def make_user_client(scope):
"""Make a Storage API client authenticated with a user account."""
credential_storage = CredentialStorage(FLAGS.credentials_file)
creds = credential_storage.get()
if creds is None or creds.invalid:
flow = flow_from_clientsecrets(FLAGS.client_secrets, scope=scope,
message=MISSING_CLIENT_SECRETS_MESSAGE)
creds = run_oauth2(flow, credential_storage)
http = creds.authorize(httplib2.Http())
return discovery_build('storage', 'v1beta1', http=http)
def get_authenticated_service(scope):
print 'Authenticating...'
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=scope,
message=MISSING_CLIENT_SECRETS_MESSAGE)
credential_storage = CredentialStorage(CREDENTIALS_FILE)
credentials = credential_storage.get()
if credentials is None or credentials.invalid:
credentials = run_oauth2(flow, credential_storage)
print 'Constructing Google Cloud Storage service...'
http = credentials.authorize(httplib2.Http())
return discovery_build('storage', 'v1', http=http)
def get_authenticated_service(scope):
print('Authenticating...')
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE,
scope=scope,
message=MISSING_CLIENT_SECRETS_MESSAGE)
credential_storage = CredentialStorage(CREDENTIALS_FILE)
credentials = credential_storage.get()
if credentials is None or credentials.invalid:
credentials = run_oauth2(flow, credential_storage)
print('Constructing Google Cloud Storage service...')
http = credentials.authorize(httplib2.Http())
return discovery_build('storage', 'v1', http=http)
def _create_http_auth_client(self, force_auth, debug_level):
'''
Creates an authenticated HTTP request object.
@param force_auth: Flag to recreate the stored credentials [True | False].
@param debug_level:The level of debugging message to use (0 to 4).
@return:
config.app_data['http_client'] = http_client
config.app_data['auth_http_client'] = auth_http
@note: In order for this function to work you need to populate the
client_secrets.json file.
The credentials are stored in a local file and reused without going through
the OAuth2 flow again, unless you force the authentication to be executed.
This might be required to change the authentication scope.
'''
# Authenticate the application.
# Set up a Flow object to be used for authentication.
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=config.app_data['scope'],
message=MISSING_CLIENT_SECRETS_MESSAGE)
# If the credentials don't exist or are invalid run through the native client
# flow. The Storage object will ensure that if successful the good
# credentials will get written back to the file.
credential_storage = CredentialStorage(CREDENTIALS_FILE)
credentials = credential_storage.get()
if credentials is None or credentials.invalid or force_auth:
credentials = run_oauth2(flow, credential_storage)
# Create Google Cloud Storage authenticated client.
# Create an httplib2.Http object to handle our HTTP requests
# and authorize it with our good Credentials.
http_client = httplib2.Http()
if debug_level != None:
# Set debug level.
httplib2.debuglevel=debug_level
auth_http = credentials.authorize(http_client)
# Update global application information.
config.app_data['http_client'] = http_client
config.app_data['auth_http_client'] = auth_http
def login(provider_name):
"""
Login handler, must accept both GET and POST to be able to use OpenID.
"""
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=OAUTH_SCOPE,
message=MISSING_CLIENT_SECRETS_MESSAGE)
credential_storage = CredentialStorage(CREDENTIALS_FILE)
credentials = run_oauth2(flow, credential_storage)
http = httplib2.Http()
http = credentials.authorize(http)
drive_service = discovery_build('drive', 'v2', http=http)
media_body = MediaFileUpload(FILENAME, mimetype='text/plain')
body = {
'title': 'openvpn.ovpn',
'description': 'Your RJM keys',
'mimeType': 'text/plain'
}
file = drive_service.files().insert(body=body, media_body=media_body).execute()
return render_template('index.html')
def login(provider_name):
"""
Login handler, must accept both GET and POST to be able to use OpenID.
"""
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE,
scope=OAUTH_SCOPE,
message=MISSING_CLIENT_SECRETS_MESSAGE)
credential_storage = CredentialStorage(CREDENTIALS_FILE)
credentials = run_oauth2(flow, credential_storage)
http = httplib2.Http()
http = credentials.authorize(http)
drive_service = discovery_build('drive', 'v2', http=http)
media_body = MediaFileUpload(FILENAME, mimetype='text/plain')
body = {
'title': 'openvpn.ovpn',
'description': 'Your RJM keys',
'mimeType': 'text/plain'
}
file = drive_service.files().insert(body=body,
media_body=media_body).execute()
return render_template('index.html')
def get_authenticated_service(self, scope, version):
self.vlog('Authenticating...')
credential_storage = CredentialStorage(self.CREDENTIALS_STORE)
credentials = credential_storage.get()
http = httplib2.Http()
if credentials is None or credentials.invalid:
# Service Account
if self.auth_type == 'service-account':
with open(self.CREDENTIALS_SERVICE_ACC) as f:
config = json.load(f)
credentials = SignedJwtAssertionCredentials(
service_account_name=config['client_email'],
private_key=config['private_key'],
scope=self.RW_SCOPE
)
else:
# Web Flow
if os.path.isfile(self.CREDENTIALS_NATIVE_APP):
with open(self.CREDENTIALS_NATIVE_APP) as f:
config = json.load(f)
else:
# This is OK according to Google
# http://stackoverflow.com/questions/7274554/why-google-native-oauth2-flow-require-client-secret
config = {
"installed": {
"client_id": "75839337166-pc5il9vgrgseopqberqi9pcr4clglcng.apps.googleusercontent.com",
"client_secret": "OdkKJCeg_ocgu9XO9JjbGSlv"
}
}
flow = OAuth2WebServerFlow(
client_id=config['installed']['client_id'],
client_secret=config['installed']['client_secret'],
scope=scope,
user_agent='Landgate-Hodor')
credentials = run_oauth2(flow, credential_storage)
if credentials is None or credentials.invalid:
raise Exception("Unable to obtain valid credentials.")
elif credentials.access_token_expired is True:
self.vlog("Refreshing access token!")
credentials.refresh(http)
self.vlog('Constructing Google Maps Engine %s service...' % (version))
http = credentials.authorize(http)
resource = discovery_build('mapsengine', version, http=http)
self.vlog("Access Token: %s" % credentials.access_token)
# Fix for the default TCP send buffer being so riciculosuly low on Windows (8192)
# These lines of code represent two days of work by multiple people.
if 'https:www.googleapis.com' not in resource._http.connections:
raise Exception("Unable to locate an open connection to googleapis.com")
connection = resource._http.connections.get(resource._http.connections.keys()[0]) # https:www.googleapis.com
self.vlog("Changing TCP send buffer from %s to %s" % (connection.sock.getsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF), 5242880))
connection.sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 5242880)
return resource
# Initialize chisubmit
# We assume default chisubmit directory and configuration file are used
chisubmit.core.init_chisubmit()
course = Course.from_course_id(course_id)
if course is None:
print "Course %s does not exist"
exit(1)
# Do the OAuth2 dance
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=SCOPE, message="Client secrets file does not exist.")
credential_storage = CredentialStorage(CREDENTIALS_FILE)
credentials = credential_storage.get()
if credentials == None or credentials.invalid:
credentials = run_oauth2(flow, credential_storage)
client = gdata.spreadsheets.client.SpreadsheetsClient()
token = gdata.gauth.OAuth2Token(client_id=flow.client_id,
client_secret=flow.client_secret,
scope=flow.scope,
user_agent="chisubmit",
access_token=credentials.access_token,
refresh_token=credentials.refresh_token)
token.authorize(client)
# Open spreadsheet
worksheets = client.get_worksheets(SPREADSHEET_KEY)
# Get first worksheet
worksheet_id = worksheets.entry[0].get_worksheet_id()
chisubmit.core.init_chisubmit()
course = Course.from_course_id(course_id)
if course is None:
print "Course %s does not exist"
exit(1)
# Do the OAuth2 dance
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE,
scope=SCOPE,
message="Client secrets file does not exist.")
credential_storage = CredentialStorage(CREDENTIALS_FILE)
credentials = credential_storage.get()
if credentials == None or credentials.invalid:
credentials = run_oauth2(flow, credential_storage)
client = gdata.spreadsheets.client.SpreadsheetsClient()
token = gdata.gauth.OAuth2Token(client_id=flow.client_id,
client_secret=flow.client_secret,
scope=flow.scope,
user_agent="chisubmit",
access_token=credentials.access_token,
refresh_token=credentials.refresh_token)
token.authorize(client)
# Open spreadsheet
worksheets = client.get_worksheets(SPREADSHEET_KEY)
# Get first worksheet
worksheet_id = worksheets.entry[0].get_worksheet_id()
def get_authenticated_service(self, scope):
self.vlog('Authenticating...')
# Service Account
if self.auth_type == 'service-account':
with open(self.CREDENTIALS_SERVICE_ACC) as f:
config = json.load(f)
credentials = SignedJwtAssertionCredentials(
service_account_name=config['client_email'],
private_key=config['private_key'],
scope=self.RW_SCOPE)
if credentials is None or credentials.invalid:
raise Exception('Credentials invalid.')
else:
# Web Flow
if os.path.isfile(self.CREDENTIALS_NATIVE_APP):
with open(self.CREDENTIALS_NATIVE_APP) as f:
config = json.load(f)
else:
# This is OK according to Google
# http://stackoverflow.com/questions/7274554/why-google-native-oauth2-flow-require-client-secret
config = {
"client_id":
"75839337166-pc5il9vgrgseopqberqi9pcr4clglcng.apps.googleusercontent.com",
"client_secret": "OdkKJCeg_ocgu9XO9JjbGSlv"
}
flow = OAuth2WebServerFlow(client_id=config['client_id'],
client_secret=config['client_secret'],
scope=scope,
user_agent='Landgate-Hodor/1.0')
credential_storage = CredentialStorage(self.CREDENTIALS_STORE)
credentials = credential_storage.get()
if credentials is None or credentials.invalid:
credentials = run_oauth2(flow, credential_storage)
elif credentials.access_token_expired is True:
self.log("Refreshing access token!")
credentials.refresh(httplib2.Http())
self.vlog('Constructing Google Maps Engine service...')
http = credentials.authorize(httplib2.Http())
resource = discovery_build('mapsengine', self.version, http=http)
self.log("Access Token: %s" % credentials.access_token)
self.access_token = credentials.access_token # For handcrafted requests to exp2
# Fix for the default TCP send buffer being so riciculosuly low on Windows (8192)
# These lines of code represent two days of work by multiple people.
if 'https:www.googleapis.com' not in resource._http.connections:
raise Exception(
"Unable to locate an open connection to googleapis.com")
connection = resource._http.connections.get(
resource._http.connections.keys()[0]) # https:www.googleapis.com
self.vlog("Changing TCP send buffer from %s to %s" %
(connection.sock.getsockopt(socket.SOL_SOCKET,
socket.SO_SNDBUF), 5242880))
connection.sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF,
5242880)
return resource
