Due to swarming, 5 minutes is hard upper limit,
and by the time token arrives to the bot it may be <5 minutes,
like here
https://logs.chromium.org/v/?s=chromium%2Fbuildbucket%2Fcr-buildbucket.appspot.com%2F8947432403218547136%2F%2B%2Fsteps%2Fpresubmit%2F0%2Fstdout

R=vadimsh@chromium.org

Bug: 837087
Change-Id: I98fbe3f0f85c9f62bc984f439614c3f88a16ed06
Reviewed-on: https://chromium-review.googlesource.com/1044779Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Andrii Shyshkalov <tandrii@chromium.org>

TBR=vadimsh@google.com

Change-Id: I96c4039d12ba3570d828b24009a2446fba44c14d
Reviewed-on: https://chromium-review.googlesource.com/1020539
Commit-Queue: Andrii Shyshkalov <tandrii@chromium.org>
Reviewed-by: Andrii Shyshkalov <tandrii@chromium.org>

R=vadimsh@chromium.org

Change-Id: Iab38f0cf29594e20883e62e1ed113bc36a884ea4
Reviewed-on: https://chromium-review.googlesource.com/1020298
Commit-Queue: Andrii Shyshkalov <tandrii@chromium.org>
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>

R=vadimsh@chromium.org

Bug: 834536
Change-Id: I84d27c2d962e94cfe7befebfb374b17949bba7e5
Reviewed-on: https://chromium-review.googlesource.com/1020296Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Andrii Shyshkalov <tandrii@chromium.org>

Unfortunately, w/o rewrite of gerrit_util, one can't take advantage
of existing auth.Authenticator (which also doesn't know about ~/.netrc
or .gitcookies, but that's fixable). This rewrite, however, will likely
cause issues for nasty scripts outside of depot_tools which use
gerrit_util as a Python library. So, I followed outdated way of
gerrit_util :(

Also contains refactoring of auth library, which was kept backwards
compatible for the same reasons as above.

R=vadimsh@chromium.org

Test-with: led tool
Test-artifact: https://ci.chromium.org/swarming/task/3cf4687dfd26ca10?server=chromium-swarm.appspot.com
Bug: 834536
Change-Id: I6b84b8b5732aee5d345e2b2ba44f47aaecc0f6c5
Reviewed-on: https://chromium-review.googlesource.com/1018488Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Andrii Shyshkalov <tandrii@chromium.org>

Bug: 509672
Change-Id: I5abb813d5f78291b4bf2d8e856c6fd71fcad5b68
Reviewed-on: https://chromium-review.googlesource.com/791472
Commit-Queue: Mun Yong Jang <myjang@google.com>
Reviewed-by: Nodir Turakulov <nodir@chromium.org>

Bug: 509672
Change-Id: Ie3cb2fa1a2276f1fe658cdf7b9ffb657d03556e8
Reviewed-on: https://chromium-review.googlesource.com/754340
Commit-Queue: Mun Yong Jang <myjang@google.com>
Reviewed-by: Nodir Turakulov <nodir@chromium.org>

BUG=491889

Review URL: https://codereview.chromium.org/1176243002

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@295626 0039d316-1c4b-4281-b951-d872f2087c98

depot_tools' git wrapper for some reason overrides %HOME% to point to
depot_tools directory, and thus scripts running as git subprocesses (git_cl.py)
use not the same HOME as scripts that run outside of git process tree
(depot-tools-auth.py). Instead always use USERPROFILE in auth.py to consistently
pick same directory.

This issue happens only when HOME is not set globally. It can explain why it
wasn't seen earlier.

R=iannucci@chromium.org
BUG=356813

Review URL: https://codereview.chromium.org/1082833004

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@294911 0039d316-1c4b-4281-b951-d872f2087c98

There are some mysterious issues happening to some Windows users. Verbose log
can be helpful.

R=maruel@chromium.org
BUG=356813

Review URL: https://codereview.chromium.org/1051143004

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@294910 0039d316-1c4b-4281-b951-d872f2087c98

ClientLogin will be supposedly turned off on Apr 20.

R=maruel@chromium.org
BUG=356813

Review URL: https://codereview.chromium.org/1095033002

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@294899 0039d316-1c4b-4281-b951-d872f2087c98

OAuth token cache file (as implemented by oauth2client library) stores refresh
token and can in theory be deployed via Puppet as the credential. But it is
mutated by the library (to store access tokens, rotated each hour), and so it is
not static and managing it via Puppet (or however else) is a big pain.

Instead, now depot_tools accepts --auth-refresh-token-json parameter with a path
to a static JSON file (with minimal body being {"refresh_token": "....."}). It
can be used to pass previously prepared refresh tokens of role accounts. It
will be used for blink DEPS roller account and similar @chromium.org accounts.

R=maruel@chromium.org
BUG=356813

Review URL: https://codereview.chromium.org/1060193005

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@294870 0039d316-1c4b-4281-b951-d872f2087c98

This code path is not actually used yet, so the typo wasn't caught earlier.

Also make sure access tokens have 'str' type, not 'unicode'.

R=nodir@chromium.org
BUG=356813

Review URL: https://codereview.chromium.org/1082133002

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@294789 0039d316-1c4b-4281-b951-d872f2087c98

This CL introduces new top level command for managing cached auth tokens:
  $ depot-tools-auth login codereview.chromium.org
  $ depot-tools-auth info codereview.chromium.org
  $ depot-tools-auth logout codereview.chromium.org

All scripts that use rietveld.Rietveld internally should be able to use cached
credentials created by 'depot-tools-auth' subcommand. Also 'depot-tools-auth'
is the only way to run login flow. If some scripts stumbles over expired or
revoked token, it dies with the error, asking user to run
'depot-tools-auth login <hostname>'.

Password login is still default. OAuth2 can be enabled by passing --oauth2 to
all scripts.

R=maruel@chromium.org
BUG=356813

Review URL: https://codereview.chromium.org/1074673002

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@294764 0039d316-1c4b-4281-b951-d872f2087c98

It is done in preparation for switching to OAuth2 as default (and only)
authentication method. Having all auth options handled by the same code makes it
easier to gradually add OAuth2 support.

As part of this, some options that would no longer work with OAuth2 (and that
are not being used from anywhere now, as far as I can tell) are removed:
  * Passing account password for authentication via command line.
  * Overriding 'Host' header when making requests to Rietveld (won't work with
    SSL anyway).
  * --account_type option (seems to be ClientLogin specific).

R=maruel@chromium.org
BUG=356813

Review URL: https://codereview.chromium.org/1075723002

git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@294746 0039d316-1c4b-4281-b951-d872f2087c98