Skip to content

rs_server_common/authentication/external_authentication_config.md

<< Back to index

ExternalAuthenticationConfig implementation.

ExternalAuthenticationConfig dataclass

A configuration class for storing external authentication details, such as those used for API requiring token-based authentication.

Values are read either from the rs-server.yaml (in local mode) or RSPY__TOKEN__ env vars (in cluster mode).

Attributes:

Name Type Description
station_id str

The unique identifier for the station requesting the token.
domain str

The domain for the external service.
service_name str

The name of the external service.
service_url str

The URL of the external service.
auth_type str

The type of authentication used (e.g., 'token', 'basic').
Source code in docs/rs-server/services/common/rs_server_common/authentication/external_authentication_config.py 
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
@dataclass
class ExternalAuthenticationConfig:  # pylint: disable=too-many-instance-attributes
    """
    A configuration class for storing external authentication details, such as those used for
    API requiring token-based authentication.

    Values are read either from the rs-server.yaml (in local mode) or RSPY__TOKEN__ env vars (in cluster mode).

    Attributes:
        station_id (str): The unique identifier for the station requesting the token.
        domain (str): The domain for the external service.
        service_name (str): The name of the external service.
        service_url (str): The URL of the external service.
        auth_type (str): The type of authentication used (e.g., 'token', 'basic').
    """

    station_id: str
    domain: str
    service_name: str
    service_url: str
    auth_type: str

S3ExternalAuthenticationConfig dataclass

Bases: ExternalAuthenticationConfig

Configuration class for storing external authentication details for S3 buckets.

Attributes:

Name Type Description
station_id str

The unique identifier for the station requesting the token.
domain str

The domain for the external service.
service_name str

The name of the external service.
service_url str

The URL of the external service.
auth_type str

The type of authentication used (e.g., 'token', 'basic').
access_key str

Access key to the S3 storage
secret_key str

Secret key to the S3 storage
trusted_domains Optional[str]

The list of allowed hosts for http redirection
Source code in docs/rs-server/services/common/rs_server_common/authentication/external_authentication_config.py 
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
@dataclass
class S3ExternalAuthenticationConfig(ExternalAuthenticationConfig):
    """
    Configuration class for storing external authentication details for S3 buckets.

    Attributes:
        station_id (str): The unique identifier for the station requesting the token.
        domain (str): The domain for the external service.
        service_name (str): The name of the external service.
        service_url (str): The URL of the external service.
        auth_type (str): The type of authentication used (e.g., 'token', 'basic').
        access_key (str): Access key to the S3 storage
        secret_key (str): Secret key to the S3 storage
        trusted_domains (Optional[str]): The list of allowed hosts for http redirection
    """

    access_key: str
    secret_key: str
    trusted_domains: list[str] | None = None

StationExternalAuthenticationConfig dataclass

Bases: ExternalAuthenticationConfig

Configuration class for storing external authentication details for stations.

Attributes:

Name Type Description
station_id str

The unique identifier for the station requesting the token.
domain str

The domain for the external service.
service_name str

The name of the external service.
service_url str

The URL of the external service.
auth_type str

The type of authentication used (e.g., 'token', 'basic').
token_url str

The URL to request the authentication token.
grant_type str

The grant type used for obtaining the token. Currently, only 'password' is available.
username str

The username used for authentication.
password str

The password used for authentication.
client_id str

The client ID used for authentication.
client_secret str

The client secret used for authentication.
scope Optional[str]

The scope of access requested in the authentication token (if applicable).
authorization Optional[str]

Additional authorization header (if required).
trusted_domains Optional[str]

The list of allowed hosts for http redirection
Source code in docs/rs-server/services/common/rs_server_common/authentication/external_authentication_config.py 
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
@dataclass
class StationExternalAuthenticationConfig(ExternalAuthenticationConfig):
    """
    Configuration class for storing external authentication details for stations.

    Attributes:
        station_id (str): The unique identifier for the station requesting the token.
        domain (str): The domain for the external service.
        service_name (str): The name of the external service.
        service_url (str): The URL of the external service.
        auth_type (str): The type of authentication used (e.g., 'token', 'basic').
        token_url (str): The URL to request the authentication token.
        grant_type (str): The grant type used for obtaining the token. Currently, only 'password' is available.
        username (str): The username used for authentication.
        password (str): The password used for authentication.
        client_id (str): The client ID used for authentication.
        client_secret (str): The client secret used for authentication.
        scope (Optional[str]): The scope of access requested in the authentication token (if applicable).
        authorization (Optional[str]): Additional authorization header (if required).
        trusted_domains (Optional[str]): The list of allowed hosts for http redirection
    """

    token_url: str
    grant_type: str
    username: str
    password: str
    client_id: str
    client_secret: str
    scope: str | None = None
    authorization: str | None = None
    trusted_domains: list[str] | None = None

create_external_auth_config(station_id, station_dict, service_dict)

Create an ExternalAuthenticationConfig object based on the provided station and service dictionaries.

Parameters:

Name Type Description Default
station_id str

The unique identifier for the station.

 required
station_dict Dict[str, Any]

Dictionary containing station-specific configuration details.

 required
service_dict Dict[str, Any]

Dictionary containing service-specific configuration details.

 required

Returns:

Name Type Description
ExternalAuthenticationConfig StationExternalAuthenticationConfig | S3ExternalAuthenticationConfig | None

An object representing the external authentication configuration.

Raises:

Type Description
KeyError

If any required keys are missing in the configuration dictionaries.
Source code in docs/rs-server/services/common/rs_server_common/authentication/external_authentication_config.py 
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
def create_external_auth_config(
    station_id: str,
    station_dict: dict[str, Any],
    service_dict: dict[str, Any],
) -> StationExternalAuthenticationConfig | S3ExternalAuthenticationConfig | None:
    """
    Create an ExternalAuthenticationConfig object based on the provided station and service dictionaries.

    Args:
        station_id (str): The unique identifier for the station.
        station_dict (Dict[str, Any]): Dictionary containing station-specific configuration details.
        service_dict (Dict[str, Any]): Dictionary containing service-specific configuration details.

    Returns:
        ExternalAuthenticationConfig: An object representing the external authentication configuration.

    Raises:
        KeyError: If any required keys are missing in the configuration dictionaries.
    """
    try:
        if service_dict["name"] == "s3":
            return S3ExternalAuthenticationConfig(
                station_id=station_id,
                domain=station_dict["domain"],
                service_name=service_dict["name"],
                service_url=service_dict["url"],
                auth_type=station_dict.get("authentication", {}).get("auth_type"),
                trusted_domains=station_dict.get("trusteddomains", None),
                access_key=station_dict.get("authentication", {}).get("access_key"),
                secret_key=station_dict.get("authentication", {}).get("secret_key"),
            )

        return StationExternalAuthenticationConfig(
            station_id=station_id,
            domain=station_dict["domain"],
            service_name=service_dict["name"],
            service_url=service_dict["url"],
            auth_type=station_dict.get("authentication", {}).get("auth_type"),
            token_url=station_dict.get("authentication", {}).get("token_url"),
            grant_type=station_dict.get("authentication", {}).get("grant_type"),
            username=station_dict.get("authentication", {}).get("username"),
            password=station_dict.get("authentication", {}).get("password"),
            client_id=station_dict.get("authentication", {}).get("client_id"),
            client_secret=station_dict.get("authentication", {}).get("client_secret"),
            scope=station_dict.get("authentication", {}).get("scope"),
            authorization=station_dict.get("authentication", {}).get("authorization"),
            trusted_domains=station_dict.get("trusteddomains", None),
        )
    except KeyError as e:
        logger.error(f"Error loading configuration, couldn't find a key: {e}")
    return None