def test_get_application_default_credential_from_malformed_file_2(self): credentials_file = datafile(os.path.join("gcloud", "application_default_credentials_malformed_2.json")) # we can't use self.assertRaisesRegexp() because it is only in Python 2.7+ try: _get_application_default_credential_from_file(credentials_file) self.fail("An exception was expected!") except ApplicationDefaultCredentialsError as error: self.assertEqual("The following field(s) must be defined: private_key_id", str(error))
def test_get_application_default_credential_from_malformed_file_2(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_malformed_2.json')) # we can't use self.assertRaisesRegexp() because it is only in Python 2.7+ try: _get_application_default_credential_from_file(credentials_file) self.fail('An exception was expected!') except ApplicationDefaultCredentialsError as error: self.assertEqual('The following field(s) must be defined: private_key_id', str(error))
def test_get_application_default_credential_from_malformed_file_2(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_malformed_2.json')) # we can't use self.assertRaisesRegexp() because it is only in Python 2.7+ try: _get_application_default_credential_from_file(credentials_file) self.fail('An exception was expected!') except InvalidCredentialModelError as error: self.assertEqual('The following field(s) must be defined: private_key_id', str(error))
def test_get_application_default_credential_from_malformed_file_1(self): credentials_file = datafile(os.path.join("gcloud", "application_default_credentials_malformed_1.json")) # we can't use self.assertRaisesRegexp() because it is only in Python 2.7+ try: _get_application_default_credential_from_file(credentials_file) self.fail("An exception was expected!") except ApplicationDefaultCredentialsError as error: self.assertEqual( "'type' field should be defined " "(and have one of the '" + AUTHORIZED_USER + "' or '" + SERVICE_ACCOUNT + "' values)", str(error), )
def test_get_application_default_credential_from_malformed_file_1(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_malformed_1.json')) # we can't use self.assertRaisesRegexp() because it is only in Python 2.7+ try: _get_application_default_credential_from_file(credentials_file) self.fail('An exception was expected!') except InvalidCredentialModelError as error: self.assertEqual('\'type\' field should be defined (and have one of ' + 'the \'' + GoogleCredentialsJson.TYPE_AUTHORIZED_USER + '\' or \'' + GoogleCredentialsJson.TYPE_SERVICE_ACCOUNT + '\' values)', str(error))
def test_get_application_default_credential_from_malformed_file_1(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_malformed_1.json')) # we can't use self.assertRaisesRegexp() because it is only in Python 2.7+ try: _get_application_default_credential_from_file(credentials_file) self.fail('An exception was expected!') except ApplicationDefaultCredentialsError as error: self.assertEqual("'type' field should be defined " "(and have one of the '" + AUTHORIZED_USER + "' or '" + SERVICE_ACCOUNT + "' values)", str(error))
def get_for_service_account_json(json_credentials_path, scope=None): """Gets the credentials for a service account with JSON key. :type json_credentials_path: string :param json_credentials_path: The path to a private key file (this file was given to you when you created the service account). This file must contain a JSON object with a private key and other credentials information (downloaded from the Google APIs console). :type scope: string or tuple of string :param scope: The scope against which to authenticate. (Different services require different scopes, check the documentation for which scope is required for the different levels of access to any particular API.) :rtype: :class:`oauth2client.client.GoogleCredentials`, :class:`oauth2client.service_account._ServiceAccountCredentials` :returns: New service account or Google (for a user JSON key file) credentials object. """ credentials = _get_application_default_credential_from_file( json_credentials_path) if scope is not None: credentials = credentials.create_scoped(scope) return credentials
def test_get_application_default_credential_from_file_authorized_user(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_authorized_user.json')) credentials = _get_application_default_credential_from_file( credentials_file) self.validate_google_credentials(credentials)
def from_service_account_json(cls, json_credentials_path, project_id=None, read_only=False, admin=False): """Factory to retrieve JSON credentials while creating client object. :type json_credentials_path: str :param json_credentials_path: The path to a private key file (this file was given to you when you created the service account). This file must contain a JSON object with a private key and other credentials information (downloaded from the Google APIs console). :type project_id: str :param project_id: The ID of the project which owns the clusters, tables and data. Will be passed to :class:`Client` constructor. :type read_only: bool :param read_only: Boolean indicating if the data scope should be for reading only (or for writing as well). Will be passed to :class:`Client` constructor. :type admin: bool :param admin: Boolean indicating if the client will be used to interact with the Cluster Admin or Table Admin APIs. Will be passed to :class:`Client` constructor. :rtype: :class:`Client` :returns: The client created with the retrieved JSON credentials. """ credentials = _get_application_default_credential_from_file( json_credentials_path) return cls(credentials=credentials, project_id=project_id, read_only=read_only, admin=admin)
def RevokeCredsInWellKnownFile(brief): """Revoke the credentials in ADC's well-known file.""" # pylint:disable=protected-access, refactor as per TODO above credentials_filename = client._get_well_known_file() if not os.path.isfile(credentials_filename): if not brief: log.status.write( '\nApplication Default Credentials have not been\n' 'set up by a tool, so nothing was revoked.\n') return # We only want to get the credentials from the well-known file, because # no other credentials can be revoked. # pylint:disable=protected-access, refactor as per TODO above creds = client._get_application_default_credential_from_file( credentials_filename) if creds.serialization_data['type'] != 'authorized_user': if not brief: log.status.write( '\nThe credentials set up for Application Default Credentials\n' 'through the Google Cloud SDK are service account credentials,\n' 'so they were not revoked.\n') else: c_store.RevokeCredentials(creds) if not brief: log.status.write( '\nThe credentials set up for Application Default Credentials\n' 'through the Google Cloud SDK have been revoked.\n') os.remove(credentials_filename) if not brief: log.status.write( '\nThe file storing the Application Default Credentials\n' 'has been removed.\n')
def test_get_application_default_credential_from_file_authorized_user(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_authorized_user.json')) credentials = _get_application_default_credential_from_file( credentials_file) self.validate_google_credentials(credentials)
def get_for_service_account_json(json_credentials_path, scope=None): """Gets the credentials for a service account with JSON key. :type json_credentials_path: string :param json_credentials_path: The path to a private key file (this file was given to you when you created the service account). This file must contain a JSON object with a private key and other credentials information (downloaded from the Google APIs console). :type scope: string or tuple of string :param scope: The scope against which to authenticate. (Different services require different scopes, check the documentation for which scope is required for the different levels of access to any particular API.) :rtype: :class:`oauth2client.client.GoogleCredentials`, :class:`oauth2client.service_account._ServiceAccountCredentials` :returns: New service account or Google (for a user JSON key file) credentials object. """ credentials = _get_application_default_credential_from_file( json_credentials_path) if scope is not None: credentials = credentials.create_scoped(scope) return credentials
def test_get_application_default_credential_from_file_service_account( self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials.json')) credentials = _get_application_default_credential_from_file( credentials_file) self.validate_service_account_credentials(credentials)
def test_save_well_known_file_with_non_existent_config_dir(self): credential_file = datafile( os.path.join('gcloud', 'application_default_credentials.json')) credentials = _get_application_default_credential_from_file( credential_file) ORIGINAL_ISDIR = os.path.isdir try: os.path.isdir = lambda path: False self.assertRaises(OSError, save_to_well_known_file, credentials) finally: os.path.isdir = ORIGINAL_ISDIR
def test_save_well_known_file_with_non_existent_config_dir(self): credential_file = datafile( os.path.join('gcloud', 'application_default_credentials.json')) credentials = _get_application_default_credential_from_file( credential_file) ORIGINAL_ISDIR = os.path.isdir try: os.path.isdir = lambda path: False self.assertRaises(OSError, save_to_well_known_file, credentials) finally: os.path.isdir = ORIGINAL_ISDIR
def test_save_to_well_known_file_service_account(self): credential_file = datafile(os.path.join("gcloud", "application_default_credentials.json")) credentials = _get_application_default_credential_from_file(credential_file) temp_credential_file = datafile(os.path.join("gcloud", "temp_well_known_file_service_account.json")) save_to_well_known_file(credentials, temp_credential_file) with open(temp_credential_file) as f: d = json.load(f) self.assertEqual("service_account", d["type"]) self.assertEqual("123", d["client_id"]) self.assertEqual("*****@*****.**", d["client_email"]) self.assertEqual("ABCDEF", d["private_key_id"]) os.remove(temp_credential_file)
def test_save_to_well_known_file_authorized_user(self): credentials_file = datafile(os.path.join("gcloud", "application_default_credentials_authorized_user.json")) credentials = _get_application_default_credential_from_file(credentials_file) temp_credential_file = datafile(os.path.join("gcloud", "temp_well_known_file_authorized_user.json")) save_to_well_known_file(credentials, temp_credential_file) with open(temp_credential_file) as f: d = json.load(f) self.assertEqual("authorized_user", d["type"]) self.assertEqual("123", d["client_id"]) self.assertEqual("secret", d["client_secret"]) self.assertEqual("alabalaportocala", d["refresh_token"]) os.remove(temp_credential_file)
def test_save_to_well_known_file_service_account(self): credential_file = datafile( os.path.join('gcloud', 'application_default_credentials.json')) credentials = _get_application_default_credential_from_file( credential_file) temp_credential_file = datafile( os.path.join('gcloud', 'temp_well_known_file_service_account.json')) save_to_well_known_file(credentials, temp_credential_file) with open(temp_credential_file) as f: d = json.load(f) self.assertEqual('service_account', d['type']) self.assertEqual('123', d['client_id']) self.assertEqual('*****@*****.**', d['client_email']) self.assertEqual('ABCDEF', d['private_key_id']) os.remove(temp_credential_file)
def test_save_to_well_known_file_service_account(self): credential_file = datafile( os.path.join('gcloud', 'application_default_credentials.json')) credentials = _get_application_default_credential_from_file( credential_file) temp_credential_file = datafile( os.path.join('gcloud', 'temp_well_known_file_service_account.json')) save_to_well_known_file(credentials, temp_credential_file) with open(temp_credential_file) as f: d = json.load(f) self.assertEqual('service_account', d['type']) self.assertEqual('123', d['client_id']) self.assertEqual('*****@*****.**', d['client_email']) self.assertEqual('ABCDEF', d['private_key_id']) os.remove(temp_credential_file)
def test_save_to_well_known_file_authorized_user(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_authorized_user.json')) credentials = _get_application_default_credential_from_file( credentials_file) temp_credential_file = datafile( os.path.join('gcloud', 'temp_well_known_file_authorized_user.json')) save_to_well_known_file(credentials, temp_credential_file) with open(temp_credential_file) as f: d = json.load(f) self.assertEqual('authorized_user', d['type']) self.assertEqual('123', d['client_id']) self.assertEqual('secret', d['client_secret']) self.assertEqual('alabalaportocala', d['refresh_token']) os.remove(temp_credential_file)
def test_save_to_well_known_file_authorized_user(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials_authorized_user.json')) credentials = _get_application_default_credential_from_file( credentials_file) temp_credential_file = datafile( os.path.join('gcloud', 'temp_well_known_file_authorized_user.json')) save_to_well_known_file(credentials, temp_credential_file) with open(temp_credential_file) as f: d = json.load(f) self.assertEqual('authorized_user', d['type']) self.assertEqual('123', d['client_id']) self.assertEqual('secret', d['client_secret']) self.assertEqual('alabalaportocala', d['refresh_token']) os.remove(temp_credential_file)
def get_vision_service(api_key=None, credentials=None, settings=None): options = {} # explicits if api_key or credentials: # credentials if credentials and not api_key: if isinstance(credentials, dict): credentials = _get_application_default_credential_from_dict( credentials) logger.info('explicit credentials given.') options['credentials'] = credentials # api_key elif not credentials and api_key: logger.info('explicit api_key given.') options['developerKey'] = api_key # else: raise Exception("you can't pass both api_key= and credentials=") # settings elif settings: api_key = getattr(settings, 'GOOGLE_SERVER_APIKEY_', None) credentials = getattr(settings, 'GOOGLE_APPLICATION_CREDENTIALS', None) if api_key and credentials: raise Exception("you can't pass both api_key and credentials") # GOOGLE_APPLICATION_CREDENTIALS= if credentials and not api_key: if isinstance(credentials, dict): logger.info('credential dict given by settings') credentials = _get_application_default_credential_from_dict( credentials) else: logger.info('credential filename given by settings') credentials = _get_application_default_credential_from_file( credentials) options['credentials'] = credentials # GOOGLE_SERVER_APIKEY_= elif api_key and not credentials: logger.info('developer key given by settings') options['developerKey'] = api_key # merge keys starting with GOOGLE_APPLICATION_CREDENTIALS__ else: settings_tuple = [(key, getattr(settings, key)) for key in dir(settings)] # build with partials PREFIX = 'GOOGLE_APPLICATION_CREDENTIALS__' cred_dict = dict((key.replace(PREFIX, '').lower(), value) for (key, value) in settings_tuple if key.startswith(PREFIX)) # logger.info('all credential key/values given by settings') credentials = _get_application_default_credential_from_dict( cred_dict) options['credentials'] = credentials # read from environment variables else: # GOOGLE_SERVER_APIKEY_= api_key = os.environ.get('GOOGLE_SERVER_APIKEY_') if api_key: logger.info('developer key given by env variable') options['developerKey'] = api_key # default Service account keys else: logger.info('credentials filename given by env variable') # look for GOOGLE_APPLICATION_CREDENTIALS= , and others credentials = GoogleCredentials.get_application_default() options['credentials'] = credentials service = discovery.build('vision', 'v1', discoveryServiceUrl=DISCOVERY_URL, **options) return service
# For license information, see LICENSE.TXT import argparse, base64, httplib2 import re, os, fnmatch, codecs, json import logging logging.basicConfig() from oauth2client.client import _get_application_default_credential_from_file from apiclient import discovery CACHE_FILENAME="cached_json.json" API_DISCOVERY_FILE = 'https://{api}.googleapis.com/$discovery/rest?version={apiVersion}' http = httplib2.Http() credentials = _get_application_default_credential_from_file("credentials.json").create_scoped([ 'https://www.googleapis.com/auth/cloud-platform']) credentials.authorize(http) service = discovery.build('vision', 'v1', http=http, discoveryServiceUrl=API_DISCOVERY_FILE) from receipt_extractor import OCRReceiptExtractor def process_ocr_text(extracted_text): """ """ extractor=OCRReceiptExtractor(extracted_text) return extractor.processData() def extract_text(image_content): """
def test_get_application_default_credential_from_file_service_account(self): credentials_file = datafile( os.path.join('gcloud', 'application_default_credentials.json')) credentials = _get_application_default_credential_from_file( credentials_file) self.validate_service_account_credentials(credentials)
def prepare_credentials(self): from oauth2client.client import _get_application_default_credential_from_file credentials = _get_application_default_credential_from_file(os.path.join(self.directory, 'service_account.json')) return credentials.create_scoped(Service.SCOPE)