Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(9)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/gsutil/oauth2_plugin/oauth2_helper.py

Issue 12317103: Added gsutil to depot tools (Closed) Base URL: https://chromium.googlesource.com/chromium/tools/depot_tools.git@master
Patch Set: Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/gsutil/oauth2_plugin/oauth2_client_test.py ('k') | third_party/gsutil/oauth2_plugin/oauth2_plugin.py » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/gsutil/oauth2_plugin/oauth2_helper.py
diff --git a/third_party/gsutil/oauth2_plugin/oauth2_helper.py b/third_party/gsutil/oauth2_plugin/oauth2_helper.py
new file mode 100644
index 0000000000000000000000000000000000000000..9cf22d264af9baeff5fbc35ed2bf0b0a805d1c66
--- /dev/null
+++ b/third_party/gsutil/oauth2_plugin/oauth2_helper.py
@@ -0,0 +1,110 @@
+# Copyright 2011 Google Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Helper routines to facilitate use of oauth2_client in gsutil."""
+
+import sys
+import time
+import webbrowser
+
+import oauth2_client
+
+GSUTIL_CLIENT_ID = '909320924072.apps.googleusercontent.com'
+# Google OAuth2 clients always have a secret, even if the client is an installed
+# application/utility such as gsutil. Of course, in such cases the "secret" is
+# actually publicly known; security depends entirly on the secrecy of refresh
+# tokens, which effectively become bearer tokens.
+GSUTIL_CLIENT_NOTSOSECRET = 'p3RlpR10xMFh9ZXBS/ZNLYUu'
+
+GOOGLE_OAUTH2_PROVIDER_LABEL = 'Google'
+GOOGLE_OAUTH2_PROVIDER_AUTHORIZATION_URI = (
+ 'https://accounts.google.com/o/oauth2/auth')
+GOOGLE_OAUTH2_PROVIDER_TOKEN_URI = (
+ 'https://accounts.google.com/o/oauth2/token')
+
+OOB_REDIRECT_URI = 'urn:ietf:wg:oauth:2.0:oob'
+
+def OAuth2ClientFromBotoConfig(config):
+ token_cache = None
+ token_cache_type = config.get('OAuth2', 'token_cache', 'file_system')
+
+ if token_cache_type == 'file_system':
+ if config.has_option('OAuth2', 'token_cache_path_pattern'):
+ token_cache = oauth2_client.FileSystemTokenCache(
+ path_pattern=config.get('OAuth2', 'token_cache_path_pattern'))
+ else:
+ token_cache = oauth2_client.FileSystemTokenCache()
+ elif token_cache_type == 'in_memory':
+ token_cache = oauth2_client.InMemoryTokenCache()
+ else:
+ raise Exception(
+ "Invalid value for config option OAuth2/token_cache: %s" %
+ token_cache_type)
+
+ proxy = None
+ if (config.has_option('Boto', 'proxy')
+ and config.has_option('Boto', 'proxy_port')):
+ proxy = "%s:%s" % (config.get('Boto', 'proxy'),
+ config.get('Boto', 'proxy_port'))
+
+ provider_label = config.get(
+ 'OAuth2', 'provider_label', GOOGLE_OAUTH2_PROVIDER_LABEL)
+ provider_authorization_uri = config.get(
+ 'OAuth2', 'provider_authorization_uri',
+ GOOGLE_OAUTH2_PROVIDER_AUTHORIZATION_URI)
+ provider_token_uri = config.get(
+ 'OAuth2', 'provider_token_uri', GOOGLE_OAUTH2_PROVIDER_TOKEN_URI)
+
+ client_id = config.get('OAuth2', 'client_id', GSUTIL_CLIENT_ID)
+ client_secret = config.get(
+ 'OAuth2', 'client_secret', GSUTIL_CLIENT_NOTSOSECRET)
+
+ return oauth2_client.OAuth2Client(
+ oauth2_client.OAuth2Provider(
+ provider_label, provider_authorization_uri, provider_token_uri),
+ client_id, client_secret,
+ proxy=proxy, access_token_cache=token_cache)
+
+def OAuth2ApprovalFlow(oauth2_client, scopes, launch_browser=False):
+ approval_url = oauth2_client.GetAuthorizationUri(OOB_REDIRECT_URI, scopes)
+ if launch_browser:
+ sys.stdout.write(
+ 'Attempting to launch a browser with the OAuth2 approval dialog at '
+ 'URL: %s\n\n'
+ '[Note: due to a Python bug, you may see a spurious error message "object is not\n'
+ 'callable [...] in [...] Popen.__del__" which can be ignored.]\n\n' % approval_url)
+ else:
+ sys.stdout.write(
+ 'Please navigate your browser to the following URL:\n%s\n' %
+ approval_url)
+
+ sys.stdout.write(
+ 'In your browser you should see a page that requests you to authorize '
+ 'gsutil to access\nGoogle Cloud Storage on your behalf. After you '
+ 'approve, an authorization code will be displayed.\n\n')
+ if (launch_browser and
+ not webbrowser.open(approval_url, new=1, autoraise=True)):
+ sys.stdout.write(
+ 'Launching browser appears to have failed; please navigate a browser '
+ 'to the following URL:\n%s\n' % approval_url)
+ # Short delay; webbrowser.open on linux insists on printing out a message
+ # which we don't want to run into the prompt for the auth code.
+ time.sleep(2)
+ code = raw_input('Enter the authorization code: ')
+
+ refresh_token, access_token = oauth2_client.ExchangeAuthorizationCode(
+ code, OOB_REDIRECT_URI, scopes)
+
+ return refresh_token
+
« no previous file with comments | « third_party/gsutil/oauth2_plugin/oauth2_client_test.py ('k') | third_party/gsutil/oauth2_plugin/oauth2_plugin.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698