depot_tools: add .gitcookies support to gerrit_util

gerrit_util.py

 # Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 """
 Utilities for requesting information for a gerrit server via https.
 
 https://gerrit-review.googlesource.com/Documentation/rest-api.html
 """
 
 import base64
+import cookielib
 import httplib
 import json
 import logging
 import netrc
 import os
 import re
 import socket
 import stat
 import sys
 import time
@@ skipping 62 matching lines @@
       return GceAuthenticator()
     return NetrcAuthenticator()
 
 
 class NetrcAuthenticator(Authenticator):
   """Authenticator implementation that uses ".netrc" for token.
   """
 
   def __init__(self):
     self.netrc = self._get_netrc()
+    self.gitcookies = self._get_gitcookies()
 
   @staticmethod
   def _get_netrc():
     path = '_netrc' if sys.platform.startswith('win') else '.netrc'
     path = os.path.join(os.environ['HOME'], path)
     try:
       return netrc.netrc(path)
     except IOError:
       print >> sys.stderr, 'WARNING: Could not read netrc file %s' % path
       return netrc.netrc(os.devnull)
     except netrc.NetrcParseError as e:
       st = os.stat(e.path)
       if st.st_mode & (stat.S_IRWXG | stat.S_IRWXO):
         print >> sys.stderr, (
             'WARNING: netrc file %s cannot be used because its file '
             'permissions are insecure.  netrc file permissions should be '
             '600.' % path)
       else:
         print >> sys.stderr, ('ERROR: Cannot use netrc file %s due to a '
                               'parsing error.' % path)
         raise
       return netrc.netrc(os.devnull)
 
+  @staticmethod
+  def _get_gitcookies():
+    gitcookies = {}
+    path = os.path.join(os.environ['HOME'], '.gitcookies')
+    try:
+      f = open(path, 'rb')
+    except IOError:
+      return gitcookies
+
+    with f:
+      for line in f:
+        try:
+          fields = line.strip().split('\t')
+          if line.strip().startswith('#') or len(fields) != 7:
+            continue
+          domain, xpath, key, value = fields[0], fields[2], fields[5], fields[6]
+          if xpath == '/' and key == 'o':
+            login, secret_token = value.split('=', 1)
+            gitcookies[domain] = (login, secret_token)
+        except (IndexError, ValueError, TypeError) as exc:
+          logging.warning(exc)
+
+    return gitcookies
+
   def get_auth_header(self, host):
-    auth = self.netrc.authenticators(host)
+    auth = None
+    for domain, creds in self.gitcookies.iteritems():
+      if cookielib.domain_match(host, domain):
+        auth = (creds[0], None, creds[1])
+        break
+
+    if not auth:
+      auth = self.netrc.authenticators(host)
     if auth:
       return 'Basic %s' % (base64.b64encode('%s:%s' % (auth[0], auth[2])))
     return None
 
 
 class GceAuthenticator(Authenticator):
   """Authenticator implementation that uses GCE metadata service for token.
   """
 
   _INFO_URL = 'http://metadata.google.internal'
@@ skipping 443 matching lines @@
         username = review.get('email', jmsg.get('name', ''))
         raise GerritError(200, 'Unable to set %s label for user "%s"'
                        ' on change %s.' % (label, username, change))
   jmsg = GetChangeCurrentRevision(host, change)
   if not jmsg:
     raise GerritError(
         200, 'Could not get review information for change "%s"' % change)
   elif jmsg[0]['current_revision'] != revision:
     raise GerritError(200, 'While resetting labels on change "%s", '
                    'a new patchset was uploaded.' % change)