two more removes

more bad files removed
Add pyasn1 and rsa for native crypt operations. Remove bad admx stuff
2026-06-04 06:11:39 +00:00 · 2016-03-16 13:27:20 -04:00 · 2016-03-16 13:26:08 -04:00 · 2016-03-16 13:24:19 -04:00 · 2016-03-16 13:14:28 -04:00 · 2016-03-16 13:13:24 -04:00
321 changed files with 27809 additions and 13755 deletions
--- a/README.md
+++ b/README.md
@@ -1,66 +1,25 @@
-Dito GAM
+GAM
 ============================
-GAM is a free, open source command line tool for
-Google Apps Administrators to efficiently manage
-domain and user settings quickly and easily. GAM has support
-for many features, such as
-
-* creating, deleting, and updating users, aliases, groups, 
-  organizations, and resource calendars
-* modifying user email settings such as IMAP, signatures,
-  vacation messages, profile sharing, email forwarding,
-  send as address, labels, and features.
-* delegating mailboxes and calendars to other users
-* modifying calendar access rights for users and resource calendars.
-* auditing user accounts and mailboes
-* monitoring incoming and outgoing email
-* generating detailed reports for users, groups, resources,
-  account activity, email clients, and quotas.
+GAM is a command line tool for Google Apps Administrators to manage domain and user settings quickly and easily.

 Downloads
 ---------
-You can download current GAM from 
-the [GitHub Releases] page.
+You can download the current GAM release from the [GitHub Releases] page.

 Documentation
 ------------------
-The GAM documentation is currently hosted in the [GitHub Wiki]
+The GAM documentation is hosted in the [GitHub Wiki]

 Mailing List / Discussion group
 -------------------------------
-The GAM mailing list / discussion group is hosted
-on [Google Groups].  You can join the list and interact
-via email, or just post from the web itself.
-
-Source Repository
-----------------
-
-The official GAM source repository is on [GitHub].
+The GAM mailing list / discussion group is hosted on [Google Groups].  You can join the list and interact via email, or just post from the web itself.

 Author
 ------
-
 GAM is maintained by <a href="mailto:jay0lee@gmail.com">Jay Lee</a>.

-Thanks To
---------
-
-GAM is made possible and maintained by the work of Dito.
-Who is Dito?
-
-*Dito is solely focused on moving organizations to Google's
-cloud. After hundreds of successful deployments over the
-last 5 years, we have gained notoriety for our complete
-understanding of the platform, our change management &
-training ability, and our rock-star deployment engineers.
-We are known worldwide as the Google Apps Experts.*
-
-Need a Google Apps Expert? 
-[Contact Dito](http://ditoweb.com/contact), which offers
-[free premium GAM support](http://www.ditoweb.com/dito-gam)
-for domains that sign up through Dito.
-
+[GAM release]: https://git.io/gamreleases
 [GitHub Releases]: https://github.com/jay0lee/GAM/releases
-[GitHub]: https://github.com/jay0lee/GAM/
+[GitHub]: https://github.com/jay0lee/GAM/tree/master
 [GitHub Wiki]: https://github.com/jay0lee/GAM/wiki/
 [Google Groups]: http://groups.google.com/group/google-apps-manager
--- a/cacert.pem
+++ b/cacert.pem
--- a/gdata/apps/res_cal/service.py
+++ b/gdata/apps/res_cal/service.py
@@ -1,71 +0,0 @@
-# Copyright (C) 2008 Google, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Allow Google Apps domain administrators to create/modify/delete resource calendars.
-
-  ResCalService: Interact with Resource Calendars."""
-
-__author__ = 'jlee@pbu.edu'
-
-import gdata.apps
-import gdata.apps.service
-import gdata.service
-
-class ResCalService(gdata.apps.service.PropertyService):
-  """Client for the Google Apps Resource Calendar service."""
-
-  def _serviceUrl(self, domain=None):
-    if domain is None:
-      domain = self.domain
-    return '/a/feeds/calendar/resource/2.0/%s' % domain
-
-  def CreateResourceCalendar(self, id, common_name, description=None, type=None):
-  
-    uri = self._serviceUrl()
-    properties = {}
-    properties['resourceId'] = id
-    properties['resourceCommonName'] = common_name
-    if description != None:
-      properties['resourceDescription'] = description
-    if type != None:
-      properties['resourceType'] = type
-    return self._PostProperties(uri, properties)
-
-  def RetrieveResourceCalendar(self, id):
-  
-    uri = self._serviceUrl()+'/'+id
-    return self._GetProperties(uri)
-
-  def RetrieveAllResourceCalendars(self):
-  
-    uri = self._serviceUrl()+'/'
-    return self._GetPropertiesList(uri)
-
-  def UpdateResourceCalendar(self, id, common_name=None, description=None, type=None):
-  
-    uri = self._serviceUrl()+'/'+id
-    properties = {}
-    properties['resourceId'] = id
-    if common_name != None:
-      properties['resourceCommonName'] = common_name
-    if description != None:
-      properties['resourceDescription'] = description
-    if type != None:
-      properties['resourceType'] = type
-    return self._PutProperties(uri, properties)
-
-  def DeleteResourceCalendar(self, id):
-  
-    uri = self._serviceUrl()+'/'+id
-    return self._DeleteProperties(uri)
--- a/oauth2client/init.py
+++ b/oauth2client/init.py
@@ -1,8 +0,0 @@
-"""Client library for using OAuth2, especially with Google APIs."""
-
-__version__ = '1.3.1'
-
-GOOGLE_AUTH_URI = 'https://accounts.google.com/o/oauth2/auth'
-GOOGLE_DEVICE_URI = 'https://accounts.google.com/o/oauth2/device/code'
-GOOGLE_REVOKE_URI = 'https://accounts.google.com/o/oauth2/revoke'
-GOOGLE_TOKEN_URI = 'https://accounts.google.com/o/oauth2/token'
--- a/oauth2client/appengine.py
+++ b/oauth2client/appengine.py
@@ -1,989 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Utilities for Google App Engine
-
-Utilities for making it easier to use OAuth 2.0 on Google App Engine.
-"""
-
-__author__ = 'jcgregorio@google.com (Joe Gregorio)'
-
-import cgi
-import json
-import logging
-import os
-import pickle
-import threading
-
-import httplib2
-
-from google.appengine.api import app_identity
-from google.appengine.api import memcache
-from google.appengine.api import users
-from google.appengine.ext import db
-from google.appengine.ext import webapp
-from google.appengine.ext.webapp.util import login_required
-from google.appengine.ext.webapp.util import run_wsgi_app
-from oauth2client import GOOGLE_AUTH_URI
-from oauth2client import GOOGLE_REVOKE_URI
-from oauth2client import GOOGLE_TOKEN_URI
-from oauth2client import clientsecrets
-from oauth2client import util
-from oauth2client import xsrfutil
-from oauth2client.client import AccessTokenRefreshError
-from oauth2client.client import AssertionCredentials
-from oauth2client.client import Credentials
-from oauth2client.client import Flow
-from oauth2client.client import OAuth2WebServerFlow
-from oauth2client.client import Storage
-
-# TODO(dhermes): Resolve import issue.
-# This is a temporary fix for a Google internal issue.
-try:
-  from google.appengine.ext import ndb
-except ImportError:
-  ndb = None
-
-
-logger = logging.getLogger(__name__)
-
-OAUTH2CLIENT_NAMESPACE = 'oauth2client#ns'
-
-XSRF_MEMCACHE_ID = 'xsrf_secret_key'
-
-
-def _safe_html(s):
-  """Escape text to make it safe to display.
-
-  Args:
-    s: string, The text to escape.
-
-  Returns:
-    The escaped text as a string.
-  """
-  return cgi.escape(s, quote=1).replace("'", '&#39;')
-
-
-class InvalidClientSecretsError(Exception):
-  """The client_secrets.json file is malformed or missing required fields."""
-
-
-class InvalidXsrfTokenError(Exception):
-  """The XSRF token is invalid or expired."""
-
-
-class SiteXsrfSecretKey(db.Model):
-  """Storage for the sites XSRF secret key.
-
-  There will only be one instance stored of this model, the one used for the
-  site.
-  """
-  secret = db.StringProperty()
-
-if ndb is not None:
-  class SiteXsrfSecretKeyNDB(ndb.Model):
-    """NDB Model for storage for the sites XSRF secret key.
-
-    Since this model uses the same kind as SiteXsrfSecretKey, it can be used
-    interchangeably. This simply provides an NDB model for interacting with the
-    same data the DB model interacts with.
-
-    There should only be one instance stored of this model, the one used for the
-    site.
-    """
-    secret = ndb.StringProperty()
-
-    @classmethod
-    def _get_kind(cls):
-      """Return the kind name for this class."""
-      return 'SiteXsrfSecretKey'
-
-
-def _generate_new_xsrf_secret_key():
-  """Returns a random XSRF secret key.
-  """
-  return os.urandom(16).encode("hex")
-
-
-def xsrf_secret_key():
-  """Return the secret key for use for XSRF protection.
-
-  If the Site entity does not have a secret key, this method will also create
-  one and persist it.
-
-  Returns:
-    The secret key.
-  """
-  secret = memcache.get(XSRF_MEMCACHE_ID, namespace=OAUTH2CLIENT_NAMESPACE)
-  if not secret:
-    # Load the one and only instance of SiteXsrfSecretKey.
-    model = SiteXsrfSecretKey.get_or_insert(key_name='site')
-    if not model.secret:
-      model.secret = _generate_new_xsrf_secret_key()
-      model.put()
-    secret = model.secret
-    memcache.add(XSRF_MEMCACHE_ID, secret, namespace=OAUTH2CLIENT_NAMESPACE)
-
-  return str(secret)
-
-
-class AppAssertionCredentials(AssertionCredentials):
-  """Credentials object for App Engine Assertion Grants
-
-  This object will allow an App Engine application to identify itself to Google
-  and other OAuth 2.0 servers that can verify assertions. It can be used for the
-  purpose of accessing data stored under an account assigned to the App Engine
-  application itself.
-
-  This credential does not require a flow to instantiate because it represents
-  a two legged flow, and therefore has all of the required information to
-  generate and refresh its own access tokens.
-  """
-
-  @util.positional(2)
-  def __init__(self, scope, **kwargs):
-    """Constructor for AppAssertionCredentials
-
-    Args:
-      scope: string or iterable of strings, scope(s) of the credentials being
-        requested.
-      **kwargs: optional keyword args, including:
-        service_account_id: service account id of the application. If None or
-          unspecified, the default service account for the app is used.
-    """
-    self.scope = util.scopes_to_string(scope)
-    self._kwargs = kwargs
-    self.service_account_id = kwargs.get('service_account_id', None)
-
-    # Assertion type is no longer used, but still in the parent class signature.
-    super(AppAssertionCredentials, self).__init__(None)
-
-  @classmethod
-  def from_json(cls, json_data):
-    data = json.loads(json_data)
-    return AppAssertionCredentials(data['scope'])
-
-  def _refresh(self, http_request):
-    """Refreshes the access_token.
-
-    Since the underlying App Engine app_identity implementation does its own
-    caching we can skip all the storage hoops and just to a refresh using the
-    API.
-
-    Args:
-      http_request: callable, a callable that matches the method signature of
-        httplib2.Http.request, used to make the refresh request.
-
-    Raises:
-      AccessTokenRefreshError: When the refresh fails.
-    """
-    try:
-      scopes = self.scope.split()
-      (token, _) = app_identity.get_access_token(
-          scopes, service_account_id=self.service_account_id)
-    except app_identity.Error as e:
-      raise AccessTokenRefreshError(str(e))
-    self.access_token = token
-
-  @property
-  def serialization_data(self):
-    raise NotImplementedError('Cannot serialize credentials for AppEngine.')
-
-  def create_scoped_required(self):
-    return not self.scope
-
-  def create_scoped(self, scopes):
-    return AppAssertionCredentials(scopes, **self._kwargs)
-
-
-class FlowProperty(db.Property):
-  """App Engine datastore Property for Flow.
-
-  Utility property that allows easy storage and retrieval of an
-  oauth2client.Flow"""
-
-  # Tell what the user type is.
-  data_type = Flow
-
-  # For writing to datastore.
-  def get_value_for_datastore(self, model_instance):
-    flow = super(FlowProperty,
-                 self).get_value_for_datastore(model_instance)
-    return db.Blob(pickle.dumps(flow))
-
-  # For reading from datastore.
-  def make_value_from_datastore(self, value):
-    if value is None:
-      return None
-    return pickle.loads(value)
-
-  def validate(self, value):
-    if value is not None and not isinstance(value, Flow):
-      raise db.BadValueError('Property %s must be convertible '
-                          'to a FlowThreeLegged instance (%s)' %
-                          (self.name, value))
-    return super(FlowProperty, self).validate(value)
-
-  def empty(self, value):
-    return not value
-
-
-if ndb is not None:
-  class FlowNDBProperty(ndb.PickleProperty):
-    """App Engine NDB datastore Property for Flow.
-
-    Serves the same purpose as the DB FlowProperty, but for NDB models. Since
-    PickleProperty inherits from BlobProperty, the underlying representation of
-    the data in the datastore will be the same as in the DB case.
-
-    Utility property that allows easy storage and retrieval of an
-    oauth2client.Flow
-    """
-
-    def _validate(self, value):
-      """Validates a value as a proper Flow object.
-
-      Args:
-        value: A value to be set on the property.
-
-      Raises:
-        TypeError if the value is not an instance of Flow.
-      """
-      logger.info('validate: Got type %s', type(value))
-      if value is not None and not isinstance(value, Flow):
-        raise TypeError('Property %s must be convertible to a flow '
-                        'instance; received: %s.' % (self._name, value))
-
-
-class CredentialsProperty(db.Property):
-  """App Engine datastore Property for Credentials.
-
-  Utility property that allows easy storage and retrieval of
-  oath2client.Credentials
-  """
-
-  # Tell what the user type is.
-  data_type = Credentials
-
-  # For writing to datastore.
-  def get_value_for_datastore(self, model_instance):
-    logger.info("get: Got type " + str(type(model_instance)))
-    cred = super(CredentialsProperty,
-                 self).get_value_for_datastore(model_instance)
-    if cred is None:
-      cred = ''
-    else:
-      cred = cred.to_json()
-    return db.Blob(cred)
-
-  # For reading from datastore.
-  def make_value_from_datastore(self, value):
-    logger.info("make: Got type " + str(type(value)))
-    if value is None:
-      return None
-    if len(value) == 0:
-      return None
-    try:
-      credentials = Credentials.new_from_json(value)
-    except ValueError:
-      credentials = None
-    return credentials
-
-  def validate(self, value):
-    value = super(CredentialsProperty, self).validate(value)
-    logger.info("validate: Got type " + str(type(value)))
-    if value is not None and not isinstance(value, Credentials):
-      raise db.BadValueError('Property %s must be convertible '
-                          'to a Credentials instance (%s)' %
-                            (self.name, value))
-    #if value is not None and not isinstance(value, Credentials):
-    #  return None
-    return value
-
-
-if ndb is not None:
-  # TODO(dhermes): Turn this into a JsonProperty and overhaul the Credentials
-  #                and subclass mechanics to use new_from_dict, to_dict,
-  #                from_dict, etc.
-  class CredentialsNDBProperty(ndb.BlobProperty):
-    """App Engine NDB datastore Property for Credentials.
-
-    Serves the same purpose as the DB CredentialsProperty, but for NDB models.
-    Since CredentialsProperty stores data as a blob and this inherits from
-    BlobProperty, the data in the datastore will be the same as in the DB case.
-
-    Utility property that allows easy storage and retrieval of Credentials and
-    subclasses.
-    """
-    def _validate(self, value):
-      """Validates a value as a proper credentials object.
-
-      Args:
-        value: A value to be set on the property.
-
-      Raises:
-        TypeError if the value is not an instance of Credentials.
-      """
-      logger.info('validate: Got type %s', type(value))
-      if value is not None and not isinstance(value, Credentials):
-        raise TypeError('Property %s must be convertible to a credentials '
-                        'instance; received: %s.' % (self._name, value))
-
-    def _to_base_type(self, value):
-      """Converts our validated value to a JSON serialized string.
-
-      Args:
-        value: A value to be set in the datastore.
-
-      Returns:
-        A JSON serialized version of the credential, else '' if value is None.
-      """
-      if value is None:
-        return ''
-      else:
-        return value.to_json()
-
-    def _from_base_type(self, value):
-      """Converts our stored JSON string back to the desired type.
-
-      Args:
-        value: A value from the datastore to be converted to the desired type.
-
-      Returns:
-        A deserialized Credentials (or subclass) object, else None if the
-            value can't be parsed.
-      """
-      if not value:
-        return None
-      try:
-        # Uses the from_json method of the implied class of value
-        credentials = Credentials.new_from_json(value)
-      except ValueError:
-        credentials = None
-      return credentials
-
-
-class StorageByKeyName(Storage):
-  """Store and retrieve a credential to and from the App Engine datastore.
-
-  This Storage helper presumes the Credentials have been stored as a
-  CredentialsProperty or CredentialsNDBProperty on a datastore model class, and
-  that entities are stored by key_name.
-  """
-
-  @util.positional(4)
-  def __init__(self, model, key_name, property_name, cache=None, user=None):
-    """Constructor for Storage.
-
-    Args:
-      model: db.Model or ndb.Model, model class
-      key_name: string, key name for the entity that has the credentials
-      property_name: string, name of the property that is a CredentialsProperty
-        or CredentialsNDBProperty.
-      cache: memcache, a write-through cache to put in front of the datastore.
-        If the model you are using is an NDB model, using a cache will be
-        redundant since the model uses an instance cache and memcache for you.
-      user: users.User object, optional. Can be used to grab user ID as a
-        key_name if no key name is specified.
-    """
-    if key_name is None:
-      if user is None:
-        raise ValueError('StorageByKeyName called with no key name or user.')
-      key_name = user.user_id()
-
-    self._model = model
-    self._key_name = key_name
-    self._property_name = property_name
-    self._cache = cache
-
-  def _is_ndb(self):
-    """Determine whether the model of the instance is an NDB model.
-
-    Returns:
-      Boolean indicating whether or not the model is an NDB or DB model.
-    """
-    # issubclass will fail if one of the arguments is not a class, only need
-    # worry about new-style classes since ndb and db models are new-style
-    if isinstance(self._model, type):
-      if ndb is not None and issubclass(self._model, ndb.Model):
-        return True
-      elif issubclass(self._model, db.Model):
-        return False
-
-    raise TypeError('Model class not an NDB or DB model: %s.' % (self._model,))
-
-  def _get_entity(self):
-    """Retrieve entity from datastore.
-
-    Uses a different model method for db or ndb models.
-
-    Returns:
-      Instance of the model corresponding to the current storage object
-          and stored using the key name of the storage object.
-    """
-    if self._is_ndb():
-      return self._model.get_by_id(self._key_name)
-    else:
-      return self._model.get_by_key_name(self._key_name)
-
-  def _delete_entity(self):
-    """Delete entity from datastore.
-
-    Attempts to delete using the key_name stored on the object, whether or not
-    the given key is in the datastore.
-    """
-    if self._is_ndb():
-      ndb.Key(self._model, self._key_name).delete()
-    else:
-      entity_key = db.Key.from_path(self._model.kind(), self._key_name)
-      db.delete(entity_key)
-
-  @db.non_transactional(allow_existing=True)
-  def locked_get(self):
-    """Retrieve Credential from datastore.
-
-    Returns:
-      oauth2client.Credentials
-    """
-    credentials = None
-    if self._cache:
-      json = self._cache.get(self._key_name)
-      if json:
-        credentials = Credentials.new_from_json(json)
-    if credentials is None:
-      entity = self._get_entity()
-      if entity is not None:
-        credentials = getattr(entity, self._property_name)
-        if self._cache:
-          self._cache.set(self._key_name, credentials.to_json())
-
-    if credentials and hasattr(credentials, 'set_store'):
-      credentials.set_store(self)
-    return credentials
-
-  @db.non_transactional(allow_existing=True)
-  def locked_put(self, credentials):
-    """Write a Credentials to the datastore.
-
-    Args:
-      credentials: Credentials, the credentials to store.
-    """
-    entity = self._model.get_or_insert(self._key_name)
-    setattr(entity, self._property_name, credentials)
-    entity.put()
-    if self._cache:
-      self._cache.set(self._key_name, credentials.to_json())
-
-  @db.non_transactional(allow_existing=True)
-  def locked_delete(self):
-    """Delete Credential from datastore."""
-
-    if self._cache:
-      self._cache.delete(self._key_name)
-
-    self._delete_entity()
-
-
-class CredentialsModel(db.Model):
-  """Storage for OAuth 2.0 Credentials
-
-  Storage of the model is keyed by the user.user_id().
-  """
-  credentials = CredentialsProperty()
-
-
-if ndb is not None:
-  class CredentialsNDBModel(ndb.Model):
-    """NDB Model for storage of OAuth 2.0 Credentials
-
-    Since this model uses the same kind as CredentialsModel and has a property
-    which can serialize and deserialize Credentials correctly, it can be used
-    interchangeably with a CredentialsModel to access, insert and delete the
-    same entities. This simply provides an NDB model for interacting with the
-    same data the DB model interacts with.
-
-    Storage of the model is keyed by the user.user_id().
-    """
-    credentials = CredentialsNDBProperty()
-
-    @classmethod
-    def _get_kind(cls):
-      """Return the kind name for this class."""
-      return 'CredentialsModel'
-
-
-def _build_state_value(request_handler, user):
-  """Composes the value for the 'state' parameter.
-
-  Packs the current request URI and an XSRF token into an opaque string that
-  can be passed to the authentication server via the 'state' parameter.
-
-  Args:
-    request_handler: webapp.RequestHandler, The request.
-    user: google.appengine.api.users.User, The current user.
-
-  Returns:
-    The state value as a string.
-  """
-  uri = request_handler.request.url
-  token = xsrfutil.generate_token(xsrf_secret_key(), user.user_id(),
-                                  action_id=str(uri))
-  return  uri + ':' + token
-
-
-def _parse_state_value(state, user):
-  """Parse the value of the 'state' parameter.
-
-  Parses the value and validates the XSRF token in the state parameter.
-
-  Args:
-    state: string, The value of the state parameter.
-    user: google.appengine.api.users.User, The current user.
-
-  Raises:
-    InvalidXsrfTokenError: if the XSRF token is invalid.
-
-  Returns:
-    The redirect URI.
-  """
-  uri, token = state.rsplit(':', 1)
-  if not xsrfutil.validate_token(xsrf_secret_key(), token, user.user_id(),
-                                 action_id=uri):
-    raise InvalidXsrfTokenError()
-
-  return uri
-
-
-class OAuth2Decorator(object):
-  """Utility for making OAuth 2.0 easier.
-
-  Instantiate and then use with oauth_required or oauth_aware
-  as decorators on webapp.RequestHandler methods.
-
-  Example:
-
-    decorator = OAuth2Decorator(
-        client_id='837...ent.com',
-        client_secret='Qh...wwI',
-        scope='https://www.googleapis.com/auth/plus')
-
-
-    class MainHandler(webapp.RequestHandler):
-
-      @decorator.oauth_required
-      def get(self):
-        http = decorator.http()
-        # http is authorized with the user's Credentials and can be used
-        # in API calls
-
-  """
-
-  def set_credentials(self, credentials):
-    self._tls.credentials = credentials
-
-  def get_credentials(self):
-    """A thread local Credentials object.
-
-    Returns:
-      A client.Credentials object, or None if credentials hasn't been set in
-      this thread yet, which may happen when calling has_credentials inside
-      oauth_aware.
-    """
-    return getattr(self._tls, 'credentials', None)
-
-  credentials = property(get_credentials, set_credentials)
-
-  def set_flow(self, flow):
-    self._tls.flow = flow
-
-  def get_flow(self):
-    """A thread local Flow object.
-
-    Returns:
-      A credentials.Flow object, or None if the flow hasn't been set in this
-      thread yet, which happens in _create_flow() since Flows are created
-      lazily.
-    """
-    return getattr(self._tls, 'flow', None)
-
-  flow = property(get_flow, set_flow)
-
-
-  @util.positional(4)
-  def __init__(self, client_id, client_secret, scope,
-               auth_uri=GOOGLE_AUTH_URI,
-               token_uri=GOOGLE_TOKEN_URI,
-               revoke_uri=GOOGLE_REVOKE_URI,
-               user_agent=None,
-               message=None,
-               callback_path='/oauth2callback',
-               token_response_param=None,
-               _storage_class=StorageByKeyName,
-               _credentials_class=CredentialsModel,
-               _credentials_property_name='credentials',
-               **kwargs):
-
-    """Constructor for OAuth2Decorator
-
-    Args:
-      client_id: string, client identifier.
-      client_secret: string client secret.
-      scope: string or iterable of strings, scope(s) of the credentials being
-        requested.
-      auth_uri: string, URI for authorization endpoint. For convenience
-        defaults to Google's endpoints but any OAuth 2.0 provider can be used.
-      token_uri: string, URI for token endpoint. For convenience
-        defaults to Google's endpoints but any OAuth 2.0 provider can be used.
-      revoke_uri: string, URI for revoke endpoint. For convenience
-        defaults to Google's endpoints but any OAuth 2.0 provider can be used.
-      user_agent: string, User agent of your application, default to None.
-      message: Message to display if there are problems with the OAuth 2.0
-        configuration. The message may contain HTML and will be presented on the
-        web interface for any method that uses the decorator.
-      callback_path: string, The absolute path to use as the callback URI. Note
-        that this must match up with the URI given when registering the
-        application in the APIs Console.
-      token_response_param: string. If provided, the full JSON response
-        to the access token request will be encoded and included in this query
-        parameter in the callback URI. This is useful with providers (e.g.
-        wordpress.com) that include extra fields that the client may want.
-      _storage_class: "Protected" keyword argument not typically provided to
-        this constructor. A storage class to aid in storing a Credentials object
-        for a user in the datastore. Defaults to StorageByKeyName.
-      _credentials_class: "Protected" keyword argument not typically provided to
-        this constructor. A db or ndb Model class to hold credentials. Defaults
-        to CredentialsModel.
-      _credentials_property_name: "Protected" keyword argument not typically
-        provided to this constructor. A string indicating the name of the field
-        on the _credentials_class where a Credentials object will be stored.
-        Defaults to 'credentials'.
-      **kwargs: dict, Keyword arguments are passed along as kwargs to
-        the OAuth2WebServerFlow constructor.
-
-    """
-    self._tls = threading.local()
-    self.flow = None
-    self.credentials = None
-    self._client_id = client_id
-    self._client_secret = client_secret
-    self._scope = util.scopes_to_string(scope)
-    self._auth_uri = auth_uri
-    self._token_uri = token_uri
-    self._revoke_uri = revoke_uri
-    self._user_agent = user_agent
-    self._kwargs = kwargs
-    self._message = message
-    self._in_error = False
-    self._callback_path = callback_path
-    self._token_response_param = token_response_param
-    self._storage_class = _storage_class
-    self._credentials_class = _credentials_class
-    self._credentials_property_name = _credentials_property_name
-
-  def _display_error_message(self, request_handler):
-    request_handler.response.out.write('<html><body>')
-    request_handler.response.out.write(_safe_html(self._message))
-    request_handler.response.out.write('</body></html>')
-
-  def oauth_required(self, method):
-    """Decorator that starts the OAuth 2.0 dance.
-
-    Starts the OAuth dance for the logged in user if they haven't already
-    granted access for this application.
-
-    Args:
-      method: callable, to be decorated method of a webapp.RequestHandler
-        instance.
-    """
-
-    def check_oauth(request_handler, *args, **kwargs):
-      if self._in_error:
-        self._display_error_message(request_handler)
-        return
-
-      user = users.get_current_user()
-      # Don't use @login_decorator as this could be used in a POST request.
-      if not user:
-        request_handler.redirect(users.create_login_url(
-            request_handler.request.uri))
-        return
-
-      self._create_flow(request_handler)
-
-      # Store the request URI in 'state' so we can use it later
-      self.flow.params['state'] = _build_state_value(request_handler, user)
-      self.credentials = self._storage_class(
-          self._credentials_class, None,
-          self._credentials_property_name, user=user).get()
-
-      if not self.has_credentials():
-        return request_handler.redirect(self.authorize_url())
-      try:
-        resp = method(request_handler, *args, **kwargs)
-      except AccessTokenRefreshError:
-        return request_handler.redirect(self.authorize_url())
-      finally:
-        self.credentials = None
-      return resp
-
-    return check_oauth
-
-  def _create_flow(self, request_handler):
-    """Create the Flow object.
-
-    The Flow is calculated lazily since we don't know where this app is
-    running until it receives a request, at which point redirect_uri can be
-    calculated and then the Flow object can be constructed.
-
-    Args:
-      request_handler: webapp.RequestHandler, the request handler.
-    """
-    if self.flow is None:
-      redirect_uri = request_handler.request.relative_url(
-          self._callback_path) # Usually /oauth2callback
-      self.flow = OAuth2WebServerFlow(self._client_id, self._client_secret,
-                                      self._scope, redirect_uri=redirect_uri,
-                                      user_agent=self._user_agent,
-                                      auth_uri=self._auth_uri,
-                                      token_uri=self._token_uri,
-                                      revoke_uri=self._revoke_uri,
-                                      **self._kwargs)
-
-  def oauth_aware(self, method):
-    """Decorator that sets up for OAuth 2.0 dance, but doesn't do it.
-
-    Does all the setup for the OAuth dance, but doesn't initiate it.
-    This decorator is useful if you want to create a page that knows
-    whether or not the user has granted access to this application.
-    From within a method decorated with @oauth_aware the has_credentials()
-    and authorize_url() methods can be called.
-
-    Args:
-      method: callable, to be decorated method of a webapp.RequestHandler
-        instance.
-    """
-
-    def setup_oauth(request_handler, *args, **kwargs):
-      if self._in_error:
-        self._display_error_message(request_handler)
-        return
-
-      user = users.get_current_user()
-      # Don't use @login_decorator as this could be used in a POST request.
-      if not user:
-        request_handler.redirect(users.create_login_url(
-            request_handler.request.uri))
-        return
-
-      self._create_flow(request_handler)
-
-      self.flow.params['state'] = _build_state_value(request_handler, user)
-      self.credentials = self._storage_class(
-          self._credentials_class, None,
-          self._credentials_property_name, user=user).get()
-      try:
-        resp = method(request_handler, *args, **kwargs)
-      finally:
-        self.credentials = None
-      return resp
-    return setup_oauth
-
-
-  def has_credentials(self):
-    """True if for the logged in user there are valid access Credentials.
-
-    Must only be called from with a webapp.RequestHandler subclassed method
-    that had been decorated with either @oauth_required or @oauth_aware.
-    """
-    return self.credentials is not None and not self.credentials.invalid
-
-  def authorize_url(self):
-    """Returns the URL to start the OAuth dance.
-
-    Must only be called from with a webapp.RequestHandler subclassed method
-    that had been decorated with either @oauth_required or @oauth_aware.
-    """
-    url = self.flow.step1_get_authorize_url()
-    return str(url)
-
-  def http(self, *args, **kwargs):
-    """Returns an authorized http instance.
-
-    Must only be called from within an @oauth_required decorated method, or
-    from within an @oauth_aware decorated method where has_credentials()
-    returns True.
-
-    Args:
-        *args: Positional arguments passed to httplib2.Http constructor.
-        **kwargs: Positional arguments passed to httplib2.Http constructor.
-    """
-    return self.credentials.authorize(httplib2.Http(*args, **kwargs))
-
-  @property
-  def callback_path(self):
-    """The absolute path where the callback will occur.
-
-    Note this is the absolute path, not the absolute URI, that will be
-    calculated by the decorator at runtime. See callback_handler() for how this
-    should be used.
-
-    Returns:
-      The callback path as a string.
-    """
-    return self._callback_path
-
-
-  def callback_handler(self):
-    """RequestHandler for the OAuth 2.0 redirect callback.
-
-    Usage:
-       app = webapp.WSGIApplication([
-         ('/index', MyIndexHandler),
-         ...,
-         (decorator.callback_path, decorator.callback_handler())
-       ])
-
-    Returns:
-      A webapp.RequestHandler that handles the redirect back from the
-      server during the OAuth 2.0 dance.
-    """
-    decorator = self
-
-    class OAuth2Handler(webapp.RequestHandler):
-      """Handler for the redirect_uri of the OAuth 2.0 dance."""
-
-      @login_required
-      def get(self):
-        error = self.request.get('error')
-        if error:
-          errormsg = self.request.get('error_description', error)
-          self.response.out.write(
-              'The authorization request failed: %s' % _safe_html(errormsg))
-        else:
-          user = users.get_current_user()
-          decorator._create_flow(self)
-          credentials = decorator.flow.step2_exchange(self.request.params)
-          decorator._storage_class(
-              decorator._credentials_class, None,
-              decorator._credentials_property_name, user=user).put(credentials)
-          redirect_uri = _parse_state_value(str(self.request.get('state')),
-                                            user)
-
-          if decorator._token_response_param and credentials.token_response:
-            resp_json = json.dumps(credentials.token_response)
-            redirect_uri = util._add_query_parameter(
-                redirect_uri, decorator._token_response_param, resp_json)
-
-          self.redirect(redirect_uri)
-
-    return OAuth2Handler
-
-  def callback_application(self):
-    """WSGI application for handling the OAuth 2.0 redirect callback.
-
-    If you need finer grained control use `callback_handler` which returns just
-    the webapp.RequestHandler.
-
-    Returns:
-      A webapp.WSGIApplication that handles the redirect back from the
-      server during the OAuth 2.0 dance.
-    """
-    return webapp.WSGIApplication([
-        (self.callback_path, self.callback_handler())
-        ])
-
-
-class OAuth2DecoratorFromClientSecrets(OAuth2Decorator):
-  """An OAuth2Decorator that builds from a clientsecrets file.
-
-  Uses a clientsecrets file as the source for all the information when
-  constructing an OAuth2Decorator.
-
-  Example:
-
-    decorator = OAuth2DecoratorFromClientSecrets(
-      os.path.join(os.path.dirname(__file__), 'client_secrets.json')
-      scope='https://www.googleapis.com/auth/plus')
-
-
-    class MainHandler(webapp.RequestHandler):
-
-      @decorator.oauth_required
-      def get(self):
-        http = decorator.http()
-        # http is authorized with the user's Credentials and can be used
-        # in API calls
-  """
-
-  @util.positional(3)
-  def __init__(self, filename, scope, message=None, cache=None, **kwargs):
-    """Constructor
-
-    Args:
-      filename: string, File name of client secrets.
-      scope: string or iterable of strings, scope(s) of the credentials being
-        requested.
-      message: string, A friendly string to display to the user if the
-        clientsecrets file is missing or invalid. The message may contain HTML
-        and will be presented on the web interface for any method that uses the
-        decorator.
-      cache: An optional cache service client that implements get() and set()
-        methods. See clientsecrets.loadfile() for details.
-      **kwargs: dict, Keyword arguments are passed along as kwargs to
-        the OAuth2WebServerFlow constructor.
-    """
-    client_type, client_info = clientsecrets.loadfile(filename, cache=cache)
-    if client_type not in [
-        clientsecrets.TYPE_WEB, clientsecrets.TYPE_INSTALLED]:
-      raise InvalidClientSecretsError(
-          "OAuth2Decorator doesn't support this OAuth 2.0 flow.")
-    constructor_kwargs = dict(kwargs)
-    constructor_kwargs.update({
-        'auth_uri': client_info['auth_uri'],
-        'token_uri': client_info['token_uri'],
-        'message': message,
-    })
-    revoke_uri = client_info.get('revoke_uri')
-    if revoke_uri is not None:
-      constructor_kwargs['revoke_uri'] = revoke_uri
-    super(OAuth2DecoratorFromClientSecrets, self).__init__(
-        client_info['client_id'], client_info['client_secret'],
-        scope, **constructor_kwargs)
-    if message is not None:
-      self._message = message
-    else:
-      self._message = 'Please configure your application for OAuth 2.0.'
-
-
-@util.positional(2)
-def oauth2decorator_from_clientsecrets(filename, scope,
-                                       message=None, cache=None):
-  """Creates an OAuth2Decorator populated from a clientsecrets file.
-
-  Args:
-    filename: string, File name of client secrets.
-    scope: string or list of strings, scope(s) of the credentials being
-      requested.
-    message: string, A friendly string to display to the user if the
-      clientsecrets file is missing or invalid. The message may contain HTML and
-      will be presented on the web interface for any method that uses the
-      decorator.
-    cache: An optional cache service client that implements get() and set()
-      methods. See clientsecrets.loadfile() for details.
-
-  Returns: An OAuth2Decorator
-
-  """
-  return OAuth2DecoratorFromClientSecrets(filename, scope,
-                                          message=message, cache=cache)
--- a/oauth2client/client.py
+++ b/oauth2client/client.py
--- a/oauth2client/clientsecrets.py
+++ b/oauth2client/clientsecrets.py
@@ -1,153 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Utilities for reading OAuth 2.0 client secret files.
-
-A client_secrets.json file contains all the information needed to interact with
-an OAuth 2.0 protected service.
-"""
-
-__author__ = 'jcgregorio@google.com (Joe Gregorio)'
-
-import json
-
-
-# Properties that make a client_secrets.json file valid.
-TYPE_WEB = 'web'
-TYPE_INSTALLED = 'installed'
-
-VALID_CLIENT = {
-    TYPE_WEB: {
-        'required': [
-            'client_id',
-            'client_secret',
-            'redirect_uris',
-            'auth_uri',
-            'token_uri',
-        ],
-        'string': [
-            'client_id',
-            'client_secret',
-        ],
-    },
-    TYPE_INSTALLED: {
-        'required': [
-            'client_id',
-            'client_secret',
-            'redirect_uris',
-            'auth_uri',
-            'token_uri',
-        ],
-        'string': [
-            'client_id',
-            'client_secret',
-        ],
-    },
-}
-
-
-class Error(Exception):
-  """Base error for this module."""
-  pass
-
-
-class InvalidClientSecretsError(Error):
-  """Format of ClientSecrets file is invalid."""
-  pass
-
-
-def _validate_clientsecrets(obj):
-  if obj is None or len(obj) != 1:
-    raise InvalidClientSecretsError('Invalid file format.')
-  client_type = obj.keys()[0]
-  if client_type not in VALID_CLIENT.keys():
-    raise InvalidClientSecretsError('Unknown client type: %s.' % client_type)
-  client_info = obj[client_type]
-  for prop_name in VALID_CLIENT[client_type]['required']:
-    if prop_name not in client_info:
-      raise InvalidClientSecretsError(
-        'Missing property "%s" in a client type of "%s".' % (prop_name,
-                                                           client_type))
-  for prop_name in VALID_CLIENT[client_type]['string']:
-    if client_info[prop_name].startswith('[['):
-      raise InvalidClientSecretsError(
-        'Property "%s" is not configured.' % prop_name)
-  return client_type, client_info
-
-
-def load(fp):
-  obj = json.load(fp)
-  return _validate_clientsecrets(obj)
-
-
-def loads(s):
-  obj = json.loads(s)
-  return _validate_clientsecrets(obj)
-
-
-def _loadfile(filename):
-  try:
-    fp = file(filename, 'r')
-    try:
-      obj = json.load(fp)
-    finally:
-      fp.close()
-  except IOError:
-    raise InvalidClientSecretsError('File not found: "%s"' % filename)
-  return _validate_clientsecrets(obj)
-
-
-def loadfile(filename, cache=None):
-  """Loading of client_secrets JSON file, optionally backed by a cache.
-
-  Typical cache storage would be App Engine memcache service,
-  but you can pass in any other cache client that implements
-  these methods:
-    - get(key, namespace=ns)
-    - set(key, value, namespace=ns)
-
-  Usage:
-    # without caching
-    client_type, client_info = loadfile('secrets.json')
-    # using App Engine memcache service
-    from google.appengine.api import memcache
-    client_type, client_info = loadfile('secrets.json', cache=memcache)
-
-  Args:
-    filename: string, Path to a client_secrets.json file on a filesystem.
-    cache: An optional cache service client that implements get() and set()
-      methods. If not specified, the file is always being loaded from
-      a filesystem.
-
-  Raises:
-    InvalidClientSecretsError: In case of a validation error or some
-      I/O failure. Can happen only on cache miss.
-
-  Returns:
-    (client_type, client_info) tuple, as _loadfile() normally would.
-    JSON contents is validated only during first load. Cache hits are not
-    validated.
-  """
-  _SECRET_NAMESPACE = 'oauth2client:secrets#ns'
-
-  if not cache:
-    return _loadfile(filename)
-
-  obj = cache.get(filename, namespace=_SECRET_NAMESPACE)
-  if obj is None:
-    client_type, client_info = _loadfile(filename)
-    obj = {client_type: client_info}
-    cache.set(filename, obj, namespace=_SECRET_NAMESPACE)
-
-  return obj.iteritems().next()
--- a/oauth2client/crypt.py
+++ b/oauth2client/crypt.py
@@ -1,393 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-"""Crypto-related routines for oauth2client."""
-
-import base64
-import json
-import logging
-import time
-
-
-CLOCK_SKEW_SECS = 300  # 5 minutes in seconds
-AUTH_TOKEN_LIFETIME_SECS = 300  # 5 minutes in seconds
-MAX_TOKEN_LIFETIME_SECS = 86400  # 1 day in seconds
-
-
-logger = logging.getLogger(__name__)
-
-
-class AppIdentityError(Exception):
-  pass
-
-
-try:
-  from OpenSSL import crypto
-
-  class OpenSSLVerifier(object):
-    """Verifies the signature on a message."""
-
-    def __init__(self, pubkey):
-      """Constructor.
-
-      Args:
-        pubkey, OpenSSL.crypto.PKey, The public key to verify with.
-      """
-      self._pubkey = pubkey
-
-    def verify(self, message, signature):
-      """Verifies a message against a signature.
-
-      Args:
-        message: string, The message to verify.
-        signature: string, The signature on the message.
-
-      Returns:
-        True if message was signed by the private key associated with the public
-        key that this object was constructed with.
-      """
-      try:
-        crypto.verify(self._pubkey, signature, message, 'sha256')
-        return True
-      except:
-        return False
-
-    @staticmethod
-    def from_string(key_pem, is_x509_cert):
-      """Construct a Verified instance from a string.
-
-      Args:
-        key_pem: string, public key in PEM format.
-        is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is
-          expected to be an RSA key in PEM format.
-
-      Returns:
-        Verifier instance.
-
-      Raises:
-        OpenSSL.crypto.Error if the key_pem can't be parsed.
-      """
-      if is_x509_cert:
-        pubkey = crypto.load_certificate(crypto.FILETYPE_PEM, key_pem)
-      else:
-        pubkey = crypto.load_privatekey(crypto.FILETYPE_PEM, key_pem)
-      return OpenSSLVerifier(pubkey)
-
-
-  class OpenSSLSigner(object):
-    """Signs messages with a private key."""
-
-    def __init__(self, pkey):
-      """Constructor.
-
-      Args:
-        pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.
-      """
-      self._key = pkey
-
-    def sign(self, message):
-      """Signs a message.
-
-      Args:
-        message: string, Message to be signed.
-
-      Returns:
-        string, The signature of the message for the given key.
-      """
-      return crypto.sign(self._key, message, 'sha256')
-
-    @staticmethod
-    def from_string(key, password='notasecret'):
-      """Construct a Signer instance from a string.
-
-      Args:
-        key: string, private key in PKCS12 or PEM format.
-        password: string, password for the private key file.
-
-      Returns:
-        Signer instance.
-
-      Raises:
-        OpenSSL.crypto.Error if the key can't be parsed.
-      """
-      parsed_pem_key = _parse_pem_key(key)
-      if parsed_pem_key:
-        pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, parsed_pem_key)
-      else:
-        pkey = crypto.load_pkcs12(key, password.encode('utf8')).get_privatekey()
-      return OpenSSLSigner(pkey)
-
-except ImportError:
-  OpenSSLVerifier = None
-  OpenSSLSigner = None
-
-
-try:
-  from Crypto.PublicKey import RSA
-  from Crypto.Hash import SHA256
-  from Crypto.Signature import PKCS1_v1_5
-  from Crypto.Util.asn1 import DerSequence
-
-
-  class PyCryptoVerifier(object):
-    """Verifies the signature on a message."""
-
-    def __init__(self, pubkey):
-      """Constructor.
-
-      Args:
-        pubkey, OpenSSL.crypto.PKey (or equiv), The public key to verify with.
-      """
-      self._pubkey = pubkey
-
-    def verify(self, message, signature):
-      """Verifies a message against a signature.
-
-      Args:
-        message: string, The message to verify.
-        signature: string, The signature on the message.
-
-      Returns:
-        True if message was signed by the private key associated with the public
-        key that this object was constructed with.
-      """
-      try:
-        return PKCS1_v1_5.new(self._pubkey).verify(
-            SHA256.new(message), signature)
-      except:
-        return False
-
-    @staticmethod
-    def from_string(key_pem, is_x509_cert):
-      """Construct a Verified instance from a string.
-
-      Args:
-        key_pem: string, public key in PEM format.
-        is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is
-          expected to be an RSA key in PEM format.
-
-      Returns:
-        Verifier instance.
-      """
-      if is_x509_cert:
-        pemLines = key_pem.replace(' ', '').split()
-        certDer = _urlsafe_b64decode(''.join(pemLines[1:-1]))
-        certSeq = DerSequence()
-        certSeq.decode(certDer)
-        tbsSeq = DerSequence()
-        tbsSeq.decode(certSeq[0])
-        pubkey = RSA.importKey(tbsSeq[6])
-      else:
-        pubkey = RSA.importKey(key_pem)
-      return PyCryptoVerifier(pubkey)
-
-
-  class PyCryptoSigner(object):
-    """Signs messages with a private key."""
-
-    def __init__(self, pkey):
-      """Constructor.
-
-      Args:
-        pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.
-      """
-      self._key = pkey
-
-    def sign(self, message):
-      """Signs a message.
-
-      Args:
-        message: string, Message to be signed.
-
-      Returns:
-        string, The signature of the message for the given key.
-      """
-      return PKCS1_v1_5.new(self._key).sign(SHA256.new(message))
-
-    @staticmethod
-    def from_string(key, password='notasecret'):
-      """Construct a Signer instance from a string.
-
-      Args:
-        key: string, private key in PEM format.
-        password: string, password for private key file. Unused for PEM files.
-
-      Returns:
-        Signer instance.
-
-      Raises:
-        NotImplementedError if they key isn't in PEM format.
-      """
-      parsed_pem_key = _parse_pem_key(key)
-      if parsed_pem_key:
-        pkey = RSA.importKey(parsed_pem_key)
-      else:
-        raise NotImplementedError(
-            'PKCS12 format is not supported by the PyCrypto library. '
-            'Try converting to a "PEM" '
-            '(openssl pkcs12 -in xxxxx.p12 -nodes -nocerts > privatekey.pem) '
-            'or using PyOpenSSL if native code is an option.')
-      return PyCryptoSigner(pkey)
-
-except ImportError:
-  PyCryptoVerifier = None
-  PyCryptoSigner = None
-
-
-if OpenSSLSigner:
-  Signer = OpenSSLSigner
-  Verifier = OpenSSLVerifier
-elif PyCryptoSigner:
-  Signer = PyCryptoSigner
-  Verifier = PyCryptoVerifier
-else:
-  raise ImportError('No encryption library found. Please install either '
-                    'PyOpenSSL, or PyCrypto 2.6 or later')
-
-
-def _parse_pem_key(raw_key_input):
-  """Identify and extract PEM keys.
-
-  Determines whether the given key is in the format of PEM key, and extracts
-  the relevant part of the key if it is.
-
-  Args:
-    raw_key_input: The contents of a private key file (either PEM or PKCS12).
-
-  Returns:
-    string, The actual key if the contents are from a PEM file, or else None.
-  """
-  offset = raw_key_input.find('-----BEGIN ')
-  if offset != -1:
-    return raw_key_input[offset:]
-
-
-def _urlsafe_b64encode(raw_bytes):
-  return base64.urlsafe_b64encode(raw_bytes).rstrip('=')
-
-
-def _urlsafe_b64decode(b64string):
-  # Guard against unicode strings, which base64 can't handle.
-  b64string = b64string.encode('ascii')
-  padded = b64string + '=' * (4 - len(b64string) % 4)
-  return base64.urlsafe_b64decode(padded)
-
-
-def _json_encode(data):
-  return json.dumps(data, separators=(',', ':'))
-
-
-def make_signed_jwt(signer, payload):
-  """Make a signed JWT.
-
-  See http://self-issued.info/docs/draft-jones-json-web-token.html.
-
-  Args:
-    signer: crypt.Signer, Cryptographic signer.
-    payload: dict, Dictionary of data to convert to JSON and then sign.
-
-  Returns:
-    string, The JWT for the payload.
-  """
-  header = {'typ': 'JWT', 'alg': 'RS256'}
-
-  segments = [
-      _urlsafe_b64encode(_json_encode(header)),
-      _urlsafe_b64encode(_json_encode(payload)),
-  ]
-  signing_input = '.'.join(segments)
-
-  signature = signer.sign(signing_input)
-  segments.append(_urlsafe_b64encode(signature))
-
-  logger.debug(str(segments))
-
-  return '.'.join(segments)
-
-
-def verify_signed_jwt_with_certs(jwt, certs, audience):
-  """Verify a JWT against public certs.
-
-  See http://self-issued.info/docs/draft-jones-json-web-token.html.
-
-  Args:
-    jwt: string, A JWT.
-    certs: dict, Dictionary where values of public keys in PEM format.
-    audience: string, The audience, 'aud', that this JWT should contain. If
-      None then the JWT's 'aud' parameter is not verified.
-
-  Returns:
-    dict, The deserialized JSON payload in the JWT.
-
-  Raises:
-    AppIdentityError if any checks are failed.
-  """
-  segments = jwt.split('.')
-
-  if len(segments) != 3:
-    raise AppIdentityError('Wrong number of segments in token: %s' % jwt)
-  signed = '%s.%s' % (segments[0], segments[1])
-
-  signature = _urlsafe_b64decode(segments[2])
-
-  # Parse token.
-  json_body = _urlsafe_b64decode(segments[1])
-  try:
-    parsed = json.loads(json_body)
-  except:
-    raise AppIdentityError('Can\'t parse token: %s' % json_body)
-
-  # Check signature.
-  verified = False
-  for _, pem in certs.items():
-    verifier = Verifier.from_string(pem, True)
-    if verifier.verify(signed, signature):
-      verified = True
-      break
-  if not verified:
-    raise AppIdentityError('Invalid token signature: %s' % jwt)
-
-  # Check creation timestamp.
-  iat = parsed.get('iat')
-  if iat is None:
-    raise AppIdentityError('No iat field in token: %s' % json_body)
-  earliest = iat - CLOCK_SKEW_SECS
-
-  # Check expiration timestamp.
-  now = long(time.time())
-  exp = parsed.get('exp')
-  if exp is None:
-    raise AppIdentityError('No exp field in token: %s' % json_body)
-  if exp >= now + MAX_TOKEN_LIFETIME_SECS:
-    raise AppIdentityError('exp field too far in future: %s' % json_body)
-  latest = exp + CLOCK_SKEW_SECS
-
-  if now < earliest:
-    raise AppIdentityError('Token used too early, %d < %d: %s' %
-                           (now, earliest, json_body))
-  if now > latest:
-    raise AppIdentityError('Token used too late, %d > %d: %s' %
-                           (now, latest, json_body))
-
-  # Check audience.
-  if audience is not None:
-    aud = parsed.get('aud')
-    if aud is None:
-      raise AppIdentityError('No aud field in token: %s' % json_body)
-    if aud != audience:
-      raise AppIdentityError('Wrong recipient, %s != %s: %s' %
-                             (aud, audience, json_body))
-
-  return parsed
--- a/oauth2client/django_orm.py
+++ b/oauth2client/django_orm.py
@@ -1,141 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""OAuth 2.0 utilities for Django.
-
-Utilities for using OAuth 2.0 in conjunction with
-the Django datastore.
-"""
-
-__author__ = 'jcgregorio@google.com (Joe Gregorio)'
-
-import oauth2client
-import base64
-import pickle
-
-from django.db import models
-from oauth2client.client import Storage as BaseStorage
-
-class CredentialsField(models.Field):
-
-  __metaclass__ = models.SubfieldBase
-
-  def __init__(self, *args, **kwargs):
-    if 'null' not in kwargs:
-      kwargs['null'] = True
-    super(CredentialsField, self).__init__(*args, **kwargs)
-
-  def get_internal_type(self):
-    return "TextField"
-
-  def to_python(self, value):
-    if value is None:
-      return None
-    if isinstance(value, oauth2client.client.Credentials):
-      return value
-    return pickle.loads(base64.b64decode(value))
-
-  def get_db_prep_value(self, value, connection, prepared=False):
-    if value is None:
-      return None
-    return base64.b64encode(pickle.dumps(value))
-
-
-class FlowField(models.Field):
-
-  __metaclass__ = models.SubfieldBase
-
-  def __init__(self, *args, **kwargs):
-    if 'null' not in kwargs:
-      kwargs['null'] = True
-    super(FlowField, self).__init__(*args, **kwargs)
-
-  def get_internal_type(self):
-    return "TextField"
-
-  def to_python(self, value):
-    if value is None:
-      return None
-    if isinstance(value, oauth2client.client.Flow):
-      return value
-    return pickle.loads(base64.b64decode(value))
-
-  def get_db_prep_value(self, value, connection, prepared=False):
-    if value is None:
-      return None
-    return base64.b64encode(pickle.dumps(value))
-
-
-class Storage(BaseStorage):
-  """Store and retrieve a single credential to and from
-  the datastore.
-
-  This Storage helper presumes the Credentials
-  have been stored as a CredenialsField
-  on a db model class.
-  """
-
-  def __init__(self, model_class, key_name, key_value, property_name):
-    """Constructor for Storage.
-
-    Args:
-      model: db.Model, model class
-      key_name: string, key name for the entity that has the credentials
-      key_value: string, key value for the entity that has the credentials
-      property_name: string, name of the property that is an CredentialsProperty
-    """
-    self.model_class = model_class
-    self.key_name = key_name
-    self.key_value = key_value
-    self.property_name = property_name
-
-  def locked_get(self):
-    """Retrieve Credential from datastore.
-
-    Returns:
-      oauth2client.Credentials
-    """
-    credential = None
-
-    query = {self.key_name: self.key_value}
-    entities = self.model_class.objects.filter(**query)
-    if len(entities) > 0:
-      credential = getattr(entities[0], self.property_name)
-      if credential and hasattr(credential, 'set_store'):
-        credential.set_store(self)
-    return credential
-
-  def locked_put(self, credentials, overwrite=False):
-    """Write a Credentials to the datastore.
-
-    Args:
-      credentials: Credentials, the credentials to store.
-      overwrite: Boolean, indicates whether you would like these credentials to
-                          overwrite any existing stored credentials.
-    """
-    args = {self.key_name: self.key_value}
-
-    if overwrite:
-      entity, unused_is_new = self.model_class.objects.get_or_create(**args)
-    else:
-      entity = self.model_class(**args)
-
-    setattr(entity, self.property_name, credentials)
-    entity.save()
-
-  def locked_delete(self):
-    """Delete Credentials from the datastore."""
-
-    query = {self.key_name: self.key_value}
-    entities = self.model_class.objects.filter(**query).delete()
--- a/oauth2client/file.py
+++ b/oauth2client/file.py
@@ -1,123 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Utilities for OAuth.
-
-Utilities for making it easier to work with OAuth 2.0
-credentials.
-"""
-
-__author__ = 'jcgregorio@google.com (Joe Gregorio)'
-
-import os
-import threading
-
-from oauth2client.client import Credentials
-from oauth2client.client import Storage as BaseStorage
-
-
-class CredentialsFileSymbolicLinkError(Exception):
-  """Credentials files must not be symbolic links."""
-
-
-class Storage(BaseStorage):
-  """Store and retrieve a single credential to and from a file."""
-
-  def __init__(self, filename):
-    self._filename = filename
-    self._lock = threading.Lock()
-
-  def _validate_file(self):
-    return
-    if os.path.islink(self._filename):
-      raise CredentialsFileSymbolicLinkError(
-          'File: %s is a symbolic link.' % self._filename)
-
-  def acquire_lock(self):
-    """Acquires any lock necessary to access this Storage.
-
-    This lock is not reentrant."""
-    self._lock.acquire()
-
-  def release_lock(self):
-    """Release the Storage lock.
-
-    Trying to release a lock that isn't held will result in a
-    RuntimeError.
-    """
-    self._lock.release()
-
-  def locked_get(self):
-    """Retrieve Credential from file.
-
-    Returns:
-      oauth2client.client.Credentials
-
-    Raises:
-      CredentialsFileSymbolicLinkError if the file is a symbolic link.
-    """
-    credentials = None
-    self._validate_file()
-    try:
-      f = open(self._filename, 'rb')
-      content = f.read()
-      f.close()
-    except IOError:
-      return credentials
-
-    try:
-      credentials = Credentials.new_from_json(content)
-      credentials.set_store(self)
-    except ValueError:
-      pass
-
-    return credentials
-
-  def _create_file_if_needed(self):
-    """Create an empty file if necessary.
-
-    This method will not initialize the file. Instead it implements a
-    simple version of "touch" to ensure the file has been created.
-    """
-    if not os.path.exists(self._filename):
-      old_umask = os.umask(0177)
-      try:
-        open(self._filename, 'a+b').close()
-      finally:
-        os.umask(old_umask)
-
-  def locked_put(self, credentials):
-    """Write Credentials to file.
-
-    Args:
-      credentials: Credentials, the credentials to store.
-
-    Raises:
-      CredentialsFileSymbolicLinkError if the file is a symbolic link.
-    """
-
-    self._create_file_if_needed()
-    self._validate_file()
-    f = open(self._filename, 'wb')
-    f.write(credentials.to_json())
-    f.close()
-
-  def locked_delete(self):
-    """Delete Credentials file.
-
-    Args:
-      credentials: Credentials, the credentials to store.
-    """
-
-    os.unlink(self._filename)
--- a/oauth2client/gce.py
+++ b/oauth2client/gce.py
@@ -1,105 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Utilities for Google Compute Engine
-
-Utilities for making it easier to use OAuth 2.0 on Google Compute Engine.
-"""
-
-__author__ = 'jcgregorio@google.com (Joe Gregorio)'
-
-import json
-import logging
-import urllib
-
-from oauth2client import util
-from oauth2client.client import AccessTokenRefreshError
-from oauth2client.client import AssertionCredentials
-
-logger = logging.getLogger(__name__)
-
-# URI Template for the endpoint that returns access_tokens.
-META = ('http://metadata.google.internal/0.1/meta-data/service-accounts/'
-        'default/acquire{?scope}')
-
-
-class AppAssertionCredentials(AssertionCredentials):
-  """Credentials object for Compute Engine Assertion Grants
-
-  This object will allow a Compute Engine instance to identify itself to
-  Google and other OAuth 2.0 servers that can verify assertions. It can be used
-  for the purpose of accessing data stored under an account assigned to the
-  Compute Engine instance itself.
-
-  This credential does not require a flow to instantiate because it represents
-  a two legged flow, and therefore has all of the required information to
-  generate and refresh its own access tokens.
-  """
-
-  @util.positional(2)
-  def __init__(self, scope, **kwargs):
-    """Constructor for AppAssertionCredentials
-
-    Args:
-      scope: string or iterable of strings, scope(s) of the credentials being
-        requested.
-    """
-    self.scope = util.scopes_to_string(scope)
-    self.kwargs = kwargs
-
-    # Assertion type is no longer used, but still in the parent class signature.
-    super(AppAssertionCredentials, self).__init__(None)
-
-  @classmethod
-  def from_json(cls, json_data):
-    data = json.loads(json_data)
-    return AppAssertionCredentials(data['scope'])
-
-  def _refresh(self, http_request):
-    """Refreshes the access_token.
-
-    Skip all the storage hoops and just refresh using the API.
-
-    Args:
-      http_request: callable, a callable that matches the method signature of
-        httplib2.Http.request, used to make the refresh request.
-
-    Raises:
-      AccessTokenRefreshError: When the refresh fails.
-    """
-    query = '?scope=%s' % urllib.quote(self.scope, '')
-    uri = META.replace('{?scope}', query)
-    response, content = http_request(uri)
-    if response.status == 200:
-      try:
-        d = json.loads(content)
-      except StandardError as e:
-        raise AccessTokenRefreshError(str(e))
-      self.access_token = d['accessToken']
-    else:
-      if response.status == 404:
-        content += (' This can occur if a VM was created'
-                    ' with no service account or scopes.')
-      raise AccessTokenRefreshError(content)
-
-  @property
-  def serialization_data(self):
-    raise NotImplementedError(
-        'Cannot serialize credentials for GCE service accounts.')
-
-  def create_scoped_required(self):
-    return not self.scope
-
-  def create_scoped(self, scopes):
-    return AppAssertionCredentials(scopes, **self.kwargs)
--- a/oauth2client/keyring_storage.py
+++ b/oauth2client/keyring_storage.py
@@ -1,110 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""A keyring based Storage.
-
-A Storage for Credentials that uses the keyring module.
-"""
-
-__author__ = 'jcgregorio@google.com (Joe Gregorio)'
-
-import threading
-
-import keyring
-
-from oauth2client.client import Credentials
-from oauth2client.client import Storage as BaseStorage
-
-
-class Storage(BaseStorage):
-  """Store and retrieve a single credential to and from the keyring.
-
-  To use this module you must have the keyring module installed. See
-  <http://pypi.python.org/pypi/keyring/>. This is an optional module and is not
-  installed with oauth2client by default because it does not work on all the
-  platforms that oauth2client supports, such as Google App Engine.
-
-  The keyring module <http://pypi.python.org/pypi/keyring/> is a cross-platform
-  library for access the keyring capabilities of the local system. The user will
-  be prompted for their keyring password when this module is used, and the
-  manner in which the user is prompted will vary per platform.
-
-  Usage:
-    from oauth2client.keyring_storage import Storage
-
-    s = Storage('name_of_application', 'user1')
-    credentials = s.get()
-
-  """
-
-  def __init__(self, service_name, user_name):
-    """Constructor.
-
-    Args:
-      service_name: string, The name of the service under which the credentials
-        are stored.
-      user_name: string, The name of the user to store credentials for.
-    """
-    self._service_name = service_name
-    self._user_name = user_name
-    self._lock = threading.Lock()
-
-  def acquire_lock(self):
-    """Acquires any lock necessary to access this Storage.
-
-    This lock is not reentrant."""
-    self._lock.acquire()
-
-  def release_lock(self):
-    """Release the Storage lock.
-
-    Trying to release a lock that isn't held will result in a
-    RuntimeError.
-    """
-    self._lock.release()
-
-  def locked_get(self):
-    """Retrieve Credential from file.
-
-    Returns:
-      oauth2client.client.Credentials
-    """
-    credentials = None
-    content = keyring.get_password(self._service_name, self._user_name)
-
-    if content is not None:
-      try:
-        credentials = Credentials.new_from_json(content)
-        credentials.set_store(self)
-      except ValueError:
-        pass
-
-    return credentials
-
-  def locked_put(self, credentials):
-    """Write Credentials to file.
-
-    Args:
-      credentials: Credentials, the credentials to store.
-    """
-    keyring.set_password(self._service_name, self._user_name,
-                         credentials.to_json())
-
-  def locked_delete(self):
-    """Delete Credentials file.
-
-    Args:
-      credentials: Credentials, the credentials to store.
-    """
-    keyring.set_password(self._service_name, self._user_name, '')
--- a/oauth2client/locked_file.py
+++ b/oauth2client/locked_file.py
@@ -1,374 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Locked file interface that should work on Unix and Windows pythons.
-
-This module first tries to use fcntl locking to ensure serialized access
-to a file, then falls back on a lock file if that is unavialable.
-
-Usage:
-    f = LockedFile('filename', 'r+b', 'rb')
-    f.open_and_lock()
-    if f.is_locked():
-      print 'Acquired filename with r+b mode'
-      f.file_handle().write('locked data')
-    else:
-      print 'Aquired filename with rb mode'
-    f.unlock_and_close()
-"""
-
-__author__ = 'cache@google.com (David T McWherter)'
-
-import errno
-import logging
-import os
-import time
-
-from oauth2client import util
-
-logger = logging.getLogger(__name__)
-
-
-class CredentialsFileSymbolicLinkError(Exception):
-  """Credentials files must not be symbolic links."""
-
-
-class AlreadyLockedException(Exception):
-  """Trying to lock a file that has already been locked by the LockedFile."""
-  pass
-
-
-def validate_file(filename):
-  if os.path.islink(filename):
-    raise CredentialsFileSymbolicLinkError(
-        'File: %s is a symbolic link.' % filename)
-
-class _Opener(object):
-  """Base class for different locking primitives."""
-
-  def __init__(self, filename, mode, fallback_mode):
-    """Create an Opener.
-
-    Args:
-      filename: string, The pathname of the file.
-      mode: string, The preferred mode to access the file with.
-      fallback_mode: string, The mode to use if locking fails.
-    """
-    self._locked = False
-    self._filename = filename
-    self._mode = mode
-    self._fallback_mode = fallback_mode
-    self._fh = None
-    self._lock_fd = None
-
-  def is_locked(self):
-    """Was the file locked."""
-    return self._locked
-
-  def file_handle(self):
-    """The file handle to the file. Valid only after opened."""
-    return self._fh
-
-  def filename(self):
-    """The filename that is being locked."""
-    return self._filename
-
-  def open_and_lock(self, timeout, delay):
-    """Open the file and lock it.
-
-    Args:
-      timeout: float, How long to try to lock for.
-      delay: float, How long to wait between retries.
-    """
-    pass
-
-  def unlock_and_close(self):
-    """Unlock and close the file."""
-    pass
-
-
-class _PosixOpener(_Opener):
-  """Lock files using Posix advisory lock files."""
-
-  def open_and_lock(self, timeout, delay):
-    """Open the file and lock it.
-
-    Tries to create a .lock file next to the file we're trying to open.
-
-    Args:
-      timeout: float, How long to try to lock for.
-      delay: float, How long to wait between retries.
-
-    Raises:
-      AlreadyLockedException: if the lock is already acquired.
-      IOError: if the open fails.
-      CredentialsFileSymbolicLinkError if the file is a symbolic link.
-    """
-    if self._locked:
-      raise AlreadyLockedException('File %s is already locked' %
-                                   self._filename)
-    self._locked = False
-
-    validate_file(self._filename)
-    try:
-      self._fh = open(self._filename, self._mode)
-    except IOError as e:
-      # If we can't access with _mode, try _fallback_mode and don't lock.
-      if e.errno == errno.EACCES:
-        self._fh = open(self._filename, self._fallback_mode)
-        return
-
-    lock_filename = self._posix_lockfile(self._filename)
-    start_time = time.time()
-    while True:
-      try:
-        self._lock_fd = os.open(lock_filename,
-                                os.O_CREAT|os.O_EXCL|os.O_RDWR)
-        self._locked = True
-        break
-
-      except OSError as e:
-        if e.errno != errno.EEXIST:
-          raise
-        if (time.time() - start_time) >= timeout:
-          logger.warn('Could not acquire lock %s in %s seconds',
-                      lock_filename, timeout)
-          # Close the file and open in fallback_mode.
-          if self._fh:
-            self._fh.close()
-          self._fh = open(self._filename, self._fallback_mode)
-          return
-        time.sleep(delay)
-
-  def unlock_and_close(self):
-    """Unlock a file by removing the .lock file, and close the handle."""
-    if self._locked:
-      lock_filename = self._posix_lockfile(self._filename)
-      os.close(self._lock_fd)
-      os.unlink(lock_filename)
-      self._locked = False
-      self._lock_fd = None
-    if self._fh:
-      self._fh.close()
-
-  def _posix_lockfile(self, filename):
-    """The name of the lock file to use for posix locking."""
-    return '%s.lock' % filename
-
-
-try:
-  import fcntl
-
-  class _FcntlOpener(_Opener):
-    """Open, lock, and unlock a file using fcntl.lockf."""
-
-    def open_and_lock(self, timeout, delay):
-      """Open the file and lock it.
-
-      Args:
-        timeout: float, How long to try to lock for.
-        delay: float, How long to wait between retries
-
-      Raises:
-        AlreadyLockedException: if the lock is already acquired.
-        IOError: if the open fails.
-        CredentialsFileSymbolicLinkError if the file is a symbolic link.
-      """
-      if self._locked:
-        raise AlreadyLockedException('File %s is already locked' %
-                                     self._filename)
-      start_time = time.time()
-
-      validate_file(self._filename)
-      try:
-        self._fh = open(self._filename, self._mode)
-      except IOError as e:
-        # If we can't access with _mode, try _fallback_mode and don't lock.
-        if e.errno in (errno.EPERM, errno.EACCES):
-          self._fh = open(self._filename, self._fallback_mode)
-          return
-
-      # We opened in _mode, try to lock the file.
-      while True:
-        try:
-          fcntl.lockf(self._fh.fileno(), fcntl.LOCK_EX)
-          self._locked = True
-          return
-        except IOError as e:
-          # If not retrying, then just pass on the error.
-          if timeout == 0:
-            raise e
-          if e.errno != errno.EACCES:
-            raise e
-          # We could not acquire the lock. Try again.
-          if (time.time() - start_time) >= timeout:
-            logger.warn('Could not lock %s in %s seconds',
-                        self._filename, timeout)
-            if self._fh:
-              self._fh.close()
-            self._fh = open(self._filename, self._fallback_mode)
-            return
-          time.sleep(delay)
-
-    def unlock_and_close(self):
-      """Close and unlock the file using the fcntl.lockf primitive."""
-      if self._locked:
-        fcntl.lockf(self._fh.fileno(), fcntl.LOCK_UN)
-      self._locked = False
-      if self._fh:
-        self._fh.close()
-except ImportError:
-  _FcntlOpener = None
-
-
-try:
-  import pywintypes
-  import win32con
-  import win32file
-
-  class _Win32Opener(_Opener):
-    """Open, lock, and unlock a file using windows primitives."""
-
-    # Error #33:
-    #  'The process cannot access the file because another process'
-    FILE_IN_USE_ERROR = 33
-
-    # Error #158:
-    #  'The segment is already unlocked.'
-    FILE_ALREADY_UNLOCKED_ERROR = 158
-
-    def open_and_lock(self, timeout, delay):
-      """Open the file and lock it.
-
-      Args:
-        timeout: float, How long to try to lock for.
-        delay: float, How long to wait between retries
-
-      Raises:
-        AlreadyLockedException: if the lock is already acquired.
-        IOError: if the open fails.
-        CredentialsFileSymbolicLinkError if the file is a symbolic link.
-      """
-      if self._locked:
-        raise AlreadyLockedException('File %s is already locked' %
-                                     self._filename)
-      start_time = time.time()
-
-      validate_file(self._filename)
-      try:
-        self._fh = open(self._filename, self._mode)
-      except IOError as e:
-        # If we can't access with _mode, try _fallback_mode and don't lock.
-        if e.errno == errno.EACCES:
-          self._fh = open(self._filename, self._fallback_mode)
-          return
-
-      # We opened in _mode, try to lock the file.
-      while True:
-        try:
-          hfile = win32file._get_osfhandle(self._fh.fileno())
-          win32file.LockFileEx(
-              hfile,
-              (win32con.LOCKFILE_FAIL_IMMEDIATELY|
-               win32con.LOCKFILE_EXCLUSIVE_LOCK), 0, -0x10000,
-              pywintypes.OVERLAPPED())
-          self._locked = True
-          return
-        except pywintypes.error as e:
-          if timeout == 0:
-            raise e
-
-          # If the error is not that the file is already in use, raise.
-          if e[0] != _Win32Opener.FILE_IN_USE_ERROR:
-            raise
-
-          # We could not acquire the lock. Try again.
-          if (time.time() - start_time) >= timeout:
-            logger.warn('Could not lock %s in %s seconds' % (
-                self._filename, timeout))
-            if self._fh:
-              self._fh.close()
-            self._fh = open(self._filename, self._fallback_mode)
-            return
-          time.sleep(delay)
-
-    def unlock_and_close(self):
-      """Close and unlock the file using the win32 primitive."""
-      if self._locked:
-        try:
-          hfile = win32file._get_osfhandle(self._fh.fileno())
-          win32file.UnlockFileEx(hfile, 0, -0x10000, pywintypes.OVERLAPPED())
-        except pywintypes.error as e:
-          if e[0] != _Win32Opener.FILE_ALREADY_UNLOCKED_ERROR:
-            raise
-      self._locked = False
-      if self._fh:
-        self._fh.close()
-except ImportError:
-  _Win32Opener = None
-
-
-class LockedFile(object):
-  """Represent a file that has exclusive access."""
-
-  @util.positional(4)
-  def __init__(self, filename, mode, fallback_mode, use_native_locking=True):
-    """Construct a LockedFile.
-
-    Args:
-      filename: string, The path of the file to open.
-      mode: string, The mode to try to open the file with.
-      fallback_mode: string, The mode to use if locking fails.
-      use_native_locking: bool, Whether or not fcntl/win32 locking is used.
-    """
-    opener = None
-    if not opener and use_native_locking:
-      if _Win32Opener:
-        opener = _Win32Opener(filename, mode, fallback_mode)
-      if _FcntlOpener:
-        opener = _FcntlOpener(filename, mode, fallback_mode)
-
-    if not opener:
-      opener = _PosixOpener(filename, mode, fallback_mode)
-
-    self._opener = opener
-
-  def filename(self):
-    """Return the filename we were constructed with."""
-    return self._opener._filename
-
-  def file_handle(self):
-    """Return the file_handle to the opened file."""
-    return self._opener.file_handle()
-
-  def is_locked(self):
-    """Return whether we successfully locked the file."""
-    return self._opener.is_locked()
-
-  def open_and_lock(self, timeout=0, delay=0.05):
-    """Open the file, trying to lock it.
-
-    Args:
-      timeout: float, The number of seconds to try to acquire the lock.
-      delay: float, The number of seconds to wait between retry attempts.
-
-    Raises:
-      AlreadyLockedException: if the lock is already acquired.
-      IOError: if the open fails.
-    """
-    self._opener.open_and_lock(timeout, delay)
-
-  def unlock_and_close(self):
-    """Unlock and close a file."""
-    self._opener.unlock_and_close()
--- a/oauth2client/multistore_file.py
+++ b/oauth2client/multistore_file.py
@@ -1,463 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Multi-credential file store with lock support.
-
-This module implements a JSON credential store where multiple
-credentials can be stored in one file. That file supports locking
-both in a single process and across processes.
-
-The credential themselves are keyed off of:
-* client_id
-* user_agent
-* scope
-
-The format of the stored data is like so:
-{
-  'file_version': 1,
-  'data': [
-    {
-      'key': {
-        'clientId': '<client id>',
-        'userAgent': '<user agent>',
-        'scope': '<scope>'
-      },
-      'credential': {
-        # JSON serialized Credentials.
-      }
-    }
-  ]
-}
-"""
-
-__author__ = 'jbeda@google.com (Joe Beda)'
-
-import json
-import logging
-import os
-import threading
-
-from oauth2client.client import Credentials
-from oauth2client.client import Storage as BaseStorage
-from oauth2client import util
-from oauth2client.locked_file import LockedFile
-
-logger = logging.getLogger(__name__)
-
-# A dict from 'filename'->_MultiStore instances
-_multistores = {}
-_multistores_lock = threading.Lock()
-
-
-class Error(Exception):
-  """Base error for this module."""
-  pass
-
-
-class NewerCredentialStoreError(Error):
-  """The credential store is a newer version that supported."""
-  pass
-
-
-@util.positional(4)
-def get_credential_storage(filename, client_id, user_agent, scope,
-                           warn_on_readonly=True):
-  """Get a Storage instance for a credential.
-
-  Args:
-    filename: The JSON file storing a set of credentials
-    client_id: The client_id for the credential
-    user_agent: The user agent for the credential
-    scope: string or iterable of strings, Scope(s) being requested
-    warn_on_readonly: if True, log a warning if the store is readonly
-
-  Returns:
-    An object derived from client.Storage for getting/setting the
-    credential.
-  """
-  # Recreate the legacy key with these specific parameters
-  key = {'clientId': client_id, 'userAgent': user_agent,
-         'scope': util.scopes_to_string(scope)}
-  return get_credential_storage_custom_key(
-      filename, key, warn_on_readonly=warn_on_readonly)
-
-
-@util.positional(2)
-def get_credential_storage_custom_string_key(
-    filename, key_string, warn_on_readonly=True):
-  """Get a Storage instance for a credential using a single string as a key.
-
-  Allows you to provide a string as a custom key that will be used for
-  credential storage and retrieval.
-
-  Args:
-    filename: The JSON file storing a set of credentials
-    key_string: A string to use as the key for storing this credential.
-    warn_on_readonly: if True, log a warning if the store is readonly
-
-  Returns:
-    An object derived from client.Storage for getting/setting the
-    credential.
-  """
-  # Create a key dictionary that can be used
-  key_dict = {'key': key_string}
-  return get_credential_storage_custom_key(
-      filename, key_dict, warn_on_readonly=warn_on_readonly)
-
-
-@util.positional(2)
-def get_credential_storage_custom_key(
-    filename, key_dict, warn_on_readonly=True):
-  """Get a Storage instance for a credential using a dictionary as a key.
-
-  Allows you to provide a dictionary as a custom key that will be used for
-  credential storage and retrieval.
-
-  Args:
-    filename: The JSON file storing a set of credentials
-    key_dict: A dictionary to use as the key for storing this credential. There
-      is no ordering of the keys in the dictionary. Logically equivalent
-      dictionaries will produce equivalent storage keys.
-    warn_on_readonly: if True, log a warning if the store is readonly
-
-  Returns:
-    An object derived from client.Storage for getting/setting the
-    credential.
-  """
-  multistore = _get_multistore(filename, warn_on_readonly=warn_on_readonly)
-  key = util.dict_to_tuple_key(key_dict)
-  return multistore._get_storage(key)
-
-
-@util.positional(1)
-def get_all_credential_keys(filename, warn_on_readonly=True):
-  """Gets all the registered credential keys in the given Multistore.
-
-  Args:
-    filename: The JSON file storing a set of credentials
-    warn_on_readonly: if True, log a warning if the store is readonly
-
-  Returns:
-    A list of the credential keys present in the file.  They are returned as
-    dictionaries that can be passed into get_credential_storage_custom_key to
-    get the actual credentials.
-  """
-  multistore = _get_multistore(filename, warn_on_readonly=warn_on_readonly)
-  multistore._lock()
-  try:
-    return multistore._get_all_credential_keys()
-  finally:
-    multistore._unlock()
-
-
-@util.positional(1)
-def _get_multistore(filename, warn_on_readonly=True):
-  """A helper method to initialize the multistore with proper locking.
-
-  Args:
-    filename: The JSON file storing a set of credentials
-    warn_on_readonly: if True, log a warning if the store is readonly
-
-  Returns:
-    A multistore object
-  """
-  filename = os.path.expanduser(filename)
-  _multistores_lock.acquire()
-  try:
-    multistore = _multistores.setdefault(
-        filename, _MultiStore(filename, warn_on_readonly=warn_on_readonly))
-  finally:
-    _multistores_lock.release()
-  return multistore
-
-
-class _MultiStore(object):
-  """A file backed store for multiple credentials."""
-
-  @util.positional(2)
-  def __init__(self, filename, warn_on_readonly=True):
-    """Initialize the class.
-
-    This will create the file if necessary.
-    """
-    self._file = LockedFile(filename, 'r+b', 'rb')
-    self._thread_lock = threading.Lock()
-    self._read_only = False
-    self._warn_on_readonly = warn_on_readonly
-
-    self._create_file_if_needed()
-
-    # Cache of deserialized store. This is only valid after the
-    # _MultiStore is locked or _refresh_data_cache is called. This is
-    # of the form of:
-    #
-    # ((key, value), (key, value)...) -> OAuth2Credential
-    #
-    # If this is None, then the store hasn't been read yet.
-    self._data = None
-
-  class _Storage(BaseStorage):
-    """A Storage object that knows how to read/write a single credential."""
-
-    def __init__(self, multistore, key):
-      self._multistore = multistore
-      self._key = key
-
-    def acquire_lock(self):
-      """Acquires any lock necessary to access this Storage.
-
-      This lock is not reentrant.
-      """
-      self._multistore._lock()
-
-    def release_lock(self):
-      """Release the Storage lock.
-
-      Trying to release a lock that isn't held will result in a
-      RuntimeError.
-      """
-      self._multistore._unlock()
-
-    def locked_get(self):
-      """Retrieve credential.
-
-      The Storage lock must be held when this is called.
-
-      Returns:
-        oauth2client.client.Credentials
-      """
-      credential = self._multistore._get_credential(self._key)
-      if credential:
-        credential.set_store(self)
-      return credential
-
-    def locked_put(self, credentials):
-      """Write a credential.
-
-      The Storage lock must be held when this is called.
-
-      Args:
-        credentials: Credentials, the credentials to store.
-      """
-      self._multistore._update_credential(self._key, credentials)
-
-    def locked_delete(self):
-      """Delete a credential.
-
-      The Storage lock must be held when this is called.
-
-      Args:
-        credentials: Credentials, the credentials to store.
-      """
-      self._multistore._delete_credential(self._key)
-
-  def _create_file_if_needed(self):
-    """Create an empty file if necessary.
-
-    This method will not initialize the file. Instead it implements a
-    simple version of "touch" to ensure the file has been created.
-    """
-    if not os.path.exists(self._file.filename()):
-      old_umask = os.umask(0177)
-      try:
-        open(self._file.filename(), 'a+b').close()
-      finally:
-        os.umask(old_umask)
-
-  def _lock(self):
-    """Lock the entire multistore."""
-    self._thread_lock.acquire()
-    self._file.open_and_lock()
-    if not self._file.is_locked():
-      self._read_only = True
-      if self._warn_on_readonly:
-        logger.warn('The credentials file (%s) is not writable. Opening in '
-                    'read-only mode. Any refreshed credentials will only be '
-                    'valid for this run.', self._file.filename())
-    if os.path.getsize(self._file.filename()) == 0:
-      logger.debug('Initializing empty multistore file')
-      # The multistore is empty so write out an empty file.
-      self._data = {}
-      self._write()
-    elif not self._read_only or self._data is None:
-      # Only refresh the data if we are read/write or we haven't
-      # cached the data yet. If we are readonly, we assume is isn't
-      # changing out from under us and that we only have to read it
-      # once. This prevents us from whacking any new access keys that
-      # we have cached in memory but were unable to write out.
-      self._refresh_data_cache()
-
-  def _unlock(self):
-    """Release the lock on the multistore."""
-    self._file.unlock_and_close()
-    self._thread_lock.release()
-
-  def _locked_json_read(self):
-    """Get the raw content of the multistore file.
-
-    The multistore must be locked when this is called.
-
-    Returns:
-      The contents of the multistore decoded as JSON.
-    """
-    assert self._thread_lock.locked()
-    self._file.file_handle().seek(0)
-    return json.load(self._file.file_handle())
-
-  def _locked_json_write(self, data):
-    """Write a JSON serializable data structure to the multistore.
-
-    The multistore must be locked when this is called.
-
-    Args:
-      data: The data to be serialized and written.
-    """
-    assert self._thread_lock.locked()
-    if self._read_only:
-      return
-    self._file.file_handle().seek(0)
-    json.dump(data, self._file.file_handle(), sort_keys=True, indent=2, separators=(',', ': '))
-    self._file.file_handle().truncate()
-
-  def _refresh_data_cache(self):
-    """Refresh the contents of the multistore.
-
-    The multistore must be locked when this is called.
-
-    Raises:
-      NewerCredentialStoreError: Raised when a newer client has written the
-        store.
-    """
-    self._data = {}
-    try:
-      raw_data = self._locked_json_read()
-    except Exception:
-      logger.warn('Credential data store could not be loaded. '
-                  'Will ignore and overwrite.')
-      return
-
-    version = 0
-    try:
-      version = raw_data['file_version']
-    except Exception:
-      logger.warn('Missing version for credential data store. It may be '
-                  'corrupt or an old version. Overwriting.')
-    if version > 1:
-      raise NewerCredentialStoreError(
-          'Credential file has file_version of %d. '
-          'Only file_version of 1 is supported.' % version)
-
-    credentials = []
-    try:
-      credentials = raw_data['data']
-    except (TypeError, KeyError):
-      pass
-
-    for cred_entry in credentials:
-      try:
-        (key, credential) = self._decode_credential_from_json(cred_entry)
-        self._data[key] = credential
-      except:
-        # If something goes wrong loading a credential, just ignore it
-        logger.info('Error decoding credential, skipping', exc_info=True)
-
-  def _decode_credential_from_json(self, cred_entry):
-    """Load a credential from our JSON serialization.
-
-    Args:
-      cred_entry: A dict entry from the data member of our format
-
-    Returns:
-      (key, cred) where the key is the key tuple and the cred is the
-        OAuth2Credential object.
-    """
-    raw_key = cred_entry['key']
-    key = util.dict_to_tuple_key(raw_key)
-    credential = None
-    credential = Credentials.new_from_json(json.dumps(cred_entry['credential']))
-    return (key, credential)
-
-  def _write(self):
-    """Write the cached data back out.
-
-    The multistore must be locked.
-    """
-    raw_data = {'file_version': 1}
-    raw_creds = []
-    raw_data['data'] = raw_creds
-    for (cred_key, cred) in self._data.items():
-      raw_key = dict(cred_key)
-      raw_cred = json.loads(cred.to_json())
-      raw_creds.append({'key': raw_key, 'credential': raw_cred})
-    self._locked_json_write(raw_data)
-
-  def _get_all_credential_keys(self):
-    """Gets all the registered credential keys in the multistore.
-
-    Returns:
-      A list of dictionaries corresponding to all the keys currently registered
-    """
-    return [dict(key) for key in self._data.keys()]
-
-  def _get_credential(self, key):
-    """Get a credential from the multistore.
-
-    The multistore must be locked.
-
-    Args:
-      key: The key used to retrieve the credential
-
-    Returns:
-      The credential specified or None if not present
-    """
-    return self._data.get(key, None)
-
-  def _update_credential(self, key, cred):
-    """Update a credential and write the multistore.
-
-    This must be called when the multistore is locked.
-
-    Args:
-      key: The key used to retrieve the credential
-      cred: The OAuth2Credential to update/set
-    """
-    self._data[key] = cred
-    self._write()
-
-  def _delete_credential(self, key):
-    """Delete a credential and write the multistore.
-
-    This must be called when the multistore is locked.
-
-    Args:
-      key: The key used to retrieve the credential
-    """
-    try:
-      del self._data[key]
-    except KeyError:
-      pass
-    self._write()
-
-  def _get_storage(self, key):
-    """Get a Storage object to get/set a credential.
-
-    This Storage is a 'view' into the multistore.
-
-    Args:
-      key: The key used to retrieve the credential
-
-    Returns:
-      A Storage object that can be used to get/set this cred
-    """
-    return self._Storage(self, key)
--- a/oauth2client/old_run.py
+++ b/oauth2client/old_run.py
@@ -1,160 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""This module holds the old run() function which is deprecated, the
-tools.run_flow() function should be used in its place."""
-
-
-import logging
-import socket
-import sys
-import webbrowser
-
-import gflags
-
-from oauth2client import client
-from oauth2client import util
-from tools import ClientRedirectHandler
-from tools import ClientRedirectServer
-
-
-FLAGS = gflags.FLAGS
-
-gflags.DEFINE_boolean('auth_local_webserver', True,
-                      ('Run a local web server to handle redirects during '
-                       'OAuth authorization.'))
-
-gflags.DEFINE_string('auth_host_name', 'localhost',
-                     ('Host name to use when running a local web server to '
-                      'handle redirects during OAuth authorization.'))
-
-gflags.DEFINE_multi_int('auth_host_port', [8080, 8090],
-                        ('Port to use when running a local web server to '
-                         'handle redirects during OAuth authorization.'))
-
-
-@util.positional(2)
-def run(flow, storage, http=None):
-  """Core code for a command-line application.
-
-  The run() function is called from your application and runs through all
-  the steps to obtain credentials. It takes a Flow argument and attempts to
-  open an authorization server page in the user's default web browser. The
-  server asks the user to grant your application access to the user's data.
-  If the user grants access, the run() function returns new credentials. The
-  new credentials are also stored in the Storage argument, which updates the
-  file associated with the Storage object.
-
-  It presumes it is run from a command-line application and supports the
-  following flags:
-
-    --auth_host_name: Host name to use when running a local web server
-      to handle redirects during OAuth authorization.
-      (default: 'localhost')
-
-    --auth_host_port: Port to use when running a local web server to handle
-    redirects during OAuth authorization.;
-      repeat this option to specify a list of values
-      (default: '[8080, 8090]')
-      (an integer)
-
-    --[no]auth_local_webserver: Run a local web server to handle redirects
-      during OAuth authorization.
-      (default: 'true')
-
-  Since it uses flags make sure to initialize the gflags module before
-  calling run().
-
-  Args:
-    flow: Flow, an OAuth 2.0 Flow to step through.
-    storage: Storage, a Storage to store the credential in.
-    http: An instance of httplib2.Http.request
-         or something that acts like it.
-
-  Returns:
-    Credentials, the obtained credential.
-  """
-  logging.warning('This function, oauth2client.tools.run(), and the use of '
-      'the gflags library are deprecated and will be removed in a future '
-      'version of the library.')
-  if FLAGS.auth_local_webserver:
-    success = False
-    port_number = 0
-    for port in FLAGS.auth_host_port:
-      port_number = port
-      try:
-        httpd = ClientRedirectServer((FLAGS.auth_host_name, port),
-                                     ClientRedirectHandler)
-      except socket.error as e:
-        pass
-      else:
-        success = True
-        break
-    FLAGS.auth_local_webserver = success
-    if not success:
-      print 'Failed to start a local webserver listening on either port 8080'
-      print 'or port 9090. Please check your firewall settings and locally'
-      print 'running programs that may be blocking or using those ports.'
-      print
-      print 'Falling back to --noauth_local_webserver and continuing with',
-      print 'authorization.'
-      print
-
-  if FLAGS.auth_local_webserver:
-    oauth_callback = 'http://%s:%s/' % (FLAGS.auth_host_name, port_number)
-  else:
-    oauth_callback = client.OOB_CALLBACK_URN
-  flow.redirect_uri = oauth_callback
-  authorize_url = flow.step1_get_authorize_url()
-
-  if FLAGS.auth_local_webserver:
-    webbrowser.open(authorize_url, new=1, autoraise=True)
-    print 'Your browser has been opened to visit:'
-    print
-    print '    ' + authorize_url
-    print
-    print 'If your browser is on a different machine then exit and re-run'
-    print 'this application with the command-line parameter '
-    print
-    print '  --noauth_local_webserver'
-    print
-  else:
-    print 'Go to the following link in your browser:'
-    print
-    print '    ' + authorize_url
-    print
-
-  code = None
-  if FLAGS.auth_local_webserver:
-    httpd.handle_request()
-    if 'error' in httpd.query_params:
-      sys.exit('Authentication request was rejected.')
-    if 'code' in httpd.query_params:
-      code = httpd.query_params['code']
-    else:
-      print 'Failed to find "code" in the query parameters of the redirect.'
-      sys.exit('Try running with --noauth_local_webserver.')
-  else:
-    code = raw_input('Enter verification code: ').strip()
-
-  try:
-    credential = flow.step2_exchange(code, http=http)
-  except client.FlowExchangeError as e:
-    sys.exit('Authentication has failed: %s' % e)
-
-  storage.put(credential)
-  credential.set_store(storage)
-  print 'Authentication successful.'
-
-  return credential
--- a/oauth2client/service_account.py
+++ b/oauth2client/service_account.py
@@ -1,132 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""A service account credentials class.
-
-This credentials class is implemented on top of rsa library.
-"""
-
-import base64
-import json
-import time
-
-from pyasn1.codec.ber import decoder
-from pyasn1_modules.rfc5208 import PrivateKeyInfo
-import rsa
-
-from oauth2client import GOOGLE_REVOKE_URI
-from oauth2client import GOOGLE_TOKEN_URI
-from oauth2client import util
-from oauth2client.client import AssertionCredentials
-
-
-class _ServiceAccountCredentials(AssertionCredentials):
-  """Class representing a service account (signed JWT) credential."""
-
-  MAX_TOKEN_LIFETIME_SECS = 3600 # 1 hour in seconds
-
-  def __init__(self, service_account_id, service_account_email, private_key_id,
-               private_key_pkcs8_text, scopes, user_agent=None,
-               token_uri=GOOGLE_TOKEN_URI, revoke_uri=GOOGLE_REVOKE_URI,
-               **kwargs):
-
-    super(_ServiceAccountCredentials, self).__init__(
-        None, user_agent=user_agent, token_uri=token_uri, revoke_uri=revoke_uri)
-
-    self._service_account_id = service_account_id
-    self._service_account_email = service_account_email
-    self._private_key_id = private_key_id
-    self._private_key = _get_private_key(private_key_pkcs8_text)
-    self._private_key_pkcs8_text = private_key_pkcs8_text
-    self._scopes = util.scopes_to_string(scopes)
-    self._user_agent = user_agent
-    self._token_uri = token_uri
-    self._revoke_uri = revoke_uri
-    self._kwargs = kwargs
-
-  def _generate_assertion(self):
-    """Generate the assertion that will be used in the request."""
-
-    header = {
-        'alg': 'RS256',
-        'typ': 'JWT',
-        'kid': self._private_key_id
-    }
-
-    now = long(time.time())
-    payload = {
-        'aud': self._token_uri,
-        'scope': self._scopes,
-        'iat': now,
-        'exp': now + _ServiceAccountCredentials.MAX_TOKEN_LIFETIME_SECS,
-        'iss': self._service_account_email
-    }
-    payload.update(self._kwargs)
-
-    assertion_input = '%s.%s' % (
-        _urlsafe_b64encode(header),
-        _urlsafe_b64encode(payload))
-
-    # Sign the assertion.
-    signature = base64.urlsafe_b64encode(rsa.pkcs1.sign(
-        assertion_input, self._private_key, 'SHA-256')).rstrip('=')
-
-    return '%s.%s' % (assertion_input, signature)
-
-  def sign_blob(self, blob):
-    return (self._private_key_id,
-            rsa.pkcs1.sign(blob, self._private_key, 'SHA-256'))
-
-  @property
-  def service_account_email(self):
-    return self._service_account_email
-
-  @property
-  def serialization_data(self):
-    return {
-        'type': 'service_account',
-        'client_id': self._service_account_id,
-        'client_email': self._service_account_email,
-        'private_key_id': self._private_key_id,
-        'private_key': self._private_key_pkcs8_text
-    }
-
-  def create_scoped_required(self):
-    return not self._scopes
-
-  def create_scoped(self, scopes):
-    return _ServiceAccountCredentials(self._service_account_id,
-                                      self._service_account_email,
-                                      self._private_key_id,
-                                      self._private_key_pkcs8_text,
-                                      scopes,
-                                      user_agent=self._user_agent,
-                                      token_uri=self._token_uri,
-                                      revoke_uri=self._revoke_uri,
-                                      **self._kwargs)
-
-
-def _urlsafe_b64encode(data):
-  return base64.urlsafe_b64encode(
-      json.dumps(data, separators=(',', ':')).encode('UTF-8')).rstrip('=')
-
-
-def _get_private_key(private_key_pkcs8_text):
-  """Get an RSA private key object from a pkcs8 representation."""
-
-  der = rsa.pem.load_pem(private_key_pkcs8_text, 'PRIVATE KEY')
-  asn1_private_key, _ = decoder.decode(der, asn1Spec=PrivateKeyInfo())
-  return rsa.PrivateKey.load_pkcs1(
-      asn1_private_key.getComponentByName('privateKey').asOctets(),
-      format='DER')
--- a/oauth2client/tools.py
+++ b/oauth2client/tools.py
@@ -1,245 +0,0 @@
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Command-line tools for authenticating via OAuth 2.0
-
-Do the OAuth 2.0 Web Server dance for a command line application. Stores the
-generated credentials in a common file that is used by other example apps in
-the same directory.
-"""
-
-__author__ = 'jcgregorio@google.com (Joe Gregorio)'
-__all__ = ['argparser', 'run_flow', 'run', 'message_if_missing']
-
-
-#import argparse
-import BaseHTTPServer
-import logging
-import socket
-import sys
-import urlparse
-import webbrowser
-
-from oauth2client import client
-from oauth2client import util
-
-_CLIENT_SECRETS_MESSAGE = """WARNING: Please configure OAuth 2.0
-
-To make this sample run you will need to populate the client_secrets.json file
-found at:
-
-   %s
-
-with information from the APIs Console <https://code.google.com/apis/console>.
-
-"""
-
-# argparser is an ArgumentParser that contains command-line options expected
-# by tools.run(). Pass it in as part of the 'parents' argument to your own
-# ArgumentParser.
-#argparser = argparse.ArgumentParser(add_help=False)
-#argparser.add_argument('--auth_host_name', default='localhost',
-#                       help='Hostname when running a local web server.')
-#argparser.add_argument('--noauth_local_webserver', action='store_true',
-#                       default=False, help='Do not run a local web server.')
-#argparser.add_argument('--auth_host_port', default=[8080, 8090], type=int,
-#                       nargs='*', help='Port web server should listen on.')
-#argparser.add_argument('--logging_level', default='ERROR',
-#                       choices=['DEBUG', 'INFO', 'WARNING', 'ERROR',
-#                                'CRITICAL'],
-#                       help='Set the logging level of detail.')
-
-
-class ClientRedirectServer(BaseHTTPServer.HTTPServer):
-  """A server to handle OAuth 2.0 redirects back to localhost.
-
-  Waits for a single request and parses the query parameters
-  into query_params and then stops serving.
-  """
-  query_params = {}
-
-
-class ClientRedirectHandler(BaseHTTPServer.BaseHTTPRequestHandler):
-  """A handler for OAuth 2.0 redirects back to localhost.
-
-  Waits for a single request and parses the query parameters
-  into the servers query_params and then stops serving.
-  """
-
-  def do_GET(self):
-    """Handle a GET request.
-
-    Parses the query parameters and prints a message
-    if the flow has completed. Note that we can't detect
-    if an error occurred.
-    """
-    self.send_response(200)
-    self.send_header("Content-type", "text/html")
-    self.end_headers()
-    query = self.path.split('?', 1)[-1]
-    query = dict(urlparse.parse_qsl(query))
-    self.server.query_params = query
-    self.wfile.write("<html><head><title>Authentication Status</title></head>")
-    self.wfile.write("<body><p>The authentication flow has completed.</p>")
-    self.wfile.write("</body></html>")
-
-  def log_message(self, format, *args):
-    """Do not log messages to stdout while running as command line program."""
-
-
-@util.positional(3)
-def run_flow(flow, storage, flags, http=None):
-  """Core code for a command-line application.
-
-  The run() function is called from your application and runs through all the
-  steps to obtain credentials. It takes a Flow argument and attempts to open an
-  authorization server page in the user's default web browser. The server asks
-  the user to grant your application access to the user's data. If the user
-  grants access, the run() function returns new credentials. The new credentials
-  are also stored in the Storage argument, which updates the file associated
-  with the Storage object.
-
-  It presumes it is run from a command-line application and supports the
-  following flags:
-
-    --auth_host_name: Host name to use when running a local web server
-      to handle redirects during OAuth authorization.
-      (default: 'localhost')
-
-    --auth_host_port: Port to use when running a local web server to handle
-      redirects during OAuth authorization.;
-      repeat this option to specify a list of values
-      (default: '[8080, 8090]')
-      (an integer)
-
-    --[no]auth_local_webserver: Run a local web server to handle redirects
-      during OAuth authorization.
-      (default: 'true')
-
-  The tools module defines an ArgumentParser the already contains the flag
-  definitions that run() requires. You can pass that ArgumentParser to your
-  ArgumentParser constructor:
-
-    parser = argparse.ArgumentParser(description=__doc__,
-        formatter_class=argparse.RawDescriptionHelpFormatter,
-        parents=[tools.argparser])
-    flags = parser.parse_args(argv)
-
-  Args:
-    flow: Flow, an OAuth 2.0 Flow to step through.
-    storage: Storage, a Storage to store the credential in.
-    flags: argparse.ArgumentParser, the command-line flags.
-    http: An instance of httplib2.Http.request
-         or something that acts like it.
-
-  Returns:
-    Credentials, the obtained credential.
-  """
-  logging.getLogger().setLevel(getattr(logging, flags.logging_level))
-  if not flags.noauth_local_webserver:
-    success = False
-    port_number = 0
-    for port in flags.auth_host_port:
-      port_number = port
-      try:
-        httpd = ClientRedirectServer((flags.auth_host_name, port),
-                                     ClientRedirectHandler)
-      except socket.error as e:
-        pass
-      else:
-        success = True
-        break
-    flags.noauth_local_webserver = not success
-    if not success:
-      print 'Failed to start a local webserver listening on either port 8080'
-      print 'or port 9090. Please check your firewall settings and locally'
-      print 'running programs that may be blocking or using those ports.'
-      print
-      print 'Falling back to --noauth_local_webserver and continuing with',
-      print 'authorization.'
-      print
-
-  if not flags.noauth_local_webserver:
-    oauth_callback = 'http://%s:%s/' % (flags.auth_host_name, port_number)
-  else:
-    oauth_callback = client.OOB_CALLBACK_URN
-  flow.redirect_uri = oauth_callback
-  authorize_url = flow.step1_get_authorize_url()
-
-  if flags.short_url:
-    try:
-      from googleapiclient.discovery import build
-      service = build('urlshortener', 'v1', http=http)
-      url_result = service.url().insert(body={'longUrl': authorize_url},
-        key=u'AIzaSyBlmgbii8QfJSYmC9VTMOfqrAt5Vj5wtzE').execute()
-      authorize_url = url_result['id']
-    except:
-      pass
-  if not flags.noauth_local_webserver:
-    webbrowser.open(authorize_url, new=1, autoraise=True)
-    print 'Your browser has been opened to visit:'
-    print
-    print '    ' + authorize_url
-    print
-    print 'If your browser is on a different machine then exit and re-run this'
-    print 'after creating a file called nobrowser.txt in the same path as GAM.'
-#    print 'application with the command-line parameter '
-#    print
-#    print '  --noauth_local_webserver'
-#    print
-  else:
-    print 'Go to the following link in your browser:'
-    print
-    print '    ' + authorize_url
-    print
-
-  code = None
-  if not flags.noauth_local_webserver:
-    httpd.handle_request()
-    if 'error' in httpd.query_params:
-      sys.exit('Authentication request was rejected.')
-    if 'code' in httpd.query_params:
-      code = httpd.query_params['code']
-    else:
-      print 'Failed to find "code" in the query parameters of the redirect.'
-      sys.exit('Try running with --noauth_local_webserver.')
-  else:
-    code = raw_input('Enter verification code: ').strip()
-
-  try:
-    credential = flow.step2_exchange(code, http=http)
-  except client.FlowExchangeError as e:
-    sys.exit('Authentication has failed: %s' % e)
-
-  storage.put(credential)
-  credential.set_store(storage)
-  print 'Authentication successful.'
-
-  return credential
-
-
-def message_if_missing(filename):
-  """Helpful message to display if the CLIENT_SECRETS file is missing."""
-
-  return _CLIENT_SECRETS_MESSAGE % filename
-
-try:
-  from oauth2client.old_run import run
-  from oauth2client.old_run import FLAGS
-except ImportError:
-  def run(*args, **kwargs):
-    raise NotImplementedError(
-        'The gflags library must be installed to use tools.run(). '
-        'Please install gflags or preferrably switch to using '
-        'tools.run_flow().')
--- a/oauth2client/util.py
+++ b/oauth2client/util.py
@@ -1,193 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2014 Google Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-"""Common utility library."""
-
-__author__ = [
-    'rafek@google.com (Rafe Kaplan)',
-    'guido@google.com (Guido van Rossum)',
-]
-
-__all__ = [
-    'positional',
-    'POSITIONAL_WARNING',
-    'POSITIONAL_EXCEPTION',
-    'POSITIONAL_IGNORE',
-]
-
-import inspect
-import logging
-import types
-import urllib
-import urlparse
-
-logger = logging.getLogger(__name__)
-
-POSITIONAL_WARNING = 'WARNING'
-POSITIONAL_EXCEPTION = 'EXCEPTION'
-POSITIONAL_IGNORE = 'IGNORE'
-POSITIONAL_SET = frozenset([POSITIONAL_WARNING, POSITIONAL_EXCEPTION,
-                            POSITIONAL_IGNORE])
-
-positional_parameters_enforcement = POSITIONAL_WARNING
-
-def positional(max_positional_args):
-  """A decorator to declare that only the first N arguments my be positional.
-
-  This decorator makes it easy to support Python 3 style key-word only
-  parameters. For example, in Python 3 it is possible to write:
-
-    def fn(pos1, *, kwonly1=None, kwonly1=None):
-      ...
-
-  All named parameters after * must be a keyword:
-
-    fn(10, 'kw1', 'kw2')  # Raises exception.
-    fn(10, kwonly1='kw1')  # Ok.
-
-  Example:
-    To define a function like above, do:
-
-      @positional(1)
-      def fn(pos1, kwonly1=None, kwonly2=None):
-        ...
-
-    If no default value is provided to a keyword argument, it becomes a required
-    keyword argument:
-
-      @positional(0)
-      def fn(required_kw):
-        ...
-
-    This must be called with the keyword parameter:
-
-      fn()  # Raises exception.
-      fn(10)  # Raises exception.
-      fn(required_kw=10)  # Ok.
-
-    When defining instance or class methods always remember to account for
-    'self' and 'cls':
-
-      class MyClass(object):
-
-        @positional(2)
-        def my_method(self, pos1, kwonly1=None):
-          ...
-
-        @classmethod
-        @positional(2)
-        def my_method(cls, pos1, kwonly1=None):
-          ...
-
-  The positional decorator behavior is controlled by
-  util.positional_parameters_enforcement, which may be set to
-  POSITIONAL_EXCEPTION, POSITIONAL_WARNING or POSITIONAL_IGNORE to raise an
-  exception, log a warning, or do nothing, respectively, if a declaration is
-  violated.
-
-  Args:
-    max_positional_arguments: Maximum number of positional arguments. All
-      parameters after the this index must be keyword only.
-
-  Returns:
-    A decorator that prevents using arguments after max_positional_args from
-    being used as positional parameters.
-
-  Raises:
-    TypeError if a key-word only argument is provided as a positional
-    parameter, but only if util.positional_parameters_enforcement is set to
-    POSITIONAL_EXCEPTION.
-  """
-  def positional_decorator(wrapped):
-    def positional_wrapper(*args, **kwargs):
-      if len(args) > max_positional_args:
-        plural_s = ''
-        if max_positional_args != 1:
-          plural_s = 's'
-        message = '%s() takes at most %d positional argument%s (%d given)' % (
-            wrapped.__name__, max_positional_args, plural_s, len(args))
-        if positional_parameters_enforcement == POSITIONAL_EXCEPTION:
-          raise TypeError(message)
-        elif positional_parameters_enforcement == POSITIONAL_WARNING:
-          logger.warning(message)
-        else: # IGNORE
-          pass
-      return wrapped(*args, **kwargs)
-    return positional_wrapper
-
-  if isinstance(max_positional_args, (int, long)):
-    return positional_decorator
-  else:
-    args, _, _, defaults = inspect.getargspec(max_positional_args)
-    return positional(len(args) - len(defaults))(max_positional_args)
-
-
-def scopes_to_string(scopes):
-  """Converts scope value to a string.
-
-  If scopes is a string then it is simply passed through. If scopes is an
-  iterable then a string is returned that is all the individual scopes
-  concatenated with spaces.
-
-  Args:
-    scopes: string or iterable of strings, the scopes.
-
-  Returns:
-    The scopes formatted as a single string.
-  """
-  if isinstance(scopes, types.StringTypes):
-    return scopes
-  else:
-    return ' '.join(scopes)
-
-
-def dict_to_tuple_key(dictionary):
-  """Converts a dictionary to a tuple that can be used as an immutable key.
-
-  The resulting key is always sorted so that logically equivalent dictionaries
-  always produce an identical tuple for a key.
-
-  Args:
-    dictionary: the dictionary to use as the key.
-
-  Returns:
-    A tuple representing the dictionary in it's naturally sorted ordering.
-  """
-  return tuple(sorted(dictionary.items()))
-
-
-def _add_query_parameter(url, name, value):
-  """Adds a query parameter to a url.
-
-  Replaces the current value if it already exists in the URL.
-
-  Args:
-    url: string, url to add the query parameter to.
-    name: string, query parameter name.
-    value: string, query parameter value.
-
-  Returns:
-    Updated query parameter. Does not update the url if value is None.
-  """
-  if value is None:
-    return url
-  else:
-    parsed = list(urlparse.urlparse(url))
-    q = dict(urlparse.parse_qsl(parsed[4]))
-    q[name] = value
-    parsed[4] = urllib.urlencode(q)
-    return urlparse.urlunparse(parsed)
--- a/oauth2client/xsrfutil.py
+++ b/oauth2client/xsrfutil.py
@@ -1,112 +0,0 @@
-#!/usr/bin/python2.5
-#
-# Copyright 2014 the Melange authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""Helper methods for creating & verifying XSRF tokens."""
-
-__authors__ = [
-    '"Doug Coker" <dcoker@google.com>',
-    '"Joe Gregorio" <jcgregorio@google.com>',
-]
-
-
-import base64
-import hmac
-import time
-
-from oauth2client import util
-
-
-# Delimiter character
-DELIMITER = ':'
-
-# 1 hour in seconds
-DEFAULT_TIMEOUT_SECS = 1*60*60
-
-@util.positional(2)
-def generate_token(key, user_id, action_id="", when=None):
-  """Generates a URL-safe token for the given user, action, time tuple.
-
-  Args:
-    key: secret key to use.
-    user_id: the user ID of the authenticated user.
-    action_id: a string identifier of the action they requested
-      authorization for.
-    when: the time in seconds since the epoch at which the user was
-      authorized for this action. If not set the current time is used.
-
-  Returns:
-    A string XSRF protection token.
-  """
-  when = when or int(time.time())
-  digester = hmac.new(key)
-  digester.update(str(user_id))
-  digester.update(DELIMITER)
-  digester.update(action_id)
-  digester.update(DELIMITER)
-  digester.update(str(when))
-  digest = digester.digest()
-
-  token = base64.urlsafe_b64encode('%s%s%d' % (digest,
-                                               DELIMITER,
-                                               when))
-  return token
-
-
-@util.positional(3)
-def validate_token(key, token, user_id, action_id="", current_time=None):
-  """Validates that the given token authorizes the user for the action.
-
-  Tokens are invalid if the time of issue is too old or if the token
-  does not match what generateToken outputs (i.e. the token was forged).
-
-  Args:
-    key: secret key to use.
-    token: a string of the token generated by generateToken.
-    user_id: the user ID of the authenticated user.
-    action_id: a string identifier of the action they requested
-      authorization for.
-
-  Returns:
-    A boolean - True if the user is authorized for the action, False
-    otherwise.
-  """
-  if not token:
-    return False
-  try:
-    decoded = base64.urlsafe_b64decode(str(token))
-    token_time = long(decoded.split(DELIMITER)[-1])
-  except (TypeError, ValueError):
-    return False
-  if current_time is None:
-    current_time = time.time()
-  # If the token is too old it's not valid.
-  if current_time - token_time > DEFAULT_TIMEOUT_SECS:
-    return False
-
-  # The given token should match the generated one with the same time.
-  expected_token = generate_token(key, user_id, action_id=action_id,
-                                  when=token_time)
-  if len(token) != len(expected_token):
-    return False
-
-  # Perform constant time comparison to avoid timing attacks
-  different = 0
-  for x, y in zip(token, expected_token):
-    different |= ord(x) ^ ord(y)
-  if different:
-    return False
-
-  return True
--- a/passlib/init.py
+++ b/passlib/init.py
@@ -1,3 +0,0 @@
-"""passlib - suite of password hashing & generation routinges"""
-
-__version__ = '1.6.2'
--- a/passlib/ext/init.py
+++ b/passlib/ext/init.py
@@ -1 +0,0 @@
-
--- a/setup-64.py
+++ b/setup-64.py
@@ -1,17 +0,0 @@
-from distutils.core import setup
-import py2exe, sys, os
-
-sys.argv.append('py2exe')
-
-setup(
-  console = ['gam.py'],
-
-  zipfile = None,
-  options = {'py2exe': 
-              {'optimize': 2,
-               'bundle_files': 3,
-               'includes': ['passlib.handlers.sha2_crypt'],
-               'dist_dir' : 'gam-64',
-               'compressed' : True}
-            }
-  )
--- a/setup.py
+++ b/setup.py
@@ -1,16 +0,0 @@
-from distutils.core import setup
-import py2exe, sys, os
-
-sys.argv.append('py2exe')
-
-setup(
-  console = ['gam.py'],
-
-  zipfile = None,
-  options = {'py2exe': 
-              {'optimize': 2,
-               'bundle_files': 1,
-               'includes': ['passlib.handlers.sha2_crypt'],
-               'dist_dir' : 'gam'}
-            }
-  )
--- a/src/.gitignore
+++ b/src/.gitignore
@@ -64,3 +64,6 @@ nobrowser.txt
 nocache.txt
 noverifyssl.txt
 gamcache/
+gam/
+gam-64/
+*.zip
--- a/src/LICENSE
+++ b/src/LICENSE
--- a/src/admin-settings-v1.json
+++ b/src/admin-settings-v1.json
--- a/src/atom/init.py
+++ b/src/atom/init.py
--- a/src/atom/auth.py
+++ b/src/atom/auth.py
--- a/src/atom/client.py
+++ b/src/atom/client.py
--- a/src/atom/core.py
+++ b/src/atom/core.py
--- a/src/atom/data.py
+++ b/src/atom/data.py
--- a/src/atom/http.py
+++ b/src/atom/http.py
--- a/src/atom/http_core.py
+++ b/src/atom/http_core.py
--- a/src/atom/http_interface.py
+++ b/src/atom/http_interface.py
--- a/src/atom/mock_http.py
+++ b/src/atom/mock_http.py
--- a/src/atom/mock_http_core.py
+++ b/src/atom/mock_http_core.py
--- a/src/atom/mock_service.py
+++ b/src/atom/mock_service.py
--- a/src/atom/service.py
+++ b/src/atom/service.py
@@ -181,7 +181,8 @@ class AtomService(object):
      if content_length:
        all_headers['Content-Length'] = str(content_length)

-    all_headers['GData-Version'] = '2.0'
+    if 'GData-Version' not in all_headers:  
+      all_headers['GData-Version'] = '2.0'
    # Find an Authorization token for this URL if one is available.
    if self.override_token:
      auth_token = self.override_token
--- a/src/atom/token_store.py
+++ b/src/atom/token_store.py
--- a/src/atom/url.py
+++ b/src/atom/url.py
--- a/src/build.bat
+++ b/src/build.bat
@@ -1,21 +1,17 @@
-rmdir /q /s gam
-rmdir /q /s gam-64
-rmdir /q /s build
-rmdir /q /s dist
-del /q /f gam-%1-windows.zip
-del /q /f gam-%1-windows-x64.zip
-
-\python27-32\python.exe setup.py py2exe
-xcopy LICENSE gam\
-xcopy whatsnew.txt gam\
-xcopy cacert.pem gam\
-xcopy admin-settings-v1.json gam\
-del gam\w9xpopen.exe
-"%ProgramFiles(x86)%\7-Zip\7z.exe" a -tzip gam-%1-windows.zip gam\ -xr!.svn
-
-\python27\python.exe setup-64.py py2exe
-xcopy LICENSE gam-64\
-xcopy whatsnew.txt gam-64\
-xcopy cacert.pem gam-64\
-xcopy admin-settings-v1.json gam-64\
-"%ProgramFiles(x86)%\7-Zip\7z.exe" a -tzip gam-%1-windows-x64.zip gam-64\ -xr!.svn
+rmdir /q /s gam
+rmdir /q /s gam-64
+rmdir /q /s build
+rmdir /q /s dist
+del /q /f gam-%1-windows.zip
+del /q /f gam-%1-windows-x64.zip
+
+c:\python27-32\scripts\pyinstaller -F --distpath=gam gam.spec
+xcopy LICENSE gam\
+xcopy whatsnew.txt gam\
+del gam\w9xpopen.exe
+"%ProgramFiles(x86)%\7-Zip\7z.exe" a -tzip gam-%1-windows.zip gam\ -xr!.svn
+
+c:\python27\scripts\pyinstaller -F --distpath=gam-64 gam.spec
+xcopy LICENSE gam-64\
+xcopy whatsnew.txt gam-64\
+"%ProgramFiles(x86)%\7-Zip\7z.exe" a -tzip gam-%1-windows-x64.zip gam-64\ -xr!.svn
--- a/src/cloudprint-v2.json
+++ b/src/cloudprint-v2.json
@@ -0,0 +1,486 @@
+{
+ "kind": "discovery#restDescription",
+ "discoveryVersion": "v1",
+ "id": "cloudprint:v2",
+ "name": "cloudprint",
+ "version": "v2",
+ "revision": "20150605",
+ "title": "Cloud Print API",
+ "description": "Lets you access Cloud Print Printers",
+ "ownerDomain": "google.com",
+ "ownerName": "Google",
+ "icons": {
+  "x16": "http://www.google.com/images/icons/product/search-16.gif",
+  "x32": "http://www.google.com/images/icons/product/search-32.gif"
+ },
+ "documentationLink": "https://developers.google.com/cloud-print",
+ "protocol": "rest",
+ "baseUrl": "https://www.google.com/",
+ "basePath": "/cloudprint/",
+ "rootUrl": "https://www.google.com/",
+ "servicePath": "/cloudprint/",
+ "parameters": {
+  "prettyPrint": {
+   "type": "boolean",
+   "description": "Returns response with indentations and line breaks.",
+   "default": "true",
+   "location": "query"
+  }
+ },
+ "auth": {
+  "oauth2": {
+   "scopes": {
+    "https://www.googleapis.com/auth/cloudprint": {
+     "description": "Manage Cloud Print"
+    }
+   }
+  }
+ },
+ "schemas": {
+  "Job": {
+   "id": "Job",
+   "type": "object",
+   "description": "Job Object",
+   "properties": {
+    "title": {
+     "type": "string",
+     "description": "Job Title"
+    },
+    "id": {
+     "type": "string",
+     "description": "Unique ID"
+    }
+   }
+  },
+  "Jobs": {
+   "id": "Jobs",
+   "type": "object",
+   "description": "List of Jobs.",
+   "properties": {
+    "jobs": {
+     "type": "array",
+     "description": "List of job objects.",
+     "items": {
+      "$ref": "Job"
+     }
+    }
+   }
+  },
+  "Printer": {
+   "id": "Printer",
+   "type": "object",
+   "description": "Printer Object",
+   "properties": {
+    "displayName": {
+     "type": "string",
+     "description": "Display Name"
+    },
+    "id": {
+     "type": "string",
+     "description": "Unique ID"
+    }
+   }
+  },
+  "Printers": {
+   "id": "Printers",
+   "type": "object",
+   "description": "List of Printers.",
+   "properties": {
+    "printers": {
+     "type": "array",
+     "description": "List of printer objects.",
+     "items": {
+      "$ref": "Printer"
+     }
+    }
+   }
+  }
+ },
+ "resources": {
+  "jobs": {
+   "methods": {
+    "delete": {
+     "id": "cloudprint.jobs.delete",
+     "path": "deletejob",
+     "httpMethod": "GET",
+     "parameters": {
+      "jobid": {
+       "type": "string",
+       "location": "query",
+       "required": "true"
+      }
+     }
+    },
+    "fetch": {
+     "id": "cloudprint.jobs.fetch",
+     "path": "fetch",
+     "httpMethod": "GET",
+     "parameters": {
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      }
+     },
+     "response": {
+      "$ref": "Jobs"
+     }
+    },
+    "getticket": {
+     "id": "cloudprint.jobs.getticket",
+     "path": "ticket",
+     "httpMethod": "GET",
+     "parameters": {
+      "jobid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "use_cjt": {
+       "type": "boolean",
+       "required": "true",
+       "location": "query"
+      }
+     }
+    }, 
+    "list": {
+     "id": "cloudprint.jobs.list",
+     "path": "jobs",
+     "httpMethod": "GET",
+     "parameters": {
+      "printerid": {
+       "type": "string",
+       "location": "query"
+      },
+      "owner": {
+       "type": "string",
+       "location": "query"
+      },
+      "status": {
+       "type": "string",
+       "location": "query"
+      },
+      "q": {
+       "type": "string",
+       "location": "query"
+      },
+      "offset": {
+       "type": "string",
+       "location": "query"
+      },
+      "limit": {
+       "type": "string",
+       "location": "query"
+      },
+      "sortorder": {
+       "type": "string",
+       "location": "query"
+      }
+     },
+     "response": {
+      "$ref": "Jobs"
+     }
+    },
+    "update": {
+     "id": "cloudprint.jobs.update",
+     "path": "control",
+     "httpMethod": "GET",
+     "parameters": {
+      "jobid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "semantic_state_diff": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      }
+     },
+     "response": {
+      "$ref": "Jobs"
+     }
+    },
+    "resubmit": {
+     "id": "cloudprint.jobs.resubmit",
+     "path": "resubmit",
+     "httpMethod": "POST",
+     "description": "resubmit a job to new printer.",
+     "parameters": {
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "jobid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "ticket": {
+       "type": "string",
+       "location": "query"
+      }
+     },
+     "response": {
+      "$ref": "Job"
+     }
+    },
+    "submit": {
+     "id": "cloudprint.jobs.submit",
+     "path": "submit",
+     "httpMethod": "POST",
+     "description": "Send a print job to cloud print.",
+     "request": {
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "title": {
+       "type": "string",
+       "location": "query"
+      },
+      "ticket": {
+       "type": "string",
+       "location": "query"
+      },
+      "content": {
+       "type": "string",
+       "location": "query"
+      },
+      "contentType": {
+       "type": "string",
+       "location": "query"
+      },
+      "tag": {
+       "type": "string",
+       "location": "query"
+      }
+     },
+     "response": {
+      "$ref": "Job"
+     }
+    }
+   }
+  },
+  "printers": {
+   "methods": {
+    "get": {
+     "id": "cloudprint.printers.get",
+     "path": "printer",
+     "httpMethod": "GET",
+     "parameters": {
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "extra_fields": {
+       "type": "string",
+       "location": "query"
+      }
+     },
+     "response": {
+      "$ref": "Printer"
+     }
+    },
+    "list": {
+     "id": "cloudprint.printers.list",
+     "path": "search",
+     "httpMethod": "GET",
+     "description": "List all printers",
+     "parameters": {
+      "q": {
+       "type": "string",
+       "description": "Query list of printers",
+       "location": "query"
+      },
+      "type": {
+       "type": "string",
+       "description": "limit results to printers of type",
+       "location": "query"
+       },
+      "connection_status": {
+       "type": "string",
+       "description": "limit results to printers with this status",
+       "location": "query"
+      },
+      "extra_fields": {
+       "type": "string",
+       "description": "include extra fields",
+       "location": "query"
+      }
+     },
+     "response": {
+      "$ref": "Printers"
+     }
+    },
+    "share": {
+     "id": "cloudprint.printers.share",
+     "path": "share",
+     "httpMethod": "GET",
+     "description": "Share printer with user, group or domain",
+     "parameters": {
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "scope": {
+       "type": "string",
+       "location": "query"
+      },
+      "role": {
+       "type": "string",
+       "location": "query"
+      },
+      "type": {
+        "type": "string",
+        "location": "query"
+      },
+      "skip_notification": {
+       "type": "boolean",
+       "location": "query"
+      },
+      "public": {
+       "type": "boolean",
+       "location": "query"
+      }
+     } 
+    },
+    "unshare": {
+     "id": "cloudprint.printers.unshare",
+     "path": "unshare",
+     "httpMethod": "GET",
+     "description": "unshare printer with user, group or domain",
+     "parameters": {
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "scope": {
+       "type": "string",
+       "location": "query"
+      },
+      "public": {
+       "type": "string",
+       "location": "query"
+      }
+     }
+    },
+    "delete": {
+     "id": "cloudprint.printers.delete",
+     "path": "delete",
+     "httpMethod": "GET",
+     "description": "delete a printer",
+     "parameters": {
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      }
+     }
+    },
+    "update": {
+     "id": "cloudprint.printers.update",
+     "path": "update",
+     "httpMethod": "GET",
+     "description": "update a printer",
+     "parameters": {
+      "isTosAccepted": {
+       "type": "boolean",
+       "location": "query"
+      },
+      "gcpVersion": {
+       "type": "string",
+       "location": "query"
+      },
+      "setupUrl": {
+       "type": "string",
+       "location": "query"
+      },
+      "supportUrl": {
+       "type": "string",
+       "location": "query"
+      },
+      "firmware": {
+       "type": "string",
+       "location": "query"
+      },
+      "currentQuota": {
+       "type": "string",
+       "location": "query"
+      },
+      "type": {
+       "type": "string",
+       "location": "query"
+      },
+      "public": {
+       "type": "boolean",
+       "location": "query"
+      },
+      "status": {
+       "type": "string",
+       "location": "query"
+      },
+      "proxy": {
+       "type": "string",
+       "location": "query"
+      },
+      "manufacturer": {
+       "type": "string",
+       "location": "query"
+      },
+      "defaultDisplayName": {
+       "type": "string",
+       "location": "query"
+      },
+      "displayName": {
+       "type": "string",
+       "location": "query"
+      },
+      "name": {
+       "type": "string",
+       "location": "query"
+      },
+      "uuid": {
+       "type": "string",
+       "location": "query"
+      },
+      "updateUrl": {
+       "type": "string",
+       "location": "query"
+      },
+      "ownerId": {
+       "type": "string",
+       "location": "query"
+      },
+      "model": {
+       "type": "string",
+       "location": "query"
+      },
+      "description": {
+       "type": "string",
+       "location": "query"
+      },
+      "printerid": {
+       "type": "string",
+       "required": "true",
+       "location": "query"
+      },
+      "quotaEnabled": {
+       "type": "boolean",
+       "location": "query"
+      },
+      "dailyQuota": {
+       "type": "string",
+       "location": "query"
+      }
+     }
+    } 
+   }
+  }
+ }
+}
--- a/src/gam.py
+++ b/src/gam.py
--- a/src/gam.spec
+++ b/src/gam.spec
@@ -0,0 +1,24 @@
+# -*- mode: python -*-
+a = Analysis(['gam.py'],
+             pathex=['C:\\Users\\jlee\\Documents\\GitHub\\GAM'],
+             hiddenimports=[],
+             hookspath=None,
+             runtime_hooks=None)
+for d in a.datas:
+    if 'pyconfig' in d[0]: 
+        a.datas.remove(d)
+        break
+a.datas += [('httplib2/cacerts.txt', 'httplib2\cacerts.txt', 'DATA')]
+a.datas += [('cloudprint-v2.json', 'cloudprint-v2.json', 'DATA')]
+a.datas += [('admin-settings-v1.json', 'admin-settings-v1.json', 'DATA')]
+pyz = PYZ(a.pure)
+exe = EXE(pyz,
+          a.scripts,
+          a.binaries,
+          a.zipfiles,
+          a.datas,
+          name='gam.exe',
+          debug=False,
+          strip=None,
+          upx=True,
+          console=True )
--- a/src/gdata/init.py
+++ b/src/gdata/init.py
--- a/src/gdata/alt/init.py
+++ b/src/gdata/alt/init.py
--- a/src/gdata/alt/app_engine.py
+++ b/src/gdata/alt/app_engine.py
--- a/src/gdata/alt/appengine.py
+++ b/src/gdata/alt/appengine.py
--- a/src/gdata/apps/init.py
+++ b/src/gdata/apps/init.py
--- a/src/gdata/apps/adminsettings/init.py
+++ b/src/gdata/apps/adminsettings/init.py
--- a/src/gdata/apps/adminsettings/service.py
+++ b/src/gdata/apps/adminsettings/service.py
--- a/src/gdata/apps/audit/init.py
+++ b/src/gdata/apps/audit/init.py
--- a/src/gdata/apps/audit/service.py
+++ b/src/gdata/apps/audit/service.py
--- a/src/gdata/apps/emailsettings/init.py
+++ b/src/gdata/apps/emailsettings/init.py
--- a/src/gdata/apps/emailsettings/service.py
+++ b/src/gdata/apps/emailsettings/service.py
--- a/src/gdata/apps/service.py
+++ b/src/gdata/apps/service.py
--- a/src/gdata/auth.py
+++ b/src/gdata/auth.py
--- a/src/gdata/gauth.py
+++ b/src/gdata/gauth.py
--- a/src/gdata/oauth/CHANGES.txt
+++ b/src/gdata/oauth/CHANGES.txt
@@ -1,17 +1,17 @@
-1. Moved oauth.py to __init__.py
-
-2. Refactored __init__.py for compatibility with python 2.2 (Issue 59)
-
-3. Refactored rsa.py for compatibility with python 2.2 (Issue 59)
-
-4. Refactored OAuthRequest.from_token_and_callback since the callback url was
-getting double url-encoding the callback url in place of single. (Issue 43)
-
-5. Added build_signature_base_string method to rsa.py since it used the
-implementation of this method from oauth.OAuthSignatureMethod_HMAC_SHA1 which
-was incorrect since it enforced the presence of a consumer secret and a token
-secret. Also, changed its super class from oauth.OAuthSignatureMethod_HMAC_SHA1
-to oauth.OAuthSignatureMethod (Issue 64)
-
-6. Refactored <OAuthRequest>.to_header method since it returned non-oauth params
+1. Moved oauth.py to __init__.py
+
+2. Refactored __init__.py for compatibility with python 2.2 (Issue 59)
+
+3. Refactored rsa.py for compatibility with python 2.2 (Issue 59)
+
+4. Refactored OAuthRequest.from_token_and_callback since the callback url was
+getting double url-encoding the callback url in place of single. (Issue 43)
+
+5. Added build_signature_base_string method to rsa.py since it used the
+implementation of this method from oauth.OAuthSignatureMethod_HMAC_SHA1 which
+was incorrect since it enforced the presence of a consumer secret and a token
+secret. Also, changed its super class from oauth.OAuthSignatureMethod_HMAC_SHA1
+to oauth.OAuthSignatureMethod (Issue 64)
+
+6. Refactored <OAuthRequest>.to_header method since it returned non-oauth params
 as well which was incorrect. (Issue 31)
--- a/src/gdata/oauth/init.py
+++ b/src/gdata/oauth/init.py
--- a/src/gdata/oauth/rsa.py
+++ b/src/gdata/oauth/rsa.py
--- a/src/gdata/service.py
+++ b/src/gdata/service.py
--- a/src/gdata/tlslite/BaseDB.py
+++ b/src/gdata/tlslite/BaseDB.py
@@ -1,120 +1,120 @@
-"""Base class for SharedKeyDB and VerifierDB."""
-
-import anydbm
-import thread
-
-class BaseDB:
-    def __init__(self, filename, type):
-        self.type = type
-        self.filename = filename
-        if self.filename:
-            self.db = None
-        else:
-            self.db = {}
-        self.lock = thread.allocate_lock()
-
-    def create(self):
-        """Create a new on-disk database.
-
-        @raise anydbm.error: If there's a problem creating the database.
-        """
-        if self.filename:
-            self.db = anydbm.open(self.filename, "n") #raises anydbm.error
-            self.db["--Reserved--type"] = self.type
-            self.db.sync()
-        else:
-            self.db = {}
-
-    def open(self):
-        """Open a pre-existing on-disk database.
-
-        @raise anydbm.error: If there's a problem opening the database.
-        @raise ValueError: If the database is not of the right type.
-        """
-        if not self.filename:
-            raise ValueError("Can only open on-disk databases")
-        self.db = anydbm.open(self.filename, "w") #raises anydbm.error
-        try:
-            if self.db["--Reserved--type"] != self.type:
-                raise ValueError("Not a %s database" % self.type)
-        except KeyError:
-            raise ValueError("Not a recognized database")
-
-    def __getitem__(self, username):
-        if self.db == None:
-            raise AssertionError("DB not open")
-
-        self.lock.acquire()
-        try:
-            valueStr = self.db[username]
-        finally:
-            self.lock.release()
-
-        return self._getItem(username, valueStr)
-
-    def __setitem__(self, username, value):
-        if self.db == None:
-            raise AssertionError("DB not open")
-
-        valueStr = self._setItem(username, value)
-
-        self.lock.acquire()
-        try:
-            self.db[username] = valueStr
-            if self.filename:
-                self.db.sync()
-        finally:
-            self.lock.release()
-
-    def __delitem__(self, username):
-        if self.db == None:
-            raise AssertionError("DB not open")
-
-        self.lock.acquire()
-        try:
-            del(self.db[username])
-            if self.filename:
-                self.db.sync()
-        finally:
-            self.lock.release()
-
-    def __contains__(self, username):
-        """Check if the database contains the specified username.
-
-        @type username: str
-        @param username: The username to check for.
-
-        @rtype: bool
-        @return: True if the database contains the username, False
-        otherwise.
-
-        """
-        if self.db == None:
-            raise AssertionError("DB not open")
-
-        self.lock.acquire()
-        try:
-            return self.db.has_key(username)
-        finally:
-            self.lock.release()
-
-    def check(self, username, param):
-        value = self.__getitem__(username)
-        return self._checkItem(value, username, param)
-
-    def keys(self):
-        """Return a list of usernames in the database.
-
-        @rtype: list
-        @return: The usernames in the database.
-        """
-        if self.db == None:
-            raise AssertionError("DB not open")
-
-        self.lock.acquire()
-        try:
-            usernames = self.db.keys()
-        finally:
-            self.lock.release()
-        usernames = [u for u in usernames if not u.startswith("--Reserved--")]
+"""Base class for SharedKeyDB and VerifierDB."""
+
+import anydbm
+import thread
+
+class BaseDB:
+    def __init__(self, filename, type):
+        self.type = type
+        self.filename = filename
+        if self.filename:
+            self.db = None
+        else:
+            self.db = {}
+        self.lock = thread.allocate_lock()
+
+    def create(self):
+        """Create a new on-disk database.
+
+        @raise anydbm.error: If there's a problem creating the database.
+        """
+        if self.filename:
+            self.db = anydbm.open(self.filename, "n") #raises anydbm.error
+            self.db["--Reserved--type"] = self.type
+            self.db.sync()
+        else:
+            self.db = {}
+
+    def open(self):
+        """Open a pre-existing on-disk database.
+
+        @raise anydbm.error: If there's a problem opening the database.
+        @raise ValueError: If the database is not of the right type.
+        """
+        if not self.filename:
+            raise ValueError("Can only open on-disk databases")
+        self.db = anydbm.open(self.filename, "w") #raises anydbm.error
+        try:
+            if self.db["--Reserved--type"] != self.type:
+                raise ValueError("Not a %s database" % self.type)
+        except KeyError:
+            raise ValueError("Not a recognized database")
+
+    def __getitem__(self, username):
+        if self.db == None:
+            raise AssertionError("DB not open")
+
+        self.lock.acquire()
+        try:
+            valueStr = self.db[username]
+        finally:
+            self.lock.release()
+
+        return self._getItem(username, valueStr)
+
+    def __setitem__(self, username, value):
+        if self.db == None:
+            raise AssertionError("DB not open")
+
+        valueStr = self._setItem(username, value)
+
+        self.lock.acquire()
+        try:
+            self.db[username] = valueStr
+            if self.filename:
+                self.db.sync()
+        finally:
+            self.lock.release()
+
+    def __delitem__(self, username):
+        if self.db == None:
+            raise AssertionError("DB not open")
+
+        self.lock.acquire()
+        try:
+            del(self.db[username])
+            if self.filename:
+                self.db.sync()
+        finally:
+            self.lock.release()
+
+    def __contains__(self, username):
+        """Check if the database contains the specified username.
+
+        @type username: str
+        @param username: The username to check for.
+
+        @rtype: bool
+        @return: True if the database contains the username, False
+        otherwise.
+
+        """
+        if self.db == None:
+            raise AssertionError("DB not open")
+
+        self.lock.acquire()
+        try:
+            return self.db.has_key(username)
+        finally:
+            self.lock.release()
+
+    def check(self, username, param):
+        value = self.__getitem__(username)
+        return self._checkItem(value, username, param)
+
+    def keys(self):
+        """Return a list of usernames in the database.
+
+        @rtype: list
+        @return: The usernames in the database.
+        """
+        if self.db == None:
+            raise AssertionError("DB not open")
+
+        self.lock.acquire()
+        try:
+            usernames = self.db.keys()
+        finally:
+            self.lock.release()
+        usernames = [u for u in usernames if not u.startswith("--Reserved--")]
        return usernames
--- a/src/gdata/tlslite/Checker.py
+++ b/src/gdata/tlslite/Checker.py
--- a/src/gdata/tlslite/FileObject.py
+++ b/src/gdata/tlslite/FileObject.py
--- a/src/gdata/tlslite/HandshakeSettings.py
+++ b/src/gdata/tlslite/HandshakeSettings.py
--- a/src/gdata/tlslite/Session.py
+++ b/src/gdata/tlslite/Session.py
--- a/src/gdata/tlslite/SessionCache.py
+++ b/src/gdata/tlslite/SessionCache.py
--- a/src/gdata/tlslite/SharedKeyDB.py
+++ b/src/gdata/tlslite/SharedKeyDB.py
--- a/src/gdata/tlslite/TLSConnection.py
+++ b/src/gdata/tlslite/TLSConnection.py
--- a/src/gdata/tlslite/TLSRecordLayer.py
+++ b/src/gdata/tlslite/TLSRecordLayer.py
--- a/src/gdata/tlslite/VerifierDB.py
+++ b/src/gdata/tlslite/VerifierDB.py
--- a/src/gdata/tlslite/X509.py
+++ b/src/gdata/tlslite/X509.py
--- a/src/gdata/tlslite/X509CertChain.py
+++ b/src/gdata/tlslite/X509CertChain.py
@@ -1,181 +1,181 @@
-"""Class representing an X.509 certificate chain."""
-
-from utils import cryptomath
-
-class X509CertChain:
-    """This class represents a chain of X.509 certificates.
-
-    @type x509List: list
-    @ivar x509List: A list of L{tlslite.X509.X509} instances,
-    starting with the end-entity certificate and with every
-    subsequent certificate certifying the previous.
-    """
-
-    def __init__(self, x509List=None):
-        """Create a new X509CertChain.
-
-        @type x509List: list
-        @param x509List: A list of L{tlslite.X509.X509} instances,
-        starting with the end-entity certificate and with every
-        subsequent certificate certifying the previous.
-        """
-        if x509List:
-            self.x509List = x509List
-        else:
-            self.x509List = []
-
-    def getNumCerts(self):
-        """Get the number of certificates in this chain.
-
-        @rtype: int
-        """
-        return len(self.x509List)
-
-    def getEndEntityPublicKey(self):
-        """Get the public key from the end-entity certificate.
-
-        @rtype: L{tlslite.utils.RSAKey.RSAKey}
-        """
-        if self.getNumCerts() == 0:
-            raise AssertionError()
-        return self.x509List[0].publicKey
-
-    def getFingerprint(self):
-        """Get the hex-encoded fingerprint of the end-entity certificate.
-
-        @rtype: str
-        @return: A hex-encoded fingerprint.
-        """
-        if self.getNumCerts() == 0:
-            raise AssertionError()
-        return self.x509List[0].getFingerprint()
-
-    def getCommonName(self):
-        """Get the Subject's Common Name from the end-entity certificate.
-
-        The cryptlib_py module must be installed in order to use this
-        function.
-
-        @rtype: str or None
-        @return: The CN component of the certificate's subject DN, if
-        present.
-        """
-        if self.getNumCerts() == 0:
-            raise AssertionError()
-        return self.x509List[0].getCommonName()
-
-    def validate(self, x509TrustList):
-        """Check the validity of the certificate chain.
-
-        This checks that every certificate in the chain validates with
-        the subsequent one, until some certificate validates with (or
-        is identical to) one of the passed-in root certificates.
-
-        The cryptlib_py module must be installed in order to use this
-        function.
-
-        @type x509TrustList: list of L{tlslite.X509.X509}
-        @param x509TrustList: A list of trusted root certificates.  The
-        certificate chain must extend to one of these certificates to
-        be considered valid.
-        """
-
-        import cryptlib_py
-        c1 = None
-        c2 = None
-        lastC = None
-        rootC = None
-
-        try:
-            rootFingerprints = [c.getFingerprint() for c in x509TrustList]
-
-            #Check that every certificate in the chain validates with the
-            #next one
-            for cert1, cert2 in zip(self.x509List, self.x509List[1:]):
-
-                #If we come upon a root certificate, we're done.
-                if cert1.getFingerprint() in rootFingerprints:
-                    return True
-
-                c1 = cryptlib_py.cryptImportCert(cert1.writeBytes(),
-                                                 cryptlib_py.CRYPT_UNUSED)
-                c2 = cryptlib_py.cryptImportCert(cert2.writeBytes(),
-                                                 cryptlib_py.CRYPT_UNUSED)
-                try:
-                    cryptlib_py.cryptCheckCert(c1, c2)
-                except:
-                    return False
-                cryptlib_py.cryptDestroyCert(c1)
-                c1 = None
-                cryptlib_py.cryptDestroyCert(c2)
-                c2 = None
-
-            #If the last certificate is one of the root certificates, we're
-            #done.
-            if self.x509List[-1].getFingerprint() in rootFingerprints:
-                return True
-
-            #Otherwise, find a root certificate that the last certificate
-            #chains to, and validate them.
-            lastC = cryptlib_py.cryptImportCert(self.x509List[-1].writeBytes(),
-                                                cryptlib_py.CRYPT_UNUSED)
-            for rootCert in x509TrustList:
-                rootC = cryptlib_py.cryptImportCert(rootCert.writeBytes(),
-                                                    cryptlib_py.CRYPT_UNUSED)
-                if self._checkChaining(lastC, rootC):
-                    try:
-                        cryptlib_py.cryptCheckCert(lastC, rootC)
-                        return True
-                    except:
-                        return False
-            return False
-        finally:
-            if not (c1 is None):
-                cryptlib_py.cryptDestroyCert(c1)
-            if not (c2 is None):
-                cryptlib_py.cryptDestroyCert(c2)
-            if not (lastC is None):
-                cryptlib_py.cryptDestroyCert(lastC)
-            if not (rootC is None):
-                cryptlib_py.cryptDestroyCert(rootC)
-
-
-
-    def _checkChaining(self, lastC, rootC):
-        import cryptlib_py
-        import array
-        def compareNames(name):
-            try:
-                length = cryptlib_py.cryptGetAttributeString(lastC, name, None)
-                lastName = array.array('B', [0] * length)
-                cryptlib_py.cryptGetAttributeString(lastC, name, lastName)
-                lastName = lastName.tostring()
-            except cryptlib_py.CryptException, e:
-                if e[0] == cryptlib_py.CRYPT_ERROR_NOTFOUND:
-                    lastName = None
-            try:
-                length = cryptlib_py.cryptGetAttributeString(rootC, name, None)
-                rootName = array.array('B', [0] * length)
-                cryptlib_py.cryptGetAttributeString(rootC, name, rootName)
-                rootName = rootName.tostring()
-            except cryptlib_py.CryptException, e:
-                if e[0] == cryptlib_py.CRYPT_ERROR_NOTFOUND:
-                    rootName = None
-
-            return lastName == rootName
-
-        cryptlib_py.cryptSetAttribute(lastC,
-                                      cryptlib_py.CRYPT_CERTINFO_ISSUERNAME,
-                                      cryptlib_py.CRYPT_UNUSED)
-
-        if not compareNames(cryptlib_py.CRYPT_CERTINFO_COUNTRYNAME):
-            return False
-        if not compareNames(cryptlib_py.CRYPT_CERTINFO_LOCALITYNAME):
-            return False
-        if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONNAME):
-            return False
-        if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONALUNITNAME):
-            return False
-        if not compareNames(cryptlib_py.CRYPT_CERTINFO_COMMONNAME):
-            return False
+"""Class representing an X.509 certificate chain."""
+
+from utils import cryptomath
+
+class X509CertChain:
+    """This class represents a chain of X.509 certificates.
+
+    @type x509List: list
+    @ivar x509List: A list of L{tlslite.X509.X509} instances,
+    starting with the end-entity certificate and with every
+    subsequent certificate certifying the previous.
+    """
+
+    def __init__(self, x509List=None):
+        """Create a new X509CertChain.
+
+        @type x509List: list
+        @param x509List: A list of L{tlslite.X509.X509} instances,
+        starting with the end-entity certificate and with every
+        subsequent certificate certifying the previous.
+        """
+        if x509List:
+            self.x509List = x509List
+        else:
+            self.x509List = []
+
+    def getNumCerts(self):
+        """Get the number of certificates in this chain.
+
+        @rtype: int
+        """
+        return len(self.x509List)
+
+    def getEndEntityPublicKey(self):
+        """Get the public key from the end-entity certificate.
+
+        @rtype: L{tlslite.utils.RSAKey.RSAKey}
+        """
+        if self.getNumCerts() == 0:
+            raise AssertionError()
+        return self.x509List[0].publicKey
+
+    def getFingerprint(self):
+        """Get the hex-encoded fingerprint of the end-entity certificate.
+
+        @rtype: str
+        @return: A hex-encoded fingerprint.
+        """
+        if self.getNumCerts() == 0:
+            raise AssertionError()
+        return self.x509List[0].getFingerprint()
+
+    def getCommonName(self):
+        """Get the Subject's Common Name from the end-entity certificate.
+
+        The cryptlib_py module must be installed in order to use this
+        function.
+
+        @rtype: str or None
+        @return: The CN component of the certificate's subject DN, if
+        present.
+        """
+        if self.getNumCerts() == 0:
+            raise AssertionError()
+        return self.x509List[0].getCommonName()
+
+    def validate(self, x509TrustList):
+        """Check the validity of the certificate chain.
+
+        This checks that every certificate in the chain validates with
+        the subsequent one, until some certificate validates with (or
+        is identical to) one of the passed-in root certificates.
+
+        The cryptlib_py module must be installed in order to use this
+        function.
+
+        @type x509TrustList: list of L{tlslite.X509.X509}
+        @param x509TrustList: A list of trusted root certificates.  The
+        certificate chain must extend to one of these certificates to
+        be considered valid.
+        """
+
+        import cryptlib_py
+        c1 = None
+        c2 = None
+        lastC = None
+        rootC = None
+
+        try:
+            rootFingerprints = [c.getFingerprint() for c in x509TrustList]
+
+            #Check that every certificate in the chain validates with the
+            #next one
+            for cert1, cert2 in zip(self.x509List, self.x509List[1:]):
+
+                #If we come upon a root certificate, we're done.
+                if cert1.getFingerprint() in rootFingerprints:
+                    return True
+
+                c1 = cryptlib_py.cryptImportCert(cert1.writeBytes(),
+                                                 cryptlib_py.CRYPT_UNUSED)
+                c2 = cryptlib_py.cryptImportCert(cert2.writeBytes(),
+                                                 cryptlib_py.CRYPT_UNUSED)
+                try:
+                    cryptlib_py.cryptCheckCert(c1, c2)
+                except:
+                    return False
+                cryptlib_py.cryptDestroyCert(c1)
+                c1 = None
+                cryptlib_py.cryptDestroyCert(c2)
+                c2 = None
+
+            #If the last certificate is one of the root certificates, we're
+            #done.
+            if self.x509List[-1].getFingerprint() in rootFingerprints:
+                return True
+
+            #Otherwise, find a root certificate that the last certificate
+            #chains to, and validate them.
+            lastC = cryptlib_py.cryptImportCert(self.x509List[-1].writeBytes(),
+                                                cryptlib_py.CRYPT_UNUSED)
+            for rootCert in x509TrustList:
+                rootC = cryptlib_py.cryptImportCert(rootCert.writeBytes(),
+                                                    cryptlib_py.CRYPT_UNUSED)
+                if self._checkChaining(lastC, rootC):
+                    try:
+                        cryptlib_py.cryptCheckCert(lastC, rootC)
+                        return True
+                    except:
+                        return False
+            return False
+        finally:
+            if not (c1 is None):
+                cryptlib_py.cryptDestroyCert(c1)
+            if not (c2 is None):
+                cryptlib_py.cryptDestroyCert(c2)
+            if not (lastC is None):
+                cryptlib_py.cryptDestroyCert(lastC)
+            if not (rootC is None):
+                cryptlib_py.cryptDestroyCert(rootC)
+
+
+
+    def _checkChaining(self, lastC, rootC):
+        import cryptlib_py
+        import array
+        def compareNames(name):
+            try:
+                length = cryptlib_py.cryptGetAttributeString(lastC, name, None)
+                lastName = array.array('B', [0] * length)
+                cryptlib_py.cryptGetAttributeString(lastC, name, lastName)
+                lastName = lastName.tostring()
+            except cryptlib_py.CryptException, e:
+                if e[0] == cryptlib_py.CRYPT_ERROR_NOTFOUND:
+                    lastName = None
+            try:
+                length = cryptlib_py.cryptGetAttributeString(rootC, name, None)
+                rootName = array.array('B', [0] * length)
+                cryptlib_py.cryptGetAttributeString(rootC, name, rootName)
+                rootName = rootName.tostring()
+            except cryptlib_py.CryptException, e:
+                if e[0] == cryptlib_py.CRYPT_ERROR_NOTFOUND:
+                    rootName = None
+
+            return lastName == rootName
+
+        cryptlib_py.cryptSetAttribute(lastC,
+                                      cryptlib_py.CRYPT_CERTINFO_ISSUERNAME,
+                                      cryptlib_py.CRYPT_UNUSED)
+
+        if not compareNames(cryptlib_py.CRYPT_CERTINFO_COUNTRYNAME):
+            return False
+        if not compareNames(cryptlib_py.CRYPT_CERTINFO_LOCALITYNAME):
+            return False
+        if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONNAME):
+            return False
+        if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONALUNITNAME):
+            return False
+        if not compareNames(cryptlib_py.CRYPT_CERTINFO_COMMONNAME):
+            return False
        return True
--- a/src/gdata/tlslite/init.py
+++ b/src/gdata/tlslite/init.py
--- a/src/gdata/tlslite/api.py
+++ b/src/gdata/tlslite/api.py
--- a/src/gdata/tlslite/constants.py
+++ b/src/gdata/tlslite/constants.py
--- a/src/gdata/tlslite/errors.py
+++ b/src/gdata/tlslite/errors.py
--- a/src/gdata/tlslite/integration/AsyncStateMachine.py
+++ b/src/gdata/tlslite/integration/AsyncStateMachine.py
@@ -1,235 +1,235 @@
-"""
-A state machine for using TLS Lite with asynchronous I/O.
-"""
-
-class AsyncStateMachine:
-    """
-    This is an abstract class that's used to integrate TLS Lite with
-    asyncore and Twisted.
-
-    This class signals wantsReadsEvent() and wantsWriteEvent().  When
-    the underlying socket has become readable or writeable, the event
-    should be passed to this class by calling inReadEvent() or
-    inWriteEvent().  This class will then try to read or write through
-    the socket, and will update its state appropriately.
-
-    This class will forward higher-level events to its subclass.  For
-    example, when a complete TLS record has been received,
-    outReadEvent() will be called with the decrypted data.
-    """
-
-    def __init__(self):
-        self._clear()
-
-    def _clear(self):
-        #These store the various asynchronous operations (i.e.
-        #generators).  Only one of them, at most, is ever active at a
-        #time.
-        self.handshaker = None
-        self.closer = None
-        self.reader = None
-        self.writer = None
-
-        #This stores the result from the last call to the
-        #currently active operation.  If 0 it indicates that the
-        #operation wants to read, if 1 it indicates that the
-        #operation wants to write.  If None, there is no active
-        #operation.
-        self.result = None
-
-    def _checkAssert(self, maxActive=1):
-        #This checks that only one operation, at most, is
-        #active, and that self.result is set appropriately.
-        activeOps = 0
-        if self.handshaker:
-            activeOps += 1
-        if self.closer:
-            activeOps += 1
-        if self.reader:
-            activeOps += 1
-        if self.writer:
-            activeOps += 1
-
-        if self.result == None:
-            if activeOps != 0:
-                raise AssertionError()
-        elif self.result in (0,1):
-            if activeOps != 1:
-                raise AssertionError()
-        else:
-            raise AssertionError()
-        if activeOps > maxActive:
-            raise AssertionError()
-
-    def wantsReadEvent(self):
-        """If the state machine wants to read.
-
-        If an operation is active, this returns whether or not the
-        operation wants to read from the socket.  If an operation is
-        not active, this returns None.
-
-        @rtype: bool or None
-        @return: If the state machine wants to read.
-        """
-        if self.result != None:
-            return self.result == 0
-        return None
-
-    def wantsWriteEvent(self):
-        """If the state machine wants to write.
-
-        If an operation is active, this returns whether or not the
-        operation wants to write to the socket.  If an operation is
-        not active, this returns None.
-
-        @rtype: bool or None
-        @return: If the state machine wants to write.
-        """
-        if self.result != None:
-            return self.result == 1
-        return None
-
-    def outConnectEvent(self):
-        """Called when a handshake operation completes.
-
-        May be overridden in subclass.
-        """
-        pass
-
-    def outCloseEvent(self):
-        """Called when a close operation completes.
-
-        May be overridden in subclass.
-        """
-        pass
-
-    def outReadEvent(self, readBuffer):
-        """Called when a read operation completes.
-
-        May be overridden in subclass."""
-        pass
-
-    def outWriteEvent(self):
-        """Called when a write operation completes.
-
-        May be overridden in subclass."""
-        pass
-
-    def inReadEvent(self):
-        """Tell the state machine it can read from the socket."""
-        try:
-            self._checkAssert()
-            if self.handshaker:
-                self._doHandshakeOp()
-            elif self.closer:
-                self._doCloseOp()
-            elif self.reader:
-                self._doReadOp()
-            elif self.writer:
-                self._doWriteOp()
-            else:
-                self.reader = self.tlsConnection.readAsync(16384)
-                self._doReadOp()
-        except:
-            self._clear()
-            raise
-
-    def inWriteEvent(self):
-        """Tell the state machine it can write to the socket."""
-        try:
-            self._checkAssert()
-            if self.handshaker:
-                self._doHandshakeOp()
-            elif self.closer:
-                self._doCloseOp()
-            elif self.reader:
-                self._doReadOp()
-            elif self.writer:
-                self._doWriteOp()
-            else:
-                self.outWriteEvent()
-        except:
-            self._clear()
-            raise
-
-    def _doHandshakeOp(self):
-        try:
-            self.result = self.handshaker.next()
-        except StopIteration:
-            self.handshaker = None
-            self.result = None
-            self.outConnectEvent()
-
-    def _doCloseOp(self):
-        try:
-            self.result = self.closer.next()
-        except StopIteration:
-            self.closer = None
-            self.result = None
-            self.outCloseEvent()
-
-    def _doReadOp(self):
-        self.result = self.reader.next()
-        if not self.result in (0,1):
-            readBuffer = self.result
-            self.reader = None
-            self.result = None
-            self.outReadEvent(readBuffer)
-
-    def _doWriteOp(self):
-        try:
-            self.result = self.writer.next()
-        except StopIteration:
-            self.writer = None
-            self.result = None
-
-    def setHandshakeOp(self, handshaker):
-        """Start a handshake operation.
-
-        @type handshaker: generator
-        @param handshaker: A generator created by using one of the
-        asynchronous handshake functions (i.e. handshakeServerAsync, or
-        handshakeClientxxx(..., async=True).
-        """
-        try:
-            self._checkAssert(0)
-            self.handshaker = handshaker
-            self._doHandshakeOp()
-        except:
-            self._clear()
-            raise
-
-    def setServerHandshakeOp(self, **args):
-        """Start a handshake operation.
-
-        The arguments passed to this function will be forwarded to
-        L{tlslite.TLSConnection.TLSConnection.handshakeServerAsync}.
-        """
-        handshaker = self.tlsConnection.handshakeServerAsync(**args)
-        self.setHandshakeOp(handshaker)
-
-    def setCloseOp(self):
-        """Start a close operation.
-        """
-        try:
-            self._checkAssert(0)
-            self.closer = self.tlsConnection.closeAsync()
-            self._doCloseOp()
-        except:
-            self._clear()
-            raise
-
-    def setWriteOp(self, writeBuffer):
-        """Start a write operation.
-
-        @type writeBuffer: str
-        @param writeBuffer: The string to transmit.
-        """
-        try:
-            self._checkAssert(0)
-            self.writer = self.tlsConnection.writeAsync(writeBuffer)
-            self._doWriteOp()
-        except:
-            self._clear()
-            raise
-
+"""
+A state machine for using TLS Lite with asynchronous I/O.
+"""
+
+class AsyncStateMachine:
+    """
+    This is an abstract class that's used to integrate TLS Lite with
+    asyncore and Twisted.
+
+    This class signals wantsReadsEvent() and wantsWriteEvent().  When
+    the underlying socket has become readable or writeable, the event
+    should be passed to this class by calling inReadEvent() or
+    inWriteEvent().  This class will then try to read or write through
+    the socket, and will update its state appropriately.
+
+    This class will forward higher-level events to its subclass.  For
+    example, when a complete TLS record has been received,
+    outReadEvent() will be called with the decrypted data.
+    """
+
+    def __init__(self):
+        self._clear()
+
+    def _clear(self):
+        #These store the various asynchronous operations (i.e.
+        #generators).  Only one of them, at most, is ever active at a
+        #time.
+        self.handshaker = None
+        self.closer = None
+        self.reader = None
+        self.writer = None
+
+        #This stores the result from the last call to the
+        #currently active operation.  If 0 it indicates that the
+        #operation wants to read, if 1 it indicates that the
+        #operation wants to write.  If None, there is no active
+        #operation.
+        self.result = None
+
+    def _checkAssert(self, maxActive=1):
+        #This checks that only one operation, at most, is
+        #active, and that self.result is set appropriately.
+        activeOps = 0
+        if self.handshaker:
+            activeOps += 1
+        if self.closer:
+            activeOps += 1
+        if self.reader:
+            activeOps += 1
+        if self.writer:
+            activeOps += 1
+
+        if self.result == None:
+            if activeOps != 0:
+                raise AssertionError()
+        elif self.result in (0,1):
+            if activeOps != 1:
+                raise AssertionError()
+        else:
+            raise AssertionError()
+        if activeOps > maxActive:
+            raise AssertionError()
+
+    def wantsReadEvent(self):
+        """If the state machine wants to read.
+
+        If an operation is active, this returns whether or not the
+        operation wants to read from the socket.  If an operation is
+        not active, this returns None.
+
+        @rtype: bool or None
+        @return: If the state machine wants to read.
+        """
+        if self.result != None:
+            return self.result == 0
+        return None
+
+    def wantsWriteEvent(self):
+        """If the state machine wants to write.
+
+        If an operation is active, this returns whether or not the
+        operation wants to write to the socket.  If an operation is
+        not active, this returns None.
+
+        @rtype: bool or None
+        @return: If the state machine wants to write.
+        """
+        if self.result != None:
+            return self.result == 1
+        return None
+
+    def outConnectEvent(self):
+        """Called when a handshake operation completes.
+
+        May be overridden in subclass.
+        """
+        pass
+
+    def outCloseEvent(self):
+        """Called when a close operation completes.
+
+        May be overridden in subclass.
+        """
+        pass
+
+    def outReadEvent(self, readBuffer):
+        """Called when a read operation completes.
+
+        May be overridden in subclass."""
+        pass
+
+    def outWriteEvent(self):
+        """Called when a write operation completes.
+
+        May be overridden in subclass."""
+        pass
+
+    def inReadEvent(self):
+        """Tell the state machine it can read from the socket."""
+        try:
+            self._checkAssert()
+            if self.handshaker:
+                self._doHandshakeOp()
+            elif self.closer:
+                self._doCloseOp()
+            elif self.reader:
+                self._doReadOp()
+            elif self.writer:
+                self._doWriteOp()
+            else:
+                self.reader = self.tlsConnection.readAsync(16384)
+                self._doReadOp()
+        except:
+            self._clear()
+            raise
+
+    def inWriteEvent(self):
+        """Tell the state machine it can write to the socket."""
+        try:
+            self._checkAssert()
+            if self.handshaker:
+                self._doHandshakeOp()
+            elif self.closer:
+                self._doCloseOp()
+            elif self.reader:
+                self._doReadOp()
+            elif self.writer:
+                self._doWriteOp()
+            else:
+                self.outWriteEvent()
+        except:
+            self._clear()
+            raise
+
+    def _doHandshakeOp(self):
+        try:
+            self.result = self.handshaker.next()
+        except StopIteration:
+            self.handshaker = None
+            self.result = None
+            self.outConnectEvent()
+
+    def _doCloseOp(self):
+        try:
+            self.result = self.closer.next()
+        except StopIteration:
+            self.closer = None
+            self.result = None
+            self.outCloseEvent()
+
+    def _doReadOp(self):
+        self.result = self.reader.next()
+        if not self.result in (0,1):
+            readBuffer = self.result
+            self.reader = None
+            self.result = None
+            self.outReadEvent(readBuffer)
+
+    def _doWriteOp(self):
+        try:
+            self.result = self.writer.next()
+        except StopIteration:
+            self.writer = None
+            self.result = None
+
+    def setHandshakeOp(self, handshaker):
+        """Start a handshake operation.
+
+        @type handshaker: generator
+        @param handshaker: A generator created by using one of the
+        asynchronous handshake functions (i.e. handshakeServerAsync, or
+        handshakeClientxxx(..., async=True).
+        """
+        try:
+            self._checkAssert(0)
+            self.handshaker = handshaker
+            self._doHandshakeOp()
+        except:
+            self._clear()
+            raise
+
+    def setServerHandshakeOp(self, **args):
+        """Start a handshake operation.
+
+        The arguments passed to this function will be forwarded to
+        L{tlslite.TLSConnection.TLSConnection.handshakeServerAsync}.
+        """
+        handshaker = self.tlsConnection.handshakeServerAsync(**args)
+        self.setHandshakeOp(handshaker)
+
+    def setCloseOp(self):
+        """Start a close operation.
+        """
+        try:
+            self._checkAssert(0)
+            self.closer = self.tlsConnection.closeAsync()
+            self._doCloseOp()
+        except:
+            self._clear()
+            raise
+
+    def setWriteOp(self, writeBuffer):
+        """Start a write operation.
+
+        @type writeBuffer: str
+        @param writeBuffer: The string to transmit.
+        """
+        try:
+            self._checkAssert(0)
+            self.writer = self.tlsConnection.writeAsync(writeBuffer)
+            self._doWriteOp()
+        except:
+            self._clear()
+            raise
+
--- a/src/gdata/tlslite/integration/ClientHelper.py
+++ b/src/gdata/tlslite/integration/ClientHelper.py
@@ -1,163 +1,163 @@
-"""
-A helper class for using TLS Lite with stdlib clients
-(httplib, xmlrpclib, imaplib, poplib).
-"""
-
-from gdata.tlslite.Checker import Checker
-
-class ClientHelper:
-    """This is a helper class used to integrate TLS Lite with various
-    TLS clients (e.g. poplib, smtplib, httplib, etc.)"""
-
-    def __init__(self,
-              username=None, password=None, sharedKey=None,
-              certChain=None, privateKey=None,
-              cryptoID=None, protocol=None,
-              x509Fingerprint=None,
-              x509TrustList=None, x509CommonName=None,
-              settings = None):
-        """
-        For client authentication, use one of these argument
-        combinations:
-         - username, password (SRP)
-         - username, sharedKey (shared-key)
-         - certChain, privateKey (certificate)
-
-        For server authentication, you can either rely on the
-        implicit mutual authentication performed by SRP or
-        shared-keys, or you can do certificate-based server
-        authentication with one of these argument combinations:
-         - cryptoID[, protocol] (requires cryptoIDlib)
-         - x509Fingerprint
-         - x509TrustList[, x509CommonName] (requires cryptlib_py)
-
-        Certificate-based server authentication is compatible with
-        SRP or certificate-based client authentication.  It is
-        not compatible with shared-keys.
-
-        The constructor does not perform the TLS handshake itself, but
-        simply stores these arguments for later.  The handshake is
-        performed only when this class needs to connect with the
-        server.  Then you should be prepared to handle TLS-specific
-        exceptions.  See the client handshake functions in
-        L{tlslite.TLSConnection.TLSConnection} for details on which
-        exceptions might be raised.
-
-        @type username: str
-        @param username: SRP or shared-key username.  Requires the
-        'password' or 'sharedKey' argument.
-
-        @type password: str
-        @param password: SRP password for mutual authentication.
-        Requires the 'username' argument.
-
-        @type sharedKey: str
-        @param sharedKey: Shared key for mutual authentication.
-        Requires the 'username' argument.
-
-        @type certChain: L{tlslite.X509CertChain.X509CertChain} or
-        L{cryptoIDlib.CertChain.CertChain}
-        @param certChain: Certificate chain for client authentication.
-        Requires the 'privateKey' argument.  Excludes the SRP or
-        shared-key related arguments.
-
-        @type privateKey: L{tlslite.utils.RSAKey.RSAKey}
-        @param privateKey: Private key for client authentication.
-        Requires the 'certChain' argument.  Excludes the SRP or
-        shared-key related arguments.
-
-        @type cryptoID: str
-        @param cryptoID: cryptoID for server authentication.  Mutually
-        exclusive with the 'x509...' arguments.
-
-        @type protocol: str
-        @param protocol: cryptoID protocol URI for server
-        authentication.  Requires the 'cryptoID' argument.
-
-        @type x509Fingerprint: str
-        @param x509Fingerprint: Hex-encoded X.509 fingerprint for
-        server authentication.  Mutually exclusive with the 'cryptoID'
-        and 'x509TrustList' arguments.
-
-        @type x509TrustList: list of L{tlslite.X509.X509}
-        @param x509TrustList: A list of trusted root certificates.  The
-        other party must present a certificate chain which extends to
-        one of these root certificates.  The cryptlib_py module must be
-        installed to use this parameter.  Mutually exclusive with the
-        'cryptoID' and 'x509Fingerprint' arguments.
-
-        @type x509CommonName: str
-        @param x509CommonName: The end-entity certificate's 'CN' field
-        must match this value.  For a web server, this is typically a
-        server name such as 'www.amazon.com'.  Mutually exclusive with
-        the 'cryptoID' and 'x509Fingerprint' arguments.  Requires the
-        'x509TrustList' argument.
-
-        @type settings: L{tlslite.HandshakeSettings.HandshakeSettings}
-        @param settings: Various settings which can be used to control
-        the ciphersuites, certificate types, and SSL/TLS versions
-        offered by the client.
-        """
-
-        self.username = None
-        self.password = None
-        self.sharedKey = None
-        self.certChain = None
-        self.privateKey = None
-        self.checker = None
-
-        #SRP Authentication
-        if username and password and not \
-                (sharedKey or certChain or privateKey):
-            self.username = username
-            self.password = password
-
-        #Shared Key Authentication
-        elif username and sharedKey and not \
-                (password or certChain or privateKey):
-            self.username = username
-            self.sharedKey = sharedKey
-
-        #Certificate Chain Authentication
-        elif certChain and privateKey and not \
-                (username or password or sharedKey):
-            self.certChain = certChain
-            self.privateKey = privateKey
-
-        #No Authentication
-        elif not password and not username and not \
-                sharedKey and not certChain and not privateKey:
-            pass
-
-        else:
-            raise ValueError("Bad parameters")
-
-        #Authenticate the server based on its cryptoID or fingerprint
-        if sharedKey and (cryptoID or protocol or x509Fingerprint):
-            raise ValueError("Can't use shared keys with other forms of"\
-                             "authentication")
-
-        self.checker = Checker(cryptoID, protocol, x509Fingerprint,
-                               x509TrustList, x509CommonName)
-        self.settings = settings
-
-        self.tlsSession = None
-
-    def _handshake(self, tlsConnection):
-        if self.username and self.password:
-            tlsConnection.handshakeClientSRP(username=self.username,
-                                             password=self.password,
-                                             checker=self.checker,
-                                             settings=self.settings,
-                                             session=self.tlsSession)
-        elif self.username and self.sharedKey:
-            tlsConnection.handshakeClientSharedKey(username=self.username,
-                                                   sharedKey=self.sharedKey,
-                                                   settings=self.settings)
-        else:
-            tlsConnection.handshakeClientCert(certChain=self.certChain,
-                                              privateKey=self.privateKey,
-                                              checker=self.checker,
-                                              settings=self.settings,
-                                              session=self.tlsSession)
-        self.tlsSession = tlsConnection.session
+"""
+A helper class for using TLS Lite with stdlib clients
+(httplib, xmlrpclib, imaplib, poplib).
+"""
+
+from gdata.tlslite.Checker import Checker
+
+class ClientHelper:
+    """This is a helper class used to integrate TLS Lite with various
+    TLS clients (e.g. poplib, smtplib, httplib, etc.)"""
+
+    def __init__(self,
+              username=None, password=None, sharedKey=None,
+              certChain=None, privateKey=None,
+              cryptoID=None, protocol=None,
+              x509Fingerprint=None,
+              x509TrustList=None, x509CommonName=None,
+              settings = None):
+        """
+        For client authentication, use one of these argument
+        combinations:
+         - username, password (SRP)
+         - username, sharedKey (shared-key)
+         - certChain, privateKey (certificate)
+
+        For server authentication, you can either rely on the
+        implicit mutual authentication performed by SRP or
+        shared-keys, or you can do certificate-based server
+        authentication with one of these argument combinations:
+         - cryptoID[, protocol] (requires cryptoIDlib)
+         - x509Fingerprint
+         - x509TrustList[, x509CommonName] (requires cryptlib_py)
+
+        Certificate-based server authentication is compatible with
+        SRP or certificate-based client authentication.  It is
+        not compatible with shared-keys.
+
+        The constructor does not perform the TLS handshake itself, but
+        simply stores these arguments for later.  The handshake is
+        performed only when this class needs to connect with the
+        server.  Then you should be prepared to handle TLS-specific
+        exceptions.  See the client handshake functions in
+        L{tlslite.TLSConnection.TLSConnection} for details on which
+        exceptions might be raised.
+
+        @type username: str
+        @param username: SRP or shared-key username.  Requires the
+        'password' or 'sharedKey' argument.
+
+        @type password: str
+        @param password: SRP password for mutual authentication.
+        Requires the 'username' argument.
+
+        @type sharedKey: str
+        @param sharedKey: Shared key for mutual authentication.
+        Requires the 'username' argument.
+
+        @type certChain: L{tlslite.X509CertChain.X509CertChain} or
+        L{cryptoIDlib.CertChain.CertChain}
+        @param certChain: Certificate chain for client authentication.
+        Requires the 'privateKey' argument.  Excludes the SRP or
+        shared-key related arguments.
+
+        @type privateKey: L{tlslite.utils.RSAKey.RSAKey}
+        @param privateKey: Private key for client authentication.
+        Requires the 'certChain' argument.  Excludes the SRP or
+        shared-key related arguments.
+
+        @type cryptoID: str
+        @param cryptoID: cryptoID for server authentication.  Mutually
+        exclusive with the 'x509...' arguments.
+
+        @type protocol: str
+        @param protocol: cryptoID protocol URI for server
+        authentication.  Requires the 'cryptoID' argument.
+
+        @type x509Fingerprint: str
+        @param x509Fingerprint: Hex-encoded X.509 fingerprint for
+        server authentication.  Mutually exclusive with the 'cryptoID'
+        and 'x509TrustList' arguments.
+
+        @type x509TrustList: list of L{tlslite.X509.X509}
+        @param x509TrustList: A list of trusted root certificates.  The
+        other party must present a certificate chain which extends to
+        one of these root certificates.  The cryptlib_py module must be
+        installed to use this parameter.  Mutually exclusive with the
+        'cryptoID' and 'x509Fingerprint' arguments.
+
+        @type x509CommonName: str
+        @param x509CommonName: The end-entity certificate's 'CN' field
+        must match this value.  For a web server, this is typically a
+        server name such as 'www.amazon.com'.  Mutually exclusive with
+        the 'cryptoID' and 'x509Fingerprint' arguments.  Requires the
+        'x509TrustList' argument.
+
+        @type settings: L{tlslite.HandshakeSettings.HandshakeSettings}
+        @param settings: Various settings which can be used to control
+        the ciphersuites, certificate types, and SSL/TLS versions
+        offered by the client.
+        """
+
+        self.username = None
+        self.password = None
+        self.sharedKey = None
+        self.certChain = None
+        self.privateKey = None
+        self.checker = None
+
+        #SRP Authentication
+        if username and password and not \
+                (sharedKey or certChain or privateKey):
+            self.username = username
+            self.password = password
+
+        #Shared Key Authentication
+        elif username and sharedKey and not \
+                (password or certChain or privateKey):
+            self.username = username
+            self.sharedKey = sharedKey
+
+        #Certificate Chain Authentication
+        elif certChain and privateKey and not \
+                (username or password or sharedKey):
+            self.certChain = certChain
+            self.privateKey = privateKey
+
+        #No Authentication
+        elif not password and not username and not \
+                sharedKey and not certChain and not privateKey:
+            pass
+
+        else:
+            raise ValueError("Bad parameters")
+
+        #Authenticate the server based on its cryptoID or fingerprint
+        if sharedKey and (cryptoID or protocol or x509Fingerprint):
+            raise ValueError("Can't use shared keys with other forms of"\
+                             "authentication")
+
+        self.checker = Checker(cryptoID, protocol, x509Fingerprint,
+                               x509TrustList, x509CommonName)
+        self.settings = settings
+
+        self.tlsSession = None
+
+    def _handshake(self, tlsConnection):
+        if self.username and self.password:
+            tlsConnection.handshakeClientSRP(username=self.username,
+                                             password=self.password,
+                                             checker=self.checker,
+                                             settings=self.settings,
+                                             session=self.tlsSession)
+        elif self.username and self.sharedKey:
+            tlsConnection.handshakeClientSharedKey(username=self.username,
+                                                   sharedKey=self.sharedKey,
+                                                   settings=self.settings)
+        else:
+            tlsConnection.handshakeClientCert(certChain=self.certChain,
+                                              privateKey=self.privateKey,
+                                              checker=self.checker,
+                                              settings=self.settings,
+                                              session=self.tlsSession)
+        self.tlsSession = tlsConnection.session
--- a/src/gdata/tlslite/integration/HTTPTLSConnection.py
+++ b/src/gdata/tlslite/integration/HTTPTLSConnection.py
--- a/src/gdata/tlslite/integration/IMAP4_TLS.py
+++ b/src/gdata/tlslite/integration/IMAP4_TLS.py
--- a/src/gdata/tlslite/integration/IntegrationHelper.py
+++ b/src/gdata/tlslite/integration/IntegrationHelper.py
@@ -1,52 +1,52 @@
-
-class IntegrationHelper:
-
-    def __init__(self,
-              username=None, password=None, sharedKey=None,
-              certChain=None, privateKey=None,
-              cryptoID=None, protocol=None,
-              x509Fingerprint=None,
-              x509TrustList=None, x509CommonName=None,
-              settings = None):
-
-        self.username = None
-        self.password = None
-        self.sharedKey = None
-        self.certChain = None
-        self.privateKey = None
-        self.checker = None
-
-        #SRP Authentication
-        if username and password and not \
-                (sharedKey or certChain or privateKey):
-            self.username = username
-            self.password = password
-
-        #Shared Key Authentication
-        elif username and sharedKey and not \
-                (password or certChain or privateKey):
-            self.username = username
-            self.sharedKey = sharedKey
-
-        #Certificate Chain Authentication
-        elif certChain and privateKey and not \
-                (username or password or sharedKey):
-            self.certChain = certChain
-            self.privateKey = privateKey
-
-        #No Authentication
-        elif not password and not username and not \
-                sharedKey and not certChain and not privateKey:
-            pass
-
-        else:
-            raise ValueError("Bad parameters")
-
-        #Authenticate the server based on its cryptoID or fingerprint
-        if sharedKey and (cryptoID or protocol or x509Fingerprint):
-            raise ValueError("Can't use shared keys with other forms of"\
-                             "authentication")
-
-        self.checker = Checker(cryptoID, protocol, x509Fingerprint,
-                               x509TrustList, x509CommonName)
+
+class IntegrationHelper:
+
+    def __init__(self,
+              username=None, password=None, sharedKey=None,
+              certChain=None, privateKey=None,
+              cryptoID=None, protocol=None,
+              x509Fingerprint=None,
+              x509TrustList=None, x509CommonName=None,
+              settings = None):
+
+        self.username = None
+        self.password = None
+        self.sharedKey = None
+        self.certChain = None
+        self.privateKey = None
+        self.checker = None
+
+        #SRP Authentication
+        if username and password and not \
+                (sharedKey or certChain or privateKey):
+            self.username = username
+            self.password = password
+
+        #Shared Key Authentication
+        elif username and sharedKey and not \
+                (password or certChain or privateKey):
+            self.username = username
+            self.sharedKey = sharedKey
+
+        #Certificate Chain Authentication
+        elif certChain and privateKey and not \
+                (username or password or sharedKey):
+            self.certChain = certChain
+            self.privateKey = privateKey
+
+        #No Authentication
+        elif not password and not username and not \
+                sharedKey and not certChain and not privateKey:
+            pass
+
+        else:
+            raise ValueError("Bad parameters")
+
+        #Authenticate the server based on its cryptoID or fingerprint
+        if sharedKey and (cryptoID or protocol or x509Fingerprint):
+            raise ValueError("Can't use shared keys with other forms of"\
+                             "authentication")
+
+        self.checker = Checker(cryptoID, protocol, x509Fingerprint,
+                               x509TrustList, x509CommonName)
        self.settings = settings
--- a/src/gdata/tlslite/integration/POP3_TLS.py
+++ b/src/gdata/tlslite/integration/POP3_TLS.py
--- a/src/gdata/tlslite/integration/SMTP_TLS.py
+++ b/src/gdata/tlslite/integration/SMTP_TLS.py
--- a/src/gdata/tlslite/integration/TLSAsyncDispatcherMixIn.py
+++ b/src/gdata/tlslite/integration/TLSAsyncDispatcherMixIn.py
@@ -1,139 +1,139 @@
-"""TLS Lite + asyncore."""
-
-
-import asyncore
-from gdata.tlslite.TLSConnection import TLSConnection
-from AsyncStateMachine import AsyncStateMachine
-
-
-class TLSAsyncDispatcherMixIn(AsyncStateMachine):
-    """This class can be "mixed in" with an
-    L{asyncore.dispatcher} to add TLS support.
-
-    This class essentially sits between the dispatcher and the select
-    loop, intercepting events and only calling the dispatcher when
-    applicable.
-
-    In the case of handle_read(), a read operation will be activated,
-    and when it completes, the bytes will be placed in a buffer where
-    the dispatcher can retrieve them by calling recv(), and the
-    dispatcher's handle_read() will be called.
-
-    In the case of handle_write(), the dispatcher's handle_write() will
-    be called, and when it calls send(), a write operation will be
-    activated.
-
-    To use this class, you must combine it with an asyncore.dispatcher,
-    and pass in a handshake operation with setServerHandshakeOp().
-
-    Below is an example of using this class with medusa.  This class is
-    mixed in with http_channel to create http_tls_channel.  Note:
-     1. the mix-in is listed first in the inheritance list
-
-     2. the input buffer size must be at least 16K, otherwise the
-       dispatcher might not read all the bytes from the TLS layer,
-       leaving some bytes in limbo.
-
-     3. IE seems to have a problem receiving a whole HTTP response in a
-     single TLS record, so HTML pages containing '\\r\\n\\r\\n' won't
-     be displayed on IE.
-
-    Add the following text into 'start_medusa.py', in the 'HTTP Server'
-    section::
-
-        from tlslite.api import *
-        s = open("./serverX509Cert.pem").read()
-        x509 = X509()
-        x509.parse(s)
-        certChain = X509CertChain([x509])
-
-        s = open("./serverX509Key.pem").read()
-        privateKey = parsePEMKey(s, private=True)
-
-        class http_tls_channel(TLSAsyncDispatcherMixIn,
-                               http_server.http_channel):
-            ac_in_buffer_size = 16384
-
-            def __init__ (self, server, conn, addr):
-                http_server.http_channel.__init__(self, server, conn, addr)
-                TLSAsyncDispatcherMixIn.__init__(self, conn)
-                self.tlsConnection.ignoreAbruptClose = True
-                self.setServerHandshakeOp(certChain=certChain,
-                                          privateKey=privateKey)
-
-        hs.channel_class = http_tls_channel
-
-    If the TLS layer raises an exception, the exception will be caught
-    in asyncore.dispatcher, which will call close() on this class.  The
-    TLS layer always closes the TLS connection before raising an
-    exception, so the close operation will complete right away, causing
-    asyncore.dispatcher.close() to be called, which closes the socket
-    and removes this instance from the asyncore loop.
-
-    """
-
-
-    def __init__(self, sock=None):
-        AsyncStateMachine.__init__(self)
-
-        if sock:
-            self.tlsConnection = TLSConnection(sock)
-
-        #Calculate the sibling I'm being mixed in with.
-        #This is necessary since we override functions
-        #like readable(), handle_read(), etc., but we
-        #also want to call the sibling's versions.
-        for cl in self.__class__.__bases__:
-            if cl != TLSAsyncDispatcherMixIn and cl != AsyncStateMachine:
-                self.siblingClass = cl
-                break
-        else:
-            raise AssertionError()
-
-    def readable(self):
-        result = self.wantsReadEvent()
-        if result != None:
-            return result
-        return self.siblingClass.readable(self)
-
-    def writable(self):
-        result = self.wantsWriteEvent()
-        if result != None:
-            return result
-        return self.siblingClass.writable(self)
-
-    def handle_read(self):
-        self.inReadEvent()
-
-    def handle_write(self):
-        self.inWriteEvent()
-
-    def outConnectEvent(self):
-        self.siblingClass.handle_connect(self)
-
-    def outCloseEvent(self):
-        asyncore.dispatcher.close(self)
-
-    def outReadEvent(self, readBuffer):
-        self.readBuffer = readBuffer
-        self.siblingClass.handle_read(self)
-
-    def outWriteEvent(self):
-        self.siblingClass.handle_write(self)
-
-    def recv(self, bufferSize=16384):
-        if bufferSize < 16384 or self.readBuffer == None:
-            raise AssertionError()
-        returnValue = self.readBuffer
-        self.readBuffer = None
-        return returnValue
-
-    def send(self, writeBuffer):
-        self.setWriteOp(writeBuffer)
-        return len(writeBuffer)
-
-    def close(self):
-        if hasattr(self, "tlsConnection"):
-            self.setCloseOp()
-        else:
-            asyncore.dispatcher.close(self)
+"""TLS Lite + asyncore."""
+
+
+import asyncore
+from gdata.tlslite.TLSConnection import TLSConnection
+from AsyncStateMachine import AsyncStateMachine
+
+
+class TLSAsyncDispatcherMixIn(AsyncStateMachine):
+    """This class can be "mixed in" with an
+    L{asyncore.dispatcher} to add TLS support.
+
+    This class essentially sits between the dispatcher and the select
+    loop, intercepting events and only calling the dispatcher when
+    applicable.
+
+    In the case of handle_read(), a read operation will be activated,
+    and when it completes, the bytes will be placed in a buffer where
+    the dispatcher can retrieve them by calling recv(), and the
+    dispatcher's handle_read() will be called.
+
+    In the case of handle_write(), the dispatcher's handle_write() will
+    be called, and when it calls send(), a write operation will be
+    activated.
+
+    To use this class, you must combine it with an asyncore.dispatcher,
+    and pass in a handshake operation with setServerHandshakeOp().
+
+    Below is an example of using this class with medusa.  This class is
+    mixed in with http_channel to create http_tls_channel.  Note:
+     1. the mix-in is listed first in the inheritance list
+
+     2. the input buffer size must be at least 16K, otherwise the
+       dispatcher might not read all the bytes from the TLS layer,
+       leaving some bytes in limbo.
+
+     3. IE seems to have a problem receiving a whole HTTP response in a
+     single TLS record, so HTML pages containing '\\r\\n\\r\\n' won't
+     be displayed on IE.
+
+    Add the following text into 'start_medusa.py', in the 'HTTP Server'
+    section::
+
+        from tlslite.api import *
+        s = open("./serverX509Cert.pem").read()
+        x509 = X509()
+        x509.parse(s)
+        certChain = X509CertChain([x509])
+
+        s = open("./serverX509Key.pem").read()
+        privateKey = parsePEMKey(s, private=True)
+
+        class http_tls_channel(TLSAsyncDispatcherMixIn,
+                               http_server.http_channel):
+            ac_in_buffer_size = 16384
+
+            def __init__ (self, server, conn, addr):
+                http_server.http_channel.__init__(self, server, conn, addr)
+                TLSAsyncDispatcherMixIn.__init__(self, conn)
+                self.tlsConnection.ignoreAbruptClose = True
+                self.setServerHandshakeOp(certChain=certChain,
+                                          privateKey=privateKey)
+
+        hs.channel_class = http_tls_channel
+
+    If the TLS layer raises an exception, the exception will be caught
+    in asyncore.dispatcher, which will call close() on this class.  The
+    TLS layer always closes the TLS connection before raising an
+    exception, so the close operation will complete right away, causing
+    asyncore.dispatcher.close() to be called, which closes the socket
+    and removes this instance from the asyncore loop.
+
+    """
+
+
+    def __init__(self, sock=None):
+        AsyncStateMachine.__init__(self)
+
+        if sock:
+            self.tlsConnection = TLSConnection(sock)
+
+        #Calculate the sibling I'm being mixed in with.
+        #This is necessary since we override functions
+        #like readable(), handle_read(), etc., but we
+        #also want to call the sibling's versions.
+        for cl in self.__class__.__bases__:
+            if cl != TLSAsyncDispatcherMixIn and cl != AsyncStateMachine:
+                self.siblingClass = cl
+                break
+        else:
+            raise AssertionError()
+
+    def readable(self):
+        result = self.wantsReadEvent()
+        if result != None:
+            return result
+        return self.siblingClass.readable(self)
+
+    def writable(self):
+        result = self.wantsWriteEvent()
+        if result != None:
+            return result
+        return self.siblingClass.writable(self)
+
+    def handle_read(self):
+        self.inReadEvent()
+
+    def handle_write(self):
+        self.inWriteEvent()
+
+    def outConnectEvent(self):
+        self.siblingClass.handle_connect(self)
+
+    def outCloseEvent(self):
+        asyncore.dispatcher.close(self)
+
+    def outReadEvent(self, readBuffer):
+        self.readBuffer = readBuffer
+        self.siblingClass.handle_read(self)
+
+    def outWriteEvent(self):
+        self.siblingClass.handle_write(self)
+
+    def recv(self, bufferSize=16384):
+        if bufferSize < 16384 or self.readBuffer == None:
+            raise AssertionError()
+        returnValue = self.readBuffer
+        self.readBuffer = None
+        return returnValue
+
+    def send(self, writeBuffer):
+        self.setWriteOp(writeBuffer)
+        return len(writeBuffer)
+
+    def close(self):
+        if hasattr(self, "tlsConnection"):
+            self.setCloseOp()
+        else:
+            asyncore.dispatcher.close(self)
--- a/src/gdata/tlslite/integration/TLSSocketServerMixIn.py
+++ b/src/gdata/tlslite/integration/TLSSocketServerMixIn.py
--- a/src/gdata/tlslite/integration/TLSTwistedProtocolWrapper.py
+++ b/src/gdata/tlslite/integration/TLSTwistedProtocolWrapper.py
@@ -1,196 +1,196 @@
-"""TLS Lite + Twisted."""
-
-from twisted.protocols.policies import ProtocolWrapper, WrappingFactory
-from twisted.python.failure import Failure
-
-from AsyncStateMachine import AsyncStateMachine
-from gdata.tlslite.TLSConnection import TLSConnection
-from gdata.tlslite.errors import *
-
-import socket
-import errno
-
-
-#The TLSConnection is created around a "fake socket" that
-#plugs it into the underlying Twisted transport
-class _FakeSocket:
-    def __init__(self, wrapper):
-        self.wrapper = wrapper
-        self.data = ""
-
-    def send(self, data):
-        ProtocolWrapper.write(self.wrapper, data)
-        return len(data)
-
-    def recv(self, numBytes):
-        if self.data == "":
-            raise socket.error, (errno.EWOULDBLOCK, "")
-        returnData = self.data[:numBytes]
-        self.data = self.data[numBytes:]
-        return returnData
-
-class TLSTwistedProtocolWrapper(ProtocolWrapper, AsyncStateMachine):
-    """This class can wrap Twisted protocols to add TLS support.
-
-    Below is a complete example of using TLS Lite with a Twisted echo
-    server.
-
-    There are two server implementations below.  Echo is the original
-    protocol, which is oblivious to TLS.  Echo1 subclasses Echo and
-    negotiates TLS when the client connects.  Echo2 subclasses Echo and
-    negotiates TLS when the client sends "STARTTLS"::
-
-        from twisted.internet.protocol import Protocol, Factory
-        from twisted.internet import reactor
-        from twisted.protocols.policies import WrappingFactory
-        from twisted.protocols.basic import LineReceiver
-        from twisted.python import log
-        from twisted.python.failure import Failure
-        import sys
-        from tlslite.api import *
-
-        s = open("./serverX509Cert.pem").read()
-        x509 = X509()
-        x509.parse(s)
-        certChain = X509CertChain([x509])
-
-        s = open("./serverX509Key.pem").read()
-        privateKey = parsePEMKey(s, private=True)
-
-        verifierDB = VerifierDB("verifierDB")
-        verifierDB.open()
-
-        class Echo(LineReceiver):
-            def connectionMade(self):
-                self.transport.write("Welcome to the echo server!\\r\\n")
-
-            def lineReceived(self, line):
-                self.transport.write(line + "\\r\\n")
-
-        class Echo1(Echo):
-            def connectionMade(self):
-                if not self.transport.tlsStarted:
-                    self.transport.setServerHandshakeOp(certChain=certChain,
-                                                        privateKey=privateKey,
-                                                        verifierDB=verifierDB)
-                else:
-                    Echo.connectionMade(self)
-
-            def connectionLost(self, reason):
-                pass #Handle any TLS exceptions here
-
-        class Echo2(Echo):
-            def lineReceived(self, data):
-                if data == "STARTTLS":
-                    self.transport.setServerHandshakeOp(certChain=certChain,
-                                                        privateKey=privateKey,
-                                                        verifierDB=verifierDB)
-                else:
-                    Echo.lineReceived(self, data)
-
-            def connectionLost(self, reason):
-                pass #Handle any TLS exceptions here
-
-        factory = Factory()
-        factory.protocol = Echo1
-        #factory.protocol = Echo2
-
-        wrappingFactory = WrappingFactory(factory)
-        wrappingFactory.protocol = TLSTwistedProtocolWrapper
-
-        log.startLogging(sys.stdout)
-        reactor.listenTCP(1079, wrappingFactory)
-        reactor.run()
-
-    This class works as follows:
-
-    Data comes in and is given to the AsyncStateMachine for handling.
-    AsyncStateMachine will forward events to this class, and we'll
-    pass them on to the ProtocolHandler, which will proxy them to the
-    wrapped protocol.  The wrapped protocol may then call back into
-    this class, and these calls will be proxied into the
-    AsyncStateMachine.
-
-    The call graph looks like this:
-     - self.dataReceived
-       - AsyncStateMachine.inReadEvent
-         - self.out(Connect|Close|Read)Event
-           - ProtocolWrapper.(connectionMade|loseConnection|dataReceived)
-             - self.(loseConnection|write|writeSequence)
-               - AsyncStateMachine.(setCloseOp|setWriteOp)
-    """
-
-    #WARNING: IF YOU COPY-AND-PASTE THE ABOVE CODE, BE SURE TO REMOVE
-    #THE EXTRA ESCAPING AROUND "\\r\\n"
-
-    def __init__(self, factory, wrappedProtocol):
-        ProtocolWrapper.__init__(self, factory, wrappedProtocol)
-        AsyncStateMachine.__init__(self)
-        self.fakeSocket = _FakeSocket(self)
-        self.tlsConnection = TLSConnection(self.fakeSocket)
-        self.tlsStarted = False
-        self.connectionLostCalled = False
-
-    def connectionMade(self):
-        try:
-            ProtocolWrapper.connectionMade(self)
-        except TLSError, e:
-            self.connectionLost(Failure(e))
-            ProtocolWrapper.loseConnection(self)
-
-    def dataReceived(self, data):
-        try:
-            if not self.tlsStarted:
-                ProtocolWrapper.dataReceived(self, data)
-            else:
-                self.fakeSocket.data += data
-                while self.fakeSocket.data:
-                    AsyncStateMachine.inReadEvent(self)
-        except TLSError, e:
-            self.connectionLost(Failure(e))
-            ProtocolWrapper.loseConnection(self)
-
-    def connectionLost(self, reason):
-        if not self.connectionLostCalled:
-            ProtocolWrapper.connectionLost(self, reason)
-            self.connectionLostCalled = True
-
-
-    def outConnectEvent(self):
-        ProtocolWrapper.connectionMade(self)
-
-    def outCloseEvent(self):
-        ProtocolWrapper.loseConnection(self)
-
-    def outReadEvent(self, data):
-        if data == "":
-            ProtocolWrapper.loseConnection(self)
-        else:
-            ProtocolWrapper.dataReceived(self, data)
-
-
-    def setServerHandshakeOp(self, **args):
-        self.tlsStarted = True
-        AsyncStateMachine.setServerHandshakeOp(self, **args)
-
-    def loseConnection(self):
-        if not self.tlsStarted:
-            ProtocolWrapper.loseConnection(self)
-        else:
-            AsyncStateMachine.setCloseOp(self)
-
-    def write(self, data):
-        if not self.tlsStarted:
-            ProtocolWrapper.write(self, data)
-        else:
-            #Because of the FakeSocket, write operations are guaranteed to
-            #terminate immediately.
-            AsyncStateMachine.setWriteOp(self, data)
-
-    def writeSequence(self, seq):
-        if not self.tlsStarted:
-            ProtocolWrapper.writeSequence(self, seq)
-        else:
-            #Because of the FakeSocket, write operations are guaranteed to
-            #terminate immediately.
-            AsyncStateMachine.setWriteOp(self, "".join(seq))
+"""TLS Lite + Twisted."""
+
+from twisted.protocols.policies import ProtocolWrapper, WrappingFactory
+from twisted.python.failure import Failure
+
+from AsyncStateMachine import AsyncStateMachine
+from gdata.tlslite.TLSConnection import TLSConnection
+from gdata.tlslite.errors import *
+
+import socket
+import errno
+
+
+#The TLSConnection is created around a "fake socket" that
+#plugs it into the underlying Twisted transport
+class _FakeSocket:
+    def __init__(self, wrapper):
+        self.wrapper = wrapper
+        self.data = ""
+
+    def send(self, data):
+        ProtocolWrapper.write(self.wrapper, data)
+        return len(data)
+
+    def recv(self, numBytes):
+        if self.data == "":
+            raise socket.error, (errno.EWOULDBLOCK, "")
+        returnData = self.data[:numBytes]
+        self.data = self.data[numBytes:]
+        return returnData
+
+class TLSTwistedProtocolWrapper(ProtocolWrapper, AsyncStateMachine):
+    """This class can wrap Twisted protocols to add TLS support.
+
+    Below is a complete example of using TLS Lite with a Twisted echo
+    server.
+
+    There are two server implementations below.  Echo is the original
+    protocol, which is oblivious to TLS.  Echo1 subclasses Echo and
+    negotiates TLS when the client connects.  Echo2 subclasses Echo and
+    negotiates TLS when the client sends "STARTTLS"::
+
+        from twisted.internet.protocol import Protocol, Factory
+        from twisted.internet import reactor
+        from twisted.protocols.policies import WrappingFactory
+        from twisted.protocols.basic import LineReceiver
+        from twisted.python import log
+        from twisted.python.failure import Failure
+        import sys
+        from tlslite.api import *
+
+        s = open("./serverX509Cert.pem").read()
+        x509 = X509()
+        x509.parse(s)
+        certChain = X509CertChain([x509])
+
+        s = open("./serverX509Key.pem").read()
+        privateKey = parsePEMKey(s, private=True)
+
+        verifierDB = VerifierDB("verifierDB")
+        verifierDB.open()
+
+        class Echo(LineReceiver):
+            def connectionMade(self):
+                self.transport.write("Welcome to the echo server!\\r\\n")
+
+            def lineReceived(self, line):
+                self.transport.write(line + "\\r\\n")
+
+        class Echo1(Echo):
+            def connectionMade(self):
+                if not self.transport.tlsStarted:
+                    self.transport.setServerHandshakeOp(certChain=certChain,
+                                                        privateKey=privateKey,
+                                                        verifierDB=verifierDB)
+                else:
+                    Echo.connectionMade(self)
+
+            def connectionLost(self, reason):
+                pass #Handle any TLS exceptions here
+
+        class Echo2(Echo):
+            def lineReceived(self, data):
+                if data == "STARTTLS":
+                    self.transport.setServerHandshakeOp(certChain=certChain,
+                                                        privateKey=privateKey,
+                                                        verifierDB=verifierDB)
+                else:
+                    Echo.lineReceived(self, data)
+
+            def connectionLost(self, reason):
+                pass #Handle any TLS exceptions here
+
+        factory = Factory()
+        factory.protocol = Echo1
+        #factory.protocol = Echo2
+
+        wrappingFactory = WrappingFactory(factory)
+        wrappingFactory.protocol = TLSTwistedProtocolWrapper
+
+        log.startLogging(sys.stdout)
+        reactor.listenTCP(1079, wrappingFactory)
+        reactor.run()
+
+    This class works as follows:
+
+    Data comes in and is given to the AsyncStateMachine for handling.
+    AsyncStateMachine will forward events to this class, and we'll
+    pass them on to the ProtocolHandler, which will proxy them to the
+    wrapped protocol.  The wrapped protocol may then call back into
+    this class, and these calls will be proxied into the
+    AsyncStateMachine.
+
+    The call graph looks like this:
+     - self.dataReceived
+       - AsyncStateMachine.inReadEvent
+         - self.out(Connect|Close|Read)Event
+           - ProtocolWrapper.(connectionMade|loseConnection|dataReceived)
+             - self.(loseConnection|write|writeSequence)
+               - AsyncStateMachine.(setCloseOp|setWriteOp)
+    """
+
+    #WARNING: IF YOU COPY-AND-PASTE THE ABOVE CODE, BE SURE TO REMOVE
+    #THE EXTRA ESCAPING AROUND "\\r\\n"
+
+    def __init__(self, factory, wrappedProtocol):
+        ProtocolWrapper.__init__(self, factory, wrappedProtocol)
+        AsyncStateMachine.__init__(self)
+        self.fakeSocket = _FakeSocket(self)
+        self.tlsConnection = TLSConnection(self.fakeSocket)
+        self.tlsStarted = False
+        self.connectionLostCalled = False
+
+    def connectionMade(self):
+        try:
+            ProtocolWrapper.connectionMade(self)
+        except TLSError, e:
+            self.connectionLost(Failure(e))
+            ProtocolWrapper.loseConnection(self)
+
+    def dataReceived(self, data):
+        try:
+            if not self.tlsStarted:
+                ProtocolWrapper.dataReceived(self, data)
+            else:
+                self.fakeSocket.data += data
+                while self.fakeSocket.data:
+                    AsyncStateMachine.inReadEvent(self)
+        except TLSError, e:
+            self.connectionLost(Failure(e))
+            ProtocolWrapper.loseConnection(self)
+
+    def connectionLost(self, reason):
+        if not self.connectionLostCalled:
+            ProtocolWrapper.connectionLost(self, reason)
+            self.connectionLostCalled = True
+
+
+    def outConnectEvent(self):
+        ProtocolWrapper.connectionMade(self)
+
+    def outCloseEvent(self):
+        ProtocolWrapper.loseConnection(self)
+
+    def outReadEvent(self, data):
+        if data == "":
+            ProtocolWrapper.loseConnection(self)
+        else:
+            ProtocolWrapper.dataReceived(self, data)
+
+
+    def setServerHandshakeOp(self, **args):
+        self.tlsStarted = True
+        AsyncStateMachine.setServerHandshakeOp(self, **args)
+
+    def loseConnection(self):
+        if not self.tlsStarted:
+            ProtocolWrapper.loseConnection(self)
+        else:
+            AsyncStateMachine.setCloseOp(self)
+
+    def write(self, data):
+        if not self.tlsStarted:
+            ProtocolWrapper.write(self, data)
+        else:
+            #Because of the FakeSocket, write operations are guaranteed to
+            #terminate immediately.
+            AsyncStateMachine.setWriteOp(self, data)
+
+    def writeSequence(self, seq):
+        if not self.tlsStarted:
+            ProtocolWrapper.writeSequence(self, seq)
+        else:
+            #Because of the FakeSocket, write operations are guaranteed to
+            #terminate immediately.
+            AsyncStateMachine.setWriteOp(self, "".join(seq))
--- a/src/gdata/tlslite/integration/XMLRPCTransport.py
+++ b/src/gdata/tlslite/integration/XMLRPCTransport.py
--- a/src/gdata/tlslite/integration/init.py
+++ b/src/gdata/tlslite/integration/init.py
--- a/src/gdata/tlslite/mathtls.py
+++ b/src/gdata/tlslite/mathtls.py
--- a/src/gdata/tlslite/messages.py
+++ b/src/gdata/tlslite/messages.py
--- a/src/gdata/tlslite/utils/AES.py
+++ b/src/gdata/tlslite/utils/AES.py
--- a/src/gdata/tlslite/utils/ASN1Parser.py
+++ b/src/gdata/tlslite/utils/ASN1Parser.py
--- a/src/gdata/tlslite/utils/Cryptlib_AES.py
+++ b/src/gdata/tlslite/utils/Cryptlib_AES.py
--- a/src/gdata/tlslite/utils/Cryptlib_RC4.py
+++ b/src/gdata/tlslite/utils/Cryptlib_RC4.py
--- a/src/gdata/tlslite/utils/Cryptlib_TripleDES.py
+++ b/src/gdata/tlslite/utils/Cryptlib_TripleDES.py
--- a/src/gdata/tlslite/utils/OpenSSL_AES.py
+++ b/src/gdata/tlslite/utils/OpenSSL_AES.py
--- a/src/gdata/tlslite/utils/OpenSSL_RC4.py
+++ b/src/gdata/tlslite/utils/OpenSSL_RC4.py
--- a/src/gdata/tlslite/utils/OpenSSL_RSAKey.py
+++ b/src/gdata/tlslite/utils/OpenSSL_RSAKey.py
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Jay Lee	4956873357	two more removes	2016-03-16 13:27:20 -04:00
Jay Lee	4dd1d6a244	more bad files removed	2016-03-16 13:26:08 -04:00
Jay Lee	65367947e0	Add pyasn1 and rsa for native crypt operations. Remove bad admx stuff	2016-03-16 13:24:19 -04:00
Jay Lee	a83414f831	bump to 3.65	2016-03-16 13:14:28 -04:00
Jay Lee	bba894bdc3	Remove Drive-storage and Coordinate SKUs (faster) and add Apps-Lite.	2016-03-16 13:13:24 -04:00
Jay Lee	190c4f212d	Upgrade googleapiclient to 1.5.0	2016-03-16 13:05:55 -04:00
Jay Lee	d8a78d96ae	Upgrade to oauth2client 2.0.1. Remove support for seperate pem keys.	2016-03-16 12:53:05 -04:00
Jay Lee	1d30eb7d91	switch "delete messages" to use batchDelete() for performance	2016-03-16 12:21:50 -04:00
Jay Lee	ac86758e79	Add messages modify command which can add/remove labels on messages.	2016-03-16 12:04:59 -04:00
Jay Lee	afee6c32a3	Merge pull request #189 from taers232c/branch-3.63 Fixes; cosmetic changes	2016-03-16 10:47:54 -04:00
Ross Scroggs	7412236679	gam <UserTypeEntity> untrash message\|messages query <Query> [doit] [max_to_untrash <Number>]	2016-03-09 15:41:04 -08:00
Ross Scroggs	3ef433687a	Add [listlimit <Number>] to gam print cros This limits the number of entries shown for activeTimeRanges and recentUsers	2016-03-09 15:14:26 -08:00
Ross Scroggs	82d43d0b62	Minor tweaks for compatibility	2016-03-05 18:40:01 -08:00
Ross Scroggs	bf31e72384	Add noaliases and groups arguments to gam info group	2016-03-04 14:29:56 -08:00
Ross Scroggs	2a37589a9f	Add untrash argument to gam delete drivefile	2016-03-03 08:25:03 -08:00
Ross Scroggs	cafa01248a	Cosmetic cleanup	2016-02-27 19:56:04 -08:00
Ross Scroggs	5ab14fef05	Handle missing values in column	2016-02-27 19:07:01 -08:00
Ross Scroggs	6b6ada5b2c	Improve error message	2016-02-26 19:10:15 -08:00
Ross Scroggs	18420275af	Fix setting GamPath in Windows (better solution)	2016-02-26 17:00:46 -08:00
Ross Scroggs	8f283acf66	Fix setting GamPath in Windows	2016-02-26 16:47:08 -08:00
Ross Scroggs	f27df74339	Allow csv FileName:FieldName and csvfile FileName:FieldName csvfile form must be used for: gam csvfile FileName:FieldName … as gam csv FileName is already defined	2016-02-24 16:25:57 -08:00
Ross Scroggs	ca059a62a6	Strip blanks, handle empty entries in gam file and gam csvfile	2016-02-12 06:03:20 -08:00
Ross Scroggs	6dae2302c0	Fix doVacation	2016-02-11 20:41:14 -08:00
Ross Scroggs	bae5f20ec4	gam csv FileName:FieldName changed to gam csvfile FileName:FieldName Added error checking	2016-02-11 20:09:40 -08:00
Jay Lee	51a4d92a90	3.63, maxresults param to print groups	2016-02-05 10:51:33 -05:00
Jay Lee	d527f4104f	simplify file list of users and add csv list	2016-02-05 10:31:31 -05:00
Jay Lee	2d74916ca5	group membership sync batch support	2016-02-05 09:42:07 -05:00
Jay Lee	3fcde95fe8	Add "gam print roles"	2015-12-23 09:52:04 -05:00
Jay Lee	2235c10df7	handle blank lines it batch	2015-12-23 09:05:03 -05:00
Jay Lee	327e09291b	disable discovery cache Disable discovery cache as it broke CSV commands on windows with lock errors. The cache is new in googleapiclient 1.4.2 which was upgraded after GAM 3.61: `30125120b4` down the line, we should investigate actual issue with cache as enabling it would improve GAM performance.	2015-12-23 08:06:22 -05:00
Jay Lee	1dd36424be	showLabels handle non-Gmail users	2015-12-23 06:55:22 -05:00
Jay Lee	ade2d0ae54	handle no results on Gmail profile	2015-12-23 06:50:57 -05:00
Jay Lee	ac3dbd25f3	If userid isn't in domain, return blank	2015-12-23 06:32:43 -05:00
Jay Lee	2e6811d2d4	Limit cache filenames to 64 chars to prevent long paths from confusing windows	2015-12-23 06:26:45 -05:00
Jay Lee	61a9d0c0a6	Merge pull request #146 from taers232c/master Global variables update	2015-12-23 06:18:36 -05:00
Ross Scroggs	4cc775bcae	Eliminate try except IndexError in argument parsing	2015-12-22 23:27:42 -08:00
Ross Scroggs	96dfa52dba	Clean up parsing transferSecCals, transferDriveFiles	2015-12-22 22:16:33 -08:00
Ross Scroggs	1f1329c536	Ok, allow gam create admin to take uid: or id:abcdefghi for org unit	2015-12-22 20:41:13 -08:00
Ross Scroggs	3bb54f875d	In gam create admin, org unit id is id:abcdefghj not uid:abcdefhgi	2015-12-22 20:34:42 -08:00
Ross Scroggs	84b6c1cb87	Handle undefined role	2015-12-22 18:15:15 -08:00
Ross Scroggs	4f4bb316d0	Handle invalid argument in gam print admins	2015-12-22 18:09:22 -08:00
Ross Scroggs	fe6430edc6	Global variables do-over Global variables not from environment variables/signal files in GM_Globals Global variables from environment variables/signal files in GC_Values SetGlobalVariables processes all environment variables/signal files buildGAPIObject reworked buildGAPIServiceObject reworked Switch resource calendar processing from GData to GAPI Implement role assignments	2015-12-22 17:56:37 -08:00
Ross Scroggs	6c421de8c4	Merge remote-tracking branch 'jay0lee/master'	2015-12-22 17:52:31 -08:00
Ross Scroggs	c04ae91dc5	Commit Jay changes	2015-12-22 17:37:56 -08:00
Ross Scroggs	14bc340e56	Commit Jays changes	2015-12-22 17:23:43 -08:00
Ross Scroggs	6fd107c230	CSV debug check inadvertently dropped	2015-12-22 16:39:56 -08:00
Ross Scroggs	5f2c2103a5	Revamp environment variables/signal files processing Global variables not from environment variables/signal files in GM_Globals Global variables from environment variables/signal files in GC_Values SetGlobalVariables processes all environment variables/signal files buildGAPIObject reworked buildGAPIServiceObject reworked Switch resource calendar processing from GData to GAPI Implement role assignments	2015-12-22 16:10:30 -08:00
Jay Lee	a06828dbcf	Delete messages fixes -catch more unauthorized service account errors -print which account we're working with before attempting auth and mailbox search -soft errors on API call to keep GAM from quiting on mailbox error. -	2015-12-22 16:42:47 -05:00
Jay Lee	b260cb8f50	add admin commands, upgrade resources to new API, partial text subst. on csv commands	2015-12-22 15:25:58 -05:00
Jay Lee	2fc3355388	Merge pull request #144 from taers232c/master More cleanup	2015-12-21 14:50:37 -05:00
Ross Scroggs	24d5a169f6	Standardize server not found error handling	2015-12-19 16:17:09 -08:00
Ross Scroggs	2bc0dd5fbe	More cleanup Handle debug.gam, extra_args.txt in one place Clean up coding for callGAPIpages Simplify coding for disable_ssl_certificate_validation Break up long arg lists into multiple lines for callGData, callGAPI, callGAPIpages Handle missing client_secrets.json inline in doRequestOauth	2015-12-19 16:05:43 -08:00
Jay Lee	d76e5008a7	Merge pull request #134 from taers232c/master Cleanup - use named constants	2015-12-19 06:56:08 -05:00
Ross Scroggs	21f01757a3	Make sure that callGData and callGAPI return something	2015-12-17 17:11:17 -08:00
Ross Scroggs	4da936344f	Downshift more Boolean values	2015-11-24 18:10:23 -08:00
Ross Scroggs	05920cc7d7	Boolean values were not downshifted in doCreateUser	2015-11-24 17:14:37 -08:00
Ross Scroggs	edb17ad06e	Allow reader in doCalendarAddACL, fix infinite loops in doPop, doCreateUser, doUpdateUser	2015-11-24 16:51:06 -08:00
Ross Scroggs	ab6f8fa7bf	Update doVacation	2015-11-22 10:57:00 -08:00
Ross Scroggs	b822608b15	Define/use file processing routines; fix show filelist allfields Define and use new file handling primitives to simply code and isolate error handling. Error message cleanup. Google added a new object (userPermission) to the filesResource object which broke showDriveFiles because it has an item named 'id' which wiped out the file id. This fix makes compound column names for all dictionary objects except for labels.	2015-11-21 09:50:11 -08:00
Ross Scroggs	7a9bda9b1b	Guard vacation info with convertUTF8, fix typo in doGetNotifications	2015-11-19 16:46:16 -08:00
Ross Scroggs	3edfce202f	Cleanup - use named constants Use named constants instead of repeated literals Define messages at top, would make language translation easier Clean up result handling in doDownloadActivity/ExportRequest Handle missing Python SSL module in one place The following two files need to be updated to 3.61 https://gam-update.appspot.com/latest-version-announcement.txt https://gam-update.appspot.com/latest-version.txt	2015-11-16 07:13:39 -08:00
Jay Lee	c5b4a822d9	Merge pull request #133 from taers232c/master Cleanup - consolidate redundant code, no functional change	2015-11-15 13:35:48 -05:00
Ross Scroggs	e3ae862732	Cleanup - consolidate redundant code, no functional change Define GAM_URL, GAM_INFO, GAM_RELEASES strings once, use in multiple places Simplify getAPIVer, getAPIScope - use dictionaries Define getServiceFromDiscoveryDocument to replace redundant code Move tryOAuth/doRequestOAuth calls to commonAppsObjInit Use dictionaries in appID2app/app2appID	2015-11-15 10:30:46 -08:00
Jay Lee	74b1127f6e	Merge pull request #130 from taers232c/master Apply convertUTF8 to more fields, clean up gam create resource/print resources	2015-11-15 09:30:51 -05:00
Ross Scroggs	2c3f12b38c	Limit pageSize to 100 in doDriveActivity, otherwise backend errors	2015-11-14 12:09:52 -08:00
Ross Scroggs	94ee718aa9	Handle missing emails in courses.	2015-11-12 15:30:15 -08:00
Ross Scroggs	f34620aa73	Fix coding error getting environment variable GAM_AUTOBATCH	2015-11-12 12:40:46 -08:00
Ross Scroggs	a43bb56a43	Real fix to gam create resource	2015-11-11 06:35:50 -08:00
Ross Scroggs	a4ed95b81b	Clean up gam create resource/print resources Add type as a synonym of restype to create to make consistent with update Add type to print so that resource type is visible	2015-11-11 06:08:55 -08:00
Ross Scroggs	ddd8348bdd	Apply convertUTF8 to more fields	2015-11-03 10:53:31 -08:00
Jay Lee	d32095f3fe	Merge pull request #128 from taers232c/master GAM 3.62 Bug Fixes, Clean Up	2015-10-30 08:46:02 -04:00
Ross Scroggs	a958bf8be7	Small cleanups	2015-10-29 16:02:24 -07:00
Ross Scroggs	2d643a551c	Use update instead of patch in doUpdateOrg as patch doesn't work	2015-10-28 12:26:32 -07:00
Ross Scroggs	b16d75ec43	Fix .lower where () was missing	2015-10-28 11:54:36 -07:00
Ross Scroggs	f40af555c3	Use os.environ.get, remove try/except	2015-10-28 11:45:40 -07:00
Ross Scroggs	c82672d77b	3.62 Fixes	2015-10-27 18:30:07 -07:00
Jay Lee	867488bf77	Update README.md	2015-10-08 06:41:17 -04:00
Jay Lee	9c485334f1	Update README.md	2015-10-07 08:22:28 -04:00
Ross Scroggs	04ff83fc2d	Correct gam update org <OrgUnit> add cros /all cros	2015-10-05 07:49:10 -07:00
Ross Scroggs	d61e2751ef	Merge remote-tracking branch 'jay0lee/master'	2015-10-05 04:51:39 -07:00
Jay Lee	87b64572db	Merge pull request #124 from taers232c/master Changes to atom/service.py and gdata/service.py to support Domain Shared Contacts	2015-10-05 06:46:34 -04:00
Ross Scroggs	50a33a5083	gdata/service.py change not required	2015-10-04 08:23:00 -07:00
Ross Scroggs	2dc72ab262	Merge remote-tracking branch 'origin/master'	2015-10-03 21:25:41 -07:00
Ross Scroggs	6dec0ea0f1	Changes required for Domain Shared Contacts	2015-10-03 21:25:18 -07:00
Ross Scroggs	fdc4e867c2	Merge remote-tracking branch 'jay0lee/master'	2015-10-03 07:00:56 -07:00
Ross Scroggs	525731fe33	Merge remote-tracking branch 'jay0lee/master'	2015-10-01 08:01:47 -07:00
Jay Lee	66d86b8d4d	Merge pull request #121 from taers232c/master Clean up argument parsing, error messages, redundant use of .keys()	2015-10-01 05:38:16 -04:00
Ross Scroggs	2443d5d1cf	Clean up argument parsing, error message, redundant use of .keys()	2015-09-30 14:40:05 -07:00
Jay Lee	8863e7337e	Just get logo directly (reduce dependency on gdata library	2015-09-30 11:48:53 -04:00
Jay Lee	27b31ff1fb	Add fixes back for oauth2client	2015-09-30 09:57:49 -04:00
Jay Lee	58335025c4	Make cloudprint. and admin-settings JSON files part of Windows binary	2015-09-30 09:42:08 -04:00
Jay Lee	c1225178d6	move nearly everything into /src to make git.io/gam cleaner w/o a readme tree	2015-09-30 09:14:32 -04:00
Jay Lee	8b19040e45	update googleapiclient, httplib2, oauth2client and passlib to latest versions	2015-09-30 09:07:28 -04:00
Jay Lee	6ba62b66b4	remove old setup files, sync gam.spec	2015-09-30 08:43:16 -04:00
Jay Lee	e1bd7d7ae9	Update README.md	2015-09-30 08:39:56 -04:00
Jay Lee	c9b2c1d8d6	Fix "gam update customer", customer field not needed.	2015-09-30 08:34:38 -04:00
Jay Lee	1ae2b960c7	update whatsnew.txt	2015-09-30 06:50:39 -04:00
Jay Lee	0c2d4ab5cb	remove old duplicate doCreateDomain func and ver to 3.61	2015-09-30 06:46:07 -04:00
Jay Lee	b9460cbcea	Merge pull request #118 from taers232c/master Fixes	2015-09-30 06:44:34 -04:00
Ross Scroggs	886a26cc5d	Fix doGetDomainInfo to properly pass logo <Filename> to doGetInstanceInfo	2015-09-29 22:54:29 -07:00
Ross Scroggs	94dcd98e8d	Fixes doUpdateCustomer - starting on wrong index appID2add - wrong variable in error message convertUserIDtoEmail - id is Python built-in, use uid doPrintDataTransfers - todrive argument causes infinite loop doPrintDataTransfers - trailing space doGetDataTransferInfo - id is Python built-in, use dtId	2015-09-29 20:36:56 -07:00
Jay Lee	c3038807b9	Domains and Data Transfer APIs added	2015-09-29 15:52:05 -04:00
Jay Lee	7acb8a9e85	Merge pull request #103 from karlosss/patch-1 "updating user..." should be in stdout, not stderr	2015-08-21 19:04:33 -04:00
karlosss	2d47622a0e	"updating user..." should be in stdout, not stderr The "updating user..." info is pumped into stderr instead of stdout - i fixed this.	2015-08-22 00:59:57 +02:00
Jay Lee	bbfe5d36e8	Merge pull request #99 from taers232c/master cleanup for pylint	2015-08-20 11:28:50 -04:00
Ross Scroggs	0ecb732d60	Remove appdirs	2015-08-20 07:45:17 -07:00
Ross Scroggs	8b5ac30030	Implement appdirs, cleanup for pylint	2015-08-19 23:31:23 -07:00
Jay Lee	0c7bf10355	one more by Ross	2015-07-11 20:29:48 -04:00
Jay Lee	319273eb03	large number of fixes from Ross Scroggs	2015-07-11 18:34:16 -04:00
Jay Lee	199c49ff5e	course aliases, message delete/trash, misc other	2015-07-11 15:00:50 -04:00
Jay Lee	8d967b1125	minor fixes for GAM 3.5 Windows build	2015-07-02 06:38:13 -04:00
Jay Lee	277b5ac261	huge dump for Classroom, CloudPrint and batch fixes/improvements	2015-07-02 05:36:37 -04:00
Jay Lee	0b035deff0	update whatsnew.txt	2015-05-01 05:02:21 -04:00
Jay Lee	73c3cb013f	be conservative with password hashing to prevent timeouts	2015-04-30 20:18:16 -04:00
Jay Lee	f2b2c90586	bump version to 3.45	2015-04-30 20:17:44 -04:00
Jay Lee	2c21aac0d6	Add six.py 1.9.0 for better OS X and Linux compatability	2015-04-30 14:35:16 -04:00
Jay Lee	ce1efd6cb9	what's new with you?	2015-04-15 15:07:01 -04:00
Jay Lee	5b72c7d713	update orgunit commands to support IDs	2015-04-15 15:06:48 -04:00
Jay Lee	2861b739c9	cleanup is_frozen for pyinstaller	2015-04-15 13:27:41 -04:00
Jay Lee	e5e9cd1367	cleanup "print cros"	2015-04-15 12:25:21 -04:00
Jay Lee	0fd9ab303d	read extra-args.txt for additonal URL params	2015-04-15 11:48:16 -04:00
Jay Lee	db0dd231b1	googleapiclient 1.4 and oauth2client 1.4.7 upgrades	2015-04-15 11:47:26 -04:00
Jay Lee	a2e8d17a69	gafw, d4w and dfw license abbreviations	2015-04-15 10:52:09 -04:00
Jay Lee	e73eb0453d	windows and pyinstaller ignores	2015-04-15 10:50:22 -04:00
Jay Lee	d9a911cf56	switch build.bat from py2exe to pyinstaller	2015-04-15 10:46:41 -04:00
Jay Lee	95c8b7ab16	direct load sha512_crypt so pyinstaller is happy	2015-04-15 10:30:29 -04:00
Jay Lee	825f16ecc7	Merge pull request #60 from erikpt/master Add support for annotatedAssetId field on Chrome OS devices	2015-04-15 08:57:05 -04:00
Erik Pitti	a9993ad361	Fixed casing for annotatedAssetId field based on Google API docs. (Letter "D" in annotatedAssetId had been erroneously capitalized)	2015-04-13 17:35:31 -07:00
Erik Pitti	e2f717a46a	Fixed spacing for orgs line	2015-04-13 13:29:07 -07:00
Erik Pitti	ec1b59066f	Added support for annotatedAssetID field on updating Chrome OS devices	2015-04-13 13:22:14 -07:00
Jay Lee	3354bb386d	bundle_files 3 to prevent crash of 32-bit Windows	2015-03-18 14:57:10 -04:00