From ef73b3acaeb23471594e5465b894327f2b63943a Mon Sep 17 00:00:00 2001 From: banko-marton Date: Tue, 12 Oct 2021 13:45:37 +0200 Subject: [PATCH] #61 Added session header authentication to establish connection, extended IQS Connection Widget to accommodate --- .../iqs_jupyter/api_composition.py | 5 ++ .../iqs_jupyter/authentication.py | 56 +++++++++++++++---- .../iqs_jupyter/config_defaults.py | 3 + 3 files changed, 54 insertions(+), 10 deletions(-) diff --git a/source/incqueryserver-jupyter/iqs_jupyter/api_composition.py b/source/incqueryserver-jupyter/iqs_jupyter/api_composition.py index 90e63fc..37229ed 100644 --- a/source/incqueryserver-jupyter/iqs_jupyter/api_composition.py +++ b/source/incqueryserver-jupyter/iqs_jupyter/api_composition.py @@ -58,6 +58,11 @@ def decorate_iqs_client(iqs_client_object, root_configuration, endpoint_class): endpoint_specific_config.host = "{}/{}".format(root_configuration.host, api_client_module.endpoint_path) endpoint_specific_client = endpoint_class(endpoint_specific_config) + # If session header is set in configuration, we set a default header in ApiClient + if hasattr(root_configuration, 'auth_header_name') and hasattr(root_configuration, 'auth_header_value'): + endpoint_specific_client.set_default_header(root_configuration.auth_header_name, root_configuration.auth_header_value) + + for api_field_name, api_class_name in api_client_module.api_names_to_class.items(): api_module_name = "{}.api.{}_api".format(api_client_module.root_module_name, api_field_name) try: diff --git a/source/incqueryserver-jupyter/iqs_jupyter/authentication.py b/source/incqueryserver-jupyter/iqs_jupyter/authentication.py index ce678f5..9221128 100644 --- a/source/incqueryserver-jupyter/iqs_jupyter/authentication.py +++ b/source/incqueryserver-jupyter/iqs_jupyter/authentication.py @@ -28,17 +28,34 @@ def connect( user=defaults.default_IQS_username, password=defaults.default_IQS_password, token=defaults.default_IQS_token, + auth_header_name=defaults.default_IQS_auth_header_name, + auth_header_value=defaults.default_IQS_auth_header_value, auth_with_user_pw=defaults.default_use_password, - use_oidc=defaults.default_use_oidc + use_oidc=defaults.default_use_oidc, + use_auth_header=defaults.default_use_auth_header ): configuration = iqs_client.Configuration() configuration.host = address configuration.access_token = None - if auth_with_user_pw: + + # Cases: Auth with password, auth with token, Session header/value + # First priority: Session header + + if use_auth_header: + # Disabling username, password and token, so ApiClient does not try to authenticate + configuration.username = None + configuration.password = None + configuration.access_token = None + + setattr(configuration, 'auth_header_name', auth_header_name) + setattr(configuration, 'auth_header_value', auth_header_value) + + elif auth_with_user_pw: configuration.username = user configuration.password = password else: configuration.access_token = token + return IQSClient(configuration, use_oidc) @@ -64,26 +81,42 @@ def __init__( initial_password=defaults.default_IQS_password, use_oidc=defaults.default_use_oidc, token=defaults.default_IQS_token, + initial_auth_header_name=defaults.default_IQS_auth_header_name, + initial_auth_header_value=defaults.default_IQS_auth_header_value, + use_auth_header=defaults.default_use_auth_header, address_label='Address:', + use_user_pw_label='Login with Username & Password', user_label='User:', - oicd_checkbox_label='Use OpenID Connect', password_label='Password:', + oidc_checkbox_label='Use OpenID Connect', + token_label='OIDC Token:', label_text="IQS API Access Point", + auth_header_checkbox_label='Use Authentication Header', + auth_header_name_label='Header Name:', + auth_header_value_label='Header Value:', login_button=True, auto_display=defaults.default_auto_display ): - self.ask_for_user_pw = ask_for_user_pw - self.token = token + self.ask_for_user_pw_checkbox = widgets.Checkbox(value=ask_for_user_pw, description=use_user_pw_label) self.address_field = widgets.Text(value=initial_address, description=address_label) self.user_field = widgets.Text(value=initial_user, description=user_label) self.password_field = widgets.Password(value=initial_password, description=password_label) - self.oicd_checkbox = widgets.Checkbox(value=use_oidc, description=oicd_checkbox_label) + + self.oidc_checkbox = widgets.Checkbox(value=use_oidc, description=oidc_checkbox_label) + self.token_field = widgets.Text(value=token, description=token_label) + + self.auth_header_checkbox = widgets.Checkbox(value=use_auth_header, description=auth_header_checkbox_label) + self.auth_header_name_field = widgets.Text(value=initial_auth_header_name, description=auth_header_name_label) + self.auth_header_value_field = widgets.Text(value=initial_auth_header_value, description=auth_header_value_label) self.iqs_client = None if ask_for_user_pw: - fields = [self.address_field, self.user_field, self.password_field, self.oicd_checkbox] + fields = [self.address_field, + self.ask_for_user_pw_checkbox, self.user_field, self.password_field, + self.oidc_checkbox, self.token_field, + self.auth_header_checkbox, self.auth_header_name_field, self.auth_header_value_field] else: fields = [self.address_field] @@ -137,7 +170,10 @@ def connect(self): address=self.address_field.value, user=self.user_field.value, password=self.password_field.value, - token=self.token, - auth_with_user_pw=self.ask_for_user_pw, - use_oidc=self.oicd_checkbox.value + token=self.token_field.value, + auth_with_user_pw=self.ask_for_user_pw_checkbox.value, + use_oidc=self.oidc_checkbox.value, + use_auth_header=self.auth_header_checkbox.value, + auth_header_name=self.auth_header_name_field.value, + auth_header_value=self.auth_header_value_field.value ) diff --git a/source/incqueryserver-jupyter/iqs_jupyter/config_defaults.py b/source/incqueryserver-jupyter/iqs_jupyter/config_defaults.py index 9c15c3e..3e3512e 100644 --- a/source/incqueryserver-jupyter/iqs_jupyter/config_defaults.py +++ b/source/incqueryserver-jupyter/iqs_jupyter/config_defaults.py @@ -23,11 +23,14 @@ default_auto_display: bool = True default_use_oidc: bool = False default_use_password: bool = True +default_use_auth_header: bool = False default_IQS_address : str = None default_IQS_username : str = None default_IQS_password : str = None default_IQS_token: str = None +default_IQS_auth_header_name: str = None +default_IQS_auth_header_value: str = None default_twc_workspace : str = None default_twc_resource : str = None