10.3. Authentication Store¶

Secure storage for Authentication methods.

pytan3.auth_store.DEFAULT_NAME = 'credentials'¶: str – Default pytan3.auth_methods.AuthMethod name to load in AuthStore.

pytan3.auth_store.STORE_FILE = '{http_client.parsed_url.hostname}.store'¶

str – Store filename template filename to use in AuthStore.

Will use OS Environment variable “PYTAN_STORE_FILE” if set.

class pytan3.auth_store.AuthStore(http_client, method='credentials', secret=None, data=None, src='init', lvl='info')[source]¶

Bases: object

Secure storage for pytan3.auth_methods.AuthMethod.

__init__(http_client, method='credentials', secret=None, data=None, src='init', lvl='info')[source]¶

Constructor.

Parameters:

Parameters:	http_client (`pytan3.http_client.HttpClient`) – HTTP client. method (`str` or `pytan3.auth_methods.AuthMethod`, optional) – AuthMethod to use for this object. Defaults to: `DEFAULT_NAME`. secret (`str`, optional) – Encryption key. Will use STORE_SECRET as default if None. Defaults to: None. data (`dict`, optional) – Initialize data store with dict. Defaults to: None. src (`str`, optional) – Where this store came from. Defaults to: “init”. lvl (`str`, optional) – Logging level. Defaults to: “info”.

http_client (pytan3.http_client.HttpClient) – HTTP client.
method (str or pytan3.auth_methods.AuthMethod, optional) –
AuthMethod to use for this object.

Defaults to: DEFAULT_NAME.
secret (str, optional) –
Encryption key.

Will use STORE_SECRET as default if None.

Defaults to: None.
data (dict, optional) –
Initialize data store with dict.

Defaults to: None.
src (str, optional) –
Where this store came from.

Defaults to: “init”.
lvl (str, optional) –
Logging level.

Defaults to: “info”.

__str__()[source]¶

Show object info.

Returns:	`str`

__repr__()[source]¶

Show object info.

Returns:	`str`

http_client¶

Get the HTTP Client for this object.

Returns:	`pytan3.http_client.HttpClient`

set(key, value)[source]¶

Set key value in data.

Parameters:	key (`str`) – Key name to set in data. value (`str`) – Value to set for key in data.

get(key, required=True)[source]¶

Get key value from data.

Parameters:	key (`str`) – Key to get, required (`bool`, optional) – Raise error if key not found in store. Defaults to: True.
Raises:	`exceptions.ModuleError` – If key is required and not found.
Returns:	`str`

secret¶

Get the secret for this store.

Returns:	`str`

method¶

Get the method class for this store.

Returns:	`pytan3.auth_methods.AuthMethod`

create_method(**kwargs)[source]¶

Create an pytan3.auth_methods.AuthMethod from this store.

Parameters:	**kwargs – Rest of kwargs passed to `pytan3.auth_methods.AuthMethod.from_store()`.
Returns:	`pytan3.auth_methods.AuthMethod`

to_stream(stream=None)[source]¶

Write this stores encrypted data to a file like object.

Parameters:

Parameters:	stream (`io.IOBase`, optional) – Object to write store to. If None, create and return a `six.StringIO`. Defaults to: None.
Returns:	`io.IOBase`

stream (io.IOBase, optional) –

Object to write store to.

If None, create and return a six.StringIO.

Defaults to: None.

Returns: io.IOBase

to_path(path=None, path_sub='stores', path_file='{http_client.parsed_url.hostname}.store', overwrite=False)[source]¶

Write this stores encrypted data to a path.

Parameters:	path (`str` or `pathlib.Path`, optional) – Storage directory to use. If empty, resolve path via `pytan3.utils.tools.get_storage_dir()`. Defaults to: None. path_sub (`str`, optional) – Sub directory under path that should contain path_file. Defaults to: “stores” path_file (`str`, optional) – Filename to use for store file under path / path_sub. Defaults to: `STORE_FILE` overwrite (`bool`, optional) – If True, if store_file exists, overwrite and throw warning. If False, if store_file exists, do not overwrite and throw exception. If None, if store_file exists, do not overwrite and throw warning. Defaults to: False.
Raises:	`exceptions.ModuleError` – If path / path_sub / path_file exists and overwrite is False `exceptions.ModuleWarning` – If path / path_sub / path_file exists and overwrite is None or True.
Returns:	Absolute full path where store file was written.
Return type:	`pathlib.Path`

to_string()[source]¶

Write this stores encrypted data to a string.

Returns:	`str`

classmethod from_stream(http_client, stream, secret=None, src='stream', lvl='info')[source]¶

Create store from encrypted data in a file like object.

Parameters:

Parameters:	http_client (`pytan3.http_client.HttpClient`) – HTTP client. stream (`io.IOBase`) – File like object to read from. secret (`str`, optional) – Decryption key. Will use STORE_SECRET as default if None. Defaults to: None. src (`str`, optional) – Where this store came from. Defaults to: “stream”. lvl (`str`, optional) – Logging level for this object. Defaults to: “info”.
Returns:	`AuthStore`

http_client (pytan3.http_client.HttpClient) – HTTP client.
stream (io.IOBase) – File like object to read from.
secret (str, optional) –
Decryption key.

Will use STORE_SECRET as default if None.

Defaults to: None.
src (str, optional) –
Where this store came from.

Defaults to: “stream”.
lvl (str, optional) –
Logging level for this object.

Defaults to: “info”.

Returns:

AuthStore

classmethod from_string(http_client, string, secret=None, lvl='info')[source]¶

Create store from encrypted data in a string.

Parameters:	http_client (`pytan3.http_client.HttpClient`) – HTTP client. string (`str`) – String to read from. secret (`str`, optional) – Decryption key. Will use STORE_SECRET as default if None. Defaults to: None. lvl (`str`, optional) – Logging level for this object. Defaults to: “info”.
Returns:	`AuthStore`

classmethod from_path(http_client, path=None, path_sub='stores', path_file='{http_client.parsed_url.hostname}.store', secret=None, lvl='info')[source]¶

Create store from encrypted data in a file.

Parameters:	http_client (`pytan3.http_client.HttpClient`) – HTTP client. path (`str` or `pathlib.Path`, optional) – Storage directory to use. If empty, resolve path via `pytan3.utils.tools.get_storage_dir()`. Defaults to: None. path_sub (`str`, optional) – Sub directory under path that should contain path_file. Defaults to: “stores” path_file (`str`, optional) – Filename to use for store file under path / path_sub. Defaults to: `STORE_FILE` secret (`str`, optional) – Decryption key. Will use STORE_SECRET as default if None. Defaults to: None. lvl (`str`, optional) – Logging level for this object. Defaults to: “info”.
Raises:	(`exceptions.ModuleError`) – If path does not exist as a file.
Returns:	`AuthStore`

classmethod _decrypt(data, http_client, secret=None)[source]¶

Decrypt data using secret.

Parameters:	data (`str`) – Data to decrypt. http_client (`pytan3.http_client.HttpClient`) – HTTP client. secret (`str`, optional) – Decryption key. Will use STORE_SECRET as default if None. Defaults to: None.
Returns:	`str`

classmethod _encrypt(data, http_client, secret=None)[source]¶

Encrypt data using secret.

Parameters:	data (`str`) – Data to encrypt. http_client (`pytan3.http_client.HttpClient`) – HTTP client. secret (`str`, optional) – Decryption key. Will use STORE_SECRET as default if None. Defaults to: None.
Returns:	`str`

classmethod _build_key(http_client, secret=None)[source]¶

Build an encryption key by combining an SSL cert PEM and a secret.

Parameters:	http_client (`pytan3.http_client.HttpClient`) – HTTP client. secret (`str`, optional) – Decryption key. Will use STORE_SECRET as default if None. Defaults to: None.
Returns:	`str`

10.3.1. Exceptions for Authentication Store