specify scopes for "oauth create", cleanup create vs. use project

This commit is contained in:
Jay Lee
2020-04-23 14:55:35 -04:00
parent 43a8900c24
commit ff54449d1d

View File

@@ -6254,7 +6254,7 @@ def setGAMProjectConsentScreen(httpObj, projectId, login_hint):
except googleapiclient.errors.HttpError: except googleapiclient.errors.HttpError:
pass pass
def _createClientSecretsOauth2service(httpObj, projectId, login_hint, create_project): def _createClientSecretsOauth2service(httpObj, projectId, login_hint):
def _checkClientAndSecret(simplehttp, client_id, client_secret): def _checkClientAndSecret(simplehttp, client_id, client_secret):
url = 'https://oauth2.googleapis.com/token' url = 'https://oauth2.googleapis.com/token'
@@ -6284,7 +6284,6 @@ def _createClientSecretsOauth2service(httpObj, projectId, login_hint, create_pro
GAMProjectAPIs = getGAMProjectFile('project-apis.txt').splitlines() GAMProjectAPIs = getGAMProjectFile('project-apis.txt').splitlines()
enableGAMProjectAPIs(GAMProjectAPIs, httpObj, projectId, False) enableGAMProjectAPIs(GAMProjectAPIs, httpObj, projectId, False)
if create_project:
setGAMProjectConsentScreen(httpObj, projectId, login_hint) setGAMProjectConsentScreen(httpObj, projectId, login_hint)
iam = getService('iam', httpObj) iam = getService('iam', httpObj)
sa_list = gapi.call(iam.projects().serviceAccounts(), 'list', sa_list = gapi.call(iam.projects().serviceAccounts(), 'list',
@@ -6578,13 +6577,12 @@ and accept the Terms of Service (ToS). As soon as you've accepted the ToS popup,
elif 'error' in status: elif 'error' in status:
controlflow.system_error_exit(2, status['error']) controlflow.system_error_exit(2, status['error'])
break break
_createClientSecretsOauth2service(httpObj, projectId, login_hint, True) _createClientSecretsOauth2service(httpObj, projectId, login_hint)
def doUseProject(): def doUseProject():
_checkForExistingProjectFiles() _checkForExistingProjectFiles()
_, httpObj, login_hint, projectId, _ = _getLoginHintProjectId(False) _, httpObj, login_hint, projectId, _ = _getLoginHintProjectId(False)
setGAMProjectConsentScreen(httpObj, projectId, login_hint) _createClientSecretsOauth2service(httpObj, projectId, login_hint)
_createClientSecretsOauth2service(httpObj, projectId, login_hint, False)
def doUpdateProjects(): def doUpdateProjects():
_, httpObj, login_hint, projects, _ = _getLoginHintProjects(False) _, httpObj, login_hint, projects, _ = _getLoginHintProjects(False)
@@ -10074,7 +10072,29 @@ def doDeleteOAuth():
credentials.revoke() credentials.revoke()
credentials.delete() credentials.delete()
def doRequestOAuth(login_hint=None): def createOAuth():
'''Explicit command line to create OAuth credentials'''
login_hint = None
scopes = None
if len(sys.argv) >= 4 and sys.argv[3].lower() not in ['admin', 'scopes']:
# legacy "gam oauth create/request <email>
login_hint = sys.argv[3]
else:
i = 3
while i < len(sys.argv):
myarg = sys.argv[i].lower().replace('_', '')
if myarg == 'admin':
login_hint = sys.argv[i+1]
i += 2
elif myarg == 'scopes':
scopes = sys.argv[i+1].split(',')
i += 2
else:
controlflow.system_error_exit(3, f'{myarg} is not a valid argument for "gam oauth create"')
login_hint = _getValidateLoginHint(login_hint)
doRequestOAuth(login_hint, scopes)
def doRequestOAuth(login_hint=None, scopes=None):
missing_client_secrets_message = ('To use GAM you need to create an API ' missing_client_secrets_message = ('To use GAM you need to create an API '
'project. Please run:\n\ngam create project') 'project. Please run:\n\ngam create project')
client_secrets_file = GC_Values[GC_CLIENT_SECRETS_JSON] client_secrets_file = GC_Values[GC_CLIENT_SECRETS_JSON]
@@ -10087,6 +10107,7 @@ def doRequestOAuth(login_hint=None):
print('It looks like you\'ve already authorized GAM. Refusing to overwrite existing file:\n\n%s' % stored_creds.filename) print('It looks like you\'ve already authorized GAM. Refusing to overwrite existing file:\n\n%s' % stored_creds.filename)
return return
if scopes is None:
scopes = getScopesFromUser() scopes = getScopesFromUser()
if scopes is None: if scopes is None:
# There were no scopes selected. Exit cleanly. # There were no scopes selected. Exit cleanly.
@@ -11147,11 +11168,7 @@ def ProcessGAMCommand(args):
elif command in ['oauth', 'oauth2']: elif command in ['oauth', 'oauth2']:
argument = sys.argv[2].lower() argument = sys.argv[2].lower()
if argument in ['request', 'create']: if argument in ['request', 'create']:
try: createOAuth()
login_hint = sys.argv[3].strip()
except IndexError:
login_hint = None
doRequestOAuth(login_hint)
elif argument in ['info', 'verify']: elif argument in ['info', 'verify']:
OAuthInfo() OAuthInfo()
elif argument in ['delete', 'revoke']: elif argument in ['delete', 'revoke']: