def test_create_scoped_required_with_scopes(self): self.credentials = _ServiceAccountCredentials(self.service_account_id, self.service_account_email, self.private_key_id, self.private_key, self.scopes) self.assertFalse(self.credentials.create_scoped_required())
def ServiceAccountCredentials_from_dict(credentials): return _ServiceAccountCredentials( service_account_id=credentials["client_id"], service_account_email=credentials["client_email"], private_key_id=credentials["private_key_id"], private_key_pkcs8_text=credentials["private_key"], scopes=[])
def ServiceAccountCredentialsFromFile(filename, scopes, user_agent=None): """Use the credentials in filename to create a token for scopes.""" filename = os.path.expanduser(filename) # We have two options, based on our version of oauth2client. if oauth2client.__version__ > '1.5.2': # oauth2client >= 2.0.0 credentials = ( service_account.ServiceAccountCredentials.from_json_keyfile_name( filename, scopes=scopes)) if credentials is not None: if user_agent is not None: credentials.user_agent = user_agent return credentials else: # oauth2client < 2.0.0 with open(filename) as keyfile: service_account_info = json.load(keyfile) account_type = service_account_info.get('type') if account_type != oauth2client.client.SERVICE_ACCOUNT: raise exceptions.CredentialsError( 'Invalid service account credentials: %s' % (filename,)) # pylint: disable=protected-access credentials = service_account._ServiceAccountCredentials( service_account_id=service_account_info['client_id'], service_account_email=service_account_info['client_email'], private_key_id=service_account_info['private_key_id'], private_key_pkcs8_text=service_account_info['private_key'], scopes=scopes, user_agent=user_agent) # pylint: enable=protected-access return credentials
def ServiceAccountCredentialsFromFile(filename, scopes, user_agent=None): """Use the credentials in filename to create a token for scopes.""" filename = os.path.expanduser(filename) # We have two options, based on our version of oauth2client. if oauth2client.__version__ > '1.5.2': # oauth2client >= 2.0.0 credentials = ( service_account.ServiceAccountCredentials.from_json_keyfile_name( filename, scopes=scopes)) if credentials is not None: if user_agent is not None: credentials.user_agent = user_agent return credentials else: # oauth2client < 2.0.0 with open(filename) as keyfile: service_account_info = json.load(keyfile) account_type = service_account_info.get('type') if account_type != oauth2client.client.SERVICE_ACCOUNT: raise exceptions.CredentialsError( 'Invalid service account credentials: %s' % (filename, )) # pylint: disable=protected-access credentials = service_account._ServiceAccountCredentials( service_account_id=service_account_info['client_id'], service_account_email=service_account_info['client_email'], private_key_id=service_account_info['private_key_id'], private_key_pkcs8_text=service_account_info['private_key'], scopes=scopes, user_agent=user_agent) # pylint: enable=protected-access return credentials
def test_service_account_via_json_key(self): from oauth2client import service_account from gcloud._testing import _Monkey from gcloud import credentials as MUT scopes = [] PRIVATE_TEXT = 'dummy_private_key_pkcs8_text' def _get_private_key(private_key_pkcs8_text): return private_key_pkcs8_text with _Monkey(service_account, _get_private_key=_get_private_key): credentials = service_account._ServiceAccountCredentials( 'dummy_service_account_id', 'dummy_service_account_email', 'dummy_private_key_id', PRIVATE_TEXT, scopes) load_result = object() openssl_crypto = _OpenSSLCrypto(load_result, None) with _Monkey(MUT, crypto=openssl_crypto): result = self._callFUT(credentials) self.assertEqual(result, load_result) self.assertEqual(openssl_crypto._loaded, [(openssl_crypto.FILETYPE_PEM, PRIVATE_TEXT)]) self.assertEqual(openssl_crypto._signed, [])
def setUp(self): self.service_account_id = '123' self.service_account_email = '*****@*****.**' self.private_key_id = 'ABCDEF' self.private_key = datafile('pem_from_pkcs12.pem') self.scopes = ['dummy_scope'] self.credentials = _ServiceAccountCredentials( self.service_account_id, self.service_account_email, self.private_key_id, self.private_key, [])
def setUp(self): self.service_account_id = '123' self.service_account_email = '*****@*****.**' self.private_key_id = 'ABCDEF' self.private_key = datafile('pem_from_pkcs12.pem') self.scopes = ['dummy_scope'] self.credentials = _ServiceAccountCredentials(self.service_account_id, self.service_account_email, self.private_key_id, self.private_key, [])
def run_json(): with open(JSON_KEY_PATH, 'r') as file_object: client_credentials = json.load(file_object) credentials = service_account._ServiceAccountCredentials( service_account_id=client_credentials['client_id'], service_account_email=client_credentials['client_email'], private_key_id=client_credentials['private_key_id'], private_key_pkcs8_text=client_credentials['private_key'], scopes=SCOPE, ) _check_user_info(credentials, client_credentials['client_email'])
def test_json_type(self): from oauth2client import service_account from gcloud._testing import _Monkey def _get_private_key(private_key_pkcs8_text): return private_key_pkcs8_text SERVICE_ACCOUNT_NAME = 'SERVICE_ACCOUNT_NAME' with _Monkey(service_account, _get_private_key=_get_private_key): CREDENTIALS = service_account._ServiceAccountCredentials( 'bogus_id', SERVICE_ACCOUNT_NAME, 'bogus_id', 'bogus_key_text', []) found = self._callFUT(CREDENTIALS) self.assertEqual(found, SERVICE_ACCOUNT_NAME)
def test_json_type(self): from oauth2client import service_account from gcloud._testing import _Monkey PRIVATE_KEY_TEXT = 'dummy_private_key_pkcs8_text' STRING_TO_SIGN = b'dummy_signature' def _get_private_key(private_key_pkcs8_text): return private_key_pkcs8_text with _Monkey(service_account, _get_private_key=_get_private_key): CREDENTIALS = service_account._ServiceAccountCredentials( 'dummy_service_account_id', 'dummy_service_account_email', 'dummy_private_key_id', PRIVATE_KEY_TEXT, []) self._run_with_fake_crypto(CREDENTIALS, PRIVATE_KEY_TEXT, STRING_TO_SIGN)
def test_service_account_via_json_key(self): from oauth2client import service_account from gcloud._testing import _Monkey scopes = [] PRIVATE_TEXT = 'dummy_private_key_pkcs8_text' def _get_private_key(private_key_pkcs8_text): return private_key_pkcs8_text ACCOUNT_NAME = 'dummy_service_account_email' with _Monkey(service_account, _get_private_key=_get_private_key): credentials = service_account._ServiceAccountCredentials( 'dummy_service_account_id', ACCOUNT_NAME, 'dummy_private_key_id', PRIVATE_TEXT, scopes) self._run_test_with_credentials(credentials, ACCOUNT_NAME)
def test_without_pyopenssl(self): from oauth2client import service_account from gcloud._testing import _Monkey from gcloud import credentials as credentials_mod PRIVATE_TEXT = 'dummy_private_key_pkcs8_text' def _get_private_key(private_key_pkcs8_text): return private_key_pkcs8_text with _Monkey(service_account, _get_private_key=_get_private_key): credentials = service_account._ServiceAccountCredentials( 'dummy_service_account_id', 'dummy_service_account_email', 'dummy_private_key_id', PRIVATE_TEXT, '') with _Monkey(credentials_mod, crypto=None): with self.assertRaises(EnvironmentError): self._callFUT(credentials)
def test_service_account_via_json_key(self): from oauth2client import service_account from gcloud._testing import _Monkey from gcloud import credentials as MUT scopes = [] PRIVATE_TEXT = 'dummy_private_key_pkcs8_text' def _get_private_key(private_key_pkcs8_text): return private_key_pkcs8_text with _Monkey(service_account, _get_private_key=_get_private_key): credentials = service_account._ServiceAccountCredentials( 'dummy_service_account_id', 'dummy_service_account_email', 'dummy_private_key_id', PRIVATE_TEXT, scopes) rsa = _RSA() with _Monkey(MUT, RSA=rsa): result = self._callFUT(credentials) expected = 'imported:%s' % (PRIVATE_TEXT,) self.assertEqual(result, expected)
def get_credentials(credential_file=None, credentials=None): if credential_file: return GoogleCredentials.from_stream(credential_file) if credentials and credentials["type"] == "service_account": return _ServiceAccountCredentials( service_account_id=credentials["client_id"], service_account_email=credentials["client_email"], private_key_id=credentials["private_key_id"], private_key_pkcs8_text=credentials["private_key"], scopes=[]) if credentials and credentials["type"] == "authorized_user": return GoogleCredentials( access_token=None, client_id=credentials["client_id"], client_secret=credentials["client_secret"], refresh_token=credentials["refresh_token"], token_expiry=None, token_uri=GOOGLE_TOKEN_URI, user_agent="pghoard") return GoogleCredentials.get_application_default()