oauth2client.client
index
/usr/local/google/home/jcgregorio/projects/apiclient/oauth2client/client.py

An OAuth 2.0 client.
 
Tools for interacting with OAuth 2.0 protected resources.

 
Modules
       
copy
datetime
httplib2
logging
simplejson
urllib
urlparse

 
Classes
       
__builtin__.object
Credentials
OAuth2Credentials
AccessTokenCredentials
AssertionCredentials
Flow
OAuth2WebServerFlow
Storage
exceptions.Exception(exceptions.BaseException)
Error
AccessTokenCredentialsError
AccessTokenRefreshError
FlowExchangeError

 
class AccessTokenCredentials(OAuth2Credentials)
    Credentials object for OAuth 2.0.
 
Credentials can be applied to an httplib2.Http object using the
authorize() method, which then signs each request from that object
with the OAuth 2.0 access token.  This set of credentials is for the
use case where you have acquired an OAuth 2.0 access_token from
another place such as a JavaScript client or another web
application, and wish to use it from Python. Because only the
access_token is present it can not be refreshed and will in time
expire.
 
AccessTokenCredentials objects may be safely pickled and unpickled.
 
Usage:
  credentials = AccessTokenCredentials('<an access token>',
    'my-user-agent/1.0')
  http = httplib2.Http()
  http = credentials.authorize(http)
 
Exceptions:
  AccessTokenCredentialsExpired: raised when the access_token expires or is
    revoked.
 
 
Method resolution order:
AccessTokenCredentials
OAuth2Credentials
Credentials
__builtin__.object

Methods defined here:
__init__(self, access_token, user_agent)
Create an instance of OAuth2Credentials
 
This is one of the few types if Credentials that you should contrust,
Credentials objects are usually instantiated by a Flow.
 
Args:
  access_token: string, access token.
  user_agent: string, The HTTP User-Agent to provide for this application.
 
Notes:
  store: callable, a callable that when passed a Credential
    will store the credential back to where it came from.

Class methods defined here:
from_json(cls, s) from __builtin__.type

Methods inherited from OAuth2Credentials:
__getstate__(self)
Trim the state down to something that can be pickled.
__setstate__(self, state)
Reconstitute the state of the object from being pickled.
authorize(self, http)
Authorize an httplib2.Http instance with these credentials.
 
Args:
   http: An instance of httplib2.Http
       or something that acts like it.
 
Returns:
   A modified instance of http that was passed in.
 
Example:
 
  h = httplib2.Http()
  h = credentials.authorize(h)
 
You can't create a new OAuth subclass of httplib2.Authenication
because it never gets passed the absolute URI, which is needed for
signing. So instead we have to overload 'request' with a closure
that adds in the Authorization header and then calls the original
version of 'request()'.
set_store(self, store)
Set the Storage for the credential.
 
Args:
  store: Storage, an implementation of Stroage object.
    This is needed to store the latest access_token if it
    has expired and been refreshed.  This implementation uses
    locking to check for updates before updating the
    access_token.
to_json(self)

Data descriptors inherited from OAuth2Credentials:
access_token_expired
True if the credential is expired or invalid.
 
If the token_expiry isn't set, we assume the token doesn't expire.

Class methods inherited from Credentials:
new_from_json(cls, s) from __builtin__.type
Utility class method to instantiate a Credentials subclass from a JSON
representation produced by to_json().
 
Args:
  s: string, JSON from to_json().
 
Returns:
  An instance of the subclass of Credentials that was serialized with
  to_json().

Data descriptors inherited from Credentials:
__dict__
dictionary for instance variables (if defined)
__weakref__
list of weak references to the object (if defined)

Data and other attributes inherited from Credentials:
NON_SERIALIZED_MEMBERS = ['store']

 
class AccessTokenCredentialsError(Error)
    Having only the access_token means no refresh is possible.
 
 
Method resolution order:
AccessTokenCredentialsError
Error
exceptions.Exception
exceptions.BaseException
__builtin__.object

Data descriptors inherited from Error:
__weakref__
list of weak references to the object (if defined)

Methods inherited from exceptions.Exception:
__init__(...)
x.__init__(...) initializes x; see x.__class__.__doc__ for signature

Data and other attributes inherited from exceptions.Exception:
__new__ = <built-in method __new__ of type object>
T.__new__(S, ...) -> a new object with type S, a subtype of T

Methods inherited from exceptions.BaseException:
__delattr__(...)
x.__delattr__('name') <==> del x.name
__getattribute__(...)
x.__getattribute__('name') <==> x.name
__getitem__(...)
x.__getitem__(y) <==> x[y]
__getslice__(...)
x.__getslice__(i, j) <==> x[i:j]
 
Use of negative indices is not supported.
__reduce__(...)
__repr__(...)
x.__repr__() <==> repr(x)
__setattr__(...)
x.__setattr__('name', value) <==> x.name = value
__setstate__(...)
__str__(...)
x.__str__() <==> str(x)
__unicode__(...)

Data descriptors inherited from exceptions.BaseException:
__dict__
args
message

 
class AccessTokenRefreshError(Error)
    Error trying to refresh an expired access token.
 
 
Method resolution order:
AccessTokenRefreshError
Error
exceptions.Exception
exceptions.BaseException
__builtin__.object

Data descriptors inherited from Error:
__weakref__
list of weak references to the object (if defined)

Methods inherited from exceptions.Exception:
__init__(...)
x.__init__(...) initializes x; see x.__class__.__doc__ for signature

Data and other attributes inherited from exceptions.Exception:
__new__ = <built-in method __new__ of type object>
T.__new__(S, ...) -> a new object with type S, a subtype of T

Methods inherited from exceptions.BaseException:
__delattr__(...)
x.__delattr__('name') <==> del x.name
__getattribute__(...)
x.__getattribute__('name') <==> x.name
__getitem__(...)
x.__getitem__(y) <==> x[y]
__getslice__(...)
x.__getslice__(i, j) <==> x[i:j]
 
Use of negative indices is not supported.
__reduce__(...)
__repr__(...)
x.__repr__() <==> repr(x)
__setattr__(...)
x.__setattr__('name', value) <==> x.name = value
__setstate__(...)
__str__(...)
x.__str__() <==> str(x)
__unicode__(...)

Data descriptors inherited from exceptions.BaseException:
__dict__
args
message

 
class AssertionCredentials(OAuth2Credentials)
    Abstract Credentials object used for OAuth 2.0 assertion grants.
 
This credential does not require a flow to instantiate because it
represents a two legged flow, and therefore has all of the required
information to generate and refresh its own access tokens.  It must
be subclassed to generate the appropriate assertion string.
 
AssertionCredentials objects may be safely pickled and unpickled.
 
 
Method resolution order:
AssertionCredentials
OAuth2Credentials
Credentials
__builtin__.object

Methods defined here:
__init__(self, assertion_type, user_agent, token_uri='https://accounts.google.com/o/oauth2/token', **unused_kwargs)
Constructor for AssertionFlowCredentials.
 
Args:
  assertion_type: string, assertion type that will be declared to the auth
      server
  user_agent: string, The HTTP User-Agent to provide for this application.
  token_uri: string, URI for token endpoint. For convenience
    defaults to Google's endpoints but any OAuth 2.0 provider can be used.

Methods inherited from OAuth2Credentials:
__getstate__(self)
Trim the state down to something that can be pickled.
__setstate__(self, state)
Reconstitute the state of the object from being pickled.
authorize(self, http)
Authorize an httplib2.Http instance with these credentials.
 
Args:
   http: An instance of httplib2.Http
       or something that acts like it.
 
Returns:
   A modified instance of http that was passed in.
 
Example:
 
  h = httplib2.Http()
  h = credentials.authorize(h)
 
You can't create a new OAuth subclass of httplib2.Authenication
because it never gets passed the absolute URI, which is needed for
signing. So instead we have to overload 'request' with a closure
that adds in the Authorization header and then calls the original
version of 'request()'.
set_store(self, store)
Set the Storage for the credential.
 
Args:
  store: Storage, an implementation of Stroage object.
    This is needed to store the latest access_token if it
    has expired and been refreshed.  This implementation uses
    locking to check for updates before updating the
    access_token.
to_json(self)

Class methods inherited from OAuth2Credentials:
from_json(cls, s) from __builtin__.type
Instantiate a Credentials object from a JSON description of it. The JSON
should have been produced by calling .to_json() on the object.
 
Args:
  data: dict, A deserialized JSON object.
 
Returns:
  An instance of a Credentials subclass.

Data descriptors inherited from OAuth2Credentials:
access_token_expired
True if the credential is expired or invalid.
 
If the token_expiry isn't set, we assume the token doesn't expire.

Class methods inherited from Credentials:
new_from_json(cls, s) from __builtin__.type
Utility class method to instantiate a Credentials subclass from a JSON
representation produced by to_json().
 
Args:
  s: string, JSON from to_json().
 
Returns:
  An instance of the subclass of Credentials that was serialized with
  to_json().

Data descriptors inherited from Credentials:
__dict__
dictionary for instance variables (if defined)
__weakref__
list of weak references to the object (if defined)

Data and other attributes inherited from Credentials:
NON_SERIALIZED_MEMBERS = ['store']

 
class Credentials(__builtin__.object)
    Base class for all Credentials objects.
 
Subclasses must define an authorize() method that applies the credentials to
an HTTP transport.
 
Subclasses must also specify a classmethod named 'from_json' that takes a JSON
string as input and returns an instaniated Crentials object.
 
  Methods defined here:
authorize(self, http)
Take an httplib2.Http instance (or equivalent) and
authorizes it for the set of credentials, usually by
replacing http.request() with a method that adds in
the appropriate headers and then delegates to the original
Http.request() method.
to_json(self)
Creating a JSON representation of an instance of Credentials.
 
Returns:
   string, a JSON representation of this instance, suitable to pass to
   from_json().

Class methods defined here:
new_from_json(cls, s) from __builtin__.type
Utility class method to instantiate a Credentials subclass from a JSON
representation produced by to_json().
 
Args:
  s: string, JSON from to_json().
 
Returns:
  An instance of the subclass of Credentials that was serialized with
  to_json().

Data descriptors defined here:
__dict__
dictionary for instance variables (if defined)
__weakref__
list of weak references to the object (if defined)

Data and other attributes defined here:
NON_SERIALIZED_MEMBERS = ['store']

 
class Error(exceptions.Exception)
    Base error for this module.
 
 
Method resolution order:
Error
exceptions.Exception
exceptions.BaseException
__builtin__.object

Data descriptors defined here:
__weakref__
list of weak references to the object (if defined)

Methods inherited from exceptions.Exception:
__init__(...)
x.__init__(...) initializes x; see x.__class__.__doc__ for signature

Data and other attributes inherited from exceptions.Exception:
__new__ = <built-in method __new__ of type object>
T.__new__(S, ...) -> a new object with type S, a subtype of T

Methods inherited from exceptions.BaseException:
__delattr__(...)
x.__delattr__('name') <==> del x.name
__getattribute__(...)
x.__getattribute__('name') <==> x.name
__getitem__(...)
x.__getitem__(y) <==> x[y]
__getslice__(...)
x.__getslice__(i, j) <==> x[i:j]
 
Use of negative indices is not supported.
__reduce__(...)
__repr__(...)
x.__repr__() <==> repr(x)
__setattr__(...)
x.__setattr__('name', value) <==> x.name = value
__setstate__(...)
__str__(...)
x.__str__() <==> str(x)
__unicode__(...)

Data descriptors inherited from exceptions.BaseException:
__dict__
args
message

 
class Flow(__builtin__.object)
    Base class for all Flow objects.
 
  Data descriptors defined here:
__dict__
dictionary for instance variables (if defined)
__weakref__
list of weak references to the object (if defined)

 
class FlowExchangeError(Error)
    Error trying to exchange an authorization grant for an access token.
 
 
Method resolution order:
FlowExchangeError
Error
exceptions.Exception
exceptions.BaseException
__builtin__.object

Data descriptors inherited from Error:
__weakref__
list of weak references to the object (if defined)

Methods inherited from exceptions.Exception:
__init__(...)
x.__init__(...) initializes x; see x.__class__.__doc__ for signature

Data and other attributes inherited from exceptions.Exception:
__new__ = <built-in method __new__ of type object>
T.__new__(S, ...) -> a new object with type S, a subtype of T

Methods inherited from exceptions.BaseException:
__delattr__(...)
x.__delattr__('name') <==> del x.name
__getattribute__(...)
x.__getattribute__('name') <==> x.name
__getitem__(...)
x.__getitem__(y) <==> x[y]
__getslice__(...)
x.__getslice__(i, j) <==> x[i:j]
 
Use of negative indices is not supported.
__reduce__(...)
__repr__(...)
x.__repr__() <==> repr(x)
__setattr__(...)
x.__setattr__('name', value) <==> x.name = value
__setstate__(...)
__str__(...)
x.__str__() <==> str(x)
__unicode__(...)

Data descriptors inherited from exceptions.BaseException:
__dict__
args
message

 
class OAuth2Credentials(Credentials)
    Credentials object for OAuth 2.0.
 
Credentials can be applied to an httplib2.Http object using the authorize()
method, which then signs each request from that object with the OAuth 2.0
access token.
 
OAuth2Credentials objects may be safely pickled and unpickled.
 
 
Method resolution order:
OAuth2Credentials
Credentials
__builtin__.object

Methods defined here:
__getstate__(self)
Trim the state down to something that can be pickled.
__init__(self, access_token, client_id, client_secret, refresh_token, token_expiry, token_uri, user_agent)
Create an instance of OAuth2Credentials.
 
This constructor is not usually called by the user, instead
OAuth2Credentials objects are instantiated by the OAuth2WebServerFlow.
 
Args:
  access_token: string, access token.
  client_id: string, client identifier.
  client_secret: string, client secret.
  refresh_token: string, refresh token.
  token_expiry: datetime, when the access_token expires.
  token_uri: string, URI of token endpoint.
  user_agent: string, The HTTP User-Agent to provide for this application.
 
Notes:
  store: callable, a callable that when passed a Credential
    will store the credential back to where it came from.
    This is needed to store the latest access_token if it
    has expired and been refreshed.
__setstate__(self, state)
Reconstitute the state of the object from being pickled.
authorize(self, http)
Authorize an httplib2.Http instance with these credentials.
 
Args:
   http: An instance of httplib2.Http
       or something that acts like it.
 
Returns:
   A modified instance of http that was passed in.
 
Example:
 
  h = httplib2.Http()
  h = credentials.authorize(h)
 
You can't create a new OAuth subclass of httplib2.Authenication
because it never gets passed the absolute URI, which is needed for
signing. So instead we have to overload 'request' with a closure
that adds in the Authorization header and then calls the original
version of 'request()'.
set_store(self, store)
Set the Storage for the credential.
 
Args:
  store: Storage, an implementation of Stroage object.
    This is needed to store the latest access_token if it
    has expired and been refreshed.  This implementation uses
    locking to check for updates before updating the
    access_token.
to_json(self)

Class methods defined here:
from_json(cls, s) from __builtin__.type
Instantiate a Credentials object from a JSON description of it. The JSON
should have been produced by calling .to_json() on the object.
 
Args:
  data: dict, A deserialized JSON object.
 
Returns:
  An instance of a Credentials subclass.

Data descriptors defined here:
access_token_expired
True if the credential is expired or invalid.
 
If the token_expiry isn't set, we assume the token doesn't expire.

Class methods inherited from Credentials:
new_from_json(cls, s) from __builtin__.type
Utility class method to instantiate a Credentials subclass from a JSON
representation produced by to_json().
 
Args:
  s: string, JSON from to_json().
 
Returns:
  An instance of the subclass of Credentials that was serialized with
  to_json().

Data descriptors inherited from Credentials:
__dict__
dictionary for instance variables (if defined)
__weakref__
list of weak references to the object (if defined)

Data and other attributes inherited from Credentials:
NON_SERIALIZED_MEMBERS = ['store']

 
class OAuth2WebServerFlow(Flow)
    Does the Web Server Flow for OAuth 2.0.
 
OAuth2Credentials objects may be safely pickled and unpickled.
 
 
Method resolution order:
OAuth2WebServerFlow
Flow
__builtin__.object

Methods defined here:
__init__(self, client_id, client_secret, scope, user_agent, auth_uri='https://accounts.google.com/o/oauth2/auth', token_uri='https://accounts.google.com/o/oauth2/token', **kwargs)
Constructor for OAuth2WebServerFlow.
 
Args:
  client_id: string, client identifier.
  client_secret: string client secret.
  scope: string, scope of the credentials being requested.
  user_agent: string, HTTP User-Agent to provide for this application.
  auth_uri: string, URI for authorization endpoint. For convenience
    defaults to Google's endpoints but any OAuth 2.0 provider can be used.
  token_uri: string, URI for token endpoint. For convenience
    defaults to Google's endpoints but any OAuth 2.0 provider can be used.
  **kwargs: dict, The keyword arguments are all optional and required
                    parameters for the OAuth calls.
step1_get_authorize_url(self, redirect_uri='oob')
Returns a URI to redirect to the provider.
 
Args:
  redirect_uri: string, Either the string 'oob' for a non-web-based
                application, or a URI that handles the callback from
                the authorization server.
 
If redirect_uri is 'oob' then pass in the
generated verification code to step2_exchange,
otherwise pass in the query parameters received
at the callback uri to step2_exchange.
step2_exchange(self, code, http=None)
Exhanges a code for OAuth2Credentials.
 
Args:
  code: string or dict, either the code as a string, or a dictionary
    of the query parameters to the redirect_uri, which contains
    the code.
  http: httplib2.Http, optional http instance to use to do the fetch

Data descriptors inherited from Flow:
__dict__
dictionary for instance variables (if defined)
__weakref__
list of weak references to the object (if defined)

 
class Storage(__builtin__.object)
    Base class for all Storage objects.
 
Store and retrieve a single credential.  This class supports locking
such that multiple processes and threads can operate on a single
store.
 
  Methods defined here:
acquire_lock(self)
Acquires any lock necessary to access this Storage.
 
This lock is not reentrant.
get(self)
Retrieve credential.
 
The Storage lock must *not* be held when this is called.
 
Returns:
  oauth2client.client.Credentials
locked_get(self)
Retrieve credential.
 
The Storage lock must be held when this is called.
 
Returns:
  oauth2client.client.Credentials
locked_put(self, credentials)
Write a credential.
 
The Storage lock must be held when this is called.
 
Args:
  credentials: Credentials, the credentials to store.
put(self, credentials)
Write a credential.
 
The Storage lock must be held when this is called.
 
Args:
  credentials: Credentials, the credentials to store.
release_lock(self)
Release the Storage lock.
 
Trying to release a lock that isn't held will result in a
RuntimeError.

Data descriptors defined here:
__dict__
dictionary for instance variables (if defined)
__weakref__
list of weak references to the object (if defined)

 
Data
        EXPIRY_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'
__author__ = 'jcgregorio@google.com (Joe Gregorio)'
logger = <logging.Logger instance>

 
Author
        jcgregorio@google.com (Joe Gregorio)