googleapiclient.http: guard when importing ssl

[rctay]

Fix #191 by adding a guard when importing ssl, and replace all direct
references to SSLError (the sole member of ssl being used) with a
shim, _ssl_SSLError. It is prefixed with a '_' to caution users
against relying on the name when importing googleclient.http.

httplib2 also takes the same approach (see ssl_SSLError in
httplib2/__init__.py), but instead of using None when faking
SSLError, we provide a 'real' class, so that code can continue to
trigger the exception handler for SSLError in googleclient.http (eg.
in tests, SSLError's are raised). If the shim _ssl_SSLError were
None, an exception handler for it would not catch anything, as None
is not a class and we could never throw anything that could be
"compatible" with None [1]

[1] https://docs.python.org/2/reference/compound_stmts.html#except

[theacodes]

What situations are you in where ssl isn't available? It's part of the standard library since 2.6.

[theacodes]

Ah okay, I see, I read the issue.

So the issue is that App Engine doesn't have the SSL module available by default.

[theacodes]

@nathanielmanistaatgoogle I am on the fence about App Engine-specific changes. WDYT?

[rctay]

@jonparrott Thanks for looking. Perhaps we can continue the thread at #191?

[theacodes]

Nah, if @nathanielmanistaatgoogle is cool with this we can merge. :)

[rctay]

By the way, I have ran the tests with tox for py27-oauth2client1/2 and they remain working. I also tested on App Engine, by listing a Cloud Storage bucket:

from apiclient.discovery import build
from google.appengine.api import app_identity
from oauth2client.contrib.appengine import AppAssertionCredentials

import httplib2
import webapp2

class MyHandler(webapp2.ResponseHandler):
  def get(self):
    credentials = AppAssertionCredentials('https://www.googleapis.com/auth/devstorage.read_write')
    http_auth = credentials.authorize(httplib2.Http())
    service = build('storage', 'v1', http=http_auth)
    res = service.objects().list(bucket=app_identity.get_default_gcs_bucket_name()).execute()
    self.response.write(repr(res))

[nathanielmanistaatgoogle]

@jonparrott: My pride is wounded as advertised.

[theacodes]

@nathanielmanistaatgoogle FWIW ssl library available by default should hopefully happen this quarter, but no promises.

[theacodes]

With that in mind I agree the absence of the ssl module should not have compatibility. ;)

[rctay]

@nathanielmanistaatgoogle Sorry to have wounded it. Dropped the blank line and made accesses to library and reason fail. Hopefully it's loud enough and hope this makes your wound hurt less!

[rctay]

You're right, we don't run tests on App Engine, or any environment without ssl for that matter. I have dropped the changes to the test infrastructure, as well as omit implementing SSLError.

[nathanielmanistaatgoogle]

@jonparrott: please take another look at this? I feel like where I've directed this change is correct, but also pretty radical. Any qualms? Also, any desire for a comment in the clearly weird code? Should we open an issue for removing this as soon as possible?

[theacodes]

@nathanielmanistaatgoogle This LGTM and I'm okay with it. I agree we should file a bug to remove this once ssl is on by default in GAE.

[rctay]

Done! Added the todo wrt #221.