osm_nbi/authconn.py

   1 # -*- coding: utf-8 -*-
   2
   3 """
   4 Authconn implements an Abstract class for the Auth backend connector
   5 plugins with the definition of the methods to be implemented.
   6 """
   7
   8 __author__ = "Eduardo Sousa <esousa@whitestack.com>"
   9 __date__ = "$27-jul-2018 23:59:59$"
  10
  11 from http import HTTPStatus
  12
  13
  14 class AuthException(Exception):
  15     """
  16     Authentication error.
  17     """
  18     def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
  19         self.http_code = http_code
  20         Exception.__init__(self, message)
  21
  22
  23 class AuthconnException(Exception):
  24     """
  25     Common and base class Exception for all authconn exceptions.
  26     """
  27     def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
  28         Exception.__init__(message)
  29         self.http_code = http_code
  30
  31
  32 class AuthconnConnectionException(AuthconnException):
  33     """
  34     Connectivity error with Auth backend.
  35     """
  36     def __init__(self, message, http_code=HTTPStatus.BAD_GATEWAY):
  37         AuthconnException.__init__(self, message, http_code)
  38
  39
  40 class AuthconnNotSupportedException(AuthconnException):
  41     """
  42     The request is not supported by the Auth backend.
  43     """
  44     def __init__(self, message, http_code=HTTPStatus.NOT_IMPLEMENTED):
  45         AuthconnException.__init__(self, message, http_code)
  46
  47
  48 class AuthconnNotImplementedException(AuthconnException):
  49     """
  50     The method is not implemented by the Auth backend.
  51     """
  52     def __init__(self, message, http_code=HTTPStatus.NOT_IMPLEMENTED):
  53         AuthconnException.__init__(self, message, http_code)
  54
  55
  56 class AuthconnOperationException(AuthconnException):
  57     """
  58     The operation executed failed.
  59     """
  60     def __init__(self, message, http_code=HTTPStatus.INTERNAL_SERVER_ERROR):
  61         AuthconnException.__init__(self, message, http_code)
  62
  63
  64 class Authconn:
  65     """
  66     Abstract base class for all the Auth backend connector plugins.
  67     Each Auth backend connector plugin must be a subclass of
  68     Authconn class.
  69     """
  70     def __init__(self, config):
  71         """
  72         Constructor of the Authconn class.
  73
  74         Note: each subclass
  75
  76         :param config: configuration dictionary containing all the
  77         necessary configuration parameters.
  78         """
  79         self.config = config
  80
  81     def authenticate_with_user_password(self, user, password):
  82         """
  83         Authenticate a user using username and password.
  84
  85         :param user: username
  86         :param password: password
  87         :return: an unscoped token that grants access to project list
  88         """
  89         raise AuthconnNotImplementedException("Should have implemented this")
  90
  91     def authenticate_with_token(self, token, project=None):
  92         """
  93         Authenticate a user using a token. Can be used to revalidate the token
  94         or to get a scoped token.
  95
  96         :param token: a valid token.
  97         :param project: (optional) project for a scoped token.
  98         :return: return a revalidated token, scoped if a project was passed or
  99         the previous token was already scoped.
 100         """
 101         raise AuthconnNotImplementedException("Should have implemented this")
 102
 103     def validate_token(self, token):
 104         """
 105         Check if the token is valid.
 106
 107         :param token: token to validate
 108         :return: dictionary with information associated with the token. If the
 109         token is not valid, returns None.
 110         """
 111         raise AuthconnNotImplementedException("Should have implemented this")
 112
 113     def revoke_token(self, token):
 114         """
 115         Invalidate a token.
 116
 117         :param token: token to be revoked
 118         """
 119         raise AuthconnNotImplementedException("Should have implemented this")
 120
 121     def get_project_list(self, token):
 122         """
 123         Get all the projects associated with a user.
 124
 125         :param token: valid token
 126         :return: list of projects
 127         """
 128         raise AuthconnNotImplementedException("Should have implemented this")
 129
 130     def get_role_list(self, token):
 131         """
 132         Get role list for a scoped project.
 133
 134         :param token: scoped token.
 135         :return: returns the list of roles for the user in that project. If
 136         the token is unscoped it returns None.
 137         """
 138         raise AuthconnNotImplementedException("Should have implemented this")
 139
 140     def create_user(self, user, password):
 141         """
 142         Create a user.
 143
 144         :param user: username.
 145         :param password: password.
 146         :raises AuthconnOperationException: if user creation failed.
 147         """
 148         raise AuthconnNotImplementedException("Should have implemented this")
 149
 150     def change_password(self, user, new_password):
 151         """
 152         Change the user password.
 153
 154         :param user: username.
 155         :param new_password: new password.
 156         :raises AuthconnOperationException: if user password change failed.
 157         """
 158         raise AuthconnNotImplementedException("Should have implemented this")
 159
 160     def delete_user(self, user):
 161         """
 162         Delete user.
 163
 164         :param user: username.
 165         :raises AuthconnOperationException: if user deletion failed.
 166         """
 167         raise AuthconnNotImplementedException("Should have implemented this")
 168
 169     def create_role(self, role):
 170         """
 171         Create a role.
 172
 173         :param role: role name.
 174         :raises AuthconnOperationException: if role creation failed.
 175         """
 176         raise AuthconnNotImplementedException("Should have implemented this")
 177
 178     def delete_role(self, role):
 179         """
 180         Delete a role.
 181
 182         :param role: role name.
 183         :raises AuthconnOperationException: if user deletion failed.
 184         """
 185         raise AuthconnNotImplementedException("Should have implemented this")
 186
 187     def create_project(self, project):
 188         """
 189         Create a project.
 190
 191         :param project: project name.
 192         :raises AuthconnOperationException: if project creation failed.
 193         """
 194         raise AuthconnNotImplementedException("Should have implemented this")
 195
 196     def delete_project(self, project):
 197         """
 198         Delete a project.
 199
 200         :param project: project name.
 201         :raises AuthconnOperationException: if project deletion failed.
 202         """
 203         raise AuthconnNotImplementedException("Should have implemented this")
 204
 205     def assign_role_to_user(self, user, project, role):
 206         """
 207         Assigning a role to a user in a project.
 208
 209         :param user: username.
 210         :param project: project name.
 211         :param role: role name.
 212         :raises AuthconnOperationException: if role assignment failed.
 213         """
 214         raise AuthconnNotImplementedException("Should have implemented this")
 215
 216     def remove_role_from_user(self, user, project, role):
 217         """
 218         Remove a role from a user in a project.
 219
 220         :param user: username.
 221         :param project: project name.
 222         :param role: role name.
 223         :raises AuthconnOperationException: if role assignment revocation failed.
 224         """
 225         raise AuthconnNotImplementedException("Should have implemented this")