-
Notifications
You must be signed in to change notification settings - Fork 232
/
uamqp.authentication.cbs_auth.JWTTokenAuth.yml
209 lines (185 loc) · 6.29 KB
/
uamqp.authentication.cbs_auth.JWTTokenAuth.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
### YamlMime:PythonClass
uid: uamqp.authentication.cbs_auth.JWTTokenAuth
name: JWTTokenAuth
fullName: uamqp.authentication.cbs_auth.JWTTokenAuth
module: uamqp.authentication.cbs_auth
inheritances:
- uamqp.authentication.common.AMQPAuth
- uamqp.authentication.cbs_auth.CBSAuthMixin
summary: CBS authentication using JWT tokens.
constructor:
syntax: JWTTokenAuth(audience, uri, get_token, expires_in=datetime.timedelta(seconds=3600),
expires_at=None, port=None, timeout=10, retry_policy=<uamqp.authentication.cbs_auth.TokenRetryPolicy
object>, verify=None, token_type=b'jwt', http_proxy=None, transport_type=TransportType.Amqp,
encoding='UTF-8', **kwargs)
parameters:
- name: audience
description: 'The token audience field. For JWT tokens
this is usually the URI.'
isRequired: true
types:
- <xref:str>
- <xref:bytes>
- name: uri
description: 'The AMQP endpoint URI. This must be provided as
a decoded string.'
isRequired: true
types:
- <xref:str>
- name: get_token
description: 'The callback function used for getting and refreshing
tokens. It should return a valid jwt token each time it is called.'
isRequired: true
types:
- <xref:<xref:callable object>>
- name: expires_in
description: 'The total remaining seconds until the token
expires - default for JWT token generated by AAD is 3600s (1 hour).'
defaultValue: '1:00:00'
types:
- <xref:datetime.timedelta>
- name: expires_at
description: 'The timestamp at which the JWT token will expire
formatted as seconds since epoch.'
defaultValue: None
types:
- <xref:float>
- name: port
description: The TLS port - default for AMQP is 5671.
defaultValue: None
types:
- <xref:int>
- name: timeout
description: 'The timeout in seconds in which to negotiate the token.
The default value is 10 seconds.'
defaultValue: '10'
types:
- <xref:float>
- name: retry_policy
description: 'The retry policy for the PUT token request. The default
retry policy has 3 retries.'
types:
- <xref:uamqp.authentication.cbs_auth.TokenRetryPolicy>
- name: verify
description: The path to a user-defined certificate.
defaultValue: None
types:
- <xref:str>
- name: token_type
description: 'The type field of the token request.
Default value is *b"jwt"*.'
defaultValue: b'jwt'
types:
- <xref:bytes>
- name: http_proxy
description: 'HTTP proxy configuration. This should be a dictionary with
the following keys present: ''proxy_hostname'' and ''proxy_port''. Additional
optional
keys are ''username'' and ''password''.'
defaultValue: None
types:
- <xref:dict>
- name: transport_type
description: 'The transport protocol type - default is ~uamqp.TransportType.Amqp.
~uamqp.TransportType.AmqpOverWebsocket is applied when http_proxy is set or
the
transport type is explicitly requested.'
defaultValue: TransportType.Amqp
types:
- <xref:uamqp.TransportType>
- name: encoding
description: 'The encoding to use if hostname is provided as a str.
Default is ''UTF-8''.'
defaultValue: UTF-8
types:
- <xref:str>
keywordOnlyParameters:
- name: refresh_window
description: 'The time in seconds before the token expiration
time to start the process of token refresh.
Default value is 10% of the remaining seconds until the token expires.'
types:
- <xref:int>
methods:
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.close
name: close
summary: 'Close the authentication layer and cleanup
all the authentication wrapper objects.'
signature: close()
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.close_authenticator
name: close_authenticator
summary: Close the CBS auth channel and session.
signature: close_authenticator()
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.create_authenticator
name: create_authenticator
signature: create_authenticator(connection, debug=False, **kwargs)
parameters:
- name: connection
isRequired: true
- name: debug
defaultValue: 'False'
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.handle_token
name: handle_token
summary: 'This function is called periodically to check the status of the current
token if there is one, and request a new one if needed.
If the token request fails, it will be retried according to the retry policy.
A token refresh will be attempted if the token will expire soon.
This function will return a tuple of two booleans. The first represents whether
the token authentication has not completed within it''s given timeout window.
The
second indicates whether the token negotiation is still in progress.'
signature: handle_token()
return:
types:
- <xref:tuple>[<xref:bool>, <xref:bool>]
exceptions:
- type: uamqp.errors.AuthenticationException if the token authentication fails.
- type: uamqp.errors.TokenExpired if the token has expired and cannot berefreshed.
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.set_io
name: set_io
signature: set_io(hostname, port, http_proxy, transport_type)
parameters:
- name: hostname
isRequired: true
- name: port
isRequired: true
- name: http_proxy
isRequired: true
- name: transport_type
isRequired: true
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.set_tlsio
name: set_tlsio
summary: 'Setup the default underlying TLS IO layer. On Windows this is
Schannel, on Linux and MacOS this is OpenSSL.'
signature: set_tlsio(hostname, port)
parameters:
- name: hostname
description: The endpoint hostname.
isRequired: true
types:
- <xref:bytes>
- name: port
description: The TLS port.
isRequired: true
types:
- <xref:int>
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.set_wsio
name: set_wsio
summary: Setup the default underlying Web Socket IO layer.
signature: set_wsio(hostname, port, http_proxy)
parameters:
- name: hostname
description: The endpoint hostname.
isRequired: true
types:
- <xref:bytes>
- name: port
description: The WSS port.
isRequired: true
types:
- <xref:int>
- name: http_proxy
isRequired: true
- uid: uamqp.authentication.cbs_auth.JWTTokenAuth.update_token
name: update_token
signature: update_token()