forked from cms21/als_at_alcf_tomopy_compute
-
Notifications
You must be signed in to change notification settings - Fork 0
/
utils.py
100 lines (78 loc) · 3.4 KB
/
utils.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
import os
import globus_sdk
from globus_sdk import (
ClientCredentialsAuthorizer,
ConfidentialAppAuthClient,
)
from globus_sdk.scopes import GCSCollectionScopeBuilder, MutableScope
from globus_sdk.tokenstorage import SimpleJSONFileAdapter
MY_FILE_ADAPTER = SimpleJSONFileAdapter(os.path.expanduser("~/.sdk-manage-flow.json"))
TRANSFER_ACTION_PROVIDER_SCOPE_STRING = (
"https://auth.globus.org/scopes/actions.globus.org/transfer/transfer"
)
GLOBUS_CLIENT_ID = os.getenv("GLOBUS_CLIENT_ID")
GLOBUS_CLIENT_SECRET = os.getenv("GLOBUS_CLIENT_SECRET")
def do_login_flow(scopes, native_client):
native_client.oauth2_start_flow(requested_scopes=scopes,
refresh_tokens=True)
authorize_url = native_client.oauth2_get_authorize_url()
print(f"Please go to this URL and login:\n\n{authorize_url}\n")
auth_code = input("Please enter the code here: ").strip()
tokens = native_client.oauth2_exchange_code_for_tokens(auth_code)
return tokens
def get_manage_flow_authorizer(client_id):
# native_client = globus_sdk.NativeAppAuthClient(client_id)
confidential_client = globus_sdk.ConfidentialAppAuthClient(
client_id=GLOBUS_CLIENT_ID, client_secret=GLOBUS_CLIENT_SECRET
)
# resource_server = globus_sdk.FlowsClient.resource_server
all_scopes = [
globus_sdk.FlowsClient.scopes.manage_flows,
globus_sdk.FlowsClient.scopes.run_status,
]
return globus_sdk.ClientCredentialsAuthorizer(
confidential_client,
all_scopes)
def get_flows_client():
# native_client = globus_sdk.NativeAppAuthClient(client_id)
confidential_client = globus_sdk.ConfidentialAppAuthClient(
client_id=GLOBUS_CLIENT_ID, client_secret=GLOBUS_CLIENT_SECRET
)
# resource_server = globus_sdk.FlowsClient.resource_server
all_scopes = [
globus_sdk.FlowsClient.scopes.manage_flows,
globus_sdk.FlowsClient.scopes.run_status,
]
authorizer = globus_sdk.ClientCredentialsAuthorizer(
confidential_client,
all_scopes)
return globus_sdk.FlowsClient(authorizer=authorizer)
def get_specific_flow_client(flow_id, collection_ids=None):
confidential_client = globus_sdk.ConfidentialAppAuthClient(
client_id=GLOBUS_CLIENT_ID, client_secret=GLOBUS_CLIENT_SECRET
)
all_scopes = globus_sdk.SpecificFlowClient(flow_id).scopes
all_scopes = all_scopes.make_mutable("user")
assert collection_ids, "Why don't we have a collection id??"
# Build a scope that will give the flow
# access to specific mapped collections on your behalf
transfer_scope = globus_sdk.TransferClient.scopes.make_mutable("all")
transfer_action_provider_scope = MutableScope(
TRANSFER_ACTION_PROVIDER_SCOPE_STRING
)
# If you declared and mapped collections above,
# add them to the transfer scope
for collection_id in collection_ids:
gcs_data_access_scope = GCSCollectionScopeBuilder(
collection_id
).make_mutable(
"data_access",
optional=True,
)
transfer_scope.add_dependency(gcs_data_access_scope)
transfer_action_provider_scope.add_dependency(transfer_scope)
all_scopes.add_dependency(transfer_action_provider_scope)
authorizer = globus_sdk.ClientCredentialsAuthorizer(
confidential_client,
all_scopes)
return globus_sdk.SpecificFlowClient(flow_id, authorizer=authorizer)