No project description provided
Project description
Globus Identity Mapper
The Globus Identity Mapper Python library provides two mapping classes that implement configurable hooks for mapping a Globus Auth Identity resource to an application- or context-specific username:
ExpressionIdentityMapping
ExternalIdentityMapping
Additionally, the library offers a protocol for implementing custom identity mapper logic:
IdentityMappingProtocol
Most consumers of this library will make use of a mapping configuration
document, the .from_mapping_document()
method to instantiate the appropriate
class, and then call .map_identity()
or .map_identities()
thereafter.
This enables administrators to dynamically specify their desired mapping
configuration without having to resort to typing Python code. For example, a
simple mapping configuration to use the ExpressionIdentityMapping
logic to
follow the rules as documented at Globus Connect Server, Identity Mapping
might be:
{
"DATA_TYPE": "expression_identity_mapping#1.0.0",
"mappings": [
{
"source": "{email}", "match": "(.*)@example\\.org", "output": "{0}"
}
]
}
A hard-coded class instantiation might look like:
>>> import json
>>> from globus_identity_mapping import ExpressionIdentityMapping
>>> fdata = open("example_configuration.json").read()
>>> mapping_document = json.loads(fdata)
>>> connector_id = "..." # see the Identity Mapping Guide, linked above
>>> storage_gateway = "application-specific-identifier"
>>> mapper = ExpressionIdentityMapping.from_mapping_document(
... mapping_document, storage_gateway=storage_gateway, connector_id=connector_id
... )
Thereafter, the mapper
may be used to find a context-aware username by
mapping the source field of email
from a Globus Auth Identity record via
the regular expression logic. (In the above example, the hostname is stripped
to determine the application-specific username.) Example:
>>> gair = {"id": "...", "sub": "...", "email": "billy@example.org", "name": "..."}
>>> mapper.map_identity(gair)
'billy'
For more serious library usage, implements may want to look at
globus_identity_mapping.loader.load_mappers
Development
The high level bits:
- uses Poetry (
pyproject.toml
) - uses tox
tox
- enough to run all teststox -e mypy
to run mypy
- Reminder to install
pre-commit
at your first checkout:pre-commit --install
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for globus_identity_mapping-0.1.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9d8e73ed4b6edfd20d39eca9365fbeaf913239b01d41ff67fd3b0d645a223fc5 |
|
MD5 | 572f8781451a40aa73fa8a354cad1610 |
|
BLAKE2b-256 | 927d861302001186e95254222e07252c82fda684721aeeb8729bcd4c3ea4e190 |
Hashes for globus_identity_mapping-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b13c1f097be3ff514d44e3d25fcb648f4989a7d6e53fffc368b8636e4a9a071b |
|
MD5 | e18a3643dc93db02e628cb690591085e |
|
BLAKE2b-256 | 5d42fbeb83c5bf7964ba820fde71798f74b6363bcac3982e389a81787311183f |