__init__.py
0 Bytes
-
hinoka@chromium.org authored
Code path: 1. plugins.sso_auth is imported, which adds the AuthHandler class to the global state. 2. HasConfiguredCredentials() in gslib/utils.py is called by gsutil, and will return true if "prodaccess" exists on the system, which tells the system that we don't want a no-op auth handler. 3. When a command is called, all the auth handlers are cycled through and sso_auth.SSOAuth is called, which calls a stubby command to emit a gaiamint'ed oauth2 access token, which is then used as the Authorization Header if --bypass_prodaccess is passed in, then: 1. HasConfiguredCredentials() will bypass the check for prodaccess, as if it didn't exist. 2. plugins.sso_auth does not get imported. Which will essentially cause gsutil to behave as if this patch never existed. So the expected behavior is: =.boto file does not exist, prodaccess exists, but unauthenticated= Failure: No handler was ready to authenticate. 3 handlers were checked. ['OAuth2Auth', 'HmacAuthV1Handler', 'SSOAuth'] Check your credentials. =.boto file exists, prodaccess exists, but unauthenticated= sso_auth will raise NotReadyToAuthenticate, and the .boto file will be used instead =.boto file exists, prodaccess exists, authenticated= sso_auth will be run _after_ the default gsutil authenticator, which causes the sso_auth to be used over whatever the default authentication is. bypass_prodaccess is passed in by default to upload_to_google_storage because we expect people who use upload_to_google_storage to not need prodaccess and have their own boto file already. Also the sso_auth plugin will only request a readonlyi token, which will not work for uploading. BUG=258152 Review URL: https://codereview.chromium.org/86123002 git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@240266 0039d316-1c4b-4281-b951-d872f2087c98
c6a2ee69