diff options
Diffstat (limited to 'pycadf/credential.py')
-rw-r--r-- | pycadf/credential.py | 48 |
1 files changed, 45 insertions, 3 deletions
diff --git a/pycadf/credential.py b/pycadf/credential.py index e6e045d..45e2789 100644 --- a/pycadf/credential.py +++ b/pycadf/credential.py @@ -26,8 +26,16 @@ CRED_KEYNAMES = [CRED_KEYNAME_TYPE, CRED_KEYNAME_TOKEN] -class Credential(cadftype.CADFAbstractType): +FED_CRED_KEYNAME_IDENTITY_PROVIDER = "identity_provider" +FED_CRED_KEYNAME_USER = "user" +FED_CRED_KEYNAME_GROUPS = "groups" + +FED_CRED_KEYNAMES = CRED_KEYNAMES + [FED_CRED_KEYNAME_IDENTITY_PROVIDER, + FED_CRED_KEYNAME_USER, + FED_CRED_KEYNAME_GROUPS] + +class Credential(cadftype.CADFAbstractType): type = cadftype.ValidatorDescriptor( CRED_KEYNAME_TYPE, lambda x: isinstance(x, six.string_types)) @@ -51,7 +59,41 @@ class Credential(cadftype.CADFAbstractType): # TODO(mrutkows): validate this cadf:Credential type against schema def is_valid(self): - """Validation to ensure Credential required attributes are set. - """ + """Validation to ensure Credential required attributes are set.""" # TODO(mrutkows): validate specific attribute type/format return self._isset(CRED_KEYNAME_TOKEN) + + +class FederatedCredential(Credential): + identity_provider = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_IDENTITY_PROVIDER, + lambda x: isinstance(x, six.string_types)) + user = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_USER, + lambda x: isinstance(x, six.string_types)) + groups = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_GROUPS, + lambda x: isinstance(x, list)) + + def __init__(self, token, type, identity_provider, user, groups): + super(FederatedCredential, self).__init__( + token=token, + type=type) + + # FederatedCredential.identity_provider + setattr(self, FED_CRED_KEYNAME_IDENTITY_PROVIDER, identity_provider) + + # FederatedCredential.user + setattr(self, FED_CRED_KEYNAME_USER, user) + + # FederatedCredential.groups + setattr(self, FED_CRED_KEYNAME_GROUPS, groups) + + def is_valid(self): + """Validation to ensure Credential required attributes are set.""" + return ( + super(FederatedCredential, self).is_valid() + and self._isset(CRED_KEYNAME_TYPE) + and self._isset(FED_CRED_KEYNAME_IDENTITY_PROVIDER) + and self._isset(FED_CRED_KEYNAME_USER) + and self._isset(FED_CRED_KEYNAME_GROUPS)) |