AdminTokenRequest¶
- pydantic model gafaelfawr.models.token.AdminTokenRequest¶
A request to create a new token via the admin interface.
- Parameters:
data (
Any)
Show JSON schema
{ "title": "AdminTokenRequest", "description": "A request to create a new token via the admin interface.", "type": "object", "properties": { "username": { "description": "The username may only contain lowercase letters, digits, and hyphen-minus, and may not start or end with a dash", "examples": [ "some-service" ], "maxLength": 64, "minLength": 1, "pattern": "^[a-z0-9](?:[a-z0-9]|-[a-z0-9])*[a-z](?:[a-z0-9]|-[a-z0-9])*$", "title": "User for which to issue a token", "type": "string" }, "token_type": { "$ref": "#/$defs/TokenType", "description": "Must be either ``service`` or ``user``", "examples": [ "service" ], "title": "Token type" }, "token_name": { "anyOf": [ { "maxLength": 64, "minLength": 1, "type": "string" }, { "type": "null" } ], "default": null, "description": "Only provide this field for a token type of ``user``", "examples": [ "laptop token" ], "title": "User-given name of the token" }, "scopes": { "$ref": "#/$defs/Scopes", "default": [], "examples": [ [ "read:all" ] ], "title": "Token scopes" }, "expires": { "anyOf": [ { "$ref": "#/$defs/UtcDatetime" }, { "type": "null" } ], "default": null, "description": "Expiration timestamp of the token in seconds since epoch, or omitted to never expire", "examples": [ 1616986130 ], "title": "Token expiration" }, "name": { "anyOf": [ { "minLength": 1, "type": "string" }, { "type": "null" } ], "default": null, "description": "If a value is not provided, and LDAP is configured, the full name from the LDAP entry for that username will be used", "examples": [ "Service User" ], "title": "Preferred full name" }, "email": { "anyOf": [ { "minLength": 1, "type": "string" }, { "type": "null" } ], "default": null, "description": "If a value is not provided, and LDAP is configured, the email address from the LDAP entry for that username will be used", "examples": [ "service@example.com" ], "title": "Email address" }, "uid": { "anyOf": [ { "minimum": 1, "type": "integer" }, { "type": "null" } ], "default": null, "description": "If a value is not provided, and Firestore or LDAP are configured, the UID from Firestore (preferred) or the LDAP entry for that username will be used", "examples": [ 4131 ], "title": "UID number" }, "gid": { "anyOf": [ { "minimum": 1, "type": "integer" }, { "type": "null" } ], "default": null, "description": "GID of primary group. If set, should correspond to the id of a group of which the user is a member. If a value is not provided and LDAP is configured to add user private groups, it will be set to the same value as the UID.", "examples": [ 4123 ], "title": "Primary GID" }, "groups": { "anyOf": [ { "items": { "$ref": "#/$defs/Group" }, "type": "array" }, { "type": "null" } ], "default": null, "description": "Groups of which the user is a member. If a value is not provided, and LDAP is configured, the group membership from LDAP will be used", "title": "Groups" } }, "$defs": { "Group": { "description": "Information about a single group.", "properties": { "name": { "examples": [ "g_special_users" ], "minLength": 1, "pattern": "^[a-zA-Z0-9][a-zA-Z0-9._-]*[a-zA-Z][a-zA-Z0-9._-]*$", "title": "Name of the group", "type": "string" }, "id": { "examples": [ 123181 ], "title": "Numeric GID of the group", "type": "integer" } }, "required": [ "name", "id" ], "title": "Group", "type": "object" }, "Scopes": {}, "TokenType": { "description": "The class of token.", "enum": [ "session", "user", "notebook", "internal", "service", "oidc" ], "title": "TokenType", "type": "string" }, "UtcDatetime": { "format": "date-time", "type": "string" } }, "required": [ "username", "token_type" ] }
- Fields:
- Validators:
_valid_token_name»token_name_valid_token_type»token_type
- field email: str | None = None¶
If a value is not provided, and LDAP is configured, the email address from the LDAP entry for that username will be used
- Constraints:
min_length = 1
- field expires: UtcDatetime | None = None¶
Expiration timestamp of the token in seconds since epoch, or omitted to never expire
- field gid: int | None = None¶
GID of primary group. If set, should correspond to the id of a group of which the user is a member. If a value is not provided and LDAP is configured to add user private groups, it will be set to the same value as the UID.
- Constraints:
ge = 1
- field groups: list[Group] | None = None¶
Groups of which the user is a member. If a value is not provided, and LDAP is configured, the group membership from LDAP will be used
- field name: str | None = None¶
If a value is not provided, and LDAP is configured, the full name from the LDAP entry for that username will be used
- Constraints:
min_length = 1
- field scopes: Scopes = {}¶
- field token_name: str | None = None¶
Only provide this field for a token type of
user- Constraints:
min_length = 1
max_length = 64
- Validated by:
_valid_token_name
- field token_type: TokenType [Required]¶
Must be either
serviceoruser- Validated by:
_valid_token_type
- field uid: int | None = None¶
If a value is not provided, and Firestore or LDAP are configured, the UID from Firestore (preferred) or the LDAP entry for that username will be used
- Constraints:
ge = 1
- field username: str [Required]¶
The username may only contain lowercase letters, digits, and hyphen-minus, and may not start or end with a dash
- Constraints:
min_length = 1
max_length = 64
pattern = ^[a-z0-9](?:[a-z0-9]|-[a-z0-9])*[a-z](?:[a-z0-9]|-[a-z0-9])*$