gc3libs.authentication

Authentication support for the GC3Libs.

class gc3libs.authentication.Auth(config, auto_enable)

A mish-mash of authorization functions.

This class actually serves the purposes of:

  • a registry of authorization ‘types’, mapping internally-assigned names to Python classes;
  • storage for the configuration information (which can be arbitrary, but should probably be read off a configuration file);
  • a factory, returning a ‘SomeAuth’ object through which clients can deal with actual authorization issues (like checking if the authorization credentials are valid and getting/renewing them).
  • a cache, that tries to avoid expensive re-initializations of Auth objects by allowing only one live instance per type, and returning it when requested.

FIXME

There are several problems with this approach:

  • the configuration is assumed static and cannot be changed after the Auth instance is constructed.
  • there is no communication between the client class and the Auth classes.
  • there is no control over the lifetime of the cache; at a minimum, it should be settable per-auth-type.
  • I’m unsure whether the mapping of ‘type names’ (as in the type=... keyword in the config file) to Python classes belongs in a generic factory method or in the configuration file reader. (Probably the former, so the code here would actually be right.)
  • The whole auto_enable stuff really belongs to the user-interface part, which is also hard-coded in the auth classes, and should not be.
add_params(**params)

Add the specified keyword arguments as initialization parameters to all the configured auth classes.

Parameters that have already been specified are silently overwritten.

get(auth_name, **kwargs)

Return an instance of the Auth class corresponding to the given auth_name, or raise an exception if instanciating the same class has given an unrecoverable exception in past calls.

Additional keyword arguments are passed unchanged to the class constructor and can override values specified at configuration time.

Instances are remembered for the lifetime of the program; if an instance of the given class is already present in the cache, that one is returned; otherwise, an instance is contructed with the given parameters.

Caution

The params keyword arguments are only used if a new instance is constructed and are silently ignored if the cached instance is returned.

class gc3libs.authentication.NoneAuth(**auth)

Auth proxy to use when no auth is needed.