From b6bd2da6ce40a64f3c7391ca065fc7321794dc6f Mon Sep 17 00:00:00 2001 From: Jay Lee Date: Mon, 12 Aug 2019 11:00:26 -0400 Subject: [PATCH] Short OAuth URLs, make console flow default to reduce issues --- src/gam.py | 18 ++++++++++++++++-- src/var.py | 4 ++++ 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/gam.py b/src/gam.py index 661a6976..493082f5 100755 --- a/src/gam.py +++ b/src/gam.py @@ -683,6 +683,7 @@ def SetGlobalVariables(): _getOldEnvVar(GC_CA_FILE, 'GAM_CA_FILE') _getOldSignalFile(GC_DEBUG_LEVEL, 'debug.gam', filePresentValue=4, fileAbsentValue=0) _getOldSignalFile(GC_NO_BROWSER, 'nobrowser.txt') + _getOldSignalFile(GC_OAUTH_BROWSER, 'usebrowser.txt') # _getOldSignalFile(GC_NO_CACHE, u'nocache.txt') # _getOldSignalFile(GC_CACHE_DISCOVERY_ONLY, u'allcache.txt', filePresentValue=False, fileAbsentValue=True) _getOldSignalFile(GC_NO_CACHE, 'allcache.txt', filePresentValue=False, fileAbsentValue=True) @@ -7604,6 +7605,19 @@ def getUserAttributes(i, cd, updateCmd): body['hashFunction'] = 'crypt' return body +class ShortURLFlow(google_auth_oauthlib.flow.InstalledAppFlow): + def authorization_url(self, **kwargs): + long_url, state = super(ShortURLFlow, self).authorization_url(**kwargs) + simplehttp = httplib2.Http() + simplehttp.timeout = 10 + url_shortnr = 'https://gam-shortn.appspot.com/create' + headers = {'Content-Type': 'application/json'} + try: + _, content = simplehttp.request(url_shortnr, 'POST', '{"long_url": "%s"}' % long_url, headers=headers) + except: + return long_url, state + return json.loads(content).get('short_url', ''), state + def _run_oauth_flow(client_id, client_secret, scopes, access_type, login_hint=None): client_config = { 'installed': { @@ -7615,11 +7629,11 @@ def _run_oauth_flow(client_id, client_secret, scopes, access_type, login_hint=No } } - flow = google_auth_oauthlib.flow.InstalledAppFlow.from_client_config(client_config, scopes) + flow = ShortURLFlow.from_client_config(client_config, scopes) kwargs = {'access_type': access_type} if login_hint: kwargs['login_hint'] = login_hint - if GC_Values[GC_NO_BROWSER]: + if not GC_Values[GC_OAUTH_BROWSER]: flow.run_console( authorization_prompt_message=MESSAGE_CONSOLE_AUTHORIZATION_PROMPT, authorization_code_message=MESSAGE_CONSOLE_AUTHORIZATION_CODE, diff --git a/src/var.py b/src/var.py index 55f16191..524b376b 100644 --- a/src/var.py +++ b/src/var.py @@ -793,6 +793,8 @@ GC_MEMBER_MAX_RESULTS = 'member_max_results' # If no_browser is False, writeCSVfile won't open a browser when todrive is set # and doRequestOAuth prints a link and waits for the verification code when oauth2.txt is being created GC_NO_BROWSER = 'no_browser' +# oauth_browser forces usage of web server OAuth flow that proved problematic. +GC_OAUTH_BROWSER = 'oauth_browser' # Disable GAM API caching GC_NO_CACHE = 'no_cache' # Disable GAM update check @@ -846,6 +848,7 @@ GC_Defaults = { GC_NO_CACHE: False, GC_NO_UPDATE_CHECK: False, GC_NUM_THREADS: 25, + GC_OAUTH_BROWSER: False, GC_OAUTH2_TXT: _FN_OAUTH2_TXT, GC_OAUTH2SERVICE_JSON: _FN_OAUTH2SERVICE_JSON, GC_SECTION: '', @@ -897,6 +900,7 @@ GC_VAR_INFO = { GC_NO_CACHE: {GC_VAR_TYPE: GC_TYPE_BOOLEAN}, GC_NO_UPDATE_CHECK: {GC_VAR_TYPE: GC_TYPE_BOOLEAN}, GC_NUM_THREADS: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, None)}, + GC_OAUTH_BROWSER: {GC_VAR_TYPE: GC_TYPE_BOOLEAN}, GC_OAUTH2_TXT: {GC_VAR_TYPE: GC_TYPE_FILE}, GC_OAUTH2SERVICE_JSON: {GC_VAR_TYPE: GC_TYPE_FILE}, GC_SECTION: {GC_VAR_TYPE: GC_TYPE_STRING},