1
2
3
4
5
6
7
8
9
10
11
12
13
14
15 """Utilities for reading OAuth 2.0 client secret files.
16
17 A client_secrets.json file contains all the information needed to interact with
18 an OAuth 2.0 protected service.
19 """
20
21 __author__ = 'jcgregorio@google.com (Joe Gregorio)'
22
23 import json
24 import six
25
26
27
28 TYPE_WEB = 'web'
29 TYPE_INSTALLED = 'installed'
30
31 VALID_CLIENT = {
32 TYPE_WEB: {
33 'required': [
34 'client_id',
35 'client_secret',
36 'redirect_uris',
37 'auth_uri',
38 'token_uri',
39 ],
40 'string': [
41 'client_id',
42 'client_secret',
43 ],
44 },
45 TYPE_INSTALLED: {
46 'required': [
47 'client_id',
48 'client_secret',
49 'redirect_uris',
50 'auth_uri',
51 'token_uri',
52 ],
53 'string': [
54 'client_id',
55 'client_secret',
56 ],
57 },
58 }
59
60
62 """Base error for this module."""
63 pass
64
65
67 """Format of ClientSecrets file is invalid."""
68 pass
69
70
72 if obj is None or len(obj) != 1:
73 raise InvalidClientSecretsError('Invalid file format.')
74 client_type = tuple(obj)[0]
75 if client_type not in VALID_CLIENT:
76 raise InvalidClientSecretsError('Unknown client type: %s.' % (client_type,))
77 client_info = obj[client_type]
78 for prop_name in VALID_CLIENT[client_type]['required']:
79 if prop_name not in client_info:
80 raise InvalidClientSecretsError(
81 'Missing property "%s" in a client type of "%s".' % (prop_name,
82 client_type))
83 for prop_name in VALID_CLIENT[client_type]['string']:
84 if client_info[prop_name].startswith('[['):
85 raise InvalidClientSecretsError(
86 'Property "%s" is not configured.' % prop_name)
87 return client_type, client_info
88
89
93
94
98
99
107
108
110 """Loading of client_secrets JSON file, optionally backed by a cache.
111
112 Typical cache storage would be App Engine memcache service,
113 but you can pass in any other cache client that implements
114 these methods:
115 - get(key, namespace=ns)
116 - set(key, value, namespace=ns)
117
118 Usage:
119 # without caching
120 client_type, client_info = loadfile('secrets.json')
121 # using App Engine memcache service
122 from google.appengine.api import memcache
123 client_type, client_info = loadfile('secrets.json', cache=memcache)
124
125 Args:
126 filename: string, Path to a client_secrets.json file on a filesystem.
127 cache: An optional cache service client that implements get() and set()
128 methods. If not specified, the file is always being loaded from
129 a filesystem.
130
131 Raises:
132 InvalidClientSecretsError: In case of a validation error or some
133 I/O failure. Can happen only on cache miss.
134
135 Returns:
136 (client_type, client_info) tuple, as _loadfile() normally would.
137 JSON contents is validated only during first load. Cache hits are not
138 validated.
139 """
140 _SECRET_NAMESPACE = 'oauth2client:secrets#ns'
141
142 if not cache:
143 return _loadfile(filename)
144
145 obj = cache.get(filename, namespace=_SECRET_NAMESPACE)
146 if obj is None:
147 client_type, client_info = _loadfile(filename)
148 obj = {client_type: client_info}
149 cache.set(filename, obj, namespace=_SECRET_NAMESPACE)
150
151 return next(six.iteritems(obj))
152