pip_services3_components.auth package
Submodules
Module contents
pip_services3_components.auth.__init__
Contains credentials implementation.
Credentials – passwords, logins, application keys, secrets. This information is usually linked with connection parameters. Connection parameters separate from authentication, because auth is saved as a secret, and stored separately from configuration parameters (host name, ip addresses). They need added security and protection, so they were separated.
Credential parameters include various credentials.
Interfaces and abstract classes for credential stores, which can save or retrieve various credential parameters.
- copyright
Conceptual Vision Consulting LLC 2018-2019, see AUTHORS for more details.
- license
MIT, see LICENSE for more details.
-
class
pip_services3_components.auth.
CredentialParams
(values: Any = None) Bases:
pip_services3_commons.config.ConfigParams.ConfigParams
Contains credentials to authenticate against external services.
They are used together with connection parameters, but usually stored in a separate store, protected from unauthorized access.
- ### Configuration parameters ###
store_key: key to retrieve parameters from credential store
username: user name
user: alternative to username
password: user password
pass: alternative to password
access_id: application access id
client_id: alternative to access_id
access_key: application secret key
client_key: alternative to access_key
secret_key: alternative to access_key
In addition to standard parameters CredentialParams may contain any number of custom parameters
Example:
credential = CredentialParams.from_tuples ("user", "jdoe", "pass", "pass123", "pin", "321") username = credential.get_username() # Result: "jdoe" password = credential.get_password() # Result: "pass123" pin = credential.get_as_nullable_string("pin") # Result: 321
-
static
from_config
(config: pip_services3_commons.config.ConfigParams.ConfigParams) → pip_services3_components.auth.CredentialParams.CredentialParams Retrieves a single CredentialParams from configuration parameters from “credential” section. If “credentials” section is present instead, then is returns only the first credential element.
- Parameters
config – ConfigParams, containing a section named “credential(s)”.
- Returns
the generated CredentialParams object.
-
static
from_string
(line: str) → pip_services3_components.auth.CredentialParams.CredentialParams Creates a new CredentialParams object filled with key-value pairs serialized as a string.
- Parameters
line – a string with serialized key-value pairs as “key1=value1;key2=value2;…” Example: “Key1=123;Key2=ABC;Key3=2016-09-16T00:00:00.00Z”
- Returns
a new CredentialParams object.
-
static
from_tuples
(*tuples: Any) → pip_services3_components.auth.CredentialParams.CredentialParams Creates a new CredentialParams object filled with provided key-value pairs called tuples. Tuples parameters contain a sequence of key1, value1, key2, value2, … pairs.
- Parameters
tuples – the tuples to fill a new CredentialParams object.
- Returns
a new CredentialParams object.
-
get_access_id
() → str Gets the application access id. The value can be stored in parameters “access_id” pr “client_id”
- Returns
the application access id.
-
get_access_key
() → str Gets the application secret key. The value can be stored in parameters “access_key”, “client_key” or “secret_key”.
- Returns
the application secret key.
-
get_password
() → str Get the user password. The value can be stored in parameters “password” or “pass”.
- Returns
the user password.
-
get_store_key
() → str Gets the key to retrieve these credentials from
ICredentialStore
. If this key is null, than all parameters are already present.- Returns
the store key to retrieve credentials.
-
get_username
() → str Gets the user name. The value can be stored in parameters “username” or “user”.
- Returns
the user name.
-
static
many_from_config
(config: pip_services3_commons.config.ConfigParams.ConfigParams) → List[pip_services3_components.auth.CredentialParams.CredentialParams] Retrieves all CredentialParams from configuration parameters from “credentials” section. If “credential” section is present instead, than it returns a list with only one CredentialParams.
- Parameters
config – a configuration parameters to retrieve credentials
- Returns
a list of retrieved CredentialParams
-
set_access_id
(value: str) Sets the application access id.
- Parameters
value – a new application access id.
-
set_access_key
(value: str) Sets the application secret key.
- Parameters
value – a new application secret key.
-
set_store_key
(value: str) Sets the key to retrieve these parameters from
ICredentialStore
.- Parameters
value – a new key to retrieve credentials.
-
use_credential_store
() → bool Checks if these credential parameters shall be retrieved from
ICredentialStore
. The credential parameters are redirected toICredentialStore
when store_key parameter is set.- Returns
true if credentials shall be retrieved from
ICredentialStore
-
class
pip_services3_components.auth.
CredentialResolver
(config: pip_services3_commons.config.ConfigParams.ConfigParams = None, references: pip_services3_commons.refer.IReferences.IReferences = None) Bases:
pip_services3_commons.config.IConfigurable.IConfigurable
,pip_services3_commons.refer.IReferenceable.IReferenceable
Helper class to retrieve component credentials.
If credentials are configured to be retrieved from
ICredentialStore
, it automatically locatesICredentialStore
in component references and retrieve credentials from there using store_key parameter.### Configuration parameters ### credential:
store_key: (optional) a key to retrieve the credentials from
ICredentialStore
… other credential parameters
- credentials: alternative to credential
[credential params 1]: first credential parameters
… credential parameters for key 1
…
[credential params N]: Nth credential parameters
… credential parameters for key N
- ### References ###
*:credential-store:*:*:1.0 (optional) Credential stores to resolve credentials
Example:
config = ConfigParams.from_tuples("credential.user", "jdoe", "credential.pass", "pass123") credentialResolver = CredentialResolver() credentialResolver.configure(config) credentialResolver.set_references(references) credentialResolver.lookup("123")
-
add
(connection: pip_services3_components.auth.CredentialParams.CredentialParams) Adds a new credential to component credentials
- Parameters
connection – new credential parameters to be added
-
configure
(config: pip_services3_commons.config.ConfigParams.ConfigParams) Configures component by passing configuration parameters.
- Parameters
config – configuration parameters to be set.
-
get_all
() → List[pip_services3_components.auth.CredentialParams.CredentialParams] Gets all credentials configured in component configuration.
Redirect to CredentialStores is not done at this point. If you need fully fleshed credential use
lookup()
method instead.- Returns
a list with credential parameters
-
lookup
(correlation_id: Optional[str]) → Optional[pip_services3_components.auth.CredentialParams.CredentialParams] Looks up component credential parameters. If credentials are configured to be retrieved from Credential store it finds a
ICredentialStore
and lookups credentials there.- Parameters
correlation_id – (optional) transaction id to trace execution through call chain.
- Returns
resolved credential parameters or None if nothing was found.
-
set_references
(references: pip_services3_commons.refer.IReferences.IReferences) Sets references to dependent components.
- Parameters
references – references to locate the component dependencies.
-
class
pip_services3_components.auth.
DefaultCredentialStoreFactory
Bases:
pip_services3_components.build.Factory.Factory
- Creates
ICredentialStore
components by their descriptors.
See
IFactory
,ICredentialStore
,MemoryCredentialStore
,-
MemoryCredentialStoreDescriptor
= <pip_services3_commons.refer.Descriptor.Descriptor object>
- Creates
-
class
pip_services3_components.auth.
ICredentialStore
Bases:
abc.ABC
Interface for credential stores which are used to store and lookup credentials to authenticate against external services.
-
lookup
(correlation_id: Optional[str], key: str) → pip_services3_components.auth.CredentialParams.CredentialParams Lookups credential parameters by its key.
- Parameters
correlation_id – (optional) transaction id to trace execution through call chain.
key – a key to uniquely identify the credential.
- Returns
found credential parameters or None if nothing was found
-
store
(correlation_id: Optional[str], key: str, credential: pip_services3_components.auth.CredentialParams.CredentialParams) Stores credential parameters into the store.
- Parameters
correlation_id – (optional) transaction id to trace execution through call chain.
key – a key to uniquely identify the credential.
credential – a credential to be stored.
-
-
class
pip_services3_components.auth.
MemoryCredentialStore
(config: pip_services3_commons.config.ConfigParams.ConfigParams = None) Bases:
pip_services3_components.auth.ICredentialStore.ICredentialStore
,pip_services3_commons.config.IReconfigurable.IReconfigurable
Credential store that keeps credentials in memory.
- ### Configuration parameters ###
[credential key 1]:
… credential parameters for key 1
[credential key 2]:
… credential parameters for key N
…
Example:
config = ConfigParams.from_tuples("key1.user", "jdoe", "key1.pass", "pass123", "key2.user", "bsmith", "key2.pass", "mypass") credentialStore = MemoryCredentialStore() credentialStore.read_credentials(config) credentialStore.lookup("123", "key1")
-
configure
(config: pip_services3_commons.config.ConfigParams.ConfigParams) Configures component by passing configuration parameters.
- Parameters
config – configuration parameters to be set.
-
lookup
(correlation_id: Optional[str], key: str) → pip_services3_components.auth.CredentialParams.CredentialParams Lookups credential parameters by its key.
- Parameters
correlation_id – (optional) transaction id to trace execution through call chain.
key – a key to uniquely identify the credential.
- Returns
found credential parameters or None if nothing was found
-
read_credentials
(config: pip_services3_commons.config.ConfigParams.ConfigParams) Reads credentials from configuration parameters. Each section represents an individual CredentialParams
- Parameters
config – configuration parameters to be read
-
store
(correlation_id: Optional[str], key: str, credential: pip_services3_components.auth.CredentialParams.CredentialParams) Stores credential parameters into the store.
- Parameters
correlation_id – (optional) transaction id to trace execution through call chain.
key – a key to uniquely identify the credential parameters.
credential – a credential parameters to be stored.