freva-client 2404.0.1__py3-none-any.whl → 2408.0.0.dev2__py3-none-any.whl

freva_client/__init__.py

@@ -14,7 +14,8 @@ library described in the documentation only support searching for data. If you
 need to apply data analysis plugins, please visit the
 """
 
+from .auth import authenticate
 from .query import databrowser
 
-__version__ = "2404.0.1"
-__all__ = ["databrowser", "__version__"]
+__version__ = "2408.0.0.dev2"
+__all__ = ["authenticate", "databrowser", "__version__"]

freva_client/auth.py

@@ -0,0 +1,197 @@
+"""Module that handles the authentication at the rest service."""
+
+from datetime import datetime
+from getpass import getpass, getuser
+from typing import Optional, TypedDict
+
+from authlib.integrations.requests_client import OAuth2Session
+
+from .utils import logger
+from .utils.databrowser_utils import Config
+
+Token = TypedDict(
+    "Token",
+    {
+        "access_token": str,
+        "token_type": str,
+        "expires": float,
+        "refresh_token": str,
+        "refresh_expires": float,
+    },
+)
+
+
+class Auth:
+    """Helper class for authentication."""
+
+    _instance: Optional["Auth"] = None
+    _auth_token: Optional[Token] = None
+
+    def __new__(cls) -> "Auth":
+        if cls._instance is None:
+            cls._instance = super().__new__(cls)
+        return cls._instance
+
+    def __init__(self) -> None:
+        self._auth_cls = OAuth2Session()
+
+    @property
+    def token_expiration_time(self) -> datetime:
+        """Get the expiration time of an access token."""
+        if self._auth_token is None:
+            exp = 0.0
+        else:
+            exp = self._auth_token["expires"]
+        return datetime.fromtimestamp(exp)
+
+    def set_token(
+        self,
+        access_token: str,
+        refresh_token: Optional[str] = None,
+        expires_in: int = 10,
+        refresh_expires_in: int = 10,
+        expires: Optional[float] = None,
+        refresh_expires: Optional[float] = None,
+        token_type: str = "Bearer",
+    ) -> Token:
+        """Override the existing auth token."""
+        now = datetime.now().timestamp()
+
+        self._auth_token = Token(
+            access_token=access_token or "",
+            refresh_token=refresh_token or "",
+            token_type=token_type,
+            expires=expires or now + expires_in,
+            refresh_expires=refresh_expires or now + refresh_expires_in,
+        )
+        return self._auth_token
+
+    def _refresh(
+        self, url: str, refresh_token: str, username: Optional[str] = None
+    ) -> Token:
+        """Refresh the access_token with a refresh token."""
+        auth = self._auth_cls.refresh_token(f"{url}/token", refresh_token or " ")
+        try:
+            return self.set_token(
+                access_token=auth["access_token"],
+                token_type=auth["token_type"],
+                expires_in=auth["expires_in"],
+                refresh_token=auth["refresh_token"],
+                refresh_expires_in=auth["refresh_expires_in"],
+            )
+        except KeyError:
+            logger.warning("Failed to refresh token: %s", auth.get("detail", ""))
+            if username:
+                return self._login_with_password(url, username)
+            raise ValueError("Could not use refresh token") from None
+
+    def check_authentication(self, auth_url: Optional[str] = None) -> Token:
+        """Check the status of the authentication.
+
+        Raises
+        ------
+        ValueError: If user isn't or is no longer authenticated.
+        """
+        if not self._auth_token:
+            raise ValueError("You must authenticate first.")
+        now = datetime.now().timestamp()
+        if now > self._auth_token["refresh_expires"]:
+            raise ValueError("Refresh token has expired.")
+        if now > self._auth_token["expires"] and auth_url:
+            self._refresh(auth_url, self._auth_token["refresh_token"])
+        return self._auth_token
+
+    def _login_with_password(self, auth_url: str, username: str) -> Token:
+        """Create a new token."""
+        pw_msg = "Give password for server authentication: "
+        auth = self._auth_cls.fetch_token(
+            f"{auth_url}/token", username=username, password=getpass(pw_msg)
+        )
+        try:
+            return self.set_token(
+                access_token=auth["access_token"],
+                token_type=auth["token_type"],
+                expires_in=auth["expires_in"],
+                refresh_token=auth["refresh_token"],
+                refresh_expires_in=auth["refresh_expires_in"],
+            )
+        except KeyError:
+            logger.error("Failed to authenticate: %s", auth.get("detail", ""))
+            raise ValueError("Token creation failed") from None
+
+    def authenticate(
+        self,
+        host: Optional[str] = None,
+        refresh_token: Optional[str] = None,
+        username: Optional[str] = None,
+        force: bool = False,
+    ) -> Token:
+        """Authenticate the user to the host."""
+        cfg = Config(host)
+        if refresh_token:
+            try:
+                return self._refresh(cfg.auth_url, refresh_token)
+            except ValueError:
+                logger.warning(
+                    (
+                        "Could not use refresh token, falling back "
+                        "to username/password"
+                    )
+                )
+        username = username or getuser()
+        if self._auth_token is None or force:
+            return self._login_with_password(cfg.auth_url, username)
+        if self.token_expiration_time < datetime.now():
+            self._refresh(cfg.auth_url, self._auth_token["refresh_token"], username)
+        return self._auth_token
+
+
+def authenticate(
+    *,
+    refresh_token: Optional[str] = None,
+    username: Optional[str] = None,
+    host: Optional[str] = None,
+    force: bool = False,
+) -> Token:
+    """Authenticate to the host.
+
+    This method generates a new access token that should be used for restricted methods.
+
+    Parameters
+    ----------
+    refresh_token: str, optional
+        Instead of setting a password, you can set a refresh token to refresh
+        the access token. This is recommended for non-interactive environments.
+    username: str, optional
+        The username used for authentication. By default, the current
+        system username is used.
+    host: str, optional
+        The hostname of the REST server.
+    force: bool, default: False
+        Force token recreation, even if current token is still valid.
+
+    Returns
+    -------
+    Token: The authentication token.
+
+    Examples
+    --------
+    Interactive authentication:
+
+    .. code-block:: python
+
+        from freva_client import authenticate
+        token = authenticate(username="janedoe")
+        print(token)
+
+    Batch mode authentication with a refresh token:
+
+    .. code-block:: python
+
+        from freva_client import authenticate
+        token = authenticate(refresh_token="MYTOKEN")
+    """
+    auth = Auth()
+    return auth.authenticate(
+        host=host, username=username, refresh_token=refresh_token, force=force
+    )

freva_client/cli/auth_cli.py

@@ -0,0 +1,71 @@
+"""Command line interface for authentication."""
+
+import json
+from getpass import getuser
+from typing import Optional
+
+import typer
+from freva_client import authenticate
+from freva_client.utils import exception_handler, logger
+
+from .cli_utils import version_callback
+
+auth_app = typer.Typer(
+    name="auth",
+    help="Create OAuth2 access and refresh token.",
+    pretty_exceptions_short=False,
+)
+
+
+@exception_handler
+def authenticate_cli(
+    host: Optional[str] = typer.Option(
+        None,
+        "--host",
+        help=(
+            "Set the hostname of the databrowser, if not set (default) "
+            "the hostname is read from a config file"
+        ),
+    ),
+    username: str = typer.Option(
+        getuser(),
+        "--username",
+        "-u",
+        help="The username used for authentication.",
+    ),
+    refresh_token: Optional[str] = typer.Option(
+        None,
+        "--refresh-token",
+        "-r",
+        help=(
+            "Instead of using a password, you can use a refresh token. "
+            "refresh the access token. This is recommended for non-interactive"
+            " environments."
+        ),
+    ),
+    force: bool = typer.Option(
+        False,
+        "--force",
+        "-f",
+        help="Force token recreation, even if current token is still valid.",
+    ),
+    verbose: int = typer.Option(
+        0, "-v", help="Increase verbosity", count=True
+    ),
+    version: Optional[bool] = typer.Option(
+        False,
+        "-V",
+        "--version",
+        help="Show version an exit",
+        callback=version_callback,
+    ),
+) -> None:
+    """Create OAuth2 access and refresh token."""
+    logger.set_verbosity(verbose)
+    token_data = authenticate(
+        host=host,
+        username=username,
+        refresh_token=refresh_token,
+        force=force,
+    )
+    print(json.dumps(token_data, indent=3))

freva_client/cli/cli_app.py

@@ -1,22 +1,35 @@
 """Freva the Free Evaluation System command line interface."""
 
+from typing import Optional
+
 import typer
-from freva_client import __version__
 from freva_client.utils import logger
-from rich import print as pprint
 
-APP_NAME: str = "freva-client"
+from .auth_cli import authenticate_cli
+from .cli_utils import APP_NAME, version_callback
+from .databrowser_cli import databrowser_app
 
 app = typer.Typer(
     name=APP_NAME,
     help=__doc__,
-    add_completion=False,
+    add_completion=True,
     callback=logger.set_cli,
 )
 
 
-def version_callback(version: bool) -> None:
-    """Print the version and exit."""
-    if version:
-        pprint(f"{APP_NAME}: {__version__}")
-        raise typer.Exit()
+@app.callback()
+def main(
+    version: Optional[bool] = typer.Option(
+        None,
+        "--version",
+        "-V",
+        help="Show version and exit",
+        callback=version_callback,
+        is_eager=True,
+    ),
+) -> None:
+    """The main cli app."""
+
+
+app.add_typer(databrowser_app, name="databrowser")
+app.command(name="auth", help=authenticate_cli.__doc__)(authenticate_cli)

freva_client/cli/cli_parser.py

@@ -0,0 +1,152 @@
+"""Command line argument completion definitions."""
+
+import argparse
+import inspect
+from typing import Any, Callable, Dict, List, Optional, Tuple, cast
+
+from freva_client import databrowser
+from freva_client.cli.cli_app import app
+
+from .cli_utils import parse_cli_args
+
+
+class Completer:
+    """Base class for command line argument completers."""
+
+    def __init__(
+        self,
+        argv: List[str],
+        choices: Optional[Dict[str, Tuple[str, str]]] = None,
+        shell: str = "bash",
+        strip: bool = False,
+        flags_only: bool = False,
+    ):
+        self.choices = choices or {}
+        self.strip = strip
+        self.argv = argv
+        self.flags_only = flags_only
+        if shell == "zsh":
+            self.get_print = self._print_zsh
+        elif shell == "fish":
+            self.get_print = self._print_fish
+        else:
+            self.get_print = self._print_default
+
+    def _print_zsh(self, choices: Dict[str, Tuple[str, str]]) -> List[str]:
+        out = []
+        for key, _help in choices.items():
+            if key.startswith("-"):
+                out.append(f"{key}[{_help}]")
+            else:
+                out.append(f"{key}: {_help}")
+        return out
+
+    def _print_fish(self, choices: Dict[str, Tuple[str, str]]) -> List[str]:
+        out = []
+        for key, _help in choices.items():
+            out.append(f"{key}: {_help}")
+        return out
+
+    def _print_default(self, choices: Dict[str, Tuple[str, str]]) -> List[str]:
+        out = []
+        for key, _help in choices.items():
+            if not key.startswith("-"):
+                out.append(f"{key}: {_help}")
+            else:
+                out.append(key)
+        return out
+
+    def _get_choices(self) -> Dict[str, Tuple[str, str]]:
+        """Get the choices for databrowser command."""
+
+        facet_args = []
+        for arg in self.argv:
+            if len(arg.split("=")) == 2:
+                facet_args.append(arg)
+        search_keys = parse_cli_args(facet_args)
+        search = databrowser.metadata_search(
+            flavour="freva",
+            time=None,
+            host=None,
+            time_select="flexible",
+            multiversion=False,
+            extended_search=True,
+            fail_on_error=False,
+            **search_keys,
+        )
+        choices = {}
+        for att, values in search.items():
+            if att not in search_keys:
+                keys = ",".join([v for n, v in enumerate(values)])
+                choices[att] = (keys, "")
+        return choices
+
+    @property
+    def command_choices(self) -> Dict[str, Tuple[str, str]]:
+        """Get the command line arguments for all sub commands."""
+
+        if self.flags_only:
+            return self.choices
+        choices = self._get_choices()
+        return {**self.choices, **choices}
+
+    def formatted_print(self) -> None:
+        """Print all choices to be processed by the shell completion function."""
+
+        out = self.get_print(self.command_choices)
+        for line in out:
+            if line.startswith("-") and self.strip and not self.flags_only:
+                continue
+            if not line.startswith("-") and self.flags_only:
+                continue
+            print(line)
+
+    @classmethod
+    def parse_choices(cls, argv: list[str]) -> "Completer":
+        """Create the completion choices from given cmd arguments."""
+        parser = argparse.ArgumentParser(
+            description="Get choices for command line arguments"
+        )
+        parser.add_argument(
+            "--strip",
+            help="Do not print options starting with -",
+            default=False,
+            action="store_true",
+        )
+        parser.add_argument(
+            "--shell",
+            help="Set the target shell type.",
+            default=False,
+        )
+        parser.add_argument(
+            "--flags-only",
+            help="Only print options starting with -",
+            default=False,
+            action="store_true",
+        )
+        cli_app, args = parser.parse_known_args(argv)
+        main_choices = {c.name: (c, c.help) for c in app.registered_commands}
+        choices = {}
+        if args and args[0] == "freva-databrowser":
+            _ = args.pop(0)
+        if args[0] in main_choices:
+            signature = inspect.signature(
+                cast(Callable[..., Any], main_choices[args[0]][0].callback)
+            )
+            for param, value in signature.parameters.items():
+                if param in args or param == "search_keys":
+                    continue
+                if hasattr(value.annotation, "__metadata__"):
+                    option = value.annotation.__metadata__
+                else:
+                    option = value.default
+                choices[option.param_decls[-1]] = option.help
+        else:
+            choices = {k: v[1] for k, v in main_choices.items()}
+        return cls(
+            args,
+            choices,
+            shell=cli_app.shell,
+            strip=cli_app.strip,
+            flags_only=cli_app.flags_only,
+        )

freva_client/cli/cli_utils.py

@@ -1,12 +1,20 @@
 """Utilities for the command line interface."""
 
-import argparse
-import inspect
-from typing import Any, Callable, Dict, List, Optional, Tuple, cast
+from typing import Dict, List
 
-from freva_client import databrowser
-from freva_client.cli.cli_app import app
+import typer
+from freva_client import __version__
 from freva_client.utils import logger
+from rich import print as pprint
+
+APP_NAME: str = "freva-client"
+
+
+def version_callback(version: bool) -> None:
+    """Print the version and exit."""
+    if version:
+        pprint(f"{APP_NAME}: {__version__}")
+        raise typer.Exit()
 
 
 def parse_cli_args(cli_args: List[str]) -> Dict[str, List[str]]:
@@ -21,145 +29,3 @@ def parse_cli_args(cli_args: List[str]) -> Dict[str, List[str]]:
             kwargs[key].append(value)
     logger.debug(kwargs)
     return kwargs
-
-
-class Completer:
-    """Base class for command line argument completers."""
-
-    def __init__(
-        self,
-        argv: List[str],
-        choices: Optional[Dict[str, Tuple[str, str]]] = None,
-        shell: str = "bash",
-        strip: bool = False,
-        flags_only: bool = False,
-    ):
-        self.choices = choices or {}
-        self.strip = strip
-        self.argv = argv
-        self.flags_only = flags_only
-        if shell == "zsh":
-            self.get_print = self._print_zsh
-        elif shell == "fish":
-            self.get_print = self._print_fish
-        else:
-            self.get_print = self._print_default
-
-    def _print_zsh(self, choices: Dict[str, Tuple[str, str]]) -> List[str]:
-        out = []
-        for key, _help in choices.items():
-            if key.startswith("-"):
-                out.append(f"{key}[{_help}]")
-            else:
-                out.append(f"{key}: {_help}")
-        return out
-
-    def _print_fish(self, choices: Dict[str, Tuple[str, str]]) -> List[str]:
-        out = []
-        for key, _help in choices.items():
-            out.append(f"{key}: {_help}")
-        return out
-
-    def _print_default(self, choices: Dict[str, Tuple[str, str]]) -> List[str]:
-        out = []
-        for key, _help in choices.items():
-            if not key.startswith("-"):
-                out.append(f"{key}: {_help}")
-            else:
-                out.append(key)
-        return out
-
-    def _get_choices(self) -> Dict[str, Tuple[str, str]]:
-        """Get the choices for databrowser command."""
-
-        facet_args = []
-        for arg in self.argv:
-            if len(arg.split("=")) == 2:
-                facet_args.append(arg)
-        search_keys = parse_cli_args(facet_args)
-        search = databrowser.metadata_search(
-            flavour="freva",
-            time=None,
-            host=None,
-            time_select="flexible",
-            multiversion=False,
-            extended_search=True,
-            fail_on_error=False,
-            **search_keys,
-        )
-        choices = {}
-        for att, values in search.items():
-            if att not in search_keys:
-                keys = ",".join([v for n, v in enumerate(values)])
-                choices[att] = (keys, "")
-        return choices
-
-    @property
-    def command_choices(self) -> Dict[str, Tuple[str, str]]:
-        """Get the command line arguments for all sub commands."""
-
-        if self.flags_only:
-            return self.choices
-        choices = self._get_choices()
-        return {**self.choices, **choices}
-
-    def formated_print(self) -> None:
-        """Print all choices to be processed by the shell completion function."""
-
-        out = self.get_print(self.command_choices)
-        for line in out:
-            if line.startswith("-") and self.strip and not self.flags_only:
-                continue
-            if not line.startswith("-") and self.flags_only:
-                continue
-            print(line)
-
-    @classmethod
-    def parse_choices(cls, argv: list[str]) -> "Completer":
-        """Create the completion choices from given cmd arguments."""
-        parser = argparse.ArgumentParser(
-            description="Get choices for command line arguments"
-        )
-        parser.add_argument(
-            "--strip",
-            help="Do not print options starting with -",
-            default=False,
-            action="store_true",
-        )
-        parser.add_argument(
-            "--shell",
-            help="Set the target shell type.",
-            default=False,
-        )
-        parser.add_argument(
-            "--flags-only",
-            help="Only print options starting with -",
-            default=False,
-            action="store_true",
-        )
-        cli_app, args = parser.parse_known_args(argv)
-        main_choices = {c.name: (c, c.help) for c in app.registered_commands}
-        choices = {}
-        if args and args[0] == "freva-databrowser":
-            _ = args.pop(0)
-        if args[0] in main_choices:
-            signature = inspect.signature(
-                cast(Callable[..., Any], main_choices[args[0]][0].callback)
-            )
-            for param, value in signature.parameters.items():
-                if param in args or param == "search_keys":
-                    continue
-                if hasattr(value.annotation, "__metadata__"):
-                    option = value.annotation.__metadata__
-                else:
-                    option = value.default
-                choices[option.param_decls[-1]] = option.help
-        else:
-            choices = {k: v[1] for k, v in main_choices.items()}
-        return cls(
-            args,
-            choices,
-            shell=cli_app.shell,
-            strip=cli_app.strip,
-            flags_only=cli_app.flags_only,
-        )