| phoglund@webrtc.org | 96c39d1 | 2012-01-24 14:44:51 +0000 | [diff] [blame^] | 1 | #!/usr/bin/env python |
| 2 | #-*- coding: utf-8 -*- |
| 3 | # Copyright (c) 2012 The WebRTC project authors. All Rights Reserved. |
| 4 | # |
| 5 | # Use of this source code is governed by a BSD-style license |
| 6 | # that can be found in the LICENSE file in the root of the source |
| 7 | # tree. An additional intellectual property rights grant can be found |
| 8 | # in the file PATENTS. All contributing project authors may |
| 9 | # be found in the AUTHORS file in the root of the source tree. |
| 10 | |
| 11 | """This script request an access token from the appengine running the dashboard. |
| 12 | |
| 13 | The script is intended to be run manually whenever we wish to change which |
| 14 | dashboard administrator we act on behalf of when running the |
| 15 | track_coverage.py script. For example, this will be useful if the current |
| 16 | dashboard administrator leaves the project. |
| 17 | |
| 18 | This script should be run on the build bot which runs the track_coverage.py |
| 19 | script. This script will present a link during its execution, which the new |
| 20 | administrator should follow and then click approve on the web page that |
| 21 | appears. The new administrator should have admin rights on the coverage |
| 22 | dashboard, otherwise the track_coverage.py will not work. |
| 23 | |
| 24 | If successful, this script will write the access token to a file access.token |
| 25 | in the current directory, which later can be read by track_coverage.py. |
| 26 | The token is stored in string form (as reported by the web server) using the |
| 27 | shelve module. |
| 28 | """ |
| 29 | |
| 30 | __author__ = 'phoglund@webrtc.org (Patrik Höglund)' |
| 31 | |
| 32 | import shelve |
| 33 | import sys |
| 34 | import urlparse |
| 35 | import oauth2 as oauth |
| 36 | |
| 37 | |
| 38 | class FailedToRequestPermissionException(Exception): |
| 39 | pass |
| 40 | |
| 41 | |
| 42 | # This identifies our application using the information we got when we |
| 43 | # registered the application on Google appengine. |
| 44 | # TODO(phoglund): update to the right value when we have registered the app. |
| 45 | DASHBOARD_SERVER = 'http://127.0.0.1:8080' |
| 46 | CONSUMER_KEY = DASHBOARD_SERVER |
| 47 | |
| 48 | REQUEST_TOKEN_URL = DASHBOARD_SERVER + '/_ah/OAuthGetRequestToken' |
| 49 | AUTHORIZE_TOKEN_URL = DASHBOARD_SERVER + '/_ah/OAuthAuthorizeToken' |
| 50 | ACCESS_TOKEN_URL = DASHBOARD_SERVER + '/_ah/OAuthGetAccessToken' |
| 51 | |
| 52 | |
| 53 | def _ensure_token_response_is_200(response, queried_url, token_type): |
| 54 | if response.status != 200: |
| 55 | raise FailedToRequestPermissionException('Failed to request %s from %s: ' |
| 56 | 'received status %d, reason %s.' % |
| 57 | (token_type, |
| 58 | queried_url, |
| 59 | response.status, |
| 60 | response.reason)) |
| 61 | |
| 62 | def _request_unauthorized_token(consumer, request_token_url): |
| 63 | """Requests the initial token from the dashboard service. |
| 64 | |
| 65 | Given that the response from the server is correct, we will return a |
| 66 | dictionary containing oauth_token and oauth_token_secret mapped to the |
| 67 | token and secret value, respectively. |
| 68 | """ |
| 69 | client = oauth.Client(consumer) |
| 70 | |
| 71 | try: |
| 72 | response, content = client.request(request_token_url, 'POST') |
| 73 | except AttributeError as error: |
| 74 | # This catch handler is here since we'll get very confusing messages |
| 75 | # if the target server is down for some reason. |
| 76 | raise FailedToRequestPermissionException("Failed to request token: " |
| 77 | "the dashboard is likely down.", |
| 78 | error) |
| 79 | |
| 80 | _ensure_token_response_is_200(response, request_token_url, |
| 81 | "unauthorized token") |
| 82 | |
| 83 | return dict(urlparse.parse_qsl(content)) |
| 84 | |
| 85 | |
| 86 | def _ask_user_to_authorize_us(unauthorized_token): |
| 87 | """This function will block until the user enters y + newline.""" |
| 88 | print 'Go to the following link in your browser:' |
| 89 | print '%s?oauth_token=%s' % (AUTHORIZE_TOKEN_URL, |
| 90 | unauthorized_token['oauth_token']) |
| 91 | |
| 92 | accepted = 'n' |
| 93 | while accepted.lower() != 'y': |
| 94 | accepted = raw_input('Have you authorized me yet? (y/n) ') |
| 95 | |
| 96 | |
| 97 | def _request_access_token(consumer, unauthorized_token): |
| 98 | token = oauth.Token(unauthorized_token['oauth_token'], |
| 99 | unauthorized_token['oauth_token_secret']) |
| 100 | client = oauth.Client(consumer, token) |
| 101 | response, content = client.request(ACCESS_TOKEN_URL, 'POST') |
| 102 | |
| 103 | _ensure_token_response_is_200(response, ACCESS_TOKEN_URL, "access token") |
| 104 | |
| 105 | return content |
| 106 | |
| 107 | |
| 108 | def _write_access_token_to_file(access_token, filename): |
| 109 | output = shelve.open(filename) |
| 110 | output['access_token'] = access_token |
| 111 | output.close() |
| 112 | |
| 113 | print 'Wrote the access token to the file %s.' % filename |
| 114 | |
| 115 | |
| 116 | def _main(): |
| 117 | if len(sys.argv) != 2: |
| 118 | print ('Usage: %s <consumer secret>.\n\nThe consumer secret is an OAuth ' |
| 119 | 'concept and is obtained from the appengine running the dashboard.' % |
| 120 | sys.argv[0]) |
| 121 | return |
| 122 | |
| 123 | consumer_secret = sys.argv[1] |
| 124 | consumer = oauth.Consumer(CONSUMER_KEY, consumer_secret) |
| 125 | |
| 126 | unauthorized_token = _request_unauthorized_token(consumer, REQUEST_TOKEN_URL) |
| 127 | |
| 128 | _ask_user_to_authorize_us(unauthorized_token) |
| 129 | |
| 130 | access_token_string = _request_access_token(consumer, unauthorized_token) |
| 131 | |
| 132 | _write_access_token_to_file(access_token_string, 'access.token') |
| 133 | |
| 134 | if __name__ == '__main__': |
| 135 | _main() |