Skip to content

Fix Authentication issues introduced in 0.14.3, and other minor fixes #256

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jan 22, 2021
Merged

Fix Authentication issues introduced in 0.14.3, and other minor fixes #256

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
eed5734
Revert 0.14.3 changes to Authentication handling which introduced bas…
Chaffelson Jan 19, 2021
f46a85a
Add fix for retrieving swagger.json from Registry in an authenticated…
Chaffelson Jan 21, 2021
26a2a68
Set pyUp to ignore Watchdog as it must stay between versions to stati…
Chaffelson Jan 21, 2021
3c3b97d
if Client is not instantiated, optimistically instantiate for version…
Chaffelson Jan 21, 2021
5464363
mistake in instantiating the api_client
Chaffelson Jan 21, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 38 additions & 26 deletions nipyapi/config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
from __future__ import absolute_import
import logging
import os
import ssl
import urllib3
from nipyapi.nifi import configuration as nifi_config
from nipyapi.registry import configuration as registry_config
Expand All @@ -34,32 +35,6 @@
# Set Default Host for NiFi-Registry
registry_config.host = 'http://' + default_host + ':18080/nifi-registry-api'


# Set Default Auth Types
# Set list to the Auth type you want to use
# Currently basicAuth trumps tokenAuth if both are enabled
default_auth = ['tokenAuth']
# NiFi valid options: ['tokenAuth', 'basicAuth']
# Registry valid options: ['tokenAuth', 'basicAuth', 'Authorization']
nifi_config.enabled_auth = default_auth # tokenAuth was default before 0.14.2


# Set SSL Handling
# When operating with self signed certs, your log can fill up with
# unnecessary warnings
# Set to True by default, change to false if necessary
global_ssl_verify = True

nifi_config.verify_ssl = global_ssl_verify
registry_config.verify_ssl = global_ssl_verify
if not global_ssl_verify:
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

if os.getenv('NIFI_CA_CERT') is not None:
nifi_config.ssl_ca_cert = os.getenv('NIFI_CA_CERT')
nifi_config.cert_file = os.getenv('NIFI_CLIENT_CERT')
nifi_config.key_file = os.getenv('NIFI_CLIENT_KEY')

# --- Project Root ------
# Is is helpful to have a reference to the root directory of the project
PROJECT_ROOT_DIR = os.path.abspath(os.path.dirname(__file__))
Expand Down Expand Up @@ -140,6 +115,43 @@
# If called for during policy setup, particularly bootstrap_policies
default_proxy_user = 'CN=localhost, OU=nifi'

# Auth handling
# If set, NiPyAPI will always include the Basic Authorization header
global_force_basic_auth = False
nifi_config.username = default_nifi_username
nifi_config.password = default_nifi_password
nifi_config.force_basic_auth = global_force_basic_auth
registry_config.username = default_registry_username
registry_config.password = default_registry_password
registry_config.force_basic_auth = global_force_basic_auth

# Set SSL Handling
# When operating with self signed certs, your log can fill up with
# unnecessary warnings
# Set to True by default, change to false if necessary
global_ssl_verify = True

nifi_config.verify_ssl = global_ssl_verify
registry_config.verify_ssl = global_ssl_verify
if not global_ssl_verify:
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

# Enforce no host checking when SSL context is disabled
global_ssl_host_check = False
if not global_ssl_host_check:
nifi_config.ssl_context = ssl.create_default_context()
nifi_config.ssl_context.check_hostname = False
nifi_config.ssl_context.verify_mode = ssl.CERT_NONE

registry_config.ssl_context = ssl.create_default_context()
registry_config.ssl_context.check_hostname = False
registry_config.ssl_context.verify_mode = ssl.CERT_NONE

if os.getenv('NIFI_CA_CERT') is not None:
nifi_config.ssl_ca_cert = os.getenv('NIFI_CA_CERT')
nifi_config.cert_file = os.getenv('NIFI_CLIENT_CERT')
nifi_config.key_file = os.getenv('NIFI_CLIENT_KEY')

# --- URL Encoding
# URL Encoding bypass characters will not be encoded during submission
default_safe_chars = ''
2 changes: 2 additions & 0 deletions nipyapi/nifi/api_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -523,6 +523,8 @@ def update_params_for_auth(self, headers, querys, auth_settings):
raise ValueError(
'Authentication token must be in `query` or `header`'
)
if config.force_basic_auth:
headers['Authorization'] = config.get_basic_auth_token()

def __deserialize_file(self, response):
"""
Expand Down
32 changes: 16 additions & 16 deletions nipyapi/nifi/apis/access_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ def create_access_token_with_http_info(self, **kwargs):
select_header_content_type(['application/x-www-form-urlencoded'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/token', 'POST',
path_params,
Expand Down Expand Up @@ -228,7 +228,7 @@ def create_access_token_from_ticket_with_http_info(self, **kwargs):
select_header_content_type(['text/plain'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/kerberos', 'POST',
path_params,
Expand Down Expand Up @@ -326,7 +326,7 @@ def create_download_token_with_http_info(self, **kwargs):
select_header_content_type(['application/x-www-form-urlencoded'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/download-token', 'POST',
path_params,
Expand Down Expand Up @@ -424,7 +424,7 @@ def create_ui_extension_token_with_http_info(self, **kwargs):
select_header_content_type(['application/x-www-form-urlencoded'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/ui-extension-token', 'POST',
path_params,
Expand Down Expand Up @@ -522,7 +522,7 @@ def get_access_status_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access', 'GET',
path_params,
Expand All @@ -542,7 +542,7 @@ def get_access_status_with_http_info(self, **kwargs):
def get_login_config(self, **kwargs):
"""
Retrieves the access configuration for this NiFi

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand All @@ -567,7 +567,7 @@ def get_login_config(self, **kwargs):
def get_login_config_with_http_info(self, **kwargs):
"""
Retrieves the access configuration for this NiFi

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand Down Expand Up @@ -620,7 +620,7 @@ def get_login_config_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/config', 'GET',
path_params,
Expand Down Expand Up @@ -718,7 +718,7 @@ def knox_callback_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/knox/callback', 'GET',
path_params,
Expand Down Expand Up @@ -816,7 +816,7 @@ def knox_logout_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/knox/logout', 'GET',
path_params,
Expand Down Expand Up @@ -914,7 +914,7 @@ def knox_request_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/knox/request', 'GET',
path_params,
Expand Down Expand Up @@ -1012,7 +1012,7 @@ def log_out_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/logout', 'DELETE',
path_params,
Expand Down Expand Up @@ -1110,7 +1110,7 @@ def oidc_callback_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/oidc/callback', 'GET',
path_params,
Expand Down Expand Up @@ -1208,7 +1208,7 @@ def oidc_exchange_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/oidc/exchange', 'POST',
path_params,
Expand Down Expand Up @@ -1306,7 +1306,7 @@ def oidc_logout_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/oidc/logout', 'GET',
path_params,
Expand Down Expand Up @@ -1404,7 +1404,7 @@ def oidc_request_with_http_info(self, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/access/oidc/request', 'GET',
path_params,
Expand Down
18 changes: 9 additions & 9 deletions nipyapi/nifi/apis/connections_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ def __init__(self, api_client=None):
def delete_connection(self, id, **kwargs):
"""
Deletes a connection

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand Down Expand Up @@ -72,7 +72,7 @@ def delete_connection(self, id, **kwargs):
def delete_connection_with_http_info(self, id, **kwargs):
"""
Deletes a connection

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand Down Expand Up @@ -141,7 +141,7 @@ def delete_connection_with_http_info(self, id, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/connections/{id}', 'DELETE',
path_params,
Expand All @@ -161,7 +161,7 @@ def delete_connection_with_http_info(self, id, **kwargs):
def get_connection(self, id, **kwargs):
"""
Gets a connection

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand All @@ -187,7 +187,7 @@ def get_connection(self, id, **kwargs):
def get_connection_with_http_info(self, id, **kwargs):
"""
Gets a connection

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand Down Expand Up @@ -247,7 +247,7 @@ def get_connection_with_http_info(self, id, **kwargs):
select_header_content_type(['*/*'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/connections/{id}', 'GET',
path_params,
Expand All @@ -267,7 +267,7 @@ def get_connection_with_http_info(self, id, **kwargs):
def update_connection(self, id, body, **kwargs):
"""
Updates a connection

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand All @@ -294,7 +294,7 @@ def update_connection(self, id, body, **kwargs):
def update_connection_with_http_info(self, id, body, **kwargs):
"""
Updates a connection

This method makes a synchronous HTTP request by default. To make an
asynchronous HTTP request, please define a `callback` function
to be invoked when receiving the response.
Expand Down Expand Up @@ -360,7 +360,7 @@ def update_connection_with_http_info(self, id, body, **kwargs):
select_header_content_type(['application/json'])

# Authentication setting
auth_settings = ['tokenAuth', 'basicAuth']
auth_settings = ['tokenAuth']

return self.api_client.call_api('/connections/{id}', 'PUT',
path_params,
Expand Down
Loading