Update __init__.py

This commit is contained in:
Jay Lee
2023-04-03 12:13:34 -04:00
committed by GitHub
parent 24185d66ce
commit 502afa5213

View File

@@ -5,6 +5,7 @@ import os
from google.auth.jwt import Credentials as JWTCredentials from google.auth.jwt import Credentials as JWTCredentials
import gam
from gam import utils from gam import utils
from gam.auth import oauth from gam.auth import oauth
@@ -30,6 +31,9 @@ def get_admin_credentials_filename():
return GC_Values[GC_OAUTH2SERVICE_JSON] if GC_Values[GC_OAUTH2SERVICE_JSON] else _FN_OAUTH2SERVICE_JSON return GC_Values[GC_OAUTH2SERVICE_JSON] if GC_Values[GC_OAUTH2SERVICE_JSON] else _FN_OAUTH2SERVICE_JSON
return GC_Values[GC_OAUTH2_TXT] if GC_Values[GC_OAUTH2_TXT] else _FN_OAUTH2_TXT return GC_Values[GC_OAUTH2_TXT] if GC_Values[GC_OAUTH2_TXT] else _FN_OAUTH2_TXT
APIS_NEEDING_ACCESS_TOKEN = {
'cbcm': ['https://www.googleapis.com/auth/admin.directory.device.chromebrowsers']
}
def get_admin_credentials(api=None): def get_admin_credentials(api=None):
"""Gets oauth.Credentials that are authenticated as the domain's admin user.""" """Gets oauth.Credentials that are authenticated as the domain's admin user."""
@@ -40,6 +44,11 @@ def get_admin_credentials(api=None):
creds_data = json.load(f) creds_data = json.load(f)
# Validate that enable DASA matches content of authorization file # Validate that enable DASA matches content of authorization file
if GC_Values[GC_ENABLE_DASA] and creds_data.get('type') == 'service_account': if GC_Values[GC_ENABLE_DASA] and creds_data.get('type') == 'service_account':
if api in APIS_NEEDING_ACCESS_TOKEN:
return gam.getSvcAcctCredentials(scopes=APIS_NEEDING_ACCESS_TOKEN[api],
act_as=None,
api=None,
force_oauth=True)
audience = f'https://{api}.googleapis.com/' audience = f'https://{api}.googleapis.com/'
key_type = creds_data.get('key_type', 'default') key_type = creds_data.get('key_type', 'default')
if key_type == 'default': if key_type == 'default':