diaspora-event-sdk 0.2.4__py3-none-any.whl → 0.2.6__py3-none-any.whl

diaspora_event_sdk/sdk/aws_iam_msk.py

@@ -0,0 +1,119 @@
+#  Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  SPDX-License-Identifier: Apache-2.0
+
+import base64
+# import logging
+from datetime import datetime, timezone
+from urllib.parse import parse_qs, urlparse
+
+# import boto3
+# import botocore.session
+# import pkg_resources
+from .botocore.auth import SigV4QueryAuth
+from .botocore.awsrequest import AWSRequest
+# from botocore.config import Config
+from .botocore.credentials import Credentials
+
+ENDPOINT_URL_TEMPLATE = "https://kafka.{}.amazonaws.com/"
+DEFAULT_TOKEN_EXPIRY_SECONDS = 900
+DEFAULT_STS_SESSION_NAME = "MSKSASLDefaultSession"
+ACTION_TYPE = "Action"
+ACTION_NAME = "kafka-cluster:Connect"
+SIGNING_NAME = "kafka-cluster"
+USER_AGENT_KEY = "User-Agent"
+LIB_NAME = "aws-msk-iam-sasl-signer-python"
+
+
+def __get_user_agent__():
+    return (f"{LIB_NAME}/1.0.1")
+
+
+def __get_expiration_time_ms(request):
+    """
+    Private function that parses the url and gets the expiration time
+
+    Args: request (AWSRequest): The signed aws request object
+    """
+    # Parse the signed request
+    parsed_url = urlparse(request.url)
+    parsed_ul_params = parse_qs(parsed_url.query)
+    parsed_signing_time = datetime.strptime(parsed_ul_params['X-Amz-Date'][0],
+                                            "%Y%m%dT%H%M%SZ")
+
+    # Make the datetime object timezone-aware
+    signing_time = parsed_signing_time.replace(tzinfo=timezone.utc)
+
+    # Convert the Unix timestamp to milliseconds
+    expiration_timestamp_seconds = int(
+        signing_time.timestamp()) + DEFAULT_TOKEN_EXPIRY_SECONDS
+
+    # Get lifetime of token
+    expiration_timestamp_ms = expiration_timestamp_seconds * 1000
+
+    return expiration_timestamp_ms
+
+
+def __construct_auth_token(region, aws_credentials):
+    """
+    Private function that constructs the authorization token using IAM
+    Credentials.
+
+    Args: region (str): The AWS region where the cluster is located.
+    aws_credentials (dict): The credentials to be used to generate signed
+    url. Returns: str: A base64-encoded authorization token.
+    """
+    # Validate credentials are not empty
+    if not aws_credentials.access_key or not aws_credentials.secret_key:
+        raise ValueError("AWS Credentials can not be empty")
+
+    # Extract endpoint URL
+    endpoint_url = ENDPOINT_URL_TEMPLATE.format(region)
+
+    # Set up resource path and query parameters
+    query_params = {ACTION_TYPE: ACTION_NAME}
+
+    # Create SigV4 instance
+    sig_v4 = SigV4QueryAuth(
+        aws_credentials, SIGNING_NAME, region,
+        expires=DEFAULT_TOKEN_EXPIRY_SECONDS
+    )
+
+    # Create request with url and parameters
+    request = AWSRequest(method="GET", url=endpoint_url, params=query_params)
+
+    # Add auth to the request and prepare the request
+    sig_v4.add_auth(request)
+    query_params = {USER_AGENT_KEY: __get_user_agent__()}
+    request.params = query_params
+    prepped = request.prepare()
+
+    # Get the signed url
+    signed_url = prepped.url
+
+    # Base 64 encode and remove the padding from the end
+    signed_url_bytes = signed_url.encode("utf-8")
+    base64_bytes = base64.urlsafe_b64encode(signed_url_bytes)
+    base64_encoded_signed_url = base64_bytes.decode("utf-8").rstrip("=")
+    return base64_encoded_signed_url, __get_expiration_time_ms(request)
+
+
+def generate_auth_token(region, aws_debug_creds=False):
+    """
+    Generates an base64-encoded signed url as auth token to authenticate
+    with an Amazon MSK cluster using default IAM credentials.
+
+    Args:
+        region (str): The AWS region where the cluster is located.
+    Returns:
+        str: A base64-encoded authorization token.
+    """
+
+    # Load credentials
+    import os
+    assert os.environ["AWS_ACCESS_KEY_ID"]
+    assert os.environ["AWS_SECRET_ACCESS_KEY"]
+
+    aws_credentials = Credentials(os.environ["AWS_ACCESS_KEY_ID"],
+                                  os.environ["AWS_SECRET_ACCESS_KEY"])
+
+    return __construct_auth_token(region, aws_credentials)

diaspora_event_sdk/sdk/client.py

@@ -153,6 +153,13 @@ class Client:
         """
         return self.web_client.update_topic_partitions(self.subject_openid, topic, new_partitions)
 
+    @requires_login
+    def reset_topic(self, topic):
+        """
+        Deletes and recreates the topic, removing all messages and restoring the topic to the default configurations while user access is not affected.
+        """
+        return self.web_client.reset_topic(self.subject_openid, topic)
+
     @requires_login
     def grant_user_access(self, topic, user):
         """
@@ -167,6 +174,13 @@ class Client:
         """
         return self.web_client.grant_user_access(self.subject_openid, topic, user, "revoke")
 
+    @requires_login
+    def list_topic_users(self, topic):
+        """
+        Returns a list of users that have access to the topic.
+        """
+        return self.web_client.list_topic_users(self.subject_openid, topic)
+
     @requires_login
     def list_triggers(self):
         """

diaspora_event_sdk/sdk/kafka_client.py

@@ -4,20 +4,20 @@ import warnings
 import time
 
 from .client import Client
+from .aws_iam_msk import generate_auth_token
 
 # If kafka-python is not installed, Kafka functionality is not available through diaspora-event-sdk.
 kafka_available = True
 try:
     from kafka import KafkaProducer as KProd  # type: ignore[import,import-not-found]
     from kafka import KafkaConsumer as KCons  # type: ignore[import,import-not-found]
-    from aws_msk_iam_sasl_signer import MSKAuthTokenProvider  # type: ignore[import,import-not-found]
     import os
 
     class MSKTokenProvider:
         def token(self):
-            token, _ = MSKAuthTokenProvider.generate_auth_token("us-east-1")
+            token, _ = generate_auth_token("us-east-1")
             return token
-except ImportError:
+except Exception as e:
     kafka_available = False
 
 

diaspora_event_sdk/sdk/web_client.py

@@ -66,6 +66,15 @@ class WebClient(globus_sdk.BaseClient):
                      "NewPartitions": str(new_partitions)}
         )
 
+    def reset_topic(
+        self, subject: UUID_LIKE_T, topic: str
+    ) -> globus_sdk.GlobusHTTPResponse:
+        return self.post(
+            f"/api/v2/topic/{topic}/reset",
+            headers={"Subject": str(subject),
+                     "Topic": topic}
+        )
+
     def grant_user_access(
         self, subject: UUID_LIKE_T, topic: str, user: UUID_LIKE_T, action: str
     ) -> globus_sdk.GlobusHTTPResponse:
@@ -75,6 +84,15 @@ class WebClient(globus_sdk.BaseClient):
                      "Topic": topic, "User": str(user)}
         )
 
+    def list_topic_users(
+        self, subject: UUID_LIKE_T, topic: str
+    ) -> globus_sdk.GlobusHTTPResponse:
+        return self.get(
+            f"/api/v2/topic/{topic}/users",
+            headers={"Subject": str(subject),
+                     "Topic": topic}
+        )
+
     def list_triggers(self, subject: UUID_LIKE_T) -> globus_sdk.GlobusHTTPResponse:
         return self.get("/api/v2/triggers", headers={"Subject": str(subject)})
 

diaspora_event_sdk/version.py

@@ -1 +1 @@
-__version__ = "0.2.4"
+__version__ = "0.2.6"

{diaspora_event_sdk-0.2.4.dist-info → diaspora_event_sdk-0.2.6.dist-info}/METADATA

@@ -1,16 +1,15 @@
 Metadata-Version: 2.1
 Name: diaspora-event-sdk
-Version: 0.2.4
+Version: 0.2.6
 Summary: SDK of Diaspora Event Fabric: Resilience-enabling services for science from HPC to edge
 Home-page: https://github.com/globus-labs/diaspora-event-sdk
-License: LICENSE
+License: Apache 2.0
 Platform: UNKNOWN
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: globus-sdk <4,>=3.20.1
 Provides-Extra: kafka-python
 Requires-Dist: kafka-python ; extra == 'kafka-python'
-Requires-Dist: aws-msk-iam-sasl-signer-python ; extra == 'kafka-python'
 Provides-Extra: test
 Requires-Dist: pytest ; extra == 'test'
 Requires-Dist: pytest-cov ; extra == 'test'
@@ -19,7 +18,7 @@ Requires-Dist: mypy ; extra == 'test'
 Requires-Dist: tox ; extra == 'test'
 Requires-Dist: check-manifest ; extra == 'test'
 
-# Diaspora: Resilience-enabling services for science from HPC to edge
+# Diaspora: Hybrid Event-Driven Architecture for Distributed Scientific Computing
 
 ## Event Fabric SDK Installation Guide
 ### Recommended Method: Use with `kafka-python`
@@ -49,3 +48,4 @@ Note: This method does not include dependencies for `KafkaProducer` and `KafkaCo
 
 **Advanced Consumer Functions**: See our [Colab example](https://colab.research.google.com/drive/1tPKfxU2qPsLvNTreF6nKINU62k7pQWxa?usp=sharing) for demonstration.
 
+

{diaspora_event_sdk-0.2.4.dist-info → diaspora_event_sdk-0.2.6.dist-info}/RECORD

@@ -1,11 +1,12 @@
 diaspora_event_sdk/__init__.py,sha256=v8IN3-WFpliakQKru8TAcmQ4IRdvRe_m9-abSDnGIFM,457
-diaspora_event_sdk/version.py,sha256=SBl2EPFW-ltPvQ7vbVWItyAsz3aKYIpjO7vcfr84GkU,22
+diaspora_event_sdk/version.py,sha256=Oz5HbwHMyE87nmwV80AZzpkJPf-wBg7eDuJr_BXZkhU,22
 diaspora_event_sdk/sdk/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 diaspora_event_sdk/sdk/_environments.py,sha256=QyQA7dV4goUKUoxAoaes8OGv0xKxz2qiFBHNGr-vQNA,204
-diaspora_event_sdk/sdk/client.py,sha256=Frs1EjG8OJX5kqqPbGOOFN4UE7vUdhBgyEgvA99NpY8,8016
+diaspora_event_sdk/sdk/aws_iam_msk.py,sha256=rT6RipRVt-Zf7pTsMf9UhH2HDNC0FW28LhciVH_45bc,3942
+diaspora_event_sdk/sdk/client.py,sha256=fbjP_YRmGF2eItnMxNkdz5RIRvur0_P8DhE6AlYk4tM,8541
 diaspora_event_sdk/sdk/decorators.py,sha256=Gel8AyhIjbf4-FNintTNcOqvC9hHH_YwbOH257Nfmf0,884
-diaspora_event_sdk/sdk/kafka_client.py,sha256=G1kQQz2TWlahdd2TDdpvaQW7HD7gsuQCnr0tks54ISw,4361
-diaspora_event_sdk/sdk/web_client.py,sha256=7dWeKSwB97Hb0O6FvbFMBpp4fKgW-BxprLWb1OiI-ao,4222
+diaspora_event_sdk/sdk/kafka_client.py,sha256=xAxuPmMXIv0i_K_PFqc_BEG3wdGsFdYYvd7gUzeoLV8,4286
+diaspora_event_sdk/sdk/web_client.py,sha256=Rkp0ZUUXCeqbfVFUqX2oxvuLwqqW5_jsJJNN-v2L4FI,4770
 diaspora_event_sdk/sdk/login_manager/__init__.py,sha256=yeqVgjeHLMX0WZJu2feJmq-fbeXvSxWghVV81ygfY-w,239
 diaspora_event_sdk/sdk/login_manager/client_login.py,sha256=8ild28_cgPSrLtg3Jhmzpg3EymAvH2UdAhKY52oOB_c,1835
 diaspora_event_sdk/sdk/login_manager/decorators.py,sha256=EFEp71d0oJ7vo2H8W7DJ2gPrDfGzeNXUNxri1C0l8h0,1047
@@ -18,8 +19,8 @@ diaspora_event_sdk/sdk/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NM
 diaspora_event_sdk/sdk/utils/uuid_like.py,sha256=xbxf0YXpDhdii16lwPLWRN21qFekHrNrqODSToMPtCg,470
 tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 tests/unit/test_client.py,sha256=sJUtPmnNGnohnP38RQrwcJ4D5j3-g1WFQ6gaKf520AQ,3019
-diaspora_event_sdk-0.2.4.dist-info/LICENSE,sha256=WNHhf_5RCaeuKWyq_K39vmp9F28LxKsB4SpomwSZ2L0,11357
-diaspora_event_sdk-0.2.4.dist-info/METADATA,sha256=GT3z-Ql24vHUPgbjWlVxPvp0OioEJlgADsiWXYsMo3A,2505
-diaspora_event_sdk-0.2.4.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-diaspora_event_sdk-0.2.4.dist-info/top_level.txt,sha256=OVun-67t3fkLFEIwvJuNINgFFvAc--bClYhXjLhMmvs,25
-diaspora_event_sdk-0.2.4.dist-info/RECORD,,
+diaspora_event_sdk-0.2.6.dist-info/LICENSE,sha256=WNHhf_5RCaeuKWyq_K39vmp9F28LxKsB4SpomwSZ2L0,11357
+diaspora_event_sdk-0.2.6.dist-info/METADATA,sha256=2JJCyb4-F55L3mHG25HfgESP4OEgpTWuEs-UsRUxoOQ,2449
+diaspora_event_sdk-0.2.6.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+diaspora_event_sdk-0.2.6.dist-info/top_level.txt,sha256=OVun-67t3fkLFEIwvJuNINgFFvAc--bClYhXjLhMmvs,25
+diaspora_event_sdk-0.2.6.dist-info/RECORD,,