-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcreate.py
225 lines (220 loc) · 6.89 KB
/
create.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
# Copyright 2025 Rapyuta Robotics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from typing import Any
import click
from click_help_colors import HelpColorsCommand
from munch import unmunchify
from yaspin.core import Yaspin
from riocli.config import get_config_from_context
from riocli.constants.colors import Colors
from riocli.constants.symbols import Symbols
from riocli.oauth2.util import sanitize_parameters
from riocli.utils import inspect_with_format
from riocli.utils.spinner import with_spinner
@click.command(
"create",
cls=HelpColorsCommand,
help_headers_color=Colors.YELLOW,
help_options_color=Colors.GREEN,
)
@click.option(
"--access-token-strategy",
type=click.Choice(["opaque", "jwt"]),
help="The strategy used to generate access tokens. Valid options are opaque and `jwt`.",
)
@click.option(
"--allowed-cors-origin",
"allowed_cors_orogins",
multiple=True,
type=str,
help="The list of URLs allowed to make CORS requests. Requires CORS_ENABLED.",
)
@click.option(
"--audience",
multiple=True,
type=str,
help="The audience this client is allowed to request.",
)
@click.option(
"--backchannel-logout-callback",
type=str,
help="Client URL that will cause the client to log itself out when sent a Logout Token by Hydra.",
)
@click.option(
"--backchannel-logout-session-required",
is_flag=True,
default=False,
help="Boolean flag specifying whether the client requires that a sid (session ID) Claim be included in the Logout Token.",
)
@click.option(
"--client-uri",
type=str,
help="A URL string of a web page providing information about the client",
)
@click.option(
"--contact",
"contacts",
multiple=True,
type=str,
help="A list representing ways to contact people responsible for this client, typically email addresses.",
)
@click.option(
"--frontchannel-logout-callback",
type=str,
help="Client URL that will cause the client to log itself out when rendered in an iframe by Hydra.",
)
@click.option(
"--frontchannel-logout-session-required",
is_flag=True,
default=False,
help="Boolean flag specifying whether the client requires that a sid (session ID) Claim be included in the Logout Token.",
)
@click.option(
"--grant-type",
"grant_types",
multiple=True,
default=["authorization_code"],
type=str,
help="A list of allowed grant types.",
)
@click.option("--id", type=str, help="Provide the client's id.")
@click.option(
"--jwks-uri",
type=str,
help="Define the URL where the JSON Web Key Set should be fetched from when performing the private_key_jwt client authentication method.",
)
@click.option(
"--keybase", type=str, help="Keybase username for encrypting client secret."
)
@click.option(
"--logo-uri", type=str, help="A URL string that references a logo for the client"
)
@click.option(
"--metadata",
default="{}",
type=str,
help="Metadata is an arbitrary JSON String of your choosing.",
)
@click.option("--name", type=str, help="The client's name.")
@click.option(
"--owner",
type=str,
help="The owner of this client, typically email addresses or a user ID.",
)
@click.option(
"--pgp-key",
type=str,
help="Base64 encoded PGP encryption key for encrypting client secret.",
)
@click.option(
"--pgp-key-url", type=str, help="PGP encryption key URL for encrypting client secret."
)
@click.option(
"--policy-uri",
type=str,
help="A URL string that points to a human-readable privacy policy document.",
)
@click.option(
"--post-logout-callback",
"post_logout_redirect_uris",
multiple=True,
type=str,
help="List of allowed URLs to be redirected to after a logout.",
)
@click.option(
"--redirect-uri",
"redirect_uris",
multiple=True,
type=str,
help="List of allowed OAuth2 Redirect URIs.",
)
@click.option(
"--request-object-signing-alg",
default="RS256",
type=str,
help="Algorithm that must be used for signing Request Objects sent to the OP.",
)
@click.option(
"--request-uri",
"request_uris",
multiple=True,
type=str,
help="Array of request_uri values that are pre-registered by the RP for use at the OP.",
)
@click.option(
"--response-type",
"response_types",
multiple=True,
default=["code"],
type=str,
help="A list of allowed response types.",
)
@click.option(
"--scope", multiple=True, type=str, help="The scope the client is allowed to request."
)
@click.option("--secret", type=str, help="Provide the client's secret.")
@click.option(
"--sector-identifier-uri",
type=str,
help="URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP.",
)
@click.option(
"--skip-consent",
is_flag=True,
default=False,
help="Boolean flag specifying whether to skip the consent screen for this client.",
)
@click.option(
"--skip-logout-consent",
is_flag=True,
default=False,
help="Boolean flag specifying whether to skip the logout consent screen for this client.",
)
@click.option(
"--subject-type",
default="public",
type=click.Choice(["public", "pairwise"]),
help="A identifier algorithm. Valid values are public and `pairwise`.",
)
@click.option(
"--token-endpoint-auth-method",
default="client_secret_basic",
type=click.Choice(
["client_secret_post", "client_secret_basic", "private_key_jwt", "none"]
),
help="Define which authentication method the client may use at the Token Endpoint.",
)
@click.option(
"--tos-uri",
type=str,
help="A URL string that points to a human-readable terms of service document for the client.",
)
@click.pass_context
@with_spinner(text="Creating OAuth2 Client...")
def create_oauth2_client(ctx: click.Context, spinner: Yaspin, **params: dict[str, Any]):
params = sanitize_parameters(params)
try:
config = get_config_from_context(ctx)
client = config.new_v2_client(with_project=False)
oauth2_client = client.create_oauth2_client(client=params)
with spinner.hidden():
inspect_with_format(unmunchify(oauth2_client), format_type="json")
spinner.text = click.style("OAuth2 Client created successfully.", fg=Colors.GREEN)
spinner.green.ok(Symbols.SUCCESS)
except Exception as e:
spinner.text = click.style(
"Failed to create OAuth2 Client: {}".format(e), fg=Colors.RED
)
spinner.red.fail(Symbols.ERROR)
raise SystemExit(1)