| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307 |
- # Copyright 2016 Google Inc.
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- """Transport adapter for httplib2."""
- from __future__ import absolute_import
- import logging
- from google.auth import exceptions
- from google.auth import transport
- import httplib2
- from six.moves import http_client
- _LOGGER = logging.getLogger(__name__)
- # Properties present in file-like streams / buffers.
- _STREAM_PROPERTIES = ("read", "seek", "tell")
- class _Response(transport.Response):
- """httplib2 transport response adapter.
- Args:
- response (httplib2.Response): The raw httplib2 response.
- data (bytes): The response body.
- """
- def __init__(self, response, data):
- self._response = response
- self._data = data
- @property
- def status(self):
- """int: The HTTP status code."""
- return self._response.status
- @property
- def headers(self):
- """Mapping[str, str]: The HTTP response headers."""
- return dict(self._response)
- @property
- def data(self):
- """bytes: The response body."""
- return self._data
- class Request(transport.Request):
- """httplib2 request adapter.
- This class is used internally for making requests using various transports
- in a consistent way. If you use :class:`AuthorizedHttp` you do not need
- to construct or use this class directly.
- This class can be useful if you want to manually refresh a
- :class:`~google.auth.credentials.Credentials` instance::
- import google_auth_httplib2
- import httplib2
- http = httplib2.Http()
- request = google_auth_httplib2.Request(http)
- credentials.refresh(request)
- Args:
- http (httplib2.Http): The underlying http object to use to make
- requests.
- .. automethod:: __call__
- """
- def __init__(self, http):
- self.http = http
- def __call__(
- self, url, method="GET", body=None, headers=None, timeout=None, **kwargs
- ):
- """Make an HTTP request using httplib2.
- Args:
- url (str): The URI to be requested.
- method (str): The HTTP method to use for the request. Defaults
- to 'GET'.
- body (bytes): The payload / body in HTTP request.
- headers (Mapping[str, str]): Request headers.
- timeout (Optional[int]): The number of seconds to wait for a
- response from the server. This is ignored by httplib2 and will
- issue a warning.
- kwargs: Additional arguments passed throught to the underlying
- :meth:`httplib2.Http.request` method.
- Returns:
- google.auth.transport.Response: The HTTP response.
- Raises:
- google.auth.exceptions.TransportError: If any exception occurred.
- """
- if timeout is not None:
- _LOGGER.warning(
- "httplib2 transport does not support per-request timeout. "
- "Set the timeout when constructing the httplib2.Http instance."
- )
- try:
- _LOGGER.debug("Making request: %s %s", method, url)
- response, data = self.http.request(
- url, method=method, body=body, headers=headers, **kwargs
- )
- return _Response(response, data)
- # httplib2 should catch the lower http error, this is a bug and
- # needs to be fixed there. Catch the error for the meanwhile.
- except (httplib2.HttpLib2Error, http_client.HTTPException) as exc:
- raise exceptions.TransportError(exc)
- def _make_default_http():
- """Returns a default httplib2.Http instance."""
- return httplib2.Http()
- class AuthorizedHttp(object):
- """A httplib2 HTTP class with credentials.
- This class is used to perform requests to API endpoints that require
- authorization::
- from google.auth.transport._httplib2 import AuthorizedHttp
- authed_http = AuthorizedHttp(credentials)
- response = authed_http.request(
- 'https://www.googleapis.com/storage/v1/b')
- This class implements :meth:`request` in the same way as
- :class:`httplib2.Http` and can usually be used just like any other
- instance of :class:``httplib2.Http`.
- The underlying :meth:`request` implementation handles adding the
- credentials' headers to the request and refreshing credentials as needed.
- """
- def __init__(
- self,
- credentials,
- http=None,
- refresh_status_codes=transport.DEFAULT_REFRESH_STATUS_CODES,
- max_refresh_attempts=transport.DEFAULT_MAX_REFRESH_ATTEMPTS,
- ):
- """
- Args:
- credentials (google.auth.credentials.Credentials): The credentials
- to add to the request.
- http (httplib2.Http): The underlying HTTP object to
- use to make requests. If not specified, a
- :class:`httplib2.Http` instance will be constructed.
- refresh_status_codes (Sequence[int]): Which HTTP status codes
- indicate that credentials should be refreshed and the request
- should be retried.
- max_refresh_attempts (int): The maximum number of times to attempt
- to refresh the credentials and retry the request.
- """
- if http is None:
- http = _make_default_http()
- self.http = http
- self.credentials = credentials
- self._refresh_status_codes = refresh_status_codes
- self._max_refresh_attempts = max_refresh_attempts
- # Request instance used by internal methods (for example,
- # credentials.refresh).
- self._request = Request(self.http)
- def close(self):
- """Calls httplib2's Http.close"""
- self.http.close()
- def request(
- self,
- uri,
- method="GET",
- body=None,
- headers=None,
- redirections=httplib2.DEFAULT_MAX_REDIRECTS,
- connection_type=None,
- **kwargs
- ):
- """Implementation of httplib2's Http.request."""
- _credential_refresh_attempt = kwargs.pop("_credential_refresh_attempt", 0)
- # Make a copy of the headers. They will be modified by the credentials
- # and we want to pass the original headers if we recurse.
- request_headers = headers.copy() if headers is not None else {}
- self.credentials.before_request(self._request, method, uri, request_headers)
- # Check if the body is a file-like stream, and if so, save the body
- # stream position so that it can be restored in case of refresh.
- body_stream_position = None
- if all(getattr(body, stream_prop, None) for stream_prop in _STREAM_PROPERTIES):
- body_stream_position = body.tell()
- # Make the request.
- response, content = self.http.request(
- uri,
- method,
- body=body,
- headers=request_headers,
- redirections=redirections,
- connection_type=connection_type,
- **kwargs
- )
- # If the response indicated that the credentials needed to be
- # refreshed, then refresh the credentials and re-attempt the
- # request.
- # A stored token may expire between the time it is retrieved and
- # the time the request is made, so we may need to try twice.
- if (
- response.status in self._refresh_status_codes
- and _credential_refresh_attempt < self._max_refresh_attempts
- ):
- _LOGGER.info(
- "Refreshing credentials due to a %s response. Attempt %s/%s.",
- response.status,
- _credential_refresh_attempt + 1,
- self._max_refresh_attempts,
- )
- self.credentials.refresh(self._request)
- # Restore the body's stream position if needed.
- if body_stream_position is not None:
- body.seek(body_stream_position)
- # Recurse. Pass in the original headers, not our modified set.
- return self.request(
- uri,
- method,
- body=body,
- headers=headers,
- redirections=redirections,
- connection_type=connection_type,
- _credential_refresh_attempt=_credential_refresh_attempt + 1,
- **kwargs
- )
- return response, content
- def add_certificate(self, key, cert, domain, password=None):
- """Proxy to httplib2.Http.add_certificate."""
- self.http.add_certificate(key, cert, domain, password=password)
- @property
- def connections(self):
- """Proxy to httplib2.Http.connections."""
- return self.http.connections
- @connections.setter
- def connections(self, value):
- """Proxy to httplib2.Http.connections."""
- self.http.connections = value
- @property
- def follow_redirects(self):
- """Proxy to httplib2.Http.follow_redirects."""
- return self.http.follow_redirects
- @follow_redirects.setter
- def follow_redirects(self, value):
- """Proxy to httplib2.Http.follow_redirects."""
- self.http.follow_redirects = value
- @property
- def timeout(self):
- """Proxy to httplib2.Http.timeout."""
- return self.http.timeout
- @timeout.setter
- def timeout(self, value):
- """Proxy to httplib2.Http.timeout."""
- self.http.timeout = value
- @property
- def redirect_codes(self):
- """Proxy to httplib2.Http.redirect_codes."""
- return self.http.redirect_codes
- @redirect_codes.setter
- def redirect_codes(self, value):
- """Proxy to httplib2.Http.redirect_codes."""
- self.http.redirect_codes = value
|
