Add a keyring based Storage.
Reviewed in http://codereview.appspot.com/6450070/.
Fixes issue #21.
diff --git a/oauth2client/keyring_storage.py b/oauth2client/keyring_storage.py
new file mode 100644
index 0000000..efe2949
--- /dev/null
+++ b/oauth2client/keyring_storage.py
@@ -0,0 +1,109 @@
+# Copyright (C) 2012 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""A keyring based Storage.
+
+A Storage for Credentials that uses the keyring module.
+"""
+
+__author__ = 'jcgregorio@google.com (Joe Gregorio)'
+
+import keyring
+import threading
+
+from client import Storage as BaseStorage
+from client import Credentials
+
+
+class Storage(BaseStorage):
+ """Store and retrieve a single credential to and from the keyring.
+
+ To use this module you must have the keyring module installed. See
+ <http://pypi.python.org/pypi/keyring/>. This is an optional module and is not
+ installed with oauth2client by default because it does not work on all the
+ platforms that oauth2client supports, such as Google App Engine.
+
+ The keyring module <http://pypi.python.org/pypi/keyring/> is a cross-platform
+ library for access the keyring capabilities of the local system. The user will
+ be prompted for their keyring password when this module is used, and the
+ manner in which the user is prompted will vary per platform.
+
+ Usage:
+ from oauth2client.keyring_storage import Storage
+
+ s = Storage('name_of_application', 'user1')
+ credentials = s.get()
+
+ """
+
+ def __init__(self, service_name, user_name):
+ """Constructor.
+
+ Args:
+ service_name: string, The name of the service under which the credentials
+ are stored.
+ user_name: string, The name of the user to store credentials for.
+ """
+ self._service_name = service_name
+ self._user_name = user_name
+ self._lock = threading.Lock()
+
+ def acquire_lock(self):
+ """Acquires any lock necessary to access this Storage.
+
+ This lock is not reentrant."""
+ self._lock.acquire()
+
+ def release_lock(self):
+ """Release the Storage lock.
+
+ Trying to release a lock that isn't held will result in a
+ RuntimeError.
+ """
+ self._lock.release()
+
+ def locked_get(self):
+ """Retrieve Credential from file.
+
+ Returns:
+ oauth2client.client.Credentials
+ """
+ credentials = None
+ content = keyring.get_password(self._service_name, self._user_name)
+
+ if content is not None:
+ try:
+ credentials = Credentials.new_from_json(content)
+ credentials.set_store(self)
+ except ValueError:
+ pass
+
+ return credentials
+
+ def locked_put(self, credentials):
+ """Write Credentials to file.
+
+ Args:
+ credentials: Credentials, the credentials to store.
+ """
+ keyring.set_password(self._service_name, self._user_name,
+ credentials.to_json())
+
+ def locked_delete(self):
+ """Delete Credentials file.
+
+ Args:
+ credentials: Credentials, the credentials to store.
+ """
+ keyring.set_password(self._service_name, self._user_name, '')
diff --git a/runtests.sh b/runtests.sh
index 19bd704..a4fc9cd 100755
--- a/runtests.sh
+++ b/runtests.sh
@@ -18,3 +18,4 @@
$1 runtests.py tests/test_protobuf_model.py
$1 runtests.py tests/test_schema.py
$1 runtests.py tests/test_oauth2client_appengine.py
+$1 runtests.py tests/test_oauth2client_keyring.py
diff --git a/samples/keyring/README b/samples/keyring/README
new file mode 100644
index 0000000..26e81d8
--- /dev/null
+++ b/samples/keyring/README
@@ -0,0 +1,4 @@
+Demonstrates storing Credentials in the system keyring.
+
+api: plus
+keywords: cmdline pagination oauth2
diff --git a/samples/keyring/client_secrets.json b/samples/keyring/client_secrets.json
new file mode 100644
index 0000000..a232f37
--- /dev/null
+++ b/samples/keyring/client_secrets.json
@@ -0,0 +1,9 @@
+{
+ "web": {
+ "client_id": "[[INSERT CLIENT ID HERE]]",
+ "client_secret": "[[INSERT CLIENT SECRET HERE]]",
+ "redirect_uris": [],
+ "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+ "token_uri": "https://accounts.google.com/o/oauth2/token"
+ }
+}
diff --git a/samples/keyring/plus.py b/samples/keyring/plus.py
new file mode 100644
index 0000000..fb19bcf
--- /dev/null
+++ b/samples/keyring/plus.py
@@ -0,0 +1,139 @@
+#!/usr/bin/python2.4
+# -*- coding: utf-8 -*-
+#
+# Copyright (C) 2010 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Simple command-line sample for the Google+ API.
+
+Command-line application that retrieves the users latest content and
+then adds a new entry.
+
+Usage:
+ $ python plus.py
+
+You can also get help on all the command-line flags the program understands
+by running:
+
+ $ python plus.py --help
+
+To get detailed log output run:
+
+ $ python plus.py --logging_level=DEBUG
+"""
+
+__author__ = 'jcgregorio@google.com (Joe Gregorio)'
+
+import getpass
+import gflags
+import httplib2
+import logging
+import os
+import pprint
+import sys
+
+from apiclient.discovery import build
+from oauth2client.keyring_storage import Storage
+from oauth2client.client import AccessTokenRefreshError
+from oauth2client.client import flow_from_clientsecrets
+from oauth2client.tools import run
+
+
+FLAGS = gflags.FLAGS
+
+# CLIENT_SECRETS, name of a file containing the OAuth 2.0 information for this
+# application, including client_id and client_secret, which are found
+# on the API Access tab on the Google APIs
+# Console <http://code.google.com/apis/console>
+CLIENT_SECRETS = 'client_secrets.json'
+
+# Helpful message to display in the browser if the CLIENT_SECRETS file
+# is missing.
+MISSING_CLIENT_SECRETS_MESSAGE = """
+WARNING: Please configure OAuth 2.0
+
+To make this sample run you will need to populate the client_secrets.json file
+found at:
+
+ %s
+
+with information from the APIs Console <https://code.google.com/apis/console>.
+
+""" % os.path.join(os.path.dirname(__file__), CLIENT_SECRETS)
+
+# Set up a Flow object to be used if we need to authenticate.
+FLOW = flow_from_clientsecrets(CLIENT_SECRETS,
+ scope='https://www.googleapis.com/auth/plus.me',
+ message=MISSING_CLIENT_SECRETS_MESSAGE)
+
+
+# The gflags module makes defining command-line options easy for
+# applications. Run this program with the '--help' argument to see
+# all the flags that it understands.
+gflags.DEFINE_enum('logging_level', 'ERROR',
+ ['DEBUG', 'INFO', 'WARNING', 'ERROR', 'CRITICAL'],
+ 'Set the level of logging detail.')
+
+
+def main(argv):
+ # Let the gflags module process the command-line arguments
+ try:
+ argv = FLAGS(argv)
+ except gflags.FlagsError, e:
+ print '%s\\nUsage: %s ARGS\\n%s' % (e, argv[0], FLAGS)
+ sys.exit(1)
+
+ # Set the logging according to the command-line flag
+ logging.getLogger().setLevel(getattr(logging, FLAGS.logging_level))
+
+ # If the Credentials don't exist or are invalid run through the native client
+ # flow. The Storage object will ensure that if successful the good
+ # Credentials will get written back to a file.
+ storage = Storage('Google_Plus_Sample', getpass.getuser())
+ credentials = storage.get()
+
+ if credentials is None or credentials.invalid:
+ credentials = run(FLOW, storage)
+
+ # Create an httplib2.Http object to handle our HTTP requests and authorize it
+ # with our good Credentials.
+ http = httplib2.Http()
+ http = credentials.authorize(http)
+
+ service = build("plus", "v1", http=http)
+
+ try:
+ person = service.people().get(userId='me').execute(http)
+
+ print "Got your ID: %s" % person['displayName']
+ print
+ print "%-040s -> %s" % ("[Activitity ID]", "[Content]")
+
+ # Don't execute the request until we reach the paging loop below
+ request = service.activities().list(
+ userId=person['id'], collection='public')
+ # Loop over every activity and print the ID and a short snippet of content.
+ while ( request != None ):
+ activities_doc = request.execute()
+ for item in activities_doc.get('items', []):
+ print '%-040s -> %s' % (item['id'], item['object']['content'][:30])
+
+ request = service.activities().list_next(request, activities_doc)
+
+ except AccessTokenRefreshError:
+ print ("The credentials have been revoked or expired, please re-run"
+ "the application to re-authorize")
+
+if __name__ == '__main__':
+ main(sys.argv)