dZddlmZddlmZddlmZddlZddlmZddlmZddl m Z dd l m Z dd l mZdd lmZd ZGd dej$ZGddeZGddeZGddeZdZdZdZdZddZy)z#Manages logic for service accounts.)absolute_import)division)unicode_literalsN)config) exceptions)creds)p12_service_account)filesservice_accountr ceZdZdZy)ErrorzErrors raised by this module.N__name__ __module__ __qualname____doc__2lib/googlecloudsdk/api_lib/auth/service_account.pyrr"s%rrceZdZdZy)UnsupportedCredentialsTypez5Raised when given type credentials cannot be created.Nrrrrrr&s=rrceZdZdZy)BadCredentialFileException Raised when file cannot be read.Nrrrrrr*(rrceZdZdZy)BadCredentialJsonFileExceptionrNrrrrrr.rrrc:|xsijdtk(S)zFReturns whether a JSON content corresponds to an service account cred.type)get_SERVICE_ACCOUNT_TYPE) content_jsons rIsServiceAccountConfigr$2s  " ! !& )-B BBrctj|} tj|}t |S#t $r }t dj||d}~wwxYw)z6Load credentials from given service account json file.z!Could not read json file {0}: {1}N)r ReadFileContentsjsonloadsCredentialsFromAdcDict ValueErrorrformat)filenamecontentjson_keyes rCredentialsFromAdcFiler07s`  " "8 ,'zz'"H !( ++  $%H%O%O!& s7 A AA cd|vr tdtj||d<tjj |t j}t jx|_ |_ |S)zDCreates oauth2client creds from a dict of application default creds. client_email,The .json key file is not in a valid format. token_uriscopes) rc_credsGetEffectiveTokenUriFromCredsr ServiceAccountCredentialsfrom_json_keyfile_dictrCLOUDSDK_SCOPESCLOUDSDK_USER_AGENT user_agent _user_agent)r.rs rr)r)Bsu8# (6 88"??I(;  3 3 J Jv-- K /% *0)C)CC%U& ,rc@ddlm}d|vr tdtj||d<|j j }||tj}|jd|_ |jd|_ |jd |_ |S) zCCreates google-auth creds from a dict of application default creds.rr r2r3r4r5 private_keyprivate_key_id client_id) google.oauth2r rr7r8 Credentialsfrom_service_account_inforr;r!r@rArB)r.google_auth_service_accountservice_account_credentialsrs r CredentialsFromAdcDictGoogleAuthrHSs K8# (6 88 "??I(;"--GG %hv7M7M N% ll=1%!&67%LL-%/ ,rcxtj|||tjitj S)zGCreates credentials object from given p12 private key and account name.)service_account_emailr4r6)r CreateP12ServiceAccountr7r8rr;)r@accountpasswords rCredentialsFromP12KeyrNrs7  4 4#55b9  # #  r)N)r __future__rrrr'googlecloudsdk.corerrgooglecloudsdk.core.credentialsrr7r googlecloudsdk.core.utilr oauth2clientr r"rrrrr$r0r)rHrNrrrrTs~*&' &*<?*()&J  &>>)))U)C "> r