i1LSrSSKrSSKrSSKrSSKrSSKrSSKJrJrJ r SSK J r SSK J r SSK Jr SSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKJr SSKJr SS KJr \ R@r \ \RB\\RDRF4r$\ \$\RJRLRN4r("S S \)5r*"S S \*5r+"SS\+5r,"SS\,5r-"SS\+5r."SS\*5r/SSjr0S\(4Sjr1SSjr2g)z4Credential-related classes and functions for bq cli.N)ListOptionalUnion)app)flags)Oauth2WithReauthCredentials)utils)bq_error)bq_error_utilsc4\rSrSrSrS\4SjrS\4SjrSrg)CredentialLoader0z!Base class for credential loader.returncZUR5n[R"5UlU$)zLoads credential.)_Load bq_auth_utilsget_client_user_agent _user_agent)selfcreds platform/bq/credential_loader.pyLoadCredentialLoader.Load3s# ::UR(aUR5OSnU(aU$[[U]5nU(dgUR R U5 URUR 5 U$r)r1_LoadFromCachesuperr)rr;put set_store)rr __class__s rrCachedCredentialLoader.Loadfsb$($:$:4   D k ' 3 5D   MMdNN4==! Krz&wrapped_credentials.WrappedCredentialsc[RRUR5(dgURR 5nU(d[[ RRUR5nUR 5nU(aURRU5 W(dg[U[R5(a[R "5nO[R""5nUR%U5(dgU$![anURU5 SnANSnAff=f)z!Loads credential from cache file.N)ospathexistsr+r;getr7fileStoragerG BaseException_RaiseCredentialsCorrupt isinstancewrapped_credentialsWrappedCredentialsr4GetClientScopesFor3pir5 has_scopes)rcredslegacy_storager>scopess rrE%CachedCredentialLoader._LoadFromCacheus 77>>$44 5 5  'mm!e )..66  & & ""$  --  E "  %,??@@--/f002f   F # #  L ' ##A&&'sAs rrS/CachedCredentialLoader._RaiseCredentialsCorrupts)   & L HHQKr)r1r6r;r+)T)rzJoauth2client_4_0.contrib.multiprocess_file_storage.MultiprocessFileStorage)r>rRrN)r!r"r#r$r%strboolr?propertyrBr&rrrErSr' __classcell__rIs@rr)r)=ssBF#&:> 6 S  /  89 D  rr)c4^\rSrSrSrS\4U4SjjrSrU=r$)ServiceAccountPrivateKeyLoaderz7Base class for loading credential from service account.rc>[RR(d[R"S5e[ [ U]5$)NzBigQuery requires OpenSSL to be installed in order to use service account credentials. Please install OpenSSL and the Python OpenSSL package.)r7client HAS_OPENSSLr UsageErrorrFrmr)rrIs rr#ServiceAccountPrivateKeyLoader.Loads;  " " . . NN ,  / ; ==rr ) r!r"r#r$r%r&rr'rjrks@rrmrms?>/>>rrmcN^\rSrSrSrS\S\S\SS4U4SjjrS\4S jrS r U=r $) "ServiceAccountPrivateKeyFileLoaderz3Credential loader for private key stored in a file.service_account file_pathpasswordrNcR>[[U] "U0UD6 XlX lX0lg)ajCreates ServiceAccountPrivateKeyFileLoader instance. Args: service_account: service account the private key is for. file_path: path to the file containing private key (in P12 format). password: password to uncrypt the private key file. *args: additional arguments to apply to base class. **kwargs: additional keyword arguments to apply to base class. N)rFrur?_service_account _file_path _password)rrwrxryargskwargsrIs rr?+ServiceAccountPrivateKeyFileLoader.__init__s* ,d[[U] "U0UD6 Xlg)zCreates ApplicationDefaultCredentialFileLoader instance. Args: credential_file: path to credential file in json format. *args: additional arguments to apply to base class. **kwargs: additional keyword arguments to apply to base class. N)rFrr?_credential_file)rrr~rrIs rr?/ApplicationDefaultCredentialFileLoader.__init__s( 0$@ ,rc [UR5n[R"U5nSSS5 [R "5nWS[ RR:Xa:[SUSUSUSS[ R[R"5US9$USS:Xa)[RRUR5$USS:Xa)[RR!UR5$[ RR"US'[ R$R&R)X#S 9n[R"5UlU$!,(df  GNC=f) zALoads credentials from given application default credential file.Ntype client_id client_secret refresh_token) access_tokenrrr token_expiryr user_agentr[external_account external_account_authorized_user) keyfile_dictr[)openrjsonloadr4r5r7rpAUTHORIZED_USERrrrrrUrVfor_external_account$for_external_account_authorized_userSERVICE_ACCOUNTrwrfrom_json_keyfile_dictr)rfile_obj credentials client_scopeservice_account_credentialss rr,ApplicationDefaultCredentialFileLoader._LoadsW d## $IIh'k %446L6.55EEE ( ,#O4#O4$55"88:   V  2 2 3 3 H H    V  B B 3 3 X X   -33CCk&$4$D$D$^$^$u$u"%v%!1>0S0S0U!- ((; % $s E)) E8)rrrks@rrrs+B ,c ,t ,)0))rrcF^\rSrSrSrS\SS4U4SjjrS\4SjrSr U=r $) AccessTokenCredentialLoaderi z)Credential loader for OAuth access token.rrNc:>[[U] "U0UD6 Xlg)zCreates ApplicationDefaultCredentialFileLoader instance. Args: access_token: OAuth access token. *args: additional arguments to apply to base class. **kwargs: additional keyword arguments to apply to base class. N)rFrr? _access_token)rrr~rrIs rr?$AccessTokenCredentialLoader.__init__s  %t5tFvF%rc|[RRUR[R "55$r)r7rpAccessTokenCredentialsrrrrs rr!AccessTokenCredentialLoader._Loads/  " " 9 9 M??A r)rrrks@rrr s+1 &3 &D &0rrrc[R(a-[R"S5 [ [RS9$[R (a[R"S[R 15 [R (d[R"S5e[R(a[[R"S5 [[R S[R [R[RS9$[R"S5e[R(ah[R"S 5 [R(d[R"S 5e[[RS[RS 9$[R"S 5e) z9Returns a CredentialsLoader based on user-supplied flags.z,Loading credentials using oauth_access_token)rz-Loading credentials using service_account: %szZThe flag --service_account_credential_file must be specified if --service_account is used.z:Loading credentials using service_account_private_key_fileT)r+r,rwrxryzYService account authorization requires --service_account_private_key_file flag to be set.z=Loading credentials using application_default_credential_filez^The flag --credential_file must be specified if --application_default_credential_file is used.)r+r,rz4bq.py should not be invoked. Use bq command instead.)FLAGSoauth_access_tokenr/r0rrwservice_account_credential_filerrr service_account_private_key_fileru$service_account_private_key_password#application_default_credential_filerrr rr_GetCredentialsLoaderFromFlagsrsH   LL?@ &E4L4L MM  LL7%:O:O9P  0 0 NN *  -- llOP / % E E//::==  .. =   .. LLG  NN ;  2#33AA  < >>rcD[R(a>[R"S5 [R R R5$[5nUR5n[U5[RR:Xa [U5nU$)z1Returns credentials based on user-supplied flags.z1Loading credentials using use_gce_service_account)ruse_gce_service_accountr/r0r7r8gceAppAssertionCredentialsrrrrpOAuth2Credentials_GetReauthCredentials)loaderrs rr^r^Psx "" LLDE  # # ' ' ? ? AA * +& + +*11CCC' 4K rcT[R"U5nURUlU$r)rfrom_OAuth2Credentialsstore) oauth2_creds reauth_credss rrres--CC,$)), r)rz4CachedCredentialLoader | AccessTokenCredentialLoader)rz)oauth2client_4_0.client.OAuth2Credentialsrr)3r%argparserr/rLrctypingrrrabslrrgoogle_reauth.reauth_credsrhttplib2r7oauth2client_4_0.contriboauth2client_4_0.contrib.gce2oauth2client_4_0.contrib.multiprocess_file_storageoauth2client_4_0.file oauth2client_4_0.service_accountoauth2client_4_0.toolsrequests bq_auth_flagsr4rUauthr rr r rrVrprr&r8rrCredentialsFromFlagsUnionTypeobjectr r)rmrurrrr^rr rrrs7:  ((B#9''   $**224 !&  88:!  v  e-eP >%; >")G"N/)-C/)d"2(.>:.>b!>*="r