def get_hmac_key_metadata( self, access_id, project_id=None, user_project=None, timeout=_DEFAULT_TIMEOUT ): """Return a metadata instance for the given HMAC key. :type access_id: str :param access_id: Unique ID of an existing key. :type project_id: str :param project_id: (Optional) project ID of an existing key. Defaults to client's project. :type timeout: float or tuple :param timeout: (optional) The amount of time, in seconds, to wait for the server response. Can also be passed as a tuple (connect_timeout, read_timeout). See :meth:`requests.Session.request` documentation for details. :type user_project: str :param user_project: (Optional) This parameter is currently ignored. """ metadata = HMACKeyMetadata(self, access_id, project_id, user_project) metadata.reload(timeout=timeout) # raises NotFound for missing key return metadata
def create_hmac_key(self, service_account_email, project_id=None): """Create an HMAC key for a service account. :type service_account_email: str :param service_account_email: e-mail address of the service account :type project_id: str :param project_id: (Optional) explicit project ID for the key. Defaults to the client's project. :rtype: Tuple[:class:`~google.cloud.storage.hmac_key.HMACKeyMetadata`, str] :returns: metadata for the created key, plus the bytes of the key's secret, which is an 40-character base64-encoded string. """ if project_id is None: project_id = self.project path = "/projects/{}/hmacKeys".format(project_id) qs_params = {"serviceAccountEmail": service_account_email} api_response = self._connection.api_request( method="POST", path=path, query_params=qs_params ) metadata = HMACKeyMetadata(self) metadata._properties = api_response["metadata"] secret = api_response["secret"] return metadata, secret
def get_hmac_key_metadata(self, access_id, project_id=None): """Return a metadata instance for the given HMAC key. :type access_id: str :param access_id: Unique ID of an existing key. :type project_id: str :param project_id: (Optional) project ID of an existing key. Defaults to client's project. """ metadata = HMACKeyMetadata(self, access_id, project_id) metadata.reload() # raises NotFound for missing key return metadata
def create_hmac_key( self, service_account_email, project_id=None, user_project=None, timeout=_DEFAULT_TIMEOUT, ): """Create an HMAC key for a service account. :type service_account_email: str :param service_account_email: e-mail address of the service account :type project_id: str :param project_id: (Optional) Explicit project ID for the key. Defaults to the client's project. :type user_project: str :param user_project: (Optional) This parameter is currently ignored. :type timeout: float or tuple :param timeout: (Optional) The amount of time, in seconds, to wait for the server response. Can also be passed as a tuple (connect_timeout, read_timeout). See :meth:`requests.Session.request` documentation for details. :rtype: Tuple[:class:`~google.cloud.storage.hmac_key.HMACKeyMetadata`, str] :returns: metadata for the created key, plus the bytes of the key's secret, which is an 40-character base64-encoded string. """ if project_id is None: project_id = self.project path = "/projects/{}/hmacKeys".format(project_id) qs_params = {"serviceAccountEmail": service_account_email} if user_project is not None: qs_params["userProject"] = user_project api_response = self._connection.api_request( method="POST", path=path, query_params=qs_params, timeout=timeout, retry=None, ) metadata = HMACKeyMetadata(self) metadata._properties = api_response["metadata"] secret = api_response["secret"] return metadata, secret
def test_hmac_key_crud(storage_client, scrubbed_hmac_keys, service_account): from google.cloud.storage.hmac_key import HMACKeyMetadata before_hmac_keys, hmac_keys_to_delete = scrubbed_hmac_keys email = service_account.service_account_email metadata, secret = storage_client.create_hmac_key(email) hmac_keys_to_delete.append(metadata) assert isinstance(secret, str) assert len(secret) == 40 after_hmac_keys = set(storage_client.list_hmac_keys()) assert metadata not in before_hmac_keys assert metadata in after_hmac_keys another = HMACKeyMetadata(storage_client) another._properties["accessId"] = "nonesuch" assert not another.exists() another._properties["accessId"] = metadata.access_id assert another.exists() another.reload() assert another._properties == metadata._properties metadata.state = HMACKeyMetadata.INACTIVE_STATE metadata.update() metadata.delete() hmac_keys_to_delete.remove(metadata)
def _item_to_hmac_key_metadata(iterator, item): """Convert a JSON key metadata resource to the native object. :type iterator: :class:`~google.api_core.page_iterator.Iterator` :param iterator: The iterator that has retrieved the item. :type item: dict :param item: An item to be converted to a key metadata instance. :rtype: :class:`~google.cloud.storage.hmac_key.HMACKeyMetadata` :returns: The next key metadata instance in the page. """ metadata = HMACKeyMetadata(iterator.client) metadata._properties = item return metadata
def hmac_key_update(client, _preconditions, **resources): access_id = resources.get("hmac_key").access_id etag = resources.get("hmac_key").etag hmac_key = HMACKeyMetadata(client, access_id=access_id) if _preconditions: pytest.skip("Etag is not yet supported") hmac_key.etag = etag hmac_key.state = "INACTIVE" hmac_key.update()
def hmac_key_delete(client, _preconditions, **resources): access_id = resources.get("hmac_key").access_id hmac_key = HMACKeyMetadata(client, access_id=access_id) hmac_key.state = "INACTIVE" hmac_key.update() hmac_key.delete()
def hmac_key_reload(client, _preconditions, **resources): access_id = resources.get("hmac_key").access_id hmac_key = HMACKeyMetadata(client, access_id=access_id) hmac_key.reload()