Created
November 26, 2012 01:59
-
-
Save KazuyaHayashi/4146195 to your computer and use it in GitHub Desktop.
OAuth2 Service Accounts sample
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import logging | |
| import json | |
| #logging.basicConfig(level=logging.DEBUG) | |
| from oauth2client import client | |
| import gdata.apps.service | |
| from jwt_util import get_JWT, get_service_private_key, get_clientSecrets | |
| def get_alluserfeed(domain, prn=None): | |
| client_secrets = get_clientSecrets() | |
| private_key = get_service_private_key() | |
| jwt_client = client.SignedJwtAssertionCredentials( | |
| service_account_name=client_secrets['web']['client_email'], | |
| private_key=private_key, | |
| scope="https://apps-apis.google.com/a/feeds/user/", | |
| prn=prn) | |
| jwt = json.loads(get_JWT(jwt_client._generate_assertion())) | |
| oauth2_auth_header = "Bearer %s" % jwt['access_token'] | |
| service = gdata.apps.service.AppsService( | |
| source="test", domain=domain, | |
| additional_headers={"Authorization":oauth2_auth_header}) | |
| return service.RetrieveAllUsers() | |
| if __name__ == '__main__': | |
| user_feed = get_alluserfeed( | |
| domain="apps00free.prd.demodesu.com", | |
| prn="[email protected]") | |
| for user in user_feed.entry: | |
| print user.login.user_name |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import urllib | |
| import simplejson as json | |
| import atom.http_core | |
| class Error(Exception): | |
| def __str__(self): | |
| return "Error: %s" % self.error_message | |
| class OAuth2JWTError(Error): | |
| """Raised when an OAuth2 error occurs.""" | |
| def __init__(self, error_message): | |
| self.error_message = error_message | |
| def get_JWT(assertion): | |
| body = urllib.urlencode({ | |
| 'grant_type':'urn:ietf:params:oauth:grant-type:jwt-bearer', | |
| 'assertion':assertion | |
| } | |
| ) | |
| headers = {} | |
| http_client = atom.http_core.HttpClient() | |
| http_request = atom.http_core.HttpRequest(uri="https://accounts.google.com/o/oauth2/token", | |
| method="POST", headers=headers) | |
| http_request.add_body_part(data=body, mime_type="application/x-www-form-urlencoded") | |
| response = http_client.Request(http_request) | |
| body = response.read() | |
| if response.status == 200: | |
| return body | |
| else: | |
| error_msg = 'Invalid response %s.' % response.status | |
| try: | |
| d = json.loads(body) | |
| if 'error' in d: | |
| error_msg = d['error'] | |
| except: | |
| pass | |
| raise OAuth2JWTError(error_msg) | |
| def get_service_private_key(): | |
| f = open('service_privatekey.p12','rb') | |
| key = f.read() | |
| f.close() | |
| return key | |
| def get_clientSecrets(): | |
| f = open('service_client_secrets.json') | |
| secrets_json = f.read() | |
| return json.loads(secrets_json) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment