feat: oauth2 client credentials #468
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
felicijus
changed the title
felicijus
commented
Aug 17, 2024
|
Hi. Do you want to replace #412? |
dimastbk
reviewed
Aug 19, 2024
felicijus
force-pushed
the
feature/oauth-client-credentials
branch
from
91f9b26
to
cf55cff
Compare
This commit adds a new function `create_oauth2_client_credentials_channel` to the `pyzeebe.channel` module. This function allows the creation of a channel connected to a Camunda Cloud cluster using OAuth2 client credentials for authentication. The function takes various parameters such as the target address, client ID, client secret, authorization server, scope, audience, and expiration time. It returns a GRPC channel connected to the Zeebe Gateway. The new function is added in the `pyzeebe.channel.oauth_channel` module, which is imported in the `pyzeebe.channel.__init__` module. This change is necessary to provide support for authenticating with Camunda Cloud using OAuth2 client credentials. Co-authored-by: dependabot[bot] <[email protected]>
This commit adds a new function `create_oauth2_client_credentials_channel` to the `pyzeebe.channel.oauth_channel` module. The function allows the creation of a channel connected to a Camunda Cloud cluster using OAuth2 client credentials for authentication. It takes various parameters such as the target address, client ID, client secret, authorization server, scope, audience, and expiration time. The function returns a GRPC channel connected to the Zeebe Gateway. This change is necessary to provide support for authenticating with Camunda Cloud using OAuth2 client credentials.
…d Channel Based on Oauth2ClientCredentialsMetadataPlugin and a general OAuth2MetadataPlugin to support Oauth2Sessions
This commit refactors the `create_oauth2_client_credentials_channel` function in the `pyzeebe.channel.oauth_channel` module. The function is responsible for creating a channel connected to a Camunda Cloud cluster using OAuth2 client credentials for authentication. It takes various parameters such as the target address, client ID, client secret, authorization server, scope, audience, and expiration time. The function returns a GRPC channel connected to the Zeebe Gateway. The refactoring improves the code structure and readability of the function, making it easier to maintain and understand. This change is necessary to provide support for authenticating with Camunda Cloud using OAuth2 client credentials. Co-authored-by: dependabot[bot] <[email protected]>
felicijus
force-pushed
the
feature/oauth-client-credentials
branch
from
cf55cff
to
07140cf
Compare
|
I think the changes are now all implemented as you wished @dimastbk. |
felicijus
commented
Aug 21, 2024
felicijus
commented
Aug 21, 2024
|
How should we handle the mypy errors @dimastbk ? I would suggest doing it with inline ignore statement pyzeebe/credentials/oauth.py:10: error: Skipping analyzing "grpc._auth": module is installed, but missing library stubs or py.typed marker [import-untyped]
pyzeebe/credentials/oauth.py:17: error: Class cannot subclass "AuthMetadataPlugin" (has type "Any") [misc]
pyzeebe/channel/oauth_channel.py:[5](https://github.com/camunda-community-hub/pyzeebe/actions/runs/10503175124/job/29127825861?pr=468#step:6:6): error: Skipping analyzing "grpc.aio._typing": module is installed, but missing library stubs or py.typed marker [import-untyped]
pyzeebe/channel/oauth_channel.py:5: note: See https://mypy.readthedocs.io/en/stable/running_mypy.html#missing-imports
Found 3 errors in 2 files (checked 52 source files)
Error: Process completed with exit code 1. |
This commit fixes the type hint import error by ignoring the untyped import. This change is necessary to ensure the code passes linting without any errors. Co-authored-by: dependabot[bot] <[email protected]>
dimastbk
reviewed
Aug 26, 2024
dimastbk
reviewed
Sep 16, 2024
felicijus
changed the title
Pull Request Test Coverage Report for Build 11191422489Details
💛 - Coveralls |
|
Got some time now.
And then finish up this pull request. Coverage should be fine, i think ✅ |
3 tasks
dimastbk
approved these changes
Oct 4, 2024
Co-authored-by: Dmitriy <[email protected]>
Co-authored-by: Dmitriy <[email protected]>
|
Thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Provides a way to Authenticate with Oauth2Session for 0Auth2 Client Credentials (and possibility to adopt other Flows) via AuthMetadataPlugin (OAuth2MetadataPlugin) tailored to oauthlib and requests_oauthlib.
Provides posibility to adapt to non RFC 6749 compliant Authentification Server.
Changes
create_camunda_cloud_channelandcreate_oauth2_client_credentials_channelAPI Updates
New Features (required)
private APIs
public APIs
create_camunda_cloud_channelcreate_oauth2_client_credentials_channelDeprecations (required)
The other way to
create_camunda_cloud_channel(channel/camunda_cloud_channel.py) could be deleted.Enhancements (optional)
More configurable way to handle Authentification for pyzeebe grpc channel.
Checklist
References
https://datatracker.ietf.org/doc/html/rfc6749
https://oauthlib.readthedocs.io/en/latest/oauth2/clients/client.html
https://requests-oauthlib.readthedocs.io/en/latest/oauth2_workflow.html