Credd Class

Warning

This is not a stable API. It may be removed, extended, or altered with little or no notice.

Note

This class – the credd client – is intended to support expert users migrating from version 1 of the HTCondor Python bindings.

class htcondor2.Credd(location=None)

The credd client. Adds, deletes, and queries (legacy) passwords, user credentials (new passwords, Kerberos), and user service credentials (OAUth2).

If you’re trying to submit a job, see Submit.issue_credentials() instead.

Parameters

location (ClassAd) – A ClassAd with a MyAddress attribute, such as might be returned by Collector.locate().

add_password(password, user=None)

Store the specified password in the credd for the specified user.

Parameters
  • password (str) – The password to store.

  • user (str) – The user for whom to store the password. If None, attempt to guess based on the current process’s effective user ID.

Return type

None

add_user_cred(credtype, credential, user=None)

Store the specified credential of the specified credtype in the credd for the specified user.

Parameters
  • credtype (CredType) – One of CredType.Password and CredType.Kerberos.

  • credential (bytes) – The credential to store.

  • user (str) – The user for whom to store the credential. If None, attempt to guess based on the current process’s effective user ID.

Return type

None

add_user_service_cred(credtype, credential, service, handle=None, user=None)

Store the specified OAuth credential in the credd for the specified user.

Parameters
  • credtype (CredType) – Must be CredType.OAuth.

  • credential (bytes) – The credential to store.

  • service (str) – An identifier. Used in submit files to map from URLs to credentials.

  • handle (str) – An optional identifier. Used in submit files to distinguish multiple credentials from the same service.

  • user (str) – The user for whom to store the credential. If None, attempt to guess based on the current process’s effective user ID.

Return type

None

check_user_service_creds(credtype, serviceAds, user=None)
Parameters
  • credtype (CredType) – Must be CredType.OAuth.

  • serviceAds (List[ClassAd]) – A list of ClassAds specifying which services are needed.

  • user (str) – The user for whom to store the credential. If None, attempt to guess based on the current process’s effective user ID.

Raises

HTCondorException – If a problem occurs talking to the credd.

Return type

CredCheck

delete_password(user=None)

Delete the password stored in the credd for the specified user.

Parameters

user (str) – The user for whom to delete the password. If None, attempt to guess based on the current process’s effective user ID.

Return type

bool

delete_user_cred(credtype, user=None)

Delete the credential of the specified credtype stored in the credd for the specified user.

Parameters
Return type

None

delete_user_service_cred(credtype, service, handle=None, user=None)

Delete the OAuth credential stored in the credd for the specified user.

Parameters
  • credtype (CredType) – Must be CredType.OAuth.

  • service (str) – An identifier. Used in submit files to map from URLs to credentials.

  • handle (str) – An optional identifier. Used in submit files to distinguish multiple credentials from the same service.

  • user (str) – The user for whom to store the credential. If None, attempt to guess based on the current process’s effective user ID.

Return type

None

get_oauth2_credential(service, handle, user=None)

Return the specified OAuth2 credential.

Parameters
  • service (str) – An identifier. Used in submit files to map from URLs to credentials.

  • handle (str) – An optional identifier. Used in submit files to distinguish multiple credentials from the same service.

  • user (str) – The user for whom to store the credential. If None, attempt to guess based on the current process’s effective user ID.

Return type

str

Returns

The requested credential.

query_password(user=None)

Check if the credd has a password stored for the specified user.

Parameters

user (str) – The user for whom to retrieve the password. If None, attempt to guess based on the current process’s effective user ID.

Return type

bool

query_user_cred(credtype, user=None)

Check if the credd has a credential of the specific credtype stored in the credd for the specified user.

Parameters
Return type

str

Returns

The time the credential was last updated, or None.

query_user_service_cred(credtype, service, handle=None, user=None)

Check if the credd has an OAuth credential stored for the specified user.

Parameters
  • credtype (CredType) – Must be CredType.OAuth.

  • service (str) – An identifier. Used in submit files to map from URLs to credentials.

  • handle (str) – An optional identifier. Used in submit files to distinguish multiple credentials from the same service.

  • user (str) – The user for whom to store the credential. If None, attempt to guess based on the current process’s effective user ID.

Return type

str

Returns

The result ClassAd serialized in the “old” syntax.