projects / osm / NBI.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Adding Authentication Connector plugin system
[osm/NBI.git] / osm_nbi / authconn.py
1 # -*- coding: utf-8 -*-
2
3 """
4 Authconn implements an Abstract class for the Auth backend connector
5 plugins with the definition of the methods to be implemented.
6 """
7
8 __author__ = "Eduardo Sousa <eduardosousa@av.it.pt>"
9 __date__ = "$27-jul-2018 23:59:59$"
10
11 from http import HTTPStatus
12
13
14 class AuthconnException(Exception):
15 """
16 Common and base class Exception for all authconn exceptions.
17 """
18 def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
19 Exception.__init__(message)
20 self.http_code = http_code
21
22
23 class AuthconnConnectionException(AuthconnException):
24 """
25 Connectivity error with Auth backend.
26 """
27 def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
28 AuthconnException.__init__(self, message, http_code)
29
30
31 class AuthconnNotSupportedException(AuthconnException):
32 """
33 The request is not supported by the Auth backend.
34 """
35 def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
36 AuthconnException.__init__(self, message, http_code)
37
38
39 class AuthconnNotImplementedException(AuthconnException):
40 """
41 The method is not implemented by the Auth backend.
42 """
43 def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
44 AuthconnException.__init__(self, message, http_code)
45
46
47 class Authconn:
48 """
49 Abstract base class for all the Auth backend connector plugins.
50 Each Auth backend connector plugin must be a subclass of
51 Authconn class.
52 """
53 def __init__(self, config):
54 """
55 Constructor of the Authconn class.
56
57 Note: each subclass
58
59 :param config: configuration dictionary containing all the
60 necessary configuration parameters.
61 """
62 self.config = config
63
64 def authenticate_with_user_password(self, user, password):
65 """
66 Authenticate a user using username and password.
67
68 :param user: username
69 :param password: password
70 :return: an unscoped token that grants access to project list
71 """
72 raise AuthconnNotImplementedException("Should have implemented this")
73
74 def authenticate_with_token(self, token, project=None):
75 """
76 Authenticate a user using a token. Can be used to revalidate the token
77 or to get a scoped token.
78
79 :param token: a valid token.
80 :param project: (optional) project for a scoped token.
81 :return: return a revalidated token, scoped if a project was passed or
82 the previous token was already scoped.
83 """
84 raise AuthconnNotImplementedException("Should have implemented this")
85
86 def validate_token(self, token):
87 """
88 Check if the token is valid.
89
90 :param token: token to validate
91 :return: dictionary with information associated with the token. If the
92 token is not valid, returns None.
93 """
94 raise AuthconnNotImplementedException("Should have implemented this")
95
96 def revoke_token(self, token):
97 """
98 Invalidate a token.
99
100 :param token: token to be revoked
101 """
102 raise AuthconnNotImplementedException("Should have implemented this")
103
104 def get_project_list(self, token):
105 """
106 Get all the projects associated with a user.
107
108 :param token: valid token
109 :return: list of projects
110 """
111 raise AuthconnNotImplementedException("Should have implemented this")
112
113 def get_role_list(self, token):
114 """
115 Get role list for a scoped project.
116
117 :param token: scoped token.
118 :return: returns the list of roles for the user in that project. If
119 the token is unscoped it returns None.
120 """
121 raise AuthconnNotImplementedException("Should have implemented this")
122
123 def create_user(self, user, password):
124 """
125 Create a user.
126
127 :param user: username.
128 :param password: password.
129 :return: boolean to indicate if operation was successful.
130 """
131 raise AuthconnNotImplementedException("Should have implemented this")
132
133 def change_password(self, user, old_password, new_password):
134 """
135 Change the user password.
136
137 :param user: username.
138 :param old_password: old password.
139 :param new_password: new password.
140 :return: boolean to indicate if operation was successful.
141 """
142 raise AuthconnNotImplementedException("Should have implemented this")
143
144 def delete_user(self, user):
145 """
146 Delete user.
147
148 :param user: username.
149 :return: boolean to indicate if operation was successful.
150 """
151 raise AuthconnNotImplementedException("Should have implemented this")
152
153 def create_role(self, role):
154 """
155 Create a role.
156
157 :param role: role name.
158 :return: boolean to indicate if operation was successful.
159 """
160 raise AuthconnNotImplementedException("Should have implemented this")
161
162 def delete_role(self, role):
163 """
164 Delete a role.
165
166 :param role: role name.
167 :return: boolean to indicate if operation was successful.
168 """
169 raise AuthconnNotImplementedException("Should have implemented this")
170
171 def create_project(self, project):
172 """
173 Create a project.
174
175 :param project: project name.
176 :return: boolean to indicate if operation was successful.
177 """
178 raise AuthconnNotImplementedException("Should have implemented this")
179
180 def delete_project(self, project):
181 """
182 Delete a project.
183
184 :param project: project name.
185 :return: boolean to indicate if operation was successful.
186 """
187 raise AuthconnNotImplementedException("Should have implemented this")
188
189 def assign_role_to_user(self, user, project, role):
190 """
191 Assigning a role to a user in a project.
192
193 :param user: username.
194 :param project: project name.
195 :param role: role name.
196 :return: boolean to indicate if operation was successful.
197 """
198 raise AuthconnNotImplementedException("Should have implemented this")