Group Listing Script¶
This example script provides a CSV-formatted listing of the current user’s groups.
It uses the tutorial client ID from the tutorial. For simplicity, the script will prompt for login on each use.
import globus_sdk
from globus_sdk.scopes import GroupsScopes
CLIENT_ID = "61338d24-54d5-408f-a10d-66c06b59f6d2"
auth_client = globus_sdk.NativeAppAuthClient(CLIENT_ID)
auth_client.oauth2_start_flow(
requested_scopes=GroupsScopes.view_my_groups_and_memberships
)
authorize_url = auth_client.oauth2_get_authorize_url()
print(f"Please go to this URL and login:\n\n{authorize_url}\n")
auth_code = input("Please enter the code here: ").strip()
tokens = auth_client.oauth2_exchange_code_for_tokens(auth_code)
groups_tokens = tokens.by_resource_server["groups.api.globus.org"]
# construct an AccessTokenAuthorizer and use it to construct the
# TransferClient
groups_client = globus_sdk.GroupsClient(
authorizer=globus_sdk.AccessTokenAuthorizer(groups_tokens["access_token"])
)
# print out in CSV format
# note that 'name' could have a comma in it, so this is slightly unsafe
print("ID,Name,Type,Session Enforcement,Roles")
for group in groups_client.get_my_groups():
# parse the group to get data for output
if group.get("enforce_session"):
session_enforcement = "strict"
else:
session_enforcement = "not strict"
roles = ",".join({m["role"] for m in group["my_memberships"]})
print(
",".join(
[
group["id"],
group["name"],
group["group_type"],
session_enforcement,
roles,
]
)
)
Group Listing With Token Storage¶
globus_sdk.tokenstorage
provides tools for managing refresh tokens. The
following example script shows how you might use this to provide a complete
script which lists the current user’s groups using refresh tokens.
import os
from globus_sdk import GroupsClient, NativeAppAuthClient, RefreshTokenAuthorizer
from globus_sdk.tokenstorage import SimpleJSONFileAdapter
CLIENT_ID = "61338d24-54d5-408f-a10d-66c06b59f6d2"
AUTH_CLIENT = NativeAppAuthClient(CLIENT_ID)
MY_FILE_ADAPTER = SimpleJSONFileAdapter(
os.path.expanduser("~/.list-my-globus-groups-tokens.json")
)
def do_login_flow():
AUTH_CLIENT.oauth2_start_flow(
requested_scopes=GroupsClient.scopes.view_my_groups_and_memberships,
refresh_tokens=True,
)
authorize_url = AUTH_CLIENT.oauth2_get_authorize_url()
print(f"Please go to this URL and login:\n\n{authorize_url}\n")
auth_code = input("Please enter the code here: ").strip()
tokens = AUTH_CLIENT.oauth2_exchange_code_for_tokens(auth_code)
return tokens
if not MY_FILE_ADAPTER.file_exists():
# do a login flow, getting back initial tokens
response = do_login_flow()
# now store the tokens and pull out the Groups tokens
MY_FILE_ADAPTER.store(response)
tokens = response.by_resource_server[GroupsClient.resource_server]
else:
# otherwise, we already did login; load the tokens from that file
tokens = MY_FILE_ADAPTER.get_token_data(GroupsClient.resource_server)
# construct the RefreshTokenAuthorizer which writes back to storage on refresh
authorizer = RefreshTokenAuthorizer(
tokens["refresh_token"],
AUTH_CLIENT,
access_token=tokens["access_token"],
expires_at=tokens["expires_at_seconds"],
on_refresh=MY_FILE_ADAPTER.on_refresh,
)
# use that authorizer to authorize the activity of the groups client
groups_client = GroupsClient(authorizer=authorizer)
# print out in CSV format
# note that 'name' could have a comma in it, so this is slightly unsafe
print("ID,Name,Type,Session Enforcement,Roles")
for group in groups_client.get_my_groups():
# parse the group to get data for output
if group.get("enforce_session"):
session_enforcement = "strict"
else:
session_enforcement = "not strict"
roles = ",".join({m["role"] for m in group["my_memberships"]})
print(
",".join(
[
group["id"],
group["name"],
group["group_type"],
session_enforcement,
roles,
]
)
)