def __buildHttp(cls, http, options, url, method='GET'): _http = None try: if not isinstance(options, dict): if options == None: options = {} else: raise TypeError('Error: options must be a dict') if not isinstance(http, googleapiclient.http.httplib2.Http): raise TypeError( 'Error: http must be an http request of googlepiclient.http.httplib2.Http class' ) if not isinstance(url, str): raise TypeError('Error: url must be a str') if not isinstance(method, str): raise TypeError('Error: method must be a str') _request = httplib2.AuthorizedHttp(cls.token, http) _options = options _url = f'{url}?' _method = method for key, value in dict(_options).items(): _url += f'{key}={value}&' _http = {'request': _request, 'url': _url, 'method': _method} except Exception: print_exc() finally: return _http
def test_close(self): with mock.patch("httplib2.Http.close", autospec=True) as close: authed_http = google_auth_httplib2.AuthorizedHttp( mock.sentinel.credentials) authed_http.close() close.assert_called_once()
def build_request(http, *args, **kwargs): new_http = httplib2.Http() if user_agent is not None: new_http = set_user_agent(new_http, user_agent) if credentials is not None: new_http = google_auth_httplib2.AuthorizedHttp(credentials, http=new_http) return googleapiclient.http.HttpRequest(new_http, *args, **kwargs)
def get_client(): """BigQuery-Client erzeugen.""" credentials = google.auth.credentials.with_scopes_if_required( get_credentials(), bigquery.Client.SCOPE) return bigquery.Client(project=replication_config.BIGQUERY_PROJECT, _http=google_auth_httplib2.AuthorizedHttp( credentials, httplib2.Http(timeout=60)))
def _BuildService(self): http = httplib2.Http(timeout=_HTTP_TIMEOUT_SECONDS) http = google_auth_httplib2.AuthorizedHttp(self._credentials, http) api = googleapiclient.discovery.build( 'clouddebugger', 'v2', http=http, cache_discovery=False) return api.controller()
def authenticate(cls, json_path=None): """Authenticates for Cloud Natural Language API and returns a parser. If a service account private key file is not given, it tries to authenticate with default credentials. Args: json_path: A file path to a service account's JSON private keyfile. (str, optional) Returns: Budou parser. (Budou) """ import google_auth_httplib2 from googleapiclient import discovery scope = ['https://www.googleapis.com/auth/cloud-platform'] if json_path: try: from google.oauth2 import service_account credentials = service_account.Credentials.from_service_account_file( json_path) scoped_credentials = credentials.with_scopes(scope) except ImportError: print('''Failed to load google.oauth2.service_account module. If you are running this script in Google App Engine environment, please call `authenticate` method with empty argument to authenticate with default credentials.''') else: import google.auth scoped_credentials, project = google.auth.default(scope) authed_http = google_auth_httplib2.AuthorizedHttp(scoped_credentials) service = discovery.build('language', 'v1beta2', http=authed_http) return cls(service)
def _authenticate(self, cache_discovery): import google_auth_httplib2 import googleapiclient.discovery scope = ['https://www.googleapis.com/auth/cloud-platform'] if self.credentials_path: try: from google.oauth2 import service_account credentials = service_account.Credentials.from_service_account_file( self.credentials_path) scoped_credentials = credentials.with_scopes(scope) except ImportError: logging.error( 'Failed to load google.oauth2.service_account module. ' 'If you are running this script in Google App Engine ' 'environment, you can initialize the segmenter with ' 'default credentials.') else: import google.auth scoped_credentials, _ = google.auth.default(scope) authed_http = google_auth_httplib2.AuthorizedHttp(scoped_credentials) service = googleapiclient.discovery.build( 'language', 'v1beta2', http=authed_http, cache_discovery=cache_discovery) return service
def init(self, conf): # type: (ConfigTree) -> None self.key_path = conf.get_string( BigQueryTableUsageExtractor.KEY_PATH_KEY, None) if self.key_path: credentials = ( google.oauth2.service_account.Credentials. from_service_account_file( self.key_path, scopes=BigQueryTableUsageExtractor._DEFAULT_SCOPES)) else: credentials, _ = google.auth.default( scopes=BigQueryTableUsageExtractor._DEFAULT_SCOPES) http = httplib2.Http() authed_http = google_auth_httplib2.AuthorizedHttp(credentials, http=http) self.logging_service = build('logging', 'v2', http=authed_http, cache_discovery=False) self.timestamp = conf.get_string( BigQueryTableUsageExtractor.TIMESTAMP_KEY, (date.today() - timedelta(days=1)).strftime('%Y-%m-%dT00:00:00Z')) self.projectid = conf.get_string( BigQueryTableUsageExtractor.PROJECT_ID_KEY) self.pagesize = conf.get_int( BigQueryTableUsageExtractor.PAGE_SIZE_KEY, BigQueryTableUsageExtractor.DEFAULT_PAGE_SIZE) self.table_usage_counts = {} self._count_usage() self.iter = iter(self.table_usage_counts)
def init(self, conf): # type: (ConfigTree) -> None self.key_path = conf.get_string(BigQueryMetadataExtractor.KEY_PATH_KEY, None) self.project_id = conf.get_string( BigQueryMetadataExtractor.PROJECT_ID_KEY) self.pagesize = conf.get_int( BigQueryMetadataExtractor.PAGE_SIZE_KEY, BigQueryMetadataExtractor.DEFAULT_PAGE_SIZE) self.filter = conf.get_string(BigQueryMetadataExtractor.FILTER_KEY, '') if self.key_path: credentials = ( google.oauth2.service_account.Credentials. from_service_account_file( self.key_path, scopes=BigQueryMetadataExtractor._DEFAULT_SCOPES)) else: credentials, _ = google.auth.default( scopes=BigQueryMetadataExtractor._DEFAULT_SCOPES) http = httplib2.Http() authed_http = google_auth_httplib2.AuthorizedHttp(credentials, http=http) self.bigquery_service = build('bigquery', 'v2', http=authed_http, cache_discovery=False) self.datasets = self._retrieve_datasets() self.iter = iter(self._iterate_over_tables()) self.grouped_tables = set([])
def AuthorizeClient(self, http_client, creds): """Returns an http_client authorized with the given credentials.""" if core_creds.IsGoogleAuthCredentials(creds): http_client = google_auth_httplib2.AuthorizedHttp(creds, http_client) else: http_client = creds.authorize(http_client) return http_client
def __init__(self, creds, autorefresh=True): try: self.creds = Credentials.from_json(creds) except TypeError: self.creds = creds if self.creds.expired and self.creds.refresh_token \ and autorefresh: self.creds.refresh(Request()) http = google_auth_httplib2.AuthorizedHttp(self.creds) #see bug https://github.com/googleapis/google-api-python-client/issues/803#issuecomment-578151576 http.http.redirect_codes = set(http.http.redirect_codes) - {308} self._service = build('drive', 'v3', http=http) self.id = None self.drive = self self.default_fields = 'id, name, mimeType, parents, spaces' root_folder = self.item_by_id("root") super().__init__(self, root_folder.parent_ids, root_folder.name, root_folder.id, root_folder.spaces) if 'https://www.googleapis.com/auth/drive.appdata' in self.creds.scopes: self.appdata = self.item_by_id("appDataFolder")
def build_request(http, *args, **kwargs): """ See https://googleapis.github.io/google-api-python-client/docs/thread_safety.html """ new_http = google_auth_httplib2.AuthorizedHttp( creds, http=httplib2.Http()) return googleapiclient.http.HttpRequest(new_http, *args, **kwargs)
def authorized_http(credentials): """Returns an http client that is authorized with the given credentials. Args: credentials (Union[ google.auth.credentials.Credentials, oauth2client.client.Credentials]): The credentials to use. Returns: Union[httplib2.Http, google_auth_httplib2.AuthorizedHttp]: An authorized http client. """ from googleapiclient.http import build_http if HAS_GOOGLE_AUTH and isinstance( credentials, google.auth.credentials.Credentials): if google_auth_httplib2 is None: raise ValueError( 'Credentials from google.auth specified, but ' 'google-api-python-client is unable to use these credentials ' 'unless google-auth-httplib2 is installed. Please install ' 'google-auth-httplib2.') return google_auth_httplib2.AuthorizedHttp(credentials, http=build_http()) else: return credentials.authorize(build_http())
def test_request_no_refresh(self): mock_credentials = mock.Mock(wraps=MockCredentials()) mock_response = MockResponse() mock_http = MockHttp([mock_response]) authed_http = google_auth_httplib2.AuthorizedHttp( mock_credentials, http=mock_http ) response, data = authed_http.request(self.TEST_URL) assert response == mock_response assert data == mock_response.data assert mock_credentials.before_request.called assert not mock_credentials.refresh.called assert mock_http.requests == [ ( "GET", self.TEST_URL, None, {"authorization": "token"}, httplib2.DEFAULT_MAX_REDIRECTS, None, ) ]
def test_request_positional_args(self): """Verifies that clients can pass args to request as positioanls.""" mock_credentials = mock.Mock(wraps=MockCredentials()) mock_response = MockResponse() mock_http = MockHttp([mock_response]) authed_http = google_auth_httplib2.AuthorizedHttp( mock_credentials, http=mock_http ) response, data = authed_http.request( self.TEST_URL, "GET", None, None, httplib2.DEFAULT_MAX_REDIRECTS, None ) assert response == mock_response assert data == mock_response.data assert mock_credentials.before_request.called assert not mock_credentials.refresh.called assert mock_http.requests == [ ( "GET", self.TEST_URL, None, {"authorization": "token"}, httplib2.DEFAULT_MAX_REDIRECTS, None, ) ]
def test_timeout(self): authed_http = google_auth_httplib2.AuthorizedHttp(mock.sentinel.credentials) assert authed_http.timeout == authed_http.http.timeout authed_http.timeout = mock.sentinel.timeout assert authed_http.http.timeout == mock.sentinel.timeout
def test_redirect_codes(self): authed_http = google_auth_httplib2.AuthorizedHttp(mock.sentinel.credentials) assert authed_http.redirect_codes == authed_http.http.redirect_codes authed_http.redirect_codes = mock.sentinel.redirect_codes assert authed_http.http.redirect_codes == mock.sentinel.redirect_codes
def test_connections(self): authed_http = google_auth_httplib2.AuthorizedHttp(mock.sentinel.credentials) assert authed_http.connections == authed_http.http.connections authed_http.connections = mock.sentinel.connections assert authed_http.http.connections == mock.sentinel.connections
def build_client(self): service_account_data = self.credential.content['service_account'] service_account_data['private_key'] = service_account_data[ 'private_key'].replace('\\n', '\n') credentials = service_account.Credentials.from_service_account_info( service_account_data, scopes=self.credential.scopes) if HTTP_PROXY: _, host, port = HTTP_PROXY.split(':') try: port = int(port) except ValueError: raise EnvironmentError('HTTP_PROXY incorrect format') proxied_http = httplib2.Http(proxy_info=httplib2.ProxyInfo( httplib2.socks.PROXY_TYPE_HTTP, host.replace('//', ''), port)) authorized_http = google_auth_httplib2.AuthorizedHttp( credentials, http=proxied_http) service = googleapiclient.discovery.build('compute', 'v1', http=authorized_http) else: service = googleapiclient.discovery.build( 'compute', 'v1', credentials=credentials, ) return service
def custom_execute(self: HttpRequest, *args, **kwargs): is_google_workspace = getattr(self.http.credentials, "is_google_workspace", False) if is_google_workspace and self.http.credentials.threading: self.http = google_auth_httplib2.AuthorizedHttp( self.http.credentials, http=Http()) try: data = error_handled_execute(self, *args, **kwargs) except HttpError as e: # Tell the user which scopes are required if (e.reason == "Request had insufficient authentication scopes." and is_google_workspace): content = json.loads( discovery_cache.get_static_doc( self.http.credentials.api, self.http.credentials.version)) scopes = get_scopes_by_method_id(self.methodId, content) print( f"Error: `{self.methodId}` requires one of these scopes: {scopes} , but you have {self.http.credentials.authenticated_scopes}" ) raise finally: if is_google_workspace and self.http.credentials.threading: # close connection when using threads, because on the next # call we will be creating a new AuthorizedHttp anyway self.http.close() return data
def send_reports(): if request.headers.get('X-Appengine-Cron') != 'true': abort(404) already_parsed_endpoint_ids = fetch_all_endpoint_ids() print(already_parsed_endpoint_ids) with open('oauth2.txt') as f: cdata = json.load(f) httpc = httplib2.Http() req = google_auth_httplib2.Request(httpc) creds = google.oauth2.credentials.Credentials.from_authorized_user_file('oauth2.txt') creds.token = cdata.get('token', cdata.get('auth_token', '')) creds._id_token = cdata.get('id_token_jwt', cdata.get('id_token', None)) token_expiry = cdata.get('token_expiry', '1970-01-01T00:00:01Z') creds.expiry = datetime.datetime.strptime(token_expiry, '%Y-%m-%dT%H:%M:%SZ') creds.refresh(req) httpc = google_auth_httplib2.AuthorizedHttp(creds, httpc) rep = googleapiclient.discovery.build('admin', 'reports_v1', http=httpc, cache_discovery=False) gmail = googleapiclient.discovery.build('gmail', 'v1', http=httpc, cache_discovery=False) cal = googleapiclient.discovery.build('calendar', 'v3', http=httpc, cache_discovery=False) now = datetime.datetime.utcnow() two_days_ago = now - datetime.timedelta(days=2) two_days_ago = two_days_ago.isoformat(timespec='seconds') + 'Z' min_age = now - datetime.timedelta(minutes=MINIMUM_AGE_MINUTES) min_age = min_age.isoformat(timespec='seconds') + 'Z' print(f'Start time: {two_days_ago} End time: {min_age}') response = gapi.call_pages(rep.activities(), 'list', applicationName='meet', userKey='all', eventName='call_ended', startTime=two_days_ago, endTime=min_age) meetings = parse_report(response, cal, ignore_endpoint_ids=already_parsed_endpoint_ids) draw_meetings(gmail, meetings) return 'all done!'
def build_authorized_service(service, version, credentials=None): """Builds an authorized service proxy with custom user agent. Args: service (str): name of service requested. version (str): version of service requested. credentials (google.auth.Credentials): Credentials to authorize client. Returns: Resource: Authorized compute service proxy with custom user agent. """ headers = get_user_agent_header() if PY2: httplib2.Http.request.__func__.func_defaults = ('GET', None, headers, 5, None) elif PY3: httplib2.Http.request.func_defaults = ('GET', None, headers, 5, None) default_credentials, _ = google.auth.default() authorized_http = google_auth_httplib2.AuthorizedHttp( credentials or default_credentials) service = discovery.build(service, version, cache_discovery=False, http=authorized_http) return service
def init(self, conf: ConfigTree) -> None: # should use key_path, or cred_key if the former doesn't exist self.key_path = conf.get_string(BaseBigQueryExtractor.KEY_PATH_KEY, None) self.cred_key = conf.get_string(BaseBigQueryExtractor.CRED_KEY, None) self.project_id = conf.get_string(BaseBigQueryExtractor.PROJECT_ID_KEY) self.pagesize = conf.get_int( BaseBigQueryExtractor.PAGE_SIZE_KEY, BaseBigQueryExtractor.DEFAULT_PAGE_SIZE) self.filter = conf.get_string(BaseBigQueryExtractor.FILTER_KEY, '') if self.key_path: credentials = ( google.oauth2.service_account.Credentials.from_service_account_file( self.key_path, scopes=self._DEFAULT_SCOPES)) else: if self.cred_key: service_account_info = json.loads(self.cred_key) credentials = ( google.oauth2.service_account.Credentials.from_service_account_info( service_account_info, scopes=self._DEFAULT_SCOPES)) else: # FIXME: mypy can't find this attribute google_auth: Any = getattr(google, 'auth') credentials, _ = google_auth.default(scopes=self._DEFAULT_SCOPES) http = httplib2.Http() authed_http = google_auth_httplib2.AuthorizedHttp(credentials, http=http) self.bigquery_service = build('bigquery', 'v2', http=authed_http, cache_discovery=False) self.logging_service = build('logging', 'v2', http=authed_http, cache_discovery=False) self.iter: Iterator[Any] = iter([])
def destroy_cloudfunction_artifacts(name): """Destroys all images stored in cloud storage that are related to the function.""" client = Client("cloudresourcemanager", "v1", calls="projects") resp = client.execute("get", parent_key="projectId", parent_schema=get_default_project()) project_number = resp["projectNumber"] region = get_default_location() if not region: raise Exception("Missing Region") bucket_name = f"gcf-sources-{project_number}-{get_default_location()}" http = client.http or google_auth_httplib2.AuthorizedHttp( get_credentials()) resp = http.request( f"https://storage.googleapis.com/storage/v1/b/{bucket_name}/o?prefix={name}" ) objects = json.loads(resp[1]) if not objects.get("items"): log.info("Artifacts already deleted") return for storage in objects["items"]: log.info(f"Deleting artifact {storage['name']}") resp = http.request( f"https://storage.googleapis.com/storage/v1/b/{bucket_name}/o/{quote_plus(storage['name'])}", method="DELETE", )
def from_credentials(cls, credentials: credentials.Credentials): http_client = http.set_user_agent(http.build_http(), 'django-cloud-deploy') auth_http = google_auth_httplib2.AuthorizedHttp(credentials, http=http_client) return cls( discovery.build('cloudresourcemanager', 'v1', http=auth_http))
def _create_directory_service(self, user_email=None): """Build and return a Google Admin SDK Directory API service object. Args: user_email: String, The email address of the user that needs permission to access the admin APIs. Returns: Google Admin SDK Directory API service object. Raises: UnauthorizedUserError: If a user email is not provided. """ if user_email and user_email.split('@')[1] in constants.APP_DOMAINS: credentials = service_account.Credentials.from_service_account_file( filename=constants.SECRETS_FILE, scopes=constants.DIRECTORY_SCOPES, subject=constants.ADMIN_EMAIL) logging.info('Created delegated credentials for %s.', user_email) else: raise UnauthorizedUserError('User Email not provided.') return build( serviceName='admin', version='directory_v1', http=google_auth_httplib2.AuthorizedHttp(credentials=credentials))
def __init__(self, resource, version="v1", credentials=None, calls=None, parent_schema=None): self.project_id = get_default_project() self.location_id = get_default_location() self.calls = calls self.resource = resource self.version = version self.parent_schema = parent_schema self.http = self.http_for_tests() self._credentials = credentials or get_credentials() if self.http: self.credentials = None self.http = google_auth_httplib2.AuthorizedHttp(self._credentials, http=self.http) else: self.credentials = self._credentials self.client = build( resource, version, credentials=self.credentials, cache_discovery=False, http=self.http, ) self.parent = None if self.parent_schema: self.parent = self.parent_schema.format( project_id=self.project_id, location_id=self.location_id)
def authorized_http(credentials, default_http=None): """Returns an http client that is authorized with the given credentials. Args: credentials (Union[ google.auth.credentials.Credentials, oauth2client.client.Credentials]): The credentials to use. default_http (Union[httplib2.Http, None]): A httplib2.Http object which will be used to make http requests. Returns: Union[httplib2.Http, google_auth_httplib2.AuthorizedHttp]: An authorized http client. """ http = default_http if not http: from googleapiclient.http import build_http http = build_http() if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials): if google_auth_httplib2 is None: raise ValueError( 'Credentials from google.auth specified, but ' 'google-api-python-client is unable to use these credentials ' 'unless google-auth-httplib2 is installed. Please install ' 'google-auth-httplib2.') return google_auth_httplib2.AuthorizedHttp(credentials, http=http) else: return credentials.authorize(http)
def AuthorizeHttp(http, credentials, scopes=None): """Helper function to apply credentials to an HTTP client.""" if not credentials: return http # TODO: try to use default credentials if scopes: credentials = ga_credentials.with_scopes_if_required(credentials, scopes) return google_auth_httplib2.AuthorizedHttp(credentials, http)
def produce_profile_message(creds: Credentials): """Generate a message containing the users profile inforamtion.""" http = google_auth_httplib2.AuthorizedHttp(creds) people_api = discovery.build('people', 'v1', http=http) try: person = people_api.people().get(resourceName='people/me', personFields=','.join([ 'names', 'addresses', 'emailAddresses', 'phoneNumbers', 'photos', ])).execute() except Exception as e: logging.exception(e) return { 'text': 'Failed to fetch profile info: ```%s```' % e, } card = {} if person.get('names') and person.get('photos'): card.update({ 'header': { 'title': person['names'][0]['displayName'], 'imageUrl': person['photos'][0]['url'], 'imageStyle': 'AVATAR', }, }) widgets = [] for email_address in person.get('emailAddresses', []): widgets.append({ 'keyValue': { 'icon': 'EMAIL', 'content': email_address['value'], } }) for phone_number in person.get('phoneNumbers', []): widgets.append({ 'keyValue': { 'icon': 'PHONE', 'content': phone_number['value'], } }) for address in person.get('addresses', []): if 'formattedValue' in address: widgets.append({ 'keyValue': { 'icon': 'MAP_PIN', 'content': address['formattedValue'], } }) if widgets: card.update({'sections': [{ 'widgets': widgets, }]}) if card: return {'cards': [card]} return { 'text': 'Hmm, no profile information found', }