swh.web.client.auth module¶

exception swh.web.client.auth.AuthenticationError[source]¶

Bases: Exception

Authentication related error.

Example: A bearer token has expired.

class swh.web.client.auth.OpenIDConnectSession(oidc_server_url: str = 'https://auth.softwareheritage.org/auth/', realm_name: str = 'SoftwareHeritage', client_id: str = 'swh-web')[source]¶

Bases: object

Simple class wrapping requests sent to an OpenID Connect server.

Parameters

oidc_server_url – URL of OpenID Connect server
realm_name – name of the OpenID Connect authentication realm
client_id – OpenID Connect client identifier in the realm

login(username: str, password: str) → Dict[str, Any][source]¶

Login and create new offline OpenID Connect session.

Parameters

username – an existing username in the realm
password – password associated to username

Returns

a dict filled with OpenID Connect profile info, notably access and refresh tokens for API authentication.

refresh(refresh_token: str) → Dict[str, Any][source]¶

Refresh an offline OpenID Connect session to get new access token.

Parameters: refresh_token – a refresh token retrieved after login
Returns: a dict filled with OpenID Connect profile info, notably access and refresh tokens for API authentication.

logout(refresh_token: str)[source]¶

Logout from an offline OpenID Connect session and invalidate previously emitted tokens.

Parameters: refresh_token – a refresh token retrieved after login