| Index: tools/telemetry/third_party/gsutil/third_party/boto/boto/cognito/identity/layer1.py
|
| diff --git a/tools/telemetry/third_party/gsutil/third_party/boto/boto/cognito/identity/layer1.py b/tools/telemetry/third_party/gsutil/third_party/boto/boto/cognito/identity/layer1.py
|
| deleted file mode 100644
|
| index a7363d5b5c623fa2a7daecadcecdde9639ed53ad..0000000000000000000000000000000000000000
|
| --- a/tools/telemetry/third_party/gsutil/third_party/boto/boto/cognito/identity/layer1.py
|
| +++ /dev/null
|
| @@ -1,549 +0,0 @@
|
| -# Copyright (c) 2014 Amazon.com, Inc. or its affiliates. All Rights Reserved
|
| -#
|
| -# Permission is hereby granted, free of charge, to any person obtaining a
|
| -# copy of this software and associated documentation files (the
|
| -# "Software"), to deal in the Software without restriction, including
|
| -# without limitation the rights to use, copy, modify, merge, publish, dis-
|
| -# tribute, sublicense, and/or sell copies of the Software, and to permit
|
| -# persons to whom the Software is furnished to do so, subject to the fol-
|
| -# lowing conditions:
|
| -#
|
| -# The above copyright notice and this permission notice shall be included
|
| -# in all copies or substantial portions of the Software.
|
| -#
|
| -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
| -# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABIL-
|
| -# ITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
|
| -# SHALL THE AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
|
| -# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
| -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
| -# IN THE SOFTWARE.
|
| -#
|
| -
|
| -import boto
|
| -from boto.compat import json
|
| -from boto.connection import AWSQueryConnection
|
| -from boto.regioninfo import RegionInfo
|
| -from boto.exception import JSONResponseError
|
| -from boto.cognito.identity import exceptions
|
| -
|
| -
|
| -class CognitoIdentityConnection(AWSQueryConnection):
|
| - """
|
| - Amazon Cognito
|
| - Amazon Cognito is a web service that delivers scoped temporary
|
| - credentials to mobile devices and other untrusted environments.
|
| - Amazon Cognito uniquely identifies a device and supplies the user
|
| - with a consistent identity over the lifetime of an application.
|
| -
|
| - Using Amazon Cognito, you can enable authentication with one or
|
| - more third-party identity providers (Facebook, Google, or Login
|
| - with Amazon), and you can also choose to support unauthenticated
|
| - access from your app. Cognito delivers a unique identifier for
|
| - each user and acts as an OpenID token provider trusted by AWS
|
| - Security Token Service (STS) to access temporary, limited-
|
| - privilege AWS credentials.
|
| -
|
| - To provide end-user credentials, first make an unsigned call to
|
| - GetId. If the end user is authenticated with one of the supported
|
| - identity providers, set the `Logins` map with the identity
|
| - provider token. `GetId` returns a unique identifier for the user.
|
| -
|
| - Next, make an unsigned call to GetOpenIdToken, which returns the
|
| - OpenID token necessary to call STS and retrieve AWS credentials.
|
| - This call expects the same `Logins` map as the `GetId` call, as
|
| - well as the `IdentityID` originally returned by `GetId`. The token
|
| - returned by `GetOpenIdToken` can be passed to the STS operation
|
| - `AssumeRoleWithWebIdentity`_ to retrieve AWS credentials.
|
| - """
|
| - APIVersion = "2014-06-30"
|
| - DefaultRegionName = "us-east-1"
|
| - DefaultRegionEndpoint = "cognito-identity.us-east-1.amazonaws.com"
|
| - ServiceName = "CognitoIdentity"
|
| - TargetPrefix = "AWSCognitoIdentityService"
|
| - ResponseError = JSONResponseError
|
| -
|
| - _faults = {
|
| - "LimitExceededException": exceptions.LimitExceededException,
|
| - "ResourceConflictException": exceptions.ResourceConflictException,
|
| - "DeveloperUserAlreadyRegisteredException": exceptions.DeveloperUserAlreadyRegisteredException,
|
| - "TooManyRequestsException": exceptions.TooManyRequestsException,
|
| - "InvalidParameterException": exceptions.InvalidParameterException,
|
| - "ResourceNotFoundException": exceptions.ResourceNotFoundException,
|
| - "InternalErrorException": exceptions.InternalErrorException,
|
| - "NotAuthorizedException": exceptions.NotAuthorizedException,
|
| - }
|
| -
|
| -
|
| - def __init__(self, **kwargs):
|
| - region = kwargs.pop('region', None)
|
| - if not region:
|
| - region = RegionInfo(self, self.DefaultRegionName,
|
| - self.DefaultRegionEndpoint)
|
| -
|
| - if 'host' not in kwargs or kwargs['host'] is None:
|
| - kwargs['host'] = region.endpoint
|
| -
|
| - super(CognitoIdentityConnection, self).__init__(**kwargs)
|
| - self.region = region
|
| -
|
| - def _required_auth_capability(self):
|
| - return ['hmac-v4']
|
| -
|
| - def create_identity_pool(self, identity_pool_name,
|
| - allow_unauthenticated_identities,
|
| - supported_login_providers=None,
|
| - developer_provider_name=None,
|
| - open_id_connect_provider_ar_ns=None):
|
| - """
|
| - Creates a new identity pool. The identity pool is a store of
|
| - user identity information that is specific to your AWS
|
| - account. The limit on identity pools is 60 per account.
|
| -
|
| - :type identity_pool_name: string
|
| - :param identity_pool_name: A string that you provide.
|
| -
|
| - :type allow_unauthenticated_identities: boolean
|
| - :param allow_unauthenticated_identities: TRUE if the identity pool
|
| - supports unauthenticated logins.
|
| -
|
| - :type supported_login_providers: map
|
| - :param supported_login_providers: Optional key:value pairs mapping
|
| - provider names to provider app IDs.
|
| -
|
| - :type developer_provider_name: string
|
| - :param developer_provider_name: The "domain" by which Cognito will
|
| - refer to your users. This name acts as a placeholder that allows
|
| - your backend and the Cognito service to communicate about the
|
| - developer provider. For the `DeveloperProviderName`, you can use
|
| - letters as well as period ( `.`), underscore ( `_`), and dash (
|
| - `-`).
|
| - Once you have set a developer provider name, you cannot change it.
|
| - Please take care in setting this parameter.
|
| -
|
| - :type open_id_connect_provider_ar_ns: list
|
| - :param open_id_connect_provider_ar_ns:
|
| -
|
| - """
|
| - params = {
|
| - 'IdentityPoolName': identity_pool_name,
|
| - 'AllowUnauthenticatedIdentities': allow_unauthenticated_identities,
|
| - }
|
| - if supported_login_providers is not None:
|
| - params['SupportedLoginProviders'] = supported_login_providers
|
| - if developer_provider_name is not None:
|
| - params['DeveloperProviderName'] = developer_provider_name
|
| - if open_id_connect_provider_ar_ns is not None:
|
| - params['OpenIdConnectProviderARNs'] = open_id_connect_provider_ar_ns
|
| - return self.make_request(action='CreateIdentityPool',
|
| - body=json.dumps(params))
|
| -
|
| - def delete_identity_pool(self, identity_pool_id):
|
| - """
|
| - Deletes a user pool. Once a pool is deleted, users will not be
|
| - able to authenticate with the pool.
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - """
|
| - params = {'IdentityPoolId': identity_pool_id, }
|
| - return self.make_request(action='DeleteIdentityPool',
|
| - body=json.dumps(params))
|
| -
|
| - def describe_identity_pool(self, identity_pool_id):
|
| - """
|
| - Gets details about a particular identity pool, including the
|
| - pool name, ID description, creation date, and current number
|
| - of users.
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - """
|
| - params = {'IdentityPoolId': identity_pool_id, }
|
| - return self.make_request(action='DescribeIdentityPool',
|
| - body=json.dumps(params))
|
| -
|
| - def get_id(self, account_id, identity_pool_id, logins=None):
|
| - """
|
| - Generates (or retrieves) a Cognito ID. Supplying multiple
|
| - logins will create an implicit linked account.
|
| -
|
| - :type account_id: string
|
| - :param account_id: A standard AWS account ID (9+ digits).
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - :type logins: map
|
| - :param logins: A set of optional name-value pairs that map provider
|
| - names to provider tokens.
|
| - The available provider names for `Logins` are as follows:
|
| -
|
| - + Facebook: `graph.facebook.com`
|
| - + Google: `accounts.google.com`
|
| - + Amazon: `www.amazon.com`
|
| -
|
| - """
|
| - params = {
|
| - 'AccountId': account_id,
|
| - 'IdentityPoolId': identity_pool_id,
|
| - }
|
| - if logins is not None:
|
| - params['Logins'] = logins
|
| - return self.make_request(action='GetId',
|
| - body=json.dumps(params))
|
| -
|
| - def get_open_id_token(self, identity_id, logins=None):
|
| - """
|
| - Gets an OpenID token, using a known Cognito ID. This known
|
| - Cognito ID is returned by GetId. You can optionally add
|
| - additional logins for the identity. Supplying multiple logins
|
| - creates an implicit link.
|
| -
|
| - The OpenId token is valid for 15 minutes.
|
| -
|
| - :type identity_id: string
|
| - :param identity_id: A unique identifier in the format REGION:GUID.
|
| -
|
| - :type logins: map
|
| - :param logins: A set of optional name-value pairs that map provider
|
| - names to provider tokens.
|
| -
|
| - """
|
| - params = {'IdentityId': identity_id, }
|
| - if logins is not None:
|
| - params['Logins'] = logins
|
| - return self.make_request(action='GetOpenIdToken',
|
| - body=json.dumps(params))
|
| -
|
| - def get_open_id_token_for_developer_identity(self, identity_pool_id,
|
| - logins, identity_id=None,
|
| - token_duration=None):
|
| - """
|
| - Registers (or retrieves) a Cognito `IdentityId` and an OpenID
|
| - Connect token for a user authenticated by your backend
|
| - authentication process. Supplying multiple logins will create
|
| - an implicit linked account. You can only specify one developer
|
| - provider as part of the `Logins` map, which is linked to the
|
| - identity pool. The developer provider is the "domain" by which
|
| - Cognito will refer to your users.
|
| -
|
| - You can use `GetOpenIdTokenForDeveloperIdentity` to create a
|
| - new identity and to link new logins (that is, user credentials
|
| - issued by a public provider or developer provider) to an
|
| - existing identity. When you want to create a new identity, the
|
| - `IdentityId` should be null. When you want to associate a new
|
| - login with an existing authenticated/unauthenticated identity,
|
| - you can do so by providing the existing `IdentityId`. This API
|
| - will create the identity in the specified `IdentityPoolId`.
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - :type identity_id: string
|
| - :param identity_id: A unique identifier in the format REGION:GUID.
|
| -
|
| - :type logins: map
|
| - :param logins: A set of optional name-value pairs that map provider
|
| - names to provider tokens. Each name-value pair represents a user
|
| - from a public provider or developer provider. If the user is from a
|
| - developer provider, the name-value pair will follow the syntax
|
| - `"developer_provider_name": "developer_user_identifier"`. The
|
| - developer provider is the "domain" by which Cognito will refer to
|
| - your users; you provided this domain while creating/updating the
|
| - identity pool. The developer user identifier is an identifier from
|
| - your backend that uniquely identifies a user. When you create an
|
| - identity pool, you can specify the supported logins.
|
| -
|
| - :type token_duration: long
|
| - :param token_duration: The expiration time of the token, in seconds.
|
| - You can specify a custom expiration time for the token so that you
|
| - can cache it. If you don't provide an expiration time, the token is
|
| - valid for 15 minutes. You can exchange the token with Amazon STS
|
| - for temporary AWS credentials, which are valid for a maximum of one
|
| - hour. The maximum token duration you can set is 24 hours. You
|
| - should take care in setting the expiration time for a token, as
|
| - there are significant security implications: an attacker could use
|
| - a leaked token to access your AWS resources for the token's
|
| - duration.
|
| -
|
| - """
|
| - params = {
|
| - 'IdentityPoolId': identity_pool_id,
|
| - 'Logins': logins,
|
| - }
|
| - if identity_id is not None:
|
| - params['IdentityId'] = identity_id
|
| - if token_duration is not None:
|
| - params['TokenDuration'] = token_duration
|
| - return self.make_request(action='GetOpenIdTokenForDeveloperIdentity',
|
| - body=json.dumps(params))
|
| -
|
| - def list_identities(self, identity_pool_id, max_results, next_token=None):
|
| - """
|
| - Lists the identities in a pool.
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - :type max_results: integer
|
| - :param max_results: The maximum number of identities to return.
|
| -
|
| - :type next_token: string
|
| - :param next_token: A pagination token.
|
| -
|
| - """
|
| - params = {
|
| - 'IdentityPoolId': identity_pool_id,
|
| - 'MaxResults': max_results,
|
| - }
|
| - if next_token is not None:
|
| - params['NextToken'] = next_token
|
| - return self.make_request(action='ListIdentities',
|
| - body=json.dumps(params))
|
| -
|
| - def list_identity_pools(self, max_results, next_token=None):
|
| - """
|
| - Lists all of the Cognito identity pools registered for your
|
| - account.
|
| -
|
| - :type max_results: integer
|
| - :param max_results: The maximum number of identities to return.
|
| -
|
| - :type next_token: string
|
| - :param next_token: A pagination token.
|
| -
|
| - """
|
| - params = {'MaxResults': max_results, }
|
| - if next_token is not None:
|
| - params['NextToken'] = next_token
|
| - return self.make_request(action='ListIdentityPools',
|
| - body=json.dumps(params))
|
| -
|
| - def lookup_developer_identity(self, identity_pool_id, identity_id=None,
|
| - developer_user_identifier=None,
|
| - max_results=None, next_token=None):
|
| - """
|
| - Retrieves the `IdentityID` associated with a
|
| - `DeveloperUserIdentifier` or the list of
|
| - `DeveloperUserIdentifier`s associated with an `IdentityId` for
|
| - an existing identity. Either `IdentityID` or
|
| - `DeveloperUserIdentifier` must not be null. If you supply only
|
| - one of these values, the other value will be searched in the
|
| - database and returned as a part of the response. If you supply
|
| - both, `DeveloperUserIdentifier` will be matched against
|
| - `IdentityID`. If the values are verified against the database,
|
| - the response returns both values and is the same as the
|
| - request. Otherwise a `ResourceConflictException` is thrown.
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - :type identity_id: string
|
| - :param identity_id: A unique identifier in the format REGION:GUID.
|
| -
|
| - :type developer_user_identifier: string
|
| - :param developer_user_identifier: A unique ID used by your backend
|
| - authentication process to identify a user. Typically, a developer
|
| - identity provider would issue many developer user identifiers, in
|
| - keeping with the number of users.
|
| -
|
| - :type max_results: integer
|
| - :param max_results: The maximum number of identities to return.
|
| -
|
| - :type next_token: string
|
| - :param next_token: A pagination token. The first call you make will
|
| - have `NextToken` set to null. After that the service will return
|
| - `NextToken` values as needed. For example, let's say you make a
|
| - request with `MaxResults` set to 10, and there are 20 matches in
|
| - the database. The service will return a pagination token as a part
|
| - of the response. This token can be used to call the API again and
|
| - get results starting from the 11th match.
|
| -
|
| - """
|
| - params = {'IdentityPoolId': identity_pool_id, }
|
| - if identity_id is not None:
|
| - params['IdentityId'] = identity_id
|
| - if developer_user_identifier is not None:
|
| - params['DeveloperUserIdentifier'] = developer_user_identifier
|
| - if max_results is not None:
|
| - params['MaxResults'] = max_results
|
| - if next_token is not None:
|
| - params['NextToken'] = next_token
|
| - return self.make_request(action='LookupDeveloperIdentity',
|
| - body=json.dumps(params))
|
| -
|
| - def merge_developer_identities(self, source_user_identifier,
|
| - destination_user_identifier,
|
| - developer_provider_name, identity_pool_id):
|
| - """
|
| - Merges two users having different `IdentityId`s, existing in
|
| - the same identity pool, and identified by the same developer
|
| - provider. You can use this action to request that discrete
|
| - users be merged and identified as a single user in the Cognito
|
| - environment. Cognito associates the given source user (
|
| - `SourceUserIdentifier`) with the `IdentityId` of the
|
| - `DestinationUserIdentifier`. Only developer-authenticated
|
| - users can be merged. If the users to be merged are associated
|
| - with the same public provider, but as two different users, an
|
| - exception will be thrown.
|
| -
|
| - :type source_user_identifier: string
|
| - :param source_user_identifier: User identifier for the source user. The
|
| - value should be a `DeveloperUserIdentifier`.
|
| -
|
| - :type destination_user_identifier: string
|
| - :param destination_user_identifier: User identifier for the destination
|
| - user. The value should be a `DeveloperUserIdentifier`.
|
| -
|
| - :type developer_provider_name: string
|
| - :param developer_provider_name: The "domain" by which Cognito will
|
| - refer to your users. This is a (pseudo) domain name that you
|
| - provide while creating an identity pool. This name acts as a
|
| - placeholder that allows your backend and the Cognito service to
|
| - communicate about the developer provider. For the
|
| - `DeveloperProviderName`, you can use letters as well as period (.),
|
| - underscore (_), and dash (-).
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - """
|
| - params = {
|
| - 'SourceUserIdentifier': source_user_identifier,
|
| - 'DestinationUserIdentifier': destination_user_identifier,
|
| - 'DeveloperProviderName': developer_provider_name,
|
| - 'IdentityPoolId': identity_pool_id,
|
| - }
|
| - return self.make_request(action='MergeDeveloperIdentities',
|
| - body=json.dumps(params))
|
| -
|
| - def unlink_developer_identity(self, identity_id, identity_pool_id,
|
| - developer_provider_name,
|
| - developer_user_identifier):
|
| - """
|
| - Unlinks a `DeveloperUserIdentifier` from an existing identity.
|
| - Unlinked developer users will be considered new identities
|
| - next time they are seen. If, for a given Cognito identity, you
|
| - remove all federated identities as well as the developer user
|
| - identifier, the Cognito identity becomes inaccessible.
|
| -
|
| - :type identity_id: string
|
| - :param identity_id: A unique identifier in the format REGION:GUID.
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - :type developer_provider_name: string
|
| - :param developer_provider_name: The "domain" by which Cognito will
|
| - refer to your users.
|
| -
|
| - :type developer_user_identifier: string
|
| - :param developer_user_identifier: A unique ID used by your backend
|
| - authentication process to identify a user.
|
| -
|
| - """
|
| - params = {
|
| - 'IdentityId': identity_id,
|
| - 'IdentityPoolId': identity_pool_id,
|
| - 'DeveloperProviderName': developer_provider_name,
|
| - 'DeveloperUserIdentifier': developer_user_identifier,
|
| - }
|
| - return self.make_request(action='UnlinkDeveloperIdentity',
|
| - body=json.dumps(params))
|
| -
|
| - def unlink_identity(self, identity_id, logins, logins_to_remove):
|
| - """
|
| - Unlinks a federated identity from an existing account.
|
| - Unlinked logins will be considered new identities next time
|
| - they are seen. Removing the last linked login will make this
|
| - identity inaccessible.
|
| -
|
| - :type identity_id: string
|
| - :param identity_id: A unique identifier in the format REGION:GUID.
|
| -
|
| - :type logins: map
|
| - :param logins: A set of optional name-value pairs that map provider
|
| - names to provider tokens.
|
| -
|
| - :type logins_to_remove: list
|
| - :param logins_to_remove: Provider names to unlink from this identity.
|
| -
|
| - """
|
| - params = {
|
| - 'IdentityId': identity_id,
|
| - 'Logins': logins,
|
| - 'LoginsToRemove': logins_to_remove,
|
| - }
|
| - return self.make_request(action='UnlinkIdentity',
|
| - body=json.dumps(params))
|
| -
|
| - def update_identity_pool(self, identity_pool_id, identity_pool_name,
|
| - allow_unauthenticated_identities,
|
| - supported_login_providers=None,
|
| - developer_provider_name=None,
|
| - open_id_connect_provider_ar_ns=None):
|
| - """
|
| - Updates a user pool.
|
| -
|
| - :type identity_pool_id: string
|
| - :param identity_pool_id: An identity pool ID in the format REGION:GUID.
|
| -
|
| - :type identity_pool_name: string
|
| - :param identity_pool_name: A string that you provide.
|
| -
|
| - :type allow_unauthenticated_identities: boolean
|
| - :param allow_unauthenticated_identities: TRUE if the identity pool
|
| - supports unauthenticated logins.
|
| -
|
| - :type supported_login_providers: map
|
| - :param supported_login_providers: Optional key:value pairs mapping
|
| - provider names to provider app IDs.
|
| -
|
| - :type developer_provider_name: string
|
| - :param developer_provider_name: The "domain" by which Cognito will
|
| - refer to your users.
|
| -
|
| - :type open_id_connect_provider_ar_ns: list
|
| - :param open_id_connect_provider_ar_ns:
|
| -
|
| - """
|
| - params = {
|
| - 'IdentityPoolId': identity_pool_id,
|
| - 'IdentityPoolName': identity_pool_name,
|
| - 'AllowUnauthenticatedIdentities': allow_unauthenticated_identities,
|
| - }
|
| - if supported_login_providers is not None:
|
| - params['SupportedLoginProviders'] = supported_login_providers
|
| - if developer_provider_name is not None:
|
| - params['DeveloperProviderName'] = developer_provider_name
|
| - if open_id_connect_provider_ar_ns is not None:
|
| - params['OpenIdConnectProviderARNs'] = open_id_connect_provider_ar_ns
|
| - return self.make_request(action='UpdateIdentityPool',
|
| - body=json.dumps(params))
|
| -
|
| - def make_request(self, action, body):
|
| - headers = {
|
| - 'X-Amz-Target': '%s.%s' % (self.TargetPrefix, action),
|
| - 'Host': self.region.endpoint,
|
| - 'Content-Type': 'application/x-amz-json-1.1',
|
| - 'Content-Length': str(len(body)),
|
| - }
|
| - http_request = self.build_base_http_request(
|
| - method='POST', path='/', auth_path='/', params={},
|
| - headers=headers, data=body)
|
| - response = self._mexe(http_request, sender=None,
|
| - override_num_retries=10)
|
| - response_body = response.read().decode('utf-8')
|
| - boto.log.debug(response_body)
|
| - if response.status == 200:
|
| - if response_body:
|
| - return json.loads(response_body)
|
| - else:
|
| - json_body = json.loads(response_body)
|
| - fault_name = json_body.get('__type', None)
|
| - exception_class = self._faults.get(fault_name, self.ResponseError)
|
| - raise exception_class(response.status, response.reason,
|
| - body=json_body)
|
|
|
Chromium Code Reviews
Issue 1260493004:
Revert "Add gsutil 4.13 to telemetry/third_party" (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master