1
2
3
4
5
6
7
8
9
10
11
12
13
14
15 """Helpers for authentication using oauth2client or google-auth."""
16
17 import httplib2
18
19 try:
20 import google.auth
21 import google.auth.credentials
22
23 HAS_GOOGLE_AUTH = True
24 except ImportError:
25 HAS_GOOGLE_AUTH = False
26
27 try:
28 import google_auth_httplib2
29 except ImportError:
30 google_auth_httplib2 = None
31
32 try:
33 import oauth2client
34 import oauth2client.client
35
36 HAS_OAUTH2CLIENT = True
37 except ImportError:
38 HAS_OAUTH2CLIENT = False
39
40
42 """Returns Application Default Credentials."""
43 if HAS_GOOGLE_AUTH:
44 credentials, _ = google.auth.default()
45 return credentials
46 elif HAS_OAUTH2CLIENT:
47 return oauth2client.client.GoogleCredentials.get_application_default()
48 else:
49 raise EnvironmentError(
50 "No authentication library is available. Please install either "
51 "google-auth or oauth2client."
52 )
53
54
56 """Scopes the credentials if necessary.
57
58 Args:
59 credentials (Union[
60 google.auth.credentials.Credentials,
61 oauth2client.client.Credentials]): The credentials to scope.
62 scopes (Sequence[str]): The list of scopes.
63
64 Returns:
65 Union[google.auth.credentials.Credentials,
66 oauth2client.client.Credentials]: The scoped credentials.
67 """
68 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials):
69 return google.auth.credentials.with_scopes_if_required(credentials, scopes)
70 else:
71 try:
72 if credentials.create_scoped_required():
73 return credentials.create_scoped(scopes)
74 else:
75 return credentials
76 except AttributeError:
77 return credentials
78
79
81 """Returns an http client that is authorized with the given credentials.
82
83 Args:
84 credentials (Union[
85 google.auth.credentials.Credentials,
86 oauth2client.client.Credentials]): The credentials to use.
87
88 Returns:
89 Union[httplib2.Http, google_auth_httplib2.AuthorizedHttp]: An
90 authorized http client.
91 """
92 from googleapiclient.http import build_http
93
94 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials):
95 if google_auth_httplib2 is None:
96 raise ValueError(
97 "Credentials from google.auth specified, but "
98 "google-api-python-client is unable to use these credentials "
99 "unless google-auth-httplib2 is installed. Please install "
100 "google-auth-httplib2."
101 )
102 return google_auth_httplib2.AuthorizedHttp(credentials, http=build_http())
103 else:
104 return credentials.authorize(build_http())
105
106
108
109
110
111
112 refresh_http = httplib2.Http()
113 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials):
114 request = google_auth_httplib2.Request(refresh_http)
115 return credentials.refresh(request)
116 else:
117 return credentials.refresh(refresh_http)
118
119
125
126
128 if HAS_GOOGLE_AUTH and isinstance(credentials, google.auth.credentials.Credentials):
129 return credentials.valid
130 else:
131 return (
132 credentials.access_token is not None
133 and not credentials.access_token_expired
134 )
135
136
138 if http is None:
139 return None
140 elif hasattr(http.request, "credentials"):
141 return http.request.credentials
142 elif hasattr(http, "credentials") and not isinstance(
143 http.credentials, httplib2.Credentials
144 ):
145 return http.credentials
146 else:
147 return None
148