diff options
Diffstat (limited to 'ick2/tokengetter.py')
-rw-r--r-- | ick2/tokengetter.py | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/ick2/tokengetter.py b/ick2/tokengetter.py new file mode 100644 index 0000000..c152148 --- /dev/null +++ b/ick2/tokengetter.py @@ -0,0 +1,70 @@ +# Copyright (C) 2019 Lars Wirzenius +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + + +import time + + +import jwt + + +import ick2 + + +class TokenGetter: + + scopes = [ + 'super', + 'create', + 'update', + 'show', + 'delete', + 'uapi_workers_post', + 'uapi_workers_id_get', + 'uapi_workers_id_put', + 'uapi_workers_id_delete', + 'uapi_builds_post', + 'uapi_builds_id_get', + 'uapi_builds_id_put', + 'uapi_builds_id_delete', + 'uapi_logs_post', + 'uapi_logs_id_get', + 'uapi_logs_id_put', + 'uapi_logs_id_delete', + ] + + def __init__(self, client_id, client_secret): + self._ac = ick2.AuthClient() + self._ac.set_client_creds(client_id, client_secret) + self._token = None + self._token_exp = None + + def set_auth_url(self, auth_url): + self._ac.set_auth_url(auth_url) + + def get_token(self): + if not self._got_valid_token(): + self._get_new_token() + return self._token + + def _got_valid_token(self): + fuzz = 10 + return (self._token is not None and + self._token_exp is not None and + time.time() + fuzz < self._token_exp) + + def _get_new_token(self): + self._token = self._ac.get_token(' '.join(self.scopes)) + parsed = jwt.decode(self._token, verify=False) + self._token_exp = parsed['exp'] |