RubyGems - gcloud - Versions diffs - 0.0.2 → 0.0.4 - Mend

gcloud 0.0.2 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

data/packages/gcutil-1.7.1/lib/google_api_python_client/oauth2client/multistore_file.py ADDED Viewed

@@ -0,0 +1,379 @@
+# Copyright 2011 Google Inc. All Rights Reserved.
+"""Multi-credential file store with lock support.
+This module implements a JSON credential store where multiple
+credentials can be stored in one file.  That file supports locking
+both in a single process and across processes.
+The credential themselves are keyed off of:
+* client_id
+* user_agent
+* scope
+The format of the stored data is like so:
+{
+  'file_version': 1,
+  'data': [
+    {
+      'key': {
+        'clientId': '<client id>',
+        'userAgent': '<user agent>',
+        'scope': '<scope>'
+      },
+      'credential': {
+        # JSON serialized Credentials.
+      }
+    }
+  ]
+}
+"""
+import base64
+import errno
+import logging
+import os
+import threading
+from anyjson import simplejson
+from client import Storage as BaseStorage
+from client import Credentials
+from locked_file import LockedFile
+logger = logging.getLogger(__name__)
+# A dict from 'filename'->_MultiStore instances
+_multistores = {}
+_multistores_lock = threading.Lock()
+class Error(Exception):
+  """Base error for this module."""
+  pass
+class NewerCredentialStoreError(Error):
+  """The credential store is a newer version that supported."""
+  pass
+def get_credential_storage(filename, client_id, user_agent, scope,
+                           warn_on_readonly=True):
+  """Get a Storage instance for a credential.
+  Args:
+    filename: The JSON file storing a set of credentials
+    client_id: The client_id for the credential
+    user_agent: The user agent for the credential
+    scope: string or list of strings, Scope(s) being requested
+    warn_on_readonly: if True, log a warning if the store is readonly
+  Returns:
+    An object derived from client.Storage for getting/setting the
+    credential.
+  """
+  filename = os.path.realpath(os.path.expanduser(filename))
+  _multistores_lock.acquire()
+  try:
+    multistore = _multistores.setdefault(
+        filename, _MultiStore(filename, warn_on_readonly))
+  finally:
+    _multistores_lock.release()
+  if type(scope) is list:
+    scope = ' '.join(scope)
+  return multistore._get_storage(client_id, user_agent, scope)
+class _MultiStore(object):
+  """A file backed store for multiple credentials."""
+  def __init__(self, filename, warn_on_readonly=True):
+    """Initialize the class.
+    This will create the file if necessary.
+    """
+    self._file = LockedFile(filename, 'r+b', 'rb')
+    self._thread_lock = threading.Lock()
+    self._read_only = False
+    self._warn_on_readonly = warn_on_readonly
+    self._create_file_if_needed()
+    # Cache of deserialized store.  This is only valid after the
+    # _MultiStore is locked or _refresh_data_cache is called.  This is
+    # of the form of:
+    #
+    # (client_id, user_agent, scope) -> OAuth2Credential
+    #
+    # If this is None, then the store hasn't been read yet.
+    self._data = None
+  class _Storage(BaseStorage):
+    """A Storage object that knows how to read/write a single credential."""
+    def __init__(self, multistore, client_id, user_agent, scope):
+      self._multistore = multistore
+      self._client_id = client_id
+      self._user_agent = user_agent
+      self._scope = scope
+    def acquire_lock(self):
+      """Acquires any lock necessary to access this Storage.
+      This lock is not reentrant.
+      """
+      self._multistore._lock()
+    def release_lock(self):
+      """Release the Storage lock.
+      Trying to release a lock that isn't held will result in a
+      RuntimeError.
+      """
+      self._multistore._unlock()
+    def locked_get(self):
+      """Retrieve credential.
+      The Storage lock must be held when this is called.
+      Returns:
+        oauth2client.client.Credentials
+      """
+      credential = self._multistore._get_credential(
+          self._client_id, self._user_agent, self._scope)
+      if credential:
+        credential.set_store(self)
+      return credential
+    def locked_put(self, credentials):
+      """Write a credential.
+      The Storage lock must be held when this is called.
+      Args:
+        credentials: Credentials, the credentials to store.
+      """
+      self._multistore._update_credential(credentials, self._scope)
+    def locked_delete(self):
+      """Delete a credential.
+      The Storage lock must be held when this is called.
+      Args:
+        credentials: Credentials, the credentials to store.
+      """
+      self._multistore._delete_credential(self._client_id, self._user_agent,
+          self._scope)
+  def _create_file_if_needed(self):
+    """Create an empty file if necessary.
+    This method will not initialize the file. Instead it implements a
+    simple version of "touch" to ensure the file has been created.
+    """
+    if not os.path.exists(self._file.filename()):
+      old_umask = os.umask(0177)
+      try:
+        open(self._file.filename(), 'a+b').close()
+      finally:
+        os.umask(old_umask)
+  def _lock(self):
+    """Lock the entire multistore."""
+    self._thread_lock.acquire()
+    self._file.open_and_lock()
+    if not self._file.is_locked():
+      self._read_only = True
+      if self._warn_on_readonly:
+        logger.warn('The credentials file (%s) is not writable. Opening in '
+                    'read-only mode. Any refreshed credentials will only be '
+                    'valid for this run.' % self._file.filename())
+    if os.path.getsize(self._file.filename()) == 0:
+      logger.debug('Initializing empty multistore file')
+      # The multistore is empty so write out an empty file.
+      self._data = {}
+      self._write()
+    elif not self._read_only or self._data is None:
+      # Only refresh the data if we are read/write or we haven't
+      # cached the data yet.  If we are readonly, we assume is isn't
+      # changing out from under us and that we only have to read it
+      # once.  This prevents us from whacking any new access keys that
+      # we have cached in memory but were unable to write out.
+      self._refresh_data_cache()
+  def _unlock(self):
+    """Release the lock on the multistore."""
+    self._file.unlock_and_close()
+    self._thread_lock.release()
+  def _locked_json_read(self):
+    """Get the raw content of the multistore file.
+    The multistore must be locked when this is called.
+    Returns:
+      The contents of the multistore decoded as JSON.
+    """
+    assert self._thread_lock.locked()
+    self._file.file_handle().seek(0)
+    return simplejson.load(self._file.file_handle())
+  def _locked_json_write(self, data):
+    """Write a JSON serializable data structure to the multistore.
+    The multistore must be locked when this is called.
+    Args:
+      data: The data to be serialized and written.
+    """
+    assert self._thread_lock.locked()
+    if self._read_only:
+      return
+    self._file.file_handle().seek(0)
+    simplejson.dump(data, self._file.file_handle(), sort_keys=True, indent=2)
+    self._file.file_handle().truncate()
+  def _refresh_data_cache(self):
+    """Refresh the contents of the multistore.
+    The multistore must be locked when this is called.
+    Raises:
+      NewerCredentialStoreError: Raised when a newer client has written the
+        store.
+    """
+    self._data = {}
+    try:
+      raw_data = self._locked_json_read()
+    except Exception:
+      logger.warn('Credential data store could not be loaded. '
+                  'Will ignore and overwrite.')
+      return
+    version = 0
+    try:
+      version = raw_data['file_version']
+    except Exception:
+      logger.warn('Missing version for credential data store. It may be '
+                  'corrupt or an old version. Overwriting.')
+    if version > 1:
+      raise NewerCredentialStoreError(
+          'Credential file has file_version of %d. '
+          'Only file_version of 1 is supported.' % version)
+    credentials = []
+    try:
+      credentials = raw_data['data']
+    except (TypeError, KeyError):
+      pass
+    for cred_entry in credentials:
+      try:
+        (key, credential) = self._decode_credential_from_json(cred_entry)
+        self._data[key] = credential
+      except:
+        # If something goes wrong loading a credential, just ignore it
+        logger.info('Error decoding credential, skipping', exc_info=True)
+  def _decode_credential_from_json(self, cred_entry):
+    """Load a credential from our JSON serialization.
+    Args:
+      cred_entry: A dict entry from the data member of our format
+    Returns:
+      (key, cred) where the key is the key tuple and the cred is the
+        OAuth2Credential object.
+    """
+    raw_key = cred_entry['key']
+    client_id = raw_key['clientId']
+    user_agent = raw_key['userAgent']
+    scope = raw_key['scope']
+    key = (client_id, user_agent, scope)
+    credential = None
+    credential = Credentials.new_from_json(simplejson.dumps(cred_entry['credential']))
+    return (key, credential)
+  def _write(self):
+    """Write the cached data back out.
+    The multistore must be locked.
+    """
+    raw_data = {'file_version': 1}
+    raw_creds = []
+    raw_data['data'] = raw_creds
+    for (cred_key, cred) in self._data.items():
+      raw_key = {
+          'clientId': cred_key[0],
+          'userAgent': cred_key[1],
+          'scope': cred_key[2]
+          }
+      raw_cred = simplejson.loads(cred.to_json())
+      raw_creds.append({'key': raw_key, 'credential': raw_cred})
+    self._locked_json_write(raw_data)
+  def _get_credential(self, client_id, user_agent, scope):
+    """Get a credential from the multistore.
+    The multistore must be locked.
+    Args:
+      client_id: The client_id for the credential
+      user_agent: The user agent for the credential
+      scope: A string for the scope(s) being requested
+    Returns:
+      The credential specified or None if not present
+    """
+    key = (client_id, user_agent, scope)
+    return self._data.get(key, None)
+  def _update_credential(self, cred, scope):
+    """Update a credential and write the multistore.
+    This must be called when the multistore is locked.
+    Args:
+      cred: The OAuth2Credential to update/set
+      scope: The scope(s) that this credential covers
+    """
+    key = (cred.client_id, cred.user_agent, scope)
+    self._data[key] = cred
+    self._write()
+  def _delete_credential(self, client_id, user_agent, scope):
+    """Delete a credential and write the multistore.
+    This must be called when the multistore is locked.
+    Args:
+      client_id: The client_id for the credential
+      user_agent: The user agent for the credential
+      scope: The scope(s) that this credential covers
+    """
+    key = (client_id, user_agent, scope)
+    try:
+      del self._data[key]
+    except KeyError:
+      pass
+    self._write()
+  def _get_storage(self, client_id, user_agent, scope):
+    """Get a Storage object to get/set a credential.
+    This Storage is a 'view' into the multistore.
+    Args:
+      client_id: The client_id for the credential
+      user_agent: The user agent for the credential
+      scope: A string for the scope(s) being requested
+    Returns:
+      A Storage object that can be used to get/set this cred
+    """
+    return self._Storage(self, client_id, user_agent, scope)

data/packages/gcutil-1.7.1/lib/google_api_python_client/oauth2client/tools.py ADDED Viewed

@@ -0,0 +1,174 @@
+# Copyright (C) 2010 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""Command-line tools for authenticating via OAuth 2.0
+Do the OAuth 2.0 Web Server dance for a command line application. Stores the
+generated credentials in a common file that is used by other example apps in
+the same directory.
+"""
+__all__ = ['run']
+import BaseHTTPServer
+import gflags
+import socket
+import sys
+import webbrowser
+from client import FlowExchangeError
+from client import OOB_CALLBACK_URN
+try:
+  from urlparse import parse_qsl
+except ImportError:
+  from cgi import parse_qsl
+FLAGS = gflags.FLAGS
+gflags.DEFINE_boolean('auth_local_webserver', True,
+                      ('Run a local web server to handle redirects during '
+                       'OAuth authorization.'))
+gflags.DEFINE_string('auth_host_name', 'localhost',
+                     ('Host name to use when running a local web server to '
+                      'handle redirects during OAuth authorization.'))
+gflags.DEFINE_multi_int('auth_host_port', [8080, 8090],
+                        ('Port to use when running a local web server to '
+                         'handle redirects during OAuth authorization.'))
+class ClientRedirectServer(BaseHTTPServer.HTTPServer):
+  """A server to handle OAuth 2.0 redirects back to localhost.
+  Waits for a single request and parses the query parameters
+  into query_params and then stops serving.
+  """
+  query_params = {}
+class ClientRedirectHandler(BaseHTTPServer.BaseHTTPRequestHandler):
+  """A handler for OAuth 2.0 redirects back to localhost.
+  Waits for a single request and parses the query parameters
+  into the servers query_params and then stops serving.
+  """
+  def do_GET(s):
+    """Handle a GET request.
+    Parses the query parameters and prints a message
+    if the flow has completed. Note that we can't detect
+    if an error occurred.
+    """
+    s.send_response(200)
+    s.send_header("Content-type", "text/html")
+    s.end_headers()
+    query = s.path.split('?', 1)[-1]
+    query = dict(parse_qsl(query))
+    s.server.query_params = query
+    s.wfile.write("<html><head><title>Authentication Status</title></head>")
+    s.wfile.write("<body><p>The authentication flow has completed.</p>")
+    s.wfile.write("</body></html>")
+  def log_message(self, format, *args):
+    """Do not log messages to stdout while running as command line program."""
+    pass
+def run(flow, storage, http=None):
+  """Core code for a command-line application.
+  Args:
+    flow: Flow, an OAuth 2.0 Flow to step through.
+    storage: Storage, a Storage to store the credential in.
+    http: An instance of httplib2.Http.request
+         or something that acts like it.
+  Returns:
+    Credentials, the obtained credential.
+  """
+  if FLAGS.auth_local_webserver:
+    success = False
+    port_number = 0
+    for port in FLAGS.auth_host_port:
+      port_number = port
+      try:
+        httpd = ClientRedirectServer((FLAGS.auth_host_name, port),
+                                     ClientRedirectHandler)
+      except socket.error, e:
+        pass
+      else:
+        success = True
+        break
+    FLAGS.auth_local_webserver = success
+    if not success:
+      print 'Failed to start a local webserver listening on either port 8080'
+      print 'or port 9090. Please check your firewall settings and locally'
+      print 'running programs that may be blocking or using those ports.'
+      print
+      print 'Falling back to --noauth_local_webserver and continuing with',
+      print 'authorization.'
+      print
+  if FLAGS.auth_local_webserver:
+    oauth_callback = 'http://%s:%s/' % (FLAGS.auth_host_name, port_number)
+  else:
+    oauth_callback = OOB_CALLBACK_URN
+  authorize_url = flow.step1_get_authorize_url(oauth_callback)
+  if FLAGS.auth_local_webserver:
+    webbrowser.open(authorize_url, new=1, autoraise=True)
+    print 'Your browser has been opened to visit:'
+    print
+    print '    ' + authorize_url
+    print
+    print 'If your browser is on a different machine then exit and re-run this'
+    print 'application with the command-line parameter '
+    print
+    print '  --noauth_local_webserver'
+    print
+  else:
+    print 'Go to the following link in your browser:'
+    print
+    print '    ' + authorize_url
+    print
+  code = None
+  if FLAGS.auth_local_webserver:
+    httpd.handle_request()
+    if 'error' in httpd.query_params:
+      sys.exit('Authentication request was rejected.')
+    if 'code' in httpd.query_params:
+      code = httpd.query_params['code']
+    else:
+      print 'Failed to find "code" in the query parameters of the redirect.'
+      sys.exit('Try running with --noauth_local_webserver.')
+  else:
+    code = raw_input('Enter verification code: ').strip()
+  try:
+    credential = flow.step2_exchange(code, http)
+  except FlowExchangeError, e:
+    sys.exit('Authentication has failed: %s' % e)
+  storage.put(credential)
+  credential.set_store(storage)
+  print 'Authentication successful.'
+  return credential