コード例 #1
0
 def signerFromConfig(self):
     self.signer = oci.Signer(
         tenancy=self.config["tenancy"],
         user=self.config["user"],
         fingerprint=self.config["fingerprint"],
         private_key_file_location=self.config.get("key_file"),
         pass_phrase=oci.config.get_config_value_or_default(
             self.config, "pass_phrase"))
コード例 #2
0
def __get_oci_auth_signer(auth, oci_config):
    instance_principal_auth = auth == 'instance_principal'
    session_token_auth = auth == 'security_token'
    delegation_token_auth = auth == 'instance_obo_user'
    signer = None

    if delegation_token_auth:
        delegation_token = None
        delegation_token_location = oci_config.get('delegation_token_file')
        if delegation_token_location is None:
            raise ValueError(
                'ERROR: Please specify the location of the delegation_token_file in the config.'
            )
        expanded_delegation_token_location = os.path.expanduser(
            delegation_token_location)
        if not os.path.exists(expanded_delegation_token_location):
            raise IOError("ERROR: delegation_token_file not found at " +
                          expanded_delegation_token_location)
        with open(expanded_delegation_token_location,
                  'r') as delegation_token_file:
            delegation_token = delegation_token_file.read().strip()
        if delegation_token is None:
            raise ValueError('ERROR: delegation_token was not provided.')
        signer = oci.auth.signers.InstancePrincipalsDelegationTokenSigner(
            delegation_token=delegation_token)
    elif instance_principal_auth:
        signer = oci.auth.signers.InstancePrincipalsSecurityTokenSigner()
    elif session_token_auth:
        security_token_location = oci_config.get('security_token_file')
        if not security_token_location:
            sys.exit(
                "ERROR: Config value for 'security_token_file' must be specified when using --auth security_token"
            )

        expanded_security_token_location = os.path.expanduser(
            security_token_location)
        if not os.path.exists(expanded_security_token_location):
            sys.exit(
                "ERROR: File specified by 'security_token_file' does not exist: {}"
                .format(expanded_security_token_location))

        with open(expanded_security_token_location,
                  'r') as security_token_file:
            token = security_token_file.read()

        try:
            private_key = oci.signer.load_private_key_from_file(
                oci_config.get('key_file'), oci_config.get('pass_phrase'))
        except exceptions.MissingPrivateKeyPassphrase:
            oci_config['pass_phrase'] = __prompt_for_passphrase()
            private_key = oci.signer.load_private_key_from_file(
                oci_config.get('key_file'), oci_config.get('pass_phrase'))
        signer = oci.auth.signers.SecurityTokenSigner(token, private_key)
    else:
        signer = oci.Signer(
            tenancy=oci_config.get('tenancy'),
            user=oci_config.get('user'),
            fingerprint=oci_config.get('fingerprint'),
            private_key_file_location=oci_config.get('key_file'),
            pass_phrase=oci_config.get('pass_phrase'))

    return signer