Re-implementing service princpal code, DO NOT REMOVE IT BREAKS STUFF

84868b63 · Spencer Sutton · c7aa2c18 · 84868b63
Commit 84868b63 authored Apr 21, 2021 by Spencer Sutton
--- a/osdu_api/base_client.py
+++ b/osdu_api/base_client.py
-#  Copyright 2020 Google LLC
-#  Copyright © 2020 Amazon Web Services
+# Copyright © 2020 Amazon Web Services
 #
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import sys, os
+import importlib
+from configparser import SafeConfigParser
 import requests
-from osdu_api.libs.configuration.config_manager import ConfigManager
-from osdu_api.libs.context.context import Context
-from osdu_api.libs.exceptions.exceptions import UnknownRequestMethodError, ConfigurationError
-from osdu_api.libs.auth.authorization import TokenRefresher, authorize
 from osdu_api.model.http_method import HttpMethod

-
+'''
+Base client that is meant to be extended by service specific clients
+'''
 class BaseClient:
-    """
-    Base client that is meant to be extended by service specific clients.
-    """

-    def __init__(self, token_refresher: TokenRefresher, context: Context):
-        self._config_manager = ConfigManager()
-        self.token_refresher = token_refresher
-        self.data_partition_id = context.data_partition_id
+    '''
+    Base client gets initialized with configuration values and a bearer token
+    based on provider-specific logic
+    '''
+    def __init__(self):
+        self._parse_config()
+        self.unauth_retries = 0
+        if self.use_service_principal == 'True' or self.use_service_principal == 'true':
+            self._refresh_service_principal_token()
+    
+    '''
+    Example config file:
+    [environment]
+    data_partition_id=opendes
+    storage_url=https://[STORAGE_ENDPOINT]/api/storage/v2
+    search_url=https://[SEARCH_ENDPOINT]/api/search/v2
+    data_workflow_url=https://[WORKFLOW_ENDPOINT]/api/data-workflow/v1
+    file_dms_url=https://[FILE_DMS_ENDPOINT]/api/filedms/v2
+    dataset_registry_url=https://[DATASET_REGISTRY_URL]/api/dataset-registry/v1

-    def get_config_value(self, value: str) -> str:
-        return self._config_manager.get_config_value(value)
+    [provider]
+    name=aws
+    entitlements_module_name=entitlements_client
+    '''
+    def _parse_config(self):
+        config_parser = SafeConfigParser(os.environ)
+        config_file_name = 'osdu_api.ini'
+        found_names = config_parser.read(config_file_name)
+        if config_file_name not in found_names:
+            raise Exception('Could not find osdu_api.ini config file')

-    @authorize()
-    def _send_request(self, headers: dict, url: str, params: dict, data: str, method: HttpMethod) -> requests.Response:
-        if method is HttpMethod.GET:
-            response = requests.get(url=url, params=params, headers=headers)
-        elif method is HttpMethod.POST:
-            response = requests.post(url=url, params=params, data=data, headers=headers)
-        elif method is HttpMethod.PUT:
-            response = requests.put(url=url, params=params, data=data, headers=headers)
-        else:
-            raise UnknownRequestMethodError
-        return response
+        self.data_partition_id = config_parser.get('environment', 'data_partition_id')
+        self.storage_url = config_parser.get('environment', 'storage_url')
+        self.search_url = config_parser.get('environment', 'search_url')
+        self.data_workflow_url = config_parser.get('environment', 'data_workflow_url')
+        self.file_dms_url = config_parser.get('environment', 'file_dms_url')
+        self.legal_url = config_parser.get('environment', 'legal_url')
+        self.entitlements_url = config_parser.get('environment', 'entitlements_url')
+        self.dataset_url = config_parser.get('environment', 'dataset_url')
+        self.schema_url = config_parser.get('environment', 'schema_url')
+        self.use_service_principal = config_parser.get('environment', 'use_service_principal')
+
+        self.provider = config_parser.get('provider', 'name')
+        self.service_principal_module_name = config_parser.get('provider', 'service_principal_module_name')

-    def make_request(
-            self,
-            method: HttpMethod,
-            url: str,
-            data: str = '',
-            add_headers: dict = None,
-            params: dict = None
-    ) -> requests.Response:
-        """
-        Makes a request using python's built in requests library. Takes additional headers if
-        necessary
-        """
-        params = params or {}
-        add_headers = add_headers or {}
+    
+    '''
+    The path to the logic to get a valid bearer token is dynamically injected based on
+    what provider and entitlements module name is provided in the configuration yaml
+    '''
+    def _refresh_service_principal_token(self):
+        entitlements_client = importlib.import_module('osdu_api.provider.%s.%s' % (self.provider, self.service_principal_module_name))
+        self.service_principal_token = entitlements_client.get_service_principal_token()
+        
+    '''
+    Makes a request using python's built in requests library. Takes additional headers if
+    necessary
+    '''
+    def make_request(self, method: HttpMethod, url: str, data = '', add_headers = {}, params = {}, bearer_token = None):
+        if bearer_token is not None and 'Bearer ' not in bearer_token:
+            bearer_token = 'Bearer ' + bearer_token
+        
        headers = {
            'content-type': 'application/json',
            'data-partition-id': self.data_partition_id,
+            'Authorization': bearer_token if bearer_token is not None else self.service_principal_token
        }

-        for key, value in add_headers.items():
-            headers[key] = value
-        response = self._send_request(headers, url, params, data, method)
+        if (len(add_headers) > 0):
+            for key, value in add_headers:
+                headers[key] = value
+
+        response = object
+
+        if (method == HttpMethod.GET):
+            response = requests.get(url=url, params=params, headers=headers, verify=False)
+        elif (method == HttpMethod.DELETE):
+            response = requests.delete(url=url, params=params, headers=headers, verify=False)
+        elif (method == HttpMethod.POST):
+            response = requests.post(url=url, params=params, data=data, headers=headers, verify=False)
+        elif (method == HttpMethod.PUT):
+            response = requests.put(url=url, params=params, data=data, headers=headers, verify=False)
+
+        if (response.status_code == 401 or response.status_code == 403) and self.unauth_retries < 1:
+            if self.use_service_principal == 'True' or self.use_service_principal == 'true':
+                self.unauth_retries += 1
+                self._refresh_service_principal_token()
+                self.make_request(method, url, data, add_headers, params, None)
+        
+        self.unauth_retries = 0
+        
        return response