1# coding=utf-8 2##################################################### 3# THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT # 4##################################################### 5# noqa: E128,E201 6from .client import BaseClient 7from .client import createApiClient 8from .client import config 9from .client import createTemporaryCredentials 10from .client import createSession 11_defaultConfig = config 12 13 14class Auth(BaseClient): 15 """ 16 Authentication related API end-points for Taskcluster and related 17 services. These API end-points are of interest if you wish to: 18 * Authorize a request signed with Taskcluster credentials, 19 * Manage clients and roles, 20 * Inspect or audit clients and roles, 21 * Gain access to various services guarded by this API. 22 23 Note that in this service "authentication" refers to validating the 24 correctness of the supplied credentials (that the caller posesses the 25 appropriate access token). This service does not provide any kind of user 26 authentication (identifying a particular person). 27 28 ### Clients 29 The authentication service manages _clients_, at a high-level each client 30 consists of a `clientId`, an `accessToken`, scopes, and some metadata. 31 The `clientId` and `accessToken` can be used for authentication when 32 calling Taskcluster APIs. 33 34 The client's scopes control the client's access to Taskcluster resources. 35 The scopes are *expanded* by substituting roles, as defined below. 36 37 ### Roles 38 A _role_ consists of a `roleId`, a set of scopes and a description. 39 Each role constitutes a simple _expansion rule_ that says if you have 40 the scope: `assume:<roleId>` you get the set of scopes the role has. 41 Think of the `assume:<roleId>` as a scope that allows a client to assume 42 a role. 43 44 As in scopes the `*` kleene star also have special meaning if it is 45 located at the end of a `roleId`. If you have a role with the following 46 `roleId`: `my-prefix*`, then any client which has a scope staring with 47 `assume:my-prefix` will be allowed to assume the role. 48 49 ### Guarded Services 50 The authentication service also has API end-points for delegating access 51 to some guarded service such as AWS S3, or Azure Table Storage. 52 Generally, we add API end-points to this server when we wish to use 53 Taskcluster credentials to grant access to a third-party service used 54 by many Taskcluster components. 55 """ 56 57 classOptions = { 58 } 59 serviceName = 'auth' 60 apiVersion = 'v1' 61 62 def ping(self, *args, **kwargs): 63 """ 64 Ping Server 65 66 Respond without doing anything. 67 This endpoint is used to check that the service is up. 68 69 This method is ``stable`` 70 """ 71 72 return self._makeApiCall(self.funcinfo["ping"], *args, **kwargs) 73 74 def listClients(self, *args, **kwargs): 75 """ 76 List Clients 77 78 Get a list of all clients. With `prefix`, only clients for which 79 it is a prefix of the clientId are returned. 80 81 By default this end-point will try to return up to 1000 clients in one 82 request. But it **may return less, even none**. 83 It may also return a `continuationToken` even though there are no more 84 results. However, you can only be sure to have seen all results if you 85 keep calling `listClients` with the last `continuationToken` until you 86 get a result without a `continuationToken`. 87 88 This method gives output: ``v1/list-clients-response.json#`` 89 90 This method is ``stable`` 91 """ 92 93 return self._makeApiCall(self.funcinfo["listClients"], *args, **kwargs) 94 95 def client(self, *args, **kwargs): 96 """ 97 Get Client 98 99 Get information about a single client. 100 101 This method gives output: ``v1/get-client-response.json#`` 102 103 This method is ``stable`` 104 """ 105 106 return self._makeApiCall(self.funcinfo["client"], *args, **kwargs) 107 108 def createClient(self, *args, **kwargs): 109 """ 110 Create Client 111 112 Create a new client and get the `accessToken` for this client. 113 You should store the `accessToken` from this API call as there is no 114 other way to retrieve it. 115 116 If you loose the `accessToken` you can call `resetAccessToken` to reset 117 it, and a new `accessToken` will be returned, but you cannot retrieve the 118 current `accessToken`. 119 120 If a client with the same `clientId` already exists this operation will 121 fail. Use `updateClient` if you wish to update an existing client. 122 123 The caller's scopes must satisfy `scopes`. 124 125 This method takes input: ``v1/create-client-request.json#`` 126 127 This method gives output: ``v1/create-client-response.json#`` 128 129 This method is ``stable`` 130 """ 131 132 return self._makeApiCall(self.funcinfo["createClient"], *args, **kwargs) 133 134 def resetAccessToken(self, *args, **kwargs): 135 """ 136 Reset `accessToken` 137 138 Reset a clients `accessToken`, this will revoke the existing 139 `accessToken`, generate a new `accessToken` and return it from this 140 call. 141 142 There is no way to retrieve an existing `accessToken`, so if you loose it 143 you must reset the accessToken to acquire it again. 144 145 This method gives output: ``v1/create-client-response.json#`` 146 147 This method is ``stable`` 148 """ 149 150 return self._makeApiCall(self.funcinfo["resetAccessToken"], *args, **kwargs) 151 152 def updateClient(self, *args, **kwargs): 153 """ 154 Update Client 155 156 Update an exisiting client. The `clientId` and `accessToken` cannot be 157 updated, but `scopes` can be modified. The caller's scopes must 158 satisfy all scopes being added to the client in the update operation. 159 If no scopes are given in the request, the client's scopes remain 160 unchanged 161 162 This method takes input: ``v1/create-client-request.json#`` 163 164 This method gives output: ``v1/get-client-response.json#`` 165 166 This method is ``stable`` 167 """ 168 169 return self._makeApiCall(self.funcinfo["updateClient"], *args, **kwargs) 170 171 def enableClient(self, *args, **kwargs): 172 """ 173 Enable Client 174 175 Enable a client that was disabled with `disableClient`. If the client 176 is already enabled, this does nothing. 177 178 This is typically used by identity providers to re-enable clients that 179 had been disabled when the corresponding identity's scopes changed. 180 181 This method gives output: ``v1/get-client-response.json#`` 182 183 This method is ``stable`` 184 """ 185 186 return self._makeApiCall(self.funcinfo["enableClient"], *args, **kwargs) 187 188 def disableClient(self, *args, **kwargs): 189 """ 190 Disable Client 191 192 Disable a client. If the client is already disabled, this does nothing. 193 194 This is typically used by identity providers to disable clients when the 195 corresponding identity's scopes no longer satisfy the client's scopes. 196 197 This method gives output: ``v1/get-client-response.json#`` 198 199 This method is ``stable`` 200 """ 201 202 return self._makeApiCall(self.funcinfo["disableClient"], *args, **kwargs) 203 204 def deleteClient(self, *args, **kwargs): 205 """ 206 Delete Client 207 208 Delete a client, please note that any roles related to this client must 209 be deleted independently. 210 211 This method is ``stable`` 212 """ 213 214 return self._makeApiCall(self.funcinfo["deleteClient"], *args, **kwargs) 215 216 def listRoles(self, *args, **kwargs): 217 """ 218 List Roles 219 220 Get a list of all roles, each role object also includes the list of 221 scopes it expands to. 222 223 This method gives output: ``v1/list-roles-response.json#`` 224 225 This method is ``stable`` 226 """ 227 228 return self._makeApiCall(self.funcinfo["listRoles"], *args, **kwargs) 229 230 def role(self, *args, **kwargs): 231 """ 232 Get Role 233 234 Get information about a single role, including the set of scopes that the 235 role expands to. 236 237 This method gives output: ``v1/get-role-response.json#`` 238 239 This method is ``stable`` 240 """ 241 242 return self._makeApiCall(self.funcinfo["role"], *args, **kwargs) 243 244 def createRole(self, *args, **kwargs): 245 """ 246 Create Role 247 248 Create a new role. 249 250 The caller's scopes must satisfy the new role's scopes. 251 252 If there already exists a role with the same `roleId` this operation 253 will fail. Use `updateRole` to modify an existing role. 254 255 Creation of a role that will generate an infinite expansion will result 256 in an error response. 257 258 This method takes input: ``v1/create-role-request.json#`` 259 260 This method gives output: ``v1/get-role-response.json#`` 261 262 This method is ``stable`` 263 """ 264 265 return self._makeApiCall(self.funcinfo["createRole"], *args, **kwargs) 266 267 def updateRole(self, *args, **kwargs): 268 """ 269 Update Role 270 271 Update an existing role. 272 273 The caller's scopes must satisfy all of the new scopes being added, but 274 need not satisfy all of the client's existing scopes. 275 276 An update of a role that will generate an infinite expansion will result 277 in an error response. 278 279 This method takes input: ``v1/create-role-request.json#`` 280 281 This method gives output: ``v1/get-role-response.json#`` 282 283 This method is ``stable`` 284 """ 285 286 return self._makeApiCall(self.funcinfo["updateRole"], *args, **kwargs) 287 288 def deleteRole(self, *args, **kwargs): 289 """ 290 Delete Role 291 292 Delete a role. This operation will succeed regardless of whether or not 293 the role exists. 294 295 This method is ``stable`` 296 """ 297 298 return self._makeApiCall(self.funcinfo["deleteRole"], *args, **kwargs) 299 300 def expandScopesGet(self, *args, **kwargs): 301 """ 302 Expand Scopes 303 304 Return an expanded copy of the given scopeset, with scopes implied by any 305 roles included. 306 307 This call uses the GET method with an HTTP body. It remains only for 308 backward compatibility. 309 310 This method takes input: ``v1/scopeset.json#`` 311 312 This method gives output: ``v1/scopeset.json#`` 313 314 This method is ``deprecated`` 315 """ 316 317 return self._makeApiCall(self.funcinfo["expandScopesGet"], *args, **kwargs) 318 319 def expandScopes(self, *args, **kwargs): 320 """ 321 Expand Scopes 322 323 Return an expanded copy of the given scopeset, with scopes implied by any 324 roles included. 325 326 This method takes input: ``v1/scopeset.json#`` 327 328 This method gives output: ``v1/scopeset.json#`` 329 330 This method is ``stable`` 331 """ 332 333 return self._makeApiCall(self.funcinfo["expandScopes"], *args, **kwargs) 334 335 def currentScopes(self, *args, **kwargs): 336 """ 337 Get Current Scopes 338 339 Return the expanded scopes available in the request, taking into account all sources 340 of scopes and scope restrictions (temporary credentials, assumeScopes, client scopes, 341 and roles). 342 343 This method gives output: ``v1/scopeset.json#`` 344 345 This method is ``stable`` 346 """ 347 348 return self._makeApiCall(self.funcinfo["currentScopes"], *args, **kwargs) 349 350 def awsS3Credentials(self, *args, **kwargs): 351 """ 352 Get Temporary Read/Write Credentials S3 353 354 Get temporary AWS credentials for `read-write` or `read-only` access to 355 a given `bucket` and `prefix` within that bucket. 356 The `level` parameter can be `read-write` or `read-only` and determines 357 which type of credentials are returned. Please note that the `level` 358 parameter is required in the scope guarding access. The bucket name must 359 not contain `.`, as recommended by Amazon. 360 361 This method can only allow access to a whitelisted set of buckets. To add 362 a bucket to that whitelist, contact the Taskcluster team, who will add it to 363 the appropriate IAM policy. If the bucket is in a different AWS account, you 364 will also need to add a bucket policy allowing access from the Taskcluster 365 account. That policy should look like this: 366 367 ``` 368 { 369 "Version": "2012-10-17", 370 "Statement": [ 371 { 372 "Sid": "allow-taskcluster-auth-to-delegate-access", 373 "Effect": "Allow", 374 "Principal": { 375 "AWS": "arn:aws:iam::692406183521:root" 376 }, 377 "Action": [ 378 "s3:ListBucket", 379 "s3:GetObject", 380 "s3:PutObject", 381 "s3:DeleteObject", 382 "s3:GetBucketLocation" 383 ], 384 "Resource": [ 385 "arn:aws:s3:::<bucket>", 386 "arn:aws:s3:::<bucket>/*" 387 ] 388 } 389 ] 390 } 391 ``` 392 393 The credentials are set to expire after an hour, but this behavior is 394 subject to change. Hence, you should always read the `expires` property 395 from the response, if you intend to maintain active credentials in your 396 application. 397 398 Please note that your `prefix` may not start with slash `/`. Such a prefix 399 is allowed on S3, but we forbid it here to discourage bad behavior. 400 401 Also note that if your `prefix` doesn't end in a slash `/`, the STS 402 credentials may allow access to unexpected keys, as S3 does not treat 403 slashes specially. For example, a prefix of `my-folder` will allow 404 access to `my-folder/file.txt` as expected, but also to `my-folder.txt`, 405 which may not be intended. 406 407 Finally, note that the `PutObjectAcl` call is not allowed. Passing a canned 408 ACL other than `private` to `PutObject` is treated as a `PutObjectAcl` call, and 409 will result in an access-denied error from AWS. This limitation is due to a 410 security flaw in Amazon S3 which might otherwise allow indefinite access to 411 uploaded objects. 412 413 **EC2 metadata compatibility**, if the querystring parameter 414 `?format=iam-role-compat` is given, the response will be compatible 415 with the JSON exposed by the EC2 metadata service. This aims to ease 416 compatibility for libraries and tools built to auto-refresh credentials. 417 For details on the format returned by EC2 metadata service see: 418 [EC2 User Guide](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#instance-metadata-security-credentials). 419 420 This method gives output: ``v1/aws-s3-credentials-response.json#`` 421 422 This method is ``stable`` 423 """ 424 425 return self._makeApiCall(self.funcinfo["awsS3Credentials"], *args, **kwargs) 426 427 def azureAccounts(self, *args, **kwargs): 428 """ 429 List Accounts Managed by Auth 430 431 Retrieve a list of all Azure accounts managed by Taskcluster Auth. 432 433 This method gives output: ``v1/azure-account-list-response.json#`` 434 435 This method is ``stable`` 436 """ 437 438 return self._makeApiCall(self.funcinfo["azureAccounts"], *args, **kwargs) 439 440 def azureTables(self, *args, **kwargs): 441 """ 442 List Tables in an Account Managed by Auth 443 444 Retrieve a list of all tables in an account. 445 446 This method gives output: ``v1/azure-table-list-response.json#`` 447 448 This method is ``stable`` 449 """ 450 451 return self._makeApiCall(self.funcinfo["azureTables"], *args, **kwargs) 452 453 def azureTableSAS(self, *args, **kwargs): 454 """ 455 Get Shared-Access-Signature for Azure Table 456 457 Get a shared access signature (SAS) string for use with a specific Azure 458 Table Storage table. 459 460 The `level` parameter can be `read-write` or `read-only` and determines 461 which type of credentials are returned. If level is read-write, it will create the 462 table if it doesn't already exist. 463 464 This method gives output: ``v1/azure-table-access-response.json#`` 465 466 This method is ``stable`` 467 """ 468 469 return self._makeApiCall(self.funcinfo["azureTableSAS"], *args, **kwargs) 470 471 def azureContainers(self, *args, **kwargs): 472 """ 473 List containers in an Account Managed by Auth 474 475 Retrieve a list of all containers in an account. 476 477 This method gives output: ``v1/azure-container-list-response.json#`` 478 479 This method is ``stable`` 480 """ 481 482 return self._makeApiCall(self.funcinfo["azureContainers"], *args, **kwargs) 483 484 def azureContainerSAS(self, *args, **kwargs): 485 """ 486 Get Shared-Access-Signature for Azure Container 487 488 Get a shared access signature (SAS) string for use with a specific Azure 489 Blob Storage container. 490 491 The `level` parameter can be `read-write` or `read-only` and determines 492 which type of credentials are returned. If level is read-write, it will create the 493 container if it doesn't already exist. 494 495 This method gives output: ``v1/azure-container-response.json#`` 496 497 This method is ``stable`` 498 """ 499 500 return self._makeApiCall(self.funcinfo["azureContainerSAS"], *args, **kwargs) 501 502 def sentryDSN(self, *args, **kwargs): 503 """ 504 Get DSN for Sentry Project 505 506 Get temporary DSN (access credentials) for a sentry project. 507 The credentials returned can be used with any Sentry client for up to 508 24 hours, after which the credentials will be automatically disabled. 509 510 If the project doesn't exist it will be created, and assigned to the 511 initial team configured for this component. Contact a Sentry admin 512 to have the project transferred to a team you have access to if needed 513 514 This method gives output: ``v1/sentry-dsn-response.json#`` 515 516 This method is ``stable`` 517 """ 518 519 return self._makeApiCall(self.funcinfo["sentryDSN"], *args, **kwargs) 520 521 def statsumToken(self, *args, **kwargs): 522 """ 523 Get Token for Statsum Project 524 525 Get temporary `token` and `baseUrl` for sending metrics to statsum. 526 527 The token is valid for 24 hours, clients should refresh after expiration. 528 529 This method gives output: ``v1/statsum-token-response.json#`` 530 531 This method is ``stable`` 532 """ 533 534 return self._makeApiCall(self.funcinfo["statsumToken"], *args, **kwargs) 535 536 def webhooktunnelToken(self, *args, **kwargs): 537 """ 538 Get Token for Webhooktunnel Proxy 539 540 Get temporary `token` and `id` for connecting to webhooktunnel 541 The token is valid for 96 hours, clients should refresh after expiration. 542 543 This method gives output: ``v1/webhooktunnel-token-response.json#`` 544 545 This method is ``stable`` 546 """ 547 548 return self._makeApiCall(self.funcinfo["webhooktunnelToken"], *args, **kwargs) 549 550 def authenticateHawk(self, *args, **kwargs): 551 """ 552 Authenticate Hawk Request 553 554 Validate the request signature given on input and return list of scopes 555 that the authenticating client has. 556 557 This method is used by other services that wish rely on Taskcluster 558 credentials for authentication. This way we can use Hawk without having 559 the secret credentials leave this service. 560 561 This method takes input: ``v1/authenticate-hawk-request.json#`` 562 563 This method gives output: ``v1/authenticate-hawk-response.json#`` 564 565 This method is ``stable`` 566 """ 567 568 return self._makeApiCall(self.funcinfo["authenticateHawk"], *args, **kwargs) 569 570 def testAuthenticate(self, *args, **kwargs): 571 """ 572 Test Authentication 573 574 Utility method to test client implementations of Taskcluster 575 authentication. 576 577 Rather than using real credentials, this endpoint accepts requests with 578 clientId `tester` and accessToken `no-secret`. That client's scopes are 579 based on `clientScopes` in the request body. 580 581 The request is validated, with any certificate, authorizedScopes, etc. 582 applied, and the resulting scopes are checked against `requiredScopes` 583 from the request body. On success, the response contains the clientId 584 and scopes as seen by the API method. 585 586 This method takes input: ``v1/test-authenticate-request.json#`` 587 588 This method gives output: ``v1/test-authenticate-response.json#`` 589 590 This method is ``stable`` 591 """ 592 593 return self._makeApiCall(self.funcinfo["testAuthenticate"], *args, **kwargs) 594 595 def testAuthenticateGet(self, *args, **kwargs): 596 """ 597 Test Authentication (GET) 598 599 Utility method similar to `testAuthenticate`, but with the GET method, 600 so it can be used with signed URLs (bewits). 601 602 Rather than using real credentials, this endpoint accepts requests with 603 clientId `tester` and accessToken `no-secret`. That client's scopes are 604 `['test:*', 'auth:create-client:test:*']`. The call fails if the 605 `test:authenticate-get` scope is not available. 606 607 The request is validated, with any certificate, authorizedScopes, etc. 608 applied, and the resulting scopes are checked, just like any API call. 609 On success, the response contains the clientId and scopes as seen by 610 the API method. 611 612 This method may later be extended to allow specification of client and 613 required scopes via query arguments. 614 615 This method gives output: ``v1/test-authenticate-response.json#`` 616 617 This method is ``stable`` 618 """ 619 620 return self._makeApiCall(self.funcinfo["testAuthenticateGet"], *args, **kwargs) 621 622 funcinfo = { 623 "authenticateHawk": { 624 'args': [], 625 'input': 'v1/authenticate-hawk-request.json#', 626 'method': 'post', 627 'name': 'authenticateHawk', 628 'output': 'v1/authenticate-hawk-response.json#', 629 'route': '/authenticate-hawk', 630 'stability': 'stable', 631 }, 632 "awsS3Credentials": { 633 'args': ['level', 'bucket', 'prefix'], 634 'method': 'get', 635 'name': 'awsS3Credentials', 636 'output': 'v1/aws-s3-credentials-response.json#', 637 'query': ['format'], 638 'route': '/aws/s3/<level>/<bucket>/<prefix>', 639 'stability': 'stable', 640 }, 641 "azureAccounts": { 642 'args': [], 643 'method': 'get', 644 'name': 'azureAccounts', 645 'output': 'v1/azure-account-list-response.json#', 646 'route': '/azure/accounts', 647 'stability': 'stable', 648 }, 649 "azureContainerSAS": { 650 'args': ['account', 'container', 'level'], 651 'method': 'get', 652 'name': 'azureContainerSAS', 653 'output': 'v1/azure-container-response.json#', 654 'route': '/azure/<account>/containers/<container>/<level>', 655 'stability': 'stable', 656 }, 657 "azureContainers": { 658 'args': ['account'], 659 'method': 'get', 660 'name': 'azureContainers', 661 'output': 'v1/azure-container-list-response.json#', 662 'query': ['continuationToken'], 663 'route': '/azure/<account>/containers', 664 'stability': 'stable', 665 }, 666 "azureTableSAS": { 667 'args': ['account', 'table', 'level'], 668 'method': 'get', 669 'name': 'azureTableSAS', 670 'output': 'v1/azure-table-access-response.json#', 671 'route': '/azure/<account>/table/<table>/<level>', 672 'stability': 'stable', 673 }, 674 "azureTables": { 675 'args': ['account'], 676 'method': 'get', 677 'name': 'azureTables', 678 'output': 'v1/azure-table-list-response.json#', 679 'query': ['continuationToken'], 680 'route': '/azure/<account>/tables', 681 'stability': 'stable', 682 }, 683 "client": { 684 'args': ['clientId'], 685 'method': 'get', 686 'name': 'client', 687 'output': 'v1/get-client-response.json#', 688 'route': '/clients/<clientId>', 689 'stability': 'stable', 690 }, 691 "createClient": { 692 'args': ['clientId'], 693 'input': 'v1/create-client-request.json#', 694 'method': 'put', 695 'name': 'createClient', 696 'output': 'v1/create-client-response.json#', 697 'route': '/clients/<clientId>', 698 'stability': 'stable', 699 }, 700 "createRole": { 701 'args': ['roleId'], 702 'input': 'v1/create-role-request.json#', 703 'method': 'put', 704 'name': 'createRole', 705 'output': 'v1/get-role-response.json#', 706 'route': '/roles/<roleId>', 707 'stability': 'stable', 708 }, 709 "currentScopes": { 710 'args': [], 711 'method': 'get', 712 'name': 'currentScopes', 713 'output': 'v1/scopeset.json#', 714 'route': '/scopes/current', 715 'stability': 'stable', 716 }, 717 "deleteClient": { 718 'args': ['clientId'], 719 'method': 'delete', 720 'name': 'deleteClient', 721 'route': '/clients/<clientId>', 722 'stability': 'stable', 723 }, 724 "deleteRole": { 725 'args': ['roleId'], 726 'method': 'delete', 727 'name': 'deleteRole', 728 'route': '/roles/<roleId>', 729 'stability': 'stable', 730 }, 731 "disableClient": { 732 'args': ['clientId'], 733 'method': 'post', 734 'name': 'disableClient', 735 'output': 'v1/get-client-response.json#', 736 'route': '/clients/<clientId>/disable', 737 'stability': 'stable', 738 }, 739 "enableClient": { 740 'args': ['clientId'], 741 'method': 'post', 742 'name': 'enableClient', 743 'output': 'v1/get-client-response.json#', 744 'route': '/clients/<clientId>/enable', 745 'stability': 'stable', 746 }, 747 "expandScopes": { 748 'args': [], 749 'input': 'v1/scopeset.json#', 750 'method': 'post', 751 'name': 'expandScopes', 752 'output': 'v1/scopeset.json#', 753 'route': '/scopes/expand', 754 'stability': 'stable', 755 }, 756 "expandScopesGet": { 757 'args': [], 758 'input': 'v1/scopeset.json#', 759 'method': 'get', 760 'name': 'expandScopesGet', 761 'output': 'v1/scopeset.json#', 762 'route': '/scopes/expand', 763 'stability': 'deprecated', 764 }, 765 "listClients": { 766 'args': [], 767 'method': 'get', 768 'name': 'listClients', 769 'output': 'v1/list-clients-response.json#', 770 'query': ['prefix', 'continuationToken', 'limit'], 771 'route': '/clients/', 772 'stability': 'stable', 773 }, 774 "listRoles": { 775 'args': [], 776 'method': 'get', 777 'name': 'listRoles', 778 'output': 'v1/list-roles-response.json#', 779 'route': '/roles/', 780 'stability': 'stable', 781 }, 782 "ping": { 783 'args': [], 784 'method': 'get', 785 'name': 'ping', 786 'route': '/ping', 787 'stability': 'stable', 788 }, 789 "resetAccessToken": { 790 'args': ['clientId'], 791 'method': 'post', 792 'name': 'resetAccessToken', 793 'output': 'v1/create-client-response.json#', 794 'route': '/clients/<clientId>/reset', 795 'stability': 'stable', 796 }, 797 "role": { 798 'args': ['roleId'], 799 'method': 'get', 800 'name': 'role', 801 'output': 'v1/get-role-response.json#', 802 'route': '/roles/<roleId>', 803 'stability': 'stable', 804 }, 805 "sentryDSN": { 806 'args': ['project'], 807 'method': 'get', 808 'name': 'sentryDSN', 809 'output': 'v1/sentry-dsn-response.json#', 810 'route': '/sentry/<project>/dsn', 811 'stability': 'stable', 812 }, 813 "statsumToken": { 814 'args': ['project'], 815 'method': 'get', 816 'name': 'statsumToken', 817 'output': 'v1/statsum-token-response.json#', 818 'route': '/statsum/<project>/token', 819 'stability': 'stable', 820 }, 821 "testAuthenticate": { 822 'args': [], 823 'input': 'v1/test-authenticate-request.json#', 824 'method': 'post', 825 'name': 'testAuthenticate', 826 'output': 'v1/test-authenticate-response.json#', 827 'route': '/test-authenticate', 828 'stability': 'stable', 829 }, 830 "testAuthenticateGet": { 831 'args': [], 832 'method': 'get', 833 'name': 'testAuthenticateGet', 834 'output': 'v1/test-authenticate-response.json#', 835 'route': '/test-authenticate-get/', 836 'stability': 'stable', 837 }, 838 "updateClient": { 839 'args': ['clientId'], 840 'input': 'v1/create-client-request.json#', 841 'method': 'post', 842 'name': 'updateClient', 843 'output': 'v1/get-client-response.json#', 844 'route': '/clients/<clientId>', 845 'stability': 'stable', 846 }, 847 "updateRole": { 848 'args': ['roleId'], 849 'input': 'v1/create-role-request.json#', 850 'method': 'post', 851 'name': 'updateRole', 852 'output': 'v1/get-role-response.json#', 853 'route': '/roles/<roleId>', 854 'stability': 'stable', 855 }, 856 "webhooktunnelToken": { 857 'args': [], 858 'method': 'get', 859 'name': 'webhooktunnelToken', 860 'output': 'v1/webhooktunnel-token-response.json#', 861 'route': '/webhooktunnel', 862 'stability': 'stable', 863 }, 864 } 865 866 867__all__ = ['createTemporaryCredentials', 'config', '_defaultConfig', 'createApiClient', 'createSession', 'Auth'] 868