Mercurial > p > roundup > code

annotate scripts/oauth-get-token.py @ 8566:e4191aa7b402 default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
doc: issue2551415 correct doc for change input->input_payload in 2.5 the rest interface changed a variable name from input to input_payload. An earlier commit changed the rest docs. This commit adds an item for it to the upgrading 2.4.0->2.5.0 section. Also cross reference added to the rest docs with the updated examples.
author John Rouillard <rouilj@ieee.org>
date Thu, 09 Apr 2026 00:19:06 -0400
parents a7853002495c
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
1 #!/usr/bin/python3
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
2
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
3 import requests
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
4 import time
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
5 import sys
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
6 import webbrowser
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
7 import ssl
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
8
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
9 from urllib.parse import urlparse, urlencode, parse_qs
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
10 from argparse import ArgumentParser, RawDescriptionHelpFormatter
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
11 from http.server import HTTPServer, BaseHTTPRequestHandler
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
12
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
13 class Request_Token:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
14
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
15 def __init__ (self, args):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
16 self.args = args
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
17 self.session = requests.session ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
18 self.url = '/'.join ((args.url.rstrip ('/'), args.tenant))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
19 self.url = '/'.join ((self.url, 'oauth2/v2.0'))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
20 self.state = None
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
21 self.use_tls = self.args.use_tls
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
22 if self.use_tls is None:
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
23 self.use_tls = self.args.redirect_uri.startswith ('https')
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
24 # end def __init__
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
25
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
26 def check_err (self, r):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
27 if not 200 <= r.status_code <= 299:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
28 raise RuntimeError \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
29 ( 'Invalid result: %s: %s\n %s'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
30 % (r.status_code, r.reason, r.text)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
31 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
32 # end def check_err
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
33
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
34 def get_url (self, path, params):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
35 url = ('/'.join ((self.url, path)))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
36 url = url + '?' + urlencode (params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
37 return url
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
38 # end def get_url
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
39
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
40 def post_or_put (self, method, path, data = None, json = None):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
41 d = {}
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
42 if data:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
43 d.update (data = data)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
44 if json:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
45 d.update (json = json)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
46 url = ('/'.join ((self.url, path)))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
47 r = method (url, **d)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
48 self.check_err (r)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
49 return r.json ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
50 # end def post_or_put
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
51
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
52 def post (self, path, data = None, json = None):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
53 return self.post_or_put (self.session.post, path, data, json)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
54 # end def post
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
55
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
56 def authcode_callback (self, handler):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
57 msg = ['']
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
58 self.request_received = False
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
59 r = urlparse (handler.path)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
60 if r.query:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
61 q = parse_qs (r.query)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
62 if 'state' in q:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
63 state = q ['state'][0]
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
64 if state != self.state:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
65 msg.append \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
66 ( 'State did not match: expect "%s" got "%s"'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
67 % (self.state, state)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
68 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
69 elif 'code' not in q:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
70 msg.append ('Got no code')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
71 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
72 with open ('oauth/authcode', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
73 f.write (q ['code'][0])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
74 msg.append ('Wrote code to oauth/authcode')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
75 self.request_received = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
76 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
77 msg.append ('No state and no code')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
78 return 200, '\n'.join (msg).encode ('utf-8')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
79 # end def authcode_callback
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
80
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
81 def request_authcode (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
82 with open ('oauth/client_id', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
83 client_id = f.read ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
84 self.state = 'authcode' + str (time.time ())
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
85 params = dict \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
86 ( client_id = client_id
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
87 , response_type = 'code'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
88 , response_mode = 'query'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
89 , state = self.state
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
90 , redirect_uri = self.args.redirect_uri
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
91 , scope = ' '.join
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
92 (( 'https://outlook.office.com/IMAP.AccessAsUser.All'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
93 , 'https://outlook.office.com/User.Read'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
94 , 'offline_access'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
95 ))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
96 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
97 url = self.get_url ('authorize', params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
98 print (url)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
99 if self.args.webbrowser:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
100 browser = webbrowser.get (self.args.browser)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
101 browser.open_new_tab (url)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
102 if self.args.run_https_server:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
103 self.https_server ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
104 if self.args.request_tokens:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
105 self.request_token ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
106 # end def request_authcode
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
107
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
108 def request_token (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
109 with open ('oauth/client_id', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
110 client_id = f.read ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
111 with open ('oauth/client_secret', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
112 client_secret = f.read ().strip ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
113 with open ('oauth/authcode', 'r') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
114 authcode = f.read ().strip ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
115 params = dict \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
116 ( client_id = client_id
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
117 , code = authcode
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
118 , client_secret = client_secret
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
119 , redirect_uri = self.args.redirect_uri
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
120 , grant_type = 'authorization_code'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
121 # Only a single scope parameter is allowed here
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
122 , scope = ' '.join
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
123 (( 'https://outlook.office.com/User.Read'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
124 ,
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
125 ))
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
126 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
127 result = self.post ('token', data = params)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
128 with open ('oauth/refresh_token', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
129 f.write (result ['refresh_token'])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
130 with open ('oauth/access_token', 'w') as f:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
131 f.write (result ['access_token'])
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
132 # end def request_token
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
133
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
134 def https_server (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
135 self.request_received = False
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
136 class RQ_Handler (BaseHTTPRequestHandler):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
137 token_handler = self
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
138
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
139 def do_GET (self):
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
140 self.close_connection = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
141 code, msg = self.token_handler.authcode_callback (self)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
142 self.send_response (code)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
143 self.send_header ('Content-Type', 'text/plain')
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
144 self.end_headers ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
145 self.wfile.write (msg)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
146 self.wfile.flush ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
147
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
148 port = self.args.https_server_port
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
149 httpd = HTTPServer (('localhost', port), RQ_Handler)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
150
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
151 if self.use_tls:
7110
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
152 # note this opens a server on localhost. Only
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
153 # a process on the same host can get the credentials.
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
154 # Even unencrypted (http://) url is fine as the credentials
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
155 # will be saved in clear text on disk for use. So a
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
156 # compromised local host will still get the credentials.
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
157 context = ssl.SSLContext(ssl_version=ssl.PROTOCOL_TLS_SERVER)
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
158
7111
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
159 # This should not be needed as PROTOCOL_TLS_SERVER disables
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
160 # unsafe protocols. Uses Python 3.10+ setting ssl.TLSVersion....
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
161 # context.minimum_version = ssl.TLSVersion.TLSv1_2
a7853002495c Swap maximum_version for minumum_version in comment
John Rouillard <rouilj@ieee.org>
parents: 7110
diff changeset
162 # for previous Python versions 3.6+ maybe:
7110
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
163 # ssl.PROTOCOL_TLSv1_2
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
164 # would work?
0597120e0a74 Try to clear SSL bogus security alert in CI
John Rouillard <rouilj@ieee.org>
parents: 7108
diff changeset
165
7108
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
166 context.load_cert_chain \
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
167 ( keyfile = self.args.keyfile
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
168 , certfile = self.args.certfile
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
169 )
7108
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
170 httpd.socket = context.wrap_socket \
b26207712c2b Use an ssl.SSLContext instead of ssl.wrap_socket
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7090
diff changeset
171 (httpd.socket, server_side = True)
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
172 while not self.request_received:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
173 httpd.handle_request ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
174 # end def https_server
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
175
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
176 # end class Request_Token
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
177
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
178 epilog = """\
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
179 Retrieving the necessary refresh_token and access_token credentials
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
180 using this script. This asumes you have an email account (plus the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
181 password) to be used for mail retrieval. And you have registered an
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
182 application in the cloud for this process. The registering of an
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
183 application will give you an application id (also called client id) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
184 a tenant in UUID format.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
185
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
186 First define the necessary TENANT variable:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
187
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
188 TENANT=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
189
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
190 You need to create a directory named 'oauth' (if not yet existing) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
191 put the client id (also called application id) into the file
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
192 'oauth/client_id' and the corresponding secret into the file
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
193 'oauth/client_secret'.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
194
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
195 By default calling the script with no arguments, the whole process is
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
196 automatic. Note that the default TLS key used for the built-in server is
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
197 a self-signed certificate which is automatically created on Debian-based
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
198 (including Ubuntu) Linux distributions. But the key-file is not readable
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
199 for everyone, you need to be in the group 'ssl-cert' or need otherwise
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
200 elevated privileges. If you're using a http (as opposed to https)
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
201 redirect URI, of course no TLS files are needed. You may want to specify
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
202 the tenant explicitly using:
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
203
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
204 ./oauth-get-token.py -t $TENANT
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
205
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
206 Specifying the tenant explicitly will select the customized company
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
207 login form directly.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
208
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
209 The automatic process works as follows:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
210 - First the authorization URL is constructed and pushed to a local
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
211 browser. By default the default browser on that machine is used, you
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
212 can specify a different browser with the -b/--browser option.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
213 This will show a login form where you should be able to select the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
214 user to log in with. Log in with the username (the email address) and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
215 password for that user.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
216 - A web-server is started on the given port. When you fill out the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
217 authentication form pushed to the browser, the last step is a redirect
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
218 to an URL that calls back to this webserver. The necessary
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
219 authentication code is transmitted in a query parameter. The code is
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
220 stored into the file 'oauth/authcode'. Using the authcode, the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
221 refresh_token and access_token are requested and stored in the oauth
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
222 directory.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
223
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
224 These steps can be broken down into individual steps by options
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
225 disabling one of the steps:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
226 - The push to the webserver can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
227 -w/--dont-push-to-webbrowser -- in that case the URL is printed on
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
228 standard output and must be pasted into the URL input field of a
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
229 browser. It is typically a good idea to use a browser that is
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
230 currently not logged into the company network.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
231 - The start of the webserver can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
232 -s/--dont-run-https-server -- when called with that option no
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
233 webserver is started. You get a redirect to a non-existing page. The
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
234 error-message is something like:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
235
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
236 This site can’t be reached
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
237
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
238 Copy the URL from the browser into the file 'oauth/authcode'. The URL
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
239 has paramters. We're interested in the 'code' parameter, a very long
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
240 string. Edit the file so that only that string (without the 'code='
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
241 part) is in the file.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
242 - Requesting the tokens can be disabled with the option
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
243 -n/--dont-request-tokens -- if this option is given, after receiving
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
244 the redirect from the webserver the authentication code is written to
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
245 the file 'oauth/authcode' but no token request is started.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
246
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
247 If you have either disabled the webserver or the token request, the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
248 token can be requested (using the file 'oauth/authcode' constructed by
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
249 hand as described above or written by the webserver) with the
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
250 -T/--request-token option:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
251
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
252 ./oauth-get-token.py [-t $TENANT] -T
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
253
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
254 If successful this will create the 'oauth/access_token' and
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
255 'oauth/refresh_token' files. Note that the authentication code has a
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
256 limited lifetime.
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
257
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
258 """
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
259
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
260 def main ():
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
261 cmd = ArgumentParser \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
262 (epilog=epilog, formatter_class=RawDescriptionHelpFormatter)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
263 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
264 ( '-b', '--browser'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
265 , help = "Use non-default browser"
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
266 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
267 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
268 ( '--certfile'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
269 , help = "TLS certificate file, default=%(default)s"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
270 , default = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
271 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
272 cmd.add_argument \
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
273 ( '--keyfile'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
274 , help = "TLS key file, default=%(default)s"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
275 , default = "/etc/ssl/private/ssl-cert-snakeoil.key"
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
276 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
277 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
278 ( '-n', '--dont-request-tokens'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
279 , dest = 'request_tokens'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
280 , help = "Do not request tokens, just write authcode"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
281 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
282 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
283 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
284 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
285 ( '-p', '--https-server-port'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
286 , type = int
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
287 , help = "Port for https server to listen, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
288 " see also -r option, ports must (usually) match."
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
289 , default = 8181
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
290 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
291 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
292 ( '-r', '--redirect-uri'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
293 , help = "Redirect URI, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
294 , default = 'https://localhost:8181'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
295 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
296 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
297 ( '-s', '--dont-run-https-server'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
298 , dest = 'run_https_server'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
299 , help = "Run https server to wait for connection of browser "
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
300 "to transmit auth code via GET request"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
301 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
302 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
303 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
304 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
305 ( '-T', '--request-token'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
306 , help = "Run only the token-request step"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
307 , action = 'store_true'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
308 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
309 cmd.add_argument \
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
310 ( '-t', '--tenant'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
311 , help = "Tenant part of url, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
312 , default = 'organizations'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
313 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
314 cmd.add_argument \
7090
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
315 ( '--use-tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
316 , help = "Enforce use of TLS even if the redirect uri is http"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
317 , action = 'store_true'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
318 , default = None
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
319 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
320 cmd.add_argument \
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
321 ( '--no-use-tls', '--dont-use-tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
322 , help = "Disable use of TLS even if the redirect uri is https"
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
323 , dest = 'use_tls'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
324 , action = 'store_false'
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
325 , default = None
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
326 )
8cda8e05c9a0 Update oauth-get-token script
Ralf Schlatterbeck <rsc@runtux.com>
parents: 7084
diff changeset
327 cmd.add_argument \
7084
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
328 ( '-u', '--url'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
329 , help = "Base url for requests, default=%(default)s"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
330 , default = 'https://login.microsoftonline.com'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
331 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
332 cmd.add_argument \
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
333 ( '-w', '--dont-push-to-webbrowser'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
334 , dest = 'webbrowser'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
335 , help = "Do not push authcode url into the browser"
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
336 , action = 'store_false'
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
337 , default = True
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
338 )
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
339 args = cmd.parse_args ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
340 rt = Request_Token (args)
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
341 if args.request_token:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
342 rt.request_token ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
343 else:
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
344 rt.request_authcode ()
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
345 # end def main
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
346
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
347 if __name__ == '__main__':
8d9a6063cb22 Add oauth-get-token.py script
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
348 main ()
Roundup Issue Tracker: http://roundup-tracker.org/