Commit 330df89e authored by Siarhei Khaletski (EPAM)'s avatar Siarhei Khaletski (EPAM) 🚩
Browse files

Added support of ADC ("Application Default Credentials") for GCP

parent 959891b7
Pipeline #68000 passed with stages
in 52 seconds
import aiohttp
import json
from typing import List, Optional
from typing import List, Optional, Type
import datetime
import os
import time
import jwt
from urllib.parse import quote_plus
......@@ -24,9 +25,9 @@ class GoogleAccountAuth(AuthBase):
:param scopes: scopes
"""
super().__init__()
with open(service_file, 'r') as f:
self.service_data = json.load(f)
self.service_file = service_file
self.service_data = self.get_service_data()
self.session = session
self.scopes = ' '.join(scopes or [])
self.access_token: Optional[str] = None
......@@ -38,6 +39,21 @@ class GoogleAccountAuth(AuthBase):
""" Return scheme """
return self._scheme
def get_service_data(self) -> Optional[dict]:
service_data = self.service_file or os.environ.get('GOOGLE_APPLICATION_CREDENTIALS')
if not service_data:
cloudsdk_config = os.environ.get('CLOUDSDK_CONFIG')
sdkpath = (cloudsdk_config
or os.path.join(os.path.expanduser('~'), '.config', 'gcloud'))
service_data = os.path.join(sdkpath, 'application_default_credentials.json')
try:
with open(service_data, 'r') as f:
return json.load(f)
except Exception:
raise ValueError('No credentials provided')
async def header_value(self) -> str:
token = await self._get_token()
return f'{self._scheme} {token}'
......
......@@ -72,7 +72,7 @@ class GCloudAioStorage(BlobStorageBase):
if forwarded_auth is not None:
return await forwarded_auth.token()
assert self._service_account_file, 'No credentials provided'
# assert self._service_account_file, 'No credentials provided'
token_cache = self._access_token_dict
cache_key = f'{project}_{bucket}'
tenant_access_token = token_cache.get(cache_key, None)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment