+dZddlmZddlmZddlmZddlZddlZddlZddlm Z ddl m Z ddl m Z dd l mZdd lmZdd lmZd Zd Ze j*Gdde j,Zy)zCommand to create a login configuration file used to enable browser based sign-in using third-party user identities via gcloud auth login. )absolute_import)division)unicode_literalsN)base) cred_config)log) properties)universe_descriptor)fileszlogin configuration filez cloud.googlecNeZdZdZdej diZedZdZ y)CreateLoginConfiga?Create a login configuration file to enable sign-in via a web-based authorization flow using Workforce Identity Federation. This command creates a configuration file to enable browser based third-party sign in with Workforce Identity Federation through `gcloud auth login --login-config=/path/to/config.json`. EXAMPLESz To create a login configuration for your project, run: $ {command} locations/global/workforcePools/$WORKFORCE_POOL_ID/providers/$PROVIDER_ID --output-file=login-config.json c|jdd|jddd|jdd d d |jd dd d|jddd|jdddy)Naudiencez&Workforce pool provider resource name.)helpz --output-filez9Location to store the generated login configuration file.T)rrequiredz --activate store_trueFzSets the property `auth/login_config_file` to the created login configuration file. Calling `gcloud auth login` will automatically use this login configuration unless it is explicitly unset.)actiondefaultrz --enable-mtlszUse mTLS for STS endpoints.)rrhiddenz--universe-domainzThe universe domain.)rrz--universe-cloud-web-domainzThe universe cloud web domain.) add_argument)clsparsers 6lib/surface/iam/workforce_pools/create_login_config.pyArgszCreateLoginConfig.Args8s A  H   !    *    #  % -ctjjj}|j }t |ddr |j}||j k(rt}nGt |ddr |j}n-tjj |j}t |dd}tj||}||dd|jzdj| |j |j"d }t%j&|j(t+j,|d t/j0|j(t2|j4r`tj6tjj8j:t<j>jA|j(yy) Nuniverse_domainuniverse_cloud_web_domain enable_mtlsF)r r-external_account_authorized_user_login_configz//iam.googleapis.com/z)https://auth.{cloud_web_domain}/authorize)cloud_web_domain)rrtyperauth_url token_urltoken_info_url)indent)!r VALUEScorerGetgetattrrGOOGLE_DEFAULT_CLOUD_WEB_DOMAINrr UniverseDescriptorr"r StsEndpointsrformatoauth_token_urlr&r WriteFileContents output_filejsondumpsrCreatedResource RESOURCE_TYPEactivatePersistPropertyauthlogin_config_fileospathabspath)selfargsuniverse_domain_propertyrrr token_endpoint_builderoutputs rRunzCreateLoginConfig.Run`s)0055EE.224Ot&-,,o 2:::"A 2D 9"&"@"@  0 0 2 3    $ u5K(55+%>?+dmm;?FF6G ,;;0?? F D,,djj.JK((-8 }}     2 2 ''//$** +rN) __name__ __module__ __qualname____doc__textwrapdedent detailed_help classmethodrrDrrr r &s@ (// -%%N/rr )rH __future__rrrr4r<rIgooglecloudsdk.callioper.googlecloudsdk.command_lib.iam.byoid_utilitiesrgooglecloudsdk.corerr 'googlecloudsdk.core.universe_descriptorr googlecloudsdk.core.utilr r7r-UniverseCompatible CreateCommandr rMrrrVsg'' (F#*G*+ "0h**hhr