def make_user_client(scope): """Make a Storage API client authenticated with a user account.""" credential_storage = CredentialStorage(FLAGS.credentials_file) creds = credential_storage.get() if creds is None or creds.invalid: flow = flow_from_clientsecrets(FLAGS.client_secrets, scope=scope, message=MISSING_CLIENT_SECRETS_MESSAGE) creds = run_oauth2(flow, credential_storage) http = creds.authorize(httplib2.Http()) return discovery_build('storage', 'v1beta1', http=http)
def get_authenticated_service(scope): print 'Authenticating...' flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=scope, message=MISSING_CLIENT_SECRETS_MESSAGE) credential_storage = CredentialStorage(CREDENTIALS_FILE) credentials = credential_storage.get() if credentials is None or credentials.invalid: credentials = run_oauth2(flow, credential_storage) print 'Constructing Google Cloud Storage service...' http = credentials.authorize(httplib2.Http()) return discovery_build('storage', 'v1', http=http)
def get_authenticated_service(scope): print('Authenticating...') flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=scope, message=MISSING_CLIENT_SECRETS_MESSAGE) credential_storage = CredentialStorage(CREDENTIALS_FILE) credentials = credential_storage.get() if credentials is None or credentials.invalid: credentials = run_oauth2(flow, credential_storage) print('Constructing Google Cloud Storage service...') http = credentials.authorize(httplib2.Http()) return discovery_build('storage', 'v1', http=http)
def _create_http_auth_client(self, force_auth, debug_level): ''' Creates an authenticated HTTP request object. @param force_auth: Flag to recreate the stored credentials [True | False]. @param debug_level:The level of debugging message to use (0 to 4). @return: config.app_data['http_client'] = http_client config.app_data['auth_http_client'] = auth_http @note: In order for this function to work you need to populate the client_secrets.json file. The credentials are stored in a local file and reused without going through the OAuth2 flow again, unless you force the authentication to be executed. This might be required to change the authentication scope. ''' # Authenticate the application. # Set up a Flow object to be used for authentication. flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=config.app_data['scope'], message=MISSING_CLIENT_SECRETS_MESSAGE) # If the credentials don't exist or are invalid run through the native client # flow. The Storage object will ensure that if successful the good # credentials will get written back to the file. credential_storage = CredentialStorage(CREDENTIALS_FILE) credentials = credential_storage.get() if credentials is None or credentials.invalid or force_auth: credentials = run_oauth2(flow, credential_storage) # Create Google Cloud Storage authenticated client. # Create an httplib2.Http object to handle our HTTP requests # and authorize it with our good Credentials. http_client = httplib2.Http() if debug_level != None: # Set debug level. httplib2.debuglevel=debug_level auth_http = credentials.authorize(http_client) # Update global application information. config.app_data['http_client'] = http_client config.app_data['auth_http_client'] = auth_http
def login(provider_name): """ Login handler, must accept both GET and POST to be able to use OpenID. """ flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=OAUTH_SCOPE, message=MISSING_CLIENT_SECRETS_MESSAGE) credential_storage = CredentialStorage(CREDENTIALS_FILE) credentials = run_oauth2(flow, credential_storage) http = httplib2.Http() http = credentials.authorize(http) drive_service = discovery_build('drive', 'v2', http=http) media_body = MediaFileUpload(FILENAME, mimetype='text/plain') body = { 'title': 'openvpn.ovpn', 'description': 'Your RJM keys', 'mimeType': 'text/plain' } file = drive_service.files().insert(body=body, media_body=media_body).execute() return render_template('index.html')
def login(provider_name): """ Login handler, must accept both GET and POST to be able to use OpenID. """ flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=OAUTH_SCOPE, message=MISSING_CLIENT_SECRETS_MESSAGE) credential_storage = CredentialStorage(CREDENTIALS_FILE) credentials = run_oauth2(flow, credential_storage) http = httplib2.Http() http = credentials.authorize(http) drive_service = discovery_build('drive', 'v2', http=http) media_body = MediaFileUpload(FILENAME, mimetype='text/plain') body = { 'title': 'openvpn.ovpn', 'description': 'Your RJM keys', 'mimeType': 'text/plain' } file = drive_service.files().insert(body=body, media_body=media_body).execute() return render_template('index.html')
def get_authenticated_service(self, scope, version): self.vlog('Authenticating...') credential_storage = CredentialStorage(self.CREDENTIALS_STORE) credentials = credential_storage.get() http = httplib2.Http() if credentials is None or credentials.invalid: # Service Account if self.auth_type == 'service-account': with open(self.CREDENTIALS_SERVICE_ACC) as f: config = json.load(f) credentials = SignedJwtAssertionCredentials( service_account_name=config['client_email'], private_key=config['private_key'], scope=self.RW_SCOPE ) else: # Web Flow if os.path.isfile(self.CREDENTIALS_NATIVE_APP): with open(self.CREDENTIALS_NATIVE_APP) as f: config = json.load(f) else: # This is OK according to Google # http://stackoverflow.com/questions/7274554/why-google-native-oauth2-flow-require-client-secret config = { "installed": { "client_id": "75839337166-pc5il9vgrgseopqberqi9pcr4clglcng.apps.googleusercontent.com", "client_secret": "OdkKJCeg_ocgu9XO9JjbGSlv" } } flow = OAuth2WebServerFlow( client_id=config['installed']['client_id'], client_secret=config['installed']['client_secret'], scope=scope, user_agent='Landgate-Hodor') credentials = run_oauth2(flow, credential_storage) if credentials is None or credentials.invalid: raise Exception("Unable to obtain valid credentials.") elif credentials.access_token_expired is True: self.vlog("Refreshing access token!") credentials.refresh(http) self.vlog('Constructing Google Maps Engine %s service...' % (version)) http = credentials.authorize(http) resource = discovery_build('mapsengine', version, http=http) self.vlog("Access Token: %s" % credentials.access_token) # Fix for the default TCP send buffer being so riciculosuly low on Windows (8192) # These lines of code represent two days of work by multiple people. if 'https:www.googleapis.com' not in resource._http.connections: raise Exception("Unable to locate an open connection to googleapis.com") connection = resource._http.connections.get(resource._http.connections.keys()[0]) # https:www.googleapis.com self.vlog("Changing TCP send buffer from %s to %s" % (connection.sock.getsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF), 5242880)) connection.sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 5242880) return resource
# Initialize chisubmit # We assume default chisubmit directory and configuration file are used chisubmit.core.init_chisubmit() course = Course.from_course_id(course_id) if course is None: print "Course %s does not exist" exit(1) # Do the OAuth2 dance flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=SCOPE, message="Client secrets file does not exist.") credential_storage = CredentialStorage(CREDENTIALS_FILE) credentials = credential_storage.get() if credentials == None or credentials.invalid: credentials = run_oauth2(flow, credential_storage) client = gdata.spreadsheets.client.SpreadsheetsClient() token = gdata.gauth.OAuth2Token(client_id=flow.client_id, client_secret=flow.client_secret, scope=flow.scope, user_agent="chisubmit", access_token=credentials.access_token, refresh_token=credentials.refresh_token) token.authorize(client) # Open spreadsheet worksheets = client.get_worksheets(SPREADSHEET_KEY) # Get first worksheet worksheet_id = worksheets.entry[0].get_worksheet_id()
chisubmit.core.init_chisubmit() course = Course.from_course_id(course_id) if course is None: print "Course %s does not exist" exit(1) # Do the OAuth2 dance flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE, scope=SCOPE, message="Client secrets file does not exist.") credential_storage = CredentialStorage(CREDENTIALS_FILE) credentials = credential_storage.get() if credentials == None or credentials.invalid: credentials = run_oauth2(flow, credential_storage) client = gdata.spreadsheets.client.SpreadsheetsClient() token = gdata.gauth.OAuth2Token(client_id=flow.client_id, client_secret=flow.client_secret, scope=flow.scope, user_agent="chisubmit", access_token=credentials.access_token, refresh_token=credentials.refresh_token) token.authorize(client) # Open spreadsheet worksheets = client.get_worksheets(SPREADSHEET_KEY) # Get first worksheet worksheet_id = worksheets.entry[0].get_worksheet_id()
def get_authenticated_service(self, scope): self.vlog('Authenticating...') # Service Account if self.auth_type == 'service-account': with open(self.CREDENTIALS_SERVICE_ACC) as f: config = json.load(f) credentials = SignedJwtAssertionCredentials( service_account_name=config['client_email'], private_key=config['private_key'], scope=self.RW_SCOPE) if credentials is None or credentials.invalid: raise Exception('Credentials invalid.') else: # Web Flow if os.path.isfile(self.CREDENTIALS_NATIVE_APP): with open(self.CREDENTIALS_NATIVE_APP) as f: config = json.load(f) else: # This is OK according to Google # http://stackoverflow.com/questions/7274554/why-google-native-oauth2-flow-require-client-secret config = { "client_id": "75839337166-pc5il9vgrgseopqberqi9pcr4clglcng.apps.googleusercontent.com", "client_secret": "OdkKJCeg_ocgu9XO9JjbGSlv" } flow = OAuth2WebServerFlow(client_id=config['client_id'], client_secret=config['client_secret'], scope=scope, user_agent='Landgate-Hodor/1.0') credential_storage = CredentialStorage(self.CREDENTIALS_STORE) credentials = credential_storage.get() if credentials is None or credentials.invalid: credentials = run_oauth2(flow, credential_storage) elif credentials.access_token_expired is True: self.log("Refreshing access token!") credentials.refresh(httplib2.Http()) self.vlog('Constructing Google Maps Engine service...') http = credentials.authorize(httplib2.Http()) resource = discovery_build('mapsengine', self.version, http=http) self.log("Access Token: %s" % credentials.access_token) self.access_token = credentials.access_token # For handcrafted requests to exp2 # Fix for the default TCP send buffer being so riciculosuly low on Windows (8192) # These lines of code represent two days of work by multiple people. if 'https:www.googleapis.com' not in resource._http.connections: raise Exception( "Unable to locate an open connection to googleapis.com") connection = resource._http.connections.get( resource._http.connections.keys()[0]) # https:www.googleapis.com self.vlog("Changing TCP send buffer from %s to %s" % (connection.sock.getsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF), 5242880)) connection.sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 5242880) return resource