ciecplib.ui module
User-interface functions for SAML ECP authentication
- ciecplib.ui.get_cert(endpoint=None, hours=168, username=None, kerberos=False, spurl='https://ecp.cilogon.org/secure/getcert', debug=False, session=None)
Create an X.509 credential using SAML/ECP.
- Parameters:
endpoint (
str
, optional) – the identity provider URLhours (
int
, optional) – the desired validity of the credentialusername (
str
, optional) – the username to use when authenticatingkerberos (
bool
, optional) – ifTrue
use an existing kerberos TGT to authenticatedebug (
bool
, optional) – ifTrue
enable verbose debugging from requests, currently unusedsession (
requests.Session
, optional) – an activerequests.Session
to use with the query
- Returns:
cert (
cryptography.x509.Certificate
) – The newly minted certificate.key (
cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey
) – The RSA key object used to sign the certificate.
- ciecplib.ui.get_cookie(url, endpoint=None, username=None, kerberos=False, debug=False, session=None)
Create a SAML/ECP session cookie valid for the given URL
- Parameters:
url (
str
) – the target URL/domainendpoint (
str
, optional) – the identity provider URLusername (
str
, optional) – the username to use when authenticatingkerberos (
bool
, optional) – ifTrue
use an existing kerberos TGT to authenticatedebug (
bool
, optional) – ifTrue
enable verbose debugging from requests, currently unusedsession (
requests.Session
, optional) – an activerequests.Session
to use with the queryreturn_all (
bool
, optional) – return all cookies from the authentication request
- Returns:
cookie (
http.cookiejar.Cookie
) – the newly-minted session cookie