forked from Shinonome/dots-hyprland
GoogleCloud: re fetch token on expiry
This commit is contained in:
end-4
@@ -12,6 +12,7 @@ Singleton {
|
|||||||
property bool keyError: false
|
property bool keyError: false
|
||||||
property bool keyReady: false
|
property bool keyReady: false
|
||||||
property string token: ""
|
property string token: ""
|
||||||
|
property date tokenExpiry
|
||||||
property bool tokenError: false
|
property bool tokenError: false
|
||||||
property bool tokenReady: false
|
property bool tokenReady: false
|
||||||
readonly property string projectId: keyProjectId
|
readonly property string projectId: keyProjectId
|
||||||
@@ -21,7 +22,14 @@ Singleton {
|
|||||||
readonly property string tokenForKeyScriptPath: Quickshell.shellPath("services/gCloud/token-from-key-venv.sh")
|
readonly property string tokenForKeyScriptPath: Quickshell.shellPath("services/gCloud/token-from-key-venv.sh")
|
||||||
|
|
||||||
function load() {
|
function load() {
|
||||||
// Dummy for init
|
// Init load will be handled by Component.onCompleted
|
||||||
|
if (!tokenReady) return;
|
||||||
|
// We just reload if key expired
|
||||||
|
if (new Date() >= root.tokenExpiry) {
|
||||||
|
root.tokenReady = false;
|
||||||
|
root.keyReady = false;
|
||||||
|
loadKeyIfPossible();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function setKeyJson(str: string): bool {
|
function setKeyJson(str: string): bool {
|
||||||
@@ -41,20 +49,26 @@ Singleton {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
tokenProc.runSequence([(() => { // prep token fetcher
|
tokenProc.runSequence([(() => { // prep token fetcher
|
||||||
tokenProc.environment.SERVICE_KEY_CONTENT = JSON.stringify(root.keyContent);
|
tokenProc.environment.SERVICE_KEY_CONTENT = JSON.stringify(root.keyContent);
|
||||||
tokenProc.command = [ //
|
tokenProc.command = [ //
|
||||||
"bash", "-c" //
|
"bash", "-c" //
|
||||||
, `${tokenForKeyScriptPath} "$SERVICE_KEY_CONTENT"`];
|
, `${tokenForKeyScriptPath} "$SERVICE_KEY_CONTENT"`];
|
||||||
}), [] // run token fetcher
|
}), //
|
||||||
, (out => {
|
[], // run token fetcher
|
||||||
if (out.startsWith("Error")) {
|
((out) => {
|
||||||
root.tokenError = true;
|
try {
|
||||||
} else {
|
const data = JSON.parse(out)
|
||||||
root.tokenError = false;
|
root.token = data.token
|
||||||
root.token = out.trim();
|
// Js wants millis instead of seconds
|
||||||
}
|
root.tokenExpiry = new Date(data.expiry * 1000)
|
||||||
root.tokenReady = true;
|
root.tokenError = false;
|
||||||
})]);
|
} catch(e) {
|
||||||
|
root.tokenError = true;
|
||||||
|
print("[GoogleCloud] Failed to parse token response: " + e)
|
||||||
|
}
|
||||||
|
root.tokenReady = true;
|
||||||
|
}
|
||||||
|
)]);
|
||||||
}
|
}
|
||||||
|
|
||||||
function loadKeyIfPossible() {
|
function loadKeyIfPossible() {
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
|
import calendar
|
||||||
import sys
|
import sys
|
||||||
import json
|
import json
|
||||||
import google.auth.transport.requests
|
import google.auth.transport.requests
|
||||||
@@ -17,7 +18,14 @@ def get_token(json_str):
|
|||||||
request = google.auth.transport.requests.Request()
|
request = google.auth.transport.requests.Request()
|
||||||
scoped_creds.refresh(request)
|
scoped_creds.refresh(request)
|
||||||
|
|
||||||
print(scoped_creds.token)
|
token = scoped_creds.token
|
||||||
|
expiry = int(calendar.timegm(scoped_creds.expiry.utctimetuple()))
|
||||||
|
|
||||||
|
print(json.dumps({
|
||||||
|
"token": token,
|
||||||
|
"expiry": expiry
|
||||||
|
}))
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
sys.stderr.write(f"Error: {str(e)}\n")
|
sys.stderr.write(f"Error: {str(e)}\n")
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|||||||
Reference in New Issue
Block a user