Merge pull request #607 from mbonish/dx_update

adorton-adobe · web-flow · commit 9fcd6055c6ac · 2020-09-16T15:46:01.000-06:00
Update UST/doc for api_key and tech_acct
diff --git a/docs/en/user-manual/configuring_user_sync_tool.md b/docs/en/user-manual/configuring_user_sync_tool.md
@@ -124,9 +124,9 @@ editor, and enter these values in the “enterprise” section:
 ```YAML
 enterprise:
   org_id: "Organization ID goes here"
-  api_key: "API key goes here"
+  client_id: "Client ID goes here"
   client_secret: "Client Secret goes here"
-  tech_acct: "Tech Account ID goes here"
+  tech_acct_id: "Tech Account ID goes here"
   priv_key_path: "Path to Private Certificate goes here"
 ```
 
@@ -506,9 +506,9 @@ server:
 
 enterprise:
   org_id: "Org ID goes here"
-  api_key: "API key goes here"
+  client_id: "Client ID goes here"
   client_secret: "Client secret goes here"
-  tech_acct: "Tech account ID goes here"
+  tech_acct_id: "Tech account ID goes here"
   priv_key_path: "Path to private.key goes here"
   # priv_key_data: "actual key data goes here" # This is an alternative to priv_key_path
 ```
diff --git a/docs/en/user-manual/deployment_best_practices.md b/docs/en/user-manual/deployment_best_practices.md
@@ -83,12 +83,12 @@ connector-umapi.yml
 	
 	enterprise:
 	  org_id: your org id
-	  secure_api_key_key: umapi_api_key
+	  secure_client_id_key: client_id
 	  secure_client_secret_key: umapi_client_secret
-	  tech_acct: your tech account@techacct.adobe.com
+	  tech_acct_id: your tech account@techacct.adobe.com
 	  secure_priv_key_data_key: umapi_private_key_data
 
-Note the change of `api_key`, `client_secret`, and `priv_key_path` to `secure_api_key_key`, `secure_client_secret_key`, and `secure_priv_key_data_key`, respectively.  These alternate configuration values give the key names to be looked up in the user keychain (or the equivalent service on other platforms) to retrieve the actual credential values.  In this example, the credential key names are `umapi_api_key`, `umapi_client_secret`, and `umapi_private_key_data`.
+Note the change of `client_id`, `client_secret`, and `priv_key_path` to `secure_client_id_key`, `secure_client_secret_key`, and `secure_priv_key_data_key`, respectively.  These alternate configuration values give the key names to be looked up in the user keychain (or the equivalent service on other platforms) to retrieve the actual credential values.  In this example, the credential key names are `umapi_client_id`, `umapi_client_secret`, and `umapi_private_key_data`.
 
 The contents of the private key file is used as the value of `umapi_private_key_data` in the credential store.  This can only be done on platforms other than Windows.  See below for how to secure the
 private key file on Windows.
@@ -118,9 +118,9 @@ private key file, respectively:
 	
 	enterprise:
 	  org_id: your org id
-	  secure_api_key_key: umapi_api_key
+	  secure_client_id_key: umapi_client_id
 	  secure_client_secret_key: umapi_client_secret
-	  tech_acct: your tech account@techacct.adobe.com
+	  tech_acct_id: your tech account@techacct.adobe.com
 	  secure_priv_key_pass_key: umapi_private_key_passphrase
 	  priv_key_path: private-encrypted.key
 
diff --git a/examples/config files - basic/connector-adobe-console.yml b/examples/config files - basic/connector-adobe-console.yml
@@ -35,9 +35,9 @@ server:
 # if relative, it is interpreted relative to this configuration file.]
 integration:
   org_id: "Org ID goes here"
-  api_key: "API key goes here"
+  client_id: "Client ID goes here"
   client_secret: "Client secret goes here"
-  tech_acct: "Tech account ID goes here"
+  tech_acct_id: "Tech account ID goes here"
   priv_key_path: "private.key"
 
   # (optional) As an alternative to priv_key_path, you can place the private key
@@ -54,11 +54,11 @@ integration:
   # (Windows Credential Manager, Mac Keychain, Linux Freedesktop Secret Service
   # or KWallet - these will be built into the Linux distribution).
   # To use this feature, uncomment the following entries and remove the
-  # api_key, client_secret, and priv_key_data above.
+  #client_id, client_secret, and priv_key_data above.
   # The actual credential values are placed in the credential store with the
   # username as the org_id value, and the key name (perhaps called internet
   # or network address) as one of the values below.
-  #secure_api_key_key: umapi_api_key
+  #secure_client_id_key: umapi_client_id
   #secure_client_secret_key: umapi_client_secret
   #secure_priv_key_data_key: umapi_private_key_data
   # Note: the Windows credential store generally can't store data as large as a private
diff --git a/examples/config files - basic/connector-umapi.yml b/examples/config files - basic/connector-umapi.yml
@@ -46,9 +46,9 @@ server:
 # if relative, it is interpreted relative to this configuration file.]
 enterprise:
   org_id: "Org ID goes here"
-  api_key: "API key goes here"
+  client_id: "Client ID goes here"
   client_secret: "Client secret goes here"
-  tech_acct: "Tech account ID goes here"
+  tech_acct_id: "Tech account ID goes here"
   priv_key_path: "private.key"
 
   # (optional) As an alternative to priv_key_path, you can place the private key 
@@ -65,11 +65,11 @@ enterprise:
   # (Windows Credential Manager, Mac Keychain, Linux Freedesktop Secret Service
   # or KWallet - these will be built into the Linux distribution).
   # To use this feature, uncomment the following entries and remove the
-  # api_key, client_secret, and priv_key_data above.
+  # client_id, client_secret, and priv_key_data above.
   # The actual credential values are placed in the credential store with the
   # username as the org_id value, and the key name (perhaps called internet 
   # or network address) as one of the values below.
-  #secure_api_key_key: umapi_api_key
+  #secure_client_id: umapi_client_id
   #secure_client_secret_key: umapi_client_secret
   #secure_priv_key_data_key: umapi_private_key_data
   # Note: the Windows credential store generally can't store data as large as a private
diff --git a/tests/fixture/connector-umapi.yml b/tests/fixture/connector-umapi.yml
@@ -3,7 +3,7 @@ server:
   ims_host: ims-na1.adobelogin.com
 enterprise:
   org_id: "org_id"
-  api_key: "api_key"
+  client_id: "client_id"
   client_secret: "client_secret"
-  tech_acct: "tech_acct"
+  tech_acct_id: "tech_acct_id"
   priv_key_path: private.key
diff --git a/user_sync/connector/directory_adobe_console.py b/user_sync/connector/directory_adobe_console.py
@@ -90,7 +90,8 @@ def __init__(self, caller_options):
         enterprise_config = caller_config.get_dict_config('integration')
         integration_builder = user_sync.config.OptionsBuilder(enterprise_config)
         integration_builder.require_string_value('org_id')
-        integration_builder.require_string_value('tech_acct')
+        tech_field = 'tech_acct_id' if 'tech_acct_id' in enterprise_config else 'tech_acct'
+        integration_builder.require_string_value(tech_field)
         options['integration'] = integration_options = integration_builder.get_options()
 
         self.logger = logger = user_sync.connector.helper.create_logger(options)
@@ -100,7 +101,7 @@ def __init__(self, caller_options):
 
         ims_host = server_options['ims_host']
         self.org_id = org_id = integration_options['org_id']
-        auth_dict = make_auth_dict(self.name, enterprise_config, org_id, integration_options['tech_acct'], logger)
+        auth_dict = make_auth_dict(self.name, enterprise_config, org_id, integration_options[tech_field], logger)
 
         # this check must come after we fetch all the settings
         caller_config.report_unused_values(logger)
diff --git a/user_sync/connector/umapi.py b/user_sync/connector/umapi.py
@@ -71,7 +71,8 @@ def __init__(self, name, caller_options):
         enterprise_config = caller_config.get_dict_config('enterprise')
         enterprise_builder = user_sync.config.OptionsBuilder(enterprise_config)
         enterprise_builder.require_string_value('org_id')
-        enterprise_builder.require_string_value('tech_acct')
+        tech_field = 'tech_acct_id' if 'tech_acct_id' in enterprise_config else 'tech_acct'
+        enterprise_builder.require_string_value(tech_field)
         options['enterprise'] = enterprise_options = enterprise_builder.get_options()
         self.options = options
         self.logger = logger = user_sync.connector.helper.create_logger(options)
@@ -81,7 +82,7 @@ def __init__(self, name, caller_options):
 
         ims_host = server_options['ims_host']
         self.org_id = org_id = enterprise_options['org_id']
-        auth_dict = make_auth_dict(self.name, enterprise_config, org_id, enterprise_options['tech_acct'], logger)
+        auth_dict = make_auth_dict(self.name, enterprise_config, org_id, enterprise_options[tech_field], logger)
         # this check must come after we fetch all the settings
         enterprise_config.report_unused_values(logger)
         # open the connection
diff --git a/user_sync/connector/umapi_util.py b/user_sync/connector/umapi_util.py
@@ -3,10 +3,16 @@
 
 
 def make_auth_dict(name, config, org_id, tech_acct, logger):
+    api_field = 'client_id' if 'client_id' in config or 'secure_client_id_key' in config else "api_key"
+    if "api_key" in config and "client_id" in config:
+        #word to be the same thing--take out api key--
+        raise AssertionException('Cannot contain setting for both "api_key" and "client_id"(both fields set the same value). Please use "client_id."')
+    if "api_key" in config and "secure_client_id" in config:
+        raise AssertionException('Cannot contain setting for both "api_key" and "secure_client_id_key"(both fields set the same value). Please use "secure_client_id_key"')
     auth_dict = {
         'org_id': org_id,
         'tech_acct_id': tech_acct,
-        'api_key': config.get_credential('api_key', org_id),
+        'api_key': config.get_credential(api_field, org_id),
         'client_secret': config.get_credential('client_secret', org_id),
     }
     # get the private key
