mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-03 20:31:35 +00:00
Honor nobrowser.txt on auth
This commit is contained in:
@@ -556,7 +556,9 @@ def SetGlobalVariables():
|
|||||||
_getOldSignalFile(GC_LOW_MEMORY, 'lowmemory.txt')
|
_getOldSignalFile(GC_LOW_MEMORY, 'lowmemory.txt')
|
||||||
_getOldSignalFile(GC_NO_BROWSER, 'nobrowser.txt')
|
_getOldSignalFile(GC_NO_BROWSER, 'nobrowser.txt')
|
||||||
_getOldSignalFile(GC_NO_TDEMAIL, 'notdemail.txt')
|
_getOldSignalFile(GC_NO_TDEMAIL, 'notdemail.txt')
|
||||||
_getOldSignalFile(GC_OAUTH_BROWSER, 'oauthbrowser.txt')
|
# oauthbrowser.txt is deprecated as we now always
|
||||||
|
# use the localhost flow.
|
||||||
|
#_getOldSignalFile(GC_OAUTH_BROWSER, 'oauthbrowser.txt')
|
||||||
# _getOldSignalFile(GC_NO_CACHE, u'nocache.txt')
|
# _getOldSignalFile(GC_NO_CACHE, u'nocache.txt')
|
||||||
# _getOldSignalFile(GC_CACHE_DISCOVERY_ONLY, u'allcache.txt', filePresentValue=False, fileAbsentValue=True)
|
# _getOldSignalFile(GC_CACHE_DISCOVERY_ONLY, u'allcache.txt', filePresentValue=False, fileAbsentValue=True)
|
||||||
_getOldSignalFile(GC_NO_CACHE,
|
_getOldSignalFile(GC_NO_CACHE,
|
||||||
@@ -7130,7 +7132,7 @@ def getCRMService(login_hint):
|
|||||||
scopes,
|
scopes,
|
||||||
'online',
|
'online',
|
||||||
login_hint=login_hint,
|
login_hint=login_hint,
|
||||||
use_console_flow=not GC_Values[GC_OAUTH_BROWSER])
|
open_browser=not GC_Values[GC_NO_BROWSER])
|
||||||
httpc = transport.AuthorizedHttp(creds, transport.create_http())
|
httpc = transport.AuthorizedHttp(creds, transport.create_http())
|
||||||
return getService('cloudresourcemanager', httpc), httpc
|
return getService('cloudresourcemanager', httpc), httpc
|
||||||
|
|
||||||
@@ -10544,7 +10546,7 @@ def doRequestOAuth(login_hint=None, scopes=None):
|
|||||||
access_type='offline',
|
access_type='offline',
|
||||||
login_hint=login_hint,
|
login_hint=login_hint,
|
||||||
credentials_file=GC_Values[GC_OAUTH2_TXT],
|
credentials_file=GC_Values[GC_OAUTH2_TXT],
|
||||||
use_console_flow=not GC_Values[GC_OAUTH_BROWSER])
|
open_browser=not GC_Values[GC_NO_BROWSER])
|
||||||
creds.write()
|
creds.write()
|
||||||
except gam.auth.oauth.InvalidClientSecretsFileError:
|
except gam.auth.oauth.InvalidClientSecretsFileError:
|
||||||
controlflow.system_error_exit(14, missing_client_secrets_message)
|
controlflow.system_error_exit(14, missing_client_secrets_message)
|
||||||
|
|||||||
@@ -272,6 +272,7 @@ class Credentials(google.oauth2.credentials.Credentials):
|
|||||||
access_type='offline',
|
access_type='offline',
|
||||||
login_hint=None,
|
login_hint=None,
|
||||||
filename=None,
|
filename=None,
|
||||||
|
open_browser=True,
|
||||||
use_console_flow=False):
|
use_console_flow=False):
|
||||||
"""Runs an OAuth Flow from client secrets to generate credentials.
|
"""Runs an OAuth Flow from client secrets to generate credentials.
|
||||||
|
|
||||||
@@ -291,8 +292,11 @@ class Credentials(google.oauth2.credentials.Credentials):
|
|||||||
login_hint: String, The email address that will be displayed on the Google
|
login_hint: String, The email address that will be displayed on the Google
|
||||||
login page as a hint for the user to login to the correct account.
|
login page as a hint for the user to login to the correct account.
|
||||||
filename: String, the path to a file to use to save the credentials.
|
filename: String, the path to a file to use to save the credentials.
|
||||||
use_console_flow: Boolean, True if the authentication flow should be run
|
use_console_flow: OBSOLETE: Boolean, True if the authentication flow
|
||||||
strictly from a console; False to launch a browser for authentication.
|
should be run strictly from a console; False to launch a browser
|
||||||
|
for authentication.
|
||||||
|
open_browser: Boolean: whether or not GAM should try to open the browser
|
||||||
|
automatically.
|
||||||
|
|
||||||
Returns:
|
Returns:
|
||||||
Credentials
|
Credentials
|
||||||
@@ -312,12 +316,11 @@ class Credentials(google.oauth2.credentials.Credentials):
|
|||||||
flow = _ShortURLFlow.from_client_config(client_config,
|
flow = _ShortURLFlow.from_client_config(client_config,
|
||||||
scopes,
|
scopes,
|
||||||
autogenerate_code_verifier=True)
|
autogenerate_code_verifier=True)
|
||||||
flow_kwargs = {'access_type': access_type}
|
flow_kwargs = {'access_type': access_type,
|
||||||
|
'open_browser': open_browser}
|
||||||
if login_hint:
|
if login_hint:
|
||||||
flow_kwargs['login_hint'] = login_hint
|
flow_kwargs['login_hint'] = login_hint
|
||||||
|
flow.run_dual(**flow_kwargs)
|
||||||
flow.run_dual(use_console_flow,
|
|
||||||
**flow_kwargs)
|
|
||||||
return cls.from_google_oauth2_credentials(flow.credentials,
|
return cls.from_google_oauth2_credentials(flow.credentials,
|
||||||
filename=filename)
|
filename=filename)
|
||||||
|
|
||||||
@@ -328,6 +331,7 @@ class Credentials(google.oauth2.credentials.Credentials):
|
|||||||
access_type='offline',
|
access_type='offline',
|
||||||
login_hint=None,
|
login_hint=None,
|
||||||
credentials_file=None,
|
credentials_file=None,
|
||||||
|
open_browser=True,
|
||||||
use_console_flow=False):
|
use_console_flow=False):
|
||||||
"""Runs an OAuth Flow from secrets stored on disk to generate credentials.
|
"""Runs an OAuth Flow from secrets stored on disk to generate credentials.
|
||||||
|
|
||||||
@@ -348,8 +352,11 @@ class Credentials(google.oauth2.credentials.Credentials):
|
|||||||
login page as a hint for the user to login to the correct account.
|
login page as a hint for the user to login to the correct account.
|
||||||
credentials_file: String, the path to a file to use to save the
|
credentials_file: String, the path to a file to use to save the
|
||||||
credentials.
|
credentials.
|
||||||
use_console_flow: Boolean, True if the authentication flow should be run
|
use_console_flow: OBSOLETE: Boolean, True if the authentication flow
|
||||||
strictly from a console; False to launch a browser for authentication.
|
should be run strictly from a console; False to launch a browser for
|
||||||
|
authentication.
|
||||||
|
open_browser: Boolean, whether or not GAM should try to open the browser
|
||||||
|
directly.
|
||||||
|
|
||||||
Raises:
|
Raises:
|
||||||
InvalidClientSecretsFileError: If the client secrets file cannot be
|
InvalidClientSecretsFileError: If the client secrets file cannot be
|
||||||
@@ -378,14 +385,13 @@ class Credentials(google.oauth2.credentials.Credentials):
|
|||||||
raise InvalidClientSecretsFileFormatError(
|
raise InvalidClientSecretsFileFormatError(
|
||||||
f'Could not extract Client ID or Client Secret from file {client_secrets_file}'
|
f'Could not extract Client ID or Client Secret from file {client_secrets_file}'
|
||||||
)
|
)
|
||||||
|
|
||||||
return cls.from_client_secrets(client_id,
|
return cls.from_client_secrets(client_id,
|
||||||
client_secret,
|
client_secret,
|
||||||
scopes,
|
scopes,
|
||||||
access_type=access_type,
|
access_type=access_type,
|
||||||
login_hint=login_hint,
|
login_hint=login_hint,
|
||||||
filename=credentials_file,
|
filename=credentials_file,
|
||||||
use_console_flow=use_console_flow)
|
open_browser=open_browser)
|
||||||
|
|
||||||
def _fetch_id_token_data(self):
|
def _fetch_id_token_data(self):
|
||||||
"""Fetches verification details from Google for the OAuth2.0 token.
|
"""Fetches verification details from Google for the OAuth2.0 token.
|
||||||
@@ -599,7 +605,6 @@ class _ShortURLFlow(google_auth_oauthlib.flow.InstalledAppFlow):
|
|||||||
|
|
||||||
|
|
||||||
def run_dual(self,
|
def run_dual(self,
|
||||||
use_console_flow,
|
|
||||||
authorization_prompt_message='',
|
authorization_prompt_message='',
|
||||||
console_prompt_message='',
|
console_prompt_message='',
|
||||||
web_success_message='',
|
web_success_message='',
|
||||||
@@ -609,7 +614,7 @@ class _ShortURLFlow(google_auth_oauthlib.flow.InstalledAppFlow):
|
|||||||
mgr = multiprocessing.Manager()
|
mgr = multiprocessing.Manager()
|
||||||
d = mgr.dict()
|
d = mgr.dict()
|
||||||
d['trailing_slash'] = redirect_uri_trailing_slash
|
d['trailing_slash'] = redirect_uri_trailing_slash
|
||||||
d['open_browser'] = use_console_flow
|
d['open_browser'] = open_browser
|
||||||
http_client = multiprocessing.Process(target=_wait_for_http_client,
|
http_client = multiprocessing.Process(target=_wait_for_http_client,
|
||||||
args=(d,))
|
args=(d,))
|
||||||
user_input = multiprocessing.Process(target=_wait_for_user_input,
|
user_input = multiprocessing.Process(target=_wait_for_user_input,
|
||||||
|
|||||||
Reference in New Issue
Block a user