# -*- coding: utf-8 -*- # Copyright (C) 2023 Ross Scroggs All Rights Reserved. # # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. """Google API resources """ # APIs ACCESSCONTEXTMANAGER = 'accesscontextmanager' ALERTCENTER = 'alertcenter' ANALYTICS = 'analytics' ANALYTICS_ADMIN = 'analyticsadmin' CALENDAR = 'calendar' CBCM = 'cbcm' CHAT = 'chat' CHAT_MEMBERSHIPS = 'chatmemberships' CHAT_MESSAGES = 'chatmessages' CHAT_SPACES = 'chatspaces' CHAT_SPACES_DELETE = 'chatspacesdelete' CHROMEMANAGEMENT = 'chromemanagement' CHROMEMANAGEMENT_APPDETAILS = 'chromemanagementappdetails' CHROMEMANAGEMENT_TELEMETRY = 'chromemanagementtelemetry' CHROMEPOLICY = 'chromepolicy' CHROMEVERSIONHISTORY = 'versionhistory' CLASSROOM = 'classroom' CLOUDCHANNEL = 'cloudchannel' CLOUDIDENTITY_DEVICES = 'cloudidentitydevices' CLOUDIDENTITY_GROUPS = 'cloudidentitygroups' CLOUDIDENTITY_INBOUND_SSO = 'cloudidentityinboundsso' CLOUDIDENTITY_ORGUNITS = 'cloudidentityorgunits' CLOUDIDENTITY_ORGUNITS_BETA = 'cloudidentityorgunitsbeta' CLOUDIDENTITY_USERINVITATIONS = 'cloudidentityuserinvitations' CLOUDRESOURCEMANAGER = 'cloudresourcemanager' CLOUDRESOURCEMANAGER_V1 = 'cloudresourcemanager1' CONTACTS = 'contacts' CONTACTDELEGATION = 'contactdelegation' DATATRANSFER = 'datatransfer' DIRECTORY = 'directory' DIRECTORY_BETA = 'directory_beta' DOCS = 'docs' DRIVE2 = 'drive2' DRIVE3 = 'drive3' DRIVETD = 'drivetd' DRIVEACTIVITY = 'driveactivity' DRIVELABELS = 'drivelabels' DRIVELABELS_ADMIN = 'drivelabelsadmin' DRIVELABELS_USER = 'drivelabelsuser' EMAIL_AUDIT = 'email-audit' FORMS = 'forms' GMAIL = 'gmail' GROUPSMIGRATION = 'groupsmigration' GROUPSSETTINGS = 'groupssettings' IAM = 'iam' IAM_CREDENTIALS = 'iamcredentials' IAP = 'iap' KEEP = 'keep' LICENSING = 'licensing' LOOKERSTUDIO = 'datastudio' OAUTH2 = 'oauth2' PEOPLE = 'people' PEOPLE_DIRECTORY = 'peopledirectory' PEOPLE_OTHERCONTACTS = 'peopleothercontacts' PRINTERS = 'printers' PUBSUB = 'pubsub' REPORTS = 'reports' RESELLER = 'reseller' SERVICEMANAGEMENT = 'servicemanagement' SERVICEUSAGE = 'serviceusage' SHEETS = 'sheets' SHEETSTD = 'sheetstd' SITES = 'sites' SITEVERIFICATION = 'siteVerification' STORAGE = 'storage' STORAGEREAD = 'storageread' STORAGEWRITE = 'storagewrite' TASKS = 'tasks' VAULT = 'vault' YOUTUBE = 'youtube' # CHROMEVERSIONHISTORY_URL = 'https://versionhistory.googleapis.com/v1/chrome/platforms' DRIVE_SCOPE = 'https://www.googleapis.com/auth/drive' GMAIL_SEND_SCOPE = 'https://www.googleapis.com/auth/gmail.send' GOOGLE_OAUTH2_TOKEN_ENDPOINT = "https://oauth2.googleapis.com/token" CLOUD_PLATFORM_SCOPE = 'https://www.googleapis.com/auth/cloud-platform' IAM_SCOPE = 'https://www.googleapis.com/auth/iam' PEOPLE_SCOPE = 'https://www.googleapis.com/auth/contacts' STORAGE_READONLY_SCOPE = 'https://www.googleapis.com/auth/devstorage.read_only' STORAGE_READWRITE_SCOPE = 'https://www.googleapis.com/auth/devstorage.read_write' USERINFO_EMAIL_SCOPE = 'https://www.googleapis.com/auth/userinfo.email' # email USERINFO_PROFILE_SCOPE = 'https://www.googleapis.com/auth/userinfo.profile' # profile VAULT_SCOPES = ['https://www.googleapis.com/auth/ediscovery', 'https://www.googleapis.com/auth/ediscovery.readonly'] REQUIRED_SCOPES = [USERINFO_EMAIL_SCOPE, USERINFO_PROFILE_SCOPE] REQUIRED_SCOPES_SET = set(REQUIRED_SCOPES) # JWT_APIS = { ACCESSCONTEXTMANAGER: [CLOUD_PLATFORM_SCOPE], CHAT: ['https://www.googleapis.com/auth/chat.bot'], CLOUDRESOURCEMANAGER: [CLOUD_PLATFORM_SCOPE] } # APIS_NEEDING_ACCESS_TOKEN = { CBCM: ['https://www.googleapis.com/auth/admin.directory.device.chromebrowsers'] } # REFRESH_PERM_ERRORS = [ 'invalid_grant: reauth related error (rapt_required)', # no way to reauth today 'invalid_grant: Token has been expired or revoked', ] OAUTH2_TOKEN_ERRORS = [ 'access_denied', 'access_denied: Requested client not authorized', 'access_denied: Account restricted', 'internal_failure: Backend Error', 'internal_failure: None', 'invalid_grant', 'invalid_grant: Bad Request', 'invalid_grant: Invalid email or User ID', 'invalid_grant: Not a valid email', 'invalid_grant: Invalid JWT: No valid verifier found for issuer', 'invalid_grant: reauth related error (invalid_rapt)', 'invalid_grant: The account has been deleted', 'invalid_request: Invalid impersonation prn email address' ] OAUTH2_UNAUTHORIZED_ERRORS = [ 'unauthorized_client: Client is unauthorized to retrieve access tokens using this method', 'unauthorized_client: Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested', 'unauthorized_client: Unauthorized client or scope in request', ] PROJECT_APIS = [ 'accesscontextmanager.googleapis.com', 'admin.googleapis.com', 'alertcenter.googleapis.com', 'analytics.googleapis.com', 'analyticsadmin.googleapis.com', # 'audit.googleapis.com', 'calendar-json.googleapis.com', 'chat.googleapis.com', 'chromemanagement.googleapis.com', 'chromepolicy.googleapis.com', 'classroom.googleapis.com', 'cloudchannel.googleapis.com', 'cloudidentity.googleapis.com', 'cloudresourcemanager.googleapis.com', 'contacts.googleapis.com', 'datastudio.googleapis.com', 'docs.googleapis.com', 'drive.googleapis.com', 'driveactivity.googleapis.com', 'drivelabels.googleapis.com', 'forms.googleapis.com', 'gmail.googleapis.com', 'groupsmigration.googleapis.com', 'groupssettings.googleapis.com', 'iam.googleapis.com', 'iap.googleapis.com', 'keep.googleapis.com', 'licensing.googleapis.com', 'people.googleapis.com', 'pubsub.googleapis.com', 'reseller.googleapis.com', 'sheets.googleapis.com', 'siteverification.googleapis.com', 'storage-api.googleapis.com', 'tasks.googleapis.com', 'vault.googleapis.com', 'youtube.googleapis.com', ] _INFO = { ACCESSCONTEXTMANAGER: {'name': 'Access Context Manager API', 'version': 'v1', 'v2discovery': True}, ALERTCENTER: {'name': 'AlertCenter API', 'version': 'v1beta1', 'v2discovery': True}, ANALYTICS: {'name': 'Analytics API', 'version': 'v3', 'v2discovery': False}, ANALYTICS_ADMIN: {'name': 'Analytics Admin API', 'version': 'v1beta', 'v2discovery': True}, CALENDAR: {'name': 'Calendar API', 'version': 'v3', 'v2discovery': True, 'mappedAPI': 'calendar-json'}, CBCM: {'name': 'Chrome Browser Cloud Management API', 'version': 'v1.1beta1', 'v2discovery': True, 'localjson': True}, CHAT: {'name': 'Chat API', 'version': 'v1', 'v2discovery': True}, CHAT_MEMBERSHIPS: {'name': 'Chat API - Memberships', 'version': 'v1', 'v2discovery': True, 'mappedAPI': CHAT}, CHAT_MESSAGES: {'name': 'Chat API - Messages', 'version': 'v1', 'v2discovery': True, 'mappedAPI': CHAT}, CHAT_SPACES: {'name': 'Chat API - Spaces', 'version': 'v1', 'v2discovery': True, 'mappedAPI': CHAT}, CHAT_SPACES_DELETE: {'name': 'Chat API - Spaces Delete', 'version': 'v1', 'v2discovery': True, 'mappedAPI': CHAT}, CLASSROOM: {'name': 'Classroom API', 'version': 'v1', 'v2discovery': True}, CHROMEMANAGEMENT: {'name': 'Chrome Management API', 'version': 'v1', 'v2discovery': True}, CHROMEMANAGEMENT_APPDETAILS: {'name': 'Chrome Management API - AppDetails', 'version': 'v1', 'v2discovery': True, 'mappedAPI': CHROMEMANAGEMENT}, CHROMEMANAGEMENT_TELEMETRY: {'name': 'Chrome Management API - Telemetry', 'version': 'v1', 'v2discovery': True, 'mappedAPI': CHROMEMANAGEMENT}, CHROMEPOLICY: {'name': 'Chrome Policy API', 'version': 'v1', 'v2discovery': True}, CHROMEVERSIONHISTORY: {'name': 'Chrome Version History API', 'version': 'v1', 'v2discovery': True}, CLOUDCHANNEL: {'name': 'Channel Channel API', 'version': 'v1', 'v2discovery': True}, CLOUDIDENTITY_DEVICES: {'name': 'Cloud Identity Devices API', 'version': 'v1', 'v2discovery': True, 'mappedAPI': 'cloudidentity'}, CLOUDIDENTITY_GROUPS: {'name': 'Cloud Identity Groups API', 'version': 'v1', 'v2discovery': True, 'mappedAPI': 'cloudidentity'}, CLOUDIDENTITY_INBOUND_SSO: {'name': 'Cloud Identity Inbound SSO API', 'version': 'v1', 'v2discovery': True, 'mappedAPI': 'cloudidentity'}, CLOUDIDENTITY_ORGUNITS: {'name': 'Cloud Identity OrgUnits API', 'version': 'v1', 'v2discovery': True, 'mappedAPI': 'cloudidentity'}, CLOUDIDENTITY_ORGUNITS_BETA: {'name': 'Cloud Identity OrgUnits API', 'version': 'v1beta1', 'v2discovery': True, 'mappedAPI': 'cloudidentity'}, CLOUDIDENTITY_USERINVITATIONS: {'name': 'Cloud Identity User Invitations API', 'version': 'v1', 'v2discovery': True, 'mappedAPI': 'cloudidentity'}, CLOUDRESOURCEMANAGER: {'name': 'Cloud Resource Manager API v3', 'version': 'v3', 'v2discovery': True}, CONTACTS: {'name': 'Contacts API', 'version': 'v3', 'v2discovery': False}, CONTACTDELEGATION: {'name': 'Contact Delegation API', 'version': 'v1', 'v2discovery': True, 'localjson': True}, DATATRANSFER: {'name': 'Data Transfer API', 'version': 'datatransfer_v1', 'v2discovery': True, 'mappedAPI': 'admin'}, DIRECTORY: {'name': 'Directory API', 'version': 'directory_v1', 'v2discovery': True, 'mappedAPI': 'admin'}, DIRECTORY_BETA: {'name': 'Directory API', 'version': 'directory_v1.1beta1', 'v2discovery': True, 'mappedAPI': 'admin', 'localjson': True}, DOCS: {'name': 'Docs API', 'version': 'v1', 'v2discovery': True}, DRIVE2: {'name': 'Drive API v2', 'version': 'v2', 'v2discovery': False, 'mappedAPI': 'drive'}, DRIVE3: {'name': 'Drive API v3', 'version': 'v3', 'v2discovery': False, 'mappedAPI': 'drive'}, DRIVETD: {'name': 'Drive API v3 - todrive', 'version': 'v3', 'v2discovery': False, 'mappedAPI': 'drive'}, DRIVEACTIVITY: {'name': 'Drive Activity API v2', 'version': 'v2', 'v2discovery': True}, DRIVELABELS_ADMIN: {'name': 'Drive Labels API v2beta - Admin', 'version': 'v2beta', 'v2discovery': True, 'mappedAPI': DRIVELABELS}, DRIVELABELS_USER: {'name': 'Drive Labels API v2beta - User', 'version': 'v2beta', 'v2discovery': True, 'mappedAPI': DRIVELABELS}, EMAIL_AUDIT: {'name': 'Email Audit API', 'version': 'v1', 'v2discovery': False}, FORMS: {'name': 'Forms API', 'version': 'v1', 'v2discovery': True}, GMAIL: {'name': 'Gmail API', 'version': 'v1', 'v2discovery': True}, GROUPSMIGRATION: {'name': 'Groups Migration API', 'version': 'v1', 'v2discovery': False}, GROUPSSETTINGS: {'name': 'Groups Settings API', 'version': 'v1', 'v2discovery': True}, IAM: {'name': 'Identity and Access Management API', 'version': 'v1', 'v2discovery': True}, IAM_CREDENTIALS: {'name': 'Identity and Access Management Credentials API', 'version': 'v1', 'v2discovery': True}, IAP: {'name': 'Cloud Identity-Aware Proxy API', 'version': 'v1', 'v2discovery': True}, KEEP: {'name': 'Keep API', 'version': 'v1', 'v2discovery': True}, LICENSING: {'name': 'License Manager API', 'version': 'v1', 'v2discovery': True}, LOOKERSTUDIO: {'name': 'Looker Studio API', 'version': 'v1', 'v2discovery': True, 'localjson': True}, OAUTH2: {'name': 'OAuth2 API', 'version': 'v2', 'v2discovery': False}, PEOPLE: {'name': 'People API', 'version': 'v1', 'v2discovery': True}, PEOPLE_DIRECTORY: {'name': 'People Directory API', 'version': 'v1', 'v2discovery': True, 'mappedAPI': PEOPLE}, PEOPLE_OTHERCONTACTS: {'name': 'People API - Other Contacts', 'version': 'v1', 'v2discovery': True, 'mappedAPI': PEOPLE}, PRINTERS: {'name': 'Directory API Printers', 'version': 'directory_v1', 'v2discovery': True, 'mappedAPI': 'admin'}, PUBSUB: {'name': 'Pub / Sub API', 'version': 'v1', 'v2discovery': True}, REPORTS: {'name': 'Reports API', 'version': 'reports_v1', 'v2discovery': True, 'mappedAPI': 'admin'}, RESELLER: {'name': 'Reseller API', 'version': 'v1', 'v2discovery': True}, SERVICEMANAGEMENT: {'name': 'Service Management API', 'version': 'v1', 'v2discovery': True}, SERVICEUSAGE: {'name': 'Service Usage API', 'version': 'v1', 'v2discovery': True}, SHEETS: {'name': 'Sheets API', 'version': 'v4', 'v2discovery': True}, SHEETSTD: {'name': 'Sheets API - todrive', 'version': 'v4', 'v2discovery': True, 'mappedAPI': SHEETS}, SITES: {'name': 'Sites API', 'version': 'v1', 'v2discovery': False}, SITEVERIFICATION: {'name': 'Site Verification API', 'version': 'v1', 'v2discovery': True}, STORAGE: {'name': 'Cloud Storage API', 'version': 'v1', 'v2discovery': True}, STORAGEREAD: {'name': 'Cloud Storage API - Read', 'version': 'v1', 'v2discovery': True, 'mappedAPI': STORAGE}, STORAGEWRITE: {'name': 'Cloud Storage API - Write', 'version': 'v1', 'v2discovery': True, 'mappedAPI': STORAGE}, TASKS: {'name': 'Tasks API', 'version': 'v1', 'v2discovery': True}, VAULT: {'name': 'Vault API', 'version': 'v1', 'v2discovery': True}, YOUTUBE: {'name': 'Youtube API', 'version': 'v3', 'v2discovery': True}, } READONLY = ['readonly',] _CLIENT_SCOPES = [ {'name': 'Calendar API', 'api': CALENDAR, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/calendar'}, {'name': 'Chrome Browser Cloud Management API', 'api': CBCM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.device.chromebrowsers'}, {'name': 'Chrome Management API - read only', 'api': CHROMEMANAGEMENT, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/chrome.management.reports.readonly'}, {'name': 'Chrome Management API - AppDetails read only', 'api': CHROMEMANAGEMENT_APPDETAILS, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/chrome.management.appdetails.readonly'}, {'name': 'Chrome Management API - Telemetry read only', 'api': CHROMEMANAGEMENT_TELEMETRY, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/chrome.management.telemetry.readonly'}, {'name': 'Chrome Policy API', 'api': CHROMEPOLICY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/chrome.management.policy'}, {'name': 'Chrome Printer Management API', 'api': PRINTERS, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.chrome.printers'}, {'name': 'Chrome Version History API', 'api': CHROMEVERSIONHISTORY, 'subscopes': [], 'scope': ''}, {'name': 'Classroom API - Courses', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.courses'}, {'name': 'Classroom API - Course Announcements', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.announcements'}, {'name': 'Classroom API - Course Topics', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.topics'}, {'name': 'Classroom API - Course Work/Materials', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.courseworkmaterials'}, {'name': 'Classroom API - Course Work/Submissions', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.coursework.students'}, {'name': 'Classroom API - Student Guardians', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.guardianlinks.students'}, {'name': 'Classroom API - Profile Emails', 'api': CLASSROOM, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/classroom.profile.emails'}, {'name': 'Classroom API - Profile Photos', 'api': CLASSROOM, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/classroom.profile.photos'}, {'name': 'Classroom API - Rosters', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.rosters'}, {'name': 'Cloud Channel API', 'api': CLOUDCHANNEL, 'subscopes': READONLY, 'offByDefault': True, 'scope': 'https://www.googleapis.com/auth/apps.order'}, {'name': 'Cloud Identity Groups API', 'api': CLOUDIDENTITY_GROUPS, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/cloud-identity.groups'}, {'name': 'Cloud Identity - Inbound SSO Settings', 'api': CLOUDIDENTITY_INBOUND_SSO, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/cloud-identity.inboundsso'}, {'name': 'Cloud Identity OrgUnits API', 'api': CLOUDIDENTITY_ORGUNITS_BETA, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/cloud-identity.orgunits'}, {'name': 'Cloud Identity User Invitations API', 'api': CLOUDIDENTITY_USERINVITATIONS, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/cloud-identity.userinvitations'}, {'name': 'Cloud Storage API (Read Only, Vault/Takeout Download, Cloud Storage)', 'api': STORAGEREAD, 'subscopes': [], 'offByDefault': True, 'scope': STORAGE_READONLY_SCOPE}, {'name': 'Cloud Storage API (Read/Write, Vault/Takeout Copy/Download, Cloud Storage)', 'api': STORAGEWRITE, 'subscopes': [], 'offByDefault': True, 'scope': STORAGE_READWRITE_SCOPE}, {'name': 'Contacts API - Domain Shared Contacts and GAL', 'api': CONTACTS, 'subscopes': [], 'scope': 'https://www.google.com/m8/feeds'}, {'name': 'Contact Delegation API', 'api': CONTACTDELEGATION, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.contact.delegation'}, {'name': 'Data Transfer API', 'api': DATATRANSFER, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.datatransfer'}, {'name': 'Directory API - Chrome OS Devices', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.device.chromeos'}, {'name': 'Directory API - Customers', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.customer'}, {'name': 'Directory API - Domains', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.domain'}, {'name': 'Directory API - Groups', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.group'}, {'name': 'Directory API - Mobile Devices Directory', 'api': DIRECTORY, 'subscopes': ['readonly', 'action'], 'scope': 'https://www.googleapis.com/auth/admin.directory.device.mobile'}, {'name': 'Directory API - Organizational Units', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.orgunit'}, {'name': 'Directory API - Resource Calendars', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.resource.calendar'}, {'name': 'Directory API - Roles', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.rolemanagement'}, {'name': 'Directory API - User Schemas', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.userschema'}, {'name': 'Directory API - User Security', 'api': DIRECTORY, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/admin.directory.user.security'}, {'name': 'Directory API - Users', 'api': DIRECTORY, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/admin.directory.user'}, {'name': 'Email Audit API', 'api': EMAIL_AUDIT, 'subscopes': [], 'offByDefault': True, 'scope': 'https://apps-apis.google.com/a/feeds/compliance/audit/'}, {'name': 'Groups Migration API', 'api': GROUPSMIGRATION, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/apps.groups.migration'}, {'name': 'Groups Settings API', 'api': GROUPSSETTINGS, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/apps.groups.settings'}, {'name': 'License Manager API', 'api': LICENSING, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/apps.licensing'}, {'name': 'People Directory API - read only', 'api': PEOPLE_DIRECTORY, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/directory.readonly'}, {'name': 'People API', 'api': PEOPLE, 'subscopes': READONLY, 'scope': PEOPLE_SCOPE}, {'name': 'Pub / Sub API', 'api': PUBSUB, 'subscopes': [], 'offByDefault': True, 'scope': 'https://www.googleapis.com/auth/pubsub'}, {'name': 'Reports API - Audit Reports', 'api': REPORTS, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/admin.reports.audit.readonly'}, {'name': 'Reports API - Usage Reports', 'api': REPORTS, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/admin.reports.usage.readonly'}, {'name': 'Reseller API', 'api': RESELLER, 'subscopes': [], 'offByDefault': True, 'scope': 'https://www.googleapis.com/auth/apps.order'}, {'name': 'Site Verification API', 'api': SITEVERIFICATION, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/siteverification'}, {'name': 'Sites API', 'api': SITES, 'subscopes': [], 'offByDefault': True, 'scope': 'https://sites.google.com/feeds'}, {'name': 'Vault API', 'api': VAULT, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/ediscovery'}, ] _TODRIVE_CLIENT_SCOPES = [ {'name': 'Drive API - todrive_clientaccess', 'api': DRIVE3, 'subscopes': [], 'scope': DRIVE_SCOPE}, {'name': 'Gmail API - todrive_clientaccess', 'api': GMAIL, 'subscopes': [], 'scope': GMAIL_SEND_SCOPE}, {'name': 'Sheets API - todrive_clientaccess', 'api': SHEETS, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/spreadsheets'}, ] OAUTH2SA_SCOPES = 'us_scopes' _SVCACCT_SCOPES = [ {'name': 'AlertCenter API', 'api': ALERTCENTER, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/apps.alerts'}, {'name': 'Analytics API - read only', 'api': ANALYTICS, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/analytics.readonly'}, {'name': 'Analytics Admin API - read only', 'api': ANALYTICS_ADMIN, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/analytics.readonly'}, {'name': 'Calendar API', 'api': CALENDAR, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/calendar'}, {'name': 'Chat API - Memberships', 'api': CHAT_MEMBERSHIPS, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/chat.memberships'}, {'name': 'Chat API - Messages', 'api': CHAT_MESSAGES, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/chat.messages'}, {'name': 'Chat API - Spaces', 'api': CHAT_SPACES, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/chat.spaces'}, {'name': 'Chat API - Spaces Delete', 'api': CHAT_SPACES_DELETE, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/chat.delete'}, {'name': 'Classroom API - Course Announcements', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.announcements'}, {'name': 'Classroom API - Course Topics', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.topics'}, {'name': 'Classroom API - Course Work/Materials', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.courseworkmaterials'}, {'name': 'Classroom API - Course Work/Submissions', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.coursework.students'}, {'name': 'Classroom API - Profile Emails', 'api': CLASSROOM, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/classroom.profile.emails'}, {'name': 'Classroom API - Rosters', 'api': CLASSROOM, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/classroom.rosters'}, {'name': 'Cloud Identity Devices API', 'api': CLOUDIDENTITY_DEVICES, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/cloud-identity'}, # {'name': 'Cloud Identity User Invitations API', # 'api': CLOUDIDENTITY_USERINVITATIONS, # 'subscopes': READONLY, # 'scope': 'https://www.googleapis.com/auth/cloud-identity'}, # {'name': 'Contacts API - Users', # 'api': CONTACTS, # 'subscopes': [], # 'scope': 'https://www.google.com/m8/feeds'}, {'name': 'Drive API', 'api': DRIVE3, 'subscopes': READONLY, 'scope': DRIVE_SCOPE}, {'name': 'Drive Activity API v2 - must pair with Drive API', 'api': DRIVEACTIVITY, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/drive.activity'}, {'name': 'Drive Labels API v2beta - Admin', 'api': DRIVELABELS_ADMIN, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/drive.admin.labels'}, {'name': 'Drive Labels API v2beta - User', 'api': DRIVELABELS_USER, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/drive.labels'}, {'name': 'Docs API', 'api': DOCS, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/documents'}, {'name': 'Forms API', 'api': FORMS, 'subscopes': [], 'scope': DRIVE_SCOPE}, {'name': 'Gmail API - Full Access', 'api': GMAIL, 'subscopes': [], 'scope': 'https://mail.google.com/'}, {'name': 'Gmail API - Full Access except immediate delete', 'api': GMAIL, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/gmail.modify'}, {'name': 'Gmail API - Basic Settings', 'api': GMAIL, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/gmail.settings.basic'}, {'name': 'Gmail API - Settings Sharing (Aliases, Delegates, Forwarding)', 'api': GMAIL, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/gmail.settings.sharing'}, {'name': 'Identity and Access Management API', 'api': IAM, 'subscopes': [], 'scope': CLOUD_PLATFORM_SCOPE}, {'name': 'Keep API', 'api': KEEP, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/keep'}, {'name': 'Looker Studio API', 'api': LOOKERSTUDIO, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/datastudio'}, {'name': 'OAuth2 API', 'api': OAUTH2, 'subscopes': [], 'scope': USERINFO_PROFILE_SCOPE}, {'name': 'People API', 'api': PEOPLE, 'subscopes': READONLY, 'scope': PEOPLE_SCOPE}, {'name': 'People Directory API - read only', 'api': PEOPLE_DIRECTORY, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/directory.readonly'}, {'name': 'People API - Other Contacts - read only', 'api': PEOPLE_OTHERCONTACTS, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/contacts.other.readonly'}, {'name': 'Sheets API', 'api': SHEETS, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/spreadsheets'}, {'name': 'Sites API', 'api': SITES, 'subscopes': [], 'scope': 'https://sites.google.com/feeds'}, {'name': 'Tasks API', 'api': TASKS, 'subscopes': READONLY, 'scope': 'https://www.googleapis.com/auth/tasks'}, {'name': 'Youtube API - read only', 'api': YOUTUBE, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/youtube.readonly'}, ] _SVCACCT_SPECIAL_SCOPES = [ {'name': 'Cloud Resource Manager API v3', 'api': CLOUDRESOURCEMANAGER, 'subscopes': [], 'scope': CLOUD_PLATFORM_SCOPE}, {'name': 'Drive API - todrive', 'api': DRIVETD, 'subscopes': [], 'scope': DRIVE_SCOPE}, {'name': 'Gmail API - Full Access - read only', 'api': GMAIL, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/gmail.readonly'}, {'name': 'Gmail API - Send Messages - including todrive', 'api': GMAIL, 'subscopes': [], 'scope': GMAIL_SEND_SCOPE}, {'name': 'Sheets API - todrive', 'api': SHEETSTD, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/spreadsheets'}, ] _USER_SVCACCT_ONLY_SCOPES = [ {'name': 'Groups Migration API', 'api': GROUPSMIGRATION, 'subscopes': [], 'scope': 'https://www.googleapis.com/auth/apps.groups.migration'}, ] DRIVE3_TO_DRIVE2_ABOUT_FIELDS_MAP = { 'displayName': 'name', 'limit': 'quotaBytesTotal', 'usage': 'quotaBytesUsedAggregate', 'usageInDrive': 'quotaBytesUsed', 'usageInDriveTrash': 'quotaBytesUsedInTrash', } DRIVE3_TO_DRIVE2_CAPABILITIES_FIELDS_MAP = { 'canComment': 'canComment', 'canReadRevisions': 'canReadRevisions', 'canCopy': 'copyable', 'canEdit': 'editable', 'canShare': 'shareable', } DRIVE3_TO_DRIVE2_CAPABILITIES_NAMES_MAP = { 'canChangeViewersCanCopyContent': 'canChangeRestrictedDownload', } DRIVE3_TO_DRIVE2_FILES_FIELDS_MAP = { 'allowFileDiscovery': 'withLink', 'createdTime': 'createdDate', 'expirationTime': 'expirationDate', 'modifiedByMe': 'modified', 'modifiedByMeTime': 'modifiedByMeDate', 'modifiedTime': 'modifiedDate', 'name': 'title', 'restrictionTime': 'restrictionDate', 'sharedWithMeTime': 'sharedWithMeDate', 'size': 'fileSize', 'trashedTime': 'trashedDate', 'viewedByMe': 'viewed', 'viewedByMeTime': 'lastViewedByMeDate', 'webViewLink': 'alternateLink', } DRIVE3_TO_DRIVE2_LABELS_MAP = { 'modifiedByMe': 'modified', 'starred': 'starred', 'trashed': 'trashed', 'viewedByMe': 'viewed', } DRIVE3_TO_DRIVE2_REVISIONS_FIELDS_MAP = { 'modifiedTime': 'modifiedDate', 'keepForever': 'pinned', 'size': 'fileSize', } def getAPIName(api): return _INFO[api]['name'] def getVersion(api): version = _INFO[api]['version'] v2discovery = _INFO[api]['v2discovery'] api = _INFO[api].get('mappedAPI', api) return (api, version, v2discovery) def getClientScopesSet(api): return {scope['scope'] for scope in _CLIENT_SCOPES if scope['api'] == api} def getClientScopesList(todriveClientAccess): caScopes = _CLIENT_SCOPES[:] if todriveClientAccess: caScopes.extend(_TODRIVE_CLIENT_SCOPES) return sorted(caScopes, key=lambda k: k['name']) def getClientScopesURLs(todriveClientAccess): caScopes = _CLIENT_SCOPES[:] if todriveClientAccess: caScopes.extend(_TODRIVE_CLIENT_SCOPES) return sorted({scope['scope'] for scope in _CLIENT_SCOPES}) def getSvcAcctScopeAPI(uscope): for scope in _SVCACCT_SCOPES: if uscope == scope['scope'] or (uscope.endswith('.readonly') and 'readonly' in scope['subscopes']): return scope['api'] return None def getSvcAcctScopes(userServiceAccountAccessOnly, svcAcctSpecialScopes): saScopes = [scope['scope'] for scope in _SVCACCT_SCOPES] if userServiceAccountAccessOnly: saScopes.extend([scope['scope'] for scope in _USER_SVCACCT_ONLY_SCOPES]) if svcAcctSpecialScopes: saScopes.extend([scope['scope'] for scope in _SVCACCT_SPECIAL_SCOPES]) return saScopes def getSvcAcctScopesList(userServiceAccountAccessOnly, svcAcctSpecialScopes): saScopes = _SVCACCT_SCOPES[:] if userServiceAccountAccessOnly: saScopes.extend(_USER_SVCACCT_ONLY_SCOPES) if svcAcctSpecialScopes: saScopes.extend(_SVCACCT_SPECIAL_SCOPES) return sorted(saScopes, key=lambda k: k['name']) def hasLocalJSON(api): return _INFO[api].get('localjson', False)