def __init__(self, user_name=None, password=None):
self._endpoint = None
self._url = None
self._auth_string = None
self._auto_renew = True
self._disable_ssl_hook = False
self._is_closed = False
# The base path for security related services.
self._base_path = HttpConstants.KV_SECURITY_PATH
# The login token expiration time.
self._expiration_time = 0
self._logger = None
self._logutils = LogUtils(self._logger)
self._sess = Session()
self._request_utils = borneo.http.RequestUtils(self._sess,
self._logutils)
self._lock = Lock()
self._timer = None
self.lock = Lock()
if user_name is None and password is None:
# Used to access to a store without security enabled.
self._is_secure = False
else:
if user_name is None or password is None:
raise IllegalArgumentException('Invalid input arguments.')
CheckValue.check_str(user_name, 'user_name')
CheckValue.check_str(password, 'password')
self._is_secure = True
self._user_name = user_name
self._password = password
def set_properties_file(self, file_path):
"""
Sets the properties file to use to a non-default path.
:param file_path: a path to the file to use.
:returns: self.
"""
CheckValue.check_str(file_path, 'file_path')
if not path.exists(file_path):
raise IllegalArgumentException('Path: \'' + file_path +
'\' not found.')
self.__properties_file = file_path
return self
def set_endpoint(self, endpoint):
"""
Sets the endpoint of the on-prem proxy.
:param endpoint: the endpoint.
:type endpoint: str
:returns: self.
:raises IllegalArgumentException: raises the exception if endpoint is
not a string.
"""
CheckValue.check_str(endpoint, 'endpoint')
self._endpoint = endpoint
self._url = NoSQLHandleConfig.create_url(endpoint, '')
if self._is_secure and self._url.scheme.lower() != 'https':
raise IllegalArgumentException(
'StoreAccessTokenProvider requires use of https.')
return self
def __init__(
self,
idcs_props_file=_DEFAULT_PROPS_FILE,
idcs_url=None,
entitlement_id=None,
creds_provider=None,
timeout_ms=Utils.DEFAULT_TIMEOUT_MS,
cache_duration_seconds=AccessTokenProvider.MAX_ENTRY_LIFE_TIME,
refresh_ahead=AccessTokenProvider.DEFAULT_REFRESH_AHEAD):
# Constructs a default access token provider.
if idcs_url is None:
CheckValue.check_str(idcs_props_file, 'idcs_props_file')
super(DefaultAccessTokenProvider, self).__init__(
DefaultAccessTokenProvider.MAX_ENTRY_LIFE_TIME,
DefaultAccessTokenProvider.DEFAULT_REFRESH_AHEAD)
self.__idcs_url = self.__get_idcs_url(idcs_props_file)
entitlement = self.__get_entitlement_id(idcs_props_file)
self.__creds_provider = (
PropertiesCredentialsProvider().set_properties_file(
self.__get_credential_file(idcs_props_file)))
self.__timeout_ms = Utils.DEFAULT_TIMEOUT_MS
else:
CheckValue.check_str(idcs_url, 'idcs_url')
self.__is_credentials_provider(creds_provider)
CheckValue.check_int_gt_zero(timeout_ms, 'timeout_ms')
CheckValue.check_int_gt_zero(cache_duration_seconds,
'cache_duration_seconds')
CheckValue.check_int_gt_zero(refresh_ahead, 'refresh_ahead')
super(DefaultAccessTokenProvider,
self).__init__(cache_duration_seconds, refresh_ahead)
self.__idcs_url = idcs_url
entitlement = entitlement_id
self.__creds_provider = (PropertiesCredentialsProvider()
if creds_provider is None else
creds_provider)
self.__timeout_ms = timeout_ms
url = urlparse(self.__idcs_url)
self.__host = url.hostname
self.__andc_fqs = None
if entitlement is not None:
CheckValue.check_str(entitlement, 'entitlement_id')
self.__andc_fqs = (AccessTokenProvider.ANDC_AUD_PREFIX +
entitlement + AccessTokenProvider.SCOPE)
self.__psm_fqs = None
self.__logger = None
self.__logutils = LogUtils()
self.__sess = Session()
self.__request_utils = RequestUtils(self.__sess, self.__logutils)
def __init__(self, alias, secret):
# Construct a new instance
CheckValue.check_str(alias, 'alias')
CheckValue.check_str(secret, 'secret')
self.__alias = alias
self.__secret = secret
def __init__(self,
provider=None,
config_file=None,
profile_name=None,
tenant_id=None,
user_id=None,
fingerprint=None,
private_key=None,
pass_phrase=None,
region=None,
duration_seconds=MAX_ENTRY_LIFE_TIME,
refresh_ahead=DEFAULT_REFRESH_AHEAD):
"""
The SignatureProvider that generates and caches request signature.
"""
#
# This class depends on the oci package
#
if oci is None:
raise ImportError('Package "oci" is required; please install.')
CheckValue.check_int_gt_zero(duration_seconds, 'duration_seconds')
CheckValue.check_int_gt_zero(refresh_ahead, 'refresh_ahead')
if duration_seconds > SignatureProvider.MAX_ENTRY_LIFE_TIME:
raise IllegalArgumentException(
'Access token cannot be cached longer than ' +
str(SignatureProvider.MAX_ENTRY_LIFE_TIME) + ' seconds.')
self._region = None
if provider is not None:
if not isinstance(
provider,
(oci.signer.Signer, oci.auth.signers.SecurityTokenSigner)):
raise IllegalArgumentException(
'provider should be an instance of oci.signer.Signer or ' +
'oci.auth.signers.SecurityTokenSigner.')
self._provider = provider
try:
region_id = provider.region
except AttributeError:
region_id = None
if region_id is not None:
self._region = Regions.from_region_id(region_id)
elif (tenant_id is None or user_id is None or fingerprint is None
or private_key is None):
CheckValue.check_str(config_file, 'config_file', True)
CheckValue.check_str(profile_name, 'profile_name', True)
if config_file is None and profile_name is None:
# Use default user profile and private key from default path of
# configuration file ~/.oci/config.
config = oci.config.from_file()
elif config_file is None and profile_name is not None:
# Use user profile with given profile name and private key from
# default path of configuration file ~/.oci/config.
config = oci.config.from_file(profile_name=profile_name)
elif config_file is not None and profile_name is None:
# Use user profile with default profile name and private key
# from specified configuration file.
config = oci.config.from_file(file_location=config_file)
else: # config_file is not None and profile_name is not None
# Use user profile with given profile name and private key from
# specified configuration file.
config = oci.config.from_file(file_location=config_file,
profile_name=profile_name)
self._provider = oci.signer.Signer(config['tenancy'],
config['user'],
config['fingerprint'],
config['key_file'],
config.get('pass_phrase'),
config.get('key_content'))
region_id = config.get('region')
if region_id is not None:
self._provider.region = region_id
self._region = Regions.from_region_id(region_id)
else:
CheckValue.check_str(tenant_id, 'tenant_id')
CheckValue.check_str(user_id, 'user_id')
CheckValue.check_str(fingerprint, 'fingerprint')
CheckValue.check_str(private_key, 'private_key')
CheckValue.check_str(pass_phrase, 'pass_phrase', True)
if path.isfile(private_key):
key_file = private_key
key_content = None
else:
key_file = None
key_content = private_key
self._provider = oci.signer.Signer(tenant_id, user_id, fingerprint,
key_file, pass_phrase,
key_content)
if region is not None:
if not isinstance(region, Region):
raise IllegalArgumentException(
'region must be an instance of an instance of Region.')
self._provider.region = region.get_region_id()
self._region = region
self._signature_cache = Memoize(duration_seconds)
self._refresh_interval_s = (duration_seconds - refresh_ahead
if duration_seconds > refresh_ahead else 0)
# Refresh timer.
self._timer = None
self._service_url = None
self._logger = None
self._logutils = LogUtils()
self._sess = Session()
self._request_utils = RequestUtils(self._sess, self._logutils)
