ibm-cloud-sdk-core 3.20.5__tar.gz → 3.20.6__tar.gz

{ibm_cloud_sdk_core-3.20.5/ibm_cloud_sdk_core.egg-info → ibm_cloud_sdk_core-3.20.6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ibm-cloud-sdk-core
-Version: 3.20.5
+Version: 3.20.6
 Summary: Core library used by SDKs for IBM Cloud Services
 Author-email: IBM <devxsdk@us.ibm.com>
 Project-URL: Repository, https://github.com/IBM/python-sdk-core
@@ -49,7 +49,7 @@ Requires-Dist: twine; extra == "publish"
 [![CLA assistant](https://cla-assistant.io/readme/badge/ibm/python-sdk-core)](https://cla-assistant.io/ibm/python-sdk-core)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-# IBM Python SDK Core Version 3.20.5
+# IBM Python SDK Core Version 3.20.6
 This project contains core functionality required by Python code generated by the IBM Cloud OpenAPI SDK Generator
 (openapi-sdkgen).
 

{ibm_cloud_sdk_core-3.20.5 → ibm_cloud_sdk_core-3.20.6}/README.md

@@ -4,7 +4,7 @@
 [![CLA assistant](https://cla-assistant.io/readme/badge/ibm/python-sdk-core)](https://cla-assistant.io/ibm/python-sdk-core)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-# IBM Python SDK Core Version 3.20.5
+# IBM Python SDK Core Version 3.20.6
 This project contains core functionality required by Python code generated by the IBM Cloud OpenAPI SDK Generator
 (openapi-sdkgen).
 

ibm_cloud_sdk_core-3.20.6/ibm_cloud_sdk_core/authenticators/__init__.py

@@ -0,0 +1,44 @@
+# coding: utf-8
+
+# Copyright 2019 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""The ibm_cloud_sdk_core project supports the following types of authentication:
+
+  Basic Authentication
+  Bearer Token
+  Identity and Access Management (IAM)
+  Cloud Pak for Data
+  No Authentication
+
+  The authentication types that are appropriate for a particular service may vary from service to service.
+  Each authentication type is implemented as an Authenticator for consumption by a service.
+
+classes:
+  Authenticator: Abstract Base Class. Implement this interface to provide custom authentication schemes to services.
+  BasicAuthenticator: Authenticator for passing supplied basic authentication information to service endpoint.
+  BearerTokenAuthenticator: Authenticator for passing supplied bearer token to service endpoint.
+  CloudPakForDataAuthenticator: Authenticator for passing CP4D authentication information to service endpoint.
+  IAMAuthenticator: Authenticator for passing IAM authentication information to service endpoint.
+  NoAuthAuthenticator: Performs no authentication. Useful for testing purposes.
+"""
+
+from .authenticator import Authenticator
+from .basic_authenticator import BasicAuthenticator
+from .bearer_token_authenticator import BearerTokenAuthenticator
+from .container_authenticator import ContainerAuthenticator
+from .cp4d_authenticator import CloudPakForDataAuthenticator
+from .iam_authenticator import IAMAuthenticator
+from .vpc_instance_authenticator import VPCInstanceAuthenticator
+from .no_auth_authenticator import NoAuthAuthenticator
+from .mcsp_authenticator import MCSPAuthenticator

ibm_cloud_sdk_core-3.20.6/ibm_cloud_sdk_core/authenticators/authenticator.py

@@ -0,0 +1,58 @@
+# coding: utf-8
+
+# Copyright 2019, 2023 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from abc import ABC, abstractmethod
+
+
+class Authenticator(ABC):
+    """This interface defines the common methods and constants associated with an Authenticator implementation."""
+
+    # Constants representing the various authenticator types.
+    AUTHTYPE_BASIC = 'basic'
+    AUTHTYPE_BEARERTOKEN = 'bearerToken'
+    AUTHTYPE_IAM = 'iam'
+    AUTHTYPE_CONTAINER = 'container'
+    AUTHTYPE_CP4D = 'cp4d'
+    AUTHTYPE_VPC = 'vpc'
+    AUTHTYPE_NOAUTH = 'noAuth'
+    AUTHTYPE_MCSP = 'mcsp'
+    AUTHTYPE_UNKNOWN = 'unknown'
+
+    @abstractmethod
+    def authenticate(self, req: dict) -> None:
+        """Perform the necessary authentication steps for the specified request.
+
+        Attributes:
+            req (dict): Will be modified to contain the appropriate authentication information.
+
+        To be implemented by subclasses.
+        """
+        pass
+
+    @abstractmethod
+    def validate(self) -> None:
+        """Validates the current set of configuration information in the Authenticator.
+
+        Raises:
+            ValueError: The configuration information is not valid for service operations.
+
+        To be implemented by subclasses.
+        """
+        pass
+
+    def authentication_type(self) -> str:
+        """Returns the authenticator's type.  This method should be overridden by each authenticator implementation."""
+        return self.AUTHTYPE_UNKNOWN

ibm_cloud_sdk_core-3.20.6/ibm_cloud_sdk_core/authenticators/basic_authenticator.py

@@ -0,0 +1,83 @@
+# coding: utf-8
+
+# Copyright 2019 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import base64
+from requests import Request
+
+from .authenticator import Authenticator
+from ..utils import has_bad_first_or_last_char
+
+
+class BasicAuthenticator(Authenticator):
+    """The BasicAuthenticator is used to add basic authentication information to requests.
+
+    Basic Authorization will be sent as an Authorization header in the form:
+
+        Authorization: Basic <encoded username and password>
+
+    Args:
+        username: User-supplied username for basic auth.
+        password: User-supplied password for basic auth.
+
+    Raises:
+        ValueError: The username or password is not specified or contains invalid characters.
+    """
+
+    def __init__(self, username: str, password: str) -> None:
+        self.username = username
+        self.password = password
+        self.validate()
+        self.authorization_header = self.__construct_basic_auth_header()
+
+    def authentication_type(self) -> str:
+        """Returns this authenticator's type ('basic')."""
+        return Authenticator.AUTHTYPE_BASIC
+
+    def validate(self) -> None:
+        """Validate username and password.
+
+        Ensure the username and password are valid for service operations.
+
+        Raises:
+            ValueError: The username and/or password is not valid for service operations.
+        """
+        if self.username is None or self.password is None:
+            raise ValueError('The username and password shouldn\'t be None.')
+
+        if has_bad_first_or_last_char(self.username) or has_bad_first_or_last_char(self.password):
+            raise ValueError(
+                'The username and password shouldn\'t start or end with curly brackets or quotes. '
+                'Please remove any surrounding {, }, or \" characters.'
+            )
+
+    def __construct_basic_auth_header(self) -> str:
+        authstring = "{0}:{1}".format(self.username, self.password)
+        base64_authorization = base64.b64encode(authstring.encode('utf-8')).decode('utf-8')
+        return 'Basic {0}'.format(base64_authorization)
+
+    def authenticate(self, req: Request) -> None:
+        """Add basic authentication information to a request.
+
+        Basic Authorization will be added to the request's headers in the form:
+
+            Authorization: Basic <encoded username and password>
+
+        Args:
+            req: The request to add basic auth information to. Must contain a key to a dictionary
+            called headers.
+        """
+        headers = req.get('headers')
+        headers['Authorization'] = self.authorization_header

ibm_cloud_sdk_core-3.20.6/ibm_cloud_sdk_core/authenticators/bearer_token_authenticator.py

@@ -0,0 +1,80 @@
+# coding: utf-8
+
+# Copyright 2019 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from requests import Request
+
+from .authenticator import Authenticator
+
+
+class BearerTokenAuthenticator(Authenticator):
+    """The BearerTokenAuthenticator will add a user-supplied bearer token
+    to requests.
+
+    The bearer token will be sent as an Authorization header in the form:
+
+         Authorization: Bearer <bearer-token>
+
+    Args:
+        bearer_token: The user supplied bearer token.
+
+    Raises:
+        ValueError: Bearer token is none.
+    """
+
+    def __init__(self, bearer_token: str) -> None:
+        self.bearer_token = bearer_token
+        self.validate()
+
+    def authentication_type(self) -> str:
+        """Returns this authenticator's type ('bearertoken')."""
+        return Authenticator.AUTHTYPE_BEARERTOKEN
+
+    def validate(self) -> None:
+        """Validate the bearer token.
+
+        Ensures the bearer token is valid for service operations.
+
+        Raises:
+            ValueError: The bearer token is not valid for service operations.
+        """
+        if self.bearer_token is None:
+            raise ValueError('The bearer token shouldn\'t be None.')
+
+    def authenticate(self, req: Request) -> None:
+        """Adds bearer authentication information to the request.
+
+        The bearer token will be added to the request's headers in the form:
+
+            Authorization: Bearer <bearer-token>
+
+        Args:
+            req: The request to add bearer authentication information to. Must contain a key to a dictionary
+            called headers.
+        """
+        headers = req.get('headers')
+        headers['Authorization'] = 'Bearer {0}'.format(self.bearer_token)
+
+    def set_bearer_token(self, bearer_token: str) -> None:
+        """Set a new bearer token to be sent in subsequent service operations.
+
+        Args:
+            bearer_token: The bearer token that will be sent in service requests.
+
+        Raises:
+            ValueError: The bearer token is not valid for service operations.
+        """
+        self.bearer_token = bearer_token
+        self.validate()

ibm_cloud_sdk_core-3.20.6/ibm_cloud_sdk_core/authenticators/container_authenticator.py

@@ -0,0 +1,150 @@
+# coding: utf-8
+
+# Copyright 2021 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from typing import Dict, Optional
+
+from .iam_request_based_authenticator import IAMRequestBasedAuthenticator
+from ..token_managers.container_token_manager import ContainerTokenManager
+from .authenticator import Authenticator
+
+
+class ContainerAuthenticator(IAMRequestBasedAuthenticator):
+    """ContainerAuthenticator implements an IAM-based authentication schema where by it
+    retrieves a "compute resource token" from the local compute resource (VM)
+    and uses that to obtain an IAM access token by invoking the IAM "get token" operation with grant-type=cr-token.
+    The resulting IAM access token is then added to outbound requests in an Authorization header of the form:
+
+        Authorization: Bearer <access-token>
+
+    Args:
+        cr_token_filename: The name of the file containing the injected CR token value
+            (applies to IKS-managed compute resources). Defaults to "/var/run/secrets/tokens/vault-token".
+        iam_profile_name: The name of the linked trusted IAM profile to be used when obtaining the IAM access token
+            (a CR token might map to multiple IAM profiles).
+            One of iam_profile_name or iam_profile_id must be specified.
+            Defaults to None.
+        iam_profile_id: The id of the linked trusted IAM profile to be used when obtaining the IAM access token
+            (a CR token might map to multiple IAM profiles).
+            One of iam_profile_name or iam_profile_id must be specified.
+            Defaults to None.
+        url: The URL representing the IAM token service endpoint. If not specified, a suitable default value is used.
+        client_id: The client_id and client_secret fields are used to form
+            a "basic" authorization header for IAM token requests. Defaults to None.
+        client_secret: The client_id and client_secret fields are used to form
+            a "basic" authorization header for IAM token requests. Defaults to None.
+        disable_ssl_verification: A flag that indicates whether verification of
+        the server's SSL certificate should be disabled or not. Defaults to False.
+        headers: Default headers to be sent with every IAM token request. Defaults to None.
+        proxies: Dictionary for mapping request protocol to proxy URL. Defaults to None.
+        proxies.http (optional): The proxy endpoint to use for HTTP requests.
+        proxies.https (optional): The proxy endpoint to use for HTTPS requests.
+        scope: The "scope" to use when fetching the bearer token from the IAM token server.
+        This can be used to obtain an access token with a specific scope.
+
+        Attributes:
+            token_manager (ContainerTokenManager): Retrieves and manages IAM tokens
+                from the endpoint specified by the url.
+
+        Raises:
+            TypeError: The `disable_ssl_verification` is not a bool.
+            ValueError: Neither of iam_profile_name or iam_profile_idk are set,
+            or client_id, and/or client_secret are not valid for IAM token requests.
+    """
+
+    def __init__(
+        self,
+        cr_token_filename: Optional[str] = None,
+        iam_profile_name: Optional[str] = None,
+        iam_profile_id: Optional[str] = None,
+        url: Optional[str] = None,
+        client_id: Optional[str] = None,
+        client_secret: Optional[str] = None,
+        disable_ssl_verification: bool = False,
+        scope: Optional[str] = None,
+        proxies: Optional[Dict[str, str]] = None,
+        headers: Optional[Dict[str, str]] = None,
+    ) -> None:
+        # Check the type of `disable_ssl_verification`. Must be a bool.
+        if not isinstance(disable_ssl_verification, bool):
+            raise TypeError('disable_ssl_verification must be a bool')
+
+        self.token_manager = ContainerTokenManager(
+            cr_token_filename=cr_token_filename,
+            iam_profile_name=iam_profile_name,
+            iam_profile_id=iam_profile_id,
+            url=url,
+            client_id=client_id,
+            client_secret=client_secret,
+            disable_ssl_verification=disable_ssl_verification,
+            scope=scope,
+            proxies=proxies,
+            headers=headers,
+        )
+
+        self.validate()
+
+    def authentication_type(self) -> str:
+        """Returns this authenticator's type ('container')."""
+        return Authenticator.AUTHTYPE_CONTAINER
+
+    def validate(self) -> None:
+        """Validates the iam_profile_name, iam_profile_id, client_id, and client_secret for IAM token requests.
+
+        Ensure that one of the iam_profile_name or iam_profile_id are specified. Additionally, ensure
+        both of the client_id and client_secret are set if either of them are defined.
+
+        Raises:
+            ValueError: Neither of iam_profile_name or iam_profile_idk are set,
+            or client_id, and/or client_secret are not valid for IAM token requests.
+        """
+        super().validate()
+
+        if not self.token_manager.iam_profile_name and not self.token_manager.iam_profile_id:
+            raise ValueError('At least one of iam_profile_name or iam_profile_id must be specified.')
+
+    def set_cr_token_filename(self, cr_token_filename: str) -> None:
+        """Set the location of the compute resource token on the local filesystem.
+
+        Args:
+            cr_token_filename: path to the compute resource token
+        """
+        self.token_manager.cr_token_filename = cr_token_filename
+
+    def set_iam_profile_name(self, iam_profile_name: str) -> None:
+        """Set the name of the IAM profile.
+
+        Args:
+            iam_profile_name: name of the linked trusted IAM profile to be used when obtaining the IAM access token
+
+        Raises:
+            ValueError: Neither of iam_profile_name or iam_profile_idk are set,
+            or client_id, and/or client_secret are not valid for IAM token requests.
+        """
+        self.token_manager.iam_profile_name = iam_profile_name
+        self.validate()
+
+    def set_iam_profile_id(self, iam_profile_id: str) -> None:
+        """Set the id of the IAM profile.
+
+        Args:
+            iam_profile_id: id of the linked trusted IAM profile to be used when obtaining the IAM access token
+
+        Raises:
+            ValueError: Neither of iam_profile_name or iam_profile_idk are set,
+            or client_id, and/or client_secret are not valid for IAM token requests.
+        """
+        self.token_manager.iam_profile_id = iam_profile_id
+        self.validate()

ibm_cloud_sdk_core-3.20.6/ibm_cloud_sdk_core/authenticators/cp4d_authenticator.py

@@ -0,0 +1,165 @@
+# coding: utf-8
+
+# Copyright 2019 IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from typing import Dict, Optional
+
+from requests import Request
+
+from .authenticator import Authenticator
+from ..token_managers.cp4d_token_manager import CP4DTokenManager
+from ..utils import has_bad_first_or_last_char
+
+
+class CloudPakForDataAuthenticator(Authenticator):
+    """The CloudPakForDataAuthenticator utilizes a username and password pair to
+    obtain a suitable bearer token, and adds it requests.
+
+    The bearer token will be sent as an Authorization header in the form:
+
+        Authorization: Bearer <bearer-token>
+
+    Keyword Args:
+        username: The username used to obtain a bearer token [required].
+        password: The password used to obtain a bearer token [required if apikey not specified].
+        url: The URL representing the Cloud Pak for Data token service endpoint [required].
+        apikey: The API key used to obtain a bearer token [required if password not specified].
+        disable_ssl_verification:  A flag that indicates whether verification of the server's SSL
+            certificate should be disabled or not. Defaults to False.
+        headers: Default headers to be sent with every CP4D token request. Defaults to None.
+        proxies: Dictionary for mapping request protocol to proxy URL.
+        proxies.http (optional): The proxy endpoint to use for HTTP requests.
+        proxies.https (optional): The proxy endpoint to use for HTTPS requests.
+        verify (optional): The path to the certificate to use for HTTPS requests.
+
+    Attributes:
+        token_manager (CP4DTokenManager): Retrieves and manages CP4D tokens from the endpoint specified by the url.
+
+    Raises:
+        TypeError: The `disable_ssl_verification` is not a bool.
+        ValueError: The username, password/apikey, and/or url are not valid for CP4D token requests.
+    """
+
+    def __init__(
+        self,
+        username: str = None,
+        password: str = None,
+        url: str = None,
+        *,
+        apikey: str = None,
+        disable_ssl_verification: bool = False,
+        headers: Optional[Dict[str, str]] = None,
+        proxies: Optional[Dict[str, str]] = None,
+        verify: Optional[str] = None,
+    ) -> None:
+        # Check the type of `disable_ssl_verification`. Must be a bool.
+        if not isinstance(disable_ssl_verification, bool):
+            raise TypeError('disable_ssl_verification must be a bool')
+
+        self.token_manager = CP4DTokenManager(
+            username=username,
+            password=password,
+            apikey=apikey,
+            url=url,
+            disable_ssl_verification=disable_ssl_verification,
+            headers=headers,
+            proxies=proxies,
+            verify=verify,
+        )
+
+        self.validate()
+
+    def authentication_type(self) -> str:
+        """Returns this authenticator's type ('cp4d')."""
+        return Authenticator.AUTHTYPE_CP4D
+
+    def validate(self) -> None:
+        """Validate username, password, and url for token requests.
+
+        Ensures the username, password, and url are not None. Additionally, ensures they do not contain invalid
+        characters.
+
+        Raises:
+            ValueError: The username, password, and/or url are not valid for token requests.
+        """
+        if self.token_manager.username is None:
+            raise ValueError('The username shouldn\'t be None.')
+
+        if (self.token_manager.password is None and self.token_manager.apikey is None) or (
+            self.token_manager.password is not None and self.token_manager.apikey is not None
+        ):
+            raise ValueError('Exactly one of `apikey` or `password` must be specified.')
+
+        if self.token_manager.url is None:
+            raise ValueError('The url shouldn\'t be None.')
+
+        if has_bad_first_or_last_char(self.token_manager.username) or has_bad_first_or_last_char(
+            self.token_manager.password
+        ):
+            raise ValueError(
+                'The username and password shouldn\'t start or end with curly brackets or quotes. '
+                'Please remove any surrounding {, }, or \" characters.'
+            )
+
+        if has_bad_first_or_last_char(self.token_manager.url):
+            raise ValueError(
+                'The url shouldn\'t start or end with curly brackets or quotes. '
+                'Please remove any surrounding {, }, or \" characters.'
+            )
+
+    def authenticate(self, req: Request) -> None:
+        """Adds CP4D authentication information to the request.
+
+        The CP4D bearer token will be added to the request's headers in the form:
+
+            Authorization: Bearer <bearer-token>
+
+        Args:
+            req:  The request to add CP4D authentication information to. Must contain a key to a dictionary
+            called headers.
+        """
+        headers = req.get('headers')
+        bearer_token = self.token_manager.get_token()
+        headers['Authorization'] = 'Bearer {0}'.format(bearer_token)
+
+    def set_disable_ssl_verification(self, status: bool = False) -> None:
+        """Set the flag that indicates whether verification of the server's SSL certificate should be
+        disabled or not. Defaults to False.
+
+        Args:
+            status: Set to true in order to disable SSL certificate verification. Defaults to False.
+
+        Raises:
+            TypeError: The `status` is not a bool.
+        """
+        self.token_manager.set_disable_ssl_verification(status)
+
+    def set_headers(self, headers: Dict[str, str]) -> None:
+        """Default headers to be sent with every CP4D token request.
+
+        Args:
+            headers: The headers to be sent with every CP4D token request.
+        """
+        self.token_manager.set_headers(headers)
+
+    def set_proxies(self, proxies: Dict[str, str]) -> None:
+        """Sets the proxies the token manager will use to communicate with CP4D on behalf of the host.
+
+        Args:
+            proxies: Dictionary for mapping request protocol to proxy URL.
+            proxies.http (optional): The proxy endpoint to use for HTTP requests.
+            proxies.https (optional): The proxy endpoint to use for HTTPS requests.
+        """
+        self.token_manager.set_proxies(proxies)