TokenManagerClient

The TokenManagerClient is a class representing the client of the DIRAC TokenManager service.

class DIRAC.FrameworkSystem.Client.TokenManagerClient.TokenManagerClient(**kwargs)

Bases: DIRAC.Core.Base.Client.Client

Client exposing the TokenManager Service.

DEFAULT_RT_EXPIRATION_TIME = 86400
__init__(**kwargs)

C’tor.

Parameters

kwargs – just stored as an attribute and passed when creating the RPCClient

property call

To be removed once we’re sure self.call has been removed

Type

Deprecated

deleteToken(self, userDN, **kwargs)

Delete a token from the DB

Parameters

userDN – user DN

Returns

S_OK()/S_ERROR()

Automatically created for the service function export_deleteToken()

executeRPC(*parms, **kws)

This method extracts some parameters from kwargs that are used as parameter of the constructor or RPCClient. Unfortunately, only a few of all the available parameters of BaseClient are exposed.

Parameters

  • rpc – if an RPC client is passed, use that one

  • timeout – we can change the timeout on a per call bases. Default is self.timeout

  • url – We can specify which url to use

getClientKWArgs()

Returns a copy of the connection arguments

getServer()

Getter for the server url. Useful ?

getToken(**kwargs)

Get an access token for a user/group.

Parameters

  • username – user name

  • userGroup – group name

  • scope – scope

  • audience – audience

  • identityProvider – identity Provider

  • requiredTimeLeft – required time

Returns

S_OK(dict)/S_ERROR()

getUserTokensInfo(self, **kwargs)

Generate information dict about user tokens

Returns

dict

Automatically created for the service function export_getUserTokensInfo()

getUsersTokensInfo(self, users, **kwargs)

Get the info about the user tokens in the database

Parameters

users – user names

Returns

S_OK(list) – return list of tokens dictionaries

Automatically created for the service function export_getUsersTokensInfo()

httpsClient

alias of DIRAC.Core.Tornado.Client.TornadoClient.TornadoClient

setServer(url)

Set the server URL used by default

Parameters

url – url of the service

updateToken(self, token, userID, provider, rt_expired_in, **kwargs)

Using this method, you can transfer user tokens for storage in the TokenManager.

It is important to note that TokenManager saves only one token per user and, accordingly, the Identity Provider from which it was issued. So when a new token is delegated, keep in mind that the old token will be deleted.

Parameters

  • token – token

  • userID – user ID

  • provider – provider name

  • rt_expired_in – refresh token expires time (in seconds)

Returns

S_OK(list)/S_ERROR() – list contain uploaded tokens info as dictionaries

Automatically created for the service function export_updateToken()