PyPI - pypomes-iam - Versions diffs - 0.2.3__py3-none-any.whl → 0.7.0__py3-none-any.whl - Mend

pypomes-iam 0.2.3py3-none-any.whl → 0.7.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pypomes-iam might be problematic. Click here for more details.

Files changed (15) hide show

pypomes_iam/__init__.py +20 -8
pypomes_iam/iam_actions.py +878 -0
pypomes_iam/iam_common.py +388 -0
pypomes_iam/iam_pomes.py +137 -157
pypomes_iam/iam_services.py +394 -0
pypomes_iam/provider_pomes.py +175 -72
pypomes_iam/token_pomes.py +63 -8
{pypomes_iam-0.2.3.dist-info → pypomes_iam-0.7.0.dist-info}/METADATA +1 -2
pypomes_iam-0.7.0.dist-info/RECORD +11 -0
pypomes_iam/common_pomes.py +0 -397
pypomes_iam/jusbr_pomes.py +0 -167
pypomes_iam/keycloak_pomes.py +0 -170
pypomes_iam-0.2.3.dist-info/RECORD +0 -11
{pypomes_iam-0.2.3.dist-info → pypomes_iam-0.7.0.dist-info}/WHEEL +0 -0
{pypomes_iam-0.2.3.dist-info → pypomes_iam-0.7.0.dist-info}/licenses/LICENSE +0 -0

pypomes_iam/jusbr_pomes.py DELETED Viewed

@@ -1,167 +0,0 @@
-from cachetools import Cache, FIFOCache
-from datetime import datetime
-from flask import Flask
-from logging import Logger
-from pypomes_core import (
-    APP_PREFIX, TZ_LOCAL, env_get_int, env_get_str
-)
-from typing import Any, Final
-from .common_pomes import _service_token
-JUSBR_CLIENT_ID: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CLIENT_ID")
-JUSBR_CLIENT_SECRET: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CLIENT_SECRET")
-JUSBR_CLIENT_TIMEOUT: Final[int] = env_get_int(key=f"{APP_PREFIX}_JUSBR_CLIENT_TIMEOUT")
-JUSBR_ENDPOINT_CALLBACK: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_ENDPOINT_CALLBACK",
-                                                  def_value="/iam/jusbr:callback")
-JUSBR_ENDPOINT_LOGIN: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_ENDPOINT_LOGIN",
-                                               def_value="/iam/jusbr:login")
-JUSBR_ENDPOINT_LOGOUT: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_ENDPOINT_LOGOUT",
-                                                def_value="/iam/jusbr:logout")
-JUSBR_ENDPOINT_TOKEN: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_ENDPOINT_TOKEN",
-                                               def_value="/iam/jusbr:get-token")
-JUSBR_PUBLIC_KEY_LIFETIME: Final[int] = env_get_int(key=f"{APP_PREFIX}_JUSBR_PUBLIC_KEY_LIFETIME",
-                                                    def_value=86400)  # 24 hours
-JUSBR_URL_AUTH_BASE: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_URL_AUTH_BASE")
-JUSBR_URL_AUTH_CALLBACK: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_URL_AUTH_CALLBACK")
-# registry structure:
-# {
-#    "client-id": <str>,
-#    "client-secret": <str>,
-#    "client-timeout": <int>,
-#    "public_key": <str>,
-#    "key-lifetime": <int>,
-#    "key-expiration": <int>,
-#    "base-url": <str>,
-#    "callback-url": <str>,
-#    "safe-cache": <FIFOCache>
-# }
-# data in "safe-cache":
-# {
-#    "users": {
-#       "<user-id>": {
-#         "access-token": <str>
-#         "refresh-token": <str>
-#         "access-expiration": <timestamp>,
-#         "login-expiration": <timestamp>,   <-- transient
-#         "login-id": <str>,                 <-- transient
-#       }
-#    }
-# }
-_jusbr_registry: dict[str, Any] | None = None
-# dafault logger
-_jusbr_logger: Logger | None = None
-def jusbr_setup(flask_app: Flask,
-                client_id: str = JUSBR_CLIENT_ID,
-                client_secret: str = JUSBR_CLIENT_SECRET,
-                client_timeout: int = JUSBR_CLIENT_TIMEOUT,
-                public_key_lifetime: int = JUSBR_PUBLIC_KEY_LIFETIME,
-                callback_endpoint: str = JUSBR_ENDPOINT_CALLBACK,
-                token_endpoint: str = JUSBR_ENDPOINT_TOKEN,
-                login_endpoint: str = JUSBR_ENDPOINT_LOGIN,
-                logout_endpoint: str = JUSBR_ENDPOINT_LOGOUT,
-                base_url: str = JUSBR_URL_AUTH_BASE,
-                callback_url: str = JUSBR_URL_AUTH_CALLBACK,
-                logger: Logger = None) -> None:
-    """
-    Configure the JusBR IAM.
-    This should be invoked only once, before the first access to a JusBR service.
-    :param flask_app: the Flask application
-    :param client_id: the client's identification with JusBR
-    :param client_secret: the client's password with JusBR
-    :param client_timeout: timeout for login authentication (in seconds,defaults to no timeout)
-    :param public_key_lifetime: how long to use JusBR's public key, before refreshing it (in seconds)
-    :param callback_endpoint: endpoint for the callback from JusBR
-    :param token_endpoint: endpoint for retrieving the JusBR authentication token
-    :param login_endpoint: endpoint for redirecting user to JusBR login page
-    :param logout_endpoint: endpoint for terminating user access to JusBR
-    :param base_url: base URL to request the JusBR services
-    :param callback_url: URL for JusBR to callback on login
-    :param logger: optional logger
-    """
-    from .iam_pomes import service_login, service_logout, service_callback, service_token
-    global _jusbr_logger, _jusbr_registry
-    # establish the logger
-    _logger = logger
-    # configure the JusBR registry
-    safe_cache: Cache = FIFOCache(maxsize=1048576)
-    safe_cache["users"] = {}
-    _jusbr_registry = {
-        "client-id": client_id,
-        "client-secret": client_secret,
-        "client-timeout": client_timeout,
-        "base-url": base_url,
-        "callback-url": callback_url,
-        "key-expiration": int(datetime.now(tz=TZ_LOCAL).timestamp()),
-        "key-lifetime": public_key_lifetime,
-        "safe-cache": safe_cache
-    }
-    # establish the endpoints
-    if login_endpoint:
-        flask_app.add_url_rule(rule=login_endpoint,
-                               endpoint="jusbr-login",
-                               view_func=service_login,
-                               methods=["GET"])
-    if logout_endpoint:
-        flask_app.add_url_rule(rule=logout_endpoint,
-                               endpoint="jusbr-logout",
-                               view_func=service_logout,
-                               methods=["GET"])
-    if callback_endpoint:
-        flask_app.add_url_rule(rule=callback_endpoint,
-                               endpoint="jusbr-callback",
-                               view_func=service_callback,
-                               methods=["GET", "POST"])
-    if token_endpoint:
-        flask_app.add_url_rule(rule=token_endpoint,
-                               endpoint="jusbr-token",
-                               view_func=service_token,
-                               methods=["GET"])
-def jusbr_get_token(user_id: str,
-                    errors: list[str] = None,
-                    logger: Logger = None) -> str:
-    """
-    Retrieve a JusBR authentication token for *user_id*.
-    :param user_id: the user's identification
-    :param errors: incidental errors
-    :param logger: optional logger
-    :return: the uthentication tokem
-    """
-    global _jusbr_registry
-    # retrieve the token
-    args: dict[str, Any] = {"user-id": user_id}
-    return _service_token(registry=_jusbr_registry,
-                          args=args,
-                          errors=errors,
-                          logger=logger)
-def _jusbr_get_logger() -> Logger:
-    """
-    Retrieve the logger for JusBR operations.
-    :return: the Keycloak logger
-    """
-    return _jusbr_logger
-def _jusbr_get_registry() -> dict[str, Any]:
-    """
-    Retrieve the registry holding user authentication data related to JusBR operations.
-    :return: the Keycloak registry
-    """
-    return _jusbr_registry

pypomes_iam/keycloak_pomes.py DELETED Viewed

@@ -1,170 +0,0 @@
-from cachetools import Cache, FIFOCache
-from datetime import datetime
-from flask import Flask
-from logging import Logger
-from pypomes_core import (
-    APP_PREFIX, TZ_LOCAL, env_get_int, env_get_str
-)
-from typing import Any, Final
-from .common_pomes import _service_token
-KEYCLOAK_CLIENT_ID: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_CLIENT_ID")
-KEYCLOAK_CLIENT_SECRET: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_CLIENT_SECRET")
-KEYCLOAK_CLIENT_TIMEOUT: Final[int] = env_get_int(key=f"{APP_PREFIX}_KEYCLOAK_CLIENT_TIMEOUT")
-KEYCLOAK_ENDPOINT_CALLBACK: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_ENDPOINT_CALLBACK",
-                                                     def_value="/iam/keycloak:callback")
-KEYCLOAK_ENDPOINT_LOGIN: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_ENDPOINT_LOGIN",
-                                                  def_value="/iam/keycloak:login")
-KEYCLOAK_ENDPOINT_LOGOUT: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_ENDPOINT_LOGOUT",
-                                                   def_value="/iam/keycloak:logout")
-KEYCLOAK_ENDPOINT_TOKEN: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_ENDPOINT_TOKEN",
-                                                  def_value="/iam/keycloak:get-token")
-KEYCLOAK_PUBLIC_KEY_LIFETIME: Final[int] = env_get_int(key=f"{APP_PREFIX}_KEYCLOAK_PUBLIC_KEY_LIFETIME",
-                                                       def_value=86400)  # 24 hours
-KEYCLOAK_REALM: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_REALM")
-KEYCLOAK_URL_AUTH_BASE: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_URL_AUTH_BASE")
-KEYCLOAK_URL_AUTH_CALLBACK: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_URL_AUTH_CALLBACK")
-# registry structure:
-# {
-#    "client-id": <str>,
-#    "client-secret": <str>,
-#    "client-timeout": <int>,
-#    "public_key": <str>,
-#    "key-lifetime": <int>,
-#    "key-expiration": <int>,
-#    "base-url": <str>,
-#    "callback-url": <str>,
-#    "safe-cache": <FIFOCache>
-# }
-# data in "safe-cache":
-# {
-#    "users": {
-#       "<user-id>": {
-#         "access-token": <str>
-#         "refresh-token": <str>
-#         "access-expiration": <timestamp>,
-#         "login-expiration": <timestamp>,   <-- transient
-#         "login-id": <str>,                 <-- transient
-#       }
-#    }
-# }
-_keycloak_registry: dict[str, Any] = {}
-# dafault logger
-_keycloak_logger: Logger | None = None
-def keycloak_setup(flask_app: Flask,
-                   client_id: str = KEYCLOAK_CLIENT_ID,
-                   client_secret: str = KEYCLOAK_CLIENT_SECRET,
-                   client_timeout: int = KEYCLOAK_CLIENT_TIMEOUT,
-                   public_key_lifetime: int = KEYCLOAK_PUBLIC_KEY_LIFETIME,
-                   realm: str = KEYCLOAK_REALM,
-                   callback_endpoint: str = KEYCLOAK_ENDPOINT_CALLBACK,
-                   token_endpoint: str = KEYCLOAK_ENDPOINT_TOKEN,
-                   login_endpoint: str = KEYCLOAK_ENDPOINT_LOGIN,
-                   logout_endpoint: str = KEYCLOAK_ENDPOINT_LOGOUT,
-                   base_url: str = KEYCLOAK_URL_AUTH_BASE,
-                   callback_url: str = KEYCLOAK_URL_AUTH_CALLBACK,
-                   logger: Logger = None) -> None:
-    """
-    Configure the Keycloak IAM.
-    This should be invoked only once, before the first access to a Keycloak service.
-    :param flask_app: the Flask application
-    :param client_id: the client's identification with JusBR
-    :param client_secret: the client's password with JusBR
-    :param client_timeout: timeout for login authentication (in seconds,defaults to no timeout)
-    :param public_key_lifetime: how long to use Keycloak's public key, before refreshing it (in seconds)
-    :param realm: the Keycloak realm
-    :param callback_endpoint: endpoint for the callback from JusBR
-    :param token_endpoint: endpoint for retrieving the JusBR authentication token
-    :param login_endpoint: endpoint for redirecting user to JusBR login page
-    :param logout_endpoint: endpoint for terminating user access to JusBR
-    :param base_url: base URL to request the JusBR services
-    :param callback_url: URL for Keycloak to callback on login
-    :param logger: optional logger
-    """
-    from .iam_pomes import service_login, service_logout, service_callback, service_token
-    global _keycloak_logger, _keycloak_registry
-    # establish the logger
-    _keycloak_logger = logger
-    # configure the JusBR registry
-    safe_cache: Cache = FIFOCache(maxsize=1048576)
-    safe_cache["users"] = {}
-    _keycloak_registry = {
-        "client-id": client_id,
-        "client-secret": client_secret,
-        "client-timeout": client_timeout,
-        "base-url": f"{base_url}/realms/{realm}",
-        "callback-url": callback_url,
-        "key-expiration": int(datetime.now(tz=TZ_LOCAL).timestamp()),
-        "key-lifetime": public_key_lifetime,
-        "safe-cache": safe_cache
-    }
-    # establish the endpoints
-    if token_endpoint:
-        flask_app.add_url_rule(rule=token_endpoint,
-                               endpoint="keycloak-token",
-                               view_func=service_token,
-                               methods=["GET"])
-    if login_endpoint:
-        flask_app.add_url_rule(rule=login_endpoint,
-                               endpoint="keycloak-login",
-                               view_func=service_login,
-                               methods=["GET"])
-    if logout_endpoint:
-        flask_app.add_url_rule(rule=logout_endpoint,
-                               endpoint="keycloak-logout",
-                               view_func=service_logout,
-                               methods=["GET"])
-    if callback_endpoint:
-        flask_app.add_url_rule(rule=callback_endpoint,
-                               endpoint="keycloak-callback",
-                               view_func=service_callback,
-                               methods=["POST"])
-def keycloak_get_token(user_id: str,
-                       errors: list[str] = None,
-                       logger: Logger = None) -> str:
-    """
-    Retrieve a Keycloak authentication token for *user_id*.
-    :param user_id: the user's identification
-    :param errors: incidental errors
-    :param logger: optional logger
-    :return: the uthentication tokem
-    """
-    global _keycloak_registry
-    # retrieve the token
-    args: dict[str, Any] = {"user-id": user_id}
-    return _service_token(registry=_keycloak_registry,
-                          args=args,
-                          errors=errors,
-                          logger=logger)
-def _keycloak_get_logger() -> Logger:
-    """
-    Retrieve the logger for Keycloak operations.
-    :return: the Keycloak logger
-    """
-    return _keycloak_logger
-def _keycloak_get_registry() -> dict[str, Any]:
-    """
-    Retrieve the registry holding user authentication data related to Keycloak operations.
-    :return: the Keycloak registry
-    """
-    return _keycloak_registry

pypomes_iam-0.2.3.dist-info/RECORD DELETED Viewed

@@ -1,11 +0,0 @@
-pypomes_iam/__init__.py,sha256=u-gNGbsayMf-2SWTB8VcoTCADoczZuwNEH50BPxTZZ8,682
-pypomes_iam/common_pomes.py,sha256=08G8-Rcpuld4JxciEEhzORMt575kErHGEVk8_QC1uC4,15710
-pypomes_iam/iam_pomes.py,sha256=-2XppbAAuY58jYKd4ZN2MMjQd7wh6n9I8cofgAt0_9s,5639
-pypomes_iam/jusbr_pomes.py,sha256=FFTzhpxB4Y7T_JKYC1xvYIcb-ca-Frtl-7LK7dDkIXQ,6723
-pypomes_iam/keycloak_pomes.py,sha256=_hR1nZhk-ejZpYrwijIcEm_GyfrtQkWtNdqJI7hcZuY,7129
-pypomes_iam/provider_pomes.py,sha256=eP8XzjTUEpwejTkO0wmDiqKjqbIEOzRNCR2ju5E15og,5856
-pypomes_iam/token_pomes.py,sha256=McjKB8omCjuicenwvDVPiWYu3-7gQeLg1AzgAVKK32M,4309
-pypomes_iam-0.2.3.dist-info/METADATA,sha256=IzheEi4k7zb4WSewyRmLbQvJ83kKZq1OfqL7TlVEp3s,694
-pypomes_iam-0.2.3.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-pypomes_iam-0.2.3.dist-info/licenses/LICENSE,sha256=YvUELgV8qvXlaYsy9hXG5EW3Bmsrkw-OJmmILZnonAc,1086
-pypomes_iam-0.2.3.dist-info/RECORD,,

{pypomes_iam-0.2.3.dist-info → pypomes_iam-0.7.0.dist-info}/WHEEL RENAMED Viewed

File without changes

{pypomes_iam-0.2.3.dist-info → pypomes_iam-0.7.0.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

pypomes-iam 0.2.3__py3-none-any.whl → 0.7.0__py3-none-any.whl

Potentially problematic release.

pypomes-iam 0.2.3py3-none-any.whl → 0.7.0py3-none-any.whl