pip_services3_components.auth package

Submodules

• pip_services3_components.auth.CredentialParams module
  • pip_services3_components.auth.CredentialParams
• pip_services3_components.auth.CredentialResolver module
  • pip_services3_components.auth.CredentialResolver
• pip_services3_components.auth.DefaultCredentialStoreFactory module
  • pip_services3_components.auth.DefaultCredentialStoreFactory
• pip_services3_components.auth.ICredentialStore module
  • pip_services3_components.auth.ICredentialStore
• pip_services3_components.auth.MemoryCredentialStore module
  • pip_services3_components.auth.MemoryCredentialStore

Module contents

pip_services3_components.auth.__init__

Contains credentials implementation.

Credentials – passwords, logins, application keys, secrets. This information is usually linked with connection parameters. Connection parameters separate from authentication, because auth is saved as a secret, and stored separately from configuration parameters (host name, ip addresses). They need added security and protection, so they were separated.

Credential parameters include various credentials.

Interfaces and abstract classes for credential stores, which can save or retrieve various credential parameters.

copyright

Conceptual Vision Consulting LLC 2018-2019, see AUTHORS for more details.

license

MIT, see LICENSE for more details.

class pip_services3_components.auth.CredentialParams(values: Any = None)

Bases: pip_services3_commons.config.ConfigParams.ConfigParams

Contains credentials to authenticate against external services.

They are used together with connection parameters, but usually stored in a separate store, protected from unauthorized access.

### Configuration parameters ###

• store_key: key to retrieve parameters from credential store

• username: user name

• user: alternative to username

• password: user password

• pass: alternative to password

• access_id: application access id

• client_id: alternative to access_id

• access_key: application secret key

• client_key: alternative to access_key

• secret_key: alternative to access_key

In addition to standard parameters CredentialParams may contain any number of custom parameters

Example:

credential = CredentialParams.from_tuples
("user", "jdoe", "pass", "pass123", "pin", "321")

username = credential.get_username()           # Result: "jdoe"
password = credential.get_password()           # Result: "pass123"
pin = credential.get_as_nullable_string("pin") # Result: 321

static from_config(config: pip_services3_commons.config.ConfigParams.ConfigParams) → pip_services3_components.auth.CredentialParams.CredentialParams

Retrieves a single CredentialParams from configuration parameters from “credential” section. If “credentials” section is present instead, then is returns only the first credential element.

Parameters

config – ConfigParams, containing a section named “credential(s)”.

Returns

the generated CredentialParams object.

static from_string(line: str) → pip_services3_components.auth.CredentialParams.CredentialParams

Creates a new CredentialParams object filled with key-value pairs serialized as a string.

Parameters

line – a string with serialized key-value pairs as “key1=value1;key2=value2;…” Example: “Key1=123;Key2=ABC;Key3=2016-09-16T00:00:00.00Z”

Returns

a new CredentialParams object.

static from_tuples(*tuples: Any) → pip_services3_components.auth.CredentialParams.CredentialParams

Creates a new CredentialParams object filled with provided key-value pairs called tuples. Tuples parameters contain a sequence of key1, value1, key2, value2, … pairs.

Parameters

tuples – the tuples to fill a new CredentialParams object.

Returns

a new CredentialParams object.

get_access_id() → str

Gets the application access id. The value can be stored in parameters “access_id” pr “client_id”

Returns

the application access id.

get_access_key() → str

Gets the application secret key. The value can be stored in parameters “access_key”, “client_key” or “secret_key”.

Returns

the application secret key.

get_password() → str

Get the user password. The value can be stored in parameters “password” or “pass”.

Returns

the user password.

get_store_key() → str

Gets the key to retrieve these credentials from ICredentialStore. If this key is null, than all parameters are already present.

Returns

the store key to retrieve credentials.

get_username() → str

Gets the user name. The value can be stored in parameters “username” or “user”.

Returns

the user name.

static many_from_config(config: pip_services3_commons.config.ConfigParams.ConfigParams) → List[pip_services3_components.auth.CredentialParams.CredentialParams]

Retrieves all CredentialParams from configuration parameters from “credentials” section. If “credential” section is present instead, than it returns a list with only one CredentialParams.

Parameters

config – a configuration parameters to retrieve credentials

Returns

a list of retrieved CredentialParams

set_access_id(value: str)

Sets the application access id.

Parameters

value – a new application access id.

set_access_key(value: str)

Sets the application secret key.

Parameters

value – a new application secret key.

set_password(password: str)

Sets the user password.

Parameters

password – a new user password.

set_store_key(value: str)

Sets the key to retrieve these parameters from ICredentialStore.

Parameters

value – a new key to retrieve credentials.

set_username(value: str)

Sets the user name.

Parameters

value – a new user name.

use_credential_store() → bool

Checks if these credential parameters shall be retrieved from ICredentialStore. The credential parameters are redirected to ICredentialStore when store_key parameter is set.

Returns

true if credentials shall be retrieved from ICredentialStore

class pip_services3_components.auth.CredentialResolver(config: pip_services3_commons.config.ConfigParams.ConfigParams = None, references: pip_services3_commons.refer.IReferences.IReferences = None)

Bases: pip_services3_commons.config.IConfigurable.IConfigurable, pip_services3_commons.refer.IReferenceable.IReferenceable

Helper class to retrieve component credentials.

If credentials are configured to be retrieved from ICredentialStore, it automatically locates ICredentialStore in component references and retrieve credentials from there using store_key parameter.

### Configuration parameters ### credential:

• store_key: (optional) a key to retrieve the credentials from ICredentialStore

• … other credential parameters

credentials: alternative to credential

• [credential params 1]: first credential parameters

• … credential parameters for key 1

• …

• [credential params N]: Nth credential parameters

• … credential parameters for key N

### References ###

• *:credential-store:*:*:1.0 (optional) Credential stores to resolve credentials

Example:

config = ConfigParams.from_tuples("credential.user", "jdoe",
                                  "credential.pass",  "pass123")

credentialResolver = CredentialResolver()
credentialResolver.configure(config)
credentialResolver.set_references(references)
credentialResolver.lookup("123")

add(connection: pip_services3_components.auth.CredentialParams.CredentialParams)

Adds a new credential to component credentials

Parameters

connection – new credential parameters to be added

configure(config: pip_services3_commons.config.ConfigParams.ConfigParams)

Configures component by passing configuration parameters.

Parameters

config – configuration parameters to be set.

get_all() → List[pip_services3_components.auth.CredentialParams.CredentialParams]

Gets all credentials configured in component configuration.

Redirect to CredentialStores is not done at this point. If you need fully fleshed credential use lookup() method instead.

Returns

a list with credential parameters

lookup(correlation_id: Optional[str]) → Optional[pip_services3_components.auth.CredentialParams.CredentialParams]

Looks up component credential parameters. If credentials are configured to be retrieved from Credential store it finds a ICredentialStore and lookups credentials there.

Parameters

correlation_id – (optional) transaction id to trace execution through call chain.

Returns

resolved credential parameters or None if nothing was found.

set_references(references: pip_services3_commons.refer.IReferences.IReferences)

Sets references to dependent components.

Parameters

references – references to locate the component dependencies.

class pip_services3_components.auth.DefaultCredentialStoreFactory

Bases: pip_services3_components.build.Factory.Factory

Creates ICredentialStore

components by their descriptors.

See IFactory, ICredentialStore, MemoryCredentialStore,

MemoryCredentialStoreDescriptor = <pip_services3_commons.refer.Descriptor.Descriptor object>

class pip_services3_components.auth.ICredentialStore

Bases: abc.ABC

Interface for credential stores which are used to store and lookup credentials to authenticate against external services.

lookup(correlation_id: Optional[str], key: str) → pip_services3_components.auth.CredentialParams.CredentialParams

Lookups credential parameters by its key.

Parameters

• correlation_id – (optional) transaction id to trace execution through call chain.

• key – a key to uniquely identify the credential.

Returns

found credential parameters or None if nothing was found

store(correlation_id: Optional[str], key: str, credential: pip_services3_components.auth.CredentialParams.CredentialParams)

Stores credential parameters into the store.

Parameters

• correlation_id – (optional) transaction id to trace execution through call chain.

• key – a key to uniquely identify the credential.

• credential – a credential to be stored.

class pip_services3_components.auth.MemoryCredentialStore(config: pip_services3_commons.config.ConfigParams.ConfigParams = None)

Bases: pip_services3_components.auth.ICredentialStore.ICredentialStore, pip_services3_commons.config.IReconfigurable.IReconfigurable

Credential store that keeps credentials in memory.

### Configuration parameters ###

• [credential key 1]:

• … credential parameters for key 1

• [credential key 2]:

• … credential parameters for key N

• …

Example:

config = ConfigParams.from_tuples("key1.user", "jdoe",
                                  "key1.pass", "pass123",
                                  "key2.user", "bsmith",
                                  "key2.pass", "mypass")

credentialStore = MemoryCredentialStore()
credentialStore.read_credentials(config)
credentialStore.lookup("123", "key1")

configure(config: pip_services3_commons.config.ConfigParams.ConfigParams)

Configures component by passing configuration parameters.

Parameters

config – configuration parameters to be set.

lookup(correlation_id: Optional[str], key: str) → pip_services3_components.auth.CredentialParams.CredentialParams

Lookups credential parameters by its key.

Parameters

• correlation_id – (optional) transaction id to trace execution through call chain.

• key – a key to uniquely identify the credential.

Returns

found credential parameters or None if nothing was found

read_credentials(config: pip_services3_commons.config.ConfigParams.ConfigParams)

Reads credentials from configuration parameters. Each section represents an individual CredentialParams

Parameters

config – configuration parameters to be read

store(correlation_id: Optional[str], key: str, credential: pip_services3_components.auth.CredentialParams.CredentialParams)

Stores credential parameters into the store.

Parameters

• correlation_id – (optional) transaction id to trace execution through call chain.

• key – a key to uniquely identify the credential parameters.

• credential – a credential parameters to be stored.