authnzerver.client module

This module contains an authnzerver client, useful for frontend servers.

class authnzerver.client.Authnzerver(authnzerver_url: str = None, authnzerver_secret: bytes = None, tls_certfile: str = None, tls_keyfile: str = None)[source]

Bases: object

An authnzerver client class, capable of async and sync calls.

To do anything useful, an authnzerver_url and authnzerver_token are required. By default, this object will populate these from the environment using the following variables:

  • AUTHNZERVER_URL -> authnzerver_url
  • AUTHNZERVER_SECRET -> authnzerver_secret

These are overridden by whatever you provide in the authnzerver_url and authnzerver_secret kwargs.

If tls_certfile and tls_keyfile are both provided, they will be used to set up a TLS-enabled connection to the authnzerver.

async_request(request_type: str, request_body: dict, request_id: Union[str, int] = None)[source]

This does an asynchronous request to the authnzerver.

Parameters:
  • request_type (str) – This should be one of the request types defined in the authnzerver HTTP API.
  • request_body (dict) – A dict with the appropriate items needed for request_type. This should also contain a key: “client_ipaddr” with the IP address of the frontend server’s client. This is used for rate-limiting authnzerver API actions per IP address per minute.
  • request_id (str or int, optional) – If request_id is None, a random 8-byte request ID will be generated for you. Use request_id to track authnzerver requests throughout the response handling cycle of your frontend server.
Returns:

Returns an AuthnzerverResponse named tuple with the following attributes:

(success, response, messages,
 headers, status_code, failure_reason)

where:

  • success is a boolean indicating if the request was successful.
  • response is a dict containing the full response from the authnzerver.
  • messages is a list of strings containing any messages that are appropriate to pass on to the end-user.
  • headers is a dict containing the response headers from the authnzerver.
  • status_code is the HTTP status code of the authnzerver request. Use this to figure out if your request was being rate-limited (check for 429).
  • failure_reason is None if the request was successful, but if it wasn’t, contains the reason why the request might have failed; including details of any exceptions encountered. This MUST NOT be disclosed to an end-user of the frontend server.
Return type:

namedtuple
request(request_type: str, request_body: dict, request_id: Union[str, int] = None) → authnzerver.client.AuthnzerverResponse[source]

This does a synchronous request to the authnzerver.

Parameters:
  • request_type (str) –

    This should be one of the request types defined in the authnzerver HTTP API.

  • request_body (dict) – A dict with the appropriate items needed for request_type. This should also contain a key: “client_ipaddr” with the IP address of the frontend server’s client. This is used for rate-limiting authnzerver API actions per IP address per minute.
  • request_id (str or int, optional) – If request_id is None, a random 8-byte request ID will be generated for you. Use request_id to track authnzerver requests throughout the response handling cycle of your frontend server.
Returns:

Returns an AuthnzerverResponse named-tuple with the following attributes:

(success, response, messages, headers,
 status_code, failure_reason)

where:

  • success is a boolean indicating if the request was successful.
  • response is a dict containing the full response from the authnzerver.
  • messages is a list of strings containing any messages that are appropriate to pass on to the end-user.
  • headers is a dict containing the response headers from the authnzerver.
  • status_code is the HTTP status code of the authnzerver request. Use this to figure out if your request was being rate-limited (check for 429).
  • failure_reason is None if the request was successful, but if it wasn’t, contains the reason why the request might have failed; including details of any exceptions encountered. This MUST NOT be disclosed to an end-user of the frontend server.
Return type:

namedtuple
class authnzerver.client.AuthnzerverResponse(success, response, messages, headers, status_code, failure_reason)

Bases: tuple

failure_reason

Alias for field number 5

headers

Alias for field number 3

messages

Alias for field number 2

response

Alias for field number 1

status_code

Alias for field number 4

success

Alias for field number 0