IAMService

IAMService class encapsulates connection to the IAM service for a given VO

class DIRAC.Core.Security.IAMService.IAMService(access_token, vo=None, forceNickname=False)

Bases: object

__init__(access_token, vo=None, forceNickname=False)

c’tor

Parameters:
  • access_token (str) – the token used to talk to IAM, with the scim:read property

  • vo (str) – name of the virtual organization (community)

  • forceNickname (bool) – if enforce the presence of a nickname attribute and do not fall back to username in IAM

convert_iam_to_voms(iam_output)

Convert an IAM entry into the voms style, i.e. DN based

getUsers()

Extract users from IAM user dump.

Returns:

dictionary of: “Users”: user dictionary keyed by the user DN, “Errors”: list of error messages

DIRAC.Core.Security.IAMService.convert_dn(inStr)

Convert a string separated DN into the slash one, like CN=Christophe Haen,CN=705305,CN=chaen,OU=Users,OU=Organic Units,DC=cern,DC=ch /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=chaen/CN=705305/CN=Christophe Haen