sasctl.services.saslogon#
The SAS Logon service provides standard OAuth endpoints for client management.
- class sasctl._services.saslogon.SASLogon[source]#
Bases:
ServiceThe SAS Logon service client management related endpoints.
Provides functionality for managing client IDs and secrets This class is somewhat different from the other Service classes because many of the operations on the associated SA SLogon REST service are related to authentication. In sasctl all authentication is handled in the Session class, so only the operations that are not related to authentication are implemented here.
The operations provided by this service are only accessible to users with administrator permissions.
Methods
create_client(client_id, client_secret[, ...])Register a new client with the SAS Viya environment.
delete(*args, **kwargs)Send a DELETE request.
delete_client(client)Remove and existing client.
get(*args, **kwargs)Send a GET request.
get_client(client_id)Retrieve information about a specific client
get_link(obj, rel)Get link information from a resource.
head(*args, **kwargs)Send a HEAD request.
info()Version and build information for the service.
is_available()Check if the service is currently available.
list_clients([start_index, count, descending])Retrieve a details of multiple clients.
post(*args, **kwargs)Send a POST request.
put(*args, **kwargs)Send a PUT request.
request(verb, path[, session, format_])Send an HTTP request with a session.
request_link(obj, rel, **kwargs)Request a link from a resource.
update_client_secret(client, secret)- Parameters:
is_uuid
- classmethod create_client(client_id, client_secret, scopes=None, redirect_uri=None, allow_password=False, allow_client_secret=False, allow_auth_code=False)[source]#
Register a new client with the SAS Viya environment.
- Parameters:
- client_idstr
The ID to be assigned to the client.
- client_secretstr
The client secret used for authentication.
- scopeslist of string, optional
Specifies the levels of access that the client will be able to obtain on behalf of users when not using client credential authentication. If allow_password or allow_auth_code are true, the ‘openid’ scope will also be included. This is used to assert the identity of the user that the client is acting on behalf of. For clients that only use client credential authentication and therefore do not act on behalf of users, the ‘uaa.none’ scope will automatically be included.
- redirect_uristr, optional
The allowed URI pattern for redirects during authorization. Defaults to ‘urn:ietf:wg:oauth:2.0:oob’.
- allow_passwordbool, optional
Whether to allow username & password authentication with this client. Defaults to false.
- allow_client_secretbool
Whether to allow authentication using just the client ID and client secret. Defaults to false.
- allow_auth_codebool, optional
Whether to allow authorization code access using this client. Defaults to false.
- Returns:
- RestObj
- classmethod delete_client(client)[source]#
Remove and existing client.
- Parameters:
- clientstr or RestObj
The client ID or a RestObj containing the client details.
- Returns:
- RestObj
The deleted client
- Raises:
- ValueError
If client is not found.
- classmethod get_client(client_id)[source]#
Retrieve information about a specific client
- Parameters:
- client_idstr
The id of the client.
- Returns:
- RestObj or None
- classmethod list_clients(start_index=None, count=None, descending=False)[source]#
Retrieve a details of multiple clients.
- Parameters:
- start_indexint, optional
Index of first client to return. Defaults to 1.
- countint, optiona;
Number of clients to retrieve. Defaults to 100.
- descendingbool, optional
Whether to clients should be returned in descending order.
- Returns:
- list of dict
Each dict contains details for a single client. If no clients were found and empty list is returned.