def add_oauth_options(parser): """Appends OAuth related options to OptionParser.""" # Same options as in tools.argparser, excluding auth_host_name and # logging_level. We should never ever use OAuth client_id with # open-ended request_uri. It should always be 'localhost'. parser.oauth_group = optparse.OptionGroup(parser, "OAuth options") parser.oauth_group.add_option( "--auth-no-local-webserver", action="store_true", default=tools.get_bool_env_var("SWARMING_AUTH_NO_LOCAL_WEBSERVER"), help=( "Do not run a local web server when performing OAuth2 login flow. " "Can also be set with SWARMING_AUTH_NO_LOCAL_WEBSERVER=1 " "environment variable." ), ) parser.oauth_group.add_option( "--auth-host-port", action="append", type=int, default=[8080, 8090], help=("Port a local web server should listen on. Used only if " "--auth-no-local-webserver is not set."), ) parser.oauth_group.add_option( "--auth-no-keyring", action="store_true", default=tools.get_bool_env_var("SWARMING_AUTH_NO_KEYRING"), help=( "Do not use system keyring to store OAuth2 tokens, store them in " "file %s instead. Can also be set with SWARMING_AUTH_NO_KEYRING=1 " "environment variable." % OAUTH_STORAGE_FILE ), ) parser.add_option_group(parser.oauth_group)
def make_oauth_config(tokens_cache=None, no_local_webserver=None, webserver_port=None): """Returns new instance of OAuthConfig. If some config option is not provided or None, it will be set to a reasonable default value. This function also acts as an authoritative place for default values of corresponding command line options. Args: tokens_cache: path to a file with cached OAuth2 credentials. no_local_webserver: if True, do not try to run local web server that handles redirects. Use copy-pasted verification code instead. webserver_port: port to run local webserver on. """ if tokens_cache is None: tokens_cache = os.environ.get('SWARMING_AUTH_TOKENS_CACHE', DEFAULT_OAUTH_TOKENS_CACHE) if no_local_webserver is None: no_local_webserver = tools.get_bool_env_var( 'SWARMING_AUTH_NO_LOCAL_WEBSERVER') # TODO(vadimsh): Add support for "find free port" option. if webserver_port is None: webserver_port = 8090 return OAuthConfig(tokens_cache, no_local_webserver, webserver_port)
def make_oauth_config( disabled=None, tokens_cache=None, no_local_webserver=None, webserver_port=None, service_account_json=None): """Returns new instance of OAuthConfig. If some config option is not provided or None, it will be set to a reasonable default value. This function also acts as an authoritative place for default values of corresponding command line options. Args: disabled: True to completely turn off OAuth authentication. tokens_cache: path to a file with cached OAuth2 credentials. no_local_webserver: if True, do not try to run local web server that handles redirects. Use copy-pasted verification code instead. webserver_port: port to run local webserver on. service_account_json: path to JSON file with service account credentials. """ if tokens_cache is None: tokens_cache = os.environ.get( 'SWARMING_AUTH_TOKENS_CACHE', DEFAULT_OAUTH_TOKENS_CACHE) if no_local_webserver is None: no_local_webserver = tools.get_bool_env_var( 'SWARMING_AUTH_NO_LOCAL_WEBSERVER') if webserver_port is None: webserver_port = 8090 if service_account_json is None: service_account_json = os.environ.get('SWARMING_AUTH_SERVICE_ACCOUNT_JSON') use_luci_context_auth = has_local_auth() if disabled is None: disabled = (tools.is_headless() and not service_account_json and not use_luci_context_auth) if disabled: service_account_json = None use_luci_context_auth = False elif service_account_json and use_luci_context_auth: raise ValueError('Cannot use both service account and LUCI_CONTEXT') return OAuthConfig( disabled, tokens_cache, no_local_webserver, webserver_port, service_account_json, use_luci_context_auth)
def make_oauth_config( disabled=None, tokens_cache=None, no_local_webserver=None, webserver_port=None, service_account_json=None): """Returns new instance of OAuthConfig. If some config option is not provided or None, it will be set to a reasonable default value. This function also acts as an authoritative place for default values of corresponding command line options. Args: disabled: True to completely turn off OAuth authentication. tokens_cache: path to a file with cached OAuth2 credentials. no_local_webserver: if True, do not try to run local web server that handles redirects. Use copy-pasted verification code instead. webserver_port: port to run local webserver on. service_account_json: path to JSON file with service account credentials. """ if tokens_cache is None: tokens_cache = os.environ.get( 'SWARMING_AUTH_TOKENS_CACHE', DEFAULT_OAUTH_TOKENS_CACHE) if no_local_webserver is None: no_local_webserver = tools.get_bool_env_var( 'SWARMING_AUTH_NO_LOCAL_WEBSERVER') if webserver_port is None: webserver_port = 8090 if service_account_json is None: service_account_json = os.environ.get('SWARMING_AUTH_SERVICE_ACCOUNT_JSON') if disabled is None: disabled = tools.is_headless() and not service_account_json return OAuthConfig( disabled, tokens_cache, no_local_webserver, webserver_port, service_account_json)
def make_oauth_config( tokens_cache=None, no_local_webserver=None, webserver_port=None): """Returns new instance of OAuthConfig. If some config option is not provided or None, it will be set to a reasonable default value. This function also acts as an authoritative place for default values of corresponding command line options. Args: tokens_cache: path to a file with cached OAuth2 credentials. no_local_webserver: if True, do not try to run local web server that handles redirects. Use copy-pasted verification code instead. webserver_port: port to run local webserver on. """ if tokens_cache is None: tokens_cache = os.environ.get( 'SWARMING_AUTH_TOKENS_CACHE', DEFAULT_OAUTH_TOKENS_CACHE) if no_local_webserver is None: no_local_webserver = tools.get_bool_env_var( 'SWARMING_AUTH_NO_LOCAL_WEBSERVER') # TODO(vadimsh): Add support for "find free port" option. if webserver_port is None: webserver_port = 8090 return OAuthConfig(tokens_cache, no_local_webserver, webserver_port)