ibm-cloud-sdk-core 3.23.0__tar.gz → 3.24.0__tar.gz

{ibm_cloud_sdk_core-3.23.0/ibm_cloud_sdk_core.egg-info → ibm_cloud_sdk_core-3.24.0}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.4
 Name: ibm-cloud-sdk-core
-Version: 3.23.0
+Version: 3.24.0
 Summary: Core library used by SDKs for IBM Cloud Services
 Author-email: IBM <devxsdk@us.ibm.com>
 Project-URL: Repository, https://github.com/IBM/python-sdk-core
@@ -42,6 +42,7 @@ Requires-Dist: black<25.0.0,>=24.0.0; extra == "dev"
 Provides-Extra: publish
 Requires-Dist: build; extra == "publish"
 Requires-Dist: twine; extra == "publish"
+Dynamic: license-file
 
 [![Build Status](https://github.com/IBM/python-sdk-core/actions/workflows/build.yaml/badge.svg)](https://github.com/IBM/python-sdk-core/actions/workflows/build.yaml)
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/ibm-cloud-sdk-core)](https://pypi.org/project/ibm-cloud-sdk-core/)
@@ -49,7 +50,7 @@ Requires-Dist: twine; extra == "publish"
 [![CLA assistant](https://cla-assistant.io/readme/badge/ibm/python-sdk-core)](https://cla-assistant.io/ibm/python-sdk-core)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-# IBM Python SDK Core Version 3.23.0
+# IBM Python SDK Core Version 3.24.0
 This project contains core functionality required by Python code generated by the IBM Cloud OpenAPI SDK Generator
 (openapi-sdkgen).
 
@@ -115,12 +116,12 @@ When running your application, you should see output like this if debug logging
 ```
 2024-09-16 15:44:45,174 [ibm-cloud-sdk-core:DEBUG] Get authenticator from environment, key=global_search
 2024-09-16 15:44:45,175 [ibm-cloud-sdk-core:DEBUG] Set service URL: https://api.global-search-tagging.cloud.ibm.com
-2024-09-16 15:44:45,175 [ibm-cloud-sdk-core:DEBUG] Set User-Agent: ibm-python-sdk-core-3.23.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5
+2024-09-16 15:44:45,175 [ibm-cloud-sdk-core:DEBUG] Set User-Agent: ibm-python-sdk-core-3.24.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5
 2024-09-16 15:44:45,181 [ibm-cloud-sdk-core:DEBUG] Configuring BaseService instance with service name: global_search
 2024-09-16 15:44:45,181 [ibm-cloud-sdk-core:DEBUG] Performing synchronous token fetch
 2024-09-16 15:44:45,182 [ibm-cloud-sdk-core:DEBUG] Invoking IAM get_token operation: https://iam.cloud.ibm.com/identity/token
 2024-09-16 15:44:45,182 [urllib3.connectionpool:DEBUG] Starting new HTTPS connection (1): iam.cloud.ibm.com:443
-send: b'POST /identity/token HTTP/1.1\r\nHost: iam.cloud.ibm.com\r\nUser-Agent: ibm-python-sdk-core/iam-authenticator-3.23.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5\r\nAccept-Encoding: gzip, deflate\r\nAccept: application/json\r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 135\r\n\r\n'
+send: b'POST /identity/token HTTP/1.1\r\nHost: iam.cloud.ibm.com\r\nUser-Agent: ibm-python-sdk-core/iam-authenticator-3.24.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5\r\nAccept-Encoding: gzip, deflate\r\nAccept: application/json\r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 135\r\n\r\n'
 send: b'grant_type=urn%3Aibm%3Aparams%3Aoauth%3Agrant-type%3Aapikey&apikey=[redacted]&response_type=cloud_iam'
 reply: 'HTTP/1.1 200 OK\r\n'
 header: Content-Type: application/json

{ibm_cloud_sdk_core-3.23.0 → ibm_cloud_sdk_core-3.24.0}/README.md

@@ -4,7 +4,7 @@
 [![CLA assistant](https://cla-assistant.io/readme/badge/ibm/python-sdk-core)](https://cla-assistant.io/ibm/python-sdk-core)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-# IBM Python SDK Core Version 3.23.0
+# IBM Python SDK Core Version 3.24.0
 This project contains core functionality required by Python code generated by the IBM Cloud OpenAPI SDK Generator
 (openapi-sdkgen).
 
@@ -70,12 +70,12 @@ When running your application, you should see output like this if debug logging
 ```
 2024-09-16 15:44:45,174 [ibm-cloud-sdk-core:DEBUG] Get authenticator from environment, key=global_search
 2024-09-16 15:44:45,175 [ibm-cloud-sdk-core:DEBUG] Set service URL: https://api.global-search-tagging.cloud.ibm.com
-2024-09-16 15:44:45,175 [ibm-cloud-sdk-core:DEBUG] Set User-Agent: ibm-python-sdk-core-3.23.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5
+2024-09-16 15:44:45,175 [ibm-cloud-sdk-core:DEBUG] Set User-Agent: ibm-python-sdk-core-3.24.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5
 2024-09-16 15:44:45,181 [ibm-cloud-sdk-core:DEBUG] Configuring BaseService instance with service name: global_search
 2024-09-16 15:44:45,181 [ibm-cloud-sdk-core:DEBUG] Performing synchronous token fetch
 2024-09-16 15:44:45,182 [ibm-cloud-sdk-core:DEBUG] Invoking IAM get_token operation: https://iam.cloud.ibm.com/identity/token
 2024-09-16 15:44:45,182 [urllib3.connectionpool:DEBUG] Starting new HTTPS connection (1): iam.cloud.ibm.com:443
-send: b'POST /identity/token HTTP/1.1\r\nHost: iam.cloud.ibm.com\r\nUser-Agent: ibm-python-sdk-core/iam-authenticator-3.23.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5\r\nAccept-Encoding: gzip, deflate\r\nAccept: application/json\r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 135\r\n\r\n'
+send: b'POST /identity/token HTTP/1.1\r\nHost: iam.cloud.ibm.com\r\nUser-Agent: ibm-python-sdk-core/iam-authenticator-3.24.0 os.name=Linux os.version=6.10.9-100.fc39.x86_64 python.version=3.12.5\r\nAccept-Encoding: gzip, deflate\r\nAccept: application/json\r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 135\r\n\r\n'
 send: b'grant_type=urn%3Aibm%3Aparams%3Aoauth%3Agrant-type%3Aapikey&apikey=[redacted]&response_type=cloud_iam'
 reply: 'HTTP/1.1 200 OK\r\n'
 header: Content-Type: application/json

{ibm_cloud_sdk_core-3.23.0 → ibm_cloud_sdk_core-3.24.0}/ibm_cloud_sdk_core/__init__.py

@@ -46,6 +46,7 @@ from .token_managers.cp4d_token_manager import CP4DTokenManager
 from .token_managers.container_token_manager import ContainerTokenManager
 from .token_managers.vpc_instance_token_manager import VPCInstanceTokenManager
 from .token_managers.mcsp_token_manager import MCSPTokenManager
+from .token_managers.mcspv2_token_manager import MCSPV2TokenManager
 from .api_exception import ApiException
 from .utils import datetime_to_string, string_to_datetime, read_external_sources
 from .utils import datetime_to_string_list, string_to_datetime_list

{ibm_cloud_sdk_core-3.23.0 → ibm_cloud_sdk_core-3.24.0}/ibm_cloud_sdk_core/authenticators/__init__.py

@@ -28,9 +28,14 @@ classes:
   Authenticator: Abstract Base Class. Implement this interface to provide custom authentication schemes to services.
   BasicAuthenticator: Authenticator for passing supplied basic authentication information to service endpoint.
   BearerTokenAuthenticator: Authenticator for passing supplied bearer token to service endpoint.
+  ContainerAuthenticator: Authenticator for use in a container environment.
   CloudPakForDataAuthenticator: Authenticator for passing CP4D authentication information to service endpoint.
   IAMAuthenticator: Authenticator for passing IAM authentication information to service endpoint.
+  IAMAssumeAuthenticator: Authenticator for the "assume" grant type.
+  VPCInstanceAuthenticator: Authenticator for use within a VPC instance.
   NoAuthAuthenticator: Performs no authentication. Useful for testing purposes.
+  MCSPAuthenticator: Authenticator that supports the MCSP v1 token exchange.
+  MCSPV2Authenticator: Authenticator that supports the MCSP v2 token exchange.
 """
 
 from .authenticator import Authenticator
@@ -43,3 +48,4 @@ from .iam_assume_authenticator import IAMAssumeAuthenticator
 from .vpc_instance_authenticator import VPCInstanceAuthenticator
 from .no_auth_authenticator import NoAuthAuthenticator
 from .mcsp_authenticator import MCSPAuthenticator
+from .mcspv2_authenticator import MCSPV2Authenticator

{ibm_cloud_sdk_core-3.23.0 → ibm_cloud_sdk_core-3.24.0}/ibm_cloud_sdk_core/authenticators/authenticator.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2019, 2023 IBM All Rights Reserved.
+# Copyright 2019, 2025 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -30,6 +30,7 @@ class Authenticator(ABC):
     AUTHTYPE_VPC = 'vpc'
     AUTHTYPE_NOAUTH = 'noAuth'
     AUTHTYPE_MCSP = 'mcsp'
+    AUTHTYPE_MCSPV2 = 'mcspv2'
     AUTHTYPE_UNKNOWN = 'unknown'
 
     @abstractmethod

ibm_cloud_sdk_core-3.24.0/ibm_cloud_sdk_core/authenticators/mcspv2_authenticator.py

@@ -0,0 +1,270 @@
+# coding: utf-8
+
+# Copyright 2025. IBM All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from typing import Dict, Optional
+
+from requests import Request
+
+from ibm_cloud_sdk_core.logger import get_logger
+from .authenticator import Authenticator
+from ..token_managers.mcspv2_token_manager import MCSPV2TokenManager
+
+logger = get_logger()
+
+
+class MCSPV2Authenticator(Authenticator):
+    """The MCSPV2Authenticator invokes the MCSP v2 token-exchange operation
+    (POST /api/2.0/{scopeCollectionType}/{scopeId}/apikeys/token) to obtain an access token
+    for an apikey, and adds the access token to requests via an Authorization header
+    of the form: "Authorization: Bearer <access-token>".
+
+    Keyword Args:
+        apikey: The apikey used to obtain an access token [required].
+        url: The base endpoint URL for the MCSP token service [required].
+        scope_collection_type: The scope collection type of item(s) [required].
+            Valid values are: "accounts", "subscriptions", "services".
+        scope_id: The scope identifier of item(s) [required].
+        include_builtin_actions: A flag to include builtin actions in the "actions" claim in the
+            MCSP access token (default: False).
+        include_custom_actions: A flag to include custom actions in the "actions" claim in the
+            MCSP access token (default: False).
+        include_roles: A flag to include the "roles" claim in the MCSP access token (default: True).
+        prefix_roles: A flag to add a prefix with the scope level where the role is defined
+            in the "roles" claim (default: False).
+        caller_ext_claim: A map (dictionary) containing keys and values to be injected into
+            the access token as the "callerExt" claim (default: None).
+            The keys used in this map must be enabled in the apikey by setting the
+            "callerExtClaimNames" property when the apikey is created.
+            This property is typically only used in scenarios involving an apikey with identityType `SERVICEID`.
+        disable_ssl_verification:  A flag that indicates whether verification of the server's SSL
+            certificate should be disabled or not (default: False).
+        headers: Default headers to be sent with every MCSP token request (default: None).
+        proxies: Dictionary for mapping request protocol to proxy URL (default: None).
+        proxies.http (optional): The proxy endpoint to use for HTTP requests.
+        proxies.https (optional): The proxy endpoint to use for HTTPS requests.
+
+    Attributes:
+        token_manager (MCSPTokenManager): Retrieves and manages MCSP tokens from the endpoint specified by the url.
+
+    Raises:
+        TypeError: The `disable_ssl_verification` is not a bool.
+        ValueError: An error occurred while validating the configuration.
+    """
+
+    def __init__(
+        self,
+        *,
+        apikey: str,
+        url: str,
+        scope_collection_type: str,
+        scope_id: str,
+        include_builtin_actions: bool = False,
+        include_custom_actions: bool = False,
+        include_roles: bool = True,
+        prefix_roles: bool = False,
+        caller_ext_claim: Optional[Dict[str, str]] = None,
+        disable_ssl_verification: bool = False,
+        headers: Optional[Dict[str, str]] = None,
+        proxies: Optional[Dict[str, str]] = None,
+    ) -> None:
+
+        self.token_manager = MCSPV2TokenManager(
+            apikey=apikey,
+            url=url,
+            scope_collection_type=scope_collection_type,
+            scope_id=scope_id,
+            include_builtin_actions=include_builtin_actions,
+            include_custom_actions=include_custom_actions,
+            include_roles=include_roles,
+            prefix_roles=prefix_roles,
+            caller_ext_claim=caller_ext_claim,
+            disable_ssl_verification=disable_ssl_verification,
+            headers=headers,
+            proxies=proxies,
+        )
+        self.validate()
+
+    def authentication_type(self) -> str:
+        """Returns this authenticator's type ('mcsp')."""
+        return Authenticator.AUTHTYPE_MCSPV2
+
+    def validate(self) -> None:
+        """Validate the configuration.
+
+        Raises:
+            ValueError: The <...> property shouldn't be None.
+        """
+        if not isinstance(self.token_manager.apikey, str):
+            raise TypeError('"apikey" must be a string')
+        if not isinstance(self.token_manager.url, str):
+            raise TypeError('"url" must be a string')
+        if not isinstance(self.token_manager.scope_collection_type, str):
+            raise TypeError('"scope_collection_type" must be a string')
+        if not isinstance(self.token_manager.scope_id, str):
+            raise TypeError('"scope_id" must be a string')
+        if not isinstance(self.token_manager.include_builtin_actions, bool):
+            raise TypeError('"include_builtin_actions" must be a bool')
+        if not isinstance(self.token_manager.include_custom_actions, bool):
+            raise TypeError('"include_custom_actions" must be a bool')
+        if not isinstance(self.token_manager.include_roles, bool):
+            raise TypeError('"include_roles" must be a bool')
+        if not isinstance(self.token_manager.prefix_roles, bool):
+            raise TypeError('"prefix_roles" must be a bool')
+        if not isinstance(self.token_manager.caller_ext_claim, (dict, type(None))):
+            raise TypeError('"caller_ext_claim" must be a dictionary or None')
+        if not isinstance(self.token_manager.disable_ssl_verification, bool):
+            raise TypeError('"disable_ssl_verification" must be a bool')
+        if not isinstance(self.token_manager.headers, (dict, type(None))):
+            raise TypeError('"headers" must be a dictionary or None')
+        if not isinstance(self.token_manager.proxies, (dict, type(None))):
+            raise TypeError('"proxies" must be a dictionary or None')
+
+    def authenticate(self, req: Request) -> None:
+        """Adds MCSP authentication information to the request.
+
+        The MCSP bearer token will be added to the request's headers in the form:
+            Authorization: Bearer <bearer-token>
+
+        Args:
+            req:  The request to add MCSP authentication information to. Must contain a key to a dictionary
+            called headers.
+        """
+        headers = req.get('headers')
+        bearer_token = self.token_manager.get_token()
+        headers['Authorization'] = 'Bearer {0}'.format(bearer_token)
+        logger.debug('Authenticated outbound request (type=%s)', self.authentication_type())
+
+    def set_scope_collection_type(self, scope_collection_type: str) -> None:
+        """Set the scope_collection_type value.
+
+        Args:
+            scope_collection_type: the value to set.
+
+        Raises:
+            TypeError: "scope_collection_type" must be a string.
+        """
+        if not isinstance(scope_collection_type, str):
+            raise TypeError('"scope_collection_type" must be a string')
+        self.token_manager.scope_collection_type = scope_collection_type
+
+    def set_scope_id(self, scope_id: str) -> None:
+        """Set the scope_id value.
+
+        Args:
+            scope_id: the value to set.
+
+        Raises:
+            TypeError: "scope_id" must be a string.
+        """
+        if not isinstance(scope_id, str):
+            raise TypeError('"scope_id" must be a string')
+        self.token_manager.scope_id = scope_id
+
+    def set_include_builtin_actions(self, include_builtin_actions: bool = False) -> None:
+        """Set the include_builtin_actions flag.
+
+        Args:
+            include_builtin_actions: The value to set (default: False).
+
+        Raises:
+            TypeError: "include_builtin_actions" must be a bool.
+        """
+        if not isinstance(include_builtin_actions, bool):
+            raise TypeError('"include_builtin_actions" must be a bool')
+        self.token_manager.include_builtin_actions = include_builtin_actions
+
+    def set_include_custom_actions(self, include_custom_actions: bool = False) -> None:
+        """Set the include_custom_actions flag.
+
+        Args:
+            include_custom_actions: The value to set (default: False).
+
+        Raises:
+            TypeError: "include_custom_actions" must be a bool.
+        """
+        if not isinstance(include_custom_actions, bool):
+            raise TypeError('"include_custom_actions" must be a bool')
+        self.token_manager.include_custom_actions = include_custom_actions
+
+    def set_include_roles(self, include_roles: bool = True) -> None:
+        """Set the include_roles flag.
+
+        Args:
+            include_roles: The value to set (default: True).
+
+        Raises:
+            TypeError: "include_roles" must be a bool.
+        """
+        if not isinstance(include_roles, bool):
+            raise TypeError('"include_roles" must be a bool')
+        self.token_manager.include_roles = include_roles
+
+    def set_prefix_roles(self, prefix_roles: bool = False) -> None:
+        """Set the prefix_roles flag.
+
+        Args:
+            prefix_roles: The value to set (default: False).
+
+        Raises:
+            TypeError: "prefix_roles" must be a bool.
+        """
+        if not isinstance(prefix_roles, bool):
+            raise TypeError('"prefix_roles" must be a bool')
+        self.token_manager.prefix_roles = prefix_roles
+
+    def set_caller_ext_claim(self, caller_ext_claim: Optional[Dict[str, str]] = None) -> None:
+        """Set the caller_ext_claim value.
+
+        Args:
+            caller_ext_claim: The value to set (default: False).
+
+        Raises:
+            TypeError: "caller_ext_claim" must be a dictionary or None.
+        """
+        if not isinstance(caller_ext_claim, (dict, type(None))):
+            raise TypeError('"caller_ext_claim" must be a dictionary or None')
+        self.token_manager.caller_ext_claim = caller_ext_claim
+
+    def set_disable_ssl_verification(self, disable_ssl_verification: bool = False) -> None:
+        """Set the disable_ssl_verification flag.
+
+        Args:
+            disable_ssl_verification: The value to set (default: False).
+
+        Raises:
+            TypeError: "disable_ssl_verification" must be a bool.
+        """
+        if not isinstance(disable_ssl_verification, bool):
+            raise TypeError('"disable_ssl_verification" must be a bool')
+        self.token_manager.disable_ssl_verification = disable_ssl_verification
+
+    def set_headers(self, headers: Optional[Dict[str, str]] = None) -> None:
+        """Set the headers to be sent with each MCSP token-exchange request.
+
+        Args:
+            headers: The headers to be sent with each MCSP token request (default: None).
+        """
+        self.token_manager.set_headers(headers)
+
+    def set_proxies(self, proxies: Optional[Dict[str, str]] = None) -> None:
+        """Sets the proxies the token manager will use to communicate with MCSP on behalf of the host.
+
+        Args:
+            proxies: Dictionary for mapping request protocol to proxy URL (default: None).
+            proxies.http (optional): The proxy endpoint to use for HTTP requests.
+            proxies.https (optional): The proxy endpoint to use for HTTPS requests.
+        """
+        self.token_manager.set_proxies(proxies)

{ibm_cloud_sdk_core-3.23.0 → ibm_cloud_sdk_core-3.24.0}/ibm_cloud_sdk_core/get_authenticator.py

@@ -1,6 +1,6 @@
 # coding: utf-8
 
-# Copyright 2019, 2024 IBM All Rights Reserved.
+# Copyright 2019, 2025 IBM All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,6 +14,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import json
 from .authenticators import (
     Authenticator,
     BasicAuthenticator,
@@ -25,8 +26,9 @@ from .authenticators import (
     NoAuthAuthenticator,
     VPCInstanceAuthenticator,
     MCSPAuthenticator,
+    MCSPV2Authenticator,
 )
-from .utils import read_external_sources
+from .utils import read_external_sources, string_to_bool
 from .logger import get_logger
 
 logger = get_logger()
@@ -57,6 +59,7 @@ def get_authenticator_from_environment(service_name: str) -> Authenticator:
 
 
 # pylint: disable=too-many-branches
+# pylint: disable=too-many-statements
 def __construct_authenticator(config: dict) -> Authenticator:
     # Determine the authentication type if not specified explicitly.
     if config.get('AUTH_TYPE'):
@@ -86,7 +89,7 @@ def __construct_authenticator(config: dict) -> Authenticator:
             url=config.get('AUTH_URL'),
             client_id=config.get('CLIENT_ID'),
             client_secret=config.get('CLIENT_SECRET'),
-            disable_ssl_verification=config.get('AUTH_DISABLE_SSL', 'false').lower() == 'true',
+            disable_ssl_verification=string_to_bool(config.get('AUTH_DISABLE_SSL', 'false')),
             scope=config.get('SCOPE'),
         )
     elif auth_type == Authenticator.AUTHTYPE_CP4D.lower():
@@ -95,7 +98,7 @@ def __construct_authenticator(config: dict) -> Authenticator:
             password=config.get('PASSWORD'),
             url=config.get('AUTH_URL'),
             apikey=config.get('APIKEY'),
-            disable_ssl_verification=config.get('AUTH_DISABLE_SSL', 'false').lower() == 'true',
+            disable_ssl_verification=string_to_bool(config.get('AUTH_DISABLE_SSL', 'false')),
         )
     elif auth_type == Authenticator.AUTHTYPE_IAM.lower() and config.get('APIKEY'):
         authenticator = IAMAuthenticator(
@@ -103,7 +106,7 @@ def __construct_authenticator(config: dict) -> Authenticator:
             url=config.get('AUTH_URL'),
             client_id=config.get('CLIENT_ID'),
             client_secret=config.get('CLIENT_SECRET'),
-            disable_ssl_verification=config.get('AUTH_DISABLE_SSL', 'false').lower() == 'true',
+            disable_ssl_verification=string_to_bool(config.get('AUTH_DISABLE_SSL', 'false')),
             scope=config.get('SCOPE'),
         )
     elif auth_type == Authenticator.AUTHTYPE_IAM_ASSUME.lower():
@@ -116,7 +119,7 @@ def __construct_authenticator(config: dict) -> Authenticator:
             url=config.get('AUTH_URL'),
             client_id=config.get('CLIENT_ID'),
             client_secret=config.get('CLIENT_SECRET'),
-            disable_ssl_verification=config.get('AUTH_DISABLE_SSL', 'false').lower() == 'true',
+            disable_ssl_verification=string_to_bool(config.get('AUTH_DISABLE_SSL', 'false')),
             scope=config.get('SCOPE'),
         )
     elif auth_type == Authenticator.AUTHTYPE_VPC.lower():
@@ -130,6 +133,48 @@ def __construct_authenticator(config: dict) -> Authenticator:
             apikey=config.get('APIKEY'),
             url=config.get('AUTH_URL'),
         )
+    elif auth_type == Authenticator.AUTHTYPE_MCSPV2.lower():
+        # Required arguments.
+        apikey = config.get('APIKEY')
+        url = config.get('AUTH_URL')
+        scope_collection_type = config.get('SCOPE_COLLECTION_TYPE')
+        scope_id = config.get('SCOPE_ID')
+
+        # Optional arguments.
+        optional_args = {}
+        str_value = config.get("INCLUDE_BUILTIN_ACTIONS")
+        if str_value is not None:
+            optional_args['include_builtin_actions'] = string_to_bool(str_value)
+
+        str_value = config.get("INCLUDE_CUSTOM_ACTIONS")
+        if str_value is not None:
+            optional_args['include_custom_actions'] = string_to_bool(str_value)
+
+        str_value = config.get("INCLUDE_ROLES")
+        if str_value is not None:
+            optional_args['include_roles'] = string_to_bool(str_value)
+
+        str_value = config.get("PREFIX_ROLES")
+        if str_value is not None:
+            optional_args['prefix_roles'] = string_to_bool(str_value)
+
+        str_value = config.get("CALLER_EXT_CLAIM")
+        if str_value is not None:
+            try:
+                optional_args['caller_ext_claim'] = json.loads(str_value)
+            except Exception as caused_by:
+                msg = 'An error occurred while unmarshalling the CALLER_EXT_CLAIM configuration property: {0}'.format(
+                    str_value
+                )
+                raise ValueError(msg) from caused_by
+
+        str_value = config.get("AUTH_DISABLE_SSL")
+        if str_value is not None:
+            optional_args['disable_ssl_verification'] = string_to_bool(str_value)
+
+        authenticator = MCSPV2Authenticator(
+            apikey=apikey, url=url, scope_collection_type=scope_collection_type, scope_id=scope_id, **optional_args
+        )
     elif auth_type == Authenticator.AUTHTYPE_NOAUTH.lower():
         authenticator = NoAuthAuthenticator()