PyDrive2
PyDrive2 copied to clipboard
Migrate to google-auth from oauth2client which is now deprecated
More info here https://google-auth.readthedocs.io/en/latest/oauth2client-deprecation.html
hey @shcheklein, I would like to help migrate to google-auth & google-auth-oauthlib
What are the plans for using oauth2client.Storage in the future for persisting credentials in a thread-safe manner? Storage is not implemented in google-auth (see googleapis/google-auth-library-python#33)
I'm not familiar with what multi-threading but is there a way to share credentials across threads and handle the token refresh, reading, writing, etc from the shared credentials object?
@junpeng-jp there is more than MT to this. PyDrive2 is relying on this implementation https://github.com/googleapis/oauth2client/blob/master/oauth2client/file.py to save / read credentials from a file (that is specified in the settings.yaml
).
My take on this that initially we can get the whole Storage (abstract class) and the file implementation into the PyDrive2 itself. They are small. Add tests to cover the file based impl.
Next step would be to is check how this object is implemented now https://github.com/googleapis/oauth2client/blob/master/oauth2client/client.py#L441 .
It interacts with the storage instance to keep updating credentials in it. It might turn out we would need to write a wrapper for the new credentials abstraction. Or it has some param (store
) to pass.
Driveby-ing here, but perhaps you could look at https://github.com/burnash/gspread and see what they do. These two projects seem to be very related, perhaps you could share the load and come up with something that both libraries could use.
@shcheklein Took a look at the Storage class and I think I can just update the refresh
method for the google Credential object to have the above locked file read/write behaviour. This should allow AuthorizedSession / AuthorizedHttp to handle the storing of tokens using a re-implemented Storage object within the self.credential.before_request
calls.
@junpeng-jp could you please put some links so that we are on the same page on what specific calls / classes we are talking about?
@shcheklein Scratch what I said previously. I found that the old google oauth2client's Storage is used for post-refresh token read / write in Client. To replicate this, I think we need 2 things:
- a copy of the Storage object with the same file locking capabilities
- a custom Credential object that has
self.store
& modify therefresh
method (see here) to save the new access & refresh tokens every time a refresh occurs
The Credential's refresh
method is called in in 2 places within the self.request
method of AuthorizedSession and AuthorizedHttp:
- first refresh can happen via the
self.credential.before_request
call - subsequent refreshes can happen later in the method with up to 2 retries
@junpeng-jp yep, it makes sense, thanks.