Use prefixed URLs path when calling internal Rietveld with OAuth2 auth.

third_party/upload.py

 #!/usr/bin/env python
 # coding: utf-8
 #
 # Copyright 2007 Google Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
@@ skipping 180 matching lines @@
     # reason is a property on python 2.7 but a member variable on <=2.6.
     # self.args is modified so it cannot be used as-is so save the value in
     # self._reason.
     return self._reason
 
 
 class AbstractRpcServer(object):
   """Provides a common interface for a simple RPC server."""
 
   def __init__(self, host, auth_function, host_override=None,
-               extra_headers=None, save_cookies=False,
-               account_type=AUTH_ACCOUNT_TYPE):
+               request_path_prefix=None, extra_headers=None,
+               save_cookies=False, account_type=AUTH_ACCOUNT_TYPE):
     """Creates a new AbstractRpcServer.
 
     Args:
       host: The host to send requests to.
       auth_function: A function that takes no arguments and returns an
         (email, password) tuple when called. Will be called if authentication
         is required.
       host_override: The host header to send to the server (defaults to host).
+      request_path_prefix: A string to prefix all URL paths with (e.g. 'bots/').
       extra_headers: A dict of extra headers to append to every request.
       save_cookies: If True, save the authentication cookies to local disk.
         If False, use an in-memory cookiejar instead.  Subclasses must
         implement this functionality.  Defaults to False.
       account_type: Account type used for authentication. Defaults to
         AUTH_ACCOUNT_TYPE.
     """
     self.host = host
     if (not self.host.startswith("http://") and
         not self.host.startswith("https://")):
       self.host = "http://" + self.host
     self.host_override = host_override
+    self.request_path_prefix = request_path_prefix or ''
     self.auth_function = auth_function
     self.authenticated = False
     self.extra_headers = extra_headers or {}
     self.save_cookies = save_cookies
     self.account_type = account_type
     self.opener = self._GetOpener()
     if self.host_override:
       LOGGER.info("Server: %s; Host: %s", self.host, self.host_override)
     else:
       LOGGER.info("Server: %s", self.host)
@@ skipping 192 matching lines @@
       self._Authenticate(force_refresh=False)
 
     old_timeout = socket.getdefaulttimeout()
     socket.setdefaulttimeout(timeout)
     auth_attempted = False
     try:
       tries = 0
       while True:
         tries += 1
         args = dict(kwargs)
-        url = "%s%s" % (self.host, request_path)
+        url = "%s%s%s" % (self.host, self.request_path_prefix, request_path)
         if args:
           url += "?" + urllib.urlencode(args)
         req = self._CreateRequest(url=url, data=payload)
         req.add_header("Content-Type", content_type)
         if extra_headers:
           for header, value in extra_headers.items():
             req.add_header(header, value)
         try:
           f = self.opener.open(req, timeout=70)
           response = f.read()
@@ skipping 315 matching lines @@
         account_type=AUTH_ACCOUNT_TYPE)
     # Don't try to talk to ClientLogin.
     server.authenticated = True
     return server
 
   if auth_config.use_oauth2:
     auth_func = auth.get_authenticator_for_host(server, auth_config)
   else:
     auth_func = KeyringCreds(server, host, email).GetUserCredentials
 
+  # HACK(crbug.com/476690): Internal Rietveld is configured to require cookie
+  # auth for all paths except /bots/* (requests to /bots/* are authenticated
+  # with OAuth). /bots/* paths expose exact same API as /* (at least enough of
+  # it for depot_tools to work). So when using OAuth with internal Rietveld,
+  # silently prefix all requests with '/bots'.
+  request_path_prefix = ''
+  if auth_config.use_oauth2:
+    if not host.startswith(('http://', 'https://')):
+      host = 'https://' + host
+    parsed = urlparse.urlparse(host)
+    if parsed.netloc.endswith('.googleplex.com'):
+      request_path_prefix = '/bots'
+
   return HttpRpcServer(
       server,
       auth_func,
+      request_path_prefix=request_path_prefix,
       save_cookies=auth_config.save_cookies,
       account_type=AUTH_ACCOUNT_TYPE)
 
 
 def EncodeMultipartFormData(fields, files):
   """Encode form fields for multipart/form-data.
 
   Args:
     fields: A sequence of (name, value) elements for regular form fields.
     files: A sequence of (name, filename, value) elements for data to be
@@ skipping 1743 matching lines @@
     print
     StatusUpdate("Interrupted.")
     sys.exit(1)
   except auth.AuthenticationError as e:
     print >> sys.stderr, e
     sys.exit(1)
 
 
 if __name__ == "__main__":
   main()