GitLocker: The Coding Marketplace

Description:

opaclient 0.1.0

opa-python-client

Abstract
build.security provides simple development and management for your organization's authorization policy.
opa-python-client is a Python 3 package that performs authorization requests against build.security PDPs (Policy Decision Point)/OPA.
Data Flow

Usage
Before you start we recommend completing the onboarding tutorial.

Important note
To simplify the setup process, the following example uses a local build.security PDP instance.
If you are already familiar with how to run your PDP, You can also run a PDP on your environment (Dev/Prod, etc).
In that case, don't forget to change the hostname and port in your code.

Simple usage
Initialize the client, initialize some input for the PDP, and make a request:
from from opaclient import PolicyDecisionPointClient, PolicyDecisionPointInput, AuthzException

client = PolicyDecisionPointClient(hostname='http://some.host', port=8181,
policy_path='mypolicy', read_timeout_milliseconds=100, connection_timeout_milliseconds=100,
retry_max_attempts=5, retry_backoff_milliseconds=1000)

input = PolicyDecisionPointInput(schema='http', method='POST', more_authz_context=some_value,
even_more_authz_context=some_other_value=some_other_value)

try:
authz = client.authorize(input)
except AuthzException as e:
raise

if authz:
print('The request has been authorized!')

Mandatory configuration to initialize the client

hostname - The hostname of the Policy Decision Point (PDP)
port - The port at which the PDP service is serving authz decisions
policy_path - Full path to the policy (including the rule) that decides whether requests should be authorized

How to get your pdp's hostname and port?
Optional configuration

retry_max_attempts - the maximum number of retry attempts in case a failure occurs. Default is 2.
read_timeout_milliseconds - Read timeout for requests in milliseconds. Default is 5000
connection_timeout_milliseconds - Connection timeout in milliseconds. Default is 5000
retry_backoff_milliseconds - The number of milliseconds to wait between two consecutive retry attempts. Default is 250