From 71536c50a25af4caa8cd698b0e7f2d4386a970ff Mon Sep 17 00:00:00 2001 From: Jay Lee Date: Thu, 23 May 2019 11:10:24 -0400 Subject: [PATCH] set auth prompts equivalent to what we had with oauth2client --- .travis.yml | 2 +- src/gam.py | 17 +++++++++++------ src/var.py | 4 ++++ 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index 42861c3d..e8c18773 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,7 @@ if: tag IS blank env: global: - - BUILD_PYTHON_VERSION=$(curl https://www.python.org/ -s | grep -oE "Latest:.*Python ([0-9.]*)" | grep -oE "[0-9.]*$") + - BUILD_PYTHON_VERSION=3.7.3 - BUILD_OPENSSL_VERSION=1.1.1b - secure: "FSKvLaiqhKz21SVgAQZI3bSX34Ffyev4l+R2G//QXNDu6UVQcuFsykzw+eZEG7fkhotXr8BMDL7xIkookiL8eLwUtcd/Z95HCjPBBHcmCSQleyvuuJBxdrQ9xldmiGLzMCYiumSH9OH4uJhQ39Yjnjsa8TK+PlTci6a/BTzlYyBSyDYDf7Iv/uhfQPDHL3pNwrQPHf4fL6/jcvo+uaPcv83AVZkNzZjjyoi9Aa+uh9xlbyHg11jp44463qqxoxTdYik3pYuXRBPjknjOGcnFHqn+QOVSdRQoiwbmT8xVuYuCzTv9THhuJ//i5u7s4y3Xyl7u17B3tdm86UlMpQHy/w9EsYaSBPOU4oPNomRtOnTSugh0v9ZBwptP5XfbslII/iA+LQdzTHhchn0W0CRyDqjOMSestWlrsq5NZJtBJTYHbebllOhEI7xbj9tY+re1zFWSPMOPgHJP23ovsdk3hD9OT93AzRHInCx5IxL6QvEgRhAancRuGkf2rGP0g/vX9fQ0Il3rNMSQxHB5CyHUBtUJ9nhU79YkMDZicD0jFMEwjWJO3itAp3ynoLXRgktgQCYUfgc9SpdWKD5SXLCYnSo22JD3D1P6h2EertRHaoKRLb+CRXQC/lM8uh/W+BjA2Xe6Vut2I/72ndjM+10T7E2xk1CFyCH37a5p8cH26Fs=" - secure: "J9380tGLOZWa7dSH1y5Il8T5JQpN6ad81gI6VR1HIU0svpRdjgikyDA7ca2MKYDUYYY9yVSkTV6gCl6iIU/9+SKaYugpP+tkvdGYkC2moJdcTgYM/WOnIK9ExQ3BPhN1neGxJjPTwKo1ft27mtZ2I5vuCiBwIcnKWLnKPyW3PD+mWpfqiLuEzkHoAh6G3jC4qbcCrZDeX/knE+PzqESUEi+8k1G8gYcSDWujba9ypSsqZ8T/MXagGla6l7y2Rz+/KZTJmFHwKAA10V+xPLVqxoiqi4ar66yUqy0BamwRXPcseI+ns3Q+4lUpMqVQ5GlRy7LF1xC8myjmcAexXk0F9hg+CMzewKI8UgmQH/ZJvQZEh8s6mW26+CqA4d3zMQkWaR0WtEtpiuH7AGHCflIqvEQ6UiG7ia3B8iZfW2wl0j/kqx4OuHkS3r0pWKVVIIvCj9Ow2BHP7SpiV1AcUGsVxzwbgTh67fitna3Z3c6Uj8ccQlNr7ZIt1az6Wf3w5njijkLOiBpQSLKunTTCTSge/JzBTKUcie3RE9vzirl58gUxAt36nDtPWnory+RttMZrOkBVbTeSxp+IUe8pNwLFPHABsafXsjkfzBOtFmm+0ZXWt2Rlog5NvlemJfQUWDlsL4g+BSakzN+4sIPKzSauWDHyaEeULY7Uprkil6c5zwo=" diff --git a/src/gam.py b/src/gam.py index ceb5281d..f4b1066a 100755 --- a/src/gam.py +++ b/src/gam.py @@ -7487,9 +7487,15 @@ def _run_oauth_flow(client_id, client_secret, scopes, access_type, login_hint=No if login_hint: kwargs['login_hint'] = login_hint if GC_Values[GC_NO_BROWSER]: - flow.run_console(**kwargs) + flow.run_console( + authorization_prompt_message=MESSAGE_CONSOLE_AUTHORIZATION_PROMPT, + authorization_code_message=MESSAGE_CONSOLE_AUTHORIZATION_CODE, + **kwargs) else: - flow.run_local_server(**kwargs) + flow.run_local_server( + authorization_prompt_message=MESSAGE_LOCAL_SERVER_AUTHORIZATION_PROMPT, + success_message=MESSAGE_LOCAL_SERVER_SUCCESS, + **kwargs) return flow.credentials def getCRMService(login_hint): @@ -7638,7 +7644,7 @@ def _createClientSecretsOauth2service(httpObj, projectId): cs_data = '''{ "installed": { "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", - "auth_uri": "https://accounts.google.com/o/oauth2/auth", + "auth_uri": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "%s", "client_secret": "%s", "project_id": "%s", @@ -7646,7 +7652,7 @@ def _createClientSecretsOauth2service(httpObj, projectId): "urn:ietf:wg:oauth:2.0:oob", "http://localhost" ], - "token_uri": "https://accounts.google.com/o/oauth2/token" + "token_uri": "https://oauth2.googleapis.com/token" } }''' % (client_id, client_secret, projectId) writeFile(GC_Values[GC_CLIENT_SECRETS_JSON], cs_data, continueOnError=False) @@ -12888,7 +12894,6 @@ def writeCredentials(creds): 'token_uri': creds.token_uri, 'client_id': creds.client_id, 'client_secret': creds.client_secret, - #'scopes': list(creds.scopes), 'id_token': creds.id_token, 'token_expiry': creds.expiry.strftime('%Y-%m-%dT%H:%M:%SZ'), } @@ -13994,7 +13999,7 @@ def ProcessGAMCommand(args): if not creds: systemErrorExit(5, 'Credential refresh failed') else: - print('Credenials refreshed') + print('Credentials refreshed') else: systemErrorExit(2, '%s is not a valid argument for "gam oauth"' % argument) sys.exit(0) diff --git a/src/var.py b/src/var.py index 5ff5e12c..df62e34a 100644 --- a/src/var.py +++ b/src/var.py @@ -1113,11 +1113,15 @@ CLEAR_NONE_ARGUMENT = ['clear', 'none',] # MESSAGE_API_ACCESS_CONFIG = 'API access is configured in your Control Panel under: Security-Show more-Advanced settings-Manage API client access' MESSAGE_API_ACCESS_DENIED = 'API access Denied.\n\nPlease make sure the Client ID: {0} is authorized for the API Scope(s): {1}' +MESSAGE_CONSOLE_AUTHORIZATION_PROMPT = '\nGo to the following link in your browser:\n\n\t{url}\n' +MESSAGE_CONSOLE_AUTHORIZATION_CODE = 'Enter verification code: ' MESSAGE_GAM_EXITING_FOR_UPDATE = 'GAM is now exiting so that you can overwrite this old version with the latest release' MESSAGE_GAM_OUT_OF_MEMORY = 'GAM has run out of memory. If this is a large G Suite instance, you should use a 64-bit version of GAM on Windows or a 64-bit version of Python on other systems.' MESSAGE_HEADER_NOT_FOUND_IN_CSV_HEADERS = 'Header "{0}" not found in CSV headers of "{1}".' MESSAGE_HIT_CONTROL_C_TO_UPDATE = '\n\nHit CTRL+C to visit the GAM website and download the latest release or wait 15 seconds continue with this boring old version. GAM won\'t bother you with this announcement for 1 week or you can create a file named noupdatecheck.txt in the same location as gam.py or gam.exe and GAM won\'t ever check for updates.' MESSAGE_INVALID_JSON = 'The file {0} has an invalid format.' +MESSAGE_LOCAL_SERVER_AUTHORIZATION_PROMPT = '\nYour browser has been opened to visit:\n\n\t{url}\n\nIf your browser is on a different machine then press CTRL+C and create a file called nobrowser.txt in the same folder as GAM.\n' +MESSAGE_LOCAL_SERVER_SUCCESS = 'The authentication flow has completed. You may close this browser window and return to GAM.' MESSAGE_NO_DISCOVERY_INFORMATION = 'No online discovery doc and {0} does not exist locally' MESSAGE_NO_TRANSFER_LACK_OF_DISK_SPACE = 'Cowardly refusing to perform migration due to lack of target drive space. Source size: {0}mb Target Free: {1}mb' MESSAGE_RESULTS_TOO_LARGE_FOR_GOOGLE_SPREADSHEET = 'Results are too large for Google Spreadsheets. Uploading as a regular CSV file.'