@databricks/sdk-tokenmanagement 0.0.0-dev → 0.1.0-dev.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +203 -0
- package/dist/v1/client.d.ts +22 -0
- package/dist/v1/client.d.ts.map +1 -0
- package/dist/v1/client.js +172 -0
- package/dist/v1/client.js.map +1 -0
- package/dist/v1/index.d.ts +5 -0
- package/dist/v1/index.d.ts.map +1 -0
- package/dist/v1/index.js +5 -0
- package/dist/v1/index.js.map +1 -0
- package/dist/v1/model.d.ts +123 -0
- package/dist/v1/model.d.ts.map +1 -0
- package/dist/v1/model.js +175 -0
- package/dist/v1/model.js.map +1 -0
- package/dist/v1/transport.d.ts +5 -0
- package/dist/v1/transport.d.ts.map +1 -0
- package/dist/v1/transport.js +57 -0
- package/dist/v1/transport.js.map +1 -0
- package/dist/v1/utils.d.ts +22 -0
- package/dist/v1/utils.d.ts.map +1 -0
- package/dist/v1/utils.js +113 -0
- package/dist/v1/utils.js.map +1 -0
- package/package.json +38 -4
- package/src/v1/client.ts +232 -0
- package/src/v1/index.ts +20 -0
- package/src/v1/model.ts +301 -0
- package/src/v1/transport.ts +73 -0
- package/src/v1/utils.ts +156 -0
- package/README.md +0 -1
- package/index.js +0 -1
package/src/v1/client.ts
ADDED
|
@@ -0,0 +1,232 @@
|
|
|
1
|
+
// Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
|
|
2
|
+
|
|
3
|
+
import {VERSION as AUTH_VERSION} from '@databricks/sdk-auth';
|
|
4
|
+
import type {Call} from '@databricks/sdk-core/api';
|
|
5
|
+
import {createDefault} from '@databricks/sdk-core/clientinfo';
|
|
6
|
+
import type {Logger} from '@databricks/sdk-core/logger';
|
|
7
|
+
import {NoOpLogger} from '@databricks/sdk-core/logger';
|
|
8
|
+
import type {CallOptions} from '@databricks/sdk-options/call';
|
|
9
|
+
import type {ClientOptions} from '@databricks/sdk-options/client';
|
|
10
|
+
import type {HttpClient} from '@databricks/sdk-core/http';
|
|
11
|
+
import {newHttpClient} from './transport';
|
|
12
|
+
import {
|
|
13
|
+
buildHttpRequest,
|
|
14
|
+
executeCall,
|
|
15
|
+
executeHttpCall,
|
|
16
|
+
marshalRequest,
|
|
17
|
+
parseResponse,
|
|
18
|
+
} from './utils';
|
|
19
|
+
import pkgJson from '../../package.json' with {type: 'json'};
|
|
20
|
+
import type {
|
|
21
|
+
AdminTokenInfo,
|
|
22
|
+
CreateOnBehalfOfTokenRequest,
|
|
23
|
+
CreateOnBehalfOfTokenRequest_Response,
|
|
24
|
+
GetTokenRequest,
|
|
25
|
+
GetTokenRequest_Response,
|
|
26
|
+
ListTokensRequest,
|
|
27
|
+
ListTokensRequest_Response,
|
|
28
|
+
RevokeTokenRequest,
|
|
29
|
+
RevokeTokenRequest_Response,
|
|
30
|
+
UpdateToken,
|
|
31
|
+
} from './model';
|
|
32
|
+
import {
|
|
33
|
+
marshalCreateOnBehalfOfTokenRequestSchema,
|
|
34
|
+
marshalUpdateTokenSchema,
|
|
35
|
+
unmarshalAdminTokenInfoSchema,
|
|
36
|
+
unmarshalCreateOnBehalfOfTokenRequest_ResponseSchema,
|
|
37
|
+
unmarshalGetTokenRequest_ResponseSchema,
|
|
38
|
+
unmarshalListTokensRequest_ResponseSchema,
|
|
39
|
+
unmarshalRevokeTokenRequest_ResponseSchema,
|
|
40
|
+
} from './model';
|
|
41
|
+
|
|
42
|
+
// Package identity segment for this client to be used in the User-Agent header.
|
|
43
|
+
const PACKAGE_SEGMENT = {
|
|
44
|
+
key: 'sdk-js-' + pkgJson.name.replace(/^@[^/]+\/sdk-/, ''),
|
|
45
|
+
value: pkgJson.version,
|
|
46
|
+
};
|
|
47
|
+
|
|
48
|
+
export class TokenmanagementClient {
|
|
49
|
+
private readonly host: string;
|
|
50
|
+
// Workspace ID used to route workspace-level calls on unified hosts (SPOG).
|
|
51
|
+
// When set, workspace-level methods send X-Databricks-Org-Id on every
|
|
52
|
+
// request.
|
|
53
|
+
private readonly workspaceId: string | undefined;
|
|
54
|
+
private readonly httpClient: HttpClient;
|
|
55
|
+
private readonly logger: Logger;
|
|
56
|
+
// User-Agent header value. Composed once at construction from
|
|
57
|
+
// createDefault() merged with this package's identity and the active
|
|
58
|
+
// credential's name.
|
|
59
|
+
private readonly userAgent: string;
|
|
60
|
+
|
|
61
|
+
constructor(options: ClientOptions) {
|
|
62
|
+
if (options.host === undefined) {
|
|
63
|
+
throw new Error('Host is required.');
|
|
64
|
+
}
|
|
65
|
+
this.host = options.host.replace(/\/$/, '');
|
|
66
|
+
this.workspaceId = options.workspaceId;
|
|
67
|
+
this.logger = options.logger ?? new NoOpLogger();
|
|
68
|
+
const info = createDefault()
|
|
69
|
+
.with(PACKAGE_SEGMENT)
|
|
70
|
+
.with({key: 'sdk-js-auth', value: AUTH_VERSION})
|
|
71
|
+
.with({key: 'auth', value: options.credentials?.name() ?? 'default'});
|
|
72
|
+
this.userAgent = info.toString();
|
|
73
|
+
this.httpClient = newHttpClient(options);
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
/** Creates a token on behalf of a service principal. */
|
|
77
|
+
async createOnBehalfOfToken(
|
|
78
|
+
req: CreateOnBehalfOfTokenRequest,
|
|
79
|
+
options?: CallOptions
|
|
80
|
+
): Promise<CreateOnBehalfOfTokenRequest_Response> {
|
|
81
|
+
const url = `${this.host}/api/2.0/token-management/on-behalf-of/tokens`;
|
|
82
|
+
const body = marshalRequest(req, marshalCreateOnBehalfOfTokenRequestSchema);
|
|
83
|
+
let resp: CreateOnBehalfOfTokenRequest_Response | undefined;
|
|
84
|
+
const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
85
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
86
|
+
if (this.workspaceId !== undefined) {
|
|
87
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
88
|
+
}
|
|
89
|
+
headers.set('User-Agent', this.userAgent);
|
|
90
|
+
const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
|
|
91
|
+
const respBody = await executeHttpCall({
|
|
92
|
+
request: httpReq,
|
|
93
|
+
httpClient: this.httpClient,
|
|
94
|
+
logger: this.logger,
|
|
95
|
+
});
|
|
96
|
+
resp = parseResponse(
|
|
97
|
+
respBody,
|
|
98
|
+
unmarshalCreateOnBehalfOfTokenRequest_ResponseSchema
|
|
99
|
+
);
|
|
100
|
+
};
|
|
101
|
+
await executeCall(call, options);
|
|
102
|
+
if (resp === undefined) {
|
|
103
|
+
throw new Error('API call completed without a result.');
|
|
104
|
+
}
|
|
105
|
+
return resp;
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
/** Deletes a token, specified by its ID. */
|
|
109
|
+
async deleteToken(
|
|
110
|
+
req: RevokeTokenRequest,
|
|
111
|
+
options?: CallOptions
|
|
112
|
+
): Promise<RevokeTokenRequest_Response> {
|
|
113
|
+
const url = `${this.host}/api/2.0/token-management/tokens/${req.tokenId ?? ''}`;
|
|
114
|
+
let resp: RevokeTokenRequest_Response | undefined;
|
|
115
|
+
const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
116
|
+
const headers = new Headers();
|
|
117
|
+
if (this.workspaceId !== undefined) {
|
|
118
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
119
|
+
}
|
|
120
|
+
headers.set('User-Agent', this.userAgent);
|
|
121
|
+
const httpReq = buildHttpRequest('DELETE', url, headers, callSignal);
|
|
122
|
+
const respBody = await executeHttpCall({
|
|
123
|
+
request: httpReq,
|
|
124
|
+
httpClient: this.httpClient,
|
|
125
|
+
logger: this.logger,
|
|
126
|
+
});
|
|
127
|
+
resp = parseResponse(
|
|
128
|
+
respBody,
|
|
129
|
+
unmarshalRevokeTokenRequest_ResponseSchema
|
|
130
|
+
);
|
|
131
|
+
};
|
|
132
|
+
await executeCall(call, options);
|
|
133
|
+
if (resp === undefined) {
|
|
134
|
+
throw new Error('API call completed without a result.');
|
|
135
|
+
}
|
|
136
|
+
return resp;
|
|
137
|
+
}
|
|
138
|
+
|
|
139
|
+
/** Gets information about a token, specified by its ID. */
|
|
140
|
+
async getToken(
|
|
141
|
+
req: GetTokenRequest,
|
|
142
|
+
options?: CallOptions
|
|
143
|
+
): Promise<GetTokenRequest_Response> {
|
|
144
|
+
const url = `${this.host}/api/2.0/token-management/tokens/${req.tokenId ?? ''}`;
|
|
145
|
+
let resp: GetTokenRequest_Response | undefined;
|
|
146
|
+
const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
147
|
+
const headers = new Headers();
|
|
148
|
+
if (this.workspaceId !== undefined) {
|
|
149
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
150
|
+
}
|
|
151
|
+
headers.set('User-Agent', this.userAgent);
|
|
152
|
+
const httpReq = buildHttpRequest('GET', url, headers, callSignal);
|
|
153
|
+
const respBody = await executeHttpCall({
|
|
154
|
+
request: httpReq,
|
|
155
|
+
httpClient: this.httpClient,
|
|
156
|
+
logger: this.logger,
|
|
157
|
+
});
|
|
158
|
+
resp = parseResponse(respBody, unmarshalGetTokenRequest_ResponseSchema);
|
|
159
|
+
};
|
|
160
|
+
await executeCall(call, options);
|
|
161
|
+
if (resp === undefined) {
|
|
162
|
+
throw new Error('API call completed without a result.');
|
|
163
|
+
}
|
|
164
|
+
return resp;
|
|
165
|
+
}
|
|
166
|
+
|
|
167
|
+
/** Lists all tokens associated with the specified workspace or user. */
|
|
168
|
+
async listTokens(
|
|
169
|
+
req: ListTokensRequest,
|
|
170
|
+
options?: CallOptions
|
|
171
|
+
): Promise<ListTokensRequest_Response> {
|
|
172
|
+
const url = `${this.host}/api/2.0/token-management/tokens`;
|
|
173
|
+
const params = new URLSearchParams();
|
|
174
|
+
if (req.createdById !== undefined) {
|
|
175
|
+
params.append('created_by_id', String(req.createdById));
|
|
176
|
+
}
|
|
177
|
+
if (req.createdByUsername !== undefined) {
|
|
178
|
+
params.append('created_by_username', req.createdByUsername);
|
|
179
|
+
}
|
|
180
|
+
const query = params.toString();
|
|
181
|
+
const fullUrl = query !== '' ? `${url}?${query}` : url;
|
|
182
|
+
let resp: ListTokensRequest_Response | undefined;
|
|
183
|
+
const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
184
|
+
const headers = new Headers();
|
|
185
|
+
if (this.workspaceId !== undefined) {
|
|
186
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
187
|
+
}
|
|
188
|
+
headers.set('User-Agent', this.userAgent);
|
|
189
|
+
const httpReq = buildHttpRequest('GET', fullUrl, headers, callSignal);
|
|
190
|
+
const respBody = await executeHttpCall({
|
|
191
|
+
request: httpReq,
|
|
192
|
+
httpClient: this.httpClient,
|
|
193
|
+
logger: this.logger,
|
|
194
|
+
});
|
|
195
|
+
resp = parseResponse(respBody, unmarshalListTokensRequest_ResponseSchema);
|
|
196
|
+
};
|
|
197
|
+
await executeCall(call, options);
|
|
198
|
+
if (resp === undefined) {
|
|
199
|
+
throw new Error('API call completed without a result.');
|
|
200
|
+
}
|
|
201
|
+
return resp;
|
|
202
|
+
}
|
|
203
|
+
|
|
204
|
+
/** Updates a token, specified by its ID. */
|
|
205
|
+
async updateToken(
|
|
206
|
+
req: UpdateToken,
|
|
207
|
+
options?: CallOptions
|
|
208
|
+
): Promise<AdminTokenInfo> {
|
|
209
|
+
const url = `${this.host}/api/2.0/token-management/tokens/${req.token?.tokenId ?? ''}`;
|
|
210
|
+
const body = marshalRequest(req, marshalUpdateTokenSchema);
|
|
211
|
+
let resp: AdminTokenInfo | undefined;
|
|
212
|
+
const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
|
|
213
|
+
const headers = new Headers({'Content-Type': 'application/json'});
|
|
214
|
+
if (this.workspaceId !== undefined) {
|
|
215
|
+
headers.set('X-Databricks-Org-Id', this.workspaceId);
|
|
216
|
+
}
|
|
217
|
+
headers.set('User-Agent', this.userAgent);
|
|
218
|
+
const httpReq = buildHttpRequest('PATCH', url, headers, callSignal, body);
|
|
219
|
+
const respBody = await executeHttpCall({
|
|
220
|
+
request: httpReq,
|
|
221
|
+
httpClient: this.httpClient,
|
|
222
|
+
logger: this.logger,
|
|
223
|
+
});
|
|
224
|
+
resp = parseResponse(respBody, unmarshalAdminTokenInfoSchema);
|
|
225
|
+
};
|
|
226
|
+
await executeCall(call, options);
|
|
227
|
+
if (resp === undefined) {
|
|
228
|
+
throw new Error('API call completed without a result.');
|
|
229
|
+
}
|
|
230
|
+
return resp;
|
|
231
|
+
}
|
|
232
|
+
}
|
package/src/v1/index.ts
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
// Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
|
|
2
|
+
|
|
3
|
+
export {TokenmanagementClient} from './client';
|
|
4
|
+
|
|
5
|
+
export {AutoscopeState} from './model';
|
|
6
|
+
|
|
7
|
+
export type {
|
|
8
|
+
AdminTokenInfo,
|
|
9
|
+
CreateOnBehalfOfTokenRequest,
|
|
10
|
+
CreateOnBehalfOfTokenRequest_Response,
|
|
11
|
+
GetTokenRequest,
|
|
12
|
+
GetTokenRequest_Response,
|
|
13
|
+
ListTokensRequest,
|
|
14
|
+
ListTokensRequest_Response,
|
|
15
|
+
RevokeTokenRequest,
|
|
16
|
+
RevokeTokenRequest_Response,
|
|
17
|
+
UpdateToken,
|
|
18
|
+
} from './model';
|
|
19
|
+
|
|
20
|
+
export {adminTokenInfoFieldMask} from './model';
|
package/src/v1/model.ts
ADDED
|
@@ -0,0 +1,301 @@
|
|
|
1
|
+
// Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
|
|
2
|
+
|
|
3
|
+
import {FieldMask} from '@databricks/sdk-core/wkt';
|
|
4
|
+
import type {FieldMaskSchema} from '@databricks/sdk-core/wkt';
|
|
5
|
+
import {z} from 'zod';
|
|
6
|
+
|
|
7
|
+
/**
|
|
8
|
+
* State of inferred scope collection (autoscope) for an external PAT.
|
|
9
|
+
* Mirrored in databricks.identity.AutoscopeState in common/principal-context/api/proto/tokendetails.proto.
|
|
10
|
+
* Token store and token management proto can depend on this.
|
|
11
|
+
* Principal context proto should NOT depend on this proto definitions because too many services depend on the principal context proto.
|
|
12
|
+
*/
|
|
13
|
+
export enum AutoscopeState {
|
|
14
|
+
AUTOSCOPE_STATE_UNSPECIFIED = 'AUTOSCOPE_STATE_UNSPECIFIED',
|
|
15
|
+
AUTOSCOPE_STATE_DISABLED = 'AUTOSCOPE_STATE_DISABLED',
|
|
16
|
+
AUTOSCOPE_STATE_RUNNING = 'AUTOSCOPE_STATE_RUNNING',
|
|
17
|
+
AUTOSCOPE_STATE_COMPLETED = 'AUTOSCOPE_STATE_COMPLETED',
|
|
18
|
+
AUTOSCOPE_STATE_BACKFILLED = 'AUTOSCOPE_STATE_BACKFILLED',
|
|
19
|
+
AUTOSCOPE_STATE_USER_SELECTED = 'AUTOSCOPE_STATE_USER_SELECTED',
|
|
20
|
+
AUTOSCOPE_STATE_API_NOT_COVERED = 'AUTOSCOPE_STATE_API_NOT_COVERED',
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
export interface AdminTokenInfo {
|
|
24
|
+
/** ID of the token. */
|
|
25
|
+
tokenId?: string | undefined;
|
|
26
|
+
/** Timestamp when the token was created. */
|
|
27
|
+
creationTime?: bigint | undefined;
|
|
28
|
+
/** Timestamp when the token expires. */
|
|
29
|
+
expiryTime?: bigint | undefined;
|
|
30
|
+
/** Comment that describes the purpose of the token, specified by the token creator. */
|
|
31
|
+
comment?: string | undefined;
|
|
32
|
+
/** User ID of the user that created the token. */
|
|
33
|
+
createdById?: bigint | undefined;
|
|
34
|
+
/** Username of the user that created the token. */
|
|
35
|
+
createdByUsername?: string | undefined;
|
|
36
|
+
/** User ID of the user that owns the token. */
|
|
37
|
+
ownerId?: bigint | undefined;
|
|
38
|
+
/** If applicable, the ID of the workspace that the token was created in. */
|
|
39
|
+
workspaceId?: bigint | undefined;
|
|
40
|
+
/** Approximate timestamp for the day the token was last used. Accurate up to 1 day. */
|
|
41
|
+
lastUsedDay?: bigint | undefined;
|
|
42
|
+
/** Scope of the token was created with, if applicable. */
|
|
43
|
+
scopes?: string[] | undefined;
|
|
44
|
+
/** Output only. The autoscope state of this token. */
|
|
45
|
+
autoscopeState?: AutoscopeState | undefined;
|
|
46
|
+
/** Output only. Inferred API path scopes collected for this token when autoscope is enabled. */
|
|
47
|
+
inferredScopes?: string[] | undefined;
|
|
48
|
+
/** Output only. Scopes inferred from offline backfill processing. */
|
|
49
|
+
backfillScopes?: string[] | undefined;
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
/** Configuration details for creating on-behalf tokens. */
|
|
53
|
+
export interface CreateOnBehalfOfTokenRequest {
|
|
54
|
+
/** Application ID of the service principal. */
|
|
55
|
+
applicationId?: string | undefined;
|
|
56
|
+
/** The number of seconds before the token expires. */
|
|
57
|
+
lifetimeSeconds?: bigint | undefined;
|
|
58
|
+
/** Comment that describes the purpose of the token. */
|
|
59
|
+
comment?: string | undefined;
|
|
60
|
+
scopes?: string[] | undefined;
|
|
61
|
+
/** Whether to enable autoscoping for this token. */
|
|
62
|
+
autoscopeEnabled?: boolean | undefined;
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
/** An on-behalf token was successfully created for the service principal. */
|
|
66
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
67
|
+
export interface CreateOnBehalfOfTokenRequest_Response {
|
|
68
|
+
/** Value of the token. */
|
|
69
|
+
tokenValue?: string | undefined;
|
|
70
|
+
tokenInfo?: AdminTokenInfo | undefined;
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
/**
|
|
74
|
+
* !! KEEP THIS IN-SYNC WITH THE WORKSPACE PROTO DEFINITIONS IN SERVICE.PROTO !!
|
|
75
|
+
*
|
|
76
|
+
* The only differences should be:
|
|
77
|
+
* 1. The OpenAPI labels.
|
|
78
|
+
* 2. The account_id request parameter.
|
|
79
|
+
*/
|
|
80
|
+
export interface GetTokenRequest {
|
|
81
|
+
/** The ID of the token to get. */
|
|
82
|
+
tokenId?: string | undefined;
|
|
83
|
+
}
|
|
84
|
+
|
|
85
|
+
/** Token with specified Token ID was successfully returned. */
|
|
86
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
87
|
+
export interface GetTokenRequest_Response {
|
|
88
|
+
tokenInfo?: AdminTokenInfo | undefined;
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
/**
|
|
92
|
+
* !! KEEP THIS IN-SYNC WITH THE ACCOUNT PROTO DEFINITIONS IN ACCOUNT_SERVICE.PROTO !!
|
|
93
|
+
*
|
|
94
|
+
* The only differences should be:
|
|
95
|
+
* 1. The OpenAPI labels.
|
|
96
|
+
* 2. The account_id request parameter.
|
|
97
|
+
* 3. The string filter parameter instead of hard-coded filters.
|
|
98
|
+
*/
|
|
99
|
+
export interface ListTokensRequest {
|
|
100
|
+
/** User ID of the user that created the token. */
|
|
101
|
+
createdById?: bigint | undefined;
|
|
102
|
+
/** Username of the user that created the token. */
|
|
103
|
+
createdByUsername?: string | undefined;
|
|
104
|
+
}
|
|
105
|
+
|
|
106
|
+
/** Tokens were successfully returned. */
|
|
107
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
108
|
+
export interface ListTokensRequest_Response {
|
|
109
|
+
/** Token metadata of each user-created token in the workspace */
|
|
110
|
+
tokenInfos?: AdminTokenInfo[] | undefined;
|
|
111
|
+
}
|
|
112
|
+
|
|
113
|
+
export interface RevokeTokenRequest {
|
|
114
|
+
/** The ID of the token to revoke. */
|
|
115
|
+
tokenId?: string | undefined;
|
|
116
|
+
}
|
|
117
|
+
|
|
118
|
+
/** The token was successfully deleted. */
|
|
119
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention, @typescript-eslint/no-empty-object-type -- Proto-style nested message name.
|
|
120
|
+
export interface RevokeTokenRequest_Response {}
|
|
121
|
+
|
|
122
|
+
/**
|
|
123
|
+
* For the list of supported token scopes, see
|
|
124
|
+
* https://docs.databricks.com/api/workspace/api/scopes.
|
|
125
|
+
*/
|
|
126
|
+
export interface UpdateToken {
|
|
127
|
+
token?: AdminTokenInfo | undefined;
|
|
128
|
+
/** A list of field name under token, For example, {"update_mask": "comment,scopes"} */
|
|
129
|
+
updateMask?: FieldMask<AdminTokenInfo> | undefined;
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
export const unmarshalAdminTokenInfoSchema: z.ZodType<AdminTokenInfo> = z
|
|
133
|
+
.object({
|
|
134
|
+
token_id: z.string().optional(),
|
|
135
|
+
creation_time: z
|
|
136
|
+
.union([z.number(), z.bigint()])
|
|
137
|
+
.transform(v => BigInt(v))
|
|
138
|
+
.optional(),
|
|
139
|
+
expiry_time: z
|
|
140
|
+
.union([z.number(), z.bigint()])
|
|
141
|
+
.transform(v => BigInt(v))
|
|
142
|
+
.optional(),
|
|
143
|
+
comment: z.string().optional(),
|
|
144
|
+
created_by_id: z
|
|
145
|
+
.union([z.number(), z.bigint()])
|
|
146
|
+
.transform(v => BigInt(v))
|
|
147
|
+
.optional(),
|
|
148
|
+
created_by_username: z.string().optional(),
|
|
149
|
+
owner_id: z
|
|
150
|
+
.union([z.number(), z.bigint()])
|
|
151
|
+
.transform(v => BigInt(v))
|
|
152
|
+
.optional(),
|
|
153
|
+
workspace_id: z
|
|
154
|
+
.union([z.number(), z.bigint()])
|
|
155
|
+
.transform(v => BigInt(v))
|
|
156
|
+
.optional(),
|
|
157
|
+
last_used_day: z
|
|
158
|
+
.union([z.number(), z.bigint()])
|
|
159
|
+
.transform(v => BigInt(v))
|
|
160
|
+
.optional(),
|
|
161
|
+
scopes: z.array(z.string()).optional(),
|
|
162
|
+
autoscope_state: z.enum(AutoscopeState).optional(),
|
|
163
|
+
inferred_scopes: z.array(z.string()).optional(),
|
|
164
|
+
backfill_scopes: z.array(z.string()).optional(),
|
|
165
|
+
})
|
|
166
|
+
.transform(d => ({
|
|
167
|
+
tokenId: d.token_id,
|
|
168
|
+
creationTime: d.creation_time,
|
|
169
|
+
expiryTime: d.expiry_time,
|
|
170
|
+
comment: d.comment,
|
|
171
|
+
createdById: d.created_by_id,
|
|
172
|
+
createdByUsername: d.created_by_username,
|
|
173
|
+
ownerId: d.owner_id,
|
|
174
|
+
workspaceId: d.workspace_id,
|
|
175
|
+
lastUsedDay: d.last_used_day,
|
|
176
|
+
scopes: d.scopes,
|
|
177
|
+
autoscopeState: d.autoscope_state,
|
|
178
|
+
inferredScopes: d.inferred_scopes,
|
|
179
|
+
backfillScopes: d.backfill_scopes,
|
|
180
|
+
}));
|
|
181
|
+
|
|
182
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
183
|
+
export const unmarshalCreateOnBehalfOfTokenRequest_ResponseSchema: z.ZodType<CreateOnBehalfOfTokenRequest_Response> =
|
|
184
|
+
z
|
|
185
|
+
.object({
|
|
186
|
+
token_value: z.string().optional(),
|
|
187
|
+
token_info: z.lazy(() => unmarshalAdminTokenInfoSchema).optional(),
|
|
188
|
+
})
|
|
189
|
+
.transform(d => ({
|
|
190
|
+
tokenValue: d.token_value,
|
|
191
|
+
tokenInfo: d.token_info,
|
|
192
|
+
}));
|
|
193
|
+
|
|
194
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
195
|
+
export const unmarshalGetTokenRequest_ResponseSchema: z.ZodType<GetTokenRequest_Response> =
|
|
196
|
+
z
|
|
197
|
+
.object({
|
|
198
|
+
token_info: z.lazy(() => unmarshalAdminTokenInfoSchema).optional(),
|
|
199
|
+
})
|
|
200
|
+
.transform(d => ({
|
|
201
|
+
tokenInfo: d.token_info,
|
|
202
|
+
}));
|
|
203
|
+
|
|
204
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
205
|
+
export const unmarshalListTokensRequest_ResponseSchema: z.ZodType<ListTokensRequest_Response> =
|
|
206
|
+
z
|
|
207
|
+
.object({
|
|
208
|
+
token_infos: z
|
|
209
|
+
.array(z.lazy(() => unmarshalAdminTokenInfoSchema))
|
|
210
|
+
.optional(),
|
|
211
|
+
})
|
|
212
|
+
.transform(d => ({
|
|
213
|
+
tokenInfos: d.token_infos,
|
|
214
|
+
}));
|
|
215
|
+
|
|
216
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
217
|
+
export const unmarshalRevokeTokenRequest_ResponseSchema: z.ZodType<RevokeTokenRequest_Response> =
|
|
218
|
+
z.object({});
|
|
219
|
+
|
|
220
|
+
export const marshalAdminTokenInfoSchema: z.ZodType = z
|
|
221
|
+
.object({
|
|
222
|
+
tokenId: z.string().optional(),
|
|
223
|
+
creationTime: z.bigint().optional(),
|
|
224
|
+
expiryTime: z.bigint().optional(),
|
|
225
|
+
comment: z.string().optional(),
|
|
226
|
+
createdById: z.bigint().optional(),
|
|
227
|
+
createdByUsername: z.string().optional(),
|
|
228
|
+
ownerId: z.bigint().optional(),
|
|
229
|
+
workspaceId: z.bigint().optional(),
|
|
230
|
+
lastUsedDay: z.bigint().optional(),
|
|
231
|
+
scopes: z.array(z.string()).optional(),
|
|
232
|
+
autoscopeState: z.enum(AutoscopeState).optional(),
|
|
233
|
+
inferredScopes: z.array(z.string()).optional(),
|
|
234
|
+
backfillScopes: z.array(z.string()).optional(),
|
|
235
|
+
})
|
|
236
|
+
.transform(d => ({
|
|
237
|
+
token_id: d.tokenId,
|
|
238
|
+
creation_time: d.creationTime,
|
|
239
|
+
expiry_time: d.expiryTime,
|
|
240
|
+
comment: d.comment,
|
|
241
|
+
created_by_id: d.createdById,
|
|
242
|
+
created_by_username: d.createdByUsername,
|
|
243
|
+
owner_id: d.ownerId,
|
|
244
|
+
workspace_id: d.workspaceId,
|
|
245
|
+
last_used_day: d.lastUsedDay,
|
|
246
|
+
scopes: d.scopes,
|
|
247
|
+
autoscope_state: d.autoscopeState,
|
|
248
|
+
inferred_scopes: d.inferredScopes,
|
|
249
|
+
backfill_scopes: d.backfillScopes,
|
|
250
|
+
}));
|
|
251
|
+
|
|
252
|
+
export const marshalCreateOnBehalfOfTokenRequestSchema: z.ZodType = z
|
|
253
|
+
.object({
|
|
254
|
+
applicationId: z.string().optional(),
|
|
255
|
+
lifetimeSeconds: z.bigint().optional(),
|
|
256
|
+
comment: z.string().optional(),
|
|
257
|
+
scopes: z.array(z.string()).optional(),
|
|
258
|
+
autoscopeEnabled: z.boolean().optional(),
|
|
259
|
+
})
|
|
260
|
+
.transform(d => ({
|
|
261
|
+
application_id: d.applicationId,
|
|
262
|
+
lifetime_seconds: d.lifetimeSeconds,
|
|
263
|
+
comment: d.comment,
|
|
264
|
+
scopes: d.scopes,
|
|
265
|
+
autoscope_enabled: d.autoscopeEnabled,
|
|
266
|
+
}));
|
|
267
|
+
|
|
268
|
+
export const marshalUpdateTokenSchema: z.ZodType = z
|
|
269
|
+
.object({
|
|
270
|
+
token: z.lazy(() => marshalAdminTokenInfoSchema).optional(),
|
|
271
|
+
updateMask: z
|
|
272
|
+
.any()
|
|
273
|
+
.transform((m: FieldMask) => m.toString())
|
|
274
|
+
.optional(),
|
|
275
|
+
})
|
|
276
|
+
.transform(d => ({
|
|
277
|
+
token: d.token,
|
|
278
|
+
update_mask: d.updateMask,
|
|
279
|
+
}));
|
|
280
|
+
|
|
281
|
+
const adminTokenInfoFieldMaskSchema: FieldMaskSchema = {
|
|
282
|
+
autoscopeState: {wire: 'autoscope_state'},
|
|
283
|
+
backfillScopes: {wire: 'backfill_scopes'},
|
|
284
|
+
comment: {wire: 'comment'},
|
|
285
|
+
createdById: {wire: 'created_by_id'},
|
|
286
|
+
createdByUsername: {wire: 'created_by_username'},
|
|
287
|
+
creationTime: {wire: 'creation_time'},
|
|
288
|
+
expiryTime: {wire: 'expiry_time'},
|
|
289
|
+
inferredScopes: {wire: 'inferred_scopes'},
|
|
290
|
+
lastUsedDay: {wire: 'last_used_day'},
|
|
291
|
+
ownerId: {wire: 'owner_id'},
|
|
292
|
+
scopes: {wire: 'scopes'},
|
|
293
|
+
tokenId: {wire: 'token_id'},
|
|
294
|
+
workspaceId: {wire: 'workspace_id'},
|
|
295
|
+
};
|
|
296
|
+
|
|
297
|
+
export function adminTokenInfoFieldMask(
|
|
298
|
+
...paths: string[]
|
|
299
|
+
): FieldMask<AdminTokenInfo> {
|
|
300
|
+
return FieldMask.build<AdminTokenInfo>(paths, adminTokenInfoFieldMaskSchema);
|
|
301
|
+
}
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
// Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
|
|
2
|
+
|
|
3
|
+
import type {Credentials} from '@databricks/sdk-auth';
|
|
4
|
+
import {defaultCredentials} from '@databricks/sdk-auth/credentials';
|
|
5
|
+
import type {
|
|
6
|
+
HttpClient,
|
|
7
|
+
HttpRequest,
|
|
8
|
+
HttpResponse,
|
|
9
|
+
} from '@databricks/sdk-core/http';
|
|
10
|
+
import {newFetchHttpClient} from '@databricks/sdk-core/http';
|
|
11
|
+
import type {ClientOptions} from '@databricks/sdk-options/client';
|
|
12
|
+
|
|
13
|
+
/** Creates a new HTTP client with the given options. */
|
|
14
|
+
export function newHttpClient(options?: ClientOptions): HttpClient {
|
|
15
|
+
const opts = options ?? {};
|
|
16
|
+
|
|
17
|
+
// If an HTTP client is provided, use it as-is. Throw if other options are
|
|
18
|
+
// also set, since they would be silently ignored.
|
|
19
|
+
if (opts.httpClient !== undefined) {
|
|
20
|
+
if (opts.credentials !== undefined || opts.timeout !== undefined) {
|
|
21
|
+
throw new Error(
|
|
22
|
+
'httpClient cannot be combined with credentials or timeout'
|
|
23
|
+
);
|
|
24
|
+
}
|
|
25
|
+
return opts.httpClient;
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
const credentials = opts.credentials ?? defaultCredentials();
|
|
29
|
+
|
|
30
|
+
const base = newFetchHttpClient();
|
|
31
|
+
let client: HttpClient = new AuthHttpClient(base, credentials);
|
|
32
|
+
|
|
33
|
+
if (opts.timeout !== undefined) {
|
|
34
|
+
client = new TimeoutHttpClient(client, opts.timeout);
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
return client;
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
/** Wraps an HttpClient and adds authentication headers to requests. */
|
|
41
|
+
class AuthHttpClient implements HttpClient {
|
|
42
|
+
constructor(
|
|
43
|
+
private readonly base: HttpClient,
|
|
44
|
+
private readonly credentials: Credentials
|
|
45
|
+
) {}
|
|
46
|
+
|
|
47
|
+
async send(request: HttpRequest): Promise<HttpResponse> {
|
|
48
|
+
const authHeaders = await this.credentials.authHeaders();
|
|
49
|
+
// Do not modify the original request.
|
|
50
|
+
const headers = new Headers(request.headers);
|
|
51
|
+
for (const h of authHeaders) {
|
|
52
|
+
headers.set(h.key, h.value);
|
|
53
|
+
}
|
|
54
|
+
return this.base.send({...request, headers});
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
/** Wraps an HttpClient and applies a default timeout to requests. */
|
|
59
|
+
class TimeoutHttpClient implements HttpClient {
|
|
60
|
+
constructor(
|
|
61
|
+
private readonly base: HttpClient,
|
|
62
|
+
private readonly timeout: number
|
|
63
|
+
) {}
|
|
64
|
+
|
|
65
|
+
async send(request: HttpRequest): Promise<HttpResponse> {
|
|
66
|
+
const timeoutSignal = AbortSignal.timeout(this.timeout);
|
|
67
|
+
const signal =
|
|
68
|
+
request.signal !== undefined
|
|
69
|
+
? AbortSignal.any([request.signal, timeoutSignal])
|
|
70
|
+
: timeoutSignal;
|
|
71
|
+
return this.base.send({...request, signal});
|
|
72
|
+
}
|
|
73
|
+
}
|