OLD | NEW |
(Empty) | |
| 1 # Copyright 2016 Google Inc. |
| 2 # |
| 3 # Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 # you may not use this file except in compliance with the License. |
| 5 # You may obtain a copy of the License at |
| 6 # |
| 7 # http://www.apache.org/licenses/LICENSE-2.0 |
| 8 # |
| 9 # Unless required by applicable law or agreed to in writing, software |
| 10 # distributed under the License is distributed on an "AS IS" BASIS, |
| 11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 # See the License for the specific language governing permissions and |
| 13 # limitations under the License. |
| 14 |
| 15 """Helper functions for loading data from a Google service account file.""" |
| 16 |
| 17 import io |
| 18 import json |
| 19 |
| 20 import six |
| 21 |
| 22 from google.auth import crypt |
| 23 |
| 24 |
| 25 def from_dict(data, require=None): |
| 26 """Validates a dictionary containing Google service account data. |
| 27 |
| 28 Creates and returns a :class:`google.auth.crypt.Signer` instance from the |
| 29 private key specified in the data. |
| 30 |
| 31 Args: |
| 32 data (Mapping[str, str]): The service account data |
| 33 require (Sequence[str]): List of keys required to be present in the |
| 34 info. |
| 35 |
| 36 Returns: |
| 37 google.auth.crypt.Signer: A signer created from the private key in the |
| 38 service account file. |
| 39 |
| 40 Raises: |
| 41 ValueError: if the data was in the wrong format, or if one of the |
| 42 required keys is missing. |
| 43 """ |
| 44 keys_needed = set(require if require is not None else []) |
| 45 |
| 46 missing = keys_needed.difference(six.iterkeys(data)) |
| 47 |
| 48 if missing: |
| 49 raise ValueError( |
| 50 'Service account info was not in the expected format, missing ' |
| 51 'fields {}.'.format(', '.join(missing))) |
| 52 |
| 53 # Create a signer. |
| 54 signer = crypt.RSASigner.from_service_account_info(data) |
| 55 |
| 56 return signer |
| 57 |
| 58 |
| 59 def from_filename(filename, require=None): |
| 60 """Reads a Google service account JSON file and returns its parsed info. |
| 61 |
| 62 Args: |
| 63 filename (str): The path to the service account .json file. |
| 64 require (Sequence[str]): List of keys required to be present in the |
| 65 info. |
| 66 |
| 67 Returns: |
| 68 Tuple[ Mapping[str, str], google.auth.crypt.Signer ]: The verified |
| 69 info and a signer instance. |
| 70 """ |
| 71 with io.open(filename, 'r', encoding='utf-8') as json_file: |
| 72 data = json.load(json_file) |
| 73 return data, from_dict(data, require=require) |
OLD | NEW |