Mercurial > p > roundup > code

annotate scripts/oauth-get-token.py @ 7090:8cda8e05c9a0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update oauth-get-token script Detect if the redirect URI is http or https, additional options to force tls or force no tls. More documentation on default certificat/key plus add options to set cert- and keyfile.
author Ralf Schlatterbeck <rsc@runtux.com>
date Wed, 30 Nov 2022 15:41:24 +0100
parents 8d9a6063cb22
children b26207712c2b
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
1 #!/usr/bin/python3
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
2
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
3 import requests
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
4 import time
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
5 import sys
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
6 import webbrowser
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
7 import ssl
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
8
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
9 from urllib.parse import urlparse, urlencode, parse_qs
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
10 from argparse import ArgumentParser, RawDescriptionHelpFormatter
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
11 from http.server import HTTPServer, BaseHTTPRequestHandler
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
12
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
13 class Request_Token:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
14
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
15 def __init__ (self, args):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
16 self.args = args
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
17 self.session = requests.session ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
18 self.url = '/'.join ((args.url.rstrip ('/'), args.tenant))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
19 self.url = '/'.join ((self.url, 'oauth2/v2.0'))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
20 self.state = None
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
21 self.use_tls = self.args.use_tls
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
22 if self.use_tls is None:
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
23 self.use_tls = self.args.redirect_uri.startswith ('https')
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
24 # end def __init__
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
25
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
26 def check_err (self, r):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
27 if not 200 <= r.status_code <= 299:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
28 raise RuntimeError \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
29 ( 'Invalid result: %s: %s\n %s'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
30 % (r.status_code, r.reason, r.text)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
31 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
32 # end def check_err
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
33
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
34 def get_url (self, path, params):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
35 url = ('/'.join ((self.url, path)))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
36 url = url + '?' + urlencode (params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
37 return url
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
38 # end def get_url
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
39
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
40 def post_or_put (self, method, path, data = None, json = None):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
41 d = {}
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
42 if data:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
43 d.update (data = data)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
44 if json:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
45 d.update (json = json)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
46 url = ('/'.join ((self.url, path)))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
47 r = method (url, **d)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
48 self.check_err (r)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
49 return r.json ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
50 # end def post_or_put
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
51
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
52 def post (self, path, data = None, json = None):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
53 return self.post_or_put (self.session.post, path, data, json)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
54 # end def post
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
55
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
56 def authcode_callback (self, handler):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
57 msg = ['']
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
58 self.request_received = False
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
59 r = urlparse (handler.path)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
60 if r.query:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
61 q = parse_qs (r.query)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
62 if 'state' in q:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
63 state = q ['state'][0]
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
64 if state != self.state:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
65 msg.append \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
66 ( 'State did not match: expect "%s" got "%s"'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
67 % (self.state, state)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
68 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
69 elif 'code' not in q:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
70 msg.append ('Got no code')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
71 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
72 with open ('oauth/authcode', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
73 f.write (q ['code'][0])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
74 msg.append ('Wrote code to oauth/authcode')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
75 self.request_received = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
76 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
77 msg.append ('No state and no code')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
78 return 200, '\n'.join (msg).encode ('utf-8')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
79 # end def authcode_callback
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
80
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
81 def request_authcode (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
82 with open ('oauth/client_id', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
83 client_id = f.read ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
84 self.state = 'authcode' + str (time.time ())
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
85 params = dict \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
86 ( client_id = client_id
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
87 , response_type = 'code'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
88 , response_mode = 'query'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
89 , state = self.state
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
90 , redirect_uri = self.args.redirect_uri
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
91 , scope = ' '.join
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
92 (( 'https://outlook.office.com/IMAP.AccessAsUser.All'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
93 , 'https://outlook.office.com/User.Read'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
94 , 'offline_access'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
95 ))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
96 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
97 url = self.get_url ('authorize', params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
98 print (url)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
99 if self.args.webbrowser:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
100 browser = webbrowser.get (self.args.browser)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
101 browser.open_new_tab (url)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
102 if self.args.run_https_server:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
103 self.https_server ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
104 if self.args.request_tokens:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
105 self.request_token ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
106 # end def request_authcode
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
107
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
108 def request_token (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
109 with open ('oauth/client_id', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
110 client_id = f.read ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
111 with open ('oauth/client_secret', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
112 client_secret = f.read ().strip ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
113 with open ('oauth/authcode', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
114 authcode = f.read ().strip ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
115 params = dict \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
116 ( client_id = client_id
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
117 , code = authcode
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
118 , client_secret = client_secret
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
119 , redirect_uri = self.args.redirect_uri
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
120 , grant_type = 'authorization_code'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
121 # Only a single scope parameter is allowed here
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
122 , scope = ' '.join
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
123 (( 'https://outlook.office.com/User.Read'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
124 ,
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
125 ))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
126 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
127 result = self.post ('token', data = params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
128 with open ('oauth/refresh_token', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
129 f.write (result ['refresh_token'])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
130 with open ('oauth/access_token', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
131 f.write (result ['access_token'])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
132 # end def request_token
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
133
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
134 def https_server (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
135 self.request_received = False
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
136 class RQ_Handler (BaseHTTPRequestHandler):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
137 token_handler = self
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
138
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
139 def do_GET (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
140 self.close_connection = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
141 code, msg = self.token_handler.authcode_callback (self)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
142 self.send_response (code)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
143 self.send_header ('Content-Type', 'text/plain')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
144 self.end_headers ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
145 self.wfile.write (msg)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
146 self.wfile.flush ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
147
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
148 port = self.args.https_server_port
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
149 httpd = HTTPServer (('localhost', port), RQ_Handler)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
150
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
151 if self.use_tls:
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
152 httpd.socket = ssl.wrap_socket \
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
153 ( httpd.socket
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
154 , keyfile = self.args.keyfile
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
155 , certfile = self.args.certfile
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
156 , server_side = True
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
157 )
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
158
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
159 while not self.request_received:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
160 httpd.handle_request ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
161 # end def https_server
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
162
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
163 # end class Request_Token
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
164
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
165 epilog = """\
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
166 Retrieving the necessary refresh_token and access_token credentials
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
167 using this script. This asumes you have an email account (plus the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
168 password) to be used for mail retrieval. And you have registered an
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
169 application in the cloud for this process. The registering of an
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
170 application will give you an application id (also called client id) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
171 a tenant in UUID format.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
172
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
173 First define the necessary TENANT variable:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
174
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
175 TENANT=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
176
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
177 You need to create a directory named 'oauth' (if not yet existing) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
178 put the client id (also called application id) into the file
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
179 'oauth/client_id' and the corresponding secret into the file
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
180 'oauth/client_secret'.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
181
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
182 By default calling the script with no arguments, the whole process is
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
183 automatic. Note that the default TLS key used for the built-in server is
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
184 a self-signed certificate which is automatically created on Debian-based
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
185 (including Ubuntu) Linux distributions. But the key-file is not readable
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
186 for everyone, you need to be in the group 'ssl-cert' or need otherwise
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
187 elevated privileges. If you're using a http (as opposed to https)
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
188 redirect URI, of course no TLS files are needed. You may want to specify
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
189 the tenant explicitly using:
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
190
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
191 ./oauth-get-token.py -t $TENANT
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
192
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
193 Specifying the tenant explicitly will select the customized company
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
194 login form directly.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
195
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
196 The automatic process works as follows:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
197 - First the authorization URL is constructed and pushed to a local
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
198 browser. By default the default browser on that machine is used, you
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
199 can specify a different browser with the -b/--browser option.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
200 This will show a login form where you should be able to select the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
201 user to log in with. Log in with the username (the email address) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
202 password for that user.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
203 - A web-server is started on the given port. When you fill out the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
204 authentication form pushed to the browser, the last step is a redirect
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
205 to an URL that calls back to this webserver. The necessary
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
206 authentication code is transmitted in a query parameter. The code is
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
207 stored into the file 'oauth/authcode'. Using the authcode, the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
208 refresh_token and access_token are requested and stored in the oauth
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
209 directory.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
210
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
211 These steps can be broken down into individual steps by options
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
212 disabling one of the steps:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
213 - The push to the webserver can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
214 -w/--dont-push-to-webbrowser -- in that case the URL is printed on
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
215 standard output and must be pasted into the URL input field of a
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
216 browser. It is typically a good idea to use a browser that is
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
217 currently not logged into the company network.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
218 - The start of the webserver can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
219 -s/--dont-run-https-server -- when called with that option no
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
220 webserver is started. You get a redirect to a non-existing page. The
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
221 error-message is something like:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
222
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
223 This site can’t be reached
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
224
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
225 Copy the URL from the browser into the file 'oauth/authcode'. The URL
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
226 has paramters. We're interested in the 'code' parameter, a very long
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
227 string. Edit the file so that only that string (without the 'code='
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
228 part) is in the file.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
229 - Requesting the tokens can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
230 -n/--dont-request-tokens -- if this option is given, after receiving
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
231 the redirect from the webserver the authentication code is written to
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
232 the file 'oauth/authcode' but no token request is started.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
233
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
234 If you have either disabled the webserver or the token request, the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
235 token can be requested (using the file 'oauth/authcode' constructed by
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
236 hand as described above or written by the webserver) with the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
237 -T/--request-token option:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
238
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
239 ./oauth-get-token.py [-t $TENANT] -T
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
240
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
241 If successful this will create the 'oauth/access_token' and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
242 'oauth/refresh_token' files. Note that the authentication code has a
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
243 limited lifetime.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
244
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
245 """
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
246
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
247 def main ():
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
248 cmd = ArgumentParser \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
249 (epilog=epilog, formatter_class=RawDescriptionHelpFormatter)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
250 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
251 ( '-b', '--browser'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
252 , help = "Use non-default browser"
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
253 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
254 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
255 ( '--certfile'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
256 , help = "TLS certificate file, default=%(default)s"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
257 , default = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
258 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
259 cmd.add_argument \
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
260 ( '--keyfile'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
261 , help = "TLS key file, default=%(default)s"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
262 , default = "/etc/ssl/private/ssl-cert-snakeoil.key"
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
263 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
264 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
265 ( '-n', '--dont-request-tokens'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
266 , dest = 'request_tokens'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
267 , help = "Do not request tokens, just write authcode"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
268 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
269 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
270 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
271 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
272 ( '-p', '--https-server-port'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
273 , type = int
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
274 , help = "Port for https server to listen, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
275 " see also -r option, ports must (usually) match."
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
276 , default = 8181
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
277 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
278 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
279 ( '-r', '--redirect-uri'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
280 , help = "Redirect URI, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
281 , default = 'https://localhost:8181'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
282 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
283 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
284 ( '-s', '--dont-run-https-server'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
285 , dest = 'run_https_server'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
286 , help = "Run https server to wait for connection of browser "
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
287 "to transmit auth code via GET request"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
288 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
289 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
290 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
291 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
292 ( '-T', '--request-token'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
293 , help = "Run only the token-request step"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
294 , action = 'store_true'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
295 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
296 cmd.add_argument \
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
297 ( '-t', '--tenant'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
298 , help = "Tenant part of url, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
299 , default = 'organizations'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
300 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
301 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
302 ( '--use-tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
303 , help = "Enforce use of TLS even if the redirect uri is http"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
304 , action = 'store_true'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
305 , default = None
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
306 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
307 cmd.add_argument \
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
308 ( '--no-use-tls', '--dont-use-tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
309 , help = "Disable use of TLS even if the redirect uri is https"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
310 , dest = 'use_tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
311 , action = 'store_false'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
312 , default = None
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
313 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
314 cmd.add_argument \
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
315 ( '-u', '--url'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
316 , help = "Base url for requests, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
317 , default = 'https://login.microsoftonline.com'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
318 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
319 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
320 ( '-w', '--dont-push-to-webbrowser'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
321 , dest = 'webbrowser'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
322 , help = "Do not push authcode url into the browser"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
323 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
324 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
325 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
326 args = cmd.parse_args ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
327 rt = Request_Token (args)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
328 if args.request_token:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
329 rt.request_token ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
330 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
331 rt.request_authcode ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
332 # end def main
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
333
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
334 if __name__ == '__main__':
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
335 main ()
Roundup Issue Tracker: http://roundup-tracker.org/