OLD | NEW |
| (Empty) |
1 # Copyright (c) 2015 The Chromium Authors. All rights reserved. | |
2 # Use of this source code is governed by a BSD-style license that can be | |
3 # found in the LICENSE file. | |
4 | |
5 """OAuth2 related utilities and implementation for git cl commands.""" | |
6 | |
7 import copy | |
8 import logging | |
9 import optparse | |
10 import os | |
11 | |
12 from third_party.oauth2client import tools | |
13 from third_party.oauth2client.file import Storage | |
14 import third_party.oauth2client.client as oa2client | |
15 | |
16 | |
17 REDIRECT_URI = 'urn:ietf:wg:oauth:2.0:oob' | |
18 CLIENT_ID = ('174799409470-8k3b89iov4racu9jrf7if3k4591voig3' | |
19 '.apps.googleusercontent.com') | |
20 CLIENT_SECRET = 'DddcCK1d6_ADwxqGDEGlsisy' | |
21 SCOPE = 'email' | |
22 | |
23 | |
24 def _fetch_storage(code_review_server): | |
25 storage_dir = os.path.expanduser(os.path.join('~', '.git_cl_credentials')) | |
26 if not os.path.isdir(storage_dir): | |
27 os.makedirs(storage_dir) | |
28 storage_path = os.path.join(storage_dir, code_review_server) | |
29 storage = Storage(storage_path) | |
30 return storage | |
31 | |
32 | |
33 def _fetch_creds_from_storage(storage): | |
34 logging.debug('Fetching OAuth2 credentials from local storage ...') | |
35 credentials = storage.get() | |
36 if not credentials or credentials.invalid: | |
37 return None | |
38 if not credentials.access_token or credentials.access_token_expired: | |
39 return None | |
40 return credentials | |
41 | |
42 | |
43 def add_oauth2_options(parser): | |
44 """Add OAuth2-related options.""" | |
45 group = optparse.OptionGroup(parser, "OAuth2 options") | |
46 group.add_option( | |
47 '--auth-host-name', | |
48 default='localhost', | |
49 help='Host name to use when running a local web server ' | |
50 'to handle redirects during OAuth authorization.' | |
51 'Default: localhost.' | |
52 ) | |
53 group.add_option( | |
54 '--auth-host-port', | |
55 type=int, | |
56 action='append', | |
57 default=[8080, 8090], | |
58 help='Port to use when running a local web server to handle ' | |
59 'redirects during OAuth authorization. ' | |
60 'Repeat this option to specify a list of values.' | |
61 'Default: [8080, 8090].' | |
62 ) | |
63 group.add_option( | |
64 '--noauth-local-webserver', | |
65 action='store_true', | |
66 default=False, | |
67 help='Run a local web server to handle redirects ' | |
68 'during OAuth authorization.' | |
69 'Default: False.' | |
70 ) | |
71 group.add_option( | |
72 '--no-cache', | |
73 action='store_true', | |
74 default=False, | |
75 help='Get fresh credentials from web server instead of using ' | |
76 'the crendentials stored on a local storage file.' | |
77 'Default: False.' | |
78 ) | |
79 parser.add_option_group(group) | |
80 | |
81 | |
82 def get_oauth2_creds(options, code_review_server): | |
83 """Get OAuth2 credentials. | |
84 | |
85 Args: | |
86 options: Command line options. | |
87 code_review_server: Code review server name, e.g., codereview.chromium.org. | |
88 """ | |
89 storage = _fetch_storage(code_review_server) | |
90 creds = None | |
91 if not options.no_cache: | |
92 creds = _fetch_creds_from_storage(storage) | |
93 if creds is None: | |
94 logging.debug('Fetching OAuth2 credentials from web server...') | |
95 flow = oa2client.OAuth2WebServerFlow( | |
96 client_id=CLIENT_ID, | |
97 client_secret=CLIENT_SECRET, | |
98 scope=SCOPE, | |
99 redirect_uri=REDIRECT_URI) | |
100 flags = copy.deepcopy(options) | |
101 flags.logging_level = 'WARNING' | |
102 creds = tools.run_flow(flow, storage, flags) | |
103 return creds | |
OLD | NEW |