U ڲgKB @sdZddlZddlZddlZddlZddlmZddlmZddlmZddlmZdZ dZ e d Z d d d d ddddddg Z ejZejZd$ddZd%ddZd&ddZd'ddZd(ddZde dfddZddZGdd d ZGdddZGdd d ZGd d!d!Zd"d#ZdS))zFirebase tenant management module. This module contains functions for creating and configuring authentication tenants within a Google Cloud Identity Platform (GCIP) instance. N)auth) _auth_utils) _http_client)_utilsZ _tenant_mgtdz^[a-zA-Z][a-zA-Z0-9-]{3,19}$ListTenantsPageTenantTenantIdMismatchErrorTenantNotFoundErrorauth_for_tenant create_tenant delete_tenant get_tenant list_tenants update_tenantcCst|}||S)a+Gets an Auth Client instance scoped to the given tenant ID. Args: tenant_id: A tenant ID string. app: An App instance (optional). Returns: auth.Client: An ``auth.Client`` object. Raises: ValueError: If the tenant ID is None, empty or not a string. )_get_tenant_mgt_servicer  tenant_idapptenant_mgt_servicer=/tmp/pip-unpacked-wheel-p0r7i5ii/firebase_admin/tenant_mgt.pyr 9s cCst|}||S)aGets the tenant corresponding to the given ``tenant_id``. Args: tenant_id: A tenant ID string. app: An App instance (optional). Returns: Tenant: A tenant object. Raises: ValueError: If the tenant ID is None, empty or not a string. TenantNotFoundError: If no tenant exists by the given ID. FirebaseError: If an error occurs while retrieving the tenant. )rrrrrrrJscCst|}|j|||dS)aCreates a new tenant from the given options. Args: display_name: Display name string for the new tenant. Must begin with a letter and contain only letters, digits and hyphens. Length must be between 4 and 20. allow_password_sign_up: A boolean indicating whether to enable or disable the email sign-in provider (optional). enable_email_link_sign_in: A boolean indicating whether to enable or disable email link sign-in (optional). Disabling this makes the password required for email sign-in. app: An App instance (optional). Returns: Tenant: A tenant object. Raises: ValueError: If any of the given arguments are invalid. FirebaseError: If an error occurs while creating the tenant.  display_nameallow_password_sign_upenable_email_link_sign_in)rr )rrrrrrrrr ]s cCst|}|j||||dS)a Updates an existing tenant with the given options. Args: tenant_id: ID of the tenant to update. display_name: Updated display name string for the tenant (optional). allow_password_sign_up: A boolean indicating whether to enable or disable the email sign-in provider. enable_email_link_sign_in: A boolean indicating whether to enable or disable email link sign-in. Disabling this makes the password required for email sign-in. app: An App instance (optional). Returns: Tenant: The updated tenant object. Raises: ValueError: If any of the given arguments are invalid. TenantNotFoundError: If no tenant exists by the given ID. FirebaseError: If an error occurs while creating the tenant. r)rr)rrrrrrrrrrwscCst|}||dS)awDeletes the tenant corresponding to the given ``tenant_id``. Args: tenant_id: A tenant ID string. app: An App instance (optional). Raises: ValueError: If the tenant ID is None, empty or not a string. TenantNotFoundError: If no tenant exists by the given ID. FirebaseError: If an error occurs while retrieving the tenant. N)rr rrrrr s cs t|fdd}t|||S)aRetrieves a page of tenants from a Firebase project. The ``page_token`` argument governs the starting point of the page. The ``max_results`` argument governs the maximum number of tenants that may be included in the returned page. This function never returns None. If there are no user accounts in the Firebase project, this returns an empty page. Args: page_token: A non-empty page token string, which indicates the starting point of the page (optional). Defaults to ``None``, which will retrieve the first page of users. max_results: A positive integer indicating the maximum number of users to include in the returned page (optional). Defaults to 100, which is also the maximum number allowed. app: An App instance (optional). Returns: ListTenantsPage: A page of tenants. Raises: ValueError: If ``max_results`` or ``page_token`` are invalid. FirebaseError: If an error occurs while retrieving the user accounts. cs ||SN)r) page_token max_resultsrrrdownloadszlist_tenants..download)rr)rrrr rrrrs cCst|ttSr)rZget_app_service_TENANT_MGT_ATTRIBUTE_TenantManagementService)rrrrrsrc@sHeZdZdZddZeddZeddZedd Zed d Z d S) raRepresents a tenant in a multi-tenant application. Multi-tenancy support requires Google Cloud Identity Platform (GCIP). To learn more about GCIP including pricing and features, see https://cloud.google.com/identity-platform. Before multi-tenancy can be used in a Google Cloud Identity Platform project, tenants must be enabled in that project via the Cloud Console UI. A Tenant instance provides information such as the display name, tenant identifier and email authentication configuration. cCs2t|tstd|d|kr(td||_dS)Nz0Invalid data argument in Tenant constructor: {0}namez&Tenant response missing required keys.) isinstancedict ValueErrorformat_data)selfdatarrr__init__s  zTenant.__init__cCs|jd}|ddS)Nr#/)r(split)r)r#rrrrs zTenant.tenant_idcCs |jdS)N displayNamer(getr)rrrrszTenant.display_namecCs|jddS)NallowPasswordSignupFr0r2rrrrszTenant.allow_password_sign_upcCs|jddS)NenableEmailLinkSigninFr0r2rrrrsz Tenant.enable_email_link_sign_inN) __name__ __module__ __qualname____doc__r+propertyrrrrrrrrrs    c@sVeZdZdZdZddZddZddZdd d Zdd d Z ddZ d e fddZ d S)r"z#Firebase tenant management service.z)https://identitytoolkit.googleapis.com/v2cCsV|j}dtj}d|j|j}||_tj ||d|id|_ i|_ t |_dS)NzPython/Admin/{0}z{0}/projects/{1}zX-Client-Version) credentialbase_urlheaders)r:get_credentialr'firebase_admin __version__TENANT_MGT_URLZ project_idrrZJsonHttpClientclienttenant_clients threadingRLocklock)r)rr:Zversion_headerr;rrrr+s  z!_TenantManagementService.__init__c Csxt|tr|std||jL||jkrD|j|W5QRStj|j|d}||j|<|W5QRSQRXdS)z;Gets an Auth Client instance scoped to the given tenant ID.=Invalid tenant ID: {0}. Tenant ID must be a non-empty string.)rN) r$strr&r'rErBrZClientr)r)rrArrrr s  z(_TenantManagementService.auth_for_tenantc Csrt|tr|std|z|jdd|}Wn0tjjk rd}zt |W5d}~XYn Xt |SdS)z9Gets the tenant corresponding to the given ``tenant_id``.rFr1 /tenants/{0}N) r$rGr&r'rAbodyrequests exceptionsRequestExceptionrhandle_auth_backend_errorr)r)rrIerrorrrrrsz#_TenantManagementService.get_tenantNc Csdt|i}|dk r$t|d|d<|dk rssz+ListTenantsPage.tenants..tenantsrar1r2rrrrdpszListTenantsPage.tenantscCs|jddS)zKPage token string for the next page (empty string indicates no more pages).Z nextPageTokenrer2rrrnext_page_tokenuszListTenantsPage.next_page_tokencCs t|jS)z6A boolean indicating whether more pages are available.)boolrgr2rrr has_next_pagezszListTenantsPage.has_next_pagecCs|jrt|j|j|jSdS)zRetrieves the next page of tenants, if available. Returns: ListTenantsPage: Next page of tenants, or None if this is the last page. N)rirr_rgr`r2rrr get_next_pageszListTenantsPage.get_next_pagecCst|S)aGRetrieves an iterator for tenants. Returned iterator will iterate through all the tenants in the Firebase project starting from this page. The iterator will never buffer more than one page of tenants in memory at a time. Returns: iterator: An iterator of Tenant instances. )_TenantIteratorr2rrr iterate_alls zListTenantsPage.iterate_allN) r5r6r7r8r+r9rdrgrirjrlrrrrrcs    c@s0eZdZdZddZddZddZdd Zd S) rkaAn iterator that allows iterating over tenants. This implementation loads a page of tenants into memory, and iterates on them. When the whole page has been traversed, it loads another page. This class never keeps more than one page of entries in memory. cCs|s td||_d|_dS)NzCurrent page must not be None.r)r& _current_page_index)r)Z current_pagerrrr+sz_TenantIterator.__init__cCsf|jt|jjkr,|jjr,|j|_d|_|jt|jjkr^|jj|j}|jd7_|StdS)Nrr\)rnlenrmrdrirj StopIteration)r)resultrrrnexts z_TenantIterator.nextcCs|Sr)rrr2rrr__next__sz_TenantIterator.__next__cCs|Srrr2rrr__iter__sz_TenantIterator.__iter__N)r5r6r7r8r+rrrsrtrrrrrks  rkcCs(t|tstdt|s$td|S)NzInvalid type for displayNamezjdisplayName must start with a letter and only consist of letters, digits and hyphens with 4-20 characters.)r$rGr&_DISPLAY_NAME_PATTERNsearch)rrrrrRs  rR)N)N)NNN)NNNN)N)r8rerCrJr>rrrrr!r^compileru__all__r r r rr rr rrrr"rrkrRrrrrsV          %{3