pypomes-iam 0.6.9__py3-none-any.whl → 0.7.2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. pypomes_iam/iam_actions.py +16 -8
  2. pypomes_iam/iam_services.py +7 -9
  3. {pypomes_iam-0.6.9.dist-info → pypomes_iam-0.7.2.dist-info}/METADATA +1 -1
  4. {pypomes_iam-0.6.9.dist-info → pypomes_iam-0.7.2.dist-info}/RECORD +6 -6
  5. {pypomes_iam-0.6.9.dist-info → pypomes_iam-0.7.2.dist-info}/WHEEL +0 -0
  6. {pypomes_iam-0.6.9.dist-info → pypomes_iam-0.7.2.dist-info}/licenses/LICENSE +0 -0
pypomes_iam/iam_actions.py CHANGED
@@ -277,7 +277,7 @@ def action_callback(iam_server: IamServer,
277
277
  def action_exchange(iam_server: IamServer,
278
278
  args: dict[str, Any],
279
279
  errors: list[str] = None,
280
- logger: Logger = None) -> dict[str, Any]:
280
+ logger: Logger = None) -> tuple[str, str]:
281
281
  """
282
282
  Request *iam_server* to issue a token in exchange for the token obtained from another *IAM* server.
283
283
 
@@ -298,17 +298,23 @@ def action_exchange(iam_server: IamServer,
298
298
  :param args: the arguments passed when requesting the service
299
299
  :param errors: incidental errors
300
300
  :param logger: optional logger
301
- :return: the data for the new token, or *None* if error
301
+ :return: a tuple containing the reference user identification and the token obtained, or *None* if error
302
302
  """
303
303
  # initialize the return variable
304
- result: dict[str, Any] | None = None
304
+ result: tuple[str, str] | None = None
305
305
 
306
306
  # obtain the user's identification
307
307
  user_id: str = args.get("user-id") or args.get("login")
308
308
 
309
309
  # obtain the token to be exchanged
310
310
  token: str = args.get("access-token") if user_id else None
311
- if token:
311
+ token_claims: dict[str, dict[str, Any]] = token_get_claims(token=token,
312
+ errors=errors,
313
+ logger=logger) if token else None
314
+ token_issuer: str = _iam_server_from_issuer(issuer=token_claims["payload"]["iss"],
315
+ errors=errors,
316
+ logger=logger) if token_claims else None
317
+ if not errors:
312
318
  # HAZARD: only 'IAM_KEYCLOAK' is currently supported
313
319
  with _iam_lock:
314
320
  # retrieve the IAM server's registry
@@ -324,6 +330,8 @@ def action_exchange(iam_server: IamServer,
324
330
  logger=logger)
325
331
  if not errors:
326
332
  # exchange the token
333
+ if logger:
334
+ logger.debug(msg=f"Requesting the token exchange to IAM server '{iam_server}'")
327
335
  header_data: dict[str, Any] = {
328
336
  "Content-Type": "application/x-www-form-urlencoded"
329
337
  }
@@ -333,7 +341,7 @@ def action_exchange(iam_server: IamServer,
333
341
  "subject_token_type": "urn:ietf:params:oauth:token-type:access_token",
334
342
  "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
335
343
  "audience": registry[IamParam.CLIENT_ID],
336
- "subject_issuer": "oidc"
344
+ "subject_issuer": token_issuer
337
345
  }
338
346
  now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
339
347
  token_data: dict[str, Any] = __post_for_token(iam_server=iam_server,
@@ -656,9 +664,9 @@ def __post_data(url: str,
656
664
  logger.debug(msg=f"POST {url}, {json.dumps(obj=body_data,
657
665
  ensure_ascii=False)}")
658
666
  try:
659
- response: requests.Response = requests.get(url=url,
660
- headers=header_data,
661
- data=body_data)
667
+ response: requests.Response = requests.post(url=url,
668
+ headers=header_data,
669
+ data=body_data)
662
670
  if response.status_code >= 400:
663
671
  # request failed, report the problem
664
672
  msg = f"POST failure, status {response.status_code}, reason {response.reason}"
pypomes_iam/iam_services.py CHANGED
@@ -338,13 +338,10 @@ def service_exchange() -> Response:
338
338
  If the exchange is successful, the token data is stored in the *IAM* server's registry, and returned.
339
339
  Otherwise, *errors* will contain the appropriate error message.
340
340
 
341
- On success, the typical *Response* returned will contain the following attributes:
341
+ On success, the returned *Response* will contain the following JSON:
342
342
  {
343
- "token_type": "Bearer",
344
- "access_token": <str>,
345
- "expires_in": <number-of-seconds>,
346
- "refresh_token": <str>,
347
- "refesh_expires_in": <number-of-seconds>
343
+ "user-id": <reference-user-identification>,
344
+ "access-token": <token>
348
345
  }
349
346
 
350
347
  :return: *Response* containing the token data, or *BAD REQUEST*
@@ -360,10 +357,10 @@ def service_exchange() -> Response:
360
357
  errors=errors,
361
358
  logger=__IAM_LOGGER)
362
359
  # exchange the token
363
- token_data: dict[str, Any] | None = None
360
+ token_info: tuple[str, str] | None = None
364
361
  if iam_server:
365
362
  errors: list[str] = []
366
- token_data = action_exchange(iam_server=iam_server,
363
+ token_info = action_exchange(iam_server=iam_server,
367
364
  args=request.args,
368
365
  errors=errors,
369
366
  logger=__IAM_LOGGER)
@@ -372,7 +369,8 @@ def service_exchange() -> Response:
372
369
  result = Response(response="; ".join(errors),
373
370
  status=400)
374
371
  else:
375
- result = jsonify(token_data)
372
+ result = jsonify({"user-id": token_info[0],
373
+ "access-token": token_info[1]})
376
374
 
377
375
  # log the response
378
376
  if __IAM_LOGGER:
{pypomes_iam-0.6.9.dist-info → pypomes_iam-0.7.2.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: pypomes_iam
3
- Version: 0.6.9
3
+ Version: 0.7.2
4
4
  Summary: A collection of Python pomes, penyeach (IAM modules)
5
5
  Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-IAM
6
6
  Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-IAM/issues
{pypomes_iam-0.6.9.dist-info → pypomes_iam-0.7.2.dist-info}/RECORD RENAMED
@@ -1,11 +1,11 @@
1
1
  pypomes_iam/__init__.py,sha256=_6tSFfjuU-5p6TAMqNLHSL6IQmaJMSYuEW-TG3ybhTI,1044
2
- pypomes_iam/iam_actions.py,sha256=0PC7Z7xsepxynmgjMvKZLjLdvC3s5kGk_dqCFrG4Qs8,42083
2
+ pypomes_iam/iam_actions.py,sha256=qUX8DdTBOUVfJpWtE7qg4rSBh6ZQNG_4VnMA7uebnV4,42781
3
3
  pypomes_iam/iam_common.py,sha256=ki_-m6fqJqUbGjgTD41r9zaE-FOXgA_c_tLisIYYTfU,15457
4
4
  pypomes_iam/iam_pomes.py,sha256=_kLnrZG25XhJsIv3wqDl_2sIJ2ho_2TIMKrPCyPmA7Q,7362
5
- pypomes_iam/iam_services.py,sha256=uUD333SaTbo8MGRyIp5GGil7HAupK73ym4_bKtGkPFg,15878
5
+ pypomes_iam/iam_services.py,sha256=AzrZux2Pt_FoCNcTcXfWphHb587vB3WIbKYG7RFf5zE,15821
6
6
  pypomes_iam/provider_pomes.py,sha256=3mMj5LQs53YEINUEOfFBAxOwOP3aOR_szlE4daEBLK0,10523
7
7
  pypomes_iam/token_pomes.py,sha256=K4nSAotKUoHIE2s3ltc_nVimlNeKS9tnD-IlslkAvkk,6626
8
- pypomes_iam-0.6.9.dist-info/METADATA,sha256=tPsAu2TWT9hb3vu-KHnYT77TYZytoCQfs78uxWLlLH8,661
9
- pypomes_iam-0.6.9.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
10
- pypomes_iam-0.6.9.dist-info/licenses/LICENSE,sha256=YvUELgV8qvXlaYsy9hXG5EW3Bmsrkw-OJmmILZnonAc,1086
11
- pypomes_iam-0.6.9.dist-info/RECORD,,
8
+ pypomes_iam-0.7.2.dist-info/METADATA,sha256=7amJ095DkifMRQeC7uX5C6rsU7jzgCA7Bnn3uu6N6q4,661
9
+ pypomes_iam-0.7.2.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
10
+ pypomes_iam-0.7.2.dist-info/licenses/LICENSE,sha256=YvUELgV8qvXlaYsy9hXG5EW3Bmsrkw-OJmmILZnonAc,1086
11
+ pypomes_iam-0.7.2.dist-info/RECORD,,