Source code for gssapi.raw.creds

import typing as t

if t.TYPE_CHECKING:
    from gssapi.raw.names import Name
    from gssapi.raw.oids import OID
    from gssapi.raw.named_tuples import (
        AcquireCredResult,
        AddCredResult,
        InquireCredResult,
        InquireCredByMechResult,
    )


[docs]class Creds: """ GSSAPI Credentials """ def __new__( cls, cpy: t.Optional["Creds"] = None, ) -> "Creds": ...
[docs]def acquire_cred( name: t.Optional["Name"], lifetime: t.Optional[int] = None, mechs: t.Optional[t.Iterable["OID"]] = None, usage: str = 'both', ) -> "AcquireCredResult": """Get GSSAPI credentials for the given name and mechanisms. This method gets GSSAPI credentials corresponding to the given name and mechanims. The desired TTL and usage for the the credential may also be specified. Args: name (~gssapi.raw.names.Name): the name for which to acquire the credentials (or None for the "no name" functionality) lifetime (int): the lifetime in seconds for the credentials (or None for indefinite) mechs (~gssapi.raw.types.MechType): the desired mechanisms for which the credentials should work, or None for the default set usage (str): the usage type for the credentials: may be 'initiate', 'accept', or 'both' Returns: AcquireCredResult: the resulting credentials, the actual mechanisms with which they may be used, and their actual lifetime in seconds (or None for indefinite or not supported) Raises: ~gssapi.exceptions.BadMechanismError ~gssapi.exceptions.BadNameTypeError ~gssapi.exceptions.BadNameError ~gssapi.exceptions.ExpiredCredentialsError ~gssapi.exceptions.MissingCredentialsError """
[docs]def release_cred( creds: Creds, ) -> None: """ release_cred(creds) Release GSSAPI Credentials. This method releases GSSAPI credentials. Warning: This method is deprecated. Credentials are automatically freed by Python. Args: creds (Creds): the credentials in question Raises: ~gssapi.exceptions.MissingCredentialsError """
[docs]def add_cred( input_cred: Creds, name: "Name", mech: "OID", usage: str = 'initiate', init_lifetime: t.Optional[int] = None, accept_lifetime: t.Optional[int] = None, mutate_input: bool = False, ) -> "AddCredResult": """Add a credential element to a credential. This method can be used to either compose two credentials (i.e., original and new credential), or to add a new element to an existing credential. Args: input_cred (Creds): the set of credentials to which to add the new credentials name (~gssapi.raw.names.Name): name of principal to acquire a credential for mech (~gssapi.raw.types.MechType): the desired security mechanism (required). usage (str): usage type for credentials. Possible values: 'initiate' (default), 'accept', 'both' (failsafe). init_lifetime (int): lifetime of credentials for use in initiating security contexts in seconds (None for indefinite) accept_lifetime (int): lifetime of credentials for use in accepting security contexts in seconds (None for indefinite) mutate_input (bool): whether to mutate the input credentials (True) or produce a new set of credentials (False). Defaults to False Returns: AddCredResult: the actual mechanisms with which the credentials may be used, the actual initiator TTL, and the actual acceptor TTL (None for either indefinite or not supported). Note that the credentials may be set to None if mutate_input is set to True. Raises: ~gssapi.exceptions.BadMechanismError ~gssapi.exceptions.BadNameTypeError ~gssapi.exceptions.BadNameError ~gssapi.exceptions.DuplicateCredentialsElementError ~gssapi.exceptions.ExpiredCredentialsError ~gssapi.exceptions.MissingCredentialsError """
[docs]def inquire_cred( creds: Creds, name: bool = True, lifetime: bool = True, usage: bool = True, mechs: bool = True, ) -> "InquireCredResult": """Inspect credentials for information. This method inspects a :class:`Creds` object for information. Args: creds (Creds): the credentials to inspect name (bool): get the Name associated with the credentials lifetime (bool): get the TTL for the credentials usage (bool): get the usage type of the credentials mechs (bool): the mechanims used with the credentials Returns: InquireCredResult: the information about the credentials, with unused fields set to None Raises: ~gssapi.exceptions.MissingCredentialsError ~gssapi.exceptions.InvalidCredentialsError ~gssapi.exceptions.ExpiredCredentialsError """
[docs]def inquire_cred_by_mech( creds: Creds, mech: "OID", name: bool = True, init_lifetime: bool = True, accept_lifetime: bool = True, usage: bool = True, ) -> "InquireCredByMechResult": """Inspect credentials for mechanism-specific information. This method inspects a :class:`Creds` object for information specific to a particular mechanism. It functions similarly to :func:`inquire_cred`. Args: creds (Creds): the credentials to inspect mech (~gssapi.OID): the desired mechanism name (bool): get the Name associated with the credentials init_lifetime (bool): get the initiator TTL for the credentials (in seconds) accept_lifetime (bool): get the acceptor TTL for the credentials (in seconds) usage (bool): get the usage type of the credentials Returns: InquireCredByMechResult: the information about the credentials, with unused fields set to None Raises: ~gssapi.exceptions.MissingCredentialsError ~gssapi.exceptions.InvalidCredentialsError """