Skip to content

Instantly share code, notes, and snippets.

@salrashid123

salrashid123/main.py

Created November 2, 2021 20:45
Show Gist options
  • Save salrashid123/8ab5a2c382b3b314449113bee6a71292 to your computer and use it in GitHub Desktop.
Save salrashid123/8ab5a2c382b3b314449113bee6a71292 to your computer and use it in GitHub Desktop.
Download ZIP
Web oauth2 flow for cloud run
Raw
main.py
#!/usr/bin/python
from flask import Flask,redirect, session, request
import json
import os
import urllib
from urllib.request import urlopen
from oauth2client.file import Storage
from google_auth_oauthlib.flow import Flow
import google.oauth2.credentials
from google.auth.transport.requests import AuthorizedSession
from google.auth.credentials import AnonymousCredentials
import google.oauth2.credentials
from google.oauth2 import id_token
import google.auth
import google.auth.transport.requests
from google.auth.transport.requests import requests
# web client id from project=248066739582 whichis where https://myapp-jyosxg6puq-uc.a.run.app exits
scopes = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
redirect_uri='https://notebook.esodemoapp2.com:8081/callback'
client_id='248066739582-h498t6035hm9lvp5u9jelm8i67rp43vq.apps.googleusercontent.com'
client_secret='redacted'
app = Flask(__name__)
SESSION_TYPE = "memory"
app.config.update(SECRET_KEY=os.urandom(24))
@app.route("/")
def main():
if 'username' in session:
username = session['username']
return ('Logged in as ' + username + '<br>')
rdr = ('https://accounts.google.com/o/oauth2/auth?scope=' + urllib.parse.quote(scopes) + '&state=%2Fprofile&redirect_uri=' + urllib.parse.quote(redirect_uri) + '&response_type=code&client_id='+ client_id)
return redirect(rdr, code=302)
# Step 2: User authorization, this happens on the provider.
@app.route("/callback", methods=["GET"])
def callback():
code = request.args.get('code')
r = ('code [' + code + ']\n')
url = 'https://accounts.google.com/o/oauth2/token'
d = {'grant_type' : 'authorization_code',
'redirect_uri' : redirect_uri,
'code' : code,
'client_id' : client_id,
'client_secret' : client_secret
}
headers = {"Content-type": "application/x-www-form-urlencoded"}
data = urllib.parse.urlencode(d).encode("utf-8")
try:
resp = urllib.request.urlopen(url,data).read()
parsed = json.loads(resp)
access_token = parsed.get('access_token')
refresh_token = parsed.get('refresh_token')
token_uri = parsed.get('token_uri')
id_token = parsed.get('id_token')
credentials = google.oauth2.credentials.Credentials(
access_token,
refresh_token=refresh_token,
token_uri=token_uri,
client_id=client_id,
client_secret=client_secret)
# for google apis
authed_session = AuthorizedSession(credentials)
ar = authed_session.get('https://openidconnect.googleapis.com/v1/userinfo')
print(ar)
session['username'] = ar.json()['email']
# for cloud run
print(id_token)
id_creds = google.oauth2.credentials.Credentials(token=id_token)
authed_session = AuthorizedSession(id_creds)
r = authed_session.get('https://myapp-jyosxg6puq-uc.a.run.app/')
#r = requests.get('https://myapp-jyosxg6puq-uc.a.run.app/', headers={"Authorization": "Bearer " + id_token})
print(r.text)
except urllib.error.URLError as e:
print(e.reason)
return (e.reason)
except urllib.error.HTTPError as e:
print(e.reason)
return (e.reason)
return redirect("/", code=302)
if __name__ == '__main__':
app.run(host='0.0.0.0', port=8081, debug=True, ssl_context=('notebook.crt', 'notebook.key'))
@salrashid123
Copy link
Author

  • notebook.crt
-----BEGIN CERTIFICATE-----
MIIEPzCCAyegAwIBAgIBOjANBgkqhkiG9w0BAQUFADBXMQswCQYDVQQGEwJVUzEP
MA0GA1UECgwGR29vZ2xlMRMwEQYDVQQLDApFbnRlcnByaXNlMSIwIAYDVQQDDBlF
bnRlcnByaXNlIFN1Ym9yZGluYXRlIENBMB4XDTIxMTEwMjE5NDE0MloXDTI3MDQy
NTE5NDE0MlowVjELMAkGA1UEBhMCVVMxDzANBgNVBAoMBkdvb2dsZTETMBEGA1UE
CwwKRW50ZXJwcmlzZTEhMB8GA1UEAwwYbm90ZWJvb2suZXNvZGVtb2FwcDIuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9QRG0aFY3I5nWslGRda
gNXJQ/hUhz1fkD7ddPuAo32dI96HqlWNol0ZSA3LmhCiHMZgWG/NbJtZtSRwOm+4
SQE8KjctV9tuI2cc5HOZm2m8jiJf/4sfStd9nFM7om+OmyzQ0v0YDo+/ciGsu4p5
UYx7ufzxVBdcfg9cuD0upqNFqdDMc/C1sVVRD2lByJt+Bz2K4swkQKemHTiZwlz7
fx0vNrietkRBDdxSPQVS6yUnDmqnW3f9/iAo56oCNx7xGV72iTitajNE+77pq3IO
IPCDTv/cEWF0FbPPFFQvhQIJjxjxtwGmjvBjNWgBe5dFI4IPgu3mOS9/CJfERBHc
kwIDAQABo4IBFTCCAREwDgYDVR0PAQH/BAQDAgeAMAkGA1UdEwQCMAAwEwYDVR0l
BAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFKeK9+ifDAlprbn2arpuNutZ4XCVMB8G
A1UdIwQYMBaAFL/hHPAiSI/8O89d2e2uiHAh392GMEQGCCsGAQUFBwEBBDgwNjA0
BggrBgEFBQcwAoYoaHR0cDovL3BraS5lc29kZW1vYXBwMi5jb20vY2EvdGxzLWNh
LmNlcjA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vcGtpLmVzb2RlbW9hcHAyLmNv
bS9jYS90bHMtY2EuY3JsMB4GA1UdEQQXMBWCE3N0cy5lc29kZW1vYXBwMi5jb20w
DQYJKoZIhvcNAQEFBQADggEBAH4APi6qpNl78p7VNqBP3Nt9LUBD0tn3ZyRmPPWX
wJFyi0nNMEQotbF9ZUSP7zowd0QZYVLYoxUtFLlHOLbXtJH8RQ9Xzvu8Ei3IVyJ0
p1KBCbu5KA6ZvoeXsDXCyB+OKhrzEgMcb+TnJian8KsXPbfo/9kC45cqitD+LS/b
MTcQ49pYr3soAuOFwsh7YBFO9OWNaENPxT9Zn5UZBAwtxDj90gvbU+cu4Lkypbyq
apJptPADDSexfYID8T/0EPMTcMh6Iab1ywiam9ETYGcd7BWk7gXHfme1kD+jr2gm
cKvOGu5Ns+pvqVFFD1xdUmPiGkRxLVVswoWF48zP7FHvsd8=
-----END CERTIFICATE-----
  • server.key
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDL1BEbRoVjcjmd
ayUZF1qA1clD+FSHPV+QPt10+4CjfZ0j3oeqVY2iXRlIDcuaEKIcxmBYb81sm1m1
JHA6b7hJATwqNy1X224jZxzkc5mbabyOIl//ix9K132cUzuib46bLNDS/RgOj79y
Iay7inlRjHu5/PFUF1x+D1y4PS6mo0Wp0Mxz8LWxVVEPaUHIm34HPYrizCRAp6Yd
OJnCXPt/HS82uJ62REEN3FI9BVLrJScOaqdbd/3+ICjnqgI3HvEZXvaJOK1qM0T7
vumrcg4g8INO/9wRYXQVs88UVC+FAgmPGPG3AaaO8GM1aAF7l0Ujgg+C7eY5L38I
l8REEdyTAgMBAAECggEACVommsjGkASKrjVfU2Jl7alhfbPkNPxU6SppQNfVVCsM
TbwFH4SjZgK9iTfQ0rXWqllTzFr84vHR0OTmHVhI7ViYKRu1AeX4jLlLcxP2xVG5
rA/ZtcDtY6K1ibmr780MjwQkZLnmI6zmzNbMtSIqZNp8RtFbRU95F/OefnmYLV8V
cw64QzXbkCWyf3j6PNKd3WEMc6CtzdDapdCOSIeB2TsSNe94ItTRUqklLCNz80pe
TmA0I2e1cRDSG9ny0DWBa9VOu6NwcK428PfAHyMBPQCrYnNSR7gYTNY8JP1EaoF6
fhWZopR/DfhCWPztn0a5zSPCqutZbyzmNOsPlFyX4QKBgQDwPZsRh/AZwfqWMgXN
Rm7JKvOCNWN4lr4gPBMh5K4X24ACNmWD92YKQpMB2EWYAeP8/6P0amvAh0YRJQCr
h6xFklWAGZnKxFpRWs9xn2GghVWo0fSFYSL3e5nXP1Y2r5Jll9fVqrJ6WRiWE3Jn
mnBdHS+j65n9zEh6SHAcReA3YwKBgQDZMvwm4Oy09tL4ZxiPrvfHgV9qx7RRjJHh
QdePyBOoETBr1IHsJrx80bd+FjOXQvWZWbyGMa2VV6uYK+IRHez0dYW2CUYrFlb7
s2+WylRVbc9vCcwFd21k8LkWHvBmrULx5rr2EAtELbp86iw0ow8lrHUAWUNclu44
9CZAbuXFEQKBgQCWXUjAaT/7LzEjbr245JuUp6Bv3/CZWmg3jsI+1X2tiwIM4HUb
au5f/5k5b17nrE9BW9QHt9AnWcOeGXXY5nsJtHR1UBC1G76X6ump6SLWsH2Tw41z
KgATvDXmxkq0waE0mxxJLKS29SrxS8ywUbaAYTMfOuhQNNssRkh9ObMDlwKBgQCJ
f01BD4LJzLchqaJS02DoW24cGvB775EqGJRt4SsQalFM8eqNpLgODHUszME8MJdp
zPUbvrc0o5ttadpjG5614vASnSxeenX2QVGTE+LvceSvVnRhwYjvLbT92/g0B9sp
Z/dTbjSzpH86NMRnThJ4twQahGewZZvJUkYk5A9xAQKBgQCeGjrI9MQtfudSdFI6
aXjXLju5GmL3t5a1k4DARjPMvDQmdrSBmgWVZ46gZ69cLW+RrqQS1suRZarnjLK/
zGQYAs4vVbR+y+o+hmTaXf/94o5aE6xckW4ottCXATZl94YPdEOUSNsqh+YICPPt
MJ5sTEACDXwXB5kB3HJXCp9nAA==
-----END PRIVATE KEY-----
  • ca.crt
-----BEGIN CERTIFICATE-----
MIIEDTCCAvWgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJVUzEP
MA0GA1UECgwGR29vZ2xlMRMwEQYDVQQLDApFbnRlcnByaXNlMRswGQYDVQQDDBJF
bnRlcnByaXNlIFJvb3QgQ0EwHhcNMjAwNDI1MjIwNzE1WhcNMzAwNDI1MjIwNzE1
WjBXMQswCQYDVQQGEwJVUzEPMA0GA1UECgwGR29vZ2xlMRMwEQYDVQQLDApFbnRl
cnByaXNlMSIwIAYDVQQDDBlFbnRlcnByaXNlIFN1Ym9yZGluYXRlIENBMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FXMxoPucnmPbeaYvtC7mwqMqS/D
RGuGmk78f8cLLmtf4qcfQwS5t5UkEAUiHaDGTdkk8AWRVGc4Sh/nwxlsEMw7thkl
W3zge8cU7V+pWjGokaYiLPqayV3CJ7VpYPIbXRGqeXQrSAh3h5vPmFn2IN4TZF2E
46Fob8xhqjYc9CAGqh8NevCyvyNvnb2ZTzQeC2jouRStltdHh97ynK/iatyzyot0
+9BrhI/9CBELS1MDGxcT35g48pEJzHr1/k3Wdz2VM0+pKSIBhiJM1t4Q1LALhP7L
KSr6Ex3H1OzaBEW8gpIoKlkH6I1D9lOs1rSSJU4ZEsVqft+3j32SByZNmQIDAQAB
o4HqMIHnMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
DgQWBBS/4RzwIkiP/DvPXdntrohwId/dhjAfBgNVHSMEGDAWgBSaVNYZIVg6RrbU
rgV+gHD0OM8oDDBFBggrBgEFBQcBAQQ5MDcwNQYIKwYBBQUHMAKGKWh0dHA6Ly9w
a2kuZXNvZGVtb2FwcDIuY29tL2NhL3Jvb3QtY2EuY2VyMDoGA1UdHwQzMDEwL6At
oCuGKWh0dHA6Ly9wa2kuZXNvZGVtb2FwcDIuY29tL2NhL3Jvb3QtY2EuY3JsMA0G
CSqGSIb3DQEBBQUAA4IBAQCIK7eSGxf7Vy/5pKVdDGgD/sG/pjBgqP6IVocvLUN0
nUzT8NMkOYraJz+LySUy55WGPeFeARcRCqeFwqz+o1BetdqOUZgouf1DuXvfyX0w
cp1Y/IEPcFnzl+U5b1F10iOLGt5llUxMd6eo1MS53SrbF3NIvQOu6aoHBlh614qk
zcx2hAhLIw5C9MvK7r5UP179ilv4x7ZYfWsM7DLvhgG8dEgQTDCPB5h6cSKIM1qI
hHzpPkrGcGtKK/Fbidjw4OP25HADV6i/GXKkjirOhVQkoj2S3RjkiNy8JvJobCFM
GJSi6m9GO8OrUA+o9r9JKYkLmLEWD5PeF7hCnbGQY+Cw
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDfjCCAmagAwIBAgIBATANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJVUzEP
MA0GA1UECgwGR29vZ2xlMRMwEQYDVQQLDApFbnRlcnByaXNlMRswGQYDVQQDDBJF
bnRlcnByaXNlIFJvb3QgQ0EwHhcNMjAwNDI1MjIwNDQxWhcNMzAwNDI1MjIwNDQx
WjBQMQswCQYDVQQGEwJVUzEPMA0GA1UECgwGR29vZ2xlMRMwEQYDVQQLDApFbnRl
cnByaXNlMRswGQYDVQQDDBJFbnRlcnByaXNlIFJvb3QgQ0EwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDxuasMnn/6NdpXZk9FnWE109YIUDXdPyN7Qiq1
mX54dBzoC/vZ1mlLyATGe9+DF9cgRa1apQAlid4cUsazo1Tropivf+y/gt9/6mXO
X0zEAZgwnw4VU6NXAVpyzMFiV8kFO18lzUlXdt92SGRiS6Bpk0oxuNZBYKx8SUDY
U7veKF2Gz9GcF5MXUQ5VxbUPqvFcuKGR4DRFAYUQWhB+c2XWr3Z7ibap5HxSRFJl
TZnE7GdeowwzV8/k2bmRWTznhJrGbnXRUykBF+Jhs29BRfqlKroJqL8MZ4VS9j+J
fQRIxYkG4JxfSOuL3mELJQUvZfZADMb60dPrMqJQeItBDndJAgMBAAGjYzBhMA4G
A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSaVNYZIVg6
RrbUrgV+gHD0OM8oDDAfBgNVHSMEGDAWgBSaVNYZIVg6RrbUrgV+gHD0OM8oDDAN
BgkqhkiG9w0BAQUFAAOCAQEAJHWSDi4Ku1L2h1L3Xz3EvDfARTBkBpMkTylQQ/yW
Y14CNso7cpZMnEmHhpscZHXzfFIKQgQXhSV4UeF1qSsVau5n37Kpf93XV/i8zL33
EAm/1HwrMCfVdBLx8pAj6GmuigPAnO5wH9B+KMolVyp91fptilmVzznp/KdMzurl
BqDjlLCt8eWzZ0WTmJhc0nWfgdwhlKD5DeUe6tmpahZK3ls3j1/F62FuccwJioem
krx0EqCm02vc8QU/r7OAEEgenmmak+yrKz4MV3LtdzO+R0F7/OMObepAE1ppCaP4
3Nh6qNxO8UxfBjkfxnGEkp9VicG96HSplK/L3CHYHLvKzQ==
-----END CERTIFICATE-----

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment