From ff54449d1d6bae5932b2957393baa18af0a72c0e Mon Sep 17 00:00:00 2001 From: Jay Lee Date: Thu, 23 Apr 2020 14:55:35 -0400 Subject: [PATCH] specify scopes for "oauth create", cleanup create vs. use project --- src/gam/__init__.py | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/src/gam/__init__.py b/src/gam/__init__.py index 70e79b0e..cdf70afb 100755 --- a/src/gam/__init__.py +++ b/src/gam/__init__.py @@ -6254,7 +6254,7 @@ def setGAMProjectConsentScreen(httpObj, projectId, login_hint): except googleapiclient.errors.HttpError: pass -def _createClientSecretsOauth2service(httpObj, projectId, login_hint, create_project): +def _createClientSecretsOauth2service(httpObj, projectId, login_hint): def _checkClientAndSecret(simplehttp, client_id, client_secret): url = 'https://oauth2.googleapis.com/token' @@ -6284,8 +6284,7 @@ def _createClientSecretsOauth2service(httpObj, projectId, login_hint, create_pro GAMProjectAPIs = getGAMProjectFile('project-apis.txt').splitlines() enableGAMProjectAPIs(GAMProjectAPIs, httpObj, projectId, False) - if create_project: - setGAMProjectConsentScreen(httpObj, projectId, login_hint) + setGAMProjectConsentScreen(httpObj, projectId, login_hint) iam = getService('iam', httpObj) sa_list = gapi.call(iam.projects().serviceAccounts(), 'list', name=f'projects/{projectId}') @@ -6578,13 +6577,12 @@ and accept the Terms of Service (ToS). As soon as you've accepted the ToS popup, elif 'error' in status: controlflow.system_error_exit(2, status['error']) break - _createClientSecretsOauth2service(httpObj, projectId, login_hint, True) + _createClientSecretsOauth2service(httpObj, projectId, login_hint) def doUseProject(): _checkForExistingProjectFiles() _, httpObj, login_hint, projectId, _ = _getLoginHintProjectId(False) - setGAMProjectConsentScreen(httpObj, projectId, login_hint) - _createClientSecretsOauth2service(httpObj, projectId, login_hint, False) + _createClientSecretsOauth2service(httpObj, projectId, login_hint) def doUpdateProjects(): _, httpObj, login_hint, projects, _ = _getLoginHintProjects(False) @@ -10074,7 +10072,29 @@ def doDeleteOAuth(): credentials.revoke() credentials.delete() -def doRequestOAuth(login_hint=None): +def createOAuth(): + '''Explicit command line to create OAuth credentials''' + login_hint = None + scopes = None + if len(sys.argv) >= 4 and sys.argv[3].lower() not in ['admin', 'scopes']: + # legacy "gam oauth create/request + login_hint = sys.argv[3] + else: + i = 3 + while i < len(sys.argv): + myarg = sys.argv[i].lower().replace('_', '') + if myarg == 'admin': + login_hint = sys.argv[i+1] + i += 2 + elif myarg == 'scopes': + scopes = sys.argv[i+1].split(',') + i += 2 + else: + controlflow.system_error_exit(3, f'{myarg} is not a valid argument for "gam oauth create"') + login_hint = _getValidateLoginHint(login_hint) + doRequestOAuth(login_hint, scopes) + +def doRequestOAuth(login_hint=None, scopes=None): missing_client_secrets_message = ('To use GAM you need to create an API ' 'project. Please run:\n\ngam create project') client_secrets_file = GC_Values[GC_CLIENT_SECRETS_JSON] @@ -10087,7 +10107,8 @@ def doRequestOAuth(login_hint=None): print('It looks like you\'ve already authorized GAM. Refusing to overwrite existing file:\n\n%s' % stored_creds.filename) return - scopes = getScopesFromUser() + if scopes is None: + scopes = getScopesFromUser() if scopes is None: # There were no scopes selected. Exit cleanly. controlflow.system_error_exit(0, '') @@ -11147,11 +11168,7 @@ def ProcessGAMCommand(args): elif command in ['oauth', 'oauth2']: argument = sys.argv[2].lower() if argument in ['request', 'create']: - try: - login_hint = sys.argv[3].strip() - except IndexError: - login_hint = None - doRequestOAuth(login_hint) + createOAuth() elif argument in ['info', 'verify']: OAuthInfo() elif argument in ['delete', 'revoke']: