Refresh SignedJwtAssertionCredentials w/Storage.
Reviewed in http://codereview.appspot.com/6346086/.
Fixes issue #160.
diff --git a/oauth2client/appengine.py b/oauth2client/appengine.py
index b484c1e..ca2ff15 100644
--- a/oauth2client/appengine.py
+++ b/oauth2client/appengine.py
@@ -42,6 +42,9 @@
from google.appengine.ext.webapp.util import login_required
from google.appengine.ext.webapp.util import run_wsgi_app
+
+logger = logging.getLogger(__name__)
+
OAUTH2CLIENT_NAMESPACE = 'oauth2client#ns'
@@ -148,7 +151,7 @@
# For writing to datastore.
def get_value_for_datastore(self, model_instance):
- logging.info("get: Got type " + str(type(model_instance)))
+ logger.info("get: Got type " + str(type(model_instance)))
cred = super(CredentialsProperty,
self).get_value_for_datastore(model_instance)
if cred is None:
@@ -159,7 +162,7 @@
# For reading from datastore.
def make_value_from_datastore(self, value):
- logging.info("make: Got type " + str(type(value)))
+ logger.info("make: Got type " + str(type(value)))
if value is None:
return None
if len(value) == 0:
@@ -172,7 +175,7 @@
def validate(self, value):
value = super(CredentialsProperty, self).validate(value)
- logging.info("validate: Got type " + str(type(value)))
+ logger.info("validate: Got type " + str(type(value)))
if value is not None and not isinstance(value, Credentials):
raise db.BadValueError('Property %s must be convertible '
'to a Credentials instance (%s)' %
diff --git a/oauth2client/client.py b/oauth2client/client.py
index a5f2c2d..5ccaccd 100644
--- a/oauth2client/client.py
+++ b/oauth2client/client.py
@@ -788,7 +788,9 @@
scope = ' '.join(scope)
self.scope = scope
- self.private_key = private_key
+ # Keep base64 encoded so it can be stored in JSON.
+ self.private_key = base64.b64encode(private_key)
+
self.private_key_password = private_key_password
self.service_account_name = service_account_name
self.kwargs = kwargs
@@ -798,14 +800,15 @@
data = simplejson.loads(s)
retval = SignedJwtAssertionCredentials(
data['service_account_name'],
- data['private_key'],
- data['private_key_password'],
+ base64.b64decode(data['private_key']),
data['scope'],
- data['user_agent'],
- data['token_uri'],
- data['kwargs']
+ private_key_password=data['private_key_password'],
+ user_agent=data['user_agent'],
+ token_uri=data['token_uri'],
+ **data['kwargs']
)
retval.invalid = data['invalid']
+ retval.access_token = data['access_token']
return retval
def _generate_assertion(self):
@@ -821,9 +824,9 @@
payload.update(self.kwargs)
logger.debug(str(payload))
+ private_key = base64.b64decode(self.private_key)
return make_signed_jwt(
- Signer.from_string(self.private_key, self.private_key_password),
- payload)
+ Signer.from_string(private_key, self.private_key_password), payload)
# Only used in verify_id_token(), which is always calling to the same URI
# for the certs.
diff --git a/oauth2client/crypt.py b/oauth2client/crypt.py
index 3df861d..4204417 100644
--- a/oauth2client/crypt.py
+++ b/oauth2client/crypt.py
@@ -24,6 +24,8 @@
from anyjson import simplejson
+logger = logging.getLogger(__name__)
+
CLOCK_SKEW_SECS = 300 # 5 minutes in seconds
AUTH_TOKEN_LIFETIME_SECS = 300 # 5 minutes in seconds
MAX_TOKEN_LIFETIME_SECS = 86400 # 1 day in seconds
@@ -161,7 +163,7 @@
signature = signer.sign(signing_input)
segments.append(_urlsafe_b64encode(signature))
- logging.debug(str(segments))
+ logger.debug(str(segments))
return '.'.join(segments)