Configuration Options¶

Flaat instances are configured like FlaatConfig below.

class FlaatConfig¶

The configuration for Flaat instances.

set_access_levels(access_levels)¶

Set the list of access levels for use with flaat.BaseFlaat.access_level(). This list will overwrite the default access levels.

Parameters: access_level – List of AccessLevel instances.

set_verbosity(verbosity, set_global=False)¶

Set the logging verbosity.

Parameters

verbosity (int) – Verbosity integer from 0 (= error) to 3 (= debug)
set_global – If set to True the logging level will be set for all loggers

set_issuer(issuer)¶

Pins the given issuer. Only users of this issuer will be able to use services.

Parameters: issuer (str) – Issuer URL of the pinned issuer.

set_trusted_OP_list(trusted_op_list)¶

Sets a list of OIDC providers that you trust. This means that users of these OPs will be able to use your services.

Parameters: trusted_op_list (List[str]) – A list of the issuer URLs that you trust. An example issuer is: ‘https://iam.deep-hybrid-datacloud.eu/’.

set_verify_tls(verify_tls=True)¶: Only use for development and debugging. Set to False to skip TLS certificate verification while processing requests.

set_verify_jwt(verify_jwt=True)¶: Set to False to skip JWT verification while processing requests.

set_client_id(client_id='')¶: Set a client id for token introspection

set_client_secret(client_secret='')¶: Set a client secret for token introspection

set_request_timeout(timeout=1.2)¶

Set the timeout for individual requests (retrieving issuer configs, user infos and introspection infos). Note that the total runtime of a decorator could be significantly more, based on your trusted_op_list.

Parameters: timeout (float) – Request timeout in seconds.

class AccessLevel(name, requirement)¶

Access levels are basically named requirements. An example would be two access levels ‘user’ and ‘admin’, which have requirements for the respective level.

In order to use an access level with a flaat instance, you need to use flaat.BaseFlaat.set_access_levels() to add them to the list.

name: str¶: The name of the access level. This is used in flaat.BaseFlaat.access_level() to identify this access level.

requirement: Union[flaat.requirements.Requirement, Callable[[], flaat.requirements.Requirement]]¶: The requirement that users of this access level need to satisfy. If this is a callable, then the requirement is lazily loaded at runtime using the callable.