feat: update is_authorized method

.coveragerc

@@ -18,8 +18,6 @@ omit =
   indykite_sdk/utils/hash_methods.py
   indykite_sdk/utils/message_to_value.py
   indykite_sdk/utils/logger.py
-  indykite_sdk/authorization/*
-  indykite_sdk/authorization/is_authorized.py
   tests/*
 
 [report]

codecov.yaml

@@ -25,4 +25,3 @@ ignore:
   - "indykite_sdk/utils/message_to_value.py"
   - "indykite_sdk/utils/logger.py"
   - "tests"
-  - "indykite_sdk/authorization/is_authorized.py"

indykite_sdk/api.py

@@ -11,7 +11,7 @@
 from google.protobuf.duration_pb2 import Duration
 import os
 import requests
-from indykite_sdk.utils.hash_methods import encrypt_bcrypt, encrypt_sha256
+from indykite_sdk.utils.hash_methods import encrypt_bcrypt
 from indykite_sdk.identity import IdentityClient
 from indykite_sdk.config import ConfigClient
 from indykite_sdk.authorization import AuthorizationClient
@@ -1784,9 +1784,11 @@ def main():
     elif command == "is_authorized_dt":
         digital_twin_id = args.digital_twin_id
         tenant_id = args.tenant_id
-        resources = [IsAuthorizedResource("resourceID", "LabelName"), IsAuthorizedResource("resource2ID", "LabelName")]
-        actions = ["ACTION"]
-        is_authorized = client_authorization.is_authorized_digital_twin(digital_twin_id, tenant_id, resources, actions)
+        actions = ["ACTION1", "ACTION2"]
+        resources = [IsAuthorizedResource("resourceID", "TypeName", actions),
+                     IsAuthorizedResource("resource2ID", "TypeName", actions)]
+        options = {"age": "21"}
+        is_authorized = client_authorization.is_authorized_digital_twin(digital_twin_id, tenant_id, resources, options)
 
         if is_authorized:
             print_response(is_authorized)
@@ -1796,9 +1798,11 @@ def main():
 
     elif command == "is_authorized_token":
         access_token = args.access_token
-        resources = [IsAuthorizedResource("resourceID", "LabelName"), IsAuthorizedResource("resource2ID", "LabelName")]
-        actions = ["ACTION"]
-        is_authorized = client_authorization.is_authorized_token(access_token, resources, actions)
+        actions = ["ACTION1", "ACTION2"]
+        resources = [IsAuthorizedResource("resourceID", "TypeName", actions),
+                     IsAuthorizedResource("resource2ID", "TypeName", actions)]
+        options = {}
+        is_authorized = client_authorization.is_authorized_token(access_token, resources, options)
         if is_authorized:
             print_response(is_authorized)
         else:
@@ -1808,10 +1812,12 @@ def main():
     elif command == "is_authorized_property":
         property_type = args.property_type #e.g "email"
         property_value = args.property_value #e.g test@example.com
-        resources = [IsAuthorizedResource("resourceID", "LabelName"), IsAuthorizedResource("resource2ID", "LabelName")]
-        actions = ["ACTION"]
+        actions = ["ACTION1", "ACTION2"]
+        resources = [IsAuthorizedResource("resourceID", "TypeName", actions),
+                     IsAuthorizedResource("resource2ID", "TypeName", actions)]
+        options = {"age":"21"}
         is_authorized = client_authorization.is_authorized_property_filter(property_type, property_value,
-                                                                           resources=resources, actions=actions)
+                                                                           resources=resources, options=options)
         if is_authorized:
             print_response(is_authorized)
         else:

indykite_sdk/authorization/is_authorized.py

@@ -2,17 +2,18 @@
 from indykite_sdk.indykite.identity.v1beta2 import attributes_pb2 as attributes
 from indykite_sdk.indykite.identity.v1beta2 import model_pb2 as model
 from indykite_sdk.indykite.objects.v1beta1 import struct_pb2 as pb2_struct
+from indykite_sdk.indykite.authorization.v1beta1 import model_pb2 as pb2_model
 from indykite_sdk.model.is_authorized import IsAuthorizedResponse
 import sys
 import indykite_sdk.utils.logger as logger
 
 
-def is_authorized_digital_twin(self, digital_twin_id, tenant_id, resources=[], actions=[]):
+def is_authorized_digital_twin(self, digital_twin_id, tenant_id, resources=[], options={}):
     sys.excepthook = logger.handle_excepthook
     try:
         response = self.stub.IsAuthorized(
             pb2.IsAuthorizedRequest(
-                subject=model.Subject(
+                subject=pb2_model.Subject(
                     digital_twin_identifier=model.DigitalTwinIdentifier(
                         digital_twin=model.DigitalTwin(
                             id=str(digital_twin_id),
@@ -21,7 +22,7 @@ def is_authorized_digital_twin(self, digital_twin_id, tenant_id, resources=[], a
                     )
                 ),
                 resources=request_resource(resources),
-                actions=actions
+                options=request_options(options)
             )
         )
     except Exception as exception:
@@ -33,16 +34,18 @@ def is_authorized_digital_twin(self, digital_twin_id, tenant_id, resources=[], a
     return IsAuthorizedResponse.deserialize(response)
 
 
-def is_authorized_token(self, access_token, resources=[], actions=[]):
+def is_authorized_token(self, access_token, resources=[], options={}):
     sys.excepthook = logger.handle_excepthook
     try:
         response = self.stub.IsAuthorized(
             pb2.IsAuthorizedRequest(
-                digital_twin_identifier=model.DigitalTwinIdentifier(
-                    access_token=str(access_token)
+                subject=pb2_model.Subject(
+                    digital_twin_identifier=model.DigitalTwinIdentifier(
+                        access_token=str(access_token)
+                    )
                 ),
                 resources=request_resource(resources),
-                actions=actions
+                options=request_options(options)
             )
         )
     except Exception as exception:
@@ -54,19 +57,21 @@ def is_authorized_token(self, access_token, resources=[], actions=[]):
     return IsAuthorizedResponse.deserialize(response)
 
 
-def is_authorized_property_filter(self, type_filter, value, resources=[], actions=[]):
+def is_authorized_property_filter(self, type_filter, value, resources=[], options={}):
     sys.excepthook = logger.handle_excepthook
     try:
         response = self.stub.IsAuthorized(
             pb2.IsAuthorizedRequest(
-                digital_twin_identifier=model.DigitalTwinIdentifier(
-                    property_filter=attributes.PropertyFilter(
-                        type=str(type_filter),
-                        value=pb2_struct.Value(string_value=value)
+                subject=pb2_model.Subject(
+                    digital_twin_identifier=model.DigitalTwinIdentifier(
+                        property_filter=attributes.PropertyFilter(
+                            type=str(type_filter),
+                            value=pb2_struct.Value(string_value=value)
+                        )
                     )
                 ),
                 resources=request_resource(resources),
-                actions=actions
+                options=request_options(options)
             )
         )
     except Exception as exception:
@@ -81,5 +86,19 @@ def is_authorized_property_filter(self, type_filter, value, resources=[], action
 def request_resource(resources):
     res = []
     for r in resources:
-        res.append(pb2.IsAuthorizedRequest.Resource(id=r.id, label=r.label))
+        actions = []
+        for a in r.actions:
+            actions.append(a)
+        res.append(pb2.IsAuthorizedRequest.Resource(id=r.id, type=r.type, actions=actions))
     return res
+
+
+def request_options(options):
+    options_dict = {}
+    try:
+        for k, v in options.items():
+            options_dict[k] = pb2_model.Option(string_value=str(v))
+        return options_dict
+    except Exception as exception:
+        return logger.logger_error(exception)
+