arkouda.security¶
Security and user identity utilities for Arkouda clients.
The arkouda.security module provides functionality for managing access credentials, user identity, and secure client-side metadata used in communicating with the Arkouda server.
Features¶
Platform-independent retrieval of the current user’s username and home directory.
Creation and management of a .arkouda directory for client-specific data.
Secure generation of authentication tokens using Python’s secrets module.
Serialization of user credentials for use with token-based server authentication.
Functions¶
- generate_token(length=32)
Generate a secure hexadecimal token using secrets.token_hex.
- generate_username_token_json(token)
Return a JSON-formatted string containing both the current user’s username and a token.
- get_home_directory()
Return the user’s home directory in a cross-platform manner.
- get_arkouda_client_directory()
Get or create the .arkouda directory where client configuration and credentials are stored.
- get_username()
Determine the system username based on the user’s home directory path.
Notes
The .arkouda directory can be overridden using the ARKOUDA_CLIENT_DIRECTORY environment variable.
This module supports Linux, macOS (Darwin), and Windows platforms.
Token storage conventions in this module differ from the Arkouda server’s expectations /
and must not be confused.
Examples
>>> from arkouda.security import generate_token, get_username, generate_username_token_json
>>> token = generate_token()
>>> print(token)
'8f3a52e1b75f44d1a3a57a869488b637'
>>> user = get_username()
>>> print(user)
'emma'
>>> generate_username_token_json(token)
'{"username": "emma", "token": "8f3a52e1b75f44d1a3a57a869488b637"}'
Functions¶
|
Use the secrets.token_hex() method to generate a hexidecimal token. |
|
Generate a JSON object encapsulating the user's username and token. |
|
Find a path to the current user's .arkouda directory. |
|
Find a path to the current user's home directory in a platform-independent manner. |
|
Retrieve the current user's username for the host system in a platform-independent manner. |
Module Contents¶
- arkouda.security.generate_token(length: int = 32) str[source]¶
Use the secrets.token_hex() method to generate a hexidecimal token.
- Parameters:
length (int) – The desired length of token
- Returns:
The hexidecimal string generated by Python
- Return type:
str
Notes
This method uses the Python secrets.token_hex method
- arkouda.security.generate_username_token_json(token: str) str[source]¶
Generate a JSON object encapsulating the user’s username and token.
These credentials are for connecting to an arkouda server with basic authentication enabled.
- Parameters:
token (string) – The token to be used to access arkouda server
- Returns:
The JSON-formatted string encapsulating username and token
- Return type:
str
- arkouda.security.get_arkouda_client_directory() pathlib.Path[source]¶
Find a path to the current user’s .arkouda directory.
Artifacts such as server access tokens are stored in a platform-independent manner in the .arkouda directory.
- Returns:
Path corresponding to the user’s .arkouda directory path
- Return type:
Path
Notes
The default implementation is to place the .arkouda directory in the current user’s home directory. The default can be overridden by setting the ARKOUDA_CLIENT_DIRECTORY environment variable. It is important this is not the same location as the server’s token directory as the file format is different.
- arkouda.security.get_home_directory() str[source]¶
Find a path to the current user’s home directory in a platform-independent manner.
- Returns:
The user’s home directory path
- Return type:
str
Notes
This method uses the Python os.path.expanduser method to retrieve the user’s home directory
- arkouda.security.get_username() str[source]¶
Retrieve the current user’s username for the host system in a platform-independent manner.
- Returns:
The username in the form of string
- Return type:
str
- Raises:
EnvironmentError – Raised if the host OS is unsupported
Notes
The currently supported operating systems are Windows, Linux, and MacOS AKA Darwin