From 7293840a380551f58b0653703d5a798453b3c2de Mon Sep 17 00:00:00 2001 From: Gus Class Date: Wed, 27 Sep 2017 11:27:34 -0700 Subject: [PATCH] Removes API key because discovery is now public [(#1140)](https://github.com/GoogleCloudPlatform/python-docs-samples/issues/1140) --- samples/api-client/manager/README.rst | 12 +- samples/api-client/manager/manager.py | 104 ++++++++--------- samples/api-client/manager/manager_test.py | 127 ++++++++++----------- 3 files changed, 114 insertions(+), 129 deletions(-) diff --git a/samples/api-client/manager/README.rst b/samples/api-client/manager/README.rst index fbcafcb8..0ab926b8 100644 --- a/samples/api-client/manager/README.rst +++ b/samples/api-client/manager/README.rst @@ -59,14 +59,13 @@ To run this sample: $ python manager.py - usage: manager.py [-h] --pubsub_topic PUBSUB_TOPIC [--api_key API_KEY] - [--project_id PROJECT_ID] + usage: manager.py [-h] --pubsub_topic PUBSUB_TOPIC [--project_id PROJECT_ID] [--ec_public_key_file EC_PUBLIC_KEY_FILE] [--rsa_certificate_file RSA_CERTIFICATE_FILE] [--cloud_region CLOUD_REGION] [--service_account_json SERVICE_ACCOUNT_JSON] [--registry_id REGISTRY_ID] [--device_id DEVICE_ID] - {create-es256,create-registry,create-rsa256,create-topic,create-unauth,delete-device,delete-registry,get,get-registry,list,list-registries,patch-es256,patch-rs256} + {create-es256,create-registry,create-rsa256,create-topic,create-unauth,delete-device,delete-registry,get,get-registry,get-state,list,list-registries,patch-es256,patch-rs256} ... Example of using the Google Cloud IoT Core device manager to administer @@ -77,14 +76,13 @@ To run this sample: python manager.py \ --project_id=my-project-id \ --pubsub_topic=projects/my-project-id/topics/my-topic-id \ - --api_key=YOUR_API_KEY \ --ec_public_key_file=../ec_public.pem \ --rsa_certificate_file=../rsa_cert.pem \ --service_account_json=$HOME/service_account.json list positional arguments: - {create-es256,create-registry,create-rsa256,create-topic,create-unauth,delete-device,delete-registry,get,get-registry,list,list-registries,patch-es256,patch-rs256} + {create-es256,create-registry,create-rsa256,create-topic,create-unauth,delete-device,delete-registry,get,get-registry,get-state,list,list-registries,patch-es256,patch-rs256} create-es256 Create a new device with the given id, using ES256 for authentication. create-registry Gets or creates a device registry. @@ -96,7 +94,8 @@ To run this sample: delete-device Delete the device with the given id. delete-registry Deletes the specified registry. get Retrieve the device with the given id. - get-registry Retrieve the device with the given id. + get-registry Retrieves a device registry. + get-state Retrieve a device's state blobs. list List all devices in the registry. list-registries List all registries in the project. patch-es256 Patch the device to add an ES256 public key to the @@ -109,7 +108,6 @@ To run this sample: --pubsub_topic PUBSUB_TOPIC Google Cloud Pub/Sub topic. Format is projects/project_id/topics/topic-id - --api_key API_KEY Your API key. --project_id PROJECT_ID GCP cloud project name. --ec_public_key_file EC_PUBLIC_KEY_FILE diff --git a/samples/api-client/manager/manager.py b/samples/api-client/manager/manager.py index e2e9a8e2..8fb3adf3 100644 --- a/samples/api-client/manager/manager.py +++ b/samples/api-client/manager/manager.py @@ -24,7 +24,6 @@ python manager.py \\ --project_id=my-project-id \\ --pubsub_topic=projects/my-project-id/topics/my-topic-id \\ - --api_key=YOUR_API_KEY \\ --ec_public_key_file=../ec_public.pem \\ --rsa_certificate_file=../rsa_cert.pem \\ --service_account_json=$HOME/service_account.json @@ -64,10 +63,9 @@ def create_iot_topic(topic_name): return topic -def get_client(service_account_json, api_key): - """Returns an authorized API client by discovering the IoT API using the - provided API key and creating a service object using the service account - credentials JSON.""" +def get_client(service_account_json): + """Returns an authorized API client by discovering the IoT API and creating + a service object using the service account credentials JSON.""" api_scopes = ['https://www.googleapis.com/auth/cloud-platform'] api_version = 'v1' discovery_api = 'https://cloudiot.googleapis.com/$discovery/rest' @@ -77,8 +75,8 @@ def get_client(service_account_json, api_key): service_account_json) scoped_credentials = credentials.with_scopes(api_scopes) - discovery_url = '{}?version={}&key={}'.format( - discovery_api, api_version, api_key) + discovery_url = '{}?version={}'.format( + discovery_api, api_version) return discovery.build( service_name, @@ -88,14 +86,14 @@ def get_client(service_account_json, api_key): def create_rs256_device( - service_account_json, api_key, project_id, cloud_region, registry_id, - device_id, certificate_file): + service_account_json, project_id, cloud_region, registry_id, device_id, + certificate_file): """Create a new device with the given id, using RS256 for authentication.""" registry_name = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) with io.open(certificate_file) as f: certificate = f.read() @@ -115,14 +113,14 @@ def create_rs256_device( def create_es256_device( - service_account_json, api_key, project_id, cloud_region, registry_id, + service_account_json, project_id, cloud_region, registry_id, device_id, public_key_file): """Create a new device with the given id, using ES256 for authentication.""" registry_name = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) with io.open(public_key_file) as f: public_key = f.read() @@ -142,13 +140,13 @@ def create_es256_device( def create_unauth_device( - service_account_json, api_key, project_id, cloud_region, registry_id, + service_account_json, project_id, cloud_region, registry_id, device_id): """Create a new device without authentication.""" registry_name = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) device_template = { 'id': device_id, } @@ -158,11 +156,11 @@ def create_unauth_device( def delete_device( - service_account_json, api_key, project_id, cloud_region, registry_id, + service_account_json, project_id, cloud_region, registry_id, device_id): """Delete the device with the given id.""" print('Delete device') - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_name = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) @@ -173,10 +171,10 @@ def delete_device( def delete_registry( - service_account_json, api_key, project_id, cloud_region, registry_id): + service_account_json, project_id, cloud_region, registry_id): """Deletes the specified registry.""" print('Delete registry') - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_name = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) @@ -185,11 +183,11 @@ def delete_registry( def get_device( - service_account_json, api_key, project_id, cloud_region, registry_id, + service_account_json, project_id, cloud_region, registry_id, device_id): """Retrieve the device with the given id.""" print('Getting device') - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_name = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) @@ -217,10 +215,10 @@ def get_device( def get_state( - service_account_json, api_key, project_id, cloud_region, registry_id, + service_account_json, project_id, cloud_region, registry_id, device_id): """Retrieve a device's state blobs.""" - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_name = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) @@ -234,12 +232,12 @@ def get_state( def list_devices( - service_account_json, api_key, project_id, cloud_region, registry_id): + service_account_json, project_id, cloud_region, registry_id): """List all devices in the registry.""" print('Listing devices') registry_path = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) devices = client.projects().locations().registries().devices( ).list(parent=registry_path).execute().get('devices', []) @@ -251,12 +249,12 @@ def list_devices( return devices -def list_registries(service_account_json, api_key, project_id, cloud_region): +def list_registries(service_account_json, project_id, cloud_region): """List all registries in the project.""" print('Listing Registries') registry_path = 'projects/{}/locations/{}'.format( project_id, cloud_region) - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registries = client.projects().locations().registries().list( parent=registry_path).execute().get('deviceRegistries', []) @@ -269,11 +267,11 @@ def list_registries(service_account_json, api_key, project_id, cloud_region): def create_registry( - service_account_json, api_key, project_id, cloud_region, pubsub_topic, + service_account_json, project_id, cloud_region, pubsub_topic, registry_id): """ Creates a registry and returns the result. Returns an empty result if the registry already exists.""" - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_parent = 'projects/{}/locations/{}'.format( project_id, cloud_region) @@ -296,9 +294,9 @@ def create_registry( def get_registry( - service_account_json, api_key, project_id, cloud_region, registry_id): + service_account_json, project_id, cloud_region, registry_id): """ Retrieves a device registry.""" - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_parent = 'projects/{}/locations/{}'.format( project_id, cloud_region) @@ -308,13 +306,13 @@ def get_registry( def open_registry( - service_account_json, api_key, project_id, cloud_region, pubsub_topic, + service_account_json, project_id, cloud_region, pubsub_topic, registry_id): """Gets or creates a device registry.""" print('Creating registry') response = create_registry( - service_account_json, api_key, project_id, cloud_region, + service_account_json, project_id, cloud_region, pubsub_topic, registry_id) if (response is ""): @@ -323,7 +321,7 @@ def open_registry( 'Registry {} already exists - looking it up instead.'.format( registry_id)) response = get_registry( - service_account_json, api_key, project_id, cloud_region, + service_account_json, project_id, cloud_region, registry_id) print('Registry {} opened: '.format(response.get('name'))) @@ -331,11 +329,11 @@ def open_registry( def patch_es256_auth( - service_account_json, api_key, project_id, cloud_region, registry_id, + service_account_json, project_id, cloud_region, registry_id, device_id, public_key_file): """Patch the device to add an ES256 public key to the device.""" print('Patch device with ES256 certificate') - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_path = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) @@ -358,11 +356,11 @@ def patch_es256_auth( def patch_rsa256_auth( - service_account_json, api_key, project_id, cloud_region, registry_id, - device_id, public_key_file): + service_account_json, project_id, cloud_region, registry_id, device_id, + public_key_file): """Patch the device to add an RSA256 public key to the device.""" print('Patch device with RSA256 certificate') - client = get_client(service_account_json, api_key) + client = get_client(service_account_json) registry_path = 'projects/{}/locations/{}/registries/{}'.format( project_id, cloud_region, registry_id) @@ -401,10 +399,6 @@ def parse_command_line_args(): 'Format is projects/project_id/topics/topic-id')) # Optional arguments - parser.add_argument( - '--api_key', - default=os.environ.get("API_KEY"), - help='Your API key.') parser.add_argument( '--project_id', default=os.environ.get("GOOGLE_CLOUD_PROJECT"), @@ -461,24 +455,24 @@ def run_command(args): if args.command == 'create-rsa256': create_rs256_device( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id, args.rsa_certificate_file) elif args.command == 'create-es256': create_es256_device( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id, args.ec_public_key_file) elif args.command == 'create-unauth': create_unauth_device( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id) elif args.command == 'create-registry': open_registry( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.pubsub_topic, args.registry_id) elif args.command == 'create-topic': @@ -486,44 +480,44 @@ def run_command(args): elif args.command == 'delete-device': delete_device( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id) elif args.command == 'delete-registry': delete_registry( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id) elif args.command == 'get': get_device( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id) elif args.command == 'get-state': get_state( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id) elif args.command == 'list': list_devices( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id) elif args.command == 'get-registry': print(get_registry( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id)) elif args.command == 'list-registries': list_registries( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region) elif args.command == 'patch-es256': if (args.ec_public_key_file is None): sys.exit('Error: specify --ec_public_key_file') patch_es256_auth( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id, args.ec_public_key_file) @@ -531,7 +525,7 @@ def run_command(args): if (args.rsa_certificate_file is None): sys.exit('Error: specify --rsa_certificate_file') patch_rsa256_auth( - args.service_account_json, args.api_key, args.project_id, + args.service_account_json, args.project_id, args.cloud_region, args.registry_id, args.device_id, args.rsa_certificate_file) diff --git a/samples/api-client/manager/manager_test.py b/samples/api-client/manager/manager_test.py index de155e76..ddd16750 100644 --- a/samples/api-client/manager/manager_test.py +++ b/samples/api-client/manager/manager_test.py @@ -26,7 +26,6 @@ rsa_cert_path = 'resources/rsa_cert.pem' topic_id = 'test-device-events-{}'.format(int(time.time())) -api_key = os.environ['API_KEY'] project_id = os.environ['GCLOUD_PROJECT'] service_account_json = os.environ['GOOGLE_APPLICATION_CREDENTIALS'] @@ -46,12 +45,11 @@ def test_topic(): def test_create_delete_registry(test_topic, capsys): manager.open_registry( - service_account_json, api_key, project_id, cloud_region, - pubsub_topic, registry_id) + service_account_json, project_id, cloud_region, pubsub_topic, + registry_id) manager.list_devices( - service_account_json, api_key, project_id, cloud_region, - registry_id) + service_account_json, project_id, cloud_region, registry_id) out, _ = capsys.readouterr() @@ -61,27 +59,26 @@ def test_create_delete_registry(test_topic, capsys): # Clean up manager.delete_registry( - service_account_json, api_key, project_id, cloud_region, - registry_id) + service_account_json, project_id, cloud_region, registry_id) def test_add_delete_unauth_device(test_topic, capsys): device_id = device_id_template.format('UNAUTH') manager.open_registry( - service_account_json, api_key, project_id, cloud_region, - pubsub_topic, registry_id) + service_account_json, project_id, cloud_region, pubsub_topic, + registry_id) manager.create_unauth_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.get_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.delete_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) out, _ = capsys.readouterr() assert 'UNAUTH' in out @@ -90,28 +87,27 @@ def test_add_delete_unauth_device(test_topic, capsys): def test_add_delete_rs256_device(test_topic, capsys): device_id = device_id_template.format('RSA256') manager.open_registry( - service_account_json, api_key, project_id, cloud_region, - pubsub_topic, registry_id) + service_account_json, project_id, cloud_region, pubsub_topic, + registry_id) manager.create_rs256_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id, rsa_cert_path) + service_account_json, project_id, cloud_region, registry_id, + device_id, rsa_cert_path) manager.get_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.get_state( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.delete_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.delete_registry( - service_account_json, api_key, project_id, cloud_region, - registry_id) + service_account_json, project_id, cloud_region, registry_id) out, _ = capsys.readouterr() assert 'format : RSA_X509_PEM' in out @@ -121,28 +117,27 @@ def test_add_delete_rs256_device(test_topic, capsys): def test_add_delete_es256_device(test_topic, capsys): device_id = device_id_template.format('ES256') manager.open_registry( - service_account_json, api_key, project_id, cloud_region, - pubsub_topic, registry_id) + service_account_json, project_id, cloud_region, pubsub_topic, + registry_id) manager.create_es256_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id, es_cert_path) + service_account_json, project_id, cloud_region, registry_id, + device_id, es_cert_path) manager.get_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.get_state( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.delete_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.delete_registry( - service_account_json, api_key, project_id, cloud_region, - registry_id) + service_account_json, project_id, cloud_region, registry_id) out, _ = capsys.readouterr() assert 'format : ES256_PEM' in out @@ -152,68 +147,66 @@ def test_add_delete_es256_device(test_topic, capsys): def test_add_patch_delete_rs256(test_topic, capsys): device_id = device_id_template.format('PATCHME') manager.open_registry( - service_account_json, api_key, project_id, cloud_region, - pubsub_topic, registry_id) + service_account_json, project_id, cloud_region, pubsub_topic, + registry_id) manager.create_rs256_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id, rsa_cert_path) + service_account_json, project_id, cloud_region, registry_id, + device_id, rsa_cert_path) manager.get_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) out, _ = capsys.readouterr() assert 'format : RSA_X509_PEM' in out manager.patch_es256_auth( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id, es_cert_path) + service_account_json, project_id, cloud_region, registry_id, + device_id, es_cert_path) manager.get_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) out, _ = capsys.readouterr() assert 'format : ES256_PEM' in out manager.delete_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.delete_registry( - service_account_json, api_key, project_id, cloud_region, - registry_id) + service_account_json, project_id, cloud_region, registry_id) def test_add_patch_delete_es256(test_topic, capsys): device_id = device_id_template.format('PATCHME') manager.open_registry( - service_account_json, api_key, project_id, cloud_region, - pubsub_topic, registry_id) + service_account_json, project_id, cloud_region, pubsub_topic, + registry_id) manager.create_es256_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id, es_cert_path) + service_account_json, project_id, cloud_region, registry_id, + device_id, es_cert_path) manager.get_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) out, _ = capsys.readouterr() assert 'format : ES256_PEM' in out manager.patch_rsa256_auth( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id, rsa_cert_path) + service_account_json, project_id, cloud_region, registry_id, + device_id, rsa_cert_path) manager.get_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) out, _ = capsys.readouterr() assert 'format : RSA_X509_PEM' in out manager.delete_device( - service_account_json, api_key, project_id, cloud_region, - registry_id, device_id) + service_account_json, project_id, cloud_region, registry_id, + device_id) manager.delete_registry( - service_account_json, api_key, project_id, cloud_region, - registry_id) + service_account_json, project_id, cloud_region, registry_id)