PyPI - digitalhub - Versions diffs - 0.11.0b7__py3-none-any.whl → 0.13.0b0__py3-none-any.whl - Mend

digitalhub 0.11.0b7py3-none-any.whl → 0.13.0b0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of digitalhub might be problematic. Click here for more details.

Files changed (270) hide show

digitalhub/__init__.py +4 -1
digitalhub/context/api.py +4 -0
digitalhub/context/builder.py +4 -0
digitalhub/context/context.py +4 -0
digitalhub/entities/__init__.py +3 -0
digitalhub/entities/_base/__init__.py +3 -0
digitalhub/entities/_base/_base/__init__.py +3 -0
digitalhub/entities/_base/_base/entity.py +4 -0
digitalhub/entities/_base/context/__init__.py +3 -0
digitalhub/entities/_base/context/entity.py +4 -0
digitalhub/entities/_base/entity/__init__.py +3 -0
digitalhub/entities/_base/entity/_constructors/__init__.py +3 -0
digitalhub/entities/_base/entity/_constructors/metadata.py +4 -0
digitalhub/entities/_base/entity/_constructors/name.py +4 -0
digitalhub/entities/_base/entity/_constructors/spec.py +4 -0
digitalhub/entities/_base/entity/_constructors/status.py +4 -0
digitalhub/entities/_base/entity/_constructors/uuid.py +4 -0
digitalhub/entities/_base/entity/builder.py +4 -0
digitalhub/entities/_base/entity/entity.py +4 -0
digitalhub/entities/_base/entity/metadata.py +4 -0
digitalhub/entities/_base/entity/spec.py +4 -0
digitalhub/entities/_base/entity/status.py +4 -0
digitalhub/entities/_base/executable/__init__.py +3 -0
digitalhub/entities/_base/executable/entity.py +11 -0
digitalhub/entities/_base/material/__init__.py +3 -0
digitalhub/entities/_base/material/entity.py +12 -15
digitalhub/entities/_base/material/spec.py +4 -0
digitalhub/entities/_base/material/status.py +4 -0
digitalhub/entities/_base/material/utils.py +5 -1
digitalhub/entities/_base/runtime_entity/__init__.py +3 -0
digitalhub/entities/_base/runtime_entity/builder.py +4 -0
digitalhub/entities/_base/unversioned/__init__.py +3 -0
digitalhub/entities/_base/unversioned/builder.py +4 -0
digitalhub/entities/_base/unversioned/entity.py +4 -0
digitalhub/entities/_base/versioned/__init__.py +3 -0
digitalhub/entities/_base/versioned/builder.py +4 -0
digitalhub/entities/_base/versioned/entity.py +4 -0
digitalhub/entities/_commons/__init__.py +3 -0
digitalhub/entities/_commons/enums.py +4 -0
digitalhub/entities/_commons/metrics.py +4 -0
digitalhub/entities/_commons/types.py +4 -0
digitalhub/entities/_commons/utils.py +4 -0
digitalhub/entities/_processors/__init__.py +3 -0
digitalhub/entities/_processors/base.py +4 -0
digitalhub/entities/_processors/context.py +5 -1
digitalhub/entities/_processors/utils.py +4 -0
digitalhub/entities/artifact/__init__.py +3 -0
digitalhub/entities/artifact/_base/__init__.py +3 -0
digitalhub/entities/artifact/_base/builder.py +4 -0
digitalhub/entities/artifact/_base/entity.py +4 -0
digitalhub/entities/artifact/_base/spec.py +4 -0
digitalhub/entities/artifact/_base/status.py +4 -0
digitalhub/entities/artifact/artifact/__init__.py +3 -0
digitalhub/entities/artifact/artifact/builder.py +4 -0
digitalhub/entities/artifact/artifact/entity.py +4 -0
digitalhub/entities/artifact/artifact/spec.py +4 -0
digitalhub/entities/artifact/artifact/status.py +4 -0
digitalhub/entities/artifact/crud.py +4 -0
digitalhub/entities/artifact/utils.py +4 -0
digitalhub/entities/builders.py +4 -0
digitalhub/entities/dataitem/__init__.py +3 -0
digitalhub/entities/dataitem/_base/__init__.py +3 -0
digitalhub/entities/dataitem/_base/builder.py +4 -0
digitalhub/entities/dataitem/_base/entity.py +4 -0
digitalhub/entities/dataitem/_base/spec.py +4 -0
digitalhub/entities/dataitem/_base/status.py +4 -0
digitalhub/entities/dataitem/crud.py +4 -0
digitalhub/entities/dataitem/dataitem/__init__.py +3 -0
digitalhub/entities/dataitem/dataitem/builder.py +4 -0
digitalhub/entities/dataitem/dataitem/entity.py +4 -0
digitalhub/entities/dataitem/dataitem/spec.py +4 -0
digitalhub/entities/dataitem/dataitem/status.py +4 -0
digitalhub/entities/dataitem/iceberg/__init__.py +3 -0
digitalhub/entities/dataitem/iceberg/builder.py +4 -0
digitalhub/entities/dataitem/iceberg/entity.py +4 -0
digitalhub/entities/dataitem/iceberg/spec.py +4 -0
digitalhub/entities/dataitem/iceberg/status.py +4 -0
digitalhub/entities/dataitem/table/__init__.py +3 -0
digitalhub/entities/dataitem/table/builder.py +4 -0
digitalhub/entities/dataitem/table/entity.py +4 -0
digitalhub/entities/dataitem/table/models.py +4 -0
digitalhub/entities/dataitem/table/spec.py +4 -0
digitalhub/entities/dataitem/table/status.py +4 -0
digitalhub/entities/dataitem/table/utils.py +4 -0
digitalhub/entities/dataitem/utils.py +4 -0
digitalhub/entities/function/__init__.py +3 -0
digitalhub/entities/function/_base/__init__.py +3 -0
digitalhub/entities/function/_base/builder.py +4 -0
digitalhub/entities/function/_base/entity.py +4 -0
digitalhub/entities/function/_base/spec.py +4 -0
digitalhub/entities/function/_base/status.py +4 -0
digitalhub/entities/function/crud.py +4 -0
digitalhub/entities/model/__init__.py +3 -0
digitalhub/entities/model/_base/__init__.py +3 -0
digitalhub/entities/model/_base/builder.py +4 -0
digitalhub/entities/model/_base/entity.py +4 -0
digitalhub/entities/model/_base/spec.py +4 -0
digitalhub/entities/model/_base/status.py +4 -0
digitalhub/entities/model/crud.py +4 -0
digitalhub/entities/model/huggingface/__init__.py +3 -0
digitalhub/entities/model/huggingface/builder.py +4 -0
digitalhub/entities/model/huggingface/entity.py +4 -0
digitalhub/entities/model/huggingface/spec.py +4 -0
digitalhub/entities/model/huggingface/status.py +4 -0
digitalhub/entities/model/mlflow/__init__.py +3 -0
digitalhub/entities/model/mlflow/builder.py +4 -0
digitalhub/entities/model/mlflow/entity.py +4 -0
digitalhub/entities/model/mlflow/models.py +4 -0
digitalhub/entities/model/mlflow/spec.py +4 -0
digitalhub/entities/model/mlflow/status.py +4 -0
digitalhub/entities/model/mlflow/utils.py +4 -0
digitalhub/entities/model/model/__init__.py +3 -0
digitalhub/entities/model/model/builder.py +4 -0
digitalhub/entities/model/model/entity.py +4 -0
digitalhub/entities/model/model/spec.py +4 -0
digitalhub/entities/model/model/status.py +4 -0
digitalhub/entities/model/sklearn/__init__.py +3 -0
digitalhub/entities/model/sklearn/builder.py +4 -0
digitalhub/entities/model/sklearn/entity.py +4 -0
digitalhub/entities/model/sklearn/spec.py +4 -0
digitalhub/entities/model/sklearn/status.py +4 -0
digitalhub/entities/model/utils.py +4 -0
digitalhub/entities/project/__init__.py +3 -0
digitalhub/entities/project/_base/__init__.py +3 -0
digitalhub/entities/project/_base/builder.py +4 -0
digitalhub/entities/project/_base/entity.py +4 -0
digitalhub/entities/project/_base/models.py +4 -0
digitalhub/entities/project/_base/spec.py +4 -0
digitalhub/entities/project/_base/status.py +4 -0
digitalhub/entities/project/crud.py +4 -0
digitalhub/entities/project/utils.py +4 -0
digitalhub/entities/run/__init__.py +3 -0
digitalhub/entities/run/_base/__init__.py +3 -0
digitalhub/entities/run/_base/builder.py +4 -0
digitalhub/entities/run/_base/entity.py +4 -0
digitalhub/entities/run/_base/spec.py +4 -0
digitalhub/entities/run/_base/status.py +4 -0
digitalhub/entities/run/crud.py +4 -0
digitalhub/entities/secret/__init__.py +3 -0
digitalhub/entities/secret/_base/__init__.py +3 -0
digitalhub/entities/secret/_base/builder.py +4 -0
digitalhub/entities/secret/_base/entity.py +4 -0
digitalhub/entities/secret/_base/spec.py +4 -0
digitalhub/entities/secret/_base/status.py +4 -0
digitalhub/entities/secret/crud.py +4 -0
digitalhub/entities/task/__init__.py +3 -0
digitalhub/entities/task/_base/__init__.py +3 -0
digitalhub/entities/task/_base/builder.py +4 -0
digitalhub/entities/task/_base/entity.py +4 -0
digitalhub/entities/task/_base/models.py +4 -0
digitalhub/entities/task/_base/spec.py +4 -0
digitalhub/entities/task/_base/status.py +4 -0
digitalhub/entities/task/_base/utils.py +4 -0
digitalhub/entities/task/crud.py +4 -0
digitalhub/entities/trigger/__init__.py +3 -0
digitalhub/entities/trigger/_base/__init__.py +3 -0
digitalhub/entities/trigger/_base/builder.py +4 -0
digitalhub/entities/trigger/_base/entity.py +4 -0
digitalhub/entities/trigger/_base/spec.py +4 -0
digitalhub/entities/trigger/_base/status.py +4 -0
digitalhub/entities/trigger/crud.py +4 -0
digitalhub/entities/trigger/lifecycle/__init__.py +3 -0
digitalhub/entities/trigger/lifecycle/builder.py +4 -0
digitalhub/entities/trigger/lifecycle/entity.py +4 -0
digitalhub/entities/trigger/lifecycle/spec.py +4 -0
digitalhub/entities/trigger/lifecycle/status.py +4 -0
digitalhub/entities/trigger/scheduler/__init__.py +3 -0
digitalhub/entities/trigger/scheduler/builder.py +4 -0
digitalhub/entities/trigger/scheduler/entity.py +4 -0
digitalhub/entities/trigger/scheduler/spec.py +4 -0
digitalhub/entities/trigger/scheduler/status.py +4 -0
digitalhub/entities/workflow/__init__.py +3 -0
digitalhub/entities/workflow/_base/__init__.py +3 -0
digitalhub/entities/workflow/_base/builder.py +4 -0
digitalhub/entities/workflow/_base/entity.py +4 -0
digitalhub/entities/workflow/_base/spec.py +4 -0
digitalhub/entities/workflow/_base/status.py +4 -0
digitalhub/entities/workflow/crud.py +4 -0
digitalhub/factory/__init__.py +3 -0
digitalhub/factory/factory.py +4 -0
digitalhub/factory/utils.py +4 -0
digitalhub/runtimes/__init__.py +3 -0
digitalhub/runtimes/_base.py +4 -0
digitalhub/runtimes/builder.py +4 -0
digitalhub/runtimes/enums.py +4 -0
digitalhub/stores/__init__.py +3 -0
digitalhub/stores/client/__init__.py +3 -0
digitalhub/stores/client/_base/__init__.py +3 -0
digitalhub/stores/client/_base/api_builder.py +4 -0
digitalhub/stores/client/_base/client.py +4 -0
digitalhub/stores/client/_base/key_builder.py +4 -0
digitalhub/stores/client/_base/params_builder.py +4 -0
digitalhub/stores/client/api.py +4 -0
digitalhub/stores/client/builder.py +4 -0
digitalhub/stores/client/dhcore/__init__.py +3 -0
digitalhub/stores/client/dhcore/api_builder.py +4 -0
digitalhub/stores/client/dhcore/client.py +60 -19
digitalhub/stores/client/dhcore/configurator.py +282 -183
digitalhub/stores/client/dhcore/enums.py +6 -0
digitalhub/stores/client/dhcore/error_parser.py +4 -0
digitalhub/stores/client/dhcore/key_builder.py +4 -0
digitalhub/stores/client/dhcore/models.py +4 -0
digitalhub/stores/client/dhcore/params_builder.py +4 -0
digitalhub/stores/client/dhcore/utils.py +12 -8
digitalhub/stores/client/local/__init__.py +3 -0
digitalhub/stores/client/local/api_builder.py +4 -0
digitalhub/stores/client/local/client.py +4 -0
digitalhub/stores/client/local/enums.py +4 -0
digitalhub/stores/client/local/key_builder.py +4 -0
digitalhub/stores/client/local/params_builder.py +4 -0
digitalhub/stores/credentials/__init__.py +3 -0
digitalhub/stores/{configurator → credentials}/api.py +7 -3
digitalhub/stores/credentials/configurator.py +37 -0
digitalhub/stores/credentials/enums.py +54 -0
digitalhub/stores/credentials/handler.py +148 -0
digitalhub/stores/{configurator → credentials}/ini_module.py +5 -1
digitalhub/stores/credentials/store.py +49 -0
digitalhub/stores/data/__init__.py +3 -0
digitalhub/stores/data/_base/__init__.py +3 -0
digitalhub/stores/data/_base/store.py +23 -6
digitalhub/stores/data/api.py +41 -1
digitalhub/stores/data/builder.py +50 -53
digitalhub/stores/data/enums.py +4 -0
digitalhub/stores/data/local/__init__.py +3 -0
digitalhub/stores/data/local/store.py +8 -7
digitalhub/stores/data/remote/__init__.py +3 -0
digitalhub/stores/data/remote/store.py +8 -7
digitalhub/stores/data/s3/__init__.py +3 -0
digitalhub/stores/data/s3/configurator.py +40 -92
digitalhub/stores/data/s3/store.py +46 -57
digitalhub/stores/data/s3/utils.py +5 -1
digitalhub/stores/data/sql/__init__.py +3 -0
digitalhub/stores/data/sql/configurator.py +39 -83
digitalhub/stores/data/sql/store.py +19 -15
digitalhub/stores/readers/__init__.py +3 -0
digitalhub/stores/readers/data/__init__.py +3 -0
digitalhub/stores/readers/data/_base/__init__.py +3 -0
digitalhub/stores/readers/data/_base/builder.py +4 -0
digitalhub/stores/readers/data/_base/reader.py +4 -0
digitalhub/stores/readers/data/api.py +4 -0
digitalhub/stores/readers/data/factory.py +4 -0
digitalhub/stores/readers/data/pandas/__init__.py +3 -0
digitalhub/stores/readers/data/pandas/builder.py +4 -0
digitalhub/stores/readers/data/pandas/reader.py +4 -0
digitalhub/stores/readers/query/__init__.py +3 -0
digitalhub/utils/__init__.py +3 -0
digitalhub/utils/enums.py +4 -0
digitalhub/utils/exceptions.py +4 -0
digitalhub/utils/file_utils.py +4 -0
digitalhub/utils/generic_utils.py +4 -0
digitalhub/utils/git_utils.py +4 -0
digitalhub/utils/io_utils.py +4 -0
digitalhub/utils/logger.py +4 -0
digitalhub/utils/types.py +4 -0
digitalhub/utils/uri_utils.py +4 -0
digitalhub-0.13.0b0.dist-info/METADATA +301 -0
digitalhub-0.13.0b0.dist-info/RECORD +260 -0
digitalhub-0.13.0b0.dist-info/licenses/AUTHORS +5 -0
digitalhub-0.13.0b0.dist-info/licenses/LICENSE +201 -0
digitalhub/stores/configurator/__init__.py +0 -0
digitalhub/stores/configurator/configurator.py +0 -198
digitalhub/stores/configurator/credentials_store.py +0 -65
digitalhub/stores/configurator/enums.py +0 -21
digitalhub/stores/data/s3/enums.py +0 -16
digitalhub/stores/data/sql/enums.py +0 -16
digitalhub/stores/data/utils.py +0 -34
digitalhub-0.11.0b7.dist-info/METADATA +0 -259
digitalhub-0.11.0b7.dist-info/RECORD +0 -261
digitalhub-0.11.0b7.dist-info/licenses/LICENSE.txt +0 -216
{digitalhub-0.11.0b7.dist-info → digitalhub-0.13.0b0.dist-info}/WHEEL +0 -0

digitalhub/stores/client/dhcore/configurator.py CHANGED Viewed

@@ -1,14 +1,17 @@
+# SPDX-FileCopyrightText: © 2025 DSLab - Fondazione Bruno Kessler
+#
+# SPDX-License-Identifier: Apache-2.0
 from __future__ import annotations
 import typing
-from warnings import warn
 from requests import request
-from digitalhub.stores.client.dhcore.enums import AuthType, DhcoreEnvVar
-from digitalhub.stores.configurator.configurator import configurator
-from digitalhub.stores.data.s3.enums import S3StoreEnv
-from digitalhub.stores.data.sql.enums import SqlStoreEnv
+from digitalhub.stores.client.dhcore.enums import AuthType
+from digitalhub.stores.credentials.configurator import Configurator
+from digitalhub.stores.credentials.enums import CredsEnvVar, CredsOrigin
+from digitalhub.stores.credentials.handler import creds_handler
 from digitalhub.utils.exceptions import ClientError
 from digitalhub.utils.generic_utils import list_enum
 from digitalhub.utils.uri_utils import has_remote_scheme
@@ -17,191 +20,282 @@ if typing.TYPE_CHECKING:
     from requests import Response
-# Default key used to store authentication information
-AUTH_KEY = "_auth"
-# API levels that are supported
-MAX_API_LEVEL = 20
-MIN_API_LEVEL = 11
-LIB_VERSION = 11
-class ClientDHCoreConfigurator:
+class ClientDHCoreConfigurator(Configurator):
     """
     Configurator object used to configure the client.
+    The configurator starts reading the credentials from the
+    environment and from the ini file and stores them into the
+    creds_handler object.
+    While reading the credentials from the two sources (environment and file),
+    the configurator evaluate if the required keys are present in both sources.
+    If the required keys are not present in both sources, the configurator
+    will rise an error, otherwise decide which source to use.
+    Once the credentials are read, the configurator check the current profile
+    name from the ini file, and set it. The default one is __default. The
+    profile is used to discriminate a set of credentials inside the ini file.
+    The configurator finally set the authentication type based on the credentials.
+    The logic is the following:
+        1. Check for a personal access token. Use it immediately to
+           require a timed access token in an exchange endpoint.
+           Switche then the origin to file and .
+           Set the auth type to EXCHANGE.
+        2. Check for an access token and a refresh token.
+           Set the auth type to OAUTH2.
+        3. Check for username and password.
+           Set the auth type to BASIC.
+        4. If none of the above is true, leave the auth type to None.
     """
+    keys = [*list_enum(CredsEnvVar)]
+    required_keys = [CredsEnvVar.DHCORE_ENDPOINT.value]
+    keys_to_unprefix = [
+        CredsEnvVar.DHCORE_REFRESH_TOKEN.value,
+        CredsEnvVar.DHCORE_ACCESS_TOKEN.value,
+        CredsEnvVar.DHCORE_ISSUER.value,
+        CredsEnvVar.DHCORE_CLIENT_ID.value,
+    ]
     def __init__(self) -> None:
-        self._current_env = configurator.get_current_env()
+        super().__init__()
+        self.load_configs()
+        self._origin = self.set_origin()
+        self._current_profile = creds_handler.get_current_env()
+        self._auth_type: str | None = None
+        self.set_auth_type()
     ##############################
-    # Configuration methods
+    # Credentials methods
     ##############################
-    def check_config(self) -> None:
+    def load_configs(self) -> str:
         """
-        Check if the config is valid.
-        Parameters
-        ----------
-        config : dict
-            Configuration dictionary.
+        Load the configuration from the environment and from the file.
+        """
+        self.load_env_vars()
+        self.load_file_vars()
-        Returns
-        -------
-        None
+    def load_env_vars(self) -> None:
+        """
+        Load the credentials from the environment.
         """
-        if configurator.get_current_env() != self._current_env:
-            self.configure()
+        env_creds = {var: self._creds_handler.load_from_env(var) for var in self.keys}
+        env_creds = self._sanitize_env_vars(env_creds)
+        self._creds_handler.set_credentials(self._env, env_creds)
-    def configure(self, config: dict | None = None) -> None:
+    def _sanitize_env_vars(self, creds: dict) -> dict:
         """
-        Configure the client attributes with config (given or from
-        environment).
-        Regarding authentication parameters, the config parameter
-        takes precedence over the env variables, and the token
-        over the basic auth. Furthermore, the config parameter is
-        validated against the proper pydantic model.
+        Sanitize the env vars. We expect issuer to have the
+        form "DHCORE_ISSUER" in env.
         Parameters
         ----------
-        config : dict
-            Configuration dictionary.
+        creds : dict
+            Credentials dictionary.
         Returns
         -------
-        None
+        dict
         """
-        self._get_core_endpoint()
-        self._get_auth_vars()
+        creds[CredsEnvVar.DHCORE_ENDPOINT.value] = self._sanitize_endpoint(creds[CredsEnvVar.DHCORE_ENDPOINT.value])
+        creds[CredsEnvVar.DHCORE_ISSUER.value] = self._sanitize_endpoint(creds[CredsEnvVar.DHCORE_ISSUER.value])
+        return creds
-    def check_core_version(self, response: Response) -> None:
+    def load_file_vars(self) -> None:
         """
-        Raise an exception if DHCore API version is not supported.
+        Load the credentials from the file.
+        """
+        keys = [*self._remove_prefix_dhcore()]
+        file_creds = {var: self._creds_handler.load_from_file(var) for var in keys}
-        Parameters
-        ----------
-        response : Response
-            The response object.
+        # Because in the response there is no endpoint
+        if file_creds[CredsEnvVar.DHCORE_ENDPOINT.value] is None:
+            file_creds[CredsEnvVar.DHCORE_ENDPOINT.value] = self._creds_handler.load_from_env(
+                CredsEnvVar.DHCORE_ENDPOINT.value
+            )
-        Returns
-        -------
-        None
-        """
-        if "X-Api-Level" in response.headers:
-            core_api_level = int(response.headers["X-Api-Level"])
-            if not (MIN_API_LEVEL <= core_api_level <= MAX_API_LEVEL):
-                raise ClientError("Backend API level not supported.")
-            if LIB_VERSION < core_api_level:
-                warn("Backend API level is higher than library version. You should consider updating the library.")
+        # Because in the response there is no personal access token
+        if file_creds[CredsEnvVar.DHCORE_PERSONAL_ACCESS_TOKEN.value] is None:
+            file_creds[CredsEnvVar.DHCORE_PERSONAL_ACCESS_TOKEN.value] = self._creds_handler.load_from_env(
+                CredsEnvVar.DHCORE_PERSONAL_ACCESS_TOKEN.value
+            )
-    def build_url(self, api: str) -> str:
+        file_creds = self._sanitize_file_vars(file_creds)
+        self._creds_handler.set_credentials(self._file, file_creds)
+    def _sanitize_file_vars(self, creds: dict) -> dict:
         """
-        Build the url.
+        Sanitize the file vars. We expect issuer, client_id and access_token and
+        refresh_token to not have the form "DHCORE_" in the file.
         Parameters
         ----------
-        api : str
-            The api to call.
+        creds : dict
+            Credentials dictionary.
         Returns
         -------
-        str
-            The url.
+        dict
         """
-        api = api.removeprefix("/")
-        return f"{configurator.get_credential(DhcoreEnvVar.ENDPOINT.value)}/{api}"
-    ##############################
-    # Private methods
-    ##############################
+        creds[CredsEnvVar.DHCORE_ENDPOINT.value] = self._sanitize_endpoint(creds[CredsEnvVar.DHCORE_ENDPOINT.value])
+        creds[CredsEnvVar.DHCORE_ISSUER.value] = self._sanitize_endpoint(
+            creds[CredsEnvVar.DHCORE_ISSUER.value.removeprefix("DHCORE_")]
+        )
+        creds[CredsEnvVar.DHCORE_REFRESH_TOKEN.value] = creds[
+            CredsEnvVar.DHCORE_REFRESH_TOKEN.value.removeprefix("DHCORE_")
+        ]
+        creds[CredsEnvVar.DHCORE_ACCESS_TOKEN.value] = creds[
+            CredsEnvVar.DHCORE_ACCESS_TOKEN.value.removeprefix("DHCORE_")
+        ]
+        creds[CredsEnvVar.DHCORE_CLIENT_ID.value] = creds[CredsEnvVar.DHCORE_CLIENT_ID.value.removeprefix("DHCORE_")]
+        return {k: v for k, v in creds.items() if k in self.keys}
     @staticmethod
-    def _sanitize_endpoint(endpoint: str) -> str:
+    def _sanitize_endpoint(endpoint: str | None = None) -> str | None:
         """
         Sanitize the endpoint.
         Returns
         -------
-        None
+        str | None
+            The sanitized endpoint.
         """
+        if endpoint is None:
+            return
         if not has_remote_scheme(endpoint):
             raise ClientError("Invalid endpoint scheme. Must start with http:// or https://.")
         endpoint = endpoint.strip()
         return endpoint.removesuffix("/")
-    def _get_core_endpoint(self) -> None:
+    def check_config(self) -> None:
         """
-        Get the DHCore endpoint from env.
+        Check if the config is valid.
+        Parameters
+        ----------
+        config : dict
+            Configuration dictionary.
         Returns
         -------
         None
+        """
+        if (current := creds_handler.get_current_env()) != self._current_profile:
+            self.load_file_vars()
+            self._current_profile = current
-        Raises
-        ------
-        Exception
-            If the endpoint of DHCore is not set in the env variables.
+    def get_endpoint(self) -> str:
         """
-        endpoint = configurator.load_var(DhcoreEnvVar.ENDPOINT.value)
-        if endpoint is None:
-            raise ClientError("Endpoint not set as environment variables.")
-        endpoint = self._sanitize_endpoint(endpoint)
-        configurator.set_credential(DhcoreEnvVar.ENDPOINT.value, endpoint)
+        Get the DHCore endpoint.
+        Returns
+        -------
+        str
+            The endpoint.
+        """
+        creds = self._creds_handler.get_credentials(self._origin)
+        return creds[CredsEnvVar.DHCORE_ENDPOINT.value]
-    def _get_auth_vars(self) -> None:
+    ##############################
+    # Origin methods
+    ##############################
+    def set_origin(self) -> str:
         """
-        Get authentication parameters from the env.
+        Evaluate the default origin from the credentials.
         Returns
         -------
-        None
+        str
+            The origin.
         """
-        # Give priority to access token
-        access_token = self._load_dhcore_oauth_vars(DhcoreEnvVar.ACCESS_TOKEN.value)
-        if access_token is not None:
-            configurator.set_credential(AUTH_KEY, AuthType.OAUTH2.value)
-            configurator.set_credential(DhcoreEnvVar.ACCESS_TOKEN.value.removeprefix("DHCORE_"), access_token)
+        origin = CredsOrigin.ENV.value
+        env_creds = self._creds_handler.get_credentials(self._env)
+        missing_env = self._check_credentials(env_creds)
+        file_creds = self._creds_handler.get_credentials(self._file)
+        missing_file = self._check_credentials(file_creds)
+        msg = ""
+        if missing_env:
+            msg = f"Missing required vars in env: {', '.join(missing_env)}"
+            origin = CredsOrigin.FILE.value
+        elif missing_file:
+            msg += f"Missing required vars in .dhcore.ini file: {', '.join(missing_file)}"
+        if missing_env and missing_file:
+            raise ClientError(msg)
+        return origin
-        # Fallback to basic
+    def change_origin(self) -> None:
+        """
+        Change the origin of the credentials.
+        """
+        if self._origin == CredsOrigin.ENV.value:
+            self.change_to_file()
         else:
-            user = configurator.load_var(DhcoreEnvVar.USER.value)
-            password = configurator.load_var(DhcoreEnvVar.PASSWORD.value)
-            if user is not None and password is not None:
-                configurator.set_credential(AUTH_KEY, AuthType.BASIC.value)
-                configurator.set_credential(DhcoreEnvVar.USER.value, user)
-                configurator.set_credential(DhcoreEnvVar.PASSWORD.value, password)
+            self.change_to_env()
+        # Re-evaluate the auth type
+        self.set_auth_type()
+    def change_to_file(self) -> None:
+        """
+        Change the origin to file. Re-evaluate the auth type.
+        """
+        self._origin = CredsOrigin.FILE.value
+    def change_to_env(self) -> None:
+        """
+        Change the origin to env. Re-evaluate the auth type.
+        """
+        self._origin = CredsOrigin.ENV.value
     ##############################
     # Auth methods
     ##############################
-    def basic_auth(self) -> bool:
+    def set_auth_type(self) -> None:
         """
-        Get basic auth.
+        Evaluate the auth type from the credentials.
         Returns
         -------
-        bool
+        None
         """
-        auth_type = configurator.get_credential(AUTH_KEY)
-        return auth_type == AuthType.BASIC.value
+        creds = creds_handler.get_credentials(self._origin)
+        self._auth_type = self._eval_auth_type(creds)
+        # If we have an exchange token, we need to get a new access token.
+        # Therefore, we change the origin to file, where the refresh token is written.
+        # We also try to fetch the PAT from both env and file
+        if self._auth_type == AuthType.EXCHANGE.value:
+            self.get_new_access_token(change_origin=True)
+            # Just to ensure we get the right source from file
+            self.change_to_file()
-    def oauth2_auth(self) -> bool:
+    def refreshable_auth_types(self) -> bool:
         """
-        Get oauth2 auth.
+        Check if the auth type is refreshable.
         Returns
         -------
         bool
+            True if the auth type is refreshable, False otherwise.
         """
-        auth_type = configurator.get_credential(AUTH_KEY)
-        return auth_type == AuthType.OAUTH2.value
+        return self._auth_type in [AuthType.OAUTH2.value, AuthType.EXCHANGE.value]
-    def set_request_auth(self, kwargs: dict) -> dict:
+    def get_auth_parameters(self, kwargs: dict) -> dict:
         """
-        Get the authentication header.
+        Get the authentication header for the request.
+        It is given for granted that the auth type is set and that,
+        if the auth type is EXCHANGE, the refresh token is set.
         Parameters
         ----------
@@ -211,50 +305,78 @@ class ClientDHCoreConfigurator:
         Returns
         -------
         dict
-            Authentication header.
-        """
-        creds = configurator.get_all_credentials()
-        if AUTH_KEY not in creds:
-            return kwargs
-        if self.basic_auth():
-            user = creds[DhcoreEnvVar.USER.value]
-            password = creds[DhcoreEnvVar.PASSWORD.value]
-            kwargs["auth"] = (user, password)
-        elif self.oauth2_auth():
+            Authentication parameters.
+        """
+        creds = creds_handler.get_credentials(self._origin)
+        if self._auth_type in (AuthType.EXCHANGE.value, AuthType.OAUTH2.value):
+            access_token = creds[CredsEnvVar.DHCORE_ACCESS_TOKEN.value]
             if "headers" not in kwargs:
                 kwargs["headers"] = {}
-            access_token = creds[DhcoreEnvVar.ACCESS_TOKEN.value.removeprefix("DHCORE_")]
             kwargs["headers"]["Authorization"] = f"Bearer {access_token}"
+        elif self._auth_type == AuthType.BASIC.value:
+            user = creds[CredsEnvVar.DHCORE_USER.value]
+            password = creds[CredsEnvVar.DHCORE_PASSWORD.value]
+            kwargs["auth"] = (user, password)
         return kwargs
-    def get_new_access_token(self) -> None:
+    def get_new_access_token(self, change_origin: bool = False) -> None:
         """
         Get a new access token.
+        Parameters
+        ----------
+        change_origin : bool, optional
+            Whether to change the origin of the credentials, by default False
         Returns
         -------
         None
         """
-        # Call issuer and get endpoint for
-        # refreshing access token
+        if not self.refreshable_auth_types():
+            raise ClientError(f"Auth type {self._auth_type} does not support refresh.")
+        # Get refresh endpoint
         url = self._get_refresh_endpoint()
-        # Call refresh token endpoint
-        # Try token from env
-        refresh_token = configurator.load_from_env(DhcoreEnvVar.REFRESH_TOKEN.value)
-        response = self._call_refresh_token_endpoint(url, refresh_token)
+        # Get credentials
+        creds = self._creds_handler.get_credentials(self._origin)
-        # Otherwise try token from file
+        # Get client id
+        if (client_id := creds.get(CredsEnvVar.DHCORE_CLIENT_ID.value)) is None:
+            raise ClientError("Client id not set.")
+        # Handling of token exchange or refresh
+        if self._auth_type == AuthType.OAUTH2.value:
+            response = self._call_refresh_token_endpoint(
+                url,
+                client_id=client_id,
+                refresh_token=creds.get(CredsEnvVar.DHCORE_REFRESH_TOKEN.value),
+                grant_type="refresh_token",
+                scope="credentials",
+            )
+        elif self._auth_type == AuthType.EXCHANGE.value:
+            response = self._call_refresh_token_endpoint(
+                url,
+                client_id=client_id,
+                subject_token=creds.get(CredsEnvVar.DHCORE_PERSONAL_ACCESS_TOKEN.value),
+                subject_token_type="urn:ietf:params:oauth:token-type:pat",
+                grant_type="urn:ietf:params:oauth:grant-type:token-exchange",
+                scope="credentials",
+            )
+        # Change origin of creds if needed
         if response.status_code in (400, 401, 403):
-            refresh_token = configurator.load_from_file(DhcoreEnvVar.REFRESH_TOKEN.value.removeprefix("DHCORE_"))
-            response = self._call_refresh_token_endpoint(url, refresh_token)
+            if not change_origin:
+                raise ClientError("Unable to refresh token. Please check your credentials.")
+            self.change_origin()
+            self.get_new_access_token(change_origin=False)
         response.raise_for_status()
         # Read new credentials and propagate to config file
-        self._set_creds(response.json())
+        self._export_new_creds(response.json())
-    def _set_creds(self, response: dict) -> None:
+    def _export_new_creds(self, response: dict) -> None:
         """
         Set new credentials.
@@ -267,17 +389,13 @@ class ClientDHCoreConfigurator:
         -------
         None
         """
-        keys = [
-            *self._remove_prefix_dhcore(list_enum(DhcoreEnvVar)),
-            *list_enum(S3StoreEnv),
-            *list_enum(SqlStoreEnv),
-        ]
-        for key in keys:
-            if (value := response.get(key.lower())) is not None:
-                configurator.set_credential(key, value)
-        configurator.write_env(keys)
+        creds_handler.write_env(response)
+        self.load_file_vars()
-    def _remove_prefix_dhcore(self, keys: list[str]) -> list[str]:
+        # Change current origin to file because of refresh
+        self._origin = CredsOrigin.FILE.value
+    def _remove_prefix_dhcore(self) -> list[str]:
         """
         Remove prefix from selected keys. (Compatibility with CLI)
@@ -292,13 +410,8 @@ class ClientDHCoreConfigurator:
             List of keys without prefix.
         """
         new_list = []
-        for key in keys:
-            if key in (
-                DhcoreEnvVar.REFRESH_TOKEN.value,
-                DhcoreEnvVar.ACCESS_TOKEN.value,
-                DhcoreEnvVar.ISSUER.value,
-                DhcoreEnvVar.CLIENT_ID.value,
-            ):
+        for key in self.keys:
+            if key in self.keys_to_unprefix:
                 new_list.append(key.removeprefix("DHCORE_"))
             else:
                 new_list.append(key)
@@ -314,11 +427,10 @@ class ClientDHCoreConfigurator:
             Refresh endpoint.
         """
         # Get issuer endpoint
-        endpoint_issuer = self._load_dhcore_oauth_vars(DhcoreEnvVar.ISSUER.value)
+        creds = self._creds_handler.get_credentials(self._origin)
+        endpoint_issuer = creds.get(CredsEnvVar.DHCORE_ISSUER.value)
         if endpoint_issuer is None:
             raise ClientError("Issuer endpoint not set.")
-        endpoint_issuer = self._sanitize_endpoint(endpoint_issuer)
-        configurator.set_credential(DhcoreEnvVar.ISSUER.value.removeprefix("DHCORE_"), endpoint_issuer)
         # Standard issuer endpoint path
         url = endpoint_issuer + "/.well-known/openid-configuration"
@@ -328,7 +440,11 @@ class ClientDHCoreConfigurator:
         r.raise_for_status()
         return r.json().get("token_endpoint")
-    def _call_refresh_token_endpoint(self, url: str, refresh_token: str) -> Response:
+    def _call_refresh_token_endpoint(
+        self,
+        url: str,
+        **kwargs,
+    ) -> Response:
         """
         Call the refresh token endpoint.
@@ -336,44 +452,27 @@ class ClientDHCoreConfigurator:
         ----------
         url : str
             Refresh token endpoint.
-        refresh_token : str
-            Refresh token.
+        kwargs : dict
+            Keyword arguments to pass to the request.
         Returns
         -------
         Response
             Response object.
         """
-        # Get client id
-        client_id = self._load_dhcore_oauth_vars(DhcoreEnvVar.CLIENT_ID.value)
-        if client_id is None:
-            raise ClientError("Client id not set.")
         # Send request to get new access token
-        payload = {
-            "grant_type": "refresh_token",
-            "client_id": client_id,
-            "refresh_token": refresh_token,
-            "scope": "openid credentials offline_access",
-        }
+        payload = {**kwargs}
         headers = {"Content-Type": "application/x-www-form-urlencoded"}
         return request("POST", url, data=payload, headers=headers, timeout=60)
-    def _load_dhcore_oauth_vars(self, oauth_var: str) -> str | None:
-        """
-        Load DHCore oauth variables.
-        Parameters
-        ----------
-        oauth_var : str
-            The oauth variable to load.
-        Returns
-        -------
-        str
-            The oauth variable.
-        """
-        read_var = configurator.load_from_env(oauth_var)
-        if read_var is None:
-            read_var = configurator.load_from_file(oauth_var.removeprefix("DHCORE_"))
-        return read_var
+    def _eval_auth_type(self, creds: dict) -> str | None:
+        if creds[CredsEnvVar.DHCORE_PERSONAL_ACCESS_TOKEN.value] is not None:
+            return AuthType.EXCHANGE.value
+        if (
+            creds[CredsEnvVar.DHCORE_ACCESS_TOKEN.value] is not None
+            and creds[CredsEnvVar.DHCORE_REFRESH_TOKEN.value] is not None
+        ):
+            return AuthType.OAUTH2.value
+        if creds[CredsEnvVar.DHCORE_USER.value] is not None and creds[CredsEnvVar.DHCORE_PASSWORD.value] is not None:
+            return AuthType.BASIC.value
+        return None

digitalhub/stores/client/dhcore/enums.py CHANGED Viewed

@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: © 2025 DSLab - Fondazione Bruno Kessler
+#
+# SPDX-License-Identifier: Apache-2.0
 from __future__ import annotations
 from enum import Enum
@@ -15,6 +19,7 @@ class DhcoreEnvVar(Enum):
     CLIENT_ID = "DHCORE_CLIENT_ID"
     ACCESS_TOKEN = "DHCORE_ACCESS_TOKEN"
     REFRESH_TOKEN = "DHCORE_REFRESH_TOKEN"
+    PERSONAL_ACCESS_TOKEN = "DHCORE_PERSONAL_ACCESS_TOKEN"
     WORKFLOW_IMAGE = "DHCORE_WORKFLOW_IMAGE"
@@ -25,3 +30,4 @@ class AuthType(Enum):
     BASIC = "basic"
     OAUTH2 = "oauth2"
+    EXCHANGE = "exchange"

digitalhub/stores/client/dhcore/error_parser.py CHANGED Viewed

@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: © 2025 DSLab - Fondazione Bruno Kessler
+#
+# SPDX-License-Identifier: Apache-2.0
 from __future__ import annotations
 import typing

digitalhub/stores/client/dhcore/key_builder.py CHANGED Viewed

@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: © 2025 DSLab - Fondazione Bruno Kessler
+#
+# SPDX-License-Identifier: Apache-2.0
 from __future__ import annotations
 from digitalhub.stores.client._base.key_builder import ClientKeyBuilder

digitalhub 0.11.0b7__py3-none-any.whl → 0.13.0b0__py3-none-any.whl

Potentially problematic release.

digitalhub 0.11.0b7py3-none-any.whl → 0.13.0b0py3-none-any.whl