ibm-cloud-sdk-core 3.19.1__tar.gz → 3.20.0__tar.gz

{ibm-cloud-sdk-core-3.19.1/ibm_cloud_sdk_core.egg-info → ibm-cloud-sdk-core-3.20.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ibm-cloud-sdk-core
-Version: 3.19.1
+Version: 3.20.0
 Summary: Core library used by SDKs for IBM Cloud Services
 Home-page: https://github.com/IBM/python-sdk-core
 Author: IBM
@@ -29,7 +29,7 @@ License-File: LICENSE
 [![CLA assistant](https://cla-assistant.io/readme/badge/ibm/python-sdk-core)](https://cla-assistant.io/ibm/python-sdk-core)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-# IBM Python SDK Core Version 3.19.1
+# IBM Python SDK Core Version 3.20.0
 This project contains core functionality required by Python code generated by the IBM Cloud OpenAPI SDK Generator
 (openapi-sdkgen).
 

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/README.md

@@ -4,7 +4,7 @@
 [![CLA assistant](https://cla-assistant.io/readme/badge/ibm/python-sdk-core)](https://cla-assistant.io/ibm/python-sdk-core)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-# IBM Python SDK Core Version 3.19.1
+# IBM Python SDK Core Version 3.20.0
 This project contains core functionality required by Python code generated by the IBM Cloud OpenAPI SDK Generator
 (openapi-sdkgen).
 

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/api_exception.py

@@ -54,7 +54,7 @@ class ApiException(Exception):
         """The old `code` property with a deprecation warning."""
 
         warnings.warn(
-            'Using the `code` attribute on the `ApiException` is deprecated and'
+            'Using the `code` attribute on the `ApiException` is deprecated and '
             'will be removed in the future. Use `status_code` instead.',
             DeprecationWarning,
         )

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/base_service.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2019 IBM All Rights Reserved.
+# Copyright 2019, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,7 +18,6 @@ import gzip
 import io
 import json as json_import
 import logging
-import platform
 from http.cookiejar import CookieJar
 from os.path import basename
 from typing import Dict, List, Optional, Tuple, Union
@@ -42,7 +41,7 @@ from .utils import (
     SSLHTTPAdapter,
     GzipStream,
 )
-from .version import __version__
+from .private_helpers import _build_user_agent
 
 # Uncomment this to enable http debugging
 # import http.client as http_client
@@ -82,7 +81,6 @@ class BaseService:
         ValueError: If Authenticator is not provided or invalid type.
     """
 
-    SDK_NAME = 'ibm-python-sdk-core'
     ERROR_MSG_DISABLE_SSL = (
         'The connection failed because the SSL certificate is not valid. To use a self-signed '
         'certificate, disable verification of the server\'s SSL certificate by invoking the '
@@ -106,7 +104,7 @@ class BaseService:
         self.disable_ssl_verification = disable_ssl_verification
         self.default_headers = None
         self.enable_gzip_compression = enable_gzip_compression
-        self._set_user_agent_header(self._build_user_agent())
+        self._set_user_agent_header(_build_user_agent())
         self.retry_config = None
         self.http_adapter = SSLHTTPAdapter(_disable_ssl_verification=self.disable_ssl_verification)
         if not self.authenticator:
@@ -151,15 +149,6 @@ class BaseService:
         self.http_client.mount('http://', self.http_adapter)
         self.http_client.mount('https://', self.http_adapter)
 
-    @staticmethod
-    def _get_system_info() -> str:
-        return '{0} {1} {2}'.format(
-            platform.system(), platform.release(), platform.python_version()  # OS  # OS version  # Python version
-        )
-
-    def _build_user_agent(self) -> str:
-        return '{0}-{1} {2}'.format(self.SDK_NAME, __version__, self._get_system_info())
-
     def configure_service(self, service_name: str) -> None:
         """Look for external configuration of a service. Set service properties.
 

ibm-cloud-sdk-core-3.20.0/ibm_cloud_sdk_core/private_helpers.py

@@ -0,0 +1,34 @@
+# coding: utf-8
+
+# Copyright 2024 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# from ibm_cloud_sdk_core.authenticators import Authenticator
+
+import platform
+from .version import __version__
+
+SDK_NAME = 'ibm-python-sdk-core'
+
+
+def _get_system_info() -> str:
+    return 'os.name={0} os.version={1} python.version={2}'.format(
+        platform.system(), platform.release(), platform.python_version()
+    )
+
+
+def _build_user_agent(component: str = None) -> str:
+    sub_component = ""
+    if component is not None:
+        sub_component = '/{0}'.format(component)
+    return '{0}{1}-{2} {3}'.format(SDK_NAME, sub_component, __version__, _get_system_info())

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/token_managers/container_token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2021 IBM All Rights Reserved.
+# Copyright 2021, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,6 +18,7 @@ import logging
 from typing import Dict, Optional
 
 from .iam_request_based_token_manager import IAMRequestBasedTokenManager
+from ..private_helpers import _build_user_agent
 
 
 logger = logging.getLogger(__name__)
@@ -111,6 +112,7 @@ class ContainerTokenManager(IAMRequestBasedTokenManager):
         self.iam_profile_id = iam_profile_id
 
         self.request_payload['grant_type'] = 'urn:ibm:params:oauth:grant-type:cr-token'
+        self._set_user_agent(_build_user_agent('container-authenticator'))
 
     def retrieve_cr_token(self) -> str:
         """Retrieves the CR token for the current compute resource by reading it from the local file system.

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/token_managers/cp4d_token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2019 IBM All Rights Reserved.
+# Copyright 2019, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
 import json
 from typing import Dict, Optional
 
+from ..private_helpers import _build_user_agent
 from .jwt_token_manager import JWTTokenManager
 
 
@@ -76,12 +77,21 @@ class CP4DTokenManager(JWTTokenManager):
         self.headers['Content-Type'] = 'application/json'
         self.proxies = proxies
         super().__init__(url, disable_ssl_verification=disable_ssl_verification, token_name=self.TOKEN_NAME)
+        self._set_user_agent(_build_user_agent('cp4d-authenticator'))
 
     def request_token(self) -> dict:
         """Makes a request for a token."""
+        required_headers = {
+            'User-Agent': self.user_agent,
+        }
+        request_headers = {}
+        if self.headers is not None and isinstance(self.headers, dict):
+            request_headers.update(self.headers)
+        request_headers.update(required_headers)
+
         response = self._request(
             method='POST',
-            headers=self.headers,
+            headers=request_headers,
             url=self.url,
             data=json.dumps({"username": self.username, "password": self.password, "api_key": self.apikey}),
             proxies=self.proxies,

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/token_managers/iam_request_based_token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2019 IBM All Rights Reserved.
+# Copyright 2019, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -63,6 +63,7 @@ class IAMRequestBasedTokenManager(JWTTokenManager):
 
     DEFAULT_IAM_URL = 'https://iam.cloud.ibm.com'
     OPERATION_PATH = "/identity/token"
+    IAM_EXPIRATION_WINDOW = 10
 
     def __init__(
         self,
@@ -97,9 +98,15 @@ class IAMRequestBasedTokenManager(JWTTokenManager):
         Returns:
              A dictionary containing the bearer token to be subsequently used service requests.
         """
-        headers = {'Content-type': 'application/x-www-form-urlencoded', 'Accept': 'application/json'}
+        required_headers = {
+            'Content-Type': 'application/x-www-form-urlencoded',
+            'Accept': 'application/json',
+            'User-Agent': self._get_user_agent(),
+        }
+        request_headers = {}
         if self.headers is not None and isinstance(self.headers, dict):
-            headers.update(self.headers)
+            request_headers.update(self.headers)
+        request_headers.update(required_headers)
 
         data = dict(self.request_payload)
 
@@ -114,7 +121,7 @@ class IAMRequestBasedTokenManager(JWTTokenManager):
         response = self._request(
             method='POST',
             url=(self.url + self.OPERATION_PATH) if self.url else self.url,
-            headers=headers,
+            headers=request_headers,
             data=data,
             auth_tuple=auth_tuple,
             proxies=self.proxies,
@@ -167,3 +174,19 @@ class IAMRequestBasedTokenManager(JWTTokenManager):
             value: A space seperated string that makes up the scope parameter.
         """
         self.scope = value
+
+    def _is_token_expired(self) -> bool:
+        """
+        Returns true iff the current cached token is expired.
+        We'll consider an access token as expired when we reach its IAM server-reported expiration time
+        minus our expiration window (10 secs).
+        We do this to avoid using an access token that might expire in the middle of a long-running transaction
+        within an IBM Cloud service.
+
+        Returns
+        -------
+        bool
+            True if token is expired; False otherwise
+        """
+        current_time = self._get_current_time()
+        return current_time >= (self.expire_time - self.IAM_EXPIRATION_WINDOW)

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/token_managers/iam_token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2019 IBM All Rights Reserved.
+# Copyright 2019, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
 from typing import Dict, Optional
 
 from .iam_request_based_token_manager import IAMRequestBasedTokenManager
+from ..private_helpers import _build_user_agent
 
 
 class IAMTokenManager(IAMRequestBasedTokenManager):
@@ -88,3 +89,5 @@ class IAMTokenManager(IAMRequestBasedTokenManager):
         self.request_payload['grant_type'] = 'urn:ibm:params:oauth:grant-type:apikey'
         self.request_payload['apikey'] = self.apikey
         self.request_payload['response_type'] = 'cloud_iam'
+
+        self._set_user_agent(_build_user_agent('iam-authenticator'))

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/token_managers/mcsp_token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2023 IBM All Rights Reserved.
+# Copyright 2023, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
 import json
 from typing import Dict, Optional
 
+from ..private_helpers import _build_user_agent
 from .jwt_token_manager import JWTTokenManager
 
 
@@ -55,12 +56,21 @@ class MCSPTokenManager(JWTTokenManager):
         self.headers['Accept'] = 'application/json'
         self.proxies = proxies
         super().__init__(url, disable_ssl_verification=disable_ssl_verification, token_name=self.TOKEN_NAME)
+        self._set_user_agent(_build_user_agent('mcsp-authenticator'))
 
     def request_token(self) -> dict:
         """Makes a request for a token."""
+        required_headers = {
+            'User-Agent': self.user_agent,
+        }
+        request_headers = {}
+        if self.headers is not None and isinstance(self.headers, dict):
+            request_headers.update(self.headers)
+        request_headers.update(required_headers)
+
         response = self._request(
             method='POST',
-            headers=self.headers,
+            headers=request_headers,
             url=self.url + self.OPERATION_PATH,
             data=json.dumps({"apikey": self.apikey}),
             proxies=self.proxies,

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/token_managers/token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2020 IBM All Rights Reserved.
+# Copyright 2020, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -49,6 +49,7 @@ class TokenManager(ABC):
         lock (Lock): Lock variable to serialize access to refresh/request times
         http_config (dict): A dictionary containing values that control the timeout, proxies, and etc of HTTP requests.
         access_token (str): The latest stored access token
+        user_agent (str): The User-Agent header value to be included in each outbound token request
     """
 
     def __init__(self, url: str, *, disable_ssl_verification: bool = False):
@@ -60,6 +61,7 @@ class TokenManager(ABC):
         self.lock = Lock()
         self.http_config = {}
         self.access_token = None
+        self.user_agent = None
 
     def get_token(self) -> str:
         """Get a token to be used for authentication.
@@ -95,6 +97,12 @@ class TokenManager(ABC):
         else:
             raise TypeError('status must be a bool')
 
+    def _set_user_agent(self, user_agent: str = None) -> None:
+        self.user_agent = user_agent
+
+    def _get_user_agent(self) -> str:
+        return self.user_agent
+
     def paced_request_token(self) -> None:
         """
         Paces requests to request_token.

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core/token_managers/vpc_instance_token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2021, 2023 IBM All Rights Reserved.
+# Copyright 2021, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,6 +18,7 @@ import json
 import logging
 from typing import Optional
 
+from ..private_helpers import _build_user_agent
 from .jwt_token_manager import JWTTokenManager
 
 
@@ -55,6 +56,7 @@ class VPCInstanceTokenManager(JWTTokenManager):
     METADATA_SERVICE_VERSION = '2022-03-01'
     DEFAULT_IMS_ENDPOINT = 'http://169.254.169.254'
     TOKEN_NAME = 'access_token'
+    IAM_EXPIRATION_WINDOW = 10
 
     def __init__(
         self, iam_profile_crn: Optional[str] = None, iam_profile_id: Optional[str] = None, url: Optional[str] = None
@@ -63,6 +65,7 @@ class VPCInstanceTokenManager(JWTTokenManager):
             url = self.DEFAULT_IMS_ENDPOINT
 
         super().__init__(url, token_name=self.TOKEN_NAME)
+        self._set_user_agent(_build_user_agent('vpc-instance-authenticator'))
 
         self.iam_profile_crn = iam_profile_crn
         self.iam_profile_id = iam_profile_id
@@ -91,6 +94,7 @@ class VPCInstanceTokenManager(JWTTokenManager):
             'Content-Type': 'application/json',
             'Accept': 'application/json',
             'Authorization': 'Bearer ' + instance_identity_token,
+            'User-Agent': self._get_user_agent(),
         }
 
         logger.debug('Invoking VPC \'create_iam_token\' operation: %s', url)
@@ -137,6 +141,7 @@ class VPCInstanceTokenManager(JWTTokenManager):
             'Content-type': 'application/json',
             'Accept': 'application/json',
             'Metadata-Flavor': 'ibm',
+            'User-Agent': self._get_user_agent(),
         }
 
         request_body = {'expires_in': 300}
@@ -152,3 +157,19 @@ class VPCInstanceTokenManager(JWTTokenManager):
         logger.debug('Returned from VPC \'create_access_token\' operation."')
 
         return response['access_token']
+
+    def _is_token_expired(self) -> bool:
+        """
+        Returns true iff the current cached token is expired.
+        We'll consider an access token as expired when we reach its IAM server-reported expiration time
+        minus our expiration window (10 secs).
+        We do this to avoid using an access token that might expire in the middle of a long-running transaction
+        within an IBM Cloud service.
+
+        Returns
+        -------
+        bool
+            True if token is expired; False otherwise
+        """
+        current_time = self._get_current_time()
+        return current_time >= (self.expire_time - self.IAM_EXPIRATION_WINDOW)

ibm-cloud-sdk-core-3.20.0/ibm_cloud_sdk_core/version.py

@@ -0,0 +1 @@
+__version__ = '3.20.0'

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0/ibm_cloud_sdk_core.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ibm-cloud-sdk-core
-Version: 3.19.1
+Version: 3.20.0
 Summary: Core library used by SDKs for IBM Cloud Services
 Home-page: https://github.com/IBM/python-sdk-core
 Author: IBM
@@ -29,7 +29,7 @@ License-File: LICENSE
 [![CLA assistant](https://cla-assistant.io/readme/badge/ibm/python-sdk-core)](https://cla-assistant.io/ibm/python-sdk-core)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-# IBM Python SDK Core Version 3.19.1
+# IBM Python SDK Core Version 3.20.0
 This project contains core functionality required by Python code generated by the IBM Cloud OpenAPI SDK Generator
 (openapi-sdkgen).
 

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/ibm_cloud_sdk_core.egg-info/SOURCES.txt

@@ -10,6 +10,7 @@ ibm_cloud_sdk_core/api_exception.py
 ibm_cloud_sdk_core/base_service.py
 ibm_cloud_sdk_core/detailed_response.py
 ibm_cloud_sdk_core/get_authenticator.py
+ibm_cloud_sdk_core/private_helpers.py
 ibm_cloud_sdk_core/utils.py
 ibm_cloud_sdk_core/version.py
 ibm_cloud_sdk_core.egg-info/PKG-INFO

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/requirements-dev.txt

@@ -3,4 +3,4 @@ pylint>=3.0.0,<4.0.0
 pytest>=7.4.2,<8.0.0
 pytest-cov>=4.1.0,<5.0.0
 responses>=0.23.3,<1.0.0
-black>=23.9.1
+black>=24.0.0,<25.0.0

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/setup.py

@@ -19,7 +19,7 @@ import pkg_resources
 from setuptools import setup, find_packages
 from setuptools.command.test import test as TestCommand
 
-__version__ = '3.19.1'
+__version__ = '3.20.0'
 
 if sys.argv[-1] == 'publish':
     # test server

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/test/test_base_service.py

@@ -1,5 +1,21 @@
-# coding=utf-8
+# coding: utf-8
+
+# Copyright 2019, 2024 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # pylint: disable=missing-docstring,protected-access,too-few-public-methods,too-many-lines
+
 import gzip
 import json
 import os
@@ -802,7 +818,7 @@ def test_user_agent_header():
     service = AnyServiceV1('2018-11-20', authenticator=NoAuthAuthenticator())
     user_agent_header = service.user_agent_header
     assert user_agent_header is not None
-    assert user_agent_header['User-Agent'] is not None
+    assert user_agent_header['User-Agent'].startswith('ibm-python-sdk-core-')
 
     responses.add(responses.GET, 'https://gateway.watsonplatform.net/test/api', status=200, body='some text')
     prepped = service.prepare_request('GET', url='', headers={'user-agent': 'my_user_agent'})

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/test/test_container_token_manager.py

@@ -1,3 +1,19 @@
+# coding: utf-8
+
+# Copyright 2021, 2024 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # pylint: disable=missing-docstring
 import json
 import os
@@ -17,6 +33,7 @@ TEST_REFRESH_TOKEN = 'Xj7Gle500MachEOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI
 MOCK_IAM_PROFILE_NAME = 'iam-user-123'
 MOCK_CLIENT_ID = 'client-id-1'
 MOCK_CLIENT_SECRET = 'client-secret-1'
+EXPIRATION_WINDOW = 10
 
 cr_token_file = os.path.join(os.path.dirname(__file__), '../resources/cr-token.txt')
 
@@ -94,6 +111,9 @@ def test_request_token_auth_default():
     assert len(responses.calls) == 1
     assert responses.calls[0].request.url == iam_url
     assert responses.calls[0].request.headers.get('Authorization') is None
+    assert (
+        responses.calls[0].request.headers.get('User-Agent').startswith('ibm-python-sdk-core/container-authenticator')
+    )
     assert json.loads(responses.calls[0].response.text)['access_token'] == TEST_ACCESS_TOKEN_1
 
 
@@ -169,18 +189,22 @@ def test_get_token_success():
     assert access_token == TEST_ACCESS_TOKEN_1
     assert token_manager.access_token == TEST_ACCESS_TOKEN_1
 
-    # Verify the token manager return the cached value.
-    # Before we call the `get_token` again, set the expiration and time.
-    # This is necessary because we are using a fix JWT response.
-    token_manager.expire_time = _get_current_time() + 3600
-    token_manager.refresh_time = _get_current_time() + 3600
+    # Verify that the token manager returns the cached value.
+    # Before we call `get_token` again, set the expiration and refresh time
+    # so that we do not fetch a new access token.
+    # This is necessary because we are using a fixed JWT response.
+    token_manager.expire_time = _get_current_time() + 1000
+    token_manager.refresh_time = _get_current_time() + 1000
     token_manager.set_scope('send-second-token')
     access_token = token_manager.get_token()
     assert access_token == TEST_ACCESS_TOKEN_1
     assert token_manager.access_token == TEST_ACCESS_TOKEN_1
 
     # Force expiration to get the second token.
-    token_manager.expire_time = _get_current_time() - 1
+    # We'll set the expiration time to be current-time + EXPIRATION_WINDOW (10 secs)
+    # because we want the access token to be considered as "expired"
+    # when we reach the IAM-server reported expiration time minus 10 secs.
+    token_manager.expire_time = _get_current_time() + EXPIRATION_WINDOW
     access_token = token_manager.get_token()
     assert access_token == TEST_ACCESS_TOKEN_2
     assert token_manager.access_token == TEST_ACCESS_TOKEN_2
@@ -206,17 +230,21 @@ def test_authenticate_success():
     authenticator.authenticate(request)
     assert request['headers']['Authorization'] == 'Bearer ' + TEST_ACCESS_TOKEN_1
 
-    # Verify the token manager return the cached value.
-    # Before we call the `get_token` again, set the expiration and time.
-    # This is necessary because we are using a fix JWT response.
-    authenticator.token_manager.expire_time = _get_current_time() + 3600
-    authenticator.token_manager.refresh_time = _get_current_time() + 3600
+    # Verify that the token manager returns the cached value.
+    # Before we call `get_token` again, set the expiration and refresh time
+    # so that we do not fetch a new access token.
+    # This is necessary because we are using a fixed JWT response.
+    authenticator.token_manager.expire_time = _get_current_time() + 1000
+    authenticator.token_manager.refresh_time = _get_current_time() + 1000
     authenticator.token_manager.set_scope('send-second-token')
     authenticator.authenticate(request)
     assert request['headers']['Authorization'] == 'Bearer ' + TEST_ACCESS_TOKEN_1
 
     # Force expiration to get the second token.
-    authenticator.token_manager.expire_time = _get_current_time() - 1
+    # We'll set the expiration time to be current-time + EXPIRATION_WINDOW (10 secs)
+    # because we want the access token to be considered as "expired"
+    # when we reach the IAM-server reported expiration time minus 10 secs.
+    authenticator.token_manager.expire_time = _get_current_time() + EXPIRATION_WINDOW
     authenticator.authenticate(request)
     assert request['headers']['Authorization'] == 'Bearer ' + TEST_ACCESS_TOKEN_2
 

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/test/test_cp4d_token_manager.py

@@ -1,3 +1,19 @@
+# coding: utf-8
+
+# Copyright 2019, 2024 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # pylint: disable=missing-docstring
 import json
 import time
@@ -38,6 +54,7 @@ def test_request_token():
 
     assert len(responses.calls) == 1
     assert responses.calls[0].request.url == url + '/v1/authorize'
+    assert responses.calls[0].request.headers.get('User-Agent').startswith('ibm-python-sdk-core/cp4d-authenticator')
     assert token == access_token
 
     token_manager = CP4DTokenManager("username", "password", url + '/v1/authorize')

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/test/test_iam_token_manager.py

@@ -1,3 +1,19 @@
+# coding: utf-8
+
+# Copyright 2019, 2024 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # pylint: disable=missing-docstring
 import os
 import time
@@ -8,6 +24,16 @@ import responses
 
 from ibm_cloud_sdk_core import IAMTokenManager, ApiException, get_authenticator_from_environment
 
+# pylint: disable=line-too-long
+TEST_ACCESS_TOKEN_1 = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImhlbGxvIiwicm9sZSI6InVzZXIiLCJwZXJtaXNzaW9ucyI6WyJhZG1pbmlzdHJhdG9yIiwiZGVwbG95bWVudF9hZG1pbiJdLCJzdWIiOiJoZWxsbyIsImlzcyI6IkpvaG4iLCJhdWQiOiJEU1giLCJ1aWQiOiI5OTkiLCJpYXQiOjE1NjAyNzcwNTEsImV4cCI6MTU2MDI4MTgxOSwianRpIjoiMDRkMjBiMjUtZWUyZC00MDBmLTg2MjMtOGNkODA3MGI1NDY4In0.cIodB4I6CCcX8vfIImz7Cytux3GpWyObt9Gkur5g1QI'
+TEST_ACCESS_TOKEN_2 = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6IjIzMDQ5ODE1MWMyMTRiNzg4ZGQ5N2YyMmI4NTQxMGE1In0.eyJ1c2VybmFtZSI6ImR1bW15Iiwicm9sZSI6IkFkbWluIiwicGVybWlzc2lvbnMiOlsiYWRtaW5pc3RyYXRvciIsIm1hbmFnZV9jYXRhbG9nIl0sInN1YiI6ImFkbWluIiwiaXNzIjoic3NzIiwiYXVkIjoic3NzIiwidWlkIjoic3NzIiwiaWF0IjozNjAwLCJleHAiOjE2MjgwMDcwODF9.zvUDpgqWIWs7S1CuKv40ERw1IZ5FqSFqQXsrwZJyfRM'
+TEST_REFRESH_TOKEN = 'Xj7Gle500MachEOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImhlbGxvIiwicm9sZSI6InVzZXIiLCJwZXJtaXNzaW9ucyI6WyJhZG1pbmlzdHJhdG9yIiwiZGVwbG95bWVudF9hZG1pbiJdLCJzdWIiOiJoZWxsbyIsImlzcyI6IkpvaG4iLCJhdWQiOiJEU1giLCJ1aWQiOiI5OTkiLCJpYXQiOjE1NjAyNzcwNTEsImV4cCI6MTU2MDI4MTgxOSwianRpIjoiMDRkMjBiMjUtZWUyZC00MDBmLTg2MjMtOGNkODA3MGI1NDY4In0.cIodB4I6CCcX8vfIImz7Cytux3GpWyObt9Gkur5g1QI'
+EXPIRATION_WINDOW = 10
+
+
+def _get_current_time() -> int:
+    return int(time.time())
+
 
 def get_access_token() -> str:
     access_token_layout = {
@@ -46,6 +72,7 @@ def test_request_token_auth_default():
     assert len(responses.calls) == 1
     assert responses.calls[0].request.url == iam_url
     assert responses.calls[0].request.headers.get('Authorization') is None
+    assert responses.calls[0].request.headers.get('User-Agent').startswith('ibm-python-sdk-core/iam-authenticator')
     assert responses.calls[0].response.text == response
 
 
@@ -268,6 +295,62 @@ def test_request_token_auth_in_setter_scope():
     assert 'scope=john+snow' in responses.calls[0].response.request.body
 
 
+@responses.activate
+def test_get_token_success():
+    iam_url = "https://iam.cloud.ibm.com/identity/token"
+
+    # Create two mock responses with different access tokens.
+    response1 = """{
+        "access_token": "%s",
+        "token_type": "Bearer",
+        "expires_in": 3600,
+        "expiration": 1600003600,
+        "refresh_token": "jy4gl91BQ"
+    }""" % (
+        TEST_ACCESS_TOKEN_1
+    )
+    response2 = """{
+        "access_token": "%s",
+        "token_type": "Bearer",
+        "expires_in": 3600,
+        "expiration": 1600007200,
+        "refresh_token": "jy4gl91BQ"
+    }""" % (
+        TEST_ACCESS_TOKEN_2
+    )
+
+    token_manager = IAMTokenManager("iam_apikey")
+
+    access_token = token_manager.access_token
+    assert access_token is None
+
+    responses.add(responses.POST, url=iam_url, body=response1, status=200)
+    access_token = token_manager.get_token()
+    assert access_token == TEST_ACCESS_TOKEN_1
+    assert token_manager.access_token == TEST_ACCESS_TOKEN_1
+
+    # Verify that the token manager returns the cached value.
+    # Before we call `get_token` again, set the expiration and refresh time
+    # so that we do not fetch a new access token.
+    # This is necessary because we are using a fixed JWT response.
+    token_manager.expire_time = _get_current_time() + 1000
+    token_manager.refresh_time = _get_current_time() + 1000
+    access_token = token_manager.get_token()
+    assert access_token == TEST_ACCESS_TOKEN_1
+    assert token_manager.access_token == TEST_ACCESS_TOKEN_1
+
+    # Force expiration to get the second token.
+    # We'll set the expiration time to be current-time + EXPIRATION_WINDOW (10 secs)
+    # because we want the access token to be considered as "expired"
+    # when we reach the IAM-server reported expiration time minus 10 secs.
+    responses.add(responses.POST, url=iam_url, body=response2, status=200)
+    token_manager.expire_time = _get_current_time() + EXPIRATION_WINDOW
+    token_manager.refresh_time = _get_current_time() + 1000
+    access_token = token_manager.get_token()
+    assert access_token == TEST_ACCESS_TOKEN_2
+    assert token_manager.access_token == TEST_ACCESS_TOKEN_2
+
+
 @responses.activate
 def test_get_refresh_token():
     iam_url = "https://iam.cloud.ibm.com/identity/token"

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/test/test_mcsp_token_manager.py

@@ -1,3 +1,19 @@
+# coding: utf-8
+
+# Copyright 2023, 2024 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # pylint: disable=missing-docstring
 import json
 import time
@@ -45,6 +61,7 @@ def test_request_token():
 
     assert len(responses.calls) == 1
     assert responses.calls[0].request.url == MOCK_URL + OPERATION_PATH
+    assert responses.calls[0].request.headers.get('User-Agent').startswith('ibm-python-sdk-core/mcsp-authenticator')
     assert token == access_token
 
 

{ibm-cloud-sdk-core-3.19.1 → ibm-cloud-sdk-core-3.20.0}/test/test_vpc_instance_token_manager.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2021 IBM All Rights Reserved.
+# Copyright 2021, 2024 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
 # pylint: disable=missing-docstring
 import json
 import logging
+import time
 
 import pytest
 import responses
@@ -25,11 +26,17 @@ from ibm_cloud_sdk_core import ApiException, VPCInstanceTokenManager
 
 
 # pylint: disable=line-too-long
-TEST_ACCESS_TOKEN = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImhlbGxvIiwicm9sZSI6InVzZXIiLCJwZXJtaXNzaW9ucyI6WyJhZG1pbmlzdHJhdG9yIiwiZGVwbG95bWVudF9hZG1pbiJdLCJzdWIiOiJoZWxsbyIsImlzcyI6IkpvaG4iLCJhdWQiOiJEU1giLCJ1aWQiOiI5OTkiLCJpYXQiOjE1NjAyNzcwNTEsImV4cCI6MTU2MDI4MTgxOSwianRpIjoiMDRkMjBiMjUtZWUyZC00MDBmLTg2MjMtOGNkODA3MGI1NDY4In0.cIodB4I6CCcX8vfIImz7Cytux3GpWyObt9Gkur5g1QI'
+TEST_ACCESS_TOKEN_1 = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImhlbGxvIiwicm9sZSI6InVzZXIiLCJwZXJtaXNzaW9ucyI6WyJhZG1pbmlzdHJhdG9yIiwiZGVwbG95bWVudF9hZG1pbiJdLCJzdWIiOiJoZWxsbyIsImlzcyI6IkpvaG4iLCJhdWQiOiJEU1giLCJ1aWQiOiI5OTkiLCJpYXQiOjE1NjAyNzcwNTEsImV4cCI6MTU2MDI4MTgxOSwianRpIjoiMDRkMjBiMjUtZWUyZC00MDBmLTg2MjMtOGNkODA3MGI1NDY4In0.cIodB4I6CCcX8vfIImz7Cytux3GpWyObt9Gkur5g1QI'
+TEST_ACCESS_TOKEN_2 = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6IjIzMDQ5ODE1MWMyMTRiNzg4ZGQ5N2YyMmI4NTQxMGE1In0.eyJ1c2VybmFtZSI6ImR1bW15Iiwicm9sZSI6IkFkbWluIiwicGVybWlzc2lvbnMiOlsiYWRtaW5pc3RyYXRvciIsIm1hbmFnZV9jYXRhbG9nIl0sInN1YiI6ImFkbWluIiwiaXNzIjoic3NzIiwiYXVkIjoic3NzIiwidWlkIjoic3NzIiwiaWF0IjozNjAwLCJleHAiOjE2MjgwMDcwODF9.zvUDpgqWIWs7S1CuKv40ERw1IZ5FqSFqQXsrwZJyfRM'
 TEST_TOKEN = 'abc123'
 TEST_IAM_TOKEN = 'iam-abc123'
 TEST_IAM_PROFILE_CRN = 'crn:iam-profile:123'
 TEST_IAM_PROFILE_ID = 'iam-id-123'
+EXPIRATION_WINDOW = 10
+
+
+def _get_current_time() -> int:
+    return int(time.time())
 
 
 def test_constructor():
@@ -78,6 +85,7 @@ def test_retrieve_instance_identity_token(caplog):
     assert responses.calls[0].request.headers['Content-Type'] == 'application/json'
     assert responses.calls[0].request.headers['Accept'] == 'application/json'
     assert responses.calls[0].request.headers['Metadata-Flavor'] == 'ibm'
+    assert responses.calls[0].request.headers['User-Agent'].startswith('ibm-python-sdk-core/vpc-instance-authenticator')
     assert responses.calls[0].request.params['version'] == '2022-03-01'
     assert responses.calls[0].request.body == '{"expires_in": 300}'
     assert ii_token == TEST_TOKEN
@@ -144,6 +152,7 @@ def test_request_token_with_crn(caplog):
     assert responses.calls[0].request.headers['Content-Type'] == 'application/json'
     assert responses.calls[0].request.headers['Accept'] == 'application/json'
     assert responses.calls[0].request.headers['Authorization'] == 'Bearer ' + TEST_TOKEN
+    assert responses.calls[0].request.headers['User-Agent'].startswith('ibm-python-sdk-core/vpc-instance-authenticator')
     assert responses.calls[0].request.body == '{"trusted_profile": {"crn": "crn:iam-profile:123"}}'
     assert responses.calls[0].request.params['version'] == '2022-03-01'
     # Check the logs.
@@ -272,7 +281,7 @@ def test_access_token():
         'access_token': TEST_TOKEN,
     }
     response_iam = {
-        'access_token': TEST_ACCESS_TOKEN,
+        'access_token': TEST_ACCESS_TOKEN_1,
     }
 
     responses.add(
@@ -290,6 +299,54 @@ def test_access_token():
     assert token_manager.refresh_time == 0
 
     token_manager.get_token()
-    assert token_manager.access_token == TEST_ACCESS_TOKEN
+    assert token_manager.access_token == TEST_ACCESS_TOKEN_1
     assert token_manager.expire_time > 0
     assert token_manager.refresh_time > 0
+
+
+@responses.activate
+def test_get_token_success():
+    token_manager = VPCInstanceTokenManager()
+
+    # Mock the retrieve instance identity token method.
+    def mock_retrieve_instance_identity_token():
+        return TEST_TOKEN
+
+    token_manager.retrieve_instance_identity_token = mock_retrieve_instance_identity_token
+
+    response1 = {
+        'access_token': TEST_ACCESS_TOKEN_1,
+    }
+    response2 = {
+        'access_token': TEST_ACCESS_TOKEN_2,
+    }
+
+    responses.add(
+        responses.POST, 'http://169.254.169.254/instance_identity/v1/iam_token', body=json.dumps(response1), status=200
+    )
+
+    access_token = token_manager.get_token()
+    assert access_token == TEST_ACCESS_TOKEN_1
+    assert token_manager.access_token == TEST_ACCESS_TOKEN_1
+
+    # Verify that the token manager returns the cached value.
+    # Before we call `get_token` again, set the expiration and refresh time
+    # so that we do not fetch a new access token.
+    # This is necessary because we are using a fixed JWT response.
+    token_manager.expire_time = _get_current_time() + 1000
+    token_manager.refresh_time = _get_current_time() + 1000
+    access_token = token_manager.get_token()
+    assert access_token == TEST_ACCESS_TOKEN_1
+    assert token_manager.access_token == TEST_ACCESS_TOKEN_1
+
+    # Force expiration to get the second token.
+    # We'll set the expiration time to be current-time + EXPIRATION_WINDOW (10 secs)
+    # because we want the access token to be considered as "expired"
+    # when we reach the IAM-server reported expiration time minus 10 secs.
+    responses.add(
+        responses.POST, 'http://169.254.169.254/instance_identity/v1/iam_token', body=json.dumps(response2), status=200
+    )
+    token_manager.expire_time = _get_current_time() + EXPIRATION_WINDOW
+    access_token = token_manager.get_token()
+    assert access_token == TEST_ACCESS_TOKEN_2
+    assert token_manager.access_token == TEST_ACCESS_TOKEN_2

ibm-cloud-sdk-core-3.19.1/ibm_cloud_sdk_core/version.py

@@ -1 +0,0 @@
-__version__ = '3.19.1'