hop.auth¶
- class hop.auth.Auth(user, password, host='', ssl=True, method=SASLMethod.SCRAM_SHA_512, **kwargs)[source]¶
Attach SASL-based authentication to a client.
Returns client-based auth options when called.
- Parameters
user (str) – Username to authenticate with.
password (str) – Password to authenticate with.
host (str, optional) – The name of the host for which this authentication is valid.
ssl (bool, optional) – Whether to enable SSL (enabled by default).
method (SASLMethod, optional) – The SASL method to authenticate, default = SASLMethod.SCRAM_SHA_512. See valid SASL methods in SASLMethod.
ssl_ca_location (str, optional) – If using SSL via a self-signed cert, a path/location to the certificate.
- property hostname¶
The hostname with which this creential is associated, or the empty string if the credential did not contain this information
- property mechanism¶
The authentication mechanism to use
- property password¶
The password for this credential
- property protocol¶
The communication protocol to use
- property ssl¶
Whether communication should be secured with SSL
- property ssl_ca_location¶
The location of the Certfificate Authority data used for SSL, or None if SSL is not enabled
- property username¶
The username for this credential
- hop.auth.add_credential(args)[source]¶
Load a new credential and store it to the persistent configuration.
- Parameters
args – Command line options/arguments object. args.cred_file is taken as the path to a CSV file to import, or if None the user is prompted to enter a credential directly. args.force controls whether an existing credential with an identical name will be overwritten.
- hop.auth.delete_credential(name: str)[source]¶
Delete a credential from the persistent configuration.
- Parameters
name – The username, or username and hostname separated by an ‘@’ character of the credential
delete. (to) –
- Raises
RuntimeError – If no credentials or more than one credential matches the specified name, making the operation impossible or ambiguous.
- hop.auth.load_auth(config_file=None)[source]¶
Configures an Auth instance given a configuration file.
- Parameters
config_file – Path to a configuration file, loading from the default location if not given.
- Returns
A list of configured Auth instances.
- Raises
RuntimeError – The config file exists, but has unsafe permissions and will not be read until they are corrected.
KeyError – An error occurred parsing the configuration file.
FileNotFoundError – The configuration file, either as specified explicitly or found automatically, does not exist
- hop.auth.prune_outdated_auth(config_file=None)[source]¶
Remove auth data from a general configuration file.
This can be needed when updating auth data which was read from the general config for backwards compatibility, but is then written out to the correct new location in a separate auth config, as is now proper. With no further action, this would leave a vestigial copy from before the update in the general config file, which would not be rewritten, so this function exists to perform the necessary rewrite.
- Parameters
config_file – Path to a configuration file, rewriting the default location if not given.
- Raises
RuntimeError – The config file is malformed.
- hop.auth.read_new_credential(csv_file=None)[source]¶
Import a credential from a CSV file or obtain it interactively from the user.
- Parameters
csv_file – Path to a file from which to read credential data in CSV format. If unspecified, the user will be prompted to enter data instead.
- Returns
A configured Auth object containing the new credential.
- Raises
FileNotFoundError – If csv_file is not None and refers to a nonexistent path.
KeyError – If csv_file is not None and the specified file does not contain either a username or password field.
RuntimeError – If csv_file is None and the interactively entered username or passwod is empty.
- hop.auth.select_matching_auth(creds, hostname, username=None)[source]¶
Selects the most appropriate credential to use when attempting to contact the given host.
- Parameters
creds – A list of configured Auth objects. These can be obtained from
load_auth()
.hostname – The name of the host for which to select suitable credentials.
username – str, optional The name of the credential to use.
- Returns
A single Auth object which should be used to authenticate.
- Raises
RuntimeError – Too many or too few credentials matched.