OLD | NEW |
1 # Copyright (C) 2013 Google Inc. | 1 # Copyright 2014 Google Inc. All rights reserved. |
2 # | 2 # |
3 # Licensed under the Apache License, Version 2.0 (the "License"); | 3 # Licensed under the Apache License, Version 2.0 (the "License"); |
4 # you may not use this file except in compliance with the License. | 4 # you may not use this file except in compliance with the License. |
5 # You may obtain a copy of the License at | 5 # You may obtain a copy of the License at |
6 # | 6 # |
7 # http://www.apache.org/licenses/LICENSE-2.0 | 7 # http://www.apache.org/licenses/LICENSE-2.0 |
8 # | 8 # |
9 # Unless required by applicable law or agreed to in writing, software | 9 # Unless required by applicable law or agreed to in writing, software |
10 # distributed under the License is distributed on an "AS IS" BASIS, | 10 # distributed under the License is distributed on an "AS IS" BASIS, |
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
12 # See the License for the specific language governing permissions and | 12 # See the License for the specific language governing permissions and |
13 # limitations under the License. | 13 # limitations under the License. |
14 | 14 |
15 """Command-line tools for authenticating via OAuth 2.0 | 15 """Command-line tools for authenticating via OAuth 2.0 |
16 | 16 |
17 Do the OAuth 2.0 Web Server dance for a command line application. Stores the | 17 Do the OAuth 2.0 Web Server dance for a command line application. Stores the |
18 generated credentials in a common file that is used by other example apps in | 18 generated credentials in a common file that is used by other example apps in |
19 the same directory. | 19 the same directory. |
20 """ | 20 """ |
21 | 21 |
| 22 from __future__ import print_function |
| 23 |
22 __author__ = 'jcgregorio@google.com (Joe Gregorio)' | 24 __author__ = 'jcgregorio@google.com (Joe Gregorio)' |
23 __all__ = ['argparser', 'run_flow', 'run', 'message_if_missing'] | 25 __all__ = ['argparser', 'run_flow', 'run', 'message_if_missing'] |
24 | 26 |
25 | |
26 import BaseHTTPServer | |
27 import argparse | |
28 import httplib2 | |
29 import logging | 27 import logging |
30 import os | |
31 import socket | 28 import socket |
32 import sys | 29 import sys |
33 import webbrowser | |
34 | 30 |
35 from oauth2client import client | 31 from third_party.six.moves import BaseHTTPServer |
36 from oauth2client import file | 32 from third_party.six.moves import urllib |
37 from oauth2client import util | 33 from third_party.six.moves import input |
38 | 34 |
39 try: | 35 from . import client |
40 from urlparse import parse_qsl | 36 from . import util |
41 except ImportError: | 37 |
42 from cgi import parse_qsl | |
43 | 38 |
44 _CLIENT_SECRETS_MESSAGE = """WARNING: Please configure OAuth 2.0 | 39 _CLIENT_SECRETS_MESSAGE = """WARNING: Please configure OAuth 2.0 |
45 | 40 |
46 To make this sample run you will need to populate the client_secrets.json file | 41 To make this sample run you will need to populate the client_secrets.json file |
47 found at: | 42 found at: |
48 | 43 |
49 %s | 44 %s |
50 | 45 |
51 with information from the APIs Console <https://code.google.com/apis/console>. | 46 with information from the APIs Console <https://code.google.com/apis/console>. |
52 | 47 |
53 """ | 48 """ |
54 | 49 |
55 # run_parser is an ArgumentParser that contains command-line options expected | 50 def _CreateArgumentParser(): |
| 51 try: |
| 52 import argparse |
| 53 except ImportError: |
| 54 return None |
| 55 parser = argparse.ArgumentParser(add_help=False) |
| 56 parser.add_argument('--auth_host_name', default='localhost', |
| 57 help='Hostname when running a local web server.') |
| 58 parser.add_argument('--noauth_local_webserver', action='store_true', |
| 59 default=False, help='Do not run a local web server.') |
| 60 parser.add_argument('--auth_host_port', default=[8080, 8090], type=int, |
| 61 nargs='*', help='Port web server should listen on.') |
| 62 parser.add_argument('--logging_level', default='ERROR', |
| 63 choices=['DEBUG', 'INFO', 'WARNING', 'ERROR', 'CRITICAL'], |
| 64 help='Set the logging level of detail.') |
| 65 return parser |
| 66 |
| 67 # argparser is an ArgumentParser that contains command-line options expected |
56 # by tools.run(). Pass it in as part of the 'parents' argument to your own | 68 # by tools.run(). Pass it in as part of the 'parents' argument to your own |
57 # ArgumentParser. | 69 # ArgumentParser. |
58 argparser = argparse.ArgumentParser(add_help=False) | 70 argparser = _CreateArgumentParser() |
59 argparser.add_argument('--auth_host_name', default='localhost', | |
60 help='Hostname when running a local web server.') | |
61 argparser.add_argument('--noauth_local_webserver', action='store_true', | |
62 default=False, help='Do not run a local web server.') | |
63 argparser.add_argument('--auth_host_port', default=[8080, 8090], type=int, | |
64 nargs='*', help='Port web server should listen on.') | |
65 argparser.add_argument('--logging_level', default='ERROR', | |
66 choices=['DEBUG', 'INFO', 'WARNING', 'ERROR', | |
67 'CRITICAL'], | |
68 help='Set the logging level of detail.') | |
69 | 71 |
70 | 72 |
71 class ClientRedirectServer(BaseHTTPServer.HTTPServer): | 73 class ClientRedirectServer(BaseHTTPServer.HTTPServer): |
72 """A server to handle OAuth 2.0 redirects back to localhost. | 74 """A server to handle OAuth 2.0 redirects back to localhost. |
73 | 75 |
74 Waits for a single request and parses the query parameters | 76 Waits for a single request and parses the query parameters |
75 into query_params and then stops serving. | 77 into query_params and then stops serving. |
76 """ | 78 """ |
77 query_params = {} | 79 query_params = {} |
78 | 80 |
79 | 81 |
80 class ClientRedirectHandler(BaseHTTPServer.BaseHTTPRequestHandler): | 82 class ClientRedirectHandler(BaseHTTPServer.BaseHTTPRequestHandler): |
81 """A handler for OAuth 2.0 redirects back to localhost. | 83 """A handler for OAuth 2.0 redirects back to localhost. |
82 | 84 |
83 Waits for a single request and parses the query parameters | 85 Waits for a single request and parses the query parameters |
84 into the servers query_params and then stops serving. | 86 into the servers query_params and then stops serving. |
85 """ | 87 """ |
86 | 88 |
87 def do_GET(s): | 89 def do_GET(self): |
88 """Handle a GET request. | 90 """Handle a GET request. |
89 | 91 |
90 Parses the query parameters and prints a message | 92 Parses the query parameters and prints a message |
91 if the flow has completed. Note that we can't detect | 93 if the flow has completed. Note that we can't detect |
92 if an error occurred. | 94 if an error occurred. |
93 """ | 95 """ |
94 s.send_response(200) | 96 self.send_response(200) |
95 s.send_header("Content-type", "text/html") | 97 self.send_header("Content-type", "text/html") |
96 s.end_headers() | 98 self.end_headers() |
97 query = s.path.split('?', 1)[-1] | 99 query = self.path.split('?', 1)[-1] |
98 query = dict(parse_qsl(query)) | 100 query = dict(urllib.parse.parse_qsl(query)) |
99 s.server.query_params = query | 101 self.server.query_params = query |
100 s.wfile.write("<html><head><title>Authentication Status</title></head>") | 102 self.wfile.write(b"<html><head><title>Authentication Status</title></head>") |
101 s.wfile.write("<body><p>The authentication flow has completed.</p>") | 103 self.wfile.write(b"<body><p>The authentication flow has completed.</p>") |
102 s.wfile.write("</body></html>") | 104 self.wfile.write(b"</body></html>") |
103 | 105 |
104 def log_message(self, format, *args): | 106 def log_message(self, format, *args): |
105 """Do not log messages to stdout while running as command line program.""" | 107 """Do not log messages to stdout while running as command line program.""" |
106 pass | |
107 | 108 |
108 | 109 |
109 @util.positional(3) | 110 @util.positional(3) |
110 def run_flow(flow, storage, flags, http=None): | 111 def run_flow(flow, storage, flags, http=None): |
111 """Core code for a command-line application. | 112 """Core code for a command-line application. |
112 | 113 |
113 The run() function is called from your application and runs through all the | 114 The ``run()`` function is called from your application and runs |
114 steps to obtain credentials. It takes a Flow argument and attempts to open an | 115 through all the steps to obtain credentials. It takes a ``Flow`` |
115 authorization server page in the user's default web browser. The server asks | 116 argument and attempts to open an authorization server page in the |
116 the user to grant your application access to the user's data. If the user | 117 user's default web browser. The server asks the user to grant your |
117 grants access, the run() function returns new credentials. The new credentials | 118 application access to the user's data. If the user grants access, |
118 are also stored in the Storage argument, which updates the file associated | 119 the ``run()`` function returns new credentials. The new credentials |
119 with the Storage object. | 120 are also stored in the ``storage`` argument, which updates the file |
| 121 associated with the ``Storage`` object. |
120 | 122 |
121 It presumes it is run from a command-line application and supports the | 123 It presumes it is run from a command-line application and supports the |
122 following flags: | 124 following flags: |
123 | 125 |
124 --auth_host_name: Host name to use when running a local web server | 126 ``--auth_host_name`` (string, default: ``localhost``) |
125 to handle redirects during OAuth authorization. | 127 Host name to use when running a local web server to handle |
126 (default: 'localhost') | 128 redirects during OAuth authorization. |
127 | 129 |
128 --auth_host_port: Port to use when running a local web server to handle | 130 ``--auth_host_port`` (integer, default: ``[8080, 8090]``) |
129 redirects during OAuth authorization.; | 131 Port to use when running a local web server to handle redirects |
130 repeat this option to specify a list of values | 132 during OAuth authorization. Repeat this option to specify a list |
131 (default: '[8080, 8090]') | 133 of values. |
132 (an integer) | |
133 | 134 |
134 --[no]auth_local_webserver: Run a local web server to handle redirects | 135 ``--[no]auth_local_webserver`` (boolean, default: ``True``) |
135 during OAuth authorization. | 136 Run a local web server to handle redirects during OAuth authorization. |
136 (default: 'true') | |
137 | 137 |
138 The tools module defines an ArgumentParser the already contains the flag | |
139 definitions that run() requires. You can pass that ArgumentParser to your | |
140 ArgumentParser constructor: | |
141 | 138 |
142 parser = argparse.ArgumentParser(description=__doc__, | 139 |
143 formatter_class=argparse.RawDescriptionHelpFormatter, | 140 |
144 parents=[tools.run_parser]) | 141 The tools module defines an ``ArgumentParser`` the already contains the flag |
145 flags = parser.parse_args(argv) | 142 definitions that ``run()`` requires. You can pass that ``ArgumentParser`` to y
our |
| 143 ``ArgumentParser`` constructor:: |
| 144 |
| 145 parser = argparse.ArgumentParser(description=__doc__, |
| 146 formatter_class=argparse.RawDescriptionHelpFormatter, |
| 147 parents=[tools.argparser]) |
| 148 flags = parser.parse_args(argv) |
146 | 149 |
147 Args: | 150 Args: |
148 flow: Flow, an OAuth 2.0 Flow to step through. | 151 flow: Flow, an OAuth 2.0 Flow to step through. |
149 storage: Storage, a Storage to store the credential in. | 152 storage: Storage, a ``Storage`` to store the credential in. |
150 flags: argparse.ArgumentParser, the command-line flags. | 153 flags: ``argparse.Namespace``, The command-line flags. This is the |
151 http: An instance of httplib2.Http.request | 154 object returned from calling ``parse_args()`` on |
152 or something that acts like it. | 155 ``argparse.ArgumentParser`` as described above. |
| 156 http: An instance of ``httplib2.Http.request`` or something that |
| 157 acts like it. |
153 | 158 |
154 Returns: | 159 Returns: |
155 Credentials, the obtained credential. | 160 Credentials, the obtained credential. |
156 """ | 161 """ |
157 logging.getLogger().setLevel(getattr(logging, flags.logging_level)) | 162 logging.getLogger().setLevel(getattr(logging, flags.logging_level)) |
158 if not flags.noauth_local_webserver: | 163 if not flags.noauth_local_webserver: |
159 success = False | 164 success = False |
160 port_number = 0 | 165 port_number = 0 |
161 for port in flags.auth_host_port: | 166 for port in flags.auth_host_port: |
162 port_number = port | 167 port_number = port |
163 try: | 168 try: |
164 httpd = ClientRedirectServer((flags.auth_host_name, port), | 169 httpd = ClientRedirectServer((flags.auth_host_name, port), |
165 ClientRedirectHandler) | 170 ClientRedirectHandler) |
166 except socket.error, e: | 171 except socket.error: |
167 pass | 172 pass |
168 else: | 173 else: |
169 success = True | 174 success = True |
170 break | 175 break |
171 flags.noauth_local_webserver = not success | 176 flags.noauth_local_webserver = not success |
172 if not success: | 177 if not success: |
173 print 'Failed to start a local webserver listening on either port 8080' | 178 print('Failed to start a local webserver listening on either port 8080') |
174 print 'or port 9090. Please check your firewall settings and locally' | 179 print('or port 9090. Please check your firewall settings and locally') |
175 print 'running programs that may be blocking or using those ports.' | 180 print('running programs that may be blocking or using those ports.') |
176 print | 181 print() |
177 print 'Falling back to --noauth_local_webserver and continuing with', | 182 print('Falling back to --noauth_local_webserver and continuing with') |
178 print 'authorization.' | 183 print('authorization.') |
179 print | 184 print() |
180 | 185 |
181 if not flags.noauth_local_webserver: | 186 if not flags.noauth_local_webserver: |
182 oauth_callback = 'http://%s:%s/' % (flags.auth_host_name, port_number) | 187 oauth_callback = 'http://%s:%s/' % (flags.auth_host_name, port_number) |
183 else: | 188 else: |
184 oauth_callback = client.OOB_CALLBACK_URN | 189 oauth_callback = client.OOB_CALLBACK_URN |
185 flow.redirect_uri = oauth_callback | 190 flow.redirect_uri = oauth_callback |
186 authorize_url = flow.step1_get_authorize_url() | 191 authorize_url = flow.step1_get_authorize_url() |
187 | 192 |
188 if not flags.noauth_local_webserver: | 193 if not flags.noauth_local_webserver: |
| 194 import webbrowser |
189 webbrowser.open(authorize_url, new=1, autoraise=True) | 195 webbrowser.open(authorize_url, new=1, autoraise=True) |
190 print 'Your browser has been opened to visit:' | 196 print('Your browser has been opened to visit:') |
191 print | 197 print() |
192 print ' ' + authorize_url | 198 print(' ' + authorize_url) |
193 print | 199 print() |
194 print 'If your browser is on a different machine then exit and re-run this' | 200 print('If your browser is on a different machine then exit and re-run this') |
195 print 'application with the command-line parameter ' | 201 print('application with the command-line parameter ') |
196 print | 202 print() |
197 print ' --noauth_local_webserver' | 203 print(' --noauth_local_webserver') |
198 print | 204 print() |
199 else: | 205 else: |
200 print 'Go to the following link in your browser:' | 206 print('Go to the following link in your browser:') |
201 print | 207 print() |
202 print ' ' + authorize_url | 208 print(' ' + authorize_url) |
203 print | 209 print() |
204 | 210 |
205 code = None | 211 code = None |
206 if not flags.noauth_local_webserver: | 212 if not flags.noauth_local_webserver: |
207 httpd.handle_request() | 213 httpd.handle_request() |
208 if 'error' in httpd.query_params: | 214 if 'error' in httpd.query_params: |
209 sys.exit('Authentication request was rejected.') | 215 sys.exit('Authentication request was rejected.') |
210 if 'code' in httpd.query_params: | 216 if 'code' in httpd.query_params: |
211 code = httpd.query_params['code'] | 217 code = httpd.query_params['code'] |
212 else: | 218 else: |
213 print 'Failed to find "code" in the query parameters of the redirect.' | 219 print('Failed to find "code" in the query parameters of the redirect.') |
214 sys.exit('Try running with --noauth_local_webserver.') | 220 sys.exit('Try running with --noauth_local_webserver.') |
215 else: | 221 else: |
216 code = raw_input('Enter verification code: ').strip() | 222 code = input('Enter verification code: ').strip() |
217 | 223 |
218 try: | 224 try: |
219 credential = flow.step2_exchange(code, http=http) | 225 credential = flow.step2_exchange(code, http=http) |
220 except client.FlowExchangeError, e: | 226 except client.FlowExchangeError as e: |
221 sys.exit('Authentication has failed: %s' % e) | 227 sys.exit('Authentication has failed: %s' % e) |
222 | 228 |
223 storage.put(credential) | 229 storage.put(credential) |
224 credential.set_store(storage) | 230 credential.set_store(storage) |
225 print 'Authentication successful.' | 231 print('Authentication successful.') |
226 | 232 |
227 return credential | 233 return credential |
228 | 234 |
229 | 235 |
230 def message_if_missing(filename): | 236 def message_if_missing(filename): |
231 """Helpful message to display if the CLIENT_SECRETS file is missing.""" | 237 """Helpful message to display if the CLIENT_SECRETS file is missing.""" |
232 | 238 |
233 return _CLIENT_SECRETS_MESSAGE % filename | 239 return _CLIENT_SECRETS_MESSAGE % filename |
234 | 240 |
235 try: | 241 try: |
236 from old_run import run | 242 from oauth2client.old_run import run |
237 from old_run import FLAGS | 243 from oauth2client.old_run import FLAGS |
238 except ImportError: | 244 except ImportError: |
239 def run(*args, **kwargs): | 245 def run(*args, **kwargs): |
240 raise NotImplementedError( | 246 raise NotImplementedError( |
241 'The gflags library must be installed to use tools.run(). ' | 247 'The gflags library must be installed to use tools.run(). ' |
242 'Please install gflags or preferrably switch to using ' | 248 'Please install gflags or preferrably switch to using ' |
243 'tools.run_flow().') | 249 'tools.run_flow().') |
OLD | NEW |