def signerFromConfig(self):
self.signer = oci.Signer(
tenancy=self.config["tenancy"],
user=self.config["user"],
fingerprint=self.config["fingerprint"],
private_key_file_location=self.config.get("key_file"),
pass_phrase=oci.config.get_config_value_or_default(
self.config, "pass_phrase"))
def __get_oci_auth_signer(auth, oci_config):
instance_principal_auth = auth == 'instance_principal'
session_token_auth = auth == 'security_token'
delegation_token_auth = auth == 'instance_obo_user'
signer = None
if delegation_token_auth:
delegation_token = None
delegation_token_location = oci_config.get('delegation_token_file')
if delegation_token_location is None:
raise ValueError(
'ERROR: Please specify the location of the delegation_token_file in the config.'
)
expanded_delegation_token_location = os.path.expanduser(
delegation_token_location)
if not os.path.exists(expanded_delegation_token_location):
raise IOError("ERROR: delegation_token_file not found at " +
expanded_delegation_token_location)
with open(expanded_delegation_token_location,
'r') as delegation_token_file:
delegation_token = delegation_token_file.read().strip()
if delegation_token is None:
raise ValueError('ERROR: delegation_token was not provided.')
signer = oci.auth.signers.InstancePrincipalsDelegationTokenSigner(
delegation_token=delegation_token)
elif instance_principal_auth:
signer = oci.auth.signers.InstancePrincipalsSecurityTokenSigner()
elif session_token_auth:
security_token_location = oci_config.get('security_token_file')
if not security_token_location:
sys.exit(
"ERROR: Config value for 'security_token_file' must be specified when using --auth security_token"
)
expanded_security_token_location = os.path.expanduser(
security_token_location)
if not os.path.exists(expanded_security_token_location):
sys.exit(
"ERROR: File specified by 'security_token_file' does not exist: {}"
.format(expanded_security_token_location))
with open(expanded_security_token_location,
'r') as security_token_file:
token = security_token_file.read()
try:
private_key = oci.signer.load_private_key_from_file(
oci_config.get('key_file'), oci_config.get('pass_phrase'))
except exceptions.MissingPrivateKeyPassphrase:
oci_config['pass_phrase'] = __prompt_for_passphrase()
private_key = oci.signer.load_private_key_from_file(
oci_config.get('key_file'), oci_config.get('pass_phrase'))
signer = oci.auth.signers.SecurityTokenSigner(token, private_key)
else:
signer = oci.Signer(
tenancy=oci_config.get('tenancy'),
user=oci_config.get('user'),
fingerprint=oci_config.get('fingerprint'),
private_key_file_location=oci_config.get('key_file'),
pass_phrase=oci_config.get('pass_phrase'))
return signer
