Skip to content

Commit

Permalink
Adding compute auth examples
Browse files Browse the repository at this point in the history
Change-Id: I90be79bf47428f1f98a1bb9f27b3cde507b94655
  • Loading branch information
Jon Wayne Parrott committed Apr 22, 2016
1 parent 7c4a834 commit 4d490c4
Show file tree
Hide file tree
Showing 5 changed files with 194 additions and 0 deletions.
78 changes: 78 additions & 0 deletions compute/auth/access_token.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
#!/usr/bin/env python

# Copyright 2016 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""Example of authenticating using access tokens directly on Compute Engine.
For more information, see the README.md under /compute.
"""

# [START all]

import argparse

import requests


METADATA_URL = 'http://metadata.google.internal/computeMetadata/v1/'
METADATA_HEADERS = {'Metadata-Flavor': 'Google'}
SERVICE_ACCOUNT = 'default'


def get_access_token():
url = '{}instance/service-accounts/{}/token'.format(
METADATA_URL, SERVICE_ACCOUNT)

# Request an access token from the metadata server.
r = requests.get(url, headers=METADATA_HEADERS)
r.raise_for_status()

# Extract the access token from the respose.
access_token = r.json()['access_token']

return access_token


def list_buckets(project_id, access_token):
url = 'https://www.googleapis.com/storage/v1/b'
params = {
'project': project_id
}
headers = {
'Authenication': 'Bearer {}'.format(access_token)
}

r = requests.get(url, params=params, headers=headers)
r.raise_for_status()

return r.json()


def main(project_id):
access_token = get_access_token()
buckets = list_buckets(project_id, access_token)
print(buckets)


if __name__ == '__main__':
parser = argparse.ArgumentParser(
description=__doc__,
formatter_class=argparse.RawDescriptionHelpFormatter)
parser.add_argument('project_id', help='Your Google Cloud project ID.')

args = parser.parse_args()

main(args.project_id)
# [END all]
34 changes: 34 additions & 0 deletions compute/auth/access_token_test.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Copyright 2015, Google, Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import access_token
import mock


@mock.patch('access_token.requests')
def test_main(requests_mock, cloud_config):
metadata_response = mock.Mock()
metadata_response.status_code = 200
metadata_response.json.return_value = {
'access_token': '123'
}
bucket_response = mock.Mock()
bucket_response.status_code = 200
bucket_response.json.return_value = [{'bucket': 'name'}]

requests_mock.get.side_effect = [
metadata_response, bucket_response]

access_token.main(cloud_config.project)

assert requests_mock.get.call_count == 2
62 changes: 62 additions & 0 deletions compute/auth/application_default.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
#!/usr/bin/env python

# Copyright 2016 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""Example of authenticating using Application Default Credentials on
Compute Engine.
For more information, see the README.md under /compute.
"""

# [START all]

import argparse

from googleapiclient import discovery
from oauth2client.client import GoogleCredentials


def create_service():
# Get the application default credentials. When running locally, these are
# available after running `gcloud auth`. When running on compute
# engine, these are available from the environment.
credentials = GoogleCredentials.get_application_default()

# Construct the service object for interacting with the Cloud Storage API -
# the 'storage' service, at version 'v1'.
return discovery.build('storage', 'v1', credentials=credentials)


def list_buckets(service, project_id):
buckets = service.buckets().list(project=project_id).execute()
return buckets


def main(project_id):
service = create_service()
buckets = list_buckets(service, project_id)
print(buckets)


if __name__ == '__main__':
parser = argparse.ArgumentParser(
description=__doc__,
formatter_class=argparse.RawDescriptionHelpFormatter)
parser.add_argument('project_id', help='Your Google Cloud Project ID.')

args = parser.parse_args()

main(args.project_id)
# [END all]
18 changes: 18 additions & 0 deletions compute/auth/application_default_test.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# Copyright 2015, Google, Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

from application_default import main


def test_main(cloud_config):
main(cloud_config.project)
2 changes: 2 additions & 0 deletions compute/auth/requirements.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
requests==2.9.1
google-api-python-client==1.5.0

0 comments on commit 4d490c4

Please sign in to comment.