import os
import re
import types
+import hashlib
import apiclient
import apiclient.discovery
import util
_logger = logging.getLogger('arvados.api')
-services = {}
+conncache = {}
+
+class CredentialsFromToken(object):
+ def __init__(self, api_token):
+ self.api_token = api_token
-class CredentialsFromEnv(object):
@staticmethod
def http_request(self, uri, **kwargs):
from httplib import BadStatusLine
if config.get("ARVADOS_EXTERNAL_CLIENT", "") == "true":
kwargs['headers']['X-External-Client'] = '1'
- kwargs['headers']['Authorization'] = 'OAuth2 %s' % config.get('ARVADOS_API_TOKEN', 'ARVADOS_API_TOKEN_not_set')
+ kwargs['headers']['Authorization'] = 'OAuth2 %s' % self.arvados_api_token
try:
return self.orig_http_request(uri, **kwargs)
except BadStatusLine:
# risky.
return self.orig_http_request(uri, **kwargs)
def authorize(self, http):
+ http.arvados_api_token = self.api_token
http.orig_http_request = http.request
http.request = types.MethodType(self.http_request, http)
return http
path = None
return path
-def api(version=None, cache=True, **kwargs):
+def api(version=None, cache=True, host=None, token=None, insecure=False, **kwargs):
"""Return an apiclient Resources object for an Arvados instance.
Arguments:
* version: A string naming the version of the Arvados API to use (for
example, 'v1').
- * cache: If True (default), return an existing resources object, or use
- a cached discovery document to build one.
+ * cache: If True (default), return an existing Resources object if
+ one already exists with the same endpoint and credentials. If
+ False, create a new one, and do not keep it in the cache (i.e.,
+ do not return it from subsequent api(cache=True) calls with
+ matching endpoint and credentials).
+ * host: The Arvados API server host (and optional :port) to connect to.
+ * token: The authentication token to send with each API call.
+ * insecure: If True, ignore SSL certificate validation errors.
Additional keyword arguments will be passed directly to
- `apiclient.discovery.build`. If the `discoveryServiceUrl` or `http`
- keyword arguments are missing, this function will set default values for
- them, based on the current Arvados configuration settings."""
- if not cache or not services.get(version):
- if not version:
- version = 'v1'
- _logger.info("Using default API version. " +
- "Call arvados.api('%s') instead.",
- version)
-
- if 'discoveryServiceUrl' not in kwargs:
- api_host = config.get('ARVADOS_API_HOST')
- if not api_host:
- raise ValueError(
- "No discoveryServiceUrl or ARVADOS_API_HOST set.")
- kwargs['discoveryServiceUrl'] = (
- 'https://%s/discovery/v1/apis/{api}/{apiVersion}/rest' %
- (api_host,))
-
- if 'http' not in kwargs:
- http_kwargs = {}
- # Prefer system's CA certificates (if available) over httplib2's.
- certs_path = '/etc/ssl/certs/ca-certificates.crt'
- if os.path.exists(certs_path):
- http_kwargs['ca_certs'] = certs_path
- if cache:
- http_kwargs['cache'] = http_cache('discovery')
- if (config.get('ARVADOS_API_HOST_INSECURE', '').lower() in
- ('yes', 'true', '1')):
- http_kwargs['disable_ssl_certificate_validation'] = True
- kwargs['http'] = httplib2.Http(**http_kwargs)
-
- kwargs['http'] = CredentialsFromEnv().authorize(kwargs['http'])
- services[version] = apiclient.discovery.build('arvados', version,
- **kwargs)
- kwargs['http'].cache = None
- return services[version]
-
-def uncache_api(version):
- if version in services:
- del services[version]
+ `apiclient.discovery.build` if a new Resource object is created.
+ If the `discoveryServiceUrl` or `http` keyword arguments are
+ missing, this function will set default values for them, based on
+ the current Arvados configuration settings.
+
+ """
+
+ if not version:
+ version = 'v1'
+ logging.info("Using default API version. " +
+ "Call arvados.api('%s') instead." %
+ version)
+ if host and token:
+ apiinsecure = insecure
+ elif not host and not token:
+ # Load from user configuration or environment
+ for x in ['ARVADOS_API_HOST', 'ARVADOS_API_TOKEN']:
+ if x not in config.settings():
+ raise Exception("%s is not set. Aborting." % x)
+ host = config.get('ARVADOS_API_HOST')
+ token = config.get('ARVADOS_API_TOKEN')
+ apiinsecure = (config.get('ARVADOS_API_HOST_INSECURE', '').lower() in
+ ('yes', 'true', '1'))
+ else:
+ # Caller provided one but not the other
+ if not host:
+ raise Exception("token argument provided, but host missing.")
+ else:
+ raise Exception("host argument provided, but token missing.")
+
+ if cache:
+ connprofile = hashlib.sha1(' '.join([
+ version, host, token, ('y' if apiinsecure else 'n')
+ ])).hexdigest()
+ svc = conncache.get(connprofile)
+ if svc:
+ return svc
+
+ if 'http' not in kwargs:
+ http_kwargs = {}
+ # Prefer system's CA certificates (if available) over httplib2's.
+ certs_path = '/etc/ssl/certs/ca-certificates.crt'
+ if os.path.exists(certs_path):
+ http_kwargs['ca_certs'] = certs_path
+ if cache:
+ http_kwargs['cache'] = http_cache('discovery')
+ if apiinsecure:
+ http_kwargs['disable_ssl_certificate_validation'] = True
+ kwargs['http'] = httplib2.Http(**http_kwargs)
+
+ credentials = CredentialsFromToken(api_token=token)
+ kwargs['http'] = credentials.authorize(kwargs['http'])
+
+ if 'discoveryServiceUrl' not in kwargs:
+ kwargs['discoveryServiceUrl'] = (
+ 'https://%s/discovery/v1/apis/{api}/{apiVersion}/rest' % (host,))
+
+ svc = apiclient.discovery.build('arvados', version, **kwargs)
+ kwargs['http'].cache = None
+ if cache:
+ conncache[connprofile] = svc
+ return svc
+
+def unload_connection_cache():
+ for connprofile in conncache:
+ del conncache[connprofile]
projects / arvados.git / blobdiff