Mercurial > p > roundup > code

annotate scripts/oauth-get-token.py @ 8506:b6c6891754e9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bug: fix mis-commit of perf tests and crash fix for setTranslation The commit included more than it should have. It included some memory dump code that is not part of production. Also removed WIP for fixing crash bug when translation unable to create .mo file - issue2551405
author John Rouillard <rouilj@ieee.org>
date Thu, 25 Dec 2025 12:14:53 -0500
parents a7853002495c
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
1 #!/usr/bin/python3
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
2
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
3 import requests
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
4 import time
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
5 import sys
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
6 import webbrowser
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
7 import ssl
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
8
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
9 from urllib.parse import urlparse, urlencode, parse_qs
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
10 from argparse import ArgumentParser, RawDescriptionHelpFormatter
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
11 from http.server import HTTPServer, BaseHTTPRequestHandler
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
12
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
13 class Request_Token:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
14
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
15 def __init__ (self, args):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
16 self.args = args
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
17 self.session = requests.session ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
18 self.url = '/'.join ((args.url.rstrip ('/'), args.tenant))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
19 self.url = '/'.join ((self.url, 'oauth2/v2.0'))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
20 self.state = None
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
21 self.use_tls = self.args.use_tls
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
22 if self.use_tls is None:
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
23 self.use_tls = self.args.redirect_uri.startswith ('https')
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
24 # end def __init__
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
25
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
26 def check_err (self, r):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
27 if not 200 <= r.status_code <= 299:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
28 raise RuntimeError \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
29 ( 'Invalid result: %s: %s\n %s'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
30 % (r.status_code, r.reason, r.text)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
31 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
32 # end def check_err
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
33
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
34 def get_url (self, path, params):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
35 url = ('/'.join ((self.url, path)))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
36 url = url + '?' + urlencode (params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
37 return url
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
38 # end def get_url
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
39
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
40 def post_or_put (self, method, path, data = None, json = None):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
41 d = {}
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
42 if data:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
43 d.update (data = data)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
44 if json:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
45 d.update (json = json)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
46 url = ('/'.join ((self.url, path)))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
47 r = method (url, **d)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
48 self.check_err (r)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
49 return r.json ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
50 # end def post_or_put
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
51
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
52 def post (self, path, data = None, json = None):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
53 return self.post_or_put (self.session.post, path, data, json)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
54 # end def post
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
55
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
56 def authcode_callback (self, handler):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
57 msg = ['']
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
58 self.request_received = False
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
59 r = urlparse (handler.path)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
60 if r.query:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
61 q = parse_qs (r.query)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
62 if 'state' in q:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
63 state = q ['state'][0]
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
64 if state != self.state:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
65 msg.append \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
66 ( 'State did not match: expect "%s" got "%s"'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
67 % (self.state, state)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
68 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
69 elif 'code' not in q:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
70 msg.append ('Got no code')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
71 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
72 with open ('oauth/authcode', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
73 f.write (q ['code'][0])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
74 msg.append ('Wrote code to oauth/authcode')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
75 self.request_received = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
76 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
77 msg.append ('No state and no code')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
78 return 200, '\n'.join (msg).encode ('utf-8')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
79 # end def authcode_callback
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
80
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
81 def request_authcode (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
82 with open ('oauth/client_id', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
83 client_id = f.read ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
84 self.state = 'authcode' + str (time.time ())
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
85 params = dict \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
86 ( client_id = client_id
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
87 , response_type = 'code'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
88 , response_mode = 'query'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
89 , state = self.state
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
90 , redirect_uri = self.args.redirect_uri
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
91 , scope = ' '.join
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
92 (( 'https://outlook.office.com/IMAP.AccessAsUser.All'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
93 , 'https://outlook.office.com/User.Read'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
94 , 'offline_access'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
95 ))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
96 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
97 url = self.get_url ('authorize', params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
98 print (url)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
99 if self.args.webbrowser:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
100 browser = webbrowser.get (self.args.browser)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
101 browser.open_new_tab (url)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
102 if self.args.run_https_server:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
103 self.https_server ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
104 if self.args.request_tokens:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
105 self.request_token ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
106 # end def request_authcode
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
107
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
108 def request_token (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
109 with open ('oauth/client_id', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
110 client_id = f.read ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
111 with open ('oauth/client_secret', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
112 client_secret = f.read ().strip ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
113 with open ('oauth/authcode', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
114 authcode = f.read ().strip ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
115 params = dict \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
116 ( client_id = client_id
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
117 , code = authcode
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
118 , client_secret = client_secret
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
119 , redirect_uri = self.args.redirect_uri
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
120 , grant_type = 'authorization_code'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
121 # Only a single scope parameter is allowed here
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
122 , scope = ' '.join
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
123 (( 'https://outlook.office.com/User.Read'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
124 ,
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
125 ))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
126 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
127 result = self.post ('token', data = params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
128 with open ('oauth/refresh_token', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
129 f.write (result ['refresh_token'])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
130 with open ('oauth/access_token', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
131 f.write (result ['access_token'])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
132 # end def request_token
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
133
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
134 def https_server (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
135 self.request_received = False
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
136 class RQ_Handler (BaseHTTPRequestHandler):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
137 token_handler = self
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
138
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
139 def do_GET (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
140 self.close_connection = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
141 code, msg = self.token_handler.authcode_callback (self)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
142 self.send_response (code)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
143 self.send_header ('Content-Type', 'text/plain')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
144 self.end_headers ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
145 self.wfile.write (msg)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
146 self.wfile.flush ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
147
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
148 port = self.args.https_server_port
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
149 httpd = HTTPServer (('localhost', port), RQ_Handler)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
150
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
151 if self.use_tls:
7110
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
152 # note this opens a server on localhost. Only
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
153 # a process on the same host can get the credentials.
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
154 # Even unencrypted (http://) url is fine as the credentials
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
155 # will be saved in clear text on disk for use. So a
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
156 # compromised local host will still get the credentials.
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
157 context = ssl.SSLContext(ssl_version=ssl.PROTOCOL_TLS_SERVER)
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
158
7111
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
159 # This should not be needed as PROTOCOL_TLS_SERVER disables
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
160 # unsafe protocols. Uses Python 3.10+ setting ssl.TLSVersion....
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
161 # context.minimum_version = ssl.TLSVersion.TLSv1_2
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
162 # for previous Python versions 3.6+ maybe:
7110
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
163 # ssl.PROTOCOL_TLSv1_2
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
164 # would work?
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
165
7108
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
166 context.load_cert_chain \
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
167 ( keyfile = self.args.keyfile
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
168 , certfile = self.args.certfile
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
169 )
7108
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
170 httpd.socket = context.wrap_socket \
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
171 (httpd.socket, server_side = True)
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
172 while not self.request_received:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
173 httpd.handle_request ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
174 # end def https_server
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
175
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
176 # end class Request_Token
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
177
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
178 epilog = """\
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
179 Retrieving the necessary refresh_token and access_token credentials
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
180 using this script. This asumes you have an email account (plus the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
181 password) to be used for mail retrieval. And you have registered an
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
182 application in the cloud for this process. The registering of an
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
183 application will give you an application id (also called client id) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
184 a tenant in UUID format.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
185
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
186 First define the necessary TENANT variable:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
187
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
188 TENANT=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
189
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
190 You need to create a directory named 'oauth' (if not yet existing) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
191 put the client id (also called application id) into the file
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
192 'oauth/client_id' and the corresponding secret into the file
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
193 'oauth/client_secret'.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
194
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
195 By default calling the script with no arguments, the whole process is
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
196 automatic. Note that the default TLS key used for the built-in server is
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
197 a self-signed certificate which is automatically created on Debian-based
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
198 (including Ubuntu) Linux distributions. But the key-file is not readable
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
199 for everyone, you need to be in the group 'ssl-cert' or need otherwise
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
200 elevated privileges. If you're using a http (as opposed to https)
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
201 redirect URI, of course no TLS files are needed. You may want to specify
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
202 the tenant explicitly using:
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
203
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
204 ./oauth-get-token.py -t $TENANT
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
205
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
206 Specifying the tenant explicitly will select the customized company
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
207 login form directly.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
208
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
209 The automatic process works as follows:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
210 - First the authorization URL is constructed and pushed to a local
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
211 browser. By default the default browser on that machine is used, you
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
212 can specify a different browser with the -b/--browser option.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
213 This will show a login form where you should be able to select the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
214 user to log in with. Log in with the username (the email address) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
215 password for that user.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
216 - A web-server is started on the given port. When you fill out the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
217 authentication form pushed to the browser, the last step is a redirect
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
218 to an URL that calls back to this webserver. The necessary
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
219 authentication code is transmitted in a query parameter. The code is
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
220 stored into the file 'oauth/authcode'. Using the authcode, the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
221 refresh_token and access_token are requested and stored in the oauth
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
222 directory.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
223
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
224 These steps can be broken down into individual steps by options
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
225 disabling one of the steps:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
226 - The push to the webserver can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
227 -w/--dont-push-to-webbrowser -- in that case the URL is printed on
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
228 standard output and must be pasted into the URL input field of a
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
229 browser. It is typically a good idea to use a browser that is
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
230 currently not logged into the company network.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
231 - The start of the webserver can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
232 -s/--dont-run-https-server -- when called with that option no
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
233 webserver is started. You get a redirect to a non-existing page. The
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
234 error-message is something like:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
235
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
236 This site can’t be reached
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
237
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
238 Copy the URL from the browser into the file 'oauth/authcode'. The URL
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
239 has paramters. We're interested in the 'code' parameter, a very long
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
240 string. Edit the file so that only that string (without the 'code='
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
241 part) is in the file.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
242 - Requesting the tokens can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
243 -n/--dont-request-tokens -- if this option is given, after receiving
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
244 the redirect from the webserver the authentication code is written to
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
245 the file 'oauth/authcode' but no token request is started.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
246
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
247 If you have either disabled the webserver or the token request, the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
248 token can be requested (using the file 'oauth/authcode' constructed by
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
249 hand as described above or written by the webserver) with the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
250 -T/--request-token option:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
251
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
252 ./oauth-get-token.py [-t $TENANT] -T
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
253
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
254 If successful this will create the 'oauth/access_token' and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
255 'oauth/refresh_token' files. Note that the authentication code has a
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
256 limited lifetime.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
257
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
258 """
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
259
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
260 def main ():
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
261 cmd = ArgumentParser \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
262 (epilog=epilog, formatter_class=RawDescriptionHelpFormatter)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
263 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
264 ( '-b', '--browser'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
265 , help = "Use non-default browser"
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
266 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
267 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
268 ( '--certfile'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
269 , help = "TLS certificate file, default=%(default)s"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
270 , default = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
271 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
272 cmd.add_argument \
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
273 ( '--keyfile'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
274 , help = "TLS key file, default=%(default)s"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
275 , default = "/etc/ssl/private/ssl-cert-snakeoil.key"
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
276 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
277 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
278 ( '-n', '--dont-request-tokens'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
279 , dest = 'request_tokens'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
280 , help = "Do not request tokens, just write authcode"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
281 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
282 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
283 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
284 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
285 ( '-p', '--https-server-port'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
286 , type = int
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
287 , help = "Port for https server to listen, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
288 " see also -r option, ports must (usually) match."
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
289 , default = 8181
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
290 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
291 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
292 ( '-r', '--redirect-uri'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
293 , help = "Redirect URI, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
294 , default = 'https://localhost:8181'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
295 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
296 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
297 ( '-s', '--dont-run-https-server'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
298 , dest = 'run_https_server'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
299 , help = "Run https server to wait for connection of browser "
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
300 "to transmit auth code via GET request"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
301 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
302 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
303 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
304 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
305 ( '-T', '--request-token'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
306 , help = "Run only the token-request step"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
307 , action = 'store_true'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
308 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
309 cmd.add_argument \
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
310 ( '-t', '--tenant'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
311 , help = "Tenant part of url, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
312 , default = 'organizations'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
313 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
314 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
315 ( '--use-tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
316 , help = "Enforce use of TLS even if the redirect uri is http"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
317 , action = 'store_true'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
318 , default = None
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
319 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
320 cmd.add_argument \
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
321 ( '--no-use-tls', '--dont-use-tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
322 , help = "Disable use of TLS even if the redirect uri is https"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
323 , dest = 'use_tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
324 , action = 'store_false'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
325 , default = None
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
326 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
327 cmd.add_argument \
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
328 ( '-u', '--url'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
329 , help = "Base url for requests, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
330 , default = 'https://login.microsoftonline.com'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
331 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
332 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
333 ( '-w', '--dont-push-to-webbrowser'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
334 , dest = 'webbrowser'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
335 , help = "Do not push authcode url into the browser"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
336 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
337 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
338 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
339 args = cmd.parse_args ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
340 rt = Request_Token (args)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
341 if args.request_token:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
342 rt.request_token ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
343 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
344 rt.request_authcode ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
345 # end def main
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
346
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
347 if __name__ == '__main__':
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
348 main ()
Roundup Issue Tracker: http://roundup-tracker.org/