-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: oauth2 client credentials #468
feat: oauth2 client credentials #468
Conversation
Hi. Do you want to replace #412? |
91f9b26
to
cf55cff
Compare
This commit adds a new function `create_oauth2_client_credentials_channel` to the `pyzeebe.channel` module. This function allows the creation of a channel connected to a Camunda Cloud cluster using OAuth2 client credentials for authentication. The function takes various parameters such as the target address, client ID, client secret, authorization server, scope, audience, and expiration time. It returns a GRPC channel connected to the Zeebe Gateway. The new function is added in the `pyzeebe.channel.oauth_channel` module, which is imported in the `pyzeebe.channel.__init__` module. This change is necessary to provide support for authenticating with Camunda Cloud using OAuth2 client credentials. Co-authored-by: dependabot[bot] <[email protected]>
This commit adds a new function `create_oauth2_client_credentials_channel` to the `pyzeebe.channel.oauth_channel` module. The function allows the creation of a channel connected to a Camunda Cloud cluster using OAuth2 client credentials for authentication. It takes various parameters such as the target address, client ID, client secret, authorization server, scope, audience, and expiration time. The function returns a GRPC channel connected to the Zeebe Gateway. This change is necessary to provide support for authenticating with Camunda Cloud using OAuth2 client credentials.
…d Channel Based on Oauth2ClientCredentialsMetadataPlugin and a general OAuth2MetadataPlugin to support Oauth2Sessions
This commit refactors the `create_oauth2_client_credentials_channel` function in the `pyzeebe.channel.oauth_channel` module. The function is responsible for creating a channel connected to a Camunda Cloud cluster using OAuth2 client credentials for authentication. It takes various parameters such as the target address, client ID, client secret, authorization server, scope, audience, and expiration time. The function returns a GRPC channel connected to the Zeebe Gateway. The refactoring improves the code structure and readability of the function, making it easier to maintain and understand. This change is necessary to provide support for authenticating with Camunda Cloud using OAuth2 client credentials. Co-authored-by: dependabot[bot] <[email protected]>
cf55cff
to
07140cf
Compare
I think the changes are now all implemented as you wished @dimastbk. |
How should we handle the mypy errors @dimastbk ? I would suggest doing it with inline ignore statement pyzeebe/credentials/oauth.py:10: error: Skipping analyzing "grpc._auth": module is installed, but missing library stubs or py.typed marker [import-untyped]
pyzeebe/credentials/oauth.py:17: error: Class cannot subclass "AuthMetadataPlugin" (has type "Any") [misc]
pyzeebe/channel/oauth_channel.py:[5](https://github.com/camunda-community-hub/pyzeebe/actions/runs/10503175124/job/29127825861?pr=468#step:6:6): error: Skipping analyzing "grpc.aio._typing": module is installed, but missing library stubs or py.typed marker [import-untyped]
pyzeebe/channel/oauth_channel.py:5: note: See https://mypy.readthedocs.io/en/stable/running_mypy.html#missing-imports
Found 3 errors in 2 files (checked 52 source files)
Error: Process completed with exit code 1. |
This commit fixes the type hint import error by ignoring the untyped import. This change is necessary to ensure the code passes linting without any errors. Co-authored-by: dependabot[bot] <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I've been on vacation for the last two weeks.
Pull Request Test Coverage Report for Build 11191422489Details
💛 - Coveralls |
Got some time now.
And then finish up this pull request. Coverage should be fine, i think ✅ |
Co-authored-by: Dmitriy <[email protected]>
Co-authored-by: Dmitriy <[email protected]>
Thanks |
Provides a way to Authenticate with Oauth2Session for 0Auth2 Client Credentials (and possibility to adopt other Flows) via AuthMetadataPlugin (OAuth2MetadataPlugin) tailored to oauthlib and requests_oauthlib.
Provides posibility to adapt to non RFC 6749 compliant Authentification Server.
Changes
create_camunda_cloud_channel
andcreate_oauth2_client_credentials_channel
API Updates
New Features (required)
private APIs
public APIs
create_camunda_cloud_channel
create_oauth2_client_credentials_channel
Deprecations (required)
The other way to
create_camunda_cloud_channel
(channel/camunda_cloud_channel.py) could be deleted.Enhancements (optional)
More configurable way to handle Authentification for pyzeebe grpc channel.
Checklist
References
https://datatracker.ietf.org/doc/html/rfc6749
https://oauthlib.readthedocs.io/en/latest/oauth2/clients/client.html
https://requests-oauthlib.readthedocs.io/en/latest/oauth2_workflow.html