1 files changed, 70 insertions, 0 deletions

diff --git a/ick2/tokengetter.py b/ick2/tokengetter.py
new file mode 100644
index 0000000..c152148
--- /dev/null
+++ b/ick2/tokengetter.py
@@ -0,0 +1,70 @@
+# Copyright (C) 2019  Lars Wirzenius
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+import time
+
+
+import jwt
+
+
+import ick2
+
+
+class TokenGetter:
+
+    scopes = [
+        'super',
+        'create',
+        'update',
+        'show',
+        'delete',
+        'uapi_workers_post',
+        'uapi_workers_id_get',
+        'uapi_workers_id_put',
+        'uapi_workers_id_delete',
+        'uapi_builds_post',
+        'uapi_builds_id_get',
+        'uapi_builds_id_put',
+        'uapi_builds_id_delete',
+        'uapi_logs_post',
+        'uapi_logs_id_get',
+        'uapi_logs_id_put',
+        'uapi_logs_id_delete',
+    ]
+
+    def __init__(self, client_id, client_secret):
+        self._ac = ick2.AuthClient()
+        self._ac.set_client_creds(client_id, client_secret)
+        self._token = None
+        self._token_exp = None
+
+    def set_auth_url(self, auth_url):
+        self._ac.set_auth_url(auth_url)
+
+    def get_token(self):
+        if not self._got_valid_token():
+            self._get_new_token()
+        return self._token
+
+    def _got_valid_token(self):
+        fuzz = 10
+        return (self._token is not None and
+                self._token_exp is not None and
+                time.time() + fuzz < self._token_exp)
+
+    def _get_new_token(self):
+        self._token = self._ac.get_token(' '.join(self.scopes))
+        parsed = jwt.decode(self._token, verify=False)
+        self._token_exp = parsed['exp']