Esempio n. 1
0
    def prepare_to_run_command(self, cmd):
        if isinstance(cmd, help.HelpCommand):
            return

        if not self.options.orchestrator_url:
            self.parser.error("No URL for the orchestrator has been suplied "
                              "use --url or set the ORCHESTRATOR_URL "
                              "environment variable.")

        if not cmd.auth_required:
            return

        if (not all([
                self.options.oidc_agent_sock, self.options.oidc_agent_account
        ])) and not self.token:

            self.parser.error("No oidc-agent has been set up or no access "
                              "token has been provided, please set the "
                              "ORCHESTRATOR_TOKEN environment variable or "
                              "set up an oidc-agent "
                              "(see '%s help' for more details on how "
                              "to set up authentication)" % self.parser.prog)

        self.token = utils.env("ORCHESTRATOR_TOKEN")

        if self.options.oidc_agent_sock and self.options.oidc_agent_account:
            self.oidc_agent = oidc.OpenIDConnectAgent(
                self.options.oidc_agent_account,
                socket_path=self.options.oidc_agent_sock)

        if self.client is None:
            self.client = client.OrpyClient(self.options.orchestrator_url,
                                            oidc_agent=self.oidc_agent,
                                            token=self.token,
                                            debug=self.options.debug)
Esempio n. 2
0
File: oidc.py Progetto: IFCA/orpy
    def __init__(self, account, socket_path=None, validity=60):
        """Initialize OpenID Connect Agent connection.

        :param str account: Account name to use
        :param str socket_path: Path to the oidc-agent UNIX socket
        :param int validity: Minimum validity (minutes) for the token
        """
        self.account = account
        self.validity = validity

        if socket_path is None:
            socket_path = utils.env("OIDC_SOCK")

        self.socket_path = socket_path
Esempio n. 3
0
File: shell.py Progetto: IFCA/orpy
    def initialize_app(self, argv):
        for cmd in self.commands:
            self.command_manager.add_command(cmd.__name__.lower(), cmd)
        self.token = utils.env("ORCHESTRATOR_TOKEN")

        if self.options.oidc_agent_sock and self.options.oidc_agent_account:
            self.oidc_agent = oidc.OpenIDConnectAgent(
                self.options.oidc_agent_account,
                socket_path=self.options.oidc_agent_sock)

        if self.client is None:
            self.client = client.OrpyClient(self.options.orchestrator_url,
                                            oidc_agent=self.oidc_agent,
                                            token=self.token,
                                            debug=self.options.debug)
Esempio n. 4
0
File: shell.py Progetto: IFCA/orpy
    def build_option_parser(self, description, version):
        auth_help = """Authentication:

    In order to interact with the INDIGO PaaS Orchestrator we need to use an
    OpenID Connect access token from a trusted OpenID Connect provider at the
    orchestrator.

    Please either store your access token in 'ORCHESTRATOR_TOKEN' or set the
    account to use with oidc-agent in the 'OIDC_ACCOUNT' and the socket path
    of the oidc-agent in the 'OIDC_SOCK' environment variable:

        export ORCHESTRATOR_TOKEN=<your access token>
            OR
        export OIDC_SOCK=<path to the oidc-agent socket>
        export OIDC_ACCOUNT=<account to use>

    Usually, the OIDC_SOCK environmental variable is already exported if you
    are using oidc-agent.

    As an alternative, you can pass the socket path and the account through
    the command line with the --oidc-agent-sock and --oidc-agent-account
    parameters.

"""
        parser = super(OrpyApp, self).build_option_parser(
            self.__doc__,
            version,
            argparse_kwargs={
                "formatter_class": argparse.RawDescriptionHelpFormatter,
                "epilog": auth_help,
            })

        parser.add_argument(
            '--oidc-agent-sock',
            metavar='<oidc-agent-socket>',
            dest='oidc_agent_sock',
            default=utils.env('OIDC_SOCK'),
            help='The path for the oidc-agent socket to use to get and renew '
            'access tokens from the OpenID Connect provider. This '
            'defaults to the OIDC_SOCK environment variable, that should '
            'be automatically set up if you are using oidc-agent. '
            'In order to use the oidc-agent you must also pass the '
            '--oidc-agent-account parameter, or set the OIDC_ACCOUNT '
            'environment variable.')
        parser.add_argument(
            '--oidc-agent-account',
            metavar='<oidc-agent-account>',
            dest='oidc_agent_account',
            default=utils.env('OIDC_ACCOUNT'),
            help='The oidc-agent account that we will use to get tokens from. '
            'In order to use the oidc-agent you must pass thos parameter '
            'or set the OIDC_ACCOUNT environment variable.')
        parser.add_argument(
            '--url',
            metavar='<orchestrator-url>',
            dest='orchestrator_url',
            default=utils.env('ORCHESTRATOR_URL'),
            help='The base url of the orchestrator rest interface. '
            'Alternative the environment variable ORCHESTRATOR_URL '
            'can be used.')

        return parser