Authenticator

GenericAuthenticator

Generic authenticator class.

WebinAuthenticator

Webin authenticator.

Authenticator module. This module consists of several classes that can load a username and a password and retrieve the token needed to validate the requests.

For easiness of use, it also wraps the requests, adding automatically the token to the header, and adding an extra check in case the token expires.

Mandatory arguments:

  • username: Username for the authentication service

  • password: Password for the authentication service

  • base_uri: base uri for the authentication service (Can be provided by subclasses, see WebinApi object for an example)

Optional arguments:

  • verbose: set to True if you want INFO and above-level logging events. If not set or set to False, only WARNING and above will be displayed

Environment variables:

  • API_ENVIRONMENT: Needs to be set up if you want to set up a ‘dev’ authenticator. Please note this environment variable is shared with the API: this is to avoid inconsistent API/Authenticator combos (And even with all these checks and constraints, there will be errors, I’m pretty sure)

Subclasses of GenericAuthenticator must define the following methods/properties:

  • @token.setter

Aspects to improve:

  • _request function: Currently, it assumes JWT token generation + authorization “Bearer <token>” in all subclasses. if other headers or payloads are necessary for authentication, it needs to be overridden.

class GenericAuthenticator(base_uri, username, password, verbose=False)

Bases: object

Generic authenticator class. Defines the expected functions and properties of all subclasses. Some must be overridden.

Parameters:

  • base_uri (str) – Base URI for the request to retrieve the token.

  • username (str) – Username required for authentication.

  • password (str) – Password required for authentication.

  • verbose (bool) – Boolean indicating if the logger should be verbose.

property auth_endpoint

Name of the endpoint to authenticate

Returns:

string

property token

Token property

Returns:

Bearer <token>

_request(url, method, payload)

Handle all requests. If token is expired, reload token and try again. If this results in another error, it will be risen.

Parameters:

  • url – URL to REQUEST

  • method – Method for the REQUEST

  • payload (dict) – Optional payload, for POST/PUT/PATCH methods

Return type:

Response

Returns:

get(url)

GET a url

Parameters:

url (str) – URL to GET

Return type:

Response

Returns:

response

post(url, payload)

POST a payload to a URL

Parameters:

  • url (str) – URL to POST

  • payload (dict) – JSON payload

Return type:

Response

Returns:

response

delete(url)

DELETE an entity on a URL

Parameters:

url (str) – URL to send the DELETE request

Return type:

Response

Returns:

response

put(url, payload)

PUT a payload to an URL

Parameters:

  • url (str)

  • payload (dict)

Return type:

Response

Returns:

response

patch(url, payload)

PATCH a payload to a URL

Parameters:

  • url (str)

  • payload (dict)

Return type:

Response

Returns:

response

class WebinAuthenticator(username, password, verbose=False)

Bases: GenericAuthenticator

Webin authenticator. Retrieves a token from the Webin service.

Parameters:

  • username (str) – Webin username. Must start with “Webin-”

  • password (str) – Webin password.

property auth_endpoint

Name of the endpoint to authenticate

Returns:

string

property token

Token property

Returns:

Bearer <token>

validate_username(username)

Validate a username. For webin, all usernames start with Webin-. Can raise UsernameNotValid

Parameters:

username (str) – Webin username.

Returns:

Exceptions

exception UsernameNotValid(username, logger)

Bases: Exception

Username is not deemed valid for the authenticator

exception WrongUserOrPassword(username, password, logger)

Bases: Exception

Wrong username or password provided to authenticator

exception DomainAlreadyExists(domain, logger)

Bases: Exception

Domain already exists