Implement application default credentials by theacodes · Pull Request #32 · googleapis/google-auth-library-python

theacodes · 2016-10-18T18:27:49Z

No description provided.

Sign in to view

+
+
+__all__ = [
+    'default'


Sign in to view

@@ -0,0 +1,295 @@
+# Copyright 2015 Google Inc.


Sign in to view

+
+"""Application default credentials.
+
+Implementes application default credentials and project ID detection."""


Sign in to view

+# Environment variable for explicit application default credentials and project
+# ID.
+_CREDENTIALS_ENV = 'GOOGLE_APPLICATION_CREDENTIALS'
+_PROJECT_ENV = 'GCLOUD_PROJECT'


Sign in to view

+# The ~/.config subdirectory containing gcloud credentials.
+_CLOUDSDK_CONFIG_DIRECTORY = 'gcloud'
+# The environment variable name which can replace ~/.config if set.
+_CLOUDSDK_CONFIG_ENV = 'CLOUDSDK_CONFIG'


Sign in to view

+
+def test__load_credentials_from_file_invalid_type(tmpdir):
+    jsonfile = tmpdir.join('invalid.json')
+    jsonfile.write(json.dumps({'type': 'not-a-real-type'}))


Sign in to view

+    assert project_id == SERVICE_ACCOUNT_FILE_DATA['project_id']
+
+
+@mock.patch.dict(os.environ, {}, clear=True)


Sign in to view

+
+LOAD_FILE_PATCH = mock.patch(
+    'google.auth._default._load_credentials_from_file', return_value=(
+        mock.sentinel.credentials, mock.sentinel.project_id))


Sign in to view

+
+
+@LOAD_FILE_PATCH
+def test__get_explicit_environ_credentials(mock_load, monkeypatch):


Sign in to view

+    config_path = _default._get_gcloud_sdk_config_path()
+
+    assert os.path.split(config_path) == (
+        'appdata', _default._CLOUDSDK_CONFIG_DIRECTORY)


Sign in to view

+       If the Cloud SDK has an active project, the project ID is returned. The
+       active project can be set using::
+
+            gcloud config set project


Sign in to view

        _get_gcloud_sdk_credentials,
        _get_gae_credentials,
-        _get_gce_credentials)
+        lambda: _get_gce_credentials(request))


Sign in to view

@@ -0,0 +1,295 @@
+# Copyright 2015 Google Inc.


theacodes

@dhermes I think I got everything, but you might want to take a peak at the _cloud_sdk and test__cloud_sdk modules.

Sign in to view

+# Environment variable for explicit application default credentials and project
+# ID.
+_CREDENTIALS_ENV = 'GOOGLE_APPLICATION_CREDENTIALS'
+_PROJECT_ENV = 'GCLOUD_PROJECT'


Sign in to view

+# The ~/.config subdirectory containing gcloud credentials.
+_CLOUDSDK_CONFIG_DIRECTORY = 'gcloud'
+# The environment variable name which can replace ~/.config if set.
+_CLOUDSDK_CONFIG_ENV = 'CLOUDSDK_CONFIG'


Sign in to view

+    'Could not automatically determine credentials. Please set {env} or '
+    'explicitly create credential and re-run the application. For more '
+    'information, please see https://developers.google.com/accounts/docs'
+    '/application-default-credentials.'.format(env=_CREDENTIALS_ENV))


Sign in to view

+            refresh_token=info['refresh_token'],
+            token_uri=_GOOGLE_OAUTH2_TOKEN_ENDPOINT,
+            client_id=info['client_id'],
+            client_secret=info['client_secret'])


Sign in to view

+    if credential_type == _SERVICE_ACCOUNT_TYPE:
+        credentials = service_account.Credentials.from_service_account_info(
+            info)
+        return credentials, info.get('project_id')


Sign in to view

+
+def test__load_credentials_from_file_invalid_type(tmpdir):
+    jsonfile = tmpdir.join('invalid.json')
+    jsonfile.write(json.dumps({'type': 'not-a-real-type'}))


Sign in to view

+
+
+@LOAD_FILE_PATCH
+def test__get_explicit_environ_credentials(mock_load, monkeypatch):


Sign in to view

+       If the Cloud SDK has an active project, the project ID is returned. The
+       active project can be set using::
+
+            gcloud config set project


Sign in to view

+Could not automatically determine credentials. Please set {env} or '
+explicitly create credential and re-run the application. For more '
+information, please see '
+'https://developers.google.com/accounts/docs/application-default-credentials.


Sign in to view

+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Environment variables used by google.auth."""


Sign in to view

+
+
+PROJECT = 'GOOGLE_CLOUD_PROJECT'
+"""Environment variable defining default project."""


Sign in to view

+
+
+def test__load_credentials_from_file_authorized_user_bad_format(tmpdir):
+    filename = tmpdir.join('authoirzed_user_bad.json')


dhermes · 2016-10-19T15:53:32Z

LGTM pending my few tiny nits

Implement application default credentials

ca39473

theacodes added this to the 1.0.0 milestone Oct 18, 2016

theacodes assigned bjwatson and dhermes Oct 18, 2016

dhermes reviewed Oct 18, 2016

View reviewed changes

Address review comments

df0bc44

dhermes reviewed Oct 19, 2016

View reviewed changes

Create _cloud_sdk, address review comments

e66cca8

theacodes commented Oct 19, 2016

View reviewed changes

Fix configparser import

0913e7a

dhermes reviewed Oct 19, 2016

View reviewed changes

Jon Wayne Parrott added 2 commits October 19, 2016 09:33

Address review comments

56c2950

Add new docfile

1260f1b

theacodes merged commit aadb3de into master Oct 19, 2016

theacodes deleted the adc branch October 19, 2016 16:34

theacodes mentioned this pull request Oct 21, 2016

1.0.0 Roadmap #3

Closed

12 tasks

theacodes unassigned bjwatson and dhermes Oct 11, 2018


		"""Application default credentials.

		Implementes application default credentials and project ID detection."""

		assert project_id == SERVICE_ACCOUNT_FILE_DATA['project_id']


		@mock.patch.dict(os.environ, {}, clear=True)



		@LOAD_FILE_PATCH
		def test__get_explicit_environ_credentials(mock_load, monkeypatch):



		PROJECT = 'GOOGLE_CLOUD_PROJECT'
		"""Environment variable defining default project."""



		def test__load_credentials_from_file_authorized_user_bad_format(tmpdir):
		filename = tmpdir.join('authoirzed_user_bad.json')



		__all__ = [
		'default'

Conversation

theacodes commented Oct 18, 2016

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

theacodes left a comment

Choose a reason for hiding this comment

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!