Skip to main content

SDK for Agave

Project description

=======
AgavePy
=======

.. image:: https://badge.fury.io/py/agavepy.svg
:target: http://badge.fury.io/py/agavepy

.. image:: https://travis-ci.org/TACC/agavepy.svg?branch=develop
:target: https://travis-ci.org/TACC/agavepy

.. image:: https://readthedocs.org/projects/agavepy/badge/?version=latest
:target: https://readthedocs.org/projects/agavepy/?badge=latest

.. image:: https://img.shields.io/pypi/l/Django.svg
:target: https://raw.githubusercontent.com/TACC/agavepy/master/LICENSE

**Python2/3 binding for TACC.Cloud Agave and Abaco APIs**

- Documentation: https://agavepy.readthedocs.io/en/latest/
- GitHub: https://github.com/TACC/agavepy
- PyPI: https://pypi.python.org/pypi/agavepy
- Free software: 3-Clause BSD License

Installation
============

Install from PyPI_::

pip install agavepy


Install from GitHub checkout::

cd agavepy
python setup.py install

Quickstart
==========

If you already have an active installation of the TACC Cloud CLI, AgavePy will
pick up on your existing credential cache, stored in `$HOME/.agave/current`.
We illustrate this usage pattern first, as it's **really** straightforward.

TACC Cloud CLI
--------------

.. code-block:: pycon

>>> from agavepy.agave import Agave
>>> ag = Agave.restore()

Voila! You have an active, authenticated API client. AgavePy will use a cached
refresh token to keep this session active as long as the code is running.

Pure Python
-----------

Authentication and authorization to the TACC Cloud APIs uses `OAuth2`_, a
widely-adopted web standard. Our implementation of Oauth2 is designed to give
you the flexibility you need to script and automate use of TACC Cloud while
keeping your access credentials and digital assets secure.

This is covered in great detail in our `Developer Documentation`_ but some key
concepts will be highlighted here, interleaved with Python code.

The first step is to create a Python object ``ag`` pointing to an API server.
Your project likely has its own API server, which are discoverable using
the ``tenants-list --rich`` command in the TACC Cloud CLI. For now, we can
assume ``api.tacc.cloud`` (the default value) will work for you.

.. code-block:: pycon

>>> from agavepy.agave import Agave
>>> ag = Agave(api_server='https://api.tacc.cloud')

Once the object is instantiated, interact with it according to the API
documentation and your specific usage needs.

Create a new Oauth client
^^^^^^^^^^^^^^^^^^^^^^^^^

.. code-block:: pycon

>>> ag = Agave(api_server='https://api.tacc.cloud',
... username='mwvaughn',
... password='PaZ$w0r6!')
>>> ag.clients.create(body={'clientName': 'my_client'})
{u'consumerKey': u'kV4XLPhVBAv9RTf7a2QyBHhQAXca', u'_links': {u'subscriber':
{u'href': u'https://api.tacc.cloud/profiles/v2/mwvaughn'}, u'self': {u'href':
u'https://api.tacc.cloud/clients/v2/my_client'}, u'subscriptions': {u'href':
u'https://api.tacc.cloud/clients/v2/my_client/subscriptions/'}},
u'description': u'', u'tier': u'Unlimited', u'callbackUrl': u'',
u'consumerSecret': u'5EbjEOcyzzIsAAE3vBS7nspVqHQa', u'name': u'my_client'}

You use the **consumerKey** and **consumerSecret** to generate Oauth *tokens*,
which are temporary credentials that you can use in place of putting your real
credentials into code that is scripting against the TACC APIs.

Reuse an existing Oauth client
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Once you generate a client, you can re-use its key and secret. Clients can be
created using the Python-based approach illustrated above, via the TACC Cloud
CLI ``clients-create`` command, or by a direct, correctly-structured ``POST``
to the ``clients`` web service. No matter how you've created a client, setting
AgavePy up to use it works the same way:

.. code-block:: pycon

>>> from agavepy.agave import Agave
>>> ag = Agave(api_server='https://api.tacc.cloud',
... username='mwvaughn', password='PaZ$w0r6!',
... client_name='my_client',
... api_key='kV4XLPhVBAv9RTf7a2QyBHhQAXca',
... api_secret='5EbjEOcyzzIsAAE3vBS7nspVqHQa')

The Agave object ``ag`` is now configured to talk to all TACC Cloud services.
Here's an example: Let's retrieve a the curent user's **profile**.

.. code-block:: pycon

>>> ag.profiles.get()
{u'status': u'', u'username': u'mwvaughn', u'first_name': u'Matthew',
u'last_name': u'Vaughn', u'phone': u'867-5309', u'mobile_phone': u'',
u'create_time': u'20140515180317Z', u'full_name': u'vaughn',
u'email': u'mwvaughn@devnull.com'}

The refresh token
^^^^^^^^^^^^^^^^^

Nobody likes to change their password, but they have to if it leaks out into
the wild. A tragically easy way for that to happen is in committed code or a
Docker container where it's been hard-coded. To get around this, AgavePy works
with the TACC authentication APIs to support using a **refresh token**.
Basically, as long as you have the apikey, apisecret, and the last refresh
token for an authenticated session, you can renew the session without sending
a password. Neat, right? Let's build on the ``ag`` object from above to learn
about this.

Let's start by inspecting its ``token`` property, which will also demonstrate
how you can access token data programmatically for your own purposes.

.. code-block:: pycon

>>> ag.token.token_info
{u'access_token': u'14f0bbd0b334e594e676661bf9ccc136', 'created_at':
1518136421, u'expires_in': 13283, 'expires_at': 'Thu Feb 8 22:15:04',
u'token_type': u'bearer', 'expiration': 1518149704, u'scope': u'default',
u'refresh_token': u'b138c49040a6f67f80d49a1c112e44b'}
>>> ag.token.token_info['refresh_token']
u'b138c49046f67f80d49a1c10a12e44b'

**To be continued**

.. _Agave: https://agaveapi.co/
.. _Abaco: http://useabaco.cloud/
.. _PyPI: https://pypi.python.org/pypi
.. _Developer Documentation: http://developer.tacc.cloud/
.. _Docker: https://docs.docker.com/installation/#installation
.. _Jupyter: https://jupyter.org/

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

agavepy-0.7.1.tar.gz (97.8 kB view details)

Uploaded Source

File details

Details for the file agavepy-0.7.1.tar.gz.

File metadata

  • Download URL: agavepy-0.7.1.tar.gz
  • Upload date:
  • Size: 97.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for agavepy-0.7.1.tar.gz
Algorithm Hash digest
SHA256 565bf96e67ed1a440f9fe3760f6229cdb9093d2faa33d9c08abe27d961d06d46
MD5 24e5755022795302e01a68fc2c3b0077
BLAKE2b-256 9f3bdc6260e42241d1960c205731fd73f272b181259753fb11529a526b43f6d3

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page