[catapult] - Copy Telemetry's gsutilz over to third_party.

third_party/gsutil/third_party/gcs-oauth2-boto-plugin/gcs_oauth2_boto_plugin/oauth2_plugin.py

Index: third_party/gsutil/third_party/gcs-oauth2-boto-plugin/gcs_oauth2_boto_plugin/oauth2_plugin.py
diff --git a/third_party/gsutil/third_party/gcs-oauth2-boto-plugin/gcs_oauth2_boto_plugin/oauth2_plugin.py b/third_party/gsutil/third_party/gcs-oauth2-boto-plugin/gcs_oauth2_boto_plugin/oauth2_plugin.py
new file mode 100644
index 0000000000000000000000000000000000000000..e8c339e9f3d429be31d51404ed3894519efc218d
--- /dev/null
+++ b/third_party/gsutil/third_party/gcs-oauth2-boto-plugin/gcs_oauth2_boto_plugin/oauth2_plugin.py
@@ -0,0 +1,70 @@
+# Copyright 2014 Google Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Boto auth plugin for OAuth2.0 for Google Cloud Storage."""
+
+from __future__ import absolute_import
+
+from boto.auth_handler import AuthHandler
+from boto.auth_handler import NotReadyToAuthenticate
+
+from gcs_oauth2_boto_plugin import oauth2_client
+from gcs_oauth2_boto_plugin import oauth2_helper
+
+IS_SERVICE_ACCOUNT = False
+
+
+class OAuth2Auth(AuthHandler):
+
+  capability = ['google-oauth2', 's3']
+
+  def __init__(self, path, config, provider):
+    self.oauth2_client = None
+    if (provider.name == 'google'):
+      if config.has_option('Credentials', 'gs_oauth2_refresh_token'):
+        self.oauth2_client = oauth2_helper.OAuth2ClientFromBotoConfig(config)
+      elif config.has_option('GoogleCompute', 'service_account'):
+        self.oauth2_client = oauth2_client.CreateOAuth2GCEClient()
+    if not self.oauth2_client:
+      raise NotReadyToAuthenticate()
+
+  def add_auth(self, http_request):
+    http_request.headers['Authorization'] = \
+        self.oauth2_client.GetAuthorizationHeader()
+
+
+class OAuth2ServiceAccountAuth(AuthHandler):
+
+  capability = ['google-oauth2', 's3']
+
+  def __init__(self, path, config, provider):
+    if (provider.name == 'google'
+        and config.has_option('Credentials', 'gs_service_key_file')):
+      self.oauth2_client = oauth2_helper.OAuth2ClientFromBotoConfig(config,
+          cred_type=oauth2_client.CredTypes.OAUTH2_SERVICE_ACCOUNT)
+
+      # If we make it to this point, then we will later attempt to authenticate
+      # as a service account based on how the boto auth plugins work. This is
+      # global so that command.py can access this value once it's set.
+      # TODO: replace this approach with a way to get the current plugin
+      # from boto so that we don't have to have global variables.
+      global IS_SERVICE_ACCOUNT
+      IS_SERVICE_ACCOUNT = True
+    else:
+      raise NotReadyToAuthenticate()
+
+  def add_auth(self, http_request):
+    http_request.headers['Authorization'] = \
+        self.oauth2_client.GetAuthorizationHeader()
+