arvados-google-api-client 0.8.7.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (62) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +178 -0
  3. data/Gemfile +9 -0
  4. data/LICENSE +202 -0
  5. data/README.md +218 -0
  6. data/Rakefile +41 -0
  7. data/google-api-client.gemspec +43 -0
  8. data/lib/cacerts.pem +2183 -0
  9. data/lib/compat/multi_json.rb +19 -0
  10. data/lib/google/api_client.rb +750 -0
  11. data/lib/google/api_client/auth/compute_service_account.rb +28 -0
  12. data/lib/google/api_client/auth/file_storage.rb +59 -0
  13. data/lib/google/api_client/auth/installed_app.rb +126 -0
  14. data/lib/google/api_client/auth/jwt_asserter.rb +126 -0
  15. data/lib/google/api_client/auth/key_utils.rb +93 -0
  16. data/lib/google/api_client/auth/pkcs12.rb +41 -0
  17. data/lib/google/api_client/auth/storage.rb +102 -0
  18. data/lib/google/api_client/auth/storages/file_store.rb +58 -0
  19. data/lib/google/api_client/auth/storages/redis_store.rb +54 -0
  20. data/lib/google/api_client/batch.rb +326 -0
  21. data/lib/google/api_client/charset.rb +33 -0
  22. data/lib/google/api_client/client_secrets.rb +179 -0
  23. data/lib/google/api_client/discovery.rb +19 -0
  24. data/lib/google/api_client/discovery/api.rb +310 -0
  25. data/lib/google/api_client/discovery/media.rb +77 -0
  26. data/lib/google/api_client/discovery/method.rb +363 -0
  27. data/lib/google/api_client/discovery/resource.rb +156 -0
  28. data/lib/google/api_client/discovery/schema.rb +117 -0
  29. data/lib/google/api_client/environment.rb +42 -0
  30. data/lib/google/api_client/errors.rb +65 -0
  31. data/lib/google/api_client/gzip.rb +28 -0
  32. data/lib/google/api_client/logging.rb +32 -0
  33. data/lib/google/api_client/media.rb +259 -0
  34. data/lib/google/api_client/railtie.rb +18 -0
  35. data/lib/google/api_client/reference.rb +27 -0
  36. data/lib/google/api_client/request.rb +350 -0
  37. data/lib/google/api_client/result.rb +255 -0
  38. data/lib/google/api_client/service.rb +233 -0
  39. data/lib/google/api_client/service/batch.rb +110 -0
  40. data/lib/google/api_client/service/request.rb +144 -0
  41. data/lib/google/api_client/service/resource.rb +40 -0
  42. data/lib/google/api_client/service/result.rb +162 -0
  43. data/lib/google/api_client/service/simple_file_store.rb +151 -0
  44. data/lib/google/api_client/service/stub_generator.rb +61 -0
  45. data/lib/google/api_client/service_account.rb +21 -0
  46. data/lib/google/api_client/version.rb +26 -0
  47. data/spec/google/api_client/auth/storage_spec.rb +122 -0
  48. data/spec/google/api_client/auth/storages/file_store_spec.rb +40 -0
  49. data/spec/google/api_client/auth/storages/redis_store_spec.rb +70 -0
  50. data/spec/google/api_client/batch_spec.rb +248 -0
  51. data/spec/google/api_client/client_secrets_spec.rb +53 -0
  52. data/spec/google/api_client/discovery_spec.rb +708 -0
  53. data/spec/google/api_client/gzip_spec.rb +98 -0
  54. data/spec/google/api_client/media_spec.rb +178 -0
  55. data/spec/google/api_client/request_spec.rb +29 -0
  56. data/spec/google/api_client/result_spec.rb +207 -0
  57. data/spec/google/api_client/service_account_spec.rb +169 -0
  58. data/spec/google/api_client/service_spec.rb +618 -0
  59. data/spec/google/api_client/simple_file_store_spec.rb +133 -0
  60. data/spec/google/api_client_spec.rb +352 -0
  61. data/spec/spec_helper.rb +66 -0
  62. metadata +339 -0
@@ -0,0 +1,28 @@
1
+ # Copyright 2013 Google Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ require 'faraday'
16
+ require 'signet/oauth_2/client'
17
+
18
+ module Google
19
+ class APIClient
20
+ class ComputeServiceAccount < Signet::OAuth2::Client
21
+ def fetch_access_token(options={})
22
+ connection = options[:connection] || Faraday.default_connection
23
+ response = connection.get 'http://metadata/computeMetadata/v1beta1/instance/service-accounts/default/token'
24
+ Signet::OAuth2.parse_credentials(response.body, response.headers['content-type'])
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,59 @@
1
+ # Copyright 2013 Google Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ require 'signet/oauth_2/client'
16
+ require_relative 'storage'
17
+ require_relative 'storages/file_store'
18
+
19
+ module Google
20
+ class APIClient
21
+
22
+ ##
23
+ # Represents cached OAuth 2 tokens stored on local disk in a
24
+ # JSON serialized file. Meant to resemble the serialized format
25
+ # http://google-api-python-client.googlecode.com/hg/docs/epy/oauth2client.file.Storage-class.html
26
+ #
27
+ # @deprecated
28
+ # Use {Google::APIClient::Storage} and {Google::APIClient::FileStore} instead
29
+ #
30
+ class FileStorage
31
+
32
+ attr_accessor :storage
33
+
34
+ def initialize(path)
35
+ store = Google::APIClient::FileStore.new(path)
36
+ @storage = Google::APIClient::Storage.new(store)
37
+ @storage.authorize
38
+ end
39
+
40
+ def load_credentials
41
+ storage.authorize
42
+ end
43
+
44
+ def authorization
45
+ storage.authorization
46
+ end
47
+
48
+ ##
49
+ # Write the credentials to the specified file.
50
+ #
51
+ # @param [Signet::OAuth2::Client] authorization
52
+ # Optional authorization instance. If not provided, the authorization
53
+ # already associated with this instance will be written.
54
+ def write_credentials(auth=nil)
55
+ storage.write_credentials(auth)
56
+ end
57
+ end
58
+ end
59
+ end
@@ -0,0 +1,126 @@
1
+ # Copyright 2010 Google Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ require 'webrick'
16
+ require 'launchy'
17
+
18
+ module Google
19
+ class APIClient
20
+
21
+ # Small helper for the sample apps for performing OAuth 2.0 flows from the command
22
+ # line or in any other installed app environment.
23
+ #
24
+ # @example
25
+ #
26
+ # client = Google::APIClient.new
27
+ # flow = Google::APIClient::InstalledAppFlow.new(
28
+ # :client_id => '691380668085.apps.googleusercontent.com',
29
+ # :client_secret => '...',
30
+ # :scope => 'https://www.googleapis.com/auth/drive'
31
+ # )
32
+ # client.authorization = flow.authorize
33
+ #
34
+ class InstalledAppFlow
35
+
36
+ RESPONSE_BODY = <<-HTML
37
+ <html>
38
+ <head>
39
+ <script>
40
+ function closeWindow() {
41
+ window.open('', '_self', '');
42
+ window.close();
43
+ }
44
+ setTimeout(closeWindow, 10);
45
+ </script>
46
+ </head>
47
+ <body>You may close this window.</body>
48
+ </html>
49
+ HTML
50
+
51
+ ##
52
+ # Configure the flow
53
+ #
54
+ # @param [Hash] options The configuration parameters for the client.
55
+ # @option options [Fixnum] :port
56
+ # Port to run the embedded server on. Defaults to 9292
57
+ # @option options [String] :client_id
58
+ # A unique identifier issued to the client to identify itself to the
59
+ # authorization server.
60
+ # @option options [String] :client_secret
61
+ # A shared symmetric secret issued by the authorization server,
62
+ # which is used to authenticate the client.
63
+ # @option options [String] :scope
64
+ # The scope of the access request, expressed either as an Array
65
+ # or as a space-delimited String.
66
+ #
67
+ # @see Signet::OAuth2::Client
68
+ def initialize(options)
69
+ @port = options[:port] || 9292
70
+ @authorization = Signet::OAuth2::Client.new({
71
+ :authorization_uri => 'https://accounts.google.com/o/oauth2/auth',
72
+ :token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
73
+ :redirect_uri => "http://localhost:#{@port}/"}.update(options)
74
+ )
75
+ end
76
+
77
+ ##
78
+ # Request authorization. Opens a browser and waits for response.
79
+ #
80
+ # @param [Google::APIClient::Storage] storage
81
+ # Optional object that responds to :write_credentials, used to serialize
82
+ # the OAuth 2 credentials after completing the flow.
83
+ #
84
+ # @return [Signet::OAuth2::Client]
85
+ # Authorization instance, nil if user cancelled.
86
+ def authorize(storage=nil)
87
+ auth = @authorization
88
+
89
+ server = WEBrick::HTTPServer.new(
90
+ :Port => @port,
91
+ :BindAddress =>"localhost",
92
+ :Logger => WEBrick::Log.new(STDOUT, 0),
93
+ :AccessLog => []
94
+ )
95
+ begin
96
+ trap("INT") { server.shutdown }
97
+
98
+ server.mount_proc '/' do |req, res|
99
+ auth.code = req.query['code']
100
+ if auth.code
101
+ auth.fetch_access_token!
102
+ end
103
+ res.status = WEBrick::HTTPStatus::RC_ACCEPTED
104
+ res.body = RESPONSE_BODY
105
+ server.stop
106
+ end
107
+
108
+ Launchy.open(auth.authorization_uri.to_s)
109
+ server.start
110
+ ensure
111
+ server.shutdown
112
+ end
113
+ if @authorization.access_token
114
+ if storage.respond_to?(:write_credentials)
115
+ storage.write_credentials(@authorization)
116
+ end
117
+ return @authorization
118
+ else
119
+ return nil
120
+ end
121
+ end
122
+ end
123
+
124
+ end
125
+ end
126
+
@@ -0,0 +1,126 @@
1
+ # Copyright 2010 Google Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ require 'jwt'
16
+ require 'signet/oauth_2/client'
17
+ require 'delegate'
18
+
19
+ module Google
20
+ class APIClient
21
+ ##
22
+ # Generates access tokens using the JWT assertion profile. Requires a
23
+ # service account & access to the private key.
24
+ #
25
+ # @example Using Signet
26
+ #
27
+ # key = Google::APIClient::KeyUtils.load_from_pkcs12('client.p12', 'notasecret')
28
+ # client.authorization = Signet::OAuth2::Client.new(
29
+ # :token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
30
+ # :audience => 'https://accounts.google.com/o/oauth2/token',
31
+ # :scope => 'https://www.googleapis.com/auth/prediction',
32
+ # :issuer => '123456-abcdef@developer.gserviceaccount.com',
33
+ # :signing_key => key)
34
+ # client.authorization.fetch_access_token!
35
+ # client.execute(...)
36
+ #
37
+ # @deprecated
38
+ # Service accounts are now supported directly in Signet
39
+ # @see https://developers.google.com/accounts/docs/OAuth2ServiceAccount
40
+ class JWTAsserter
41
+ # @return [String] ID/email of the issuing party
42
+ attr_accessor :issuer
43
+ # @return [Fixnum] How long, in seconds, the assertion is valid for
44
+ attr_accessor :expiry
45
+ # @return [Fixnum] Seconds to expand the issued at/expiry window to account for clock skew
46
+ attr_accessor :skew
47
+ # @return [String] Scopes to authorize
48
+ attr_reader :scope
49
+ # @return [String,OpenSSL::PKey] key for signing assertions
50
+ attr_writer :key
51
+ # @return [String] Algorithm used for signing
52
+ attr_accessor :algorithm
53
+
54
+ ##
55
+ # Initializes the asserter for a service account.
56
+ #
57
+ # @param [String] issuer
58
+ # Name/ID of the client issuing the assertion
59
+ # @param [String, Array] scope
60
+ # Scopes to authorize. May be a space delimited string or array of strings
61
+ # @param [String,OpenSSL::PKey] key
62
+ # Key for signing assertions
63
+ # @param [String] algorithm
64
+ # Algorithm to use, either 'RS256' for RSA with SHA-256
65
+ # or 'HS256' for HMAC with SHA-256
66
+ def initialize(issuer, scope, key, algorithm = "RS256")
67
+ self.issuer = issuer
68
+ self.scope = scope
69
+ self.expiry = 60 # 1 min default
70
+ self.skew = 60
71
+ self.key = key
72
+ self.algorithm = algorithm
73
+ end
74
+
75
+ ##
76
+ # Set the scopes to authorize
77
+ #
78
+ # @param [String, Array] new_scope
79
+ # Scopes to authorize. May be a space delimited string or array of strings
80
+ def scope=(new_scope)
81
+ case new_scope
82
+ when Array
83
+ @scope = new_scope.join(' ')
84
+ when String
85
+ @scope = new_scope
86
+ when nil
87
+ @scope = ''
88
+ else
89
+ raise TypeError, "Expected Array or String, got #{new_scope.class}"
90
+ end
91
+ end
92
+
93
+ ##
94
+ # Request a new access token.
95
+ #
96
+ # @param [String] person
97
+ # Email address of a user, if requesting a token to act on their behalf
98
+ # @param [Hash] options
99
+ # Pass through to Signet::OAuth2::Client.fetch_access_token
100
+ # @return [Signet::OAuth2::Client] Access token
101
+ #
102
+ # @see Signet::OAuth2::Client.fetch_access_token!
103
+ def authorize(person = nil, options={})
104
+ authorization = self.to_authorization(person)
105
+ authorization.fetch_access_token!(options)
106
+ return authorization
107
+ end
108
+
109
+ ##
110
+ # Builds a Signet OAuth2 client
111
+ #
112
+ # @return [Signet::OAuth2::Client] Access token
113
+ def to_authorization(person = nil)
114
+ return Signet::OAuth2::Client.new(
115
+ :token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
116
+ :audience => 'https://accounts.google.com/o/oauth2/token',
117
+ :scope => self.scope,
118
+ :issuer => @issuer,
119
+ :signing_key => @key,
120
+ :signing_algorithm => @algorithm,
121
+ :person => person
122
+ )
123
+ end
124
+ end
125
+ end
126
+ end
@@ -0,0 +1,93 @@
1
+ # Copyright 2010 Google Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ module Google
16
+ class APIClient
17
+ ##
18
+ # Helper for loading keys from the PKCS12 files downloaded when
19
+ # setting up service accounts at the APIs Console.
20
+ #
21
+ module KeyUtils
22
+ ##
23
+ # Loads a key from PKCS12 file, assuming a single private key
24
+ # is present.
25
+ #
26
+ # @param [String] keyfile
27
+ # Path of the PKCS12 file to load. If not a path to an actual file,
28
+ # assumes the string is the content of the file itself.
29
+ # @param [String] passphrase
30
+ # Passphrase for unlocking the private key
31
+ #
32
+ # @return [OpenSSL::PKey] The private key for signing assertions.
33
+ def self.load_from_pkcs12(keyfile, passphrase)
34
+ load_key(keyfile, passphrase) do |content, pass_phrase|
35
+ OpenSSL::PKCS12.new(content, pass_phrase).key
36
+ end
37
+ end
38
+
39
+
40
+ ##
41
+ # Loads a key from a PEM file.
42
+ #
43
+ # @param [String] keyfile
44
+ # Path of the PEM file to load. If not a path to an actual file,
45
+ # assumes the string is the content of the file itself.
46
+ # @param [String] passphrase
47
+ # Passphrase for unlocking the private key
48
+ #
49
+ # @return [OpenSSL::PKey] The private key for signing assertions.
50
+ #
51
+ def self.load_from_pem(keyfile, passphrase)
52
+ load_key(keyfile, passphrase) do | content, pass_phrase|
53
+ OpenSSL::PKey::RSA.new(content, pass_phrase)
54
+ end
55
+ end
56
+
57
+ private
58
+
59
+ ##
60
+ # Helper for loading keys from file or memory. Accepts a block
61
+ # to handle the specific file format.
62
+ #
63
+ # @param [String] keyfile
64
+ # Path of thefile to load. If not a path to an actual file,
65
+ # assumes the string is the content of the file itself.
66
+ # @param [String] passphrase
67
+ # Passphrase for unlocking the private key
68
+ #
69
+ # @yield [String, String]
70
+ # Key file & passphrase to extract key from
71
+ # @yieldparam [String] keyfile
72
+ # Contents of the file
73
+ # @yieldparam [String] passphrase
74
+ # Passphrase to unlock key
75
+ # @yieldreturn [OpenSSL::PKey]
76
+ # Private key
77
+ #
78
+ # @return [OpenSSL::PKey] The private key for signing assertions.
79
+ def self.load_key(keyfile, passphrase, &block)
80
+ begin
81
+ begin
82
+ content = File.open(keyfile, 'rb') { |io| io.read }
83
+ rescue
84
+ content = keyfile
85
+ end
86
+ block.call(content, passphrase)
87
+ rescue OpenSSL::OpenSSLError
88
+ raise ArgumentError.new("Invalid keyfile or passphrase")
89
+ end
90
+ end
91
+ end
92
+ end
93
+ end
@@ -0,0 +1,41 @@
1
+ # Copyright 2010 Google Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ require 'google/api_client/auth/key_utils'
16
+ module Google
17
+ class APIClient
18
+ ##
19
+ # Helper for loading keys from the PKCS12 files downloaded when
20
+ # setting up service accounts at the APIs Console.
21
+ #
22
+ module PKCS12
23
+ ##
24
+ # Loads a key from PKCS12 file, assuming a single private key
25
+ # is present.
26
+ #
27
+ # @param [String] keyfile
28
+ # Path of the PKCS12 file to load. If not a path to an actual file,
29
+ # assumes the string is the content of the file itself.
30
+ # @param [String] passphrase
31
+ # Passphrase for unlocking the private key
32
+ #
33
+ # @return [OpenSSL::PKey] The private key for signing assertions.
34
+ # @deprecated
35
+ # Use {Google::APIClient::KeyUtils} instead
36
+ def self.load_key(keyfile, passphrase)
37
+ KeyUtils.load_from_pkcs12(keyfile, passphrase)
38
+ end
39
+ end
40
+ end
41
+ end