feat: update authorization subject

Closing ENG-1825

indykite_sdk/api.py

@@ -612,7 +612,6 @@ def main():
     # is_authorized_dt
     is_authorized_dt_parser = subparsers.add_parser("is_authorized_dt")
     is_authorized_dt_parser.add_argument("digital_twin_id", help="Digital Twin id (gid)")
-    is_authorized_dt_parser.add_argument("tenant_id", help="Tenant id (gid)")
 
     # is_authorized_token
     is_authorized_token_parser = subparsers.add_parser("is_authorized_token")
@@ -626,7 +625,6 @@ def main():
     # what_authorized_dt
     what_authorized_dt_parser = subparsers.add_parser("what_authorized_dt")
     what_authorized_dt_parser.add_argument("digital_twin_id", help="Digital Twin id (gid)")
-    what_authorized_dt_parser.add_argument("tenant_id", help="Tenant id (gid)")
 
     # what_authorized_token
     what_authorized_token_parser = subparsers.add_parser("what_authorized_token")
@@ -2608,15 +2606,13 @@ def main():
 
     elif command == "is_authorized_dt":
         digital_twin_id = args.digital_twin_id
-        tenant_id = args.tenant_id
         actions = ["ACTION1", "ACTION2"]
         resources = [IsAuthorizedResource("resourceID", "TypeName", actions),
                      IsAuthorizedResource("resource2ID", "TypeName", actions)]
         input_params = {"age": "21"}
         policy_tags = ["Car", "Rental", "Sharing"]
         is_authorized = client_authorization.is_authorized_digital_twin(
             digital_twin_id,
-            tenant_id,
             resources,
             input_params,
             policy_tags)
@@ -2663,15 +2659,13 @@ def main():
 
     elif command == "what_authorized_dt":
         digital_twin_id = args.digital_twin_id
-        tenant_id = args.tenant_id
         actions = ["ACTION1", "ACTION2"]
         resource_types = [WhatAuthorizedResourceTypes("TypeName", actions),
                           WhatAuthorizedResourceTypes("TypeNameSecond", actions)]
         input_params = {"age": "21"}
         policy_tags = ["Car", "Rental", "Sharing"]
         what_authorized = client_authorization.what_authorized_digital_twin(
             digital_twin_id,
-            tenant_id,
             resource_types,
             input_params,
             policy_tags)

indykite_sdk/authorization/is_authorized.py

@@ -1,24 +1,19 @@
 from indykite_sdk.indykite.authorization.v1beta1 import authorization_service_pb2 as pb2
-from indykite_sdk.indykite.identity.v1beta2 import attributes_pb2 as attributes
-from indykite_sdk.indykite.identity.v1beta2 import model_pb2 as model
 from indykite_sdk.indykite.objects.v1beta1 import struct_pb2 as pb2_struct
 from indykite_sdk.indykite.authorization.v1beta1 import model_pb2 as pb2_model
 from indykite_sdk.model.is_authorized import IsAuthorizedResponse
 import sys
 import indykite_sdk.utils.logger as logger
 
 
-def is_authorized_digital_twin(self, digital_twin_id, tenant_id, resources=[], input_params={}, policy_tags=[]):
+def is_authorized_digital_twin(self, digital_twin_id, resources=[], input_params={}, policy_tags=[]):
     sys.excepthook = logger.handle_excepthook
     try:
         response = self.stub.IsAuthorized(
             pb2.IsAuthorizedRequest(
                 subject=pb2_model.Subject(
-                    digital_twin_identifier=model.DigitalTwinIdentifier(
-                        digital_twin=model.DigitalTwin(
-                            id=str(digital_twin_id),
-                            tenant_id=str(tenant_id)
-                        )
+                    digital_twin_id=pb2_model.DigitalTwin(
+                        id=str(digital_twin_id)
                     )
                 ),
                 resources=request_resource(resources),
@@ -41,9 +36,7 @@ def is_authorized_token(self, access_token, resources=[], input_params={}, polic
         response = self.stub.IsAuthorized(
             pb2.IsAuthorizedRequest(
                 subject=pb2_model.Subject(
-                    digital_twin_identifier=model.DigitalTwinIdentifier(
-                        access_token=str(access_token)
-                    )
+                    indykite_access_token=str(access_token)
                 ),
                 resources=request_resource(resources),
                 input_params=request_input_params(input_params),
@@ -65,11 +58,9 @@ def is_authorized_property_filter(self, type_filter, value, resources=[], input_
         response = self.stub.IsAuthorized(
             pb2.IsAuthorizedRequest(
                 subject=pb2_model.Subject(
-                    digital_twin_identifier=model.DigitalTwinIdentifier(
-                        property_filter=attributes.PropertyFilter(
-                            type=str(type_filter),
-                            value=pb2_struct.Value(string_value=value)
-                        )
+                    digital_twin_property=pb2_model.Property(
+                        type=str(type_filter),
+                        value=pb2_struct.Value(string_value=value)
                     )
                 ),
                 resources=request_resource(resources),
@@ -99,4 +90,3 @@ def request_input_params(input_params):
         for k, v in input_params.items()
     }
     return input_params_dict
-

indykite_sdk/authorization/what_authorized.py

@@ -1,24 +1,19 @@
 from indykite_sdk.indykite.authorization.v1beta1 import authorization_service_pb2 as pb2
-from indykite_sdk.indykite.identity.v1beta2 import attributes_pb2 as attributes
-from indykite_sdk.indykite.identity.v1beta2 import model_pb2 as model
 from indykite_sdk.indykite.objects.v1beta1 import struct_pb2 as pb2_struct
 from indykite_sdk.indykite.authorization.v1beta1 import model_pb2 as pb2_model
 from indykite_sdk.model.what_authorized import WhatAuthorizedResponse
 import sys
 import indykite_sdk.utils.logger as logger
 
 
-def what_authorized_digital_twin(self, digital_twin_id, tenant_id, resource_types=[], input_params={}, policy_tags=[]):
+def what_authorized_digital_twin(self, digital_twin_id, resource_types=[], input_params={}, policy_tags=[]):
     sys.excepthook = logger.handle_excepthook
     try:
         response = self.stub.WhatAuthorized(
             pb2.WhatAuthorizedRequest(
                 subject=pb2_model.Subject(
-                    digital_twin_identifier=model.DigitalTwinIdentifier(
-                        digital_twin=model.DigitalTwin(
-                            id=str(digital_twin_id),
-                            tenant_id=str(tenant_id)
-                        )
+                    digital_twin_id=pb2_model.DigitalTwin(
+                        id=str(digital_twin_id)
                     )
                 ),
                 resource_types=request_resource_type(resource_types),
@@ -39,9 +34,7 @@ def what_authorized_token(self, access_token, resource_types=[], input_params={}
         response = self.stub.WhatAuthorized(
             pb2.WhatAuthorizedRequest(
                 subject=pb2_model.Subject(
-                    digital_twin_identifier=model.DigitalTwinIdentifier(
-                        access_token=str(access_token)
-                    )
+                    indykite_access_token=str(access_token)
                 ),
                 resource_types=request_resource_type(resource_types),
                 input_params=request_input_params(input_params),
@@ -61,11 +54,9 @@ def what_authorized_property_filter(self, type_filter, value, resource_types=[],
         response = self.stub.WhatAuthorized(
             pb2.WhatAuthorizedRequest(
                 subject=pb2_model.Subject(
-                    digital_twin_identifier=model.DigitalTwinIdentifier(
-                        property_filter=attributes.PropertyFilter(
-                            type=str(type_filter),
-                            value=pb2_struct.Value(string_value=value)
-                        )
+                    digital_twin_property=pb2_model.Property(
+                        type=str(type_filter),
+                        value=pb2_struct.Value(string_value=value)
                     )
                 ),
                 resource_types=request_resource_type(resource_types),