gcloud 0.0.2 → 0.0.4

data/packages/gcutil-1.7.1/lib/google_compute_engine/gcutil/auth_helper_test.py

@@ -0,0 +1,149 @@
+#!/usr/bin/python
+#
+# Copyright 2012 Google Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Tests for auth_helper."""
+
+
+
+import path_initializer
+path_initializer.InitializeSysPath()
+
+import datetime
+
+
+import apiclient
+import oauth2client.client as oauth2_client
+import oauth2client.multistore_file as oauth2_multistore_file
+import oauth2client.tools as oauth2_tools
+
+import gflags as flags
+import unittest
+from gcutil import auth_helper
+from gcutil import mock_metadata
+
+
+FLAGS = flags.FLAGS
+
+CREDS_FILENAME = './unused_filename'
+
+
+class AuthHelperTest(unittest.TestCase):
+
+  class MockCred(object):
+    pass
+
+  class MockCredStorage(object):
+    def __init__(self, cred):
+      self.cred = cred
+
+    def get(self):
+      return self.cred
+
+  @staticmethod
+  def MockGetCredentialStorage(credentials_file,
+                               client_id,
+                               user_agent,
+                               scopes):
+    cred = AuthHelperTest.MockCred()
+    storage = AuthHelperTest.MockCredStorage(cred)
+    cred.credentials_file = credentials_file
+    cred.client_id = client_id
+    cred.user_agent = user_agent
+    cred.scopes = scopes
+    cred.invalid = False
+    return storage
+
+  @staticmethod
+  def MockOAuthFlowRun(flow, unused_storage):
+    cred = AuthHelperTest.MockCred()
+    cred.client_id = flow.client_id
+    cred.client_secret = flow.client_secret
+    cred.scopes = flow.scope
+    cred.user_agent = flow.user_agent
+    return cred
+
+  def setUp(self):
+    FLAGS.credentials_file = CREDS_FILENAME
+
+  def testGetValidCred(self):
+    oauth2_multistore_file.get_credential_storage = (
+        self.MockGetCredentialStorage)
+    cred = auth_helper.GetCredentialFromStore(['a', 'b'])
+    self.assertEqual(cred.credentials_file, CREDS_FILENAME)
+    self.assertEqual(cred.client_id, auth_helper.OAUTH2_CLIENT_ID)
+    self.assertEqual(cred.user_agent, auth_helper.USER_AGENT)
+    self.assertEqual(cred.scopes, 'a b')
+    self.assertEqual(cred.invalid, False)
+
+  def testSortScopes(self):
+    oauth2_multistore_file.get_credential_storage = (
+        self.MockGetCredentialStorage)
+    cred = auth_helper.GetCredentialFromStore(['b', 'a'])
+    self.assertEqual(cred.credentials_file, CREDS_FILENAME)
+    self.assertEqual(cred.client_id, auth_helper.OAUTH2_CLIENT_ID)
+    self.assertEqual(cred.user_agent, auth_helper.USER_AGENT)
+    self.assertEqual(cred.scopes, 'a b')
+    self.assertEqual(cred.invalid, False)
+
+  def testNoAskuser(self):
+    oauth2_multistore_file.get_credential_storage = (
+        self.MockGetCredentialStorage)
+    cred = auth_helper.GetCredentialFromStore(['b', 'a'],
+                                              force_reauth=True,
+                                              ask_user=False)
+    self.assertEqual(cred.credentials_file, CREDS_FILENAME)
+    self.assertEqual(cred.client_id, auth_helper.OAUTH2_CLIENT_ID)
+    self.assertEqual(cred.user_agent, auth_helper.USER_AGENT)
+    self.assertEqual(cred.scopes, 'a b')
+    self.assertEqual(cred.invalid, True)
+
+  def testReauthFlow(self):
+    oauth2_multistore_file.get_credential_storage = (
+        self.MockGetCredentialStorage)
+    oauth2_tools.run = self.MockOAuthFlowRun
+    cred = auth_helper.GetCredentialFromStore(['b', 'a'],
+                                              force_reauth=True,
+                                              ask_user=True)
+    self.assertEqual(cred.client_id, auth_helper.OAUTH2_CLIENT_ID)
+    self.assertEqual(cred.client_secret, auth_helper.OAUTH2_CLIENT_SECRET)
+    self.assertEqual(cred.user_agent, auth_helper.USER_AGENT)
+    self.assertEqual(cred.scopes, 'a b')
+
+  def testMetadataAuth(self):
+    metadata = mock_metadata.MockMetadata()
+    metadata.ExpectIsPresent(True)
+
+    token = 'access token'
+    expiry = datetime.datetime(1970, 1, 1)
+    metadata.ExpectGetAccessToken((token, expiry))
+
+    scope1 = 'https://www.googleapis.com/auth/compute'
+    scope2 = 'scope2'
+
+    metadata.ExpectGetAccessScopes([scope1, scope2])
+
+    oauth2_multistore_file.get_credential_storage = (
+        self.MockGetCredentialStorage)
+    cred = auth_helper.GetCredentialFromStore([scope1, scope2],
+                                              metadata=metadata)
+    self.assertTrue(cred is not None)
+    self.assertEquals(token, cred.access_token)
+    self.assertEquals(expiry, cred.token_expiry)
+    self.assertFalse(metadata.ExpectsMoreCalls())
+
+
+if __name__ == '__main__':
+  unittest.main()

data/packages/gcutil-1.7.1/lib/google_compute_engine/gcutil/auto_auth.py

@@ -0,0 +1,130 @@
+# Copyright 2012 Google Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Interface for accessing auto-provided Google Compute Engine access tokens.
+
+Once a Google Compute Engine instance has been started with
+   --service_account=default \
+   --service_account_scopes="...."
+
+This module allows access tokens for the specified account and scopes to be
+fetched from the Google Compute Engine instance automatically.
+"""
+
+
+import json
+import logging
+
+import apiclient
+import httplib2
+import oauth2client.client as oauth2client
+
+from gcutil import metadata_lib
+from gcutil import scopes
+
+
+_logger = logging.getLogger(__name__)
+
+
+class CredentialsError(oauth2client.Error):
+  """Credentials could not be instantiated."""
+  pass
+
+
+class CredentialsNotPresentError(CredentialsError):
+  """Credentials are not present."""
+  pass
+
+
+class Credentials(oauth2client.OAuth2Credentials):
+  """Credentials object that gets credentials from Google Compute Engine."""
+
+  def __init__(self, metadata, service_account, requested_scopes,
+               available_scopes=None, access_token=None, token_expiry=None,
+               any_available=False):
+    self._metadata = metadata
+    self.service_account = service_account
+    self.requested_scopes = requested_scopes
+    self.available_scopes = available_scopes
+    self.any_available = any_available
+
+    if access_token:
+      self.invalid = False
+    else:
+      self.invalid = True
+      try:
+        # Check to see if the tokens are there for fetching.
+        available_scopes = self._metadata.GetAccessScopes(
+            service_account=self.service_account)
+        # Keep track of whatever scopes were actually present.
+        self.available_scopes = list(
+            set(available_scopes).intersection(set(self.requested_scopes)))
+
+        # Check that we have compute scopes.
+        def HasComputeScope(scope_list):
+          return (scopes.COMPUTE_RW_SCOPE in scope_list) or (
+              scopes.COMPUTE_RO_SCOPE in scope_list)
+
+        if not HasComputeScope(self.available_scopes):
+          raise CredentialsNotPresentError('No compute scopes available')
+
+        (access_token, token_expiry) = self._InternalRefresh()
+      except metadata_lib.MetadataNotFoundError, e:
+        # Metadata server says token is not present.
+        raise CredentialsNotPresentError('Service account not found')
+      except metadata_lib.MetadataError, e:
+        raise CredentialsError('Metadata server failure: %s', e)
+
+    oauth2client.OAuth2Credentials.__init__(
+        self,
+        access_token,
+        None,
+        None,
+        None,
+        token_expiry,
+        None,
+        None)
+    self.invalid = False
+
+  def _refresh(self, _):
+    (self.access_token, self.token_expiry) = self._InternalRefresh()
+
+  def _InternalRefresh(self):
+    try:
+      self.invalid = False
+      return self._metadata.GetAccessToken(
+          self.requested_scopes, service_account=self.service_account,
+          any_available=self.any_available)
+    except metadata_lib.MetadataError:
+      self.invalid = True
+      return (None, None)
+
+  @classmethod
+  def from_json(cls, s):
+    """Create an Credentials from a json string.
+
+    Args:
+      s: The json string.
+    Returns:
+      An Credentials object.
+    """
+    data = json.loads(s)
+    return Credentials(
+        metadata_lib.Metadata(),
+        data['service_account'],
+        data['requested_scopes'],
+        data['available_scopes'],
+        data['access_token'],
+        data['token_expiry'],
+        data['any_available'])

data/packages/gcutil-1.7.1/lib/google_compute_engine/gcutil/auto_auth_test.py

@@ -0,0 +1,75 @@
+#!/usr/bin/python
+#
+# Copyright 2012 Google Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Tests for auto_auth."""
+
+
+
+import path_initializer
+path_initializer.InitializeSysPath()
+
+import datetime
+
+import unittest
+from gcutil import auto_auth
+from gcutil import mock_metadata
+
+SCOPE1 = 'https://www.googleapis.com/auth/compute'
+SCOPE2 = 'https://www.googleapis.com/auth/devstorage.full_control'
+
+class GoogleComputeAutoAuthTest(unittest.TestCase):
+
+  def testCredentials(self):
+    metadata = mock_metadata.MockMetadata()
+
+    token1 = 'access token1'
+    expiry1 = datetime.datetime(1970, 1, 1)
+    token2 = 'access token2'
+    expiry2 = datetime.datetime(1970, 1, 2)
+
+    metadata.ExpectGetAccessScopes([SCOPE1, SCOPE2])
+    metadata.ExpectGetAccessToken((token1, expiry1))
+    metadata.ExpectGetAccessToken((token2, expiry2))
+
+    credentials = auto_auth.Credentials(
+        metadata, 'default', [SCOPE1, SCOPE2])
+    self.assertTrue(SCOPE1 in credentials.available_scopes)
+    self.assertTrue(SCOPE2 in credentials.available_scopes)
+    self.assertEquals(2, len(credentials.available_scopes))
+    self.assertEquals(token1, credentials.access_token)
+    self.assertEquals(expiry1, credentials.token_expiry)
+
+    credentials._refresh(None)
+    self.assertEquals(token2, credentials.access_token)
+    self.assertEquals(expiry2, credentials.token_expiry)
+
+    self.assertFalse(metadata.ExpectsMoreCalls())
+
+  def testWithNoComputeScope(self):
+    metadata = mock_metadata.MockMetadata()
+    metadata.ExpectGetAccessScopes([SCOPE2])
+
+    success = False
+    try:
+      credentials = auto_auth.Credentials(
+          metadata, 'default', [SCOPE2])
+    except auto_auth.CredentialsNotPresentError:
+      success = True
+    self.assertTrue(success, 'Failed to throw exception without compute scope')
+
+
+if __name__ == '__main__':
+  unittest.main()

data/packages/gcutil-1.7.1/lib/google_compute_engine/gcutil/basic_cmds.py

@@ -0,0 +1,128 @@
+# Copyright 2012 Google Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Commands for interacting with Google Compute Engine."""
+
+
+
+import httplib2
+import json
+
+
+from google.apputils import appcommands
+import gflags as flags
+
+from gcutil import auth_helper
+from gcutil import command_base
+from gcutil import gcutil_logging
+from gcutil import metadata
+from gcutil import scopes
+from gcutil import version
+
+
+FLAGS = flags.FLAGS
+LOGGER = gcutil_logging.LOGGER
+
+
+class AuthCommand(command_base.GoogleComputeCommand):
+  """Class for forcing client authorization."""
+
+  def __init__(self, name, flag_values):
+    super(AuthCommand, self).__init__(name, flag_values)
+    flags.DEFINE_boolean('force_reauth',
+                         True,
+                         'If True, will force user to reauthorize',
+                         flag_values=flag_values)
+    flags.DEFINE_boolean('just_check_auth',
+                         False,
+                         'If True, just check if auth exists',
+                         flag_values=flag_values)
+    flags.DEFINE_boolean('confirm_email',
+                         True,
+                         'Get info about the user and echo the email',
+                         flag_values=flag_values)
+
+  def RunWithFlagsAndPositionalArgs(self,
+                                    flag_values,
+                                    unused_pos_arg_values):
+    """Run the command, returning the result.
+
+    Args:
+      flag_values: The parsed FlagValues instance.
+      unused_pos_arg_values: The positional args.
+
+    Raises:
+      command_base.CommandError: If valid credentials cannot be retrieved.
+
+    Returns:
+      0 if the command completes successfully, otherwise 1.
+
+    Raises:
+      CommandError: if valid credentials are not located.
+    """
+    cred = auth_helper.GetCredentialFromStore(
+        scopes=scopes.DEFAULT_AUTH_SCOPES,
+        ask_user=not flag_values.just_check_auth,
+        force_reauth=flag_values.force_reauth)
+    if not cred:
+      raise command_base.CommandError(
+          'Could not get valid credentials for API.')
+
+    if flag_values.confirm_email:
+      http = self._AuthenticateWrapper(httplib2.Http())
+      resp, content = http.request(
+          'https://www.googleapis.com/userinfo/v2/me', 'GET')
+      if resp.status != 200:
+        LOGGER.info('Could not get user info for token.  <%d %s>',
+                    resp.status, resp.reason)
+      userinfo = json.loads(content)
+      if 'email' in userinfo and userinfo['email']:
+        LOGGER.info('Authorization succeeded for user %s', userinfo['email'])
+      else:
+        LOGGER.info('Could not get email for token.')
+    else:
+      LOGGER.info('Authentication succeeded.')
+    return (None, [])
+
+  def PrintResult(self, result):
+    """Print the result of the authentication command.
+
+    Args:
+      result: The result of the authentication command.
+    """
+    pass
+
+
+class GetVersion(command_base.GoogleComputeCommand):
+  """Get the current version of this command."""
+
+  def __init__(self, name, flag_values):
+    super(GetVersion, self).__init__(name, flag_values)
+
+  def Run(self, unused_argv):
+    """Return the current version information.
+
+    Args:
+      None expected.
+
+    Returns:
+      Version of this command.
+    """
+    print version.__version__
+    return 0
+
+
+def AddCommands():
+  appcommands.AddCmd('auth', AuthCommand)
+  appcommands.AddCmd('version', GetVersion)