U 6d@sdZddlZddlmZddlmZddlmZddlmZzddlmZWne k rddZYnXGdd d ej Z d d Z Gd d d ej ej ejZdS)aGoogle App Engine standard environment support. This module provides authentication and signing for applications running on App Engine in the standard environment using the `App Identity API`_. .. _App Identity API: https://cloud.google.com/appengine/docs/python/appidentity/ N)_helpers) credentials)crypt) exceptions) app_identityc@s0eZdZdZeddZeej ddZ dS)SignerzSigns messages using the App Engine App Identity service. This can be used in place of :class:`google.auth.crypt.Signer` when running in the App Engine standard environment. cCsdS)zOptional[str]: The key ID used to identify this private key. .. warning:: This is always ``None``. The key ID used by App Engine can not be reliably determined ahead of time. Nselfrr:/tmp/pip-unpacked-wheel-h3lf9jv9/google/auth/app_engine.pykey_id/sz Signer.key_idcCst|}t|\}}|SN)rto_bytesrZ sign_blob)r message_ signaturerrr sign9s z Signer.signN) __name__ __module__ __qualname____doc__propertyr rcopy_docstringrrrrrrr r(s  rcCstdkrtdtS)zGets the project ID for the current App Engine application. Returns: str: The project ID Raises: google.auth.exceptions.OSError: If the App Engine APIs are unavailable. N&The App Engine APIs are not available.)rrOSErrorZget_application_idrrrr get_project_id@s  rcseZdZdZdfdd ZeejddZ e ddZ e d d Z eej dd d Zeejd dZeejddZe eejddZe eejddZZS) CredentialszApp Engine standard environment credentials. These credentials use the App Engine App Identity API to obtain access tokens. NcsDtdkrtdtt|||_||_||_t |_ ||_ dS)a Args: scopes (Sequence[str]): Scopes to request from the App Identity API. default_scopes (Sequence[str]): Default scopes passed by a Google client library. Use 'scopes' for user-defined scopes. service_account_id (str): The service account ID passed into :func:`google.appengine.api.app_identity.get_access_token`. If not specified, the default application service account ID will be used. quota_project_id (Optional[str]): The project ID used for quota and billing. Raises: google.auth.exceptions.OSError: If the App Engine APIs are unavailable. Nr) rrrsuperr__init___scopes_default_scopes_service_account_idr_signerZ_quota_project_id)r scopesdefault_scopesservice_account_idquota_project_id __class__rr rZs zCredentials.__init__cCsF|jdk r|jn|j}t||j\}}tj|}|||_|_dSr ) rr rZget_access_tokenr!datetimeutcfromtimestamptokenexpiry)r requestr#r+Zttlr,rrr refresh~s zCredentials.refreshcCs|jdkrt|_|jS)zThe service account email.N)r!rZget_service_account_namer rrr service_account_emails  z!Credentials.service_account_emailcCs|j o|j S)zChecks if the credentials requires scopes. Returns: bool: True if there are no scopes set otherwise False. )rr r rrr requires_scopesszCredentials.requires_scopescCs|j|||j|jdS)N)r#r$r%r&)r(r!r&)r r#r$rrr with_scopess zCredentials.with_scopescCs|j|j|j|dS)N)r#r%r&)r(rr!)r r&rrr with_quota_projects zCredentials.with_quota_projectcCs |j|Sr )r"r)r rrrr sign_bytesszCredentials.sign_bytescCs|jSr )r/r rrr signer_emailszCredentials.signer_emailcCs|jSr )r"r rrr signerszCredentials.signer)NNNN)N)rrrrrrrrrr.rr/r0Scopedr1CredentialsWithQuotaProjectr2Signingr3r4r5 __classcell__rrr'r rQs0$             r)rr)Z google.authrrrrZgoogle.appengine.apir ImportErrorrrr6r8r7rrrrr s