Exemplo n.º 1
0
    def __init__(self, user_name=None, password=None):
        self._endpoint = None
        self._url = None
        self._auth_string = None
        self._auto_renew = True
        self._disable_ssl_hook = False
        self._is_closed = False
        # The base path for security related services.
        self._base_path = HttpConstants.KV_SECURITY_PATH
        # The login token expiration time.
        self._expiration_time = 0
        self._logger = None
        self._logutils = LogUtils(self._logger)
        self._sess = Session()
        self._request_utils = borneo.http.RequestUtils(self._sess,
                                                       self._logutils)
        self._lock = Lock()
        self._timer = None
        self.lock = Lock()

        if user_name is None and password is None:
            # Used to access to a store without security enabled.
            self._is_secure = False
        else:
            if user_name is None or password is None:
                raise IllegalArgumentException('Invalid input arguments.')
            CheckValue.check_str(user_name, 'user_name')
            CheckValue.check_str(password, 'password')
            self._is_secure = True
            self._user_name = user_name
            self._password = password
Exemplo n.º 2
0
    def set_properties_file(self, file_path):
        """
        Sets the properties file to use to a non-default path.

        :param file_path: a path to the file to use.
        :returns: self.
        """
        CheckValue.check_str(file_path, 'file_path')
        if not path.exists(file_path):
            raise IllegalArgumentException('Path: \'' + file_path +
                                           '\' not found.')
        self.__properties_file = file_path
        return self
Exemplo n.º 3
0
    def set_endpoint(self, endpoint):
        """
        Sets the endpoint of the on-prem proxy.

        :param endpoint: the endpoint.
        :type endpoint: str
        :returns: self.
        :raises IllegalArgumentException: raises the exception if endpoint is
            not a string.
        """
        CheckValue.check_str(endpoint, 'endpoint')
        self._endpoint = endpoint
        self._url = NoSQLHandleConfig.create_url(endpoint, '')
        if self._is_secure and self._url.scheme.lower() != 'https':
            raise IllegalArgumentException(
                'StoreAccessTokenProvider requires use of https.')
        return self
Exemplo n.º 4
0
 def __init__(
         self,
         idcs_props_file=_DEFAULT_PROPS_FILE,
         idcs_url=None,
         entitlement_id=None,
         creds_provider=None,
         timeout_ms=Utils.DEFAULT_TIMEOUT_MS,
         cache_duration_seconds=AccessTokenProvider.MAX_ENTRY_LIFE_TIME,
         refresh_ahead=AccessTokenProvider.DEFAULT_REFRESH_AHEAD):
     # Constructs a default access token provider.
     if idcs_url is None:
         CheckValue.check_str(idcs_props_file, 'idcs_props_file')
         super(DefaultAccessTokenProvider, self).__init__(
             DefaultAccessTokenProvider.MAX_ENTRY_LIFE_TIME,
             DefaultAccessTokenProvider.DEFAULT_REFRESH_AHEAD)
         self.__idcs_url = self.__get_idcs_url(idcs_props_file)
         entitlement = self.__get_entitlement_id(idcs_props_file)
         self.__creds_provider = (
             PropertiesCredentialsProvider().set_properties_file(
                 self.__get_credential_file(idcs_props_file)))
         self.__timeout_ms = Utils.DEFAULT_TIMEOUT_MS
     else:
         CheckValue.check_str(idcs_url, 'idcs_url')
         self.__is_credentials_provider(creds_provider)
         CheckValue.check_int_gt_zero(timeout_ms, 'timeout_ms')
         CheckValue.check_int_gt_zero(cache_duration_seconds,
                                      'cache_duration_seconds')
         CheckValue.check_int_gt_zero(refresh_ahead, 'refresh_ahead')
         super(DefaultAccessTokenProvider,
               self).__init__(cache_duration_seconds, refresh_ahead)
         self.__idcs_url = idcs_url
         entitlement = entitlement_id
         self.__creds_provider = (PropertiesCredentialsProvider()
                                  if creds_provider is None else
                                  creds_provider)
         self.__timeout_ms = timeout_ms
     url = urlparse(self.__idcs_url)
     self.__host = url.hostname
     self.__andc_fqs = None
     if entitlement is not None:
         CheckValue.check_str(entitlement, 'entitlement_id')
         self.__andc_fqs = (AccessTokenProvider.ANDC_AUD_PREFIX +
                            entitlement + AccessTokenProvider.SCOPE)
     self.__psm_fqs = None
     self.__logger = None
     self.__logutils = LogUtils()
     self.__sess = Session()
     self.__request_utils = RequestUtils(self.__sess, self.__logutils)
Exemplo n.º 5
0
 def __init__(self, alias, secret):
     # Construct a new instance
     CheckValue.check_str(alias, 'alias')
     CheckValue.check_str(secret, 'secret')
     self.__alias = alias
     self.__secret = secret
Exemplo n.º 6
0
    def __init__(self,
                 provider=None,
                 config_file=None,
                 profile_name=None,
                 tenant_id=None,
                 user_id=None,
                 fingerprint=None,
                 private_key=None,
                 pass_phrase=None,
                 region=None,
                 duration_seconds=MAX_ENTRY_LIFE_TIME,
                 refresh_ahead=DEFAULT_REFRESH_AHEAD):
        """
        The SignatureProvider that generates and caches request signature.
        """
        #
        # This class depends on the oci package
        #
        if oci is None:
            raise ImportError('Package "oci" is required; please install.')

        CheckValue.check_int_gt_zero(duration_seconds, 'duration_seconds')
        CheckValue.check_int_gt_zero(refresh_ahead, 'refresh_ahead')
        if duration_seconds > SignatureProvider.MAX_ENTRY_LIFE_TIME:
            raise IllegalArgumentException(
                'Access token cannot be cached longer than ' +
                str(SignatureProvider.MAX_ENTRY_LIFE_TIME) + ' seconds.')

        self._region = None
        if provider is not None:
            if not isinstance(
                    provider,
                (oci.signer.Signer, oci.auth.signers.SecurityTokenSigner)):
                raise IllegalArgumentException(
                    'provider should be an instance of oci.signer.Signer or ' +
                    'oci.auth.signers.SecurityTokenSigner.')
            self._provider = provider
            try:
                region_id = provider.region
            except AttributeError:
                region_id = None
            if region_id is not None:
                self._region = Regions.from_region_id(region_id)
        elif (tenant_id is None or user_id is None or fingerprint is None
              or private_key is None):
            CheckValue.check_str(config_file, 'config_file', True)
            CheckValue.check_str(profile_name, 'profile_name', True)
            if config_file is None and profile_name is None:
                # Use default user profile and private key from default path of
                # configuration file ~/.oci/config.
                config = oci.config.from_file()
            elif config_file is None and profile_name is not None:
                # Use user profile with given profile name and private key from
                # default path of configuration file ~/.oci/config.
                config = oci.config.from_file(profile_name=profile_name)
            elif config_file is not None and profile_name is None:
                # Use user profile with default profile name and private key
                # from specified configuration file.
                config = oci.config.from_file(file_location=config_file)
            else:  # config_file is not None and profile_name is not None
                # Use user profile with given profile name and private key from
                # specified configuration file.
                config = oci.config.from_file(file_location=config_file,
                                              profile_name=profile_name)
            self._provider = oci.signer.Signer(config['tenancy'],
                                               config['user'],
                                               config['fingerprint'],
                                               config['key_file'],
                                               config.get('pass_phrase'),
                                               config.get('key_content'))
            region_id = config.get('region')
            if region_id is not None:
                self._provider.region = region_id
                self._region = Regions.from_region_id(region_id)
        else:
            CheckValue.check_str(tenant_id, 'tenant_id')
            CheckValue.check_str(user_id, 'user_id')
            CheckValue.check_str(fingerprint, 'fingerprint')
            CheckValue.check_str(private_key, 'private_key')
            CheckValue.check_str(pass_phrase, 'pass_phrase', True)
            if path.isfile(private_key):
                key_file = private_key
                key_content = None
            else:
                key_file = None
                key_content = private_key
            self._provider = oci.signer.Signer(tenant_id, user_id, fingerprint,
                                               key_file, pass_phrase,
                                               key_content)
            if region is not None:
                if not isinstance(region, Region):
                    raise IllegalArgumentException(
                        'region must be an instance of an instance of Region.')
                self._provider.region = region.get_region_id()
                self._region = region

        self._signature_cache = Memoize(duration_seconds)
        self._refresh_interval_s = (duration_seconds - refresh_ahead
                                    if duration_seconds > refresh_ahead else 0)

        # Refresh timer.
        self._timer = None
        self._service_url = None
        self._logger = None
        self._logutils = LogUtils()
        self._sess = Session()
        self._request_utils = RequestUtils(self._sess, self._logutils)