent delaration multiple times referenced in the subsequent functions SCALE = 100 # meters # toms / omi OZONE = ee.ImageCollection('TOMS/MERGED') # dem data DEM = ee.Image('JAXA/ALOS/AW3D30_V1_1').select('AVE') # PI Image PI = ee.Image(math.pi)