1# Copyright 2016 Google Inc. All rights reserved. 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15import json 16import os 17 18import httplib2 19from six.moves import http_client 20 21import oauth2client 22from oauth2client import client 23from oauth2client.service_account import ServiceAccountCredentials 24 25 26JSON_KEY_PATH = os.getenv('OAUTH2CLIENT_TEST_JSON_KEY_PATH') 27P12_KEY_PATH = os.getenv('OAUTH2CLIENT_TEST_P12_KEY_PATH') 28P12_KEY_EMAIL = os.getenv('OAUTH2CLIENT_TEST_P12_KEY_EMAIL') 29USER_KEY_PATH = os.getenv('OAUTH2CLIENT_TEST_USER_KEY_PATH') 30USER_KEY_EMAIL = os.getenv('OAUTH2CLIENT_TEST_USER_KEY_EMAIL') 31 32SCOPE = ('https://www.googleapis.com/auth/plus.login', 33 'https://www.googleapis.com/auth/plus.me', 34 'https://www.googleapis.com/auth/userinfo.email', 35 'https://www.googleapis.com/auth/userinfo.profile') 36USER_INFO = 'https://www.googleapis.com/oauth2/v2/userinfo' 37 38 39def _require_environ(): 40 if (JSON_KEY_PATH is None or P12_KEY_PATH is None or 41 P12_KEY_EMAIL is None or USER_KEY_PATH is None or 42 USER_KEY_EMAIL is None): 43 raise EnvironmentError('Expected environment variables to be set:', 44 'OAUTH2CLIENT_TEST_JSON_KEY_PATH', 45 'OAUTH2CLIENT_TEST_P12_KEY_PATH', 46 'OAUTH2CLIENT_TEST_P12_KEY_EMAIL', 47 'OAUTH2CLIENT_TEST_USER_KEY_PATH', 48 'OAUTH2CLIENT_TEST_USER_KEY_EMAIL') 49 50 if not os.path.isfile(JSON_KEY_PATH): 51 raise EnvironmentError(JSON_KEY_PATH, 'is not a file') 52 if not os.path.isfile(P12_KEY_PATH): 53 raise EnvironmentError(P12_KEY_PATH, 'is not a file') 54 if not os.path.isfile(USER_KEY_PATH): 55 raise EnvironmentError(USER_KEY_PATH, 'is not a file') 56 57 58def _check_user_info(credentials, expected_email): 59 http = credentials.authorize(httplib2.Http()) 60 response, content = http.request(USER_INFO) 61 if response.status != http_client.OK: 62 raise ValueError('Expected 200 OK response.') 63 64 content = content.decode('utf-8') 65 payload = json.loads(content) 66 if payload['email'] != expected_email: 67 raise ValueError('User info email does not match credentials.') 68 69 70def run_json(): 71 credentials = ServiceAccountCredentials.from_json_keyfile_name( 72 JSON_KEY_PATH, scopes=SCOPE) 73 service_account_email = credentials._service_account_email 74 _check_user_info(credentials, service_account_email) 75 76 77def run_p12(): 78 credentials = ServiceAccountCredentials.from_p12_keyfile( 79 P12_KEY_EMAIL, P12_KEY_PATH, scopes=SCOPE) 80 _check_user_info(credentials, P12_KEY_EMAIL) 81 82 83def run_user_json(): 84 with open(USER_KEY_PATH, 'r') as file_object: 85 client_credentials = json.load(file_object) 86 87 credentials = client.GoogleCredentials( 88 access_token=None, 89 client_id=client_credentials['client_id'], 90 client_secret=client_credentials['client_secret'], 91 refresh_token=client_credentials['refresh_token'], 92 token_expiry=None, 93 token_uri=oauth2client.GOOGLE_TOKEN_URI, 94 user_agent='Python client library', 95 ) 96 97 _check_user_info(credentials, USER_KEY_EMAIL) 98 99 100def main(): 101 _require_environ() 102 run_json() 103 run_p12() 104 run_user_json() 105 106 107if __name__ == '__main__': 108 main() 109