def test_download_service_dev_specs(): t = Tapis(base_url=BASE_URL, username=USERNAME, password=PASSWORD, resource_set="dev") t.get_tokens() return t
def client(): base_url = getattr(conf, 'base_url', 'https://dev.develop.tapis.io') username = getattr(conf, 'username', 'pysdk') account_type = getattr(conf, 'account_type', 'service') tenant_id = getattr(conf, 'tenant_id', 'master') service_password = getattr(conf, 'service_password', None) t = Tapis(base_url=base_url, username=username, account_type=account_type, tenant_id=tenant_id, service_password=service_password) t.get_tokens() return t
def get_tenants(self): """ Retrieve the set of tenants and associated data that this service instance is serving requests for. :return: """ logger.debug("top of get_tenants()") # if this is the first time we are calling get_tenants, set the service_running_at_primary_site attribute. if not hasattr(self, "service_running_at_primary_site"): self.service_running_at_primary_site = False # the tenants service is a special case, as it must be a) configured to serve all tenants and b) actually # maintains the list of tenants in its own DB. in this case, we call a special method to use the tenants service # code that makes direct db access to get necessary data. if conf.service_name == 'tenants': self.service_running_at_primary_site = True return self.get_tenants_for_tenants_api() else: logger.debug( "this is not the tenants service; calling tenants API to get sites and tenants..." ) # if this case, this is not the tenants service, so we will try to get # the list of tenants by making API calls to the tenants service. # NOTE: we intentionally create a new Tapis client with *no authentication* so that we can call the Tenants # API even _before_ the SK is started up. If we pass a JWT, the Tenants will try to validate it as part of # handling our request, and this validation will fail if SK is not available. t = Tapis( base_url=conf.primary_site_admin_tenant_base_url, resource_set='local') # TODO -- remove resource_set='local' try: tenants = t.tenants.list_tenants() sites = t.tenants.list_sites() except Exception as e: msg = f"Got an exception trying to get the list of sites and tenants. Exception: {e}" logger.error(msg) raise errors.BaseTapisError( "Unable to retrieve sites and tenants from the Tenants API." ) for t in tenants: self.extend_tenant(t) for s in sites: if hasattr(s, "primary") and s.primary: self.primary_site = s if s.site_id == conf.service_site_id: logger.debug( f"this service is running at the primary site: {s.site_id}" ) self.service_running_at_primary_site = True if s.site_id == t.site_id: t.site = s return tenants
def get_service_tapis_client( tenant_id=None, base_url=None, jwt=None, resource_set='tapipy', #todo -- change back to resource_set='tapipy' custom_spec_dict=None, download_latest_specs=False, tenants=None): """ Returns a Tapis client for the service using the service's configuration. If tenant_id is not passed, uses the first tenant in the service's tenants configuration. :param tenant_id: (str) The tenant_id associated with the tenant to configure the client with. :param base_url: (str) The base URL for the tenant to configure the client with. :return: (tapipy.tapis.Tapis) A Tapipy client object. """ # if there is no base_url the primary_site_admin_tenant_base_url configured for the service: if not base_url: base_url = conf.primary_site_admin_tenant_base_url if not tenant_id: tenant_id = conf.service_tenant_id if not tenants: # the following would work to reference this module's tenants object, but we'll choose to raise # an error instead; it could be that # tenants = sys.modules[__name__].tenants raise errors.BaseTapisError( "As a Tapis service, passing in the appropriate tenants manager object" "is required.") t = Tapis(base_url=base_url, tenant_id=tenant_id, username=conf.service_name, account_type='service', service_password=conf.service_password, jwt=jwt, resource_set=resource_set, custom_spec_dict=custom_spec_dict, download_latest_specs=download_latest_specs, tenants=tenants, is_tapis_service=True) if not jwt: t.get_tokens() return t
def get_service_tapis_client(tenant_id=None, base_url=None, jwt=None): """ Returns a Tapis client for the service using the service's configuration. If tenant_id is not passed, uses the first tenant in the service's tenants configuration. :param tenant_id: (str) The tenant_id associated with the tenant to configure the client with. :param base_url: (str) The base URL for the tenant to configure the client with. :return: (tapipy.tapis.Tapis) A Tapipy client object. """ # if there is no tenant_id, use the service_tenant_id and service_tenant_base_url configured for the service: if not tenant_id: tenant_id = conf.service_tenant_id if not base_url: base_url = conf.service_tenant_base_url t = Tapis(base_url=base_url, tenant_id=tenant_id, username=conf.service_name, account_type='service', service_password=conf.service_password, jwt=jwt) if not jwt: t.get_tokens() return t
def test_refresh_tokens(client): auth_clients = client.authenticator.list_clients() if auth_clients: testing_client = auth_clients[0] if not auth_clients: testing_client = client.authenticator.create_client() k = Tapis(base_url=BASE_URL, username=USERNAME, password=PASSWORD, client_id=testing_client.client_id, client_key=testing_client.client_key) # k should not have access or refresh until we run k.get_tokens() assert hasattr(k, 'access_token') access_token = k.access_token assert not hasattr(access_token, 'access_token') assert not hasattr(access_token, 'expires_at') assert not hasattr(access_token, 'expires_in') assert hasattr(k, 'refresh_token') refresh_token = k.refresh_token assert not hasattr(refresh_token, 'refresh_token') assert not hasattr(refresh_token, 'expires_at') assert not hasattr(refresh_token, 'expires_in') # We now run get_tokens(). k should now have access and refresh tokens. k.get_tokens() assert hasattr(k, 'access_token') access_token = k.access_token assert hasattr(access_token, 'access_token') assert hasattr(access_token, 'expires_at') assert hasattr(access_token, 'expires_in') assert hasattr(k, 'refresh_token') refresh_token = k.refresh_token assert hasattr(refresh_token, 'refresh_token') assert hasattr(refresh_token, 'expires_at') assert hasattr(refresh_token, 'expires_in') # Now we should be able to run refresh_tokens() with no problems and # still have access and refresh tokens after the fact. k.refresh_tokens() assert hasattr(k, 'access_token') access_token = k.access_token assert hasattr(access_token, 'access_token') assert hasattr(access_token, 'expires_at') assert hasattr(access_token, 'expires_in') assert hasattr(k, 'refresh_token') refresh_token = k.refresh_token assert hasattr(refresh_token, 'refresh_token') assert hasattr(refresh_token, 'expires_at') assert hasattr(refresh_token, 'expires_in')
def test_init_with_only_client_and_refresh_token(client): auth_clients = client.authenticator.list_clients() if auth_clients: testing_client = auth_clients[0] if not auth_clients: testing_client = client.authenticator.create_client() # Need to first get refresh_tokens(using another Tapis client in this case) t2 = Tapis(base_url=BASE_URL, username=USERNAME, password=PASSWORD, client_id=testing_client.client_id, client_key=testing_client.client_key) t2.get_tokens() # Now only use client + refresh_token k = Tapis(base_url=BASE_URL, client_id=testing_client.client_id, client_key=testing_client.client_key, refresh_token=t2.refresh_token) # Test that everything works. k.get_tokens() assert hasattr(k, 'access_token') access_token = k.access_token assert hasattr(access_token, 'access_token') assert hasattr(access_token, 'expires_at') assert hasattr(access_token, 'expires_in') assert hasattr(k, 'refresh_token') refresh_token = k.refresh_token assert hasattr(refresh_token, 'refresh_token') assert hasattr(refresh_token, 'expires_at') assert hasattr(refresh_token, 'expires_in')
def get_tenants(self): """ Retrieve the set of tenants and associated data that this service instance is serving requests for. :return: """ logger.debug("top of get_tenants()") # these are the tenant_id strings configured for the service - tenants_strings = conf.tenants result = [] # in dev mode, services can be configured to not use the security kernel, in which case we must get # configuration for a "dev" tenant directly from the service configs: if not conf.use_tenants: logger.debug("use_tenants was False") for tenant in tenants_strings: t = { 'tenant_id': tenant, 'iss': conf.dev_iss, 'public_key': conf.dev_jwt_public_key, 'token_service': conf.dev_token_service, 'base_url': conf.dev_base_url, 'authenticator': conf.dev_authenticator, 'security_kernel': conf.dev_security_kernel, 'is_owned_by_associate_site': conf.dev_is_owned_by_associate_site, 'allowable_x_tenant_ids': conf.dev_allowable_x_tenant_ids, } self.extend_tenant(t) result.append(t) return result # the tenants service is a special case, as it must be a) configured to serve all tenants and b) actually maintains # the list of tenants in its own DB. in this case, we return the empty list since the tenants service will use direct # db access to get necessary data. elif conf.service_name == 'tenants' and tenants_strings[0] == '*': logger.debug( "this is the tenants service, pulling tenants from db...") # NOTE: only in the case of the tenants service will we be able to import this function; so this import needs to # stay guarded by the above IF statement. from service.models import get_tenants as tenants_api_get_tenants # in the case where the tenants api migrations are running, this call will fail with a sqlalchemy.exc.ProgrammingError # because the tenants table will not exist yet. logger.info("calling the tenants api's get_tenants() function...") try: result = tenants_api_get_tenants() logger.info(f"Got {result} from the tenants API") return result except Exception as e: logger.info( "WARNING - got an exception trying to compute the tenants.. this better be the tenants migration container." ) return result else: logger.debug( "this is not the tenants service; calling tenants API to get tenants..." ) # if we are here, this is not the tenants service and it is configured to use the tenants API, so we will try to get # the list of tenants directly from the tenants service. # NOTE: we intentionally create a new Tapis client with *no authentication* so that we can call the Tenants # API even _before_ the SK is started up. If we pass a JWT, Tenants will try to t = Tapis(base_url=conf.service_tenant_base_url) try: tenant_list = t.tenants.list_tenants() except Exception as e: msg = f"Got an exception trying to get the list of tenants. Exception: {e}" print(msg) logger.error(msg) raise errors.BaseTapisError( "Unable to retrieve tenants from the Tenants API.") if not type(tenant_list) == list: logger.error( f"Did not get a list object from list_tenants(); got: {tenant_list}" ) for tn in tenant_list: t = { 'tenant_id': tn.tenant_id, 'iss': tn.token_service, 'public_key': tn.public_key, 'token_service': tn.token_service, 'base_url': tn.base_url, 'authenticator': tn.authenticator, 'security_kernel': tn.security_kernel, 'is_owned_by_associate_site': tn.is_owned_by_associate_site, 'allowable_x_tenant_ids': tn.allowable_x_tenant_ids, } self.extend_tenant(t) logger.debug(f"adding tenant: {t}") result.append(t) return result
def create_streams_service_token(): t = Tapis(base_url=os.environ['TAPIS_BASEURL'], username=os.environ['STREAMS_USER'], account_type='service', service_password=os.environ['STREAMS_SERVICE_PASSWORD'], tenant_id='master') t.get_tokens()
def create_meta_service_token(): t = Tapis(base_url=os.environ['TAPIS_BASEURL'], username='******', account_type='service', service_password=os.environ['META_SERVICE_PASSWORD'], tenant_id='master') t.get_tokens()
import pandas as pd from agavepy.actors import get_context, get_client, send_bytes_result from tapipy.tapis import Tapis # defaults for the username, password, and base_url ---- username = os.environ.get('username', 'testuser2') password = os.environ.get('password', 'testuser2') base_url = os.environ.get('base_url', 'https://dev.tapis.io') # location to write output file - out = '/home/tapis/output.png' # create Tapis client and get tokens -- try: t = Tapis(base_url=base_url, username=username, password=password) t.get_tokens() except Exception as e: print(f"got exception trying to generate tapis client; e: {e}") raise e def get_datetime_range(time): """ Generate start and end datetime from the time of the alert. """ print(f"top of get_datetime_range; time: {time}") try: end_datetime = dateutil.parser.isoparse(time) except Exception as e: print(
def client(): t = Tapis(base_url=BASE_URL, username=USERNAME, password=PASSWORD) t.get_tokens() return t