mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-04 12:51:36 +00:00
specify scopes for "oauth create", cleanup create vs. use project
This commit is contained in:
@@ -6254,7 +6254,7 @@ def setGAMProjectConsentScreen(httpObj, projectId, login_hint):
|
|||||||
except googleapiclient.errors.HttpError:
|
except googleapiclient.errors.HttpError:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
def _createClientSecretsOauth2service(httpObj, projectId, login_hint, create_project):
|
def _createClientSecretsOauth2service(httpObj, projectId, login_hint):
|
||||||
|
|
||||||
def _checkClientAndSecret(simplehttp, client_id, client_secret):
|
def _checkClientAndSecret(simplehttp, client_id, client_secret):
|
||||||
url = 'https://oauth2.googleapis.com/token'
|
url = 'https://oauth2.googleapis.com/token'
|
||||||
@@ -6284,7 +6284,6 @@ def _createClientSecretsOauth2service(httpObj, projectId, login_hint, create_pro
|
|||||||
|
|
||||||
GAMProjectAPIs = getGAMProjectFile('project-apis.txt').splitlines()
|
GAMProjectAPIs = getGAMProjectFile('project-apis.txt').splitlines()
|
||||||
enableGAMProjectAPIs(GAMProjectAPIs, httpObj, projectId, False)
|
enableGAMProjectAPIs(GAMProjectAPIs, httpObj, projectId, False)
|
||||||
if create_project:
|
|
||||||
setGAMProjectConsentScreen(httpObj, projectId, login_hint)
|
setGAMProjectConsentScreen(httpObj, projectId, login_hint)
|
||||||
iam = getService('iam', httpObj)
|
iam = getService('iam', httpObj)
|
||||||
sa_list = gapi.call(iam.projects().serviceAccounts(), 'list',
|
sa_list = gapi.call(iam.projects().serviceAccounts(), 'list',
|
||||||
@@ -6578,13 +6577,12 @@ and accept the Terms of Service (ToS). As soon as you've accepted the ToS popup,
|
|||||||
elif 'error' in status:
|
elif 'error' in status:
|
||||||
controlflow.system_error_exit(2, status['error'])
|
controlflow.system_error_exit(2, status['error'])
|
||||||
break
|
break
|
||||||
_createClientSecretsOauth2service(httpObj, projectId, login_hint, True)
|
_createClientSecretsOauth2service(httpObj, projectId, login_hint)
|
||||||
|
|
||||||
def doUseProject():
|
def doUseProject():
|
||||||
_checkForExistingProjectFiles()
|
_checkForExistingProjectFiles()
|
||||||
_, httpObj, login_hint, projectId, _ = _getLoginHintProjectId(False)
|
_, httpObj, login_hint, projectId, _ = _getLoginHintProjectId(False)
|
||||||
setGAMProjectConsentScreen(httpObj, projectId, login_hint)
|
_createClientSecretsOauth2service(httpObj, projectId, login_hint)
|
||||||
_createClientSecretsOauth2service(httpObj, projectId, login_hint, False)
|
|
||||||
|
|
||||||
def doUpdateProjects():
|
def doUpdateProjects():
|
||||||
_, httpObj, login_hint, projects, _ = _getLoginHintProjects(False)
|
_, httpObj, login_hint, projects, _ = _getLoginHintProjects(False)
|
||||||
@@ -10074,7 +10072,29 @@ def doDeleteOAuth():
|
|||||||
credentials.revoke()
|
credentials.revoke()
|
||||||
credentials.delete()
|
credentials.delete()
|
||||||
|
|
||||||
def doRequestOAuth(login_hint=None):
|
def createOAuth():
|
||||||
|
'''Explicit command line to create OAuth credentials'''
|
||||||
|
login_hint = None
|
||||||
|
scopes = None
|
||||||
|
if len(sys.argv) >= 4 and sys.argv[3].lower() not in ['admin', 'scopes']:
|
||||||
|
# legacy "gam oauth create/request <email>
|
||||||
|
login_hint = sys.argv[3]
|
||||||
|
else:
|
||||||
|
i = 3
|
||||||
|
while i < len(sys.argv):
|
||||||
|
myarg = sys.argv[i].lower().replace('_', '')
|
||||||
|
if myarg == 'admin':
|
||||||
|
login_hint = sys.argv[i+1]
|
||||||
|
i += 2
|
||||||
|
elif myarg == 'scopes':
|
||||||
|
scopes = sys.argv[i+1].split(',')
|
||||||
|
i += 2
|
||||||
|
else:
|
||||||
|
controlflow.system_error_exit(3, f'{myarg} is not a valid argument for "gam oauth create"')
|
||||||
|
login_hint = _getValidateLoginHint(login_hint)
|
||||||
|
doRequestOAuth(login_hint, scopes)
|
||||||
|
|
||||||
|
def doRequestOAuth(login_hint=None, scopes=None):
|
||||||
missing_client_secrets_message = ('To use GAM you need to create an API '
|
missing_client_secrets_message = ('To use GAM you need to create an API '
|
||||||
'project. Please run:\n\ngam create project')
|
'project. Please run:\n\ngam create project')
|
||||||
client_secrets_file = GC_Values[GC_CLIENT_SECRETS_JSON]
|
client_secrets_file = GC_Values[GC_CLIENT_SECRETS_JSON]
|
||||||
@@ -10087,6 +10107,7 @@ def doRequestOAuth(login_hint=None):
|
|||||||
print('It looks like you\'ve already authorized GAM. Refusing to overwrite existing file:\n\n%s' % stored_creds.filename)
|
print('It looks like you\'ve already authorized GAM. Refusing to overwrite existing file:\n\n%s' % stored_creds.filename)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
if scopes is None:
|
||||||
scopes = getScopesFromUser()
|
scopes = getScopesFromUser()
|
||||||
if scopes is None:
|
if scopes is None:
|
||||||
# There were no scopes selected. Exit cleanly.
|
# There were no scopes selected. Exit cleanly.
|
||||||
@@ -11147,11 +11168,7 @@ def ProcessGAMCommand(args):
|
|||||||
elif command in ['oauth', 'oauth2']:
|
elif command in ['oauth', 'oauth2']:
|
||||||
argument = sys.argv[2].lower()
|
argument = sys.argv[2].lower()
|
||||||
if argument in ['request', 'create']:
|
if argument in ['request', 'create']:
|
||||||
try:
|
createOAuth()
|
||||||
login_hint = sys.argv[3].strip()
|
|
||||||
except IndexError:
|
|
||||||
login_hint = None
|
|
||||||
doRequestOAuth(login_hint)
|
|
||||||
elif argument in ['info', 'verify']:
|
elif argument in ['info', 'verify']:
|
||||||
OAuthInfo()
|
OAuthInfo()
|
||||||
elif argument in ['delete', 'revoke']:
|
elif argument in ['delete', 'revoke']:
|
||||||
|
|||||||
Reference in New Issue
Block a user