Package googleapiclient :: Module _auth
[hide private]
[frames] | no frames]

Source Code for Module googleapiclient._auth

  1  # Copyright 2016 Google Inc. All Rights Reserved. 
  2  # 
  3  # Licensed under the Apache License, Version 2.0 (the "License"); 
  4  # you may not use this file except in compliance with the License. 
  5  # You may obtain a copy of the License at 
  6  # 
  7  #      http://www.apache.org/licenses/LICENSE-2.0 
  8  # 
  9  # Unless required by applicable law or agreed to in writing, software 
 10  # distributed under the License is distributed on an "AS IS" BASIS, 
 11  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
 12  # See the License for the specific language governing permissions and 
 13  # limitations under the License. 
 14   
 15  """Helpers for authentication using oauth2client or google-auth.""" 
 16   
 17  import httplib2 
 18   
 19  try: 
 20      import google.auth 
 21      import google.auth.credentials 
 22   
 23      HAS_GOOGLE_AUTH = True 
 24  except ImportError:  # pragma: NO COVER 
 25      HAS_GOOGLE_AUTH = False 
 26   
 27  try: 
 28      import google_auth_httplib2 
 29  except ImportError:  # pragma: NO COVER 
 30      google_auth_httplib2 = None 
 31   
 32  try: 
 33      import oauth2client 
 34      import oauth2client.client 
 35   
 36      HAS_OAUTH2CLIENT = True 
 37  except ImportError:  # pragma: NO COVER 
 38      HAS_OAUTH2CLIENT = False 
 39   
 40   
41 -def default_credentials():
42 """Returns Application Default Credentials.""" 43 if HAS_GOOGLE_AUTH: 44 credentials, _ = google.auth.default() 45 return credentials 46 elif HAS_OAUTH2CLIENT: 47 return oauth2client.client.GoogleCredentials.get_application_default() 48 else: 49 raise EnvironmentError( 50 "No authentication library is available. Please install either " 51 "google-auth or oauth2client." 52 )
53 54
55 -def with_scopes(credentials, scopes):
56 """Scopes the credentials if necessary. 57 58 Args: 59 credentials (Union[ 60 google.auth.credentials.Credentials, 61 oauth2client.client.Credentials]): The credentials to scope. 62 scopes (Sequence[str]): The list of scopes. 63 64 Returns: 65 Union[google.auth.credentials.Credentials, 66 oauth2client.client.Credentials]: The scoped credentials. 67 """ 68 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials): 69 return google.auth.credentials.with_scopes_if_required(credentials, scopes) 70 else: 71 try: 72 if credentials.create_scoped_required(): 73 return credentials.create_scoped(scopes) 74 else: 75 return credentials 76 except AttributeError: 77 return credentials
78 79
80 -def authorized_http(credentials):
81 """Returns an http client that is authorized with the given credentials. 82 83 Args: 84 credentials (Union[ 85 google.auth.credentials.Credentials, 86 oauth2client.client.Credentials]): The credentials to use. 87 88 Returns: 89 Union[httplib2.Http, google_auth_httplib2.AuthorizedHttp]: An 90 authorized http client. 91 """ 92 from googleapiclient.http import build_http 93 94 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials): 95 if google_auth_httplib2 is None: 96 raise ValueError( 97 "Credentials from google.auth specified, but " 98 "google-api-python-client is unable to use these credentials " 99 "unless google-auth-httplib2 is installed. Please install " 100 "google-auth-httplib2." 101 ) 102 return google_auth_httplib2.AuthorizedHttp(credentials, http=build_http()) 103 else: 104 return credentials.authorize(build_http())
105 106
107 -def refresh_credentials(credentials):
108 # Refresh must use a new http instance, as the one associated with the 109 # credentials could be a AuthorizedHttp or an oauth2client-decorated 110 # Http instance which would cause a weird recursive loop of refreshing 111 # and likely tear a hole in spacetime. 112 refresh_http = httplib2.Http() 113 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials): 114 request = google_auth_httplib2.Request(refresh_http) 115 return credentials.refresh(request) 116 else: 117 return credentials.refresh(refresh_http)
118 119
120 -def apply_credentials(credentials, headers):
121 # oauth2client and google-auth have the same interface for this. 122 if not is_valid(credentials): 123 refresh_credentials(credentials) 124 return credentials.apply(headers)
125 126
127 -def is_valid(credentials):
128 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials): 129 return credentials.valid 130 else: 131 return ( 132 credentials.access_token is not None 133 and not credentials.access_token_expired 134 )
135 136
137 -def get_credentials_from_http(http):
138 if http is None: 139 return None 140 elif hasattr(http.request, "credentials"): 141 return http.request.credentials 142 elif hasattr(http, "credentials") and not isinstance( 143 http.credentials, httplib2.Credentials 144 ): 145 return http.credentials 146 else: 147 return None
148