hop.auth

class hop.auth.Auth(user, password, host='', ssl=True, method=<SASLMethod.SCRAM_SHA_512: 3>, **kwargs)[source]

Attach SASL-based authentication to a client.

Returns client-based auth options when called.

Parameters
  • user (str) – Username to authenticate with.

  • password (str) – Password to authenticate with.

  • host (str, optional) – The name of the host for which this authentication is valid.

  • ssl (bool, optional) – Whether to enable SSL (enabled by default).

  • method (SASLMethod, optional) – The SASL method to authenticate, default = SASLMethod.SCRAM_SHA_512. See valid SASL methods in SASLMethod.

  • ssl_ca_location (str, optional) – If using SSL via a self-signed cert, a path/location to the certificate.

hop.auth.add_credential(args)[source]

Load a new credential and store it to the persistent configuration.

Parameters

args – Command line options/arguments object. args.cred_file is taken as the path to a CSV file to import, or if None the user is prompted to enter a credential directly. args.force controls whether an existing credential with an identical name will be overwritten.

hop.auth.delete_credential(name: str)[source]

Delete a credential from the persistent configuration.

Parameters
  • name – The username, or username and hostname separated by an ‘@’ character of the credential

  • delete. (to) –

Raises

RuntimeError – If no credentials or more than one credential matches the specified name, making the operation impossible or ambiguous.

hop.auth.list_credentials()[source]

Display a list of all configured credentials.

hop.auth.load_auth(config_file=None)[source]

Configures an Auth instance given a configuration file.

Parameters

config_file – Path to a configuration file, loading from the default location if not given.

Returns

A list of configured Auth instances.

Raises
  • RuntimeError – The config file exists, but has unsafe permissions and will not be read until they are corrected.

  • KeyError – An error occurred parsing the configuration file.

  • FileNotFoundError – The configuration file, either as specified explicitly or found automatically, does not exist

hop.auth.prune_outdated_auth(config_file=None)[source]

Remove auth data from a general configuration file.

This can be needed when updating auth data which was read from the general config for backwards compatibility, but is then written out to the correct new location in a separate auth config, as is now proper. With no further action, this would leave a vestigial copy from before the update in the general config file, which would not be rewritten, so this function exists to perform the necessary rewrite.

Parameters

config_file – Path to a configuration file, rewriting the default location if not given.

Raises

RuntimeError – The config file is malformed.

hop.auth.read_new_credential(csv_file=None)[source]

Import a credential from a CSV file or obtain it interactively from the user.

Parameters

csv_file – Path to a file from which to read credential data in CSV format. If unspecified, the user will be prompted to enter data instead.

Returns

A configured Auth object containing the new credential.

Raises
  • FileNotFoundError – If csv_file is not None and refers to a nonexistent path.

  • KeyError – If csv_file is not None and the specified file does not contain either a username or password field.

  • RuntimeError – If csv_file is None and the interactively entered username or passwod is empty.

hop.auth.select_matching_auth(creds, hostname, username=None)[source]

Selects the most appropriate credential to use when attempting to contact the given host.

Parameters
  • creds – A list of configured Auth objects. These can be obtained from load_auth().

  • hostname – The name of the host for which to select suitable credentials.

  • usernamestr, optional The name of the credential to use.

Returns

A single Auth object which should be used to authenticate.

Raises

RuntimeError – Too many or too few credentials matched.

hop.auth.write_auth_data(config_file, credentials)[source]

Write configuration file for the set of credentials.

Creates containing directories as needed.

Parameters
  • config_file – configuration file path

  • credentials – list of Auth objects representing credentials to be stored