pyeudiw empowers developers to harness multiple storage solutions with replication capabilities.
It establishes a versatile abstract storage interface, BaseDB,
featuring crucial methods:
_connect: establishes a connection to the storageclose: closes the connection.
This foundational class serves as base for both BaseStorage and
BaseCache,
extending its capabilities to include essential database querying methods.
The BaseStorage class can be extended by implementing the following methods:
__init__is_connected_connectcloseget_by_idget_by_nonce_stateget_by_session_idget_by_state_and_session_idinit_sessionset_session_retention_ttlhas_session_retention_ttladd_dpop_proof_and_attestationupdate_request_objectset_finalizedupdate_response_object_get_trust_attestationget_trust_attestationget_trust_anchor_has_trust_attestationhas_trust_attestationhas_trust_anchor_update_attestation_metadata_update_anchor_metadataadd_trust_attestationadd_trust_attestation_metadataadd_trust_anchor_update_trust_attestationupdate_trust_attestationupdate_trust_anchor
Each method and its parameter is documented in the source file.
The BaseCache class implements the following methods:
try_retrieve: return a tuple with the retrieved object and a status from cache by param nameoverwrite: overrides the object value present in the cache.set: sets the object value in the cache.
In the realm of pyeudiw, seamless integration with MongoDB is facilitated through specialized classes, namely
MongoStorage and MongoCache.
These classes not only offer a robust implementation but also serve as tangible representations of the abstract base
classes, BaseStorage and BaseCache.
This classes can be used as references while providing a custom implementation for other databases.
For a complete list of the MongoDB configuration parameters, see README.SATOSA.md
[
{
"_id": ObjectId,
"entity_id": string,
"federation": {
"entity_configuration": str(EC), -> EC contains the federation entity public keys,
"exp": datetime
},
"x509": {
"pem": str(PEM) -> contains public keys,
"exp": datetime
}
}
]| Name | Description |
|---|---|
_id |
Unique identifier in MongoDB. |
entity_id |
The string which uniquely identifies the entity. |
[
{
"_id": ObjectId,
"entity_id": string,
"federation" : {
"chain": ARRAY[EC,ES,ES],
"exp": datetime,
"update": datetime,
"jwks": {
"keys": ARRAY[object]
},
},
"x509": {
"x5c": ARRAY[bytestring(DER), bytestring(DER), bytestring(DER)] -> contains public keys,
"exp": datetime,
"jwks": {
"keys": ARRAY[object]
},
},
"direct_trust_sd_jwt_vc": {
"jwks": {
"keys": ARRAY[object]
}
}
"metadata": object
}
]| Name | Description |
|---|---|
_id |
Unique identifier in MongoDB. |
entity_id |
The string which uniquely identifies the entity. |
metadata |
Object containing additional properties. |
[
{
"_id": ObjectId,
"document_id": uuidv4,
"creation_date": datetime,
"state": uuidv4,
"session_id": "urn:uuid:"uuidv4,
"remote_flow_typ": string,
"finalized": boolean,
"internal_response": object
}
]| Name | Description |
|---|---|
_id |
Unique identifier in MongoDB. |
document_id |
A unique identifier shared among each database. |
creation_date |
Creation date of the session. |
state |
A unique identifier used to identify a session even among different devices. |
session_id |
Session id. Used to identify cross device flows. |
remote_flow_typ |
A string value specifying the holder authentication flow, same device or cross device |
finalized |
A boolean value which indicates if the session is finilazed or not (user scanned the QR Code or used the redirect link). |
internal_response |
The object containing the personal data, null until login. |