Chromium Code Reviews Chromium Code Reviews
Issue
86123002:
Adds SSO auth to gsutil (Closed)
DescriptionAdds SSO auth to gsutil
Code path:
1. plugins.sso_auth is imported, which adds the AuthHandler class to the global state.
2. HasConfiguredCredentials() in gslib/utils.py is called by gsutil, and will return true if "prodaccess" exists on the system, which tells the system that we don't want a no-op auth handler.
3. When a command is called, all the auth handlers are cycled through and sso_auth.SSOAuth is called, which calls a stubby command to emit a gaiamint'ed oauth2 access token, which is then used as the Authorization Header
if --bypass_prodaccess is passed in, then:
1. HasConfiguredCredentials() will bypass the check for prodaccess, as if it didn't exist.
2. plugins.sso_auth does not get imported.
Which will essentially cause gsutil to behave as if this patch never existed.
So the expected behavior is:
=.boto file does not exist, prodaccess exists, but unauthenticated=
Failure: No handler was ready to authenticate. 3 handlers were checked. ['OAuth2Auth', 'HmacAuthV1Handler', 'SSOAuth'] Check your credentials.
=.boto file exists, prodaccess exists, but unauthenticated=
sso_auth will raise NotReadyToAuthenticate, and the .boto file will be used instead
=.boto file exists, prodaccess exists, authenticated=
sso_auth will be run _after_ the default gsutil authenticator, which causes the sso_auth to be used over whatever the default authentication is.
bypass_prodaccess is passed in by default to upload_to_google_storage because we expect people who use upload_to_google_storage to not need prodaccess and have their own boto file already. Also the sso_auth plugin will only request a readonlyi token, which will not work for uploading.
BUG=258152
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=240266
Patch Set 1 #Patch Set 2 : Added bypass support #
Total comments: 1
Patch Set 3 : Don't import sso_auth if bypass_prodaccess is passed in #Patch Set 4 : Bypass for upload and if token does not exist #
Total comments: 28
Patch Set 5 : Review fixes, added caching #
Total comments: 10
Patch Set 6 : Modified readme, review fixes #Patch Set 7 : 80 char #
Total comments: 1
Patch Set 8 : Remove unneeded line #
Total comments: 10
Patch Set 9 : Addressed comments #
Total comments: 3
Patch Set 10 : review fix #Patch Set 11 : Bug fix or -> and #
Messages
Total messages: 12 (0 generated)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
