git-cookie-authdaemon - gcompute-tools - Git at Google

 #!/usr/bin/python
 """
 Background daemon to refresh OAuth access tokens.
 Tokens are written to ~/.git-credential-cache/cookie
 Git config variable http.cookiefile is updated.
 """

 import atexit
 import cookielib
 import json
 import os
 import subprocess
 import sys
 import time
 import urllib2

 REFRESH = 300  # seconds remaining when starting refresh

 A = 'http://metadata/0.1/meta-data/service-accounts/default/acquire'
 S = 'https://www.googleapis.com/auth/gerritcodereview'
 COOKIE_JAR = None

 def configure_git():
   global COOKIE_JAR

   dir = os.path.join(os.environ['HOME'], '.git-credential-cache')
   COOKIE_JAR = os.path.join(dir, 'cookie')

   if os.path.exists(dir):
     os.chmod(dir, 0700)
   else:
     os.mkdir(dir, 0700)
   subprocess.call([
     'git', 'config', '--global',
     'http.cookiefile', COOKIE_JAR
   ])

 def acquire_token():
   return json.load(urllib2.urlopen(A + '?scopes=' + S))

 def update_cookie():
   token = acquire_token()
   expires = token['expiresAt']

   tmp_jar = COOKIE_JAR + '.lock'
   cj = cookielib.MozillaCookieJar(tmp_jar)
   cj.set_cookie(cookielib.Cookie(
     version = 0,
     name = 'o',
     value = token['accessToken'],
     port = None,
     port_specified = False,
     domain = '.googlesource.com',
     domain_specified = True,
     domain_initial_dot = True,
     path = '/',
     path_specified = True,
     secure = True,
     expires = expires,
     discard = False,
     comment = None,
     comment_url = None,
     rest = None))
   cj.save()
   os.rename(tmp_jar, COOKIE_JAR)
   return expires

 def cleanup():
   if COOKIE_JAR:
     for p in [COOKIE_JAR, COOKIE_JAR + '.lock']:
       if os.path.exists(p):
         os.remove(p)

 def refresh_loop(expires):
   atexit.register(cleanup)
   expires = expires - REFRESH
   while True:
     now = time.time()
     while now < expires:
       time.sleep(expires - now)
       now = time.time()
     expires = update_cookie() - REFRESH

 def main():
   configure_git()
   expires = update_cookie()

   if os.fork() > 0:
     sys.exit(0)

   os.chdir('/')
   os.setsid()
   os.umask(0)

   pid = os.fork()
   if pid > 0:
     print '%s PID %d' % (sys.argv[0], pid)
     sys.exit(0)

   refresh_loop(expires)

 if __name__ == '__main__':
   main()
	#!/usr/bin/python
	"""
	Background daemon to refresh OAuth access tokens.
	Tokens are written to ~/.git-credential-cache/cookie
	Git config variable http.cookiefile is updated.
	"""

	import atexit
	import cookielib
	import json
	import os
	import subprocess
	import sys
	import time
	import urllib2

	REFRESH = 300 # seconds remaining when starting refresh

	A = 'http://metadata/0.1/meta-data/service-accounts/default/acquire'
	S = 'https://www.googleapis.com/auth/gerritcodereview'
	COOKIE_JAR = None

	def configure_git():
	global COOKIE_JAR

	dir = os.path.join(os.environ['HOME'], '.git-credential-cache')
	COOKIE_JAR = os.path.join(dir, 'cookie')

	if os.path.exists(dir):
	os.chmod(dir, 0700)
	else:
	os.mkdir(dir, 0700)
	subprocess.call([
	'git', 'config', '--global',
	'http.cookiefile', COOKIE_JAR
	])

	def acquire_token():
	return json.load(urllib2.urlopen(A + '?scopes=' + S))

	def update_cookie():
	token = acquire_token()
	expires = token['expiresAt']

	tmp_jar = COOKIE_JAR + '.lock'
	cj = cookielib.MozillaCookieJar(tmp_jar)
	cj.set_cookie(cookielib.Cookie(
	version = 0,
	name = 'o',
	value = token['accessToken'],
	port = None,
	port_specified = False,
	domain = '.googlesource.com',
	domain_specified = True,
	domain_initial_dot = True,
	path = '/',
	path_specified = True,
	secure = True,
	expires = expires,
	discard = False,
	comment = None,
	comment_url = None,
	rest = None))
	cj.save()
	os.rename(tmp_jar, COOKIE_JAR)
	return expires

	def cleanup():
	if COOKIE_JAR:
	for p in [COOKIE_JAR, COOKIE_JAR + '.lock']:
	if os.path.exists(p):
	os.remove(p)

	def refresh_loop(expires):
	atexit.register(cleanup)
	expires = expires - REFRESH
	while True:
	now = time.time()
	while now < expires:
	time.sleep(expires - now)
	now = time.time()
	expires = update_cookie() - REFRESH

	def main():
	configure_git()
	expires = update_cookie()

	if os.fork() > 0:
	sys.exit(0)

	os.chdir('/')
	os.setsid()
	os.umask(0)

	pid = os.fork()
	if pid > 0:
	print '%s PID %d' % (sys.argv[0], pid)
	sys.exit(0)

	refresh_loop(expires)

	if __name__ == '__main__':
	main()