Commit 92c30092 authored by pgervais@chromium.org's avatar pgervais@chromium.org

Added POST capability to oauth Rietveld

BUG=319446

Review URL: https://codereview.chromium.org/236093002

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@263750 0039d316-1c4b-4281-b951-d872f2087c98
parent 72c413ac
......@@ -1541,25 +1541,52 @@ def Main(argv):
parser.add_option("--rietveld_password", help=optparse.SUPPRESS_HELP)
parser.add_option("--rietveld_fetch", action='store_true', default=False,
help=optparse.SUPPRESS_HELP)
# These are for OAuth2 authentication for bots. See also apply_issue.py
parser.add_option("--rietveld_email_file", help=optparse.SUPPRESS_HELP)
parser.add_option("--rietveld_private_key_file", help=optparse.SUPPRESS_HELP)
parser.add_option("--trybot-json",
help="Output trybot information to the file specified.")
options, args = parser.parse_args(argv)
if options.verbose >= 2:
logging.basicConfig(level=logging.DEBUG)
elif options.verbose:
logging.basicConfig(level=logging.INFO)
else:
logging.basicConfig(level=logging.ERROR)
if options.rietveld_email and options.rietveld_email_file:
parser.error("Only one of --rietveld_email or --rietveld_email_file "
"can be passed to this program.")
if options.rietveld_private_key_file and options.rietveld_password:
parser.error("Only one of --rietveld_private_key_file or "
"--rietveld_password can be passed to this program.")
if options.rietveld_email_file:
with open(options.rietveld_email_file, "rb") as f:
options.rietveld_email = f.read().strip()
change_class, files = load_files(options, args)
if not change_class:
parser.error('For unversioned directory, <files> is not optional.')
logging.info('Found %d file(s).' % len(files))
rietveld_obj = None
if options.rietveld_url:
# The empty password is permitted: '' is not None.
if options.rietveld_password is not None:
rietveld_obj = rietveld.CachingRietveld(
options.rietveld_url,
options.rietveld_email,
options.rietveld_password)
elif options.rietveld_private_key_file:
rietveld_obj = rietveld.JwtOAuth2Rietveld(
options.rietveld_url,
options.rietveld_email,
options.rietveld_private_key_file)
else:
parser.error("No password or secret key has been provided for "
"Rietveld. Unable to connect.")
if options.rietveld_fetch:
assert options.issue
props = rietveld_obj.get_issue_properties(options.issue, False)
......
......@@ -444,7 +444,7 @@ class Rietveld(object):
class OAuthRpcServer(object):
def __init__(self,
host,
client_id,
client_email,
client_private_key,
private_key_password='notasecret',
user_agent=None,
......@@ -452,7 +452,7 @@ class OAuthRpcServer(object):
extra_headers=None):
"""Wrapper around httplib2.Http() that handles authentication.
client_id: client id for service account
client_email: email associated with the service account
client_private_key: encrypted private key, as a string
private_key_password: password used to decrypt the private key
"""
......@@ -475,12 +475,12 @@ class OAuthRpcServer(object):
self.extra_headers = extra_headers or {}
if not oa2client.HAS_OPENSSL:
logging.error("Support for OpenSSL hasn't been found, "
logging.error("No support for OpenSSL has been found, "
"OAuth2 support requires it.")
logging.error("Installing pyopenssl will probably solve this issue.")
raise RuntimeError('No OpenSSL support')
creds = oa2client.SignedJwtAssertionCredentials(
client_id,
client_email,
client_private_key,
'https://www.googleapis.com/auth/userinfo.email',
private_key_password=private_key_password,
......@@ -513,7 +513,6 @@ class OAuthRpcServer(object):
if payload is not None:
method = 'POST'
headers['Content-Type'] = content_type
raise NotImplementedError('POST requests are not yet supported.')
prev_timeout = self._http.timeout
try:
......@@ -528,7 +527,9 @@ class OAuthRpcServer(object):
method=method,
body=payload,
headers=headers)
if not ret[0]['content-location'].startswith(self.host):
if (method == 'GET'
and not ret[0]['content-location'].startswith(self.host)):
upload.logging.warning('Redirection to host %s detected: '
'login may have failed/expired.'
% urlparse.urlparse(
......@@ -549,18 +550,26 @@ class JwtOAuth2Rietveld(Rietveld):
# pylint: disable=W0231
def __init__(self,
url,
client_id,
client_email,
client_private_key_file,
private_key_password=None,
extra_headers=None):
# These attributes are accessed by commit queue. Keep them.
self.email = client_email
self.private_key_file = client_private_key_file
if private_key_password is None: # '' means 'empty password'
private_key_password = 'notasecret'
self.url = url.rstrip('/')
bot_url = self.url + '/bots'
with open(client_private_key_file, 'rb') as f:
client_private_key = f.read()
self.rpc_server = OAuthRpcServer(url,
client_id,
logging.info('Using OAuth login: %s' % client_email)
self.rpc_server = OAuthRpcServer(bot_url,
client_email,
client_private_key,
private_key_password=private_key_password,
extra_headers=extra_headers or {})
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment