feat (TokenManager): add a way to get token without cache

DIRACGrid · Sep 11, 2024 · 1ad8193 · 1ad8193
1 parent 2351380
commit 1ad8193
Showing 1 changed file with 65 additions and 1 deletion.
diff --git a/src/DIRAC/FrameworkSystem/Client/TokenManagerClient.py b/src/DIRAC/FrameworkSystem/Client/TokenManagerClient.py
@@ -1,6 +1,7 @@
 """ The TokenManagerClient is a class representing the client of the DIRAC
 :py:mod:`TokenManager <DIRAC.FrameworkSystem.Service.TokenManagerHandler>` service.
 """
+
 import time
 
 from DIRAC import S_OK, S_ERROR
@@ -31,7 +32,6 @@ def __init__(self, **kwargs):
         self.__tokensCache = DictCache()
         self.idps = IdProviderFactory()
 
-    @gTokensSync
     def getToken(
         self,
         username: str = None,
@@ -40,6 +40,70 @@ def getToken(
         audience: str = None,
         identityProvider: str = None,
         requiredTimeLeft: int = 0,
+        useCache: bool = True,
+    ):
+        """Get an access token for a user/group
+
+        :param username: user name
+        :param userGroup: group name
+        :param scope: scope
+        :param audience: audience
+        :param identityProvider: identity Provider
+        :param requiredTimeLeft: required time
+        :param cacheToken: if True (default) save the token in cache.
+                Otherwise it is not cached but it avoids the lock
+
+        :return: S_OK(dict)/S_ERROR()
+        """
+        meth = self.getTokenWithCache if useCache else self.getTokenWithoutCache
+
+        return meth(
+            username=username,
+            userGroup=userGroup,
+            scope=scope,
+            audience=audience,
+            identityProvider=identityProvider,
+            requiredTimeLeft=requiredTimeLeft,
+        )
+
+    def getTokenWithoutCache(
+        self,
+        username: str = None,
+        userGroup: str = None,
+        scope: list[str] = None,
+        audience: str = None,
+        identityProvider: str = None,
+        requiredTimeLeft: int = 0,
+    ):
+        """Get an access token for a user/group without caching it
+
+        :param username: user name
+        :param userGroup: group name
+        :param scope: scope
+        :param audience: audience
+        :param identityProvider: identity Provider
+        :param requiredTimeLeft: required time
+
+        :return: S_OK(dict)/S_ERROR()
+        """
+        # Get an IdProvider Client instance
+        result = getIdProviderClient(userGroup, identityProvider)
+        if not result["OK"]:
+            return result
+        idpObj = result["Value"]
+
+        # No token in cache: get a token from the server
+        return self.executeRPC(username, userGroup, scope, audience, idpObj.name, requiredTimeLeft, call="getToken")
+
+    @gTokensSync
+    def getTokenWithCache(
+        self,
+        username: str = None,
+        userGroup: str = None,
+        scope: list[str] = None,
+        audience: str = None,
+        identityProvider: str = None,
+        requiredTimeLeft: int = 0,
     ):
         """Get an access token for a user/group keeping the local cache