Support BackendApplicationClient

[avizelo]

Does requests-oauthlib supports using service account (BackendApplicationClient)?
Specifically, I would like to implement the following example were the authentication to google drive API is done via a service account (as the google apiclient lib is not supported for python3)

The below example uses apiclient and taken from https://developers.google.com/drive/web/service-accounts

import httplib2
import pprint
import sys

from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials

"""Email of the Service Account.
SERVICE_ACCOUNT_EMAIL = '@developer.gserviceaccount.com'

""" Path to the Service Account's Private Key file.
SERVICE_ACCOUNT_PKCS12_FILE_PATH = '/path/to/<public_key_fingerprint>-privatekey.p12'

def createDriveService():
"""Builds and returns a Drive service object authorized with the given service account.

Returns:
Drive service object.
"""
f = file(SERVICE_ACCOUNT_PKCS12_FILE_PATH, 'rb')
key = f.read()
f.close()

credentials = SignedJwtAssertionCredentials(SERVICE_ACCOUNT_EMAIL, key,
scope='https://www.googleapis.com/auth/drive')
http = httplib2.Http()
http = credentials.authorize(http)

return build('drive', 'v2', http=http)

Thanks,
Avi

[ib-lundgren]

Currently, no. However, since it does not require that much on the client side I've begun working on that and could do with your help trying it out on a real app. Please install oauthlib from master and then follow this example

# If you are running into issues enable logging below
#import logging
#import sys

#log = logging.getLogger('oauthlib')
#log.addHandler(logging.StreamHandler(sys.stdout))
#log.setLevel(logging.DEBUG)

#log = logging.getLogger('requests-oauthlib')
#log.addHandler(logging.StreamHandler(sys.stdout))
#log.setLevel(logging.DEBUG)

# Credentials you get from registering a new service account
client_id = 'your-client-id.apps.googleusercontent.com'
issuer = '[email protected]'
aud = 'https://accounts.google.com/o/oauth2/token'
sub = '[email protected]'

# Download the key in json format
from json import load
key = load(open("key.json"))['private_key']

# Remember to enable domain wide access to your account
# https://developers.google.com/accounts/docs/OAuth2ServiceAccount#delegatingauthority

# OAuth endpoints given in the Google API documentation
token_url = "https://accounts.google.com/o/oauth2/token"
scope = [
    "https://www.googleapis.com/auth/userinfo.email",
    "https://www.googleapis.com/auth/userinfo.profile"
]

# For now you need to install from Github master
from oauthlib.oauth2 import ServiceApplicationClient

client = ServiceApplicationClient(client_id,
        issuer=issuer,
        audience=aud,
        subject=sub,
        private_key=key)

from requests_oauthlib import OAuth2Session
google = OAuth2Session(client_id, client=client)

# Fetch the access token
google.fetch_token(token_url)

# Fetch a protected resource, i.e. user profile
r = google.get('https://www.googleapis.com/oauth2/v1/userinfo')
print r.content

[avizelo]

Thanks for the help.

Ive tried to install the oauthlib.oauth2 module using the below command -
pip3 install --upgrade git+https://github.com/idan/oauthlib.git

Then, while running my script (google_drive_p3.py) I got the following
error -
root@ubuntu:/mnt/hgfs/VM-ShareFolder/tests# python3 google_drive_p3.py
Traceback (most recent call last):
File "google_drive_p3.py", line 48, in
google.fetch_token(token_url)
File
"/usr/local/lib/python3.4/dist-packages/requests_oauthlib/oauth2_session.py",
line 167, in fetch_token
password=password, **kwargs)
File
"/usr/local/lib/python3.4/dist-packages/oauthlib/oauth2/rfc6749/clients/service_application.py",
line 142, in prepare_request_body
import jwt
ImportError: No module named 'jwt'

On Thu, Oct 16, 2014 at 5:19 AM, Ib Lundgren [email protected]
wrote:

Currently, no. However, since it does not require that much on the client
side I've begun working on that and could do with your help trying it out
on a real app. Please install oauthlib https://github.com/idan/oauthlib
from master and then follow this example

If you are running into issues enable logging below

#import logging
#import sys

#log = logging.getLogger('oauthlib')
#log.addHandler(logging.StreamHandler(sys.stdout))
#log.setLevel(logging.DEBUG)

#log = logging.getLogger('requests-oauthlib')
#log.addHandler(logging.StreamHandler(sys.stdout))
#log.setLevel(logging.DEBUG)

Credentials you get from registering a new service account

client_id = 'your-client-id.apps.googleusercontent.com'
issuer = '[email protected]'
aud = 'https://accounts.google.com/o/oauth2/token'
sub = '[email protected]'

Download the key in json format

from json import load
key = load(open("key.json"))['private_key']

Remember to enable domain wide access to your account

https://developers.google.com/accounts/docs/OAuth2ServiceAccount#delegatingauthority

OAuth endpoints given in the Google API documentation

token_url = "https://accounts.google.com/o/oauth2/token"
scope = [
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/userinfo.profile"
]

For now you need to install from Github master

from oauthlib.oauth2 import ServiceApplicationClient

client = ServiceApplicationClient(client_id,
issuer=issuer,
audience=aud,
subject=sub,
private_key=key)

from requests_oauthlib import OAuth2Session
google = OAuth2Session(client_id, client=client)

Fetch the access token

google.fetch_token(token_url)

Fetch a protected resource, i.e. user profile

r = google.get('https://www.googleapis.com/oauth2/v1/userinfo')
print r.content

—
Reply to this email directly or view it on GitHub
#152 (comment)
.

[ib-lundgren]

Forgot to mention it requires extra libraries not included in oauthlib by default due to their limited use.

Please also install pycrypto and pyjwt