Auth¶
The momotor.rpc.auth module contains functions and classes to set up an authenticated channel to the
Momotor broker.
It also provides functions to generate random authentication tokens.
Client¶
- class momotor.rpc.auth.client.AuthenticatingChannel(channel, auth_token=None)¶
Wrapper for
grpclib.client.Channelthat adds an auth-token metadata to any request.Proxies all methods of
grpclib.client.Channel, and adds a few additional methods
- async momotor.rpc.auth.client.authenticate(channel, api_key, api_secret, *, stub=None)¶
Authenticate with the server. Returns an
AuthenticatingChannel.Any exception returned by the server is raised as a subclass of RPCException
- async momotor.rpc.auth.client.get_authenticated_channel(host, port, api_key, api_secret, auth_token=None, *, ssl_context=None, loop=None, log_h2=False, keepalive_time=900, **channel_opts)¶
Connect to a broker and authenticate, possibly using an already existing token.
Returns a tuple with
the authenticated channel
the auth stub
If authentication fails, raises (a subclass of)
RPCExceptionProduces logging information on the
momotor.rpc.authlogger- Parameters
host (
str) – Broker’s hostnameport (
Optional[int]) – Broker’s port. If None, uses default ports 50051 or 50052, depending on ssl_context valueapi_key (
str) – API key to authenticate withapi_secret (
str) – API secret to authenticate withauth_token (
Optional[str]) – (optional) existing authentication token to reuse sessionssl_context – SSL context to use
loop – asyncio event loop (Deprecated)
log_h2 – if True, enables logging of the h2 library
keepalive_time – keep alive time (None to disable)
channel_opts – additional keyword arguments supplied to grpclib.channel.Channel
- Return type
- Returns
tuple containing: the authenticated channel and the auth stub
Utils¶
- momotor.rpc.auth.utils.CHALLENGE_LENGTH = 512¶
Length of the challenge
- momotor.rpc.auth.utils.API_KEY_CHARSET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'¶
Valid characters for an API key
- momotor.rpc.auth.utils.API_KEY_LENGTH = 24¶
Default length of an API key
- momotor.rpc.auth.utils.API_SECRET_CHARSET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@$^&-_+./?'¶
Valid characters for an API secret
- momotor.rpc.auth.utils.API_SECRET_LENGTH = 64¶
Default length of an API secret
- momotor.rpc.auth.utils.SALT_CHARSET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@$^&-_+./?'¶
Valid characters for the salt used
- momotor.rpc.auth.utils.SALT_LENGTH = 8¶
Length of the salt
- momotor.rpc.auth.utils.gen_key(charset, length)¶
Generate a key of length using characters in charset
- momotor.rpc.auth.utils.gen_api_key()¶
Generate a random API key
- Return type
- Returns
the generated key
- momotor.rpc.auth.utils.gen_api_secret()¶
Generate a random secret
- Return type
- Returns
the generated secret
- momotor.rpc.auth.utils.gen_salt()¶
Generate a random salt
- Return type
- Returns
the generated salt
- momotor.rpc.auth.utils.gen_challenge()¶
Generate a random challenge
- Return type
- Returns
the generated challenge
- momotor.rpc.auth.utils.constant_time_compare(val1, val2)¶
Returns True if the two strings are equal, False otherwise.
The time taken is independent of the number of characters that match.
(Borrowed from Django)
- momotor.rpc.auth.utils.calculate_challenge_response(api_key, api_secret, salt, challenge)¶
Calculate the response to a challenge request