databricks-sdk 0.57.0__py3-none-any.whl → 0.59.0__py3-none-any.whl

databricks/sdk/service/oauth2.py

@@ -14,75 +14,6 @@ _LOG = logging.getLogger("databricks.sdk")
 # all definitions in this file are in alphabetical order
 
 
-@dataclass
-class CreateCustomAppIntegration:
-    confidential: Optional[bool] = None
-    """This field indicates whether an OAuth client secret is required to authenticate this client."""
-
-    name: Optional[str] = None
-    """Name of the custom OAuth app"""
-
-    redirect_urls: Optional[List[str]] = None
-    """List of OAuth redirect urls"""
-
-    scopes: Optional[List[str]] = None
-    """OAuth scopes granted to the application. Supported scopes: all-apis, sql, offline_access,
-    openid, profile, email."""
-
-    token_access_policy: Optional[TokenAccessPolicy] = None
-    """Token access policy"""
-
-    user_authorized_scopes: Optional[List[str]] = None
-    """Scopes that will need to be consented by end user to mint the access token. If the user does not
-    authorize the access token will not be minted. Must be a subset of scopes."""
-
-    def as_dict(self) -> dict:
-        """Serializes the CreateCustomAppIntegration into a dictionary suitable for use as a JSON request body."""
-        body = {}
-        if self.confidential is not None:
-            body["confidential"] = self.confidential
-        if self.name is not None:
-            body["name"] = self.name
-        if self.redirect_urls:
-            body["redirect_urls"] = [v for v in self.redirect_urls]
-        if self.scopes:
-            body["scopes"] = [v for v in self.scopes]
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy.as_dict()
-        if self.user_authorized_scopes:
-            body["user_authorized_scopes"] = [v for v in self.user_authorized_scopes]
-        return body
-
-    def as_shallow_dict(self) -> dict:
-        """Serializes the CreateCustomAppIntegration into a shallow dictionary of its immediate attributes."""
-        body = {}
-        if self.confidential is not None:
-            body["confidential"] = self.confidential
-        if self.name is not None:
-            body["name"] = self.name
-        if self.redirect_urls:
-            body["redirect_urls"] = self.redirect_urls
-        if self.scopes:
-            body["scopes"] = self.scopes
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy
-        if self.user_authorized_scopes:
-            body["user_authorized_scopes"] = self.user_authorized_scopes
-        return body
-
-    @classmethod
-    def from_dict(cls, d: Dict[str, Any]) -> CreateCustomAppIntegration:
-        """Deserializes the CreateCustomAppIntegration from a dictionary."""
-        return cls(
-            confidential=d.get("confidential", None),
-            name=d.get("name", None),
-            redirect_urls=d.get("redirect_urls", None),
-            scopes=d.get("scopes", None),
-            token_access_policy=_from_dict(d, "token_access_policy", TokenAccessPolicy),
-            user_authorized_scopes=d.get("user_authorized_scopes", None),
-        )
-
-
 @dataclass
 class CreateCustomAppIntegrationOutput:
     client_id: Optional[str] = None
@@ -127,40 +58,6 @@ class CreateCustomAppIntegrationOutput:
         )
 
 
-@dataclass
-class CreatePublishedAppIntegration:
-    app_id: Optional[str] = None
-    """App id of the OAuth published app integration. For example power-bi, tableau-deskop"""
-
-    token_access_policy: Optional[TokenAccessPolicy] = None
-    """Token access policy"""
-
-    def as_dict(self) -> dict:
-        """Serializes the CreatePublishedAppIntegration into a dictionary suitable for use as a JSON request body."""
-        body = {}
-        if self.app_id is not None:
-            body["app_id"] = self.app_id
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy.as_dict()
-        return body
-
-    def as_shallow_dict(self) -> dict:
-        """Serializes the CreatePublishedAppIntegration into a shallow dictionary of its immediate attributes."""
-        body = {}
-        if self.app_id is not None:
-            body["app_id"] = self.app_id
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy
-        return body
-
-    @classmethod
-    def from_dict(cls, d: Dict[str, Any]) -> CreatePublishedAppIntegration:
-        """Deserializes the CreatePublishedAppIntegration from a dictionary."""
-        return cls(
-            app_id=d.get("app_id", None), token_access_policy=_from_dict(d, "token_access_policy", TokenAccessPolicy)
-        )
-
-
 @dataclass
 class CreatePublishedAppIntegrationOutput:
     integration_id: Optional[str] = None
@@ -186,39 +83,6 @@ class CreatePublishedAppIntegrationOutput:
         return cls(integration_id=d.get("integration_id", None))
 
 
-@dataclass
-class CreateServicePrincipalSecretRequest:
-    lifetime: Optional[str] = None
-    """The lifetime of the secret in seconds. If this parameter is not provided, the secret will have a
-    default lifetime of 730 days (63072000s)."""
-
-    service_principal_id: Optional[int] = None
-    """The service principal ID."""
-
-    def as_dict(self) -> dict:
-        """Serializes the CreateServicePrincipalSecretRequest into a dictionary suitable for use as a JSON request body."""
-        body = {}
-        if self.lifetime is not None:
-            body["lifetime"] = self.lifetime
-        if self.service_principal_id is not None:
-            body["service_principal_id"] = self.service_principal_id
-        return body
-
-    def as_shallow_dict(self) -> dict:
-        """Serializes the CreateServicePrincipalSecretRequest into a shallow dictionary of its immediate attributes."""
-        body = {}
-        if self.lifetime is not None:
-            body["lifetime"] = self.lifetime
-        if self.service_principal_id is not None:
-            body["service_principal_id"] = self.service_principal_id
-        return body
-
-    @classmethod
-    def from_dict(cls, d: Dict[str, Any]) -> CreateServicePrincipalSecretRequest:
-        """Deserializes the CreateServicePrincipalSecretRequest from a dictionary."""
-        return cls(lifetime=d.get("lifetime", None), service_principal_id=d.get("service_principal_id", None))
-
-
 @dataclass
 class CreateServicePrincipalSecretResponse:
     create_time: Optional[str] = None
@@ -366,7 +230,6 @@ class FederationPolicy:
     the request URL."""
 
     oidc_policy: Optional[OidcFederationPolicy] = None
-    """Specifies the policy to use for validating OIDC claims in your federated tokens."""
 
     policy_id: Optional[str] = None
     """The ID of the federation policy."""
@@ -1033,66 +896,6 @@ class TokenAccessPolicy:
         )
 
 
-@dataclass
-class UpdateCustomAppIntegration:
-    integration_id: Optional[str] = None
-
-    redirect_urls: Optional[List[str]] = None
-    """List of OAuth redirect urls to be updated in the custom OAuth app integration"""
-
-    scopes: Optional[List[str]] = None
-    """List of OAuth scopes to be updated in the custom OAuth app integration, similar to redirect URIs
-    this will fully replace the existing values instead of appending"""
-
-    token_access_policy: Optional[TokenAccessPolicy] = None
-    """Token access policy to be updated in the custom OAuth app integration"""
-
-    user_authorized_scopes: Optional[List[str]] = None
-    """Scopes that will need to be consented by end user to mint the access token. If the user does not
-    authorize the access token will not be minted. Must be a subset of scopes."""
-
-    def as_dict(self) -> dict:
-        """Serializes the UpdateCustomAppIntegration into a dictionary suitable for use as a JSON request body."""
-        body = {}
-        if self.integration_id is not None:
-            body["integration_id"] = self.integration_id
-        if self.redirect_urls:
-            body["redirect_urls"] = [v for v in self.redirect_urls]
-        if self.scopes:
-            body["scopes"] = [v for v in self.scopes]
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy.as_dict()
-        if self.user_authorized_scopes:
-            body["user_authorized_scopes"] = [v for v in self.user_authorized_scopes]
-        return body
-
-    def as_shallow_dict(self) -> dict:
-        """Serializes the UpdateCustomAppIntegration into a shallow dictionary of its immediate attributes."""
-        body = {}
-        if self.integration_id is not None:
-            body["integration_id"] = self.integration_id
-        if self.redirect_urls:
-            body["redirect_urls"] = self.redirect_urls
-        if self.scopes:
-            body["scopes"] = self.scopes
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy
-        if self.user_authorized_scopes:
-            body["user_authorized_scopes"] = self.user_authorized_scopes
-        return body
-
-    @classmethod
-    def from_dict(cls, d: Dict[str, Any]) -> UpdateCustomAppIntegration:
-        """Deserializes the UpdateCustomAppIntegration from a dictionary."""
-        return cls(
-            integration_id=d.get("integration_id", None),
-            redirect_urls=d.get("redirect_urls", None),
-            scopes=d.get("scopes", None),
-            token_access_policy=_from_dict(d, "token_access_policy", TokenAccessPolicy),
-            user_authorized_scopes=d.get("user_authorized_scopes", None),
-        )
-
-
 @dataclass
 class UpdateCustomAppIntegrationOutput:
     def as_dict(self) -> dict:
@@ -1111,40 +914,6 @@ class UpdateCustomAppIntegrationOutput:
         return cls()
 
 
-@dataclass
-class UpdatePublishedAppIntegration:
-    integration_id: Optional[str] = None
-
-    token_access_policy: Optional[TokenAccessPolicy] = None
-    """Token access policy to be updated in the published OAuth app integration"""
-
-    def as_dict(self) -> dict:
-        """Serializes the UpdatePublishedAppIntegration into a dictionary suitable for use as a JSON request body."""
-        body = {}
-        if self.integration_id is not None:
-            body["integration_id"] = self.integration_id
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy.as_dict()
-        return body
-
-    def as_shallow_dict(self) -> dict:
-        """Serializes the UpdatePublishedAppIntegration into a shallow dictionary of its immediate attributes."""
-        body = {}
-        if self.integration_id is not None:
-            body["integration_id"] = self.integration_id
-        if self.token_access_policy:
-            body["token_access_policy"] = self.token_access_policy
-        return body
-
-    @classmethod
-    def from_dict(cls, d: Dict[str, Any]) -> UpdatePublishedAppIntegration:
-        """Deserializes the UpdatePublishedAppIntegration from a dictionary."""
-        return cls(
-            integration_id=d.get("integration_id", None),
-            token_access_policy=_from_dict(d, "token_access_policy", TokenAccessPolicy),
-        )
-
-
 @dataclass
 class UpdatePublishedAppIntegrationOutput:
     def as_dict(self) -> dict:
@@ -1906,7 +1675,7 @@ class ServicePrincipalSecretsAPI:
 
     You can use the generated secrets to obtain OAuth access tokens for a service principal, which can then be
     used to access Databricks Accounts and Workspace APIs. For more information, see [Authentication using
-    OAuth tokens for service principals],
+    OAuth tokens for service principals].
 
     In addition, the generated secrets can be used to configure the Databricks Terraform Provider to
     authenticate with the service principal. For more information, see [Databricks Terraform Provider].
@@ -1919,11 +1688,11 @@ class ServicePrincipalSecretsAPI:
         self._api = api_client
 
     def create(
-        self, service_principal_id: int, *, lifetime: Optional[str] = None
+        self, service_principal_id: str, *, lifetime: Optional[str] = None
     ) -> CreateServicePrincipalSecretResponse:
         """Create a secret for the given service principal.
 
-        :param service_principal_id: int
+        :param service_principal_id: str
           The service principal ID.
         :param lifetime: str (optional)
           The lifetime of the secret in seconds. If this parameter is not provided, the secret will have a
@@ -1947,10 +1716,10 @@ class ServicePrincipalSecretsAPI:
         )
         return CreateServicePrincipalSecretResponse.from_dict(res)
 
-    def delete(self, service_principal_id: int, secret_id: str):
+    def delete(self, service_principal_id: str, secret_id: str):
         """Delete a secret from the given service principal.
 
-        :param service_principal_id: int
+        :param service_principal_id: str
           The service principal ID.
         :param secret_id: str
           The secret ID.
@@ -1966,12 +1735,15 @@ class ServicePrincipalSecretsAPI:
             headers=headers,
         )
 
-    def list(self, service_principal_id: int, *, page_token: Optional[str] = None) -> Iterator[SecretInfo]:
+    def list(
+        self, service_principal_id: str, *, page_size: Optional[int] = None, page_token: Optional[str] = None
+    ) -> Iterator[SecretInfo]:
         """List all secrets associated with the given service principal. This operation only returns information
         about the secrets themselves and does not include the secret values.
 
-        :param service_principal_id: int
+        :param service_principal_id: str
           The service principal ID.
+        :param page_size: int (optional)
         :param page_token: str (optional)
           An opaque page token which was the `next_page_token` in the response of the previous request to list
           the secrets for this service principal. Provide this token to retrieve the next page of secret
@@ -1984,6 +1756,8 @@ class ServicePrincipalSecretsAPI:
         """
 
         query = {}
+        if page_size is not None:
+            query["page_size"] = page_size
         if page_token is not None:
             query["page_token"] = page_token
         headers = {
@@ -2003,3 +1777,113 @@ class ServicePrincipalSecretsAPI:
             if "next_page_token" not in json or not json["next_page_token"]:
                 return
             query["page_token"] = json["next_page_token"]
+
+
+class ServicePrincipalSecretsProxyAPI:
+    """These APIs enable administrators to manage service principal secrets at the workspace level. To use these
+    APIs, the service principal must be first added to the current workspace.
+
+    You can use the generated secrets to obtain OAuth access tokens for a service principal, which can then be
+    used to access Databricks Accounts and Workspace APIs. For more information, see [Authentication using
+    OAuth tokens for service principals].
+
+    In addition, the generated secrets can be used to configure the Databricks Terraform Providerto
+    authenticate with the service principal. For more information, see [Databricks Terraform Provider].
+
+    [Authentication using OAuth tokens for service principals]: https://docs.databricks.com/dev-tools/authentication-oauth.html
+    [Databricks Terraform Provider]: https://github.com/databricks/terraform-provider-databricks/blob/master/docs/index.md#authenticating-with-service-principal
+    """
+
+    def __init__(self, api_client):
+        self._api = api_client
+
+    def create(
+        self, service_principal_id: str, *, lifetime: Optional[str] = None
+    ) -> CreateServicePrincipalSecretResponse:
+        """Create a secret for the given service principal.
+
+        :param service_principal_id: str
+          The service principal ID.
+        :param lifetime: str (optional)
+          The lifetime of the secret in seconds. If this parameter is not provided, the secret will have a
+          default lifetime of 730 days (63072000s).
+
+        :returns: :class:`CreateServicePrincipalSecretResponse`
+        """
+        body = {}
+        if lifetime is not None:
+            body["lifetime"] = lifetime
+        headers = {
+            "Accept": "application/json",
+            "Content-Type": "application/json",
+        }
+
+        res = self._api.do(
+            "POST",
+            f"/api/2.0/accounts/servicePrincipals/{service_principal_id}/credentials/secrets",
+            body=body,
+            headers=headers,
+        )
+        return CreateServicePrincipalSecretResponse.from_dict(res)
+
+    def delete(self, service_principal_id: str, secret_id: str):
+        """Delete a secret from the given service principal.
+
+        :param service_principal_id: str
+          The service principal ID.
+        :param secret_id: str
+          The secret ID.
+
+
+        """
+
+        headers = {}
+
+        self._api.do(
+            "DELETE",
+            f"/api/2.0/accounts/servicePrincipals/{service_principal_id}/credentials/secrets/{secret_id}",
+            headers=headers,
+        )
+
+    def list(
+        self, service_principal_id: str, *, page_size: Optional[int] = None, page_token: Optional[str] = None
+    ) -> Iterator[SecretInfo]:
+        """List all secrets associated with the given service principal. This operation only returns information
+        about the secrets themselves and does not include the secret values.
+
+        :param service_principal_id: str
+          The service principal ID.
+        :param page_size: int (optional)
+        :param page_token: str (optional)
+          An opaque page token which was the `next_page_token` in the response of the previous request to list
+          the secrets for this service principal. Provide this token to retrieve the next page of secret
+          entries. When providing a `page_token`, all other parameters provided to the request must match the
+          previous request. To list all of the secrets for a service principal, it is necessary to continue
+          requesting pages of entries until the response contains no `next_page_token`. Note that the number
+          of entries returned must not be used to determine when the listing is complete.
+
+        :returns: Iterator over :class:`SecretInfo`
+        """
+
+        query = {}
+        if page_size is not None:
+            query["page_size"] = page_size
+        if page_token is not None:
+            query["page_token"] = page_token
+        headers = {
+            "Accept": "application/json",
+        }
+
+        while True:
+            json = self._api.do(
+                "GET",
+                f"/api/2.0/accounts/servicePrincipals/{service_principal_id}/credentials/secrets",
+                query=query,
+                headers=headers,
+            )
+            if "secrets" in json:
+                for v in json["secrets"]:
+                    yield SecretInfo.from_dict(v)
+            if "next_page_token" not in json or not json["next_page_token"]:
+                return
+            query["page_token"] = json["next_page_token"]