U
    6d                     @   sh   d Z ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ	 G dd de	j
Z
G d	d
 d
e	jZdS )a  OAuth 2.0 Async Credentials.

This module provides credentials based on OAuth 2.0 access and refresh tokens.
These credentials usually access resources on behalf of a user (resource
owner).

Specifically, this is intended to use access tokens acquired using the
`Authorization Code grant`_ and can refresh those tokens using a
optional `refresh token`_.

Obtaining the initial access and refresh token is outside of the scope of this
module. Consult `rfc6749 section 4.1`_ for complete details on the
Authorization Code grant flow.

.. _Authorization Code grant: https://tools.ietf.org/html/rfc6749#section-1.3.1
.. _refresh token: https://tools.ietf.org/html/rfc6749#section-6
.. _rfc6749 section 4.1: https://tools.ietf.org/html/rfc6749#section-4.1
    )_credentials_async)_helpers)
exceptions)_reauth_async)credentialsc                   @   s$   e Zd ZdZeejdd ZdS )Credentialsa  Credentials using OAuth 2.0 access and refresh tokens.

    The credentials are considered immutable. If you want to modify the
    quota project, use :meth:`with_quota_project` or ::

        credentials = credentials.with_quota_project('myproject-123)
    c           
   
      s   | j d ks(| jd ks(| jd ks(| jd kr2tdtj|| j| j | j| j| j| j	| j
dI d H \}}}}}|| _|| _|| _ |d| _|| _	| jrd|krt| j}t|d  }|| }	|	rtdd|	d S )NzThe credentials do not contain the necessary fields need to refresh the access token. You must specify refresh_token, token_uri, client_id, and client_secret.)Zscopes
rapt_tokenZenable_reauth_refreshZid_tokenZscopezUNot all requested scopes were granted by the authorization server, missing scopes {}.z, )Z_refresh_tokenZ
_token_uriZ
_client_idZ_client_secretr   ZRefreshErrorreauthZrefresh_grantZ_scopesZ_rapt_tokenZ_enable_reauth_refreshtokenexpirygetZ	_id_token	frozensetsplitformatjoin)
selfrequestZaccess_tokenZrefresh_tokenr   Zgrant_responser   Zrequested_scopesZgranted_scopesZ scopes_requested_but_not_granted r   D/tmp/pip-unpacked-wheel-h3lf9jv9/google/oauth2/_credentials_async.pyrefresh2   sT    

zCredentials.refreshN)	__name__
__module____qualname____doc__r   Zcopy_docstringr   r   r   r   r   r   r   r   )   s   
r   c                   @   s   e Zd ZdZdS )UserAccessTokenCredentialsa  Access token credentials for user account.

    Obtain the access token for a given user account or the current active
    user account with the ``gcloud auth print-access-token`` command.

    Args:
        account (Optional[str]): Account to get the access token for. If not
            specified, the current active account will be used.
        quota_project_id (Optional[str]): The project ID used for quota
            and billing.

    N)r   r   r   r   r   r   r   r   r   d   s   r   N)r   Zgoogle.authr   r   r   r   Zgoogle.oauth2r   r	   Zoauth2_credentialsr   r   r   r   r   r   <module>   s   ;