appmesh 1.4.2__py3-none-any.whl → 1.4.4__py3-none-any.whl

appmesh/http_client.py

@@ -7,7 +7,7 @@ import os
 from datetime import datetime
 from enum import Enum, unique
 from http import HTTPStatus
-from typing import Tuple, Union
+from typing import Optional, Tuple, Union
 from urllib import parse
 import aniso8601
 import requests
@@ -107,6 +107,8 @@ class AppMeshClient(metaclass=abc.ABCMeta):
     DEFAULT_SSL_CLIENT_CERT_PATH = "/opt/appmesh/ssl/client.pem"
     DEFAULT_SSL_CLIENT_KEY_PATH = "/opt/appmesh/ssl/client-key.pem"
 
+    DEFAULT_JWT_AUDIENCE = "appmesh-service"
+
     JSON_KEY_MESSAGE = "message"
     HTTP_USER_AGENT = "appmesh/python"
     HTTP_HEADER_KEY_USER_AGENT = "User-Agent"
@@ -251,7 +253,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
     ########################################
     # Security
     ########################################
-    def login(self, user_name: str, user_pwd: str, totp_code="", timeout_seconds=DURATION_ONE_WEEK_ISO) -> str:
+    def login(self, user_name: str, user_pwd: str, totp_code: Optional[str] = "", timeout_seconds: Union[str, int] = DURATION_ONE_WEEK_ISO, audience: Optional[str] = None) -> str:
         """Login with user name and password
 
         Args:
@@ -259,6 +261,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             user_pwd (str): the password of the user.
             totp_code (str, optional): the TOTP code if enabled for the user.
             timeout_seconds (int | str, optional): token expire timeout of seconds. support ISO 8601 durations (e.g., 'P1Y2M3DT4H5M6S' 'P1W').
+            audience (str, optional): The audience of the JWT token, should be available by JWT service configuration (default is 'appmesh-service').
 
         Returns:
             str: JWT token.
@@ -270,6 +273,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             header={
                 "Authorization": "Basic " + base64.b64encode((user_name + ":" + user_pwd).encode()).decode(),
                 "Expire-Seconds": self._parse_duration(timeout_seconds),
+                **({"Audience": audience} if audience else {}),
             },
         )
         if resp.status_code == HTTPStatus.OK:
@@ -308,11 +312,11 @@ class AppMeshClient(metaclass=abc.ABCMeta):
         self.jwt_token = None
         return resp.status_code == HTTPStatus.OK
 
-    def authentication(self, token: str, permission=None) -> bool:
+    def authentication(self, token: str, permission: Optional[str] = None, audience: Optional[str] = None) -> bool:
         """Deprecated: Use authenticate() instead."""
         return self.authenticate(token, permission)
 
-    def authenticate(self, token: str, permission: str = None) -> bool:
+    def authenticate(self, token: str, permission: Optional[str] = None, audience: Optional[str] = None) -> bool:
         """Authenticate with a token and verify permission if specified.
 
         Args:
@@ -321,15 +325,17 @@ class AppMeshClient(metaclass=abc.ABCMeta):
                 permission ID can be:
                 - pre-defined by App Mesh from security.yaml (e.g 'app-view', 'app-delete')
                 - defined by input from role_update() or security.yaml
+            audience (str, optional):The audience of the JWT token used to verify the target service.
 
         Returns:
             bool: authentication success or failure.
         """
         old_token = self.jwt_token
         self.jwt_token = token
-        headers = {}
-        if permission:
-            headers["Auth-Permission"] = permission
+        headers = {
+            **({"Audience": audience} if audience else {}),
+            **({"Auth-Permission": permission} if permission else {}),
+        }
         resp = self._request_http(AppMeshClient.Method.POST, path="/appmesh/auth", header=headers)
         if resp.status_code != HTTPStatus.OK:
             self.jwt_token = old_token
@@ -343,7 +349,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             timeout_seconds (int | str, optional): token expire timeout of seconds. support ISO 8601 durations (e.g., 'P1Y2M3DT4H5M6S' 'P1W').
 
         Returns:
-            str: The new JWT token if renew success, otherwise return None.
+            str: The new JWT token if renew success, the old token will be blocked.
         """
         assert self.jwt_token
         resp = self._request_http(
@@ -378,16 +384,19 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             totp_code (str): TOTP code
 
         Returns:
-            bool: success or failure.
+            str: The new JWT token if setup success, the old token will be blocked.
         """
         resp = self._request_http(
             method=AppMeshClient.Method.POST,
             path="/appmesh/totp/setup",
             header={"Totp": totp_code},
         )
-        if resp.status_code != HTTPStatus.OK:
+        if resp.status_code == HTTPStatus.OK:
+            if "Access-Token" in resp.json():
+                self.jwt_token = resp.json()["Access-Token"]
+                return self.jwt_token
+        else:
             raise Exception(resp.text)
-        return resp.status_code == HTTPStatus.OK
 
     def disable_totp(self, user: str = "self") -> bool:
         """Disable 2FA for the specified user.
@@ -574,105 +583,6 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             raise Exception(resp.text)
         return resp.status_code == HTTPStatus.OK
 
-    ########################################
-    # Cloud management
-    ########################################
-    def view_all_cloud_apps(self) -> dict:
-        """Get information about all cloud applications.
-
-        Returns:
-            dict: cloud applications in JSON format.
-        """
-        resp = self._request_http(AppMeshClient.Method.GET, path="/appmesh/cloud/applications")
-        if resp.status_code != HTTPStatus.OK:
-            raise Exception(resp.text)
-        return resp.json()
-
-    def view_cloud_app(self, app_name: str) -> dict:
-        """Get information about a specific cloud application.
-
-        Args:
-            app_name (str): the application name.
-
-        Returns:
-            dict: application in JSON format.
-        """
-        resp = self._request_http(AppMeshClient.Method.GET, path=f"/appmesh/cloud/app/{app_name}")
-        if resp.status_code != HTTPStatus.OK:
-            raise Exception(resp.text)
-        return resp.json()
-
-    def get_cloud_app_output(self, app_name: str, host_name: str, stdout_position: int = 0, stdout_index: int = 0, stdout_maxsize: int = 10240, process_uuid: str = ""):
-        """Get the stdout/stderr of a cloud application.
-
-        Args:
-            app_name (str): the application name
-            host_name (str): the target host name where the application is running
-            stdout_position (int, optional): start read position, 0 means start from beginning.
-            stdout_index (int, optional): index of history process stdout, 0 means get from current running process,
-                the stdout number depends on 'stdout_cache_size' of the application.
-            stdout_maxsize (int, optional): max buffer size to read.
-            process_uuid (str, optional): used to get the specified process.
-
-        Returns:
-            bool: success or failure.
-            str: output string.
-            int or None: current read position.
-            int or None: process exit code.
-        """
-        resp = self._request_http(
-            AppMeshClient.Method.GET,
-            path=f"/appmesh/cloud/app/{app_name}/output/{host_name}",
-            query={
-                "stdout_position": str(stdout_position),
-                "stdout_index": str(stdout_index),
-                "stdout_maxsize": str(stdout_maxsize),
-                "process_uuid": process_uuid,
-            },
-        )
-        out_position = int(resp.headers["Output-Position"]) if "Output-Position" in resp.headers else None
-        exit_code = int(resp.headers["Exit-Code"]) if "Exit-Code" in resp.headers else None
-        return (resp.status_code == HTTPStatus.OK), resp.text, out_position, exit_code
-
-    def delete_cloud_app(self, app_name: str) -> bool:
-        """Delete a cloud application.
-
-        Args:
-            app_name (str): The application name for cloud
-
-        Returns:
-            bool: success or failure.
-        """
-        resp = self._request_http(AppMeshClient.Method.DELETE, path=f"/appmesh/cloud/app/{app_name}")
-        if resp.status_code != HTTPStatus.OK:
-            raise Exception(resp.text)
-        return resp.status_code == HTTPStatus.OK
-
-    def add_cloud_app(self, app_json: dict) -> dict:
-        """Add a new cloud application.
-
-        Args:
-            app_json (dict): the cloud application definition with replication, condition and resource requirement
-
-         Returns:
-            dict: cluster application json.
-        """
-        resp = self._request_http(AppMeshClient.Method.PUT, path=f"/appmesh/cloud/app/{app_json['content']['name']}", body=app_json)
-        if resp.status_code != HTTPStatus.OK:
-            raise Exception(resp.text)
-        return resp.json()
-
-    def view_cloud_nodes(self) -> dict:
-        """Get a list of cluster nodes.
-
-        Returns:
-            dict: cluster node list json.
-        """
-        resp = self._request_http(AppMeshClient.Method.GET, path="/appmesh/cloud/nodes")
-        if resp.status_code != HTTPStatus.OK:
-            raise Exception(resp.text)
-        return resp.json()
-
     ########################################
     # Configuration
     ########################################
@@ -885,7 +795,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
 
         Args:
             role_name (str): the role name.
-            role_permission_json (dict): role permission definition array, e.g: ["app-control", "app-delete", "cloud-app-reg", "cloud-app-delete"]
+            role_permission_json (dict): role permission definition array, e.g: ["app-control", "app-delete"]
 
         Returns:
             bool: success or failure.

{appmesh-1.4.2.dist-info → appmesh-1.4.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
 Name: appmesh
-Version: 1.4.2
+Version: 1.4.4
 Summary: Client SDK for App Mesh
 Home-page: https://github.com/laoshanxi/app-mesh
 Author: laoshanxi
@@ -16,6 +16,17 @@ Requires-Dist: requests
 Requires-Dist: msgpack
 Requires-Dist: requests_toolbelt
 Requires-Dist: aniso8601
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: keywords
+Dynamic: license
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
 
 [![language.badge]][language.url] [![standard.badge]][standard.url] [![release.badge]][release.url] [![pypi.badge]][pypi.url] [![unittest.badge]][unittest.url] [![docker.badge]][docker.url] [![cockpit.badge]][cockpit.url]
 [![Documentation Status](https://readthedocs.org/projects/app-mesh/badge/?version=latest)](https://app-mesh.readthedocs.io/en/latest/?badge=latest) [![Join the chat at https://gitter.im/app-mesh/community](https://badges.gitter.im/app-mesh/community.svg)](https://gitter.im/app-mesh/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
@@ -52,7 +63,7 @@ Refer to the [Installation doc](https://app-mesh.readthedocs.io/en/latest/Instal
 - [Read the Docs](https://app-mesh.readthedocs.io/)
 - [REST API](https://app-mesh.readthedocs.io/en/latest/Development.html#rest-apis)
 - [Command lines](https://app-mesh.readthedocs.io/en/latest/CLI.html)
-- [Security](https://app-mesh.readthedocs.io/en/latest/JWT.html)
+- [Security](https://app-mesh.readthedocs.io/en/latest/Security.html)
 
 ## Comparison
 
@@ -111,6 +122,7 @@ Refer to the [Installation doc](https://app-mesh.readthedocs.io/en/latest/Instal
 - [Remote execute](https://app-mesh.readthedocs.io/en/latest/success/remote_run_cli_and_python.html)
 - [Python parallel run](https://app-mesh.readthedocs.io/en/latest/success/python_parallel_run.html)
 - [Secure consul cluster](https://app-mesh.readthedocs.io/en/latest/success/secure_consul_cluster.html)
+- [JWT service with REST and UI](https://github.com/laoshanxi/app-mesh/blob/main/script/docker-compose-auth-service.yaml)
 
 ---
 

{appmesh-1.4.2.dist-info → appmesh-1.4.4.dist-info}/RECORD

@@ -3,11 +3,11 @@ appmesh/app.py,sha256=9Q-SOOej-MH13BU5Dv2iTa-p-sECCJQp6ZX9DjWWmwE,10526
 appmesh/app_output.py,sha256=JK_TMKgjvaw4n_ys_vmN5S4MyWVZpmD7NlKz_UyMIM8,1015
 appmesh/app_run.py,sha256=9ISKGZ3k3kkbQvSsPfRfkOLqD9xhbqNOM7ork9F4w9c,1712
 appmesh/appmesh_client.py,sha256=0ltkqHZUq094gKneYmC0bEZCP0X9kHTp9fccKdWFWP0,339
-appmesh/http_client.py,sha256=byVfHkZycZFv5LePlFgKT0Pu1HBC6AhEFbnrWFR-6PA,47679
+appmesh/http_client.py,sha256=wd-H4vyHlLSCy1N8znHMf3-Zwgs7ow6-voWUludtMdA,44364
 appmesh/tcp_client.py,sha256=RkHl5s8jE333BJOgxJqJ_fvjbdRQza7ciV49vLT6YO4,10923
 appmesh/tcp_messages.py,sha256=w1Kehz_aX4X2CYAUsy9mFVJRhxnLQwwc6L58W4YkQqs,969
 appmesh/tcp_transport.py,sha256=UMGby2oKV4k7lyXZUMSOe2Je34fb1w7nTkxEpatKLKg,7256
-appmesh-1.4.2.dist-info/METADATA,sha256=R0wCzPXHfSqN2G0jtfkOKYkikbbcyM_JwJLSMx2ToZM,11142
-appmesh-1.4.2.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
-appmesh-1.4.2.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
-appmesh-1.4.2.dist-info/RECORD,,
+appmesh-1.4.4.dist-info/METADATA,sha256=lV4XJMIWhe2jKNV5NOv_q6SFdVrzN1BZLoVrvEd90Is,11501
+appmesh-1.4.4.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
+appmesh-1.4.4.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
+appmesh-1.4.4.dist-info/RECORD,,

{appmesh-1.4.2.dist-info → appmesh-1.4.4.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.6.0)
+Generator: setuptools (75.8.0)
 Root-Is-Purelib: true
 Tag: py3-none-any