Update build.yml

Graak! Why I can't get my code translated into yours is beyond me; this time for sure.

.github/actions/linux-before-install.sh

@@ -55,7 +55,7 @@ else
     tar xf openssl-$BUILD_OPENSSL_VERSION.tar.gz
     cd openssl-$BUILD_OPENSSL_VERSION
     echo "Compiling OpenSSL $BUILD_OPENSSL_VERSION..."
-    ./config shared --prefix=$HOME/ssl
+    ./Configure --libdir=lib --prefix=$HOME/ssl
     echo "Running make for OpenSSL..."
     make -j$cpucount -s
     echo "Running make install for OpenSSL..."
@@ -70,7 +70,7 @@ else
     cd Python-$BUILD_PYTHON_VERSION
     echo "Compiling Python $BUILD_PYTHON_VERSION..."
     safe_flags="--with-openssl=$HOME/ssl --enable-shared --prefix=$HOME/python --with-ensurepip=upgrade"
-    unsafe_flags="--enable-optimizations --with-lto"
+    unsafe_flags="--enable-optimizations --with-lto --with-openssl=~/ssl --with-openssl-rpath=~~/ssl/lib"
     if [ ! -e Makefile ]; then
       echo "running configure with safe and unsafe"
       ./configure $safe_flags $unsafe_flags > /dev/null

.github/actions/macos-before-install.sh

@@ -29,7 +29,7 @@ echo "installing Python $BUILD_PYTHON_VERSION..."
 sudo installer -pkg ./$pyfile -target /
 
 # This fixes https://github.com/pyinstaller/pyinstaller/issues/5062
-codesign --remove-signature /Library/Frameworks/Python.framework/Versions/3.9/Python
+#codesign --remove-signature /Library/Frameworks/Python.framework/Versions/3.10/Python
 
 #if [ ! -f python-$MIN_PYTHON_VERSION-macosx10.9.pkg ]; then
 #  wget --quiet https://www.python.org/ftp/python/$MIN_PYTHON_VERSION/python-$MIN_PYTHON_VERSION-macosx10.9.pkg

.github/workflows/build.yml

@@ -14,11 +14,11 @@ defaults:
 env:
   BUILD_PYTHON_VERSION: "3.10.0"
   MIN_PYTHON_VERSION: "3.10.0"
-  BUILD_OPENSSL_VERSION: "1.1.1l"
+  BUILD_OPENSSL_VERSION: "3.0.0"
   MIN_OPENSSL_VERSION: "1.1.1l"
   PATCHELF_VERSION: "0.13"
   # PYINSTALLER_VERSION can be full commit hash or version like v4.20
-  PYINSTALLER_VERSION: "1e6a8d53f150cf24b574c32085f3745cbd2afaa6"
+  PYINSTALLER_VERSION: "6eae2c7cf93a968ddc054339e0cb3063f90d0e64"
 
 jobs:
   build:
@@ -73,7 +73,7 @@ jobs:
             platform: "x86_64"
           - os: ubuntu-20.04
             goal: test
-            python: "3.10.0"
+            python: "3.9"
             jid: 9
             gamos: linux
             platform: x86_64
@@ -92,7 +92,7 @@ jobs:
           path: |
             ~/python
             ~/ssl
-          key: ${{ matrix.os }}-${{ matrix.jid }}-20211014
+          key: ${{ matrix.os }}-${{ matrix.jid }}-20211122
 
       - name: Set env variables
         env:
@@ -333,7 +333,7 @@ jobs:
              $gam print browsers
              export sn="$JID$JID$JID$JID-$(openssl rand -base64 32 | sed 's/[^a-zA-Z0-9]//g')"
              $gam create device serialnumber $sn devicetype android
-             $gam print cros allfields nolists
+             $gam print cros allfields orderby serialnumber
              $gam report usageparameters customer
              $gam report usage customer parameters gmail:num_emails_sent,accounts:num_1day_logins
              $gam report customer todrive

src/gam/__init__.py

@@ -7765,7 +7765,9 @@ def _generatePrivateKeyAndPublicCert(client_id, key_size):
         x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, client_id)]))
     builder = builder.issuer_name(
         x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, client_id)]))
-    builder = builder.not_valid_before(datetime.datetime.today())
+    # Gooogle seems to enforce the not before date strictly. Set the not before
+    # date to be UTC one hour ago should cover any clock skew.
+    builder = builder.not_valid_before(datetime.datetime.utcnow() - datetime.timedelta(hours=1))
     # Google uses 12/31/9999 date for end time
     builder = builder.not_valid_after(datetime.datetime(9999, 12, 31, 23, 59))
     builder = builder.serial_number(x509.random_serial_number())

src/gam/auth/oauth.py

@@ -395,7 +395,7 @@ class Credentials(google.oauth2.credentials.Credentials):
             self.refresh(request)
 
         self._id_token_data = google.oauth2.id_token.verify_oauth2_token(
-            self.id_token, request)
+            self.id_token, request, clock_skew_in_seconds=10)
 
     def get_token_value(self, field):
         """Retrieves data from the OAuth ID token.

src/gam/display.py

@@ -154,30 +154,41 @@ def write_csv_file(csvRows, titles, list_type, todrive):
                 return True
         return False
 
+    def filterMatch(filterVal, columns, row):
+        for column in columns:
+            if filterVal[1] == 'regex':
+                if filterVal[2].search(str(row.get(column, ''))):
+                    return True
+            elif filterVal[1] == 'notregex':
+                if not filterVal[2].search(str(row.get(column, ''))):
+                    return True
+            elif filterVal[1] in ['date', 'time']:
+                if rowDateTimeFilterMatch(
+                    filterVal[1] == 'date', row.get(column, ''),
+                    filterVal[2], filterVal[3]):
+                    return True
+            elif filterVal[1] == 'count':
+                if rowCountFilterMatch(
+                    row.get(column, 0), filterVal[2], filterVal[3]):
+                    return True
+            else:  #boolean
+                if rowBooleanFilterMatch(
+                    row.get(column, False), filterVal[2]):
+                    return True
+        return False
+
     def rowFilterMatch(filters, columns, row):
         for c, filterVal in iter(filters.items()):
-            for column in columns[c]:
-                if filterVal[1] == 'regex':
-                    if not filterVal[2].search(str(row.get(column, ''))):
-                        return False
-                elif filterVal[1] == 'notregex':
-                    if filterVal[2].search(str(row.get(column, ''))):
-                        return False
-                elif filterVal[1] in ['date', 'time']:
-                    if not rowDateTimeFilterMatch(
-                        filterVal[1] == 'date', row.get(column, ''),
-                        filterVal[2], filterVal[3]):
-                        return False
-                elif filterVal[1] == 'count':
-                    if not rowCountFilterMatch(
-                        row.get(column, 0), filterVal[2], filterVal[3]):
-                        return False
-                else:  #boolean
-                    if not rowBooleanFilterMatch(
-                        row.get(column, False), filterVal[2]):
-                        return False
+            if not filterMatch(filterVal, columns[c], row):
+                return False
         return True
 
+    def rowDropFilterMatch(filters, columns, row):
+        for c, filterVal in iter(filters.items()):
+            if filterMatch(filterVal, columns[c], row):
+                return True
+        return False
+
     if GC_Values[GC_CSV_ROW_FILTER] or GC_Values[GC_CSV_ROW_DROP_FILTER]:
         if GC_Values[GC_CSV_ROW_FILTER]:
             keepColumns = {}
@@ -210,7 +221,7 @@ def write_csv_file(csvRows, titles, list_type, todrive):
             if (((keepColumns is None) or
                  rowFilterMatch(GC_Values[GC_CSV_ROW_FILTER], keepColumns, row)) and
                 ((dropColumns is None) or
-                 not rowFilterMatch(GC_Values[GC_CSV_ROW_DROP_FILTER], dropColumns, row))):
+                 not rowDropFilterMatch(GC_Values[GC_CSV_ROW_DROP_FILTER], dropColumns, row))):
                 rows.append(row)
         csvRows = rows
 
@@ -231,7 +242,14 @@ def write_csv_file(csvRows, titles, list_type, todrive):
                 'No columns selected with GAM_CSV_HEADER_FILTER and GAM_CSV_HEADER_DROP_FILTER\n'
             )
             return
-    csv.register_dialect('nixstdout', lineterminator='\n')
+    nixstdout_dialect = {'lineterminator': '\n',
+                         'quoting': csv.QUOTE_MINIMAL}
+    # fix issue with Python 3.10.0 and no escape char
+    # 3.10.1+ may fix this within Python so hopefully
+    # this is short-lived.
+    if sys.version_info.minor >= 10:
+        nixstdout_dialect['escapechar'] = '\\'
+    csv.register_dialect('nixstdout', **nixstdout_dialect)
     if todrive:
         write_to = io.StringIO()
     else:
@@ -239,8 +257,7 @@ def write_csv_file(csvRows, titles, list_type, todrive):
     writer = csv.DictWriter(write_to,
                             fieldnames=titles,
                             dialect='nixstdout',
-                            extrasaction='ignore',
-                            quoting=csv.QUOTE_MINIMAL)
+                            extrasaction='ignore')
     try:
         writer.writerow(dict((item, item) for item in writer.fieldnames))
         writer.writerows(csvRows)

src/gam/gapi/__init__.py

@@ -359,7 +359,7 @@ def handle_oauth_token_error(e, soft_errors):
       returns to the caller.
   """
     token_error = str(e).replace('.', '')
-    if token_error in errors.OAUTH2_TOKEN_ERRORS or e.startswith(
+    if token_error in errors.OAUTH2_TOKEN_ERRORS or token_error.startswith(
             'Invalid response'):
         if soft_errors:
             return

src/gam/var.py

@@ -8,7 +8,7 @@ import platform
 import re
 
 GAM_AUTHOR = 'Jay Lee <jay0lee@gmail.com>'
-GAM_VERSION = '6.09'
+GAM_VERSION = '6.11'
 GAM_LICENSE = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
 
 GAM_URL = 'https://git.io/gam'
@@ -631,6 +631,7 @@ MACOS_CODENAMES = {
         16: 'Big Sur'
         },
     11: 'Big Sur',
+    12: 'Monterey',
     }
 
 _MICROSOFT_FORMATS_LIST = [{

src/requirements.txt

@@ -4,7 +4,7 @@ filelock
 google-api-python-client>=2.1
 google-auth-httplib2
 google-auth-oauthlib>=0.4.1
-google-auth>=1.11.2
+google-auth>=2.3.2
 httplib2>=0.17.0
 importlib.metadata; python_version < '3.8'
 passlib>=1.7.2