USrSSKrSSKrSSKJr SSKJr SSKJr \R"\ 5r Sr "SS\R5rg) zoUtilities for Google Compute Engine Utilities for making it easier to use OAuth 2.0 on Google Compute Engine. N) http_client)client) _metadatazYou have requested explicit scopes to be used with a GCE service account. Using this argument will have no effect on the actual scopes for tokens requested. These scopes are set at VM instance creation time and can't be overridden in the request. ct^\rSrSrSrS U4Sjjr\S5rSrSr Sr Sr \ S 5r S rS rS rU=r$)AppAssertionCredentials(aCredentials object for Compute Engine Assertion Grants This object will allow a Compute Engine instance to identify itself to Google and other OAuth 2.0 servers that can verify assertions. It can be used for the purpose of accessing data stored under an account assigned to the Compute Engine instance itself. This credential does not require a flow to instantiate because it represents a two legged flow, and therefore has all of the required information to generate and refresh its own access tokens. Note that :attr:`service_account_email` and :attr:`scopes` will both return None until the credentials have been refreshed. To check whether credentials have previously been refreshed use :attr:`invalid`. c>SU;a[R"[5 SUS'[[U]"S/UQ70UD6 XlSUlSUlg)a1Constructor for AppAssertionCredentials Args: email: an email that specifies the service account to use. Only necessary if using custom service accounts (see https://cloud.google.com/compute/docs/access/create-enable-service-accounts-for-instances#createdefaultserviceaccount). scopesNT) warningswarn_SCOPES_WARNINGsuperr__init__service_account_emailr invalid)selfemailargskwargs __class__s 7platform/bq/third_party/oauth2client_4_0/contrib/gce.pyr AppAssertionCredentials.__init__:sS v  MM/ *#F8  %t5dLTLVL%*"  c[S5eNz6Cannot serialize credentials for GCE service accounts.NotImplementedError)cls json_datas r from_json!AppAssertionCredentials.from_jsonN! DF Frc[S5errrs rto_jsonAppAssertionCredentials.to_jsonSs! DF Frc<URU5 UR$)aDRetrieves the canonical list of scopes for this access token. Overrides client.Credentials.retrieve_scopes. Fetches scopes info from the metadata server. Args: http: httplib2.Http, an http object to be used to make the refresh request. Returns: A set of strings containing the canonical list of scopes. )_retrieve_infor )rhttps rretrieve_scopes'AppAssertionCredentials.retrieve_scopesWs D!{{rcUR(aD[R"UUR=(d SS9nSUlUSUlUSUlgg)zuRetrieves service account info for invalid credentials. Args: http: an object to be used to make HTTP requests. defaultservice_accountFrr N)rrget_service_account_inforr )rr)infos rr(&AppAssertionCredentials._retrieve_infogsR <<55 $ : : GiID!DL)-gD &x.DK rcURU5 [R"XRS9uUlUlg![ Ra$n[R"[U55eSnAff=f)zRefreshes the access token. Skip all the storage hoops and just refresh using the API. Args: http: an object to be used to make HTTP requests. Raises: HttpAccessTokenRefreshError: When the refresh fails. r.N) r(r get_tokenr access_token token_expiryr HTTPExceptionrHttpAccessTokenRefreshErrorstr)rr)errs r_refresh AppAssertionCredentials._refreshuse ?    %3<3F3F&@&@4B 0D t0(( ?44SX> > ?srBrF__static_attributes__ __classcell__)rs@rrr(s_"(FFF )?$FFAArr)rLloggingr six.movesroauth2client_4_0roauth2client_4_0.contribr getLoggerrHloggerr AssertionCredentialsrrArrrXsJ  !#.   8 $uAf99uAr