import os
import re
import types
+import hashlib
import apiclient
import apiclient.discovery
+import apiclient.errors
+import config
+import errors
import util
-config = None
-services = {}
+_logger = logging.getLogger('arvados.api')
+conncache = {}
+
+class CredentialsFromToken(object):
+ def __init__(self, api_token):
+ self.api_token = api_token
-class CredentialsFromEnv(object):
@staticmethod
def http_request(self, uri, **kwargs):
- global config
from httplib import BadStatusLine
if 'headers' not in kwargs:
kwargs['headers'] = {}
- kwargs['headers']['Authorization'] = 'OAuth2 %s' % config.get('ARVADOS_API_TOKEN', 'ARVADOS_API_TOKEN_not_set')
+
+ if config.get("ARVADOS_EXTERNAL_CLIENT", "") == "true":
+ kwargs['headers']['X-External-Client'] = '1'
+
+ kwargs['headers']['Authorization'] = 'OAuth2 %s' % self.arvados_api_token
try:
return self.orig_http_request(uri, **kwargs)
except BadStatusLine:
# risky.
return self.orig_http_request(uri, **kwargs)
def authorize(self, http):
+ http.arvados_api_token = self.api_token
http.orig_http_request = http.request
http.request = types.MethodType(self.http_request, http)
return http
-# Arvados configuration settings are taken from $HOME/.config/arvados.
-# Environment variables override settings in the config file.
-#
-class ArvadosConfig(dict):
- def __init__(self, config_file):
- dict.__init__(self)
- if os.path.exists(config_file):
- with open(config_file, "r") as f:
- for config_line in f:
- var, val = config_line.rstrip().split('=', 2)
- self[var] = val
- for var in os.environ:
- if var.startswith('ARVADOS_'):
- self[var] = os.environ[var]
-
# Monkey patch discovery._cast() so objects and arrays get serialized
# with json.dumps() instead of str().
_cast_orig = apiclient.discovery._cast
return _cast_orig(value, schema_type)
apiclient.discovery._cast = _cast_objects_too
+# Convert apiclient's HttpErrors into our own API error subclass for better
+# error reporting.
+# Reassigning apiclient.errors.HttpError is not sufficient because most of the
+# apiclient submodules import the class into their own namespace.
+def _new_http_error(cls, *args, **kwargs):
+ return super(apiclient.errors.HttpError, cls).__new__(
+ errors.ApiError, *args, **kwargs)
+apiclient.errors.HttpError.__new__ = staticmethod(_new_http_error)
+
def http_cache(data_type):
path = os.environ['HOME'] + '/.cache/arvados/' + data_type
try:
path = None
return path
-def api(version=None):
- global services, config
-
- if not config:
- config = ArvadosConfig(os.environ['HOME'] + '/.config/arvados/settings.conf')
- if 'ARVADOS_DEBUG' in config:
- logging.basicConfig(level=logging.DEBUG)
-
- if not services.get(version):
- apiVersion = version
- if not version:
- apiVersion = 'v1'
- logging.info("Using default API version. " +
- "Call arvados.api('%s') instead." %
- apiVersion)
- if 'ARVADOS_API_HOST' not in config:
- raise Exception("ARVADOS_API_HOST is not set. Aborting.")
- url = ('https://%s/discovery/v1/apis/{api}/{apiVersion}/rest' %
- config['ARVADOS_API_HOST'])
- credentials = CredentialsFromEnv()
-
- # Use system's CA certificates (if we find them) instead of httplib2's
- ca_certs = '/etc/ssl/certs/ca-certificates.crt'
- if not os.path.exists(ca_certs):
- ca_certs = None # use httplib2 default
-
- http = httplib2.Http(ca_certs=ca_certs,
- cache=http_cache('discovery'))
- http = credentials.authorize(http)
- if re.match(r'(?i)^(true|1|yes)$',
- config.get('ARVADOS_API_HOST_INSECURE', 'no')):
- http.disable_ssl_certificate_validation=True
- services[version] = apiclient.discovery.build(
- 'arvados', apiVersion, http=http, discoveryServiceUrl=url)
- return services[version]
+def api(version=None, cache=True, host=None, token=None, insecure=False, **kwargs):
+ """Return an apiclient Resources object for an Arvados instance.
+
+ Arguments:
+ * version: A string naming the version of the Arvados API to use (for
+ example, 'v1').
+ * cache: If True (default), return an existing Resources object if
+ one already exists with the same endpoint and credentials. If
+ False, create a new one, and do not keep it in the cache (i.e.,
+ do not return it from subsequent api(cache=True) calls with
+ matching endpoint and credentials).
+ * host: The Arvados API server host (and optional :port) to connect to.
+ * token: The authentication token to send with each API call.
+ * insecure: If True, ignore SSL certificate validation errors.
+
+ Additional keyword arguments will be passed directly to
+ `apiclient.discovery.build` if a new Resource object is created.
+ If the `discoveryServiceUrl` or `http` keyword arguments are
+ missing, this function will set default values for them, based on
+ the current Arvados configuration settings.
+
+ """
+
+ if not version:
+ version = 'v1'
+ logging.info("Using default API version. " +
+ "Call arvados.api('%s') instead." %
+ version)
+ if host and token:
+ apiinsecure = insecure
+ elif not host and not token:
+ # Load from user configuration or environment
+ for x in ['ARVADOS_API_HOST', 'ARVADOS_API_TOKEN']:
+ if x not in config.settings():
+ raise Exception("%s is not set. Aborting." % x)
+ host = config.get('ARVADOS_API_HOST')
+ token = config.get('ARVADOS_API_TOKEN')
+ apiinsecure = (config.get('ARVADOS_API_HOST_INSECURE', '').lower() in
+ ('yes', 'true', '1'))
+ else:
+ # Caller provided one but not the other
+ if not host:
+ raise Exception("token argument provided, but host missing.")
+ else:
+ raise Exception("host argument provided, but token missing.")
+
+ if cache:
+ connprofile = hashlib.sha1(' '.join([
+ version, host, token, ('y' if apiinsecure else 'n')
+ ])).hexdigest()
+ svc = conncache.get(connprofile)
+ if svc:
+ return svc
+
+ if 'http' not in kwargs:
+ http_kwargs = {}
+ # Prefer system's CA certificates (if available) over httplib2's.
+ certs_path = '/etc/ssl/certs/ca-certificates.crt'
+ if os.path.exists(certs_path):
+ http_kwargs['ca_certs'] = certs_path
+ if cache:
+ http_kwargs['cache'] = http_cache('discovery')
+ if apiinsecure:
+ http_kwargs['disable_ssl_certificate_validation'] = True
+ kwargs['http'] = httplib2.Http(**http_kwargs)
+
+ credentials = CredentialsFromToken(api_token=token)
+ kwargs['http'] = credentials.authorize(kwargs['http'])
+
+ if 'discoveryServiceUrl' not in kwargs:
+ kwargs['discoveryServiceUrl'] = (
+ 'https://%s/discovery/v1/apis/{api}/{apiVersion}/rest' % (host,))
+
+ svc = apiclient.discovery.build('arvados', version, **kwargs)
+ kwargs['http'].cache = None
+ if cache:
+ conncache[connprofile] = svc
+ return svc
+def unload_connection_cache():
+ for connprofile in conncache:
+ del conncache[connprofile]
projects / arvados.git / blobdiff