Fix "git cl upload --use-oauth2" not working on Windows when HOME is not set.

auth.py

 # Copyright 2015 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 """Google OAuth2 related functions."""
 
 import BaseHTTPServer
 import collections
 import datetime
 import functools
@@ skipping 30 matching lines @@
 # anyway.
 # This particular set is managed by API Console project "chrome-infra-auth".
 OAUTH_CLIENT_ID = (
     '446450136466-2hr92jrq8e6i4tnsa56b52vacp7t3936.apps.googleusercontent.com')
 OAUTH_CLIENT_SECRET = 'uBfbay2KCy9t4QveJ-dOqHtp'
 
 # List of space separated OAuth scopes for generated tokens. GAE apps usually
 # use userinfo.email scope for authentication.
 OAUTH_SCOPES = 'https://www.googleapis.com/auth/userinfo.email'
 
-# Path to a file with cached OAuth2 credentials used by default. It should be
-# a safe location accessible only to a current user: knowing content of this
-# file is roughly equivalent to knowing account password. Single file can hold
-# multiple independent tokens identified by token_cache_key (see Authenticator).
-OAUTH_TOKENS_CACHE = os.path.join(
-    os.path.expanduser('~'), '.depot_tools_oauth2_tokens')
+# Path to a file with cached OAuth2 credentials used by default relative to the
+# home dir (see _get_token_cache_path). It should be a safe location accessible
+# only to a current user: knowing content of this file is roughly equivalent to
+# knowing account password. Single file can hold multiple independent tokens
+# identified by token_cache_key (see Authenticator).
+OAUTH_TOKENS_CACHE = '.depot_tools_oauth2_tokens'
 
 
 # Authentication configuration extracted from command line options.
 # See doc string for 'make_auth_config' for meaning of fields.
 AuthConfig = collections.namedtuple('AuthConfig', [
     'use_oauth2', # deprecated, will be always True
     'save_cookies', # deprecated, will be removed
     'use_local_webserver',
     'webserver_port',
     'refresh_token_json',
@@ skipping 309 matching lines @@
   ## Private methods.
 
   def _get_storage(self):
     """Returns oauth2client.Storage with cached tokens."""
     # Do not mix cache keys for different externally provided tokens.
     if self._external_token:
       token_hash = hashlib.sha1(self._external_token.refresh_token).hexdigest()
       cache_key = '%s:refresh_tok:%s' % (self._token_cache_key, token_hash)
     else:
       cache_key = self._token_cache_key
-    logging.debug(
-        'Using token storage %r (cache key %r)', OAUTH_TOKENS_CACHE, cache_key)
+    path = _get_token_cache_path()
+    logging.debug('Using token storage %r (cache key %r)', path, cache_key)
     return multistore_file.get_credential_storage_custom_string_key(
-        OAUTH_TOKENS_CACHE, cache_key)
+        path, cache_key)
 
   def _get_cached_credentials(self):
     """Returns oauth2client.Credentials loaded from storage."""
     storage = self._get_storage()
     credentials = storage.get()
 
     if not credentials:
       logging.debug('No cached token')
     else:
       _log_credentials_info('cached token', credentials)
@@ skipping 95 matching lines @@
         credentials.token_expiry - datetime.datetime.utcnow())
     storage = self._get_storage()
     credentials.set_store(storage)
     storage.put(credentials)
     return AccessToken(str(credentials.access_token), credentials.token_expiry)
 
 
 ## Private functions.
 
 
+def _get_token_cache_path():
+  # On non Win just use HOME.
+  if sys.platform != 'win32':
+    return os.path.join(os.path.expanduser('~'), OAUTH_TOKENS_CACHE)
+  # Prefer USERPROFILE over HOME, since HOME is overridden in
+  # git-..._bin/cmd/git.cmd to point to depot_tools. depot-tools-auth.py script
+  # (and all other scripts) doesn't use this override and thus uses another
+  # value for HOME. git.cmd doesn't touch USERPROFILE though, and usually
+  # USERPROFILE == HOME on Windows.
+  if 'USERPROFILE' in os.environ:
+    return os.path.join(os.environ['USERPROFILE'], OAUTH_TOKENS_CACHE)
+  return os.path.join(os.path.expanduser('~'), OAUTH_TOKENS_CACHE)
+
+
 def _is_headless():
   """True if machine doesn't seem to have a display."""
   return sys.platform == 'linux2' and not os.environ.get('DISPLAY')
 
 
 def _read_refresh_token_json(path):
   """Returns RefreshToken by reading it from the JSON file."""
   try:
     with open(path, 'r') as f:
       data = json.load(f)
@@ skipping 137 matching lines @@
     self.end_headers()
     query = self.path.split('?', 1)[-1]
     query = dict(urlparse.parse_qsl(query))
     self.server.query_params = query
     self.wfile.write('<html><head><title>Authentication Status</title></head>')
     self.wfile.write('<body><p>The authentication flow has completed.</p>')
     self.wfile.write('</body></html>')
 
   def log_message(self, _format, *args):
     """Do not log messages to stdout while running as command line program."""