X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fauthconn.py;h=42707fe2c81199213529a986cd3489ff35330594;hp=0df8911c70f08b1b56ba180e1c1603cd98a484bb;hb=cf042d30e8b7a1a9cbd1b2064e83c5d20ffcec9b;hpb=4015b4734a923c29c04bf9b30f5a06604dd2f0a4 diff --git a/osm_nbi/authconn.py b/osm_nbi/authconn.py index 0df8911..42707fe 100644 --- a/osm_nbi/authconn.py +++ b/osm_nbi/authconn.py @@ -79,6 +79,14 @@ class AuthconnOperationException(AuthconnException): super(AuthconnOperationException, self).__init__(message, http_code) +class AuthconnNotFoundException(AuthconnException): + """ + The operation executed failed because element not found. + """ + def __init__(self, message, http_code=HTTPStatus.NOT_FOUND): + super().__init__(message, http_code) + + class Authconn: """ Abstract base class for all the Auth backend connector plugins. @@ -96,27 +104,34 @@ class Authconn: """ self.config = config - def authenticate_with_user_password(self, user, password): + def authenticate(self, user, password, project=None, token=None): """ - Authenticate a user using username and password. + Authenticate a user using username/password or token, plus project + :param user: user: name, id or None + :param password: password or None + :param project: name, id, or None. If None first found project will be used to get an scope token + :param token: previous token to obtain authorization + :return: the scoped token info or raises an exception. The token is a dictionary with: + _id: token string id, + username: username, + project_id: scoped_token project_id, + project_name: scoped_token project_name, + expires: epoch time when it expires, - :param user: username - :param password: password - :return: an unscoped token that grants access to project list """ raise AuthconnNotImplementedException("Should have implemented this") - def authenticate_with_token(self, token, project=None): - """ - Authenticate a user using a token. Can be used to revalidate the token - or to get a scoped token. - - :param token: a valid token. - :param project: (optional) project for a scoped token. - :return: return a revalidated token, scoped if a project was passed or - the previous token was already scoped. - """ - raise AuthconnNotImplementedException("Should have implemented this") + # def authenticate_with_token(self, token, project=None): + # """ + # Authenticate a user using a token. Can be used to revalidate the token + # or to get a scoped token. + # + # :param token: a valid token. + # :param project: (optional) project for a scoped token. + # :return: return a revalidated token, scoped if a project was passed or + # the previous token was already scoped. + # """ + # raise AuthconnNotImplementedException("Should have implemented this") def validate_token(self, token): """ @@ -165,13 +180,14 @@ class Authconn: """ raise AuthconnNotImplementedException("Should have implemented this") - def change_password(self, user, new_password): + def update_user(self, user, new_name=None, new_password=None): """ - Change the user password. + Change the user name and/or password. - :param user: username. + :param user: username or user_id + :param new_name: new name :param new_password: new password. - :raises AuthconnOperationException: if user password change failed. + :raises AuthconnOperationException: if change failed. """ raise AuthconnNotImplementedException("Should have implemented this") @@ -184,11 +200,11 @@ class Authconn: """ raise AuthconnNotImplementedException("Should have implemented this") - def get_user_list(self, filter_q={}): + def get_user_list(self, filter_q=None): """ Get user list. - :param filter_q: dictionary to filter user list. + :param filter_q: dictionary to filter user list by name (username is also admited) and/or _id :return: returns a list of users. """ @@ -237,11 +253,11 @@ class Authconn: """ raise AuthconnNotImplementedException("Should have implemented this") - def get_project_list(self, filter_q={}): + def get_project_list(self, filter_q=None): """ Get all the projects. - :param filter_q: dictionary to filter project list. + :param filter_q: dictionary to filter project list, by "name" and/or "_id" :return: list of projects """ raise AuthconnNotImplementedException("Should have implemented this")