pangea-sdk 3.8.0b4__py3-none-any.whl → 3.9.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pangea/__init__.py +1 -2
- pangea/asyncio/request.py +14 -19
- pangea/asyncio/services/__init__.py +0 -2
- pangea/asyncio/services/audit.py +160 -14
- pangea/asyncio/services/authn.py +118 -79
- pangea/asyncio/services/authz.py +35 -50
- pangea/asyncio/services/intel.py +4 -4
- pangea/asyncio/services/redact.py +56 -2
- pangea/asyncio/services/vault.py +115 -4
- pangea/request.py +24 -21
- pangea/response.py +27 -28
- pangea/services/__init__.py +0 -2
- pangea/services/audit/audit.py +161 -16
- pangea/services/audit/models.py +53 -5
- pangea/services/authn/authn.py +77 -36
- pangea/services/authn/models.py +79 -0
- pangea/services/authz.py +47 -54
- pangea/services/base.py +23 -6
- pangea/services/file_scan.py +1 -0
- pangea/services/intel.py +2 -2
- pangea/services/redact.py +122 -2
- pangea/services/vault/models/common.py +115 -0
- pangea/services/vault/vault.py +117 -6
- pangea/utils.py +19 -91
- {pangea_sdk-3.8.0b4.dist-info → pangea_sdk-3.9.0.dist-info}/METADATA +6 -15
- pangea_sdk-3.9.0.dist-info/RECORD +46 -0
- pangea/asyncio/__init__.py +0 -1
- pangea/asyncio/file_uploader.py +0 -39
- pangea/asyncio/services/sanitize.py +0 -185
- pangea/asyncio/services/share.py +0 -573
- pangea/file_uploader.py +0 -35
- pangea/services/sanitize.py +0 -275
- pangea/services/share/file_format.py +0 -170
- pangea/services/share/share.py +0 -877
- pangea_sdk-3.8.0b4.dist-info/RECORD +0 -54
- {pangea_sdk-3.8.0b4.dist-info → pangea_sdk-3.9.0.dist-info}/WHEEL +0 -0
pangea/services/authn/authn.py
CHANGED
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
# Copyright 2022 Pangea Cyber Corporation
|
|
2
2
|
# Author: Pangea Cyber Corporation
|
|
3
|
+
from __future__ import annotations
|
|
3
4
|
|
|
4
5
|
from typing import Dict, List, Optional, Union
|
|
5
6
|
|
|
6
7
|
import pangea.services.authn.models as m
|
|
8
|
+
from pangea.config import PangeaConfig
|
|
7
9
|
from pangea.response import PangeaResponse
|
|
8
10
|
from pangea.services.base import ServiceBase
|
|
9
11
|
|
|
@@ -37,10 +39,24 @@ class AuthN(ServiceBase):
|
|
|
37
39
|
|
|
38
40
|
def __init__(
|
|
39
41
|
self,
|
|
40
|
-
token,
|
|
41
|
-
config=None,
|
|
42
|
-
logger_name="pangea",
|
|
43
|
-
):
|
|
42
|
+
token: str,
|
|
43
|
+
config: PangeaConfig | None = None,
|
|
44
|
+
logger_name: str = "pangea",
|
|
45
|
+
) -> None:
|
|
46
|
+
"""
|
|
47
|
+
AuthN client
|
|
48
|
+
|
|
49
|
+
Initializes a new AuthN client.
|
|
50
|
+
|
|
51
|
+
Args:
|
|
52
|
+
token: Pangea API token.
|
|
53
|
+
config: Configuration.
|
|
54
|
+
logger_name: Logger name.
|
|
55
|
+
|
|
56
|
+
Examples:
|
|
57
|
+
config = PangeaConfig(domain="pangea_domain")
|
|
58
|
+
authn = AuthN(token="pangea_token", config=config)
|
|
59
|
+
"""
|
|
44
60
|
super().__init__(token, config, logger_name=logger_name)
|
|
45
61
|
self.user = AuthN.User(token, config, logger_name=logger_name)
|
|
46
62
|
self.flow = AuthN.Flow(token, config, logger_name=logger_name)
|
|
@@ -432,6 +448,8 @@ class AuthN(ServiceBase):
|
|
|
432
448
|
self,
|
|
433
449
|
email: str,
|
|
434
450
|
profile: m.Profile,
|
|
451
|
+
*,
|
|
452
|
+
username: str | None = None,
|
|
435
453
|
) -> PangeaResponse[m.UserCreateResult]:
|
|
436
454
|
"""
|
|
437
455
|
Create User
|
|
@@ -441,8 +459,9 @@ class AuthN(ServiceBase):
|
|
|
441
459
|
OperationId: authn_post_v2_user_create
|
|
442
460
|
|
|
443
461
|
Args:
|
|
444
|
-
email
|
|
445
|
-
profile
|
|
462
|
+
email: An email address.
|
|
463
|
+
profile: A user profile as a collection of string properties.
|
|
464
|
+
username: A username.
|
|
446
465
|
|
|
447
466
|
Returns:
|
|
448
467
|
A PangeaResponse with a user and its information in the response.result field.
|
|
@@ -461,10 +480,13 @@ class AuthN(ServiceBase):
|
|
|
461
480
|
input = m.UserCreateRequest(
|
|
462
481
|
email=email,
|
|
463
482
|
profile=profile,
|
|
483
|
+
username=username,
|
|
464
484
|
)
|
|
465
485
|
return self.request.post("v2/user/create", m.UserCreateResult, data=input.dict(exclude_none=True))
|
|
466
486
|
|
|
467
|
-
def delete(
|
|
487
|
+
def delete(
|
|
488
|
+
self, email: str | None = None, id: str | None = None, *, username: str | None = None
|
|
489
|
+
) -> PangeaResponse[m.UserDeleteResult]:
|
|
468
490
|
"""
|
|
469
491
|
Delete User
|
|
470
492
|
|
|
@@ -473,8 +495,9 @@ class AuthN(ServiceBase):
|
|
|
473
495
|
OperationId: authn_post_v2_user_delete
|
|
474
496
|
|
|
475
497
|
Args:
|
|
476
|
-
email
|
|
477
|
-
id
|
|
498
|
+
email: An email address.
|
|
499
|
+
id: The id of a user or a service.
|
|
500
|
+
username: A username.
|
|
478
501
|
|
|
479
502
|
Returns:
|
|
480
503
|
A PangeaResponse with an empty object in the response.result field.
|
|
@@ -482,7 +505,7 @@ class AuthN(ServiceBase):
|
|
|
482
505
|
Examples:
|
|
483
506
|
authn.user.delete(email="example@example.com")
|
|
484
507
|
"""
|
|
485
|
-
input = m.UserDeleteRequest(email=email, id=id)
|
|
508
|
+
input = m.UserDeleteRequest(email=email, id=id, username=username)
|
|
486
509
|
return self.request.post("v2/user/delete", m.UserDeleteResult, data=input.dict(exclude_none=True))
|
|
487
510
|
|
|
488
511
|
def invite(
|
|
@@ -528,10 +551,12 @@ class AuthN(ServiceBase):
|
|
|
528
551
|
|
|
529
552
|
def update(
|
|
530
553
|
self,
|
|
531
|
-
disabled:
|
|
532
|
-
id:
|
|
533
|
-
email:
|
|
534
|
-
unlock:
|
|
554
|
+
disabled: bool | None = None,
|
|
555
|
+
id: str | None = None,
|
|
556
|
+
email: str | None = None,
|
|
557
|
+
unlock: bool | None = None,
|
|
558
|
+
*,
|
|
559
|
+
username: str | None = None,
|
|
535
560
|
) -> PangeaResponse[m.UserUpdateResult]:
|
|
536
561
|
"""
|
|
537
562
|
Update user's settings
|
|
@@ -541,11 +566,12 @@ class AuthN(ServiceBase):
|
|
|
541
566
|
OperationId: authn_post_v2_user_update
|
|
542
567
|
|
|
543
568
|
Args:
|
|
544
|
-
disabled
|
|
569
|
+
disabled: New disabled value.
|
|
545
570
|
Disabling a user account will prevent them from logging in.
|
|
546
|
-
unlock
|
|
547
|
-
id
|
|
548
|
-
email
|
|
571
|
+
unlock: Unlock a user account if it has been locked out due to failed authentication attempts.
|
|
572
|
+
id: The identity of a user or a service.
|
|
573
|
+
email: An email address.
|
|
574
|
+
username: A username.
|
|
549
575
|
|
|
550
576
|
Returns:
|
|
551
577
|
A PangeaResponse with a user and its information in the response.result field.
|
|
@@ -563,6 +589,7 @@ class AuthN(ServiceBase):
|
|
|
563
589
|
email=email,
|
|
564
590
|
disabled=disabled,
|
|
565
591
|
unlock=unlock,
|
|
592
|
+
username=username,
|
|
566
593
|
)
|
|
567
594
|
|
|
568
595
|
return self.request.post("v2/user/update", m.UserUpdateResult, data=input.dict(exclude_none=True))
|
|
@@ -694,7 +721,12 @@ class AuthN(ServiceBase):
|
|
|
694
721
|
super().__init__(token, config, logger_name=logger_name)
|
|
695
722
|
|
|
696
723
|
def delete(
|
|
697
|
-
self,
|
|
724
|
+
self,
|
|
725
|
+
authenticator_id: str,
|
|
726
|
+
id: str | None = None,
|
|
727
|
+
email: str | None = None,
|
|
728
|
+
*,
|
|
729
|
+
username: str | None = None,
|
|
698
730
|
) -> PangeaResponse[m.UserAuthenticatorsDeleteResult]:
|
|
699
731
|
"""
|
|
700
732
|
Delete user authenticator
|
|
@@ -704,9 +736,10 @@ class AuthN(ServiceBase):
|
|
|
704
736
|
OperationId: authn_post_v2_user_authenticators_delete
|
|
705
737
|
|
|
706
738
|
Args:
|
|
707
|
-
authenticator_id
|
|
708
|
-
id
|
|
709
|
-
email
|
|
739
|
+
authenticator_id: An ID for an authenticator.
|
|
740
|
+
id: The identity of a user or a service.
|
|
741
|
+
email: An email address.
|
|
742
|
+
username: A username.
|
|
710
743
|
|
|
711
744
|
Returns:
|
|
712
745
|
A PangeaResponse with an empty object in the response.result field.
|
|
@@ -717,7 +750,9 @@ class AuthN(ServiceBase):
|
|
|
717
750
|
id="pui_xpkhwpnz2cmegsws737xbsqnmnuwtbm5",
|
|
718
751
|
)
|
|
719
752
|
"""
|
|
720
|
-
input = m.UserAuthenticatorsDeleteRequest(
|
|
753
|
+
input = m.UserAuthenticatorsDeleteRequest(
|
|
754
|
+
authenticator_id=authenticator_id, email=email, id=id, username=username
|
|
755
|
+
)
|
|
721
756
|
return self.request.post(
|
|
722
757
|
"v2/user/authenticators/delete",
|
|
723
758
|
m.UserAuthenticatorsDeleteResult,
|
|
@@ -725,7 +760,7 @@ class AuthN(ServiceBase):
|
|
|
725
760
|
)
|
|
726
761
|
|
|
727
762
|
def list(
|
|
728
|
-
self, email:
|
|
763
|
+
self, email: str | None = None, id: str | None = None, *, username: str | None = None
|
|
729
764
|
) -> PangeaResponse[m.UserAuthenticatorsListResult]:
|
|
730
765
|
"""
|
|
731
766
|
Get user authenticators
|
|
@@ -735,8 +770,9 @@ class AuthN(ServiceBase):
|
|
|
735
770
|
OperationId: authn_post_v2_user_authenticators_list
|
|
736
771
|
|
|
737
772
|
Args:
|
|
738
|
-
email
|
|
739
|
-
id
|
|
773
|
+
email: An email address.
|
|
774
|
+
id: The identity of a user or a service.
|
|
775
|
+
username: A username.
|
|
740
776
|
|
|
741
777
|
Returns:
|
|
742
778
|
A PangeaResponse with a list of authenticators in the response.result field.
|
|
@@ -748,7 +784,7 @@ class AuthN(ServiceBase):
|
|
|
748
784
|
id="pui_xpkhwpnz2cmegsws737xbsqnmnuwtbm5",
|
|
749
785
|
)
|
|
750
786
|
"""
|
|
751
|
-
input = m.UserAuthenticatorsListRequest(email=email, id=id)
|
|
787
|
+
input = m.UserAuthenticatorsListRequest(email=email, id=id, username=username)
|
|
752
788
|
return self.request.post(
|
|
753
789
|
"v2/user/authenticators/list", m.UserAuthenticatorsListResult, data=input.dict(exclude_none=True)
|
|
754
790
|
)
|
|
@@ -765,7 +801,7 @@ class AuthN(ServiceBase):
|
|
|
765
801
|
super().__init__(token, config, logger_name=logger_name)
|
|
766
802
|
|
|
767
803
|
def get(
|
|
768
|
-
self, id:
|
|
804
|
+
self, id: str | None = None, email: str | None = None, *, username: str | None = None
|
|
769
805
|
) -> PangeaResponse[m.UserProfileGetResult]:
|
|
770
806
|
"""
|
|
771
807
|
Get user
|
|
@@ -775,8 +811,9 @@ class AuthN(ServiceBase):
|
|
|
775
811
|
OperationId: authn_post_v2_user_profile_get
|
|
776
812
|
|
|
777
813
|
Args:
|
|
778
|
-
id
|
|
779
|
-
email
|
|
814
|
+
id: The identity of a user or a service.
|
|
815
|
+
email: An email address.
|
|
816
|
+
username: A username.
|
|
780
817
|
|
|
781
818
|
Returns:
|
|
782
819
|
A PangeaResponse with a user and its information in the response.result field.
|
|
@@ -788,7 +825,7 @@ class AuthN(ServiceBase):
|
|
|
788
825
|
email="joe.user@email.com",
|
|
789
826
|
)
|
|
790
827
|
"""
|
|
791
|
-
input = m.UserProfileGetRequest(id=id, email=email)
|
|
828
|
+
input = m.UserProfileGetRequest(id=id, email=email, username=username)
|
|
792
829
|
return self.request.post(
|
|
793
830
|
"v2/user/profile/get", m.UserProfileGetResult, data=input.dict(exclude_none=True)
|
|
794
831
|
)
|
|
@@ -796,8 +833,10 @@ class AuthN(ServiceBase):
|
|
|
796
833
|
def update(
|
|
797
834
|
self,
|
|
798
835
|
profile: m.Profile,
|
|
799
|
-
id:
|
|
800
|
-
email:
|
|
836
|
+
id: str | None = None,
|
|
837
|
+
email: str | None = None,
|
|
838
|
+
*,
|
|
839
|
+
username: str | None = None,
|
|
801
840
|
) -> PangeaResponse[m.UserProfileUpdateResult]:
|
|
802
841
|
"""
|
|
803
842
|
Update user
|
|
@@ -807,9 +846,10 @@ class AuthN(ServiceBase):
|
|
|
807
846
|
OperationId: authn_post_v2_user_profile_update
|
|
808
847
|
|
|
809
848
|
Args:
|
|
810
|
-
profile
|
|
811
|
-
id
|
|
812
|
-
email
|
|
849
|
+
profile: Updates to a user profile.
|
|
850
|
+
id: The identity of a user or a service.
|
|
851
|
+
email: An email address.
|
|
852
|
+
username: A username.
|
|
813
853
|
|
|
814
854
|
Returns:
|
|
815
855
|
A PangeaResponse with a user and its information in the response.result field.
|
|
@@ -828,6 +868,7 @@ class AuthN(ServiceBase):
|
|
|
828
868
|
id=id,
|
|
829
869
|
email=email,
|
|
830
870
|
profile=profile,
|
|
871
|
+
username=username,
|
|
831
872
|
)
|
|
832
873
|
return self.request.post(
|
|
833
874
|
"v2/user/profile/update", m.UserProfileUpdateResult, data=input.dict(exclude_none=True)
|
pangea/services/authn/models.py
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
# Copyright 2022 Pangea Cyber Corporation
|
|
2
2
|
# Author: Pangea Cyber Corporation
|
|
3
|
+
from __future__ import annotations
|
|
3
4
|
|
|
4
5
|
import enum
|
|
5
6
|
from typing import Dict, List, NewType, Optional, Union
|
|
@@ -160,24 +161,52 @@ class Authenticator(APIResponseModel):
|
|
|
160
161
|
|
|
161
162
|
class User(PangeaResponseResult):
|
|
162
163
|
id: str
|
|
164
|
+
"""The identity of a user or a service."""
|
|
165
|
+
|
|
163
166
|
email: str
|
|
167
|
+
"""An email address."""
|
|
168
|
+
|
|
169
|
+
username: str
|
|
170
|
+
"""A username."""
|
|
171
|
+
|
|
164
172
|
profile: Profile
|
|
173
|
+
"""A user profile as a collection of string properties."""
|
|
174
|
+
|
|
165
175
|
verified: bool
|
|
176
|
+
"""True if the user's email has been verified."""
|
|
177
|
+
|
|
166
178
|
disabled: bool
|
|
179
|
+
"""True if the service administrator has disabled user account."""
|
|
180
|
+
|
|
167
181
|
accepted_eula_id: Optional[str] = None
|
|
182
|
+
"""An ID for an agreement."""
|
|
183
|
+
|
|
168
184
|
accepted_privacy_policy_id: Optional[str] = None
|
|
185
|
+
"""An ID for an agreement."""
|
|
186
|
+
|
|
169
187
|
last_login_at: Optional[str] = None
|
|
188
|
+
"""A time in ISO-8601 format."""
|
|
189
|
+
|
|
170
190
|
created_at: str
|
|
191
|
+
"""A time in ISO-8601 format."""
|
|
192
|
+
|
|
171
193
|
login_count: int = 0
|
|
172
194
|
last_login_ip: Optional[str] = None
|
|
173
195
|
last_login_city: Optional[str] = None
|
|
174
196
|
last_login_country: Optional[str] = None
|
|
175
197
|
authenticators: List[Authenticator] = []
|
|
198
|
+
"""A list of authenticators."""
|
|
176
199
|
|
|
177
200
|
|
|
178
201
|
class UserCreateRequest(APIRequestModel):
|
|
179
202
|
email: str
|
|
203
|
+
"""An email address."""
|
|
204
|
+
|
|
180
205
|
profile: Profile
|
|
206
|
+
"""A user profile as a collection of string properties."""
|
|
207
|
+
|
|
208
|
+
username: Optional[str] = None
|
|
209
|
+
"""A username."""
|
|
181
210
|
|
|
182
211
|
|
|
183
212
|
class UserCreateResult(User):
|
|
@@ -186,7 +215,13 @@ class UserCreateResult(User):
|
|
|
186
215
|
|
|
187
216
|
class UserDeleteRequest(APIRequestModel):
|
|
188
217
|
email: Optional[str] = None
|
|
218
|
+
"""An email address."""
|
|
219
|
+
|
|
189
220
|
id: Optional[str] = None
|
|
221
|
+
"""The identity of a user or a service."""
|
|
222
|
+
|
|
223
|
+
username: Optional[str] = None
|
|
224
|
+
"""A username."""
|
|
190
225
|
|
|
191
226
|
|
|
192
227
|
class UserDeleteResult(PangeaResponseResult):
|
|
@@ -343,7 +378,13 @@ class UserInviteDeleteResult(PangeaResponseResult):
|
|
|
343
378
|
|
|
344
379
|
class UserProfileGetRequest(APIRequestModel):
|
|
345
380
|
id: Optional[str] = None
|
|
381
|
+
"""The identity of a user or a service."""
|
|
382
|
+
|
|
346
383
|
email: Optional[str] = None
|
|
384
|
+
"""An email address."""
|
|
385
|
+
|
|
386
|
+
username: Optional[str] = None
|
|
387
|
+
"""A username."""
|
|
347
388
|
|
|
348
389
|
|
|
349
390
|
class UserProfileGetResult(User):
|
|
@@ -352,8 +393,16 @@ class UserProfileGetResult(User):
|
|
|
352
393
|
|
|
353
394
|
class UserProfileUpdateRequest(APIRequestModel):
|
|
354
395
|
profile: Profile
|
|
396
|
+
"""Updates to a user profile."""
|
|
397
|
+
|
|
355
398
|
id: Optional[str] = None
|
|
399
|
+
"""The identity of a user or a service."""
|
|
400
|
+
|
|
356
401
|
email: Optional[str] = None
|
|
402
|
+
"""An email address."""
|
|
403
|
+
|
|
404
|
+
username: Optional[str] = None
|
|
405
|
+
"""A username."""
|
|
357
406
|
|
|
358
407
|
|
|
359
408
|
class UserProfileUpdateResult(User):
|
|
@@ -362,9 +411,25 @@ class UserProfileUpdateResult(User):
|
|
|
362
411
|
|
|
363
412
|
class UserUpdateRequest(APIRequestModel):
|
|
364
413
|
id: Optional[str] = None
|
|
414
|
+
"""The identity of a user or a service."""
|
|
415
|
+
|
|
365
416
|
email: Optional[str] = None
|
|
417
|
+
"""An email address."""
|
|
418
|
+
|
|
366
419
|
disabled: Optional[bool] = None
|
|
420
|
+
"""
|
|
421
|
+
New disabled value. Disabling a user account will prevent them from logging
|
|
422
|
+
in.
|
|
423
|
+
"""
|
|
424
|
+
|
|
367
425
|
unlock: Optional[bool] = None
|
|
426
|
+
"""
|
|
427
|
+
Unlock a user account if it has been locked out due to failed authentication
|
|
428
|
+
attempts.
|
|
429
|
+
"""
|
|
430
|
+
|
|
431
|
+
username: Optional[str] = None
|
|
432
|
+
"""A username."""
|
|
368
433
|
|
|
369
434
|
|
|
370
435
|
class UserUpdateResult(User):
|
|
@@ -386,8 +451,16 @@ class ClientJWKSResult(PangeaResponseResult):
|
|
|
386
451
|
|
|
387
452
|
class UserAuthenticatorsDeleteRequest(APIRequestModel):
|
|
388
453
|
id: Optional[str] = None
|
|
454
|
+
"""The identity of a user or a service."""
|
|
455
|
+
|
|
389
456
|
email: Optional[str] = None
|
|
457
|
+
"""An email address."""
|
|
458
|
+
|
|
390
459
|
authenticator_id: str
|
|
460
|
+
"""An ID for an authenticator."""
|
|
461
|
+
|
|
462
|
+
username: Optional[str] = None
|
|
463
|
+
"""A username."""
|
|
391
464
|
|
|
392
465
|
|
|
393
466
|
class UserAuthenticatorsDeleteResult(PangeaResponseResult):
|
|
@@ -396,7 +469,13 @@ class UserAuthenticatorsDeleteResult(PangeaResponseResult):
|
|
|
396
469
|
|
|
397
470
|
class UserAuthenticatorsListRequest(APIRequestModel):
|
|
398
471
|
email: Optional[str] = None
|
|
472
|
+
"""An email address."""
|
|
473
|
+
|
|
399
474
|
id: Optional[str] = None
|
|
475
|
+
"""The identity of a user or a service."""
|
|
476
|
+
|
|
477
|
+
username: Optional[str] = None
|
|
478
|
+
"""A username."""
|
|
400
479
|
|
|
401
480
|
|
|
402
481
|
class UserAuthenticatorsListResult(PangeaResponseResult):
|