ai_v/venv/Lib/site-packages/alibabacloud_credentials/client.py

from functools import wraps

from alibabacloud_credentials_api import ICredentialsProvider
from alibabacloud_credentials import credentials
from alibabacloud_credentials.exceptions import CredentialException
from alibabacloud_credentials.models import Config, CredentialModel
from alibabacloud_credentials.http import HttpOptions
from alibabacloud_credentials.provider import (StaticAKCredentialsProvider,
                                               StaticSTSCredentialsProvider,
                                               RamRoleArnCredentialsProvider,
                                               OIDCRoleArnCredentialsProvider,
                                               RsaKeyPairCredentialsProvider,
                                               EcsRamRoleCredentialsProvider,
                                               URLCredentialsProvider,
                                               DefaultCredentialsProvider)
from alibabacloud_credentials.utils import auth_constant as ac
from Tea.decorators import deprecated


def attribute_error_return_none(f):
    @wraps(f)
    def i(*args, **kwargs):
        try:
            return f(*args, **kwargs)
        except AttributeError:
            return

    return i


class _CredentialsProviderWrap:

    def __init__(self,
                 *,
                 type_name: str = None,
                 provider: ICredentialsProvider = None):
        self.type_name = type_name
        self.provider = provider

    def get_access_key_id(self) -> str:
        credential = self.provider.get_credentials()
        return credential.get_access_key_id()

    async def get_access_key_id_async(self) -> str:
        credential = await self.provider.get_credentials_async()
        return credential.get_access_key_id()

    def get_access_key_secret(self) -> str:
        credential = self.provider.get_credentials()
        return credential.get_access_key_secret()

    async def get_access_key_secret_async(self) -> str:
        credential = await self.provider.get_credentials_async()
        return credential.get_access_key_secret()

    def get_security_token(self):
        credential = self.provider.get_credentials()
        return credential.get_security_token()

    async def get_security_token_async(self):
        credential = await self.provider.get_credentials_async()
        return credential.get_security_token()

    def get_credential(self) -> CredentialModel:
        credential = self.provider.get_credentials()
        return CredentialModel(
            access_key_id=credential.get_access_key_id(),
            access_key_secret=credential.get_access_key_secret(),
            security_token=credential.get_security_token(),
            type=self.type_name,
            provider_name=credential.get_provider_name(),
        )

    async def get_credential_async(self) -> CredentialModel:
        credential = await self.provider.get_credentials_async()
        return CredentialModel(
            access_key_id=credential.get_access_key_id(),
            access_key_secret=credential.get_access_key_secret(),
            security_token=credential.get_security_token(),
            type=self.type_name,
            provider_name=credential.get_provider_name(),
        )

    def get_type(self) -> str:
        return self.type_name


class Client:
    cloud_credential = None

    def __init__(self,
                 config: Config = None,
                 provider: ICredentialsProvider = None):
        if provider is not None:
            self.cloud_credential = _CredentialsProviderWrap(type_name=provider.get_provider_name(), provider=provider)
        elif config is None:
            provider = DefaultCredentialsProvider()
            self.cloud_credential = _CredentialsProviderWrap(type_name='default', provider=provider)
        else:
            self.cloud_credential = Client.get_credentials(config)

    def get_credential(self) -> CredentialModel:
        """
        Get credential
        @return: the whole credential
        """
        return self.cloud_credential.get_credential()

    async def get_credential_async(self) -> CredentialModel:
        """
        Get credential
        @return: the whole credential
        """
        return await self.cloud_credential.get_credential_async()

    @staticmethod
    def get_credentials(config):
        if config.type == ac.ACCESS_KEY:
            provider = StaticAKCredentialsProvider(
                access_key_id=config.access_key_id,
                access_key_secret=config.access_key_secret,
            )
            return _CredentialsProviderWrap(type_name='access_key', provider=provider)
        elif config.type == ac.STS:
            provider = StaticSTSCredentialsProvider(
                access_key_id=config.access_key_id,
                access_key_secret=config.access_key_secret,
                security_token=config.security_token,
            )
            return _CredentialsProviderWrap(type_name='sts', provider=provider)
        elif config.type == ac.BEARER:
            return credentials.BearerTokenCredential(config.bearer_token)
        elif config.type == ac.ECS_RAM_ROLE:
            provider = EcsRamRoleCredentialsProvider(
                role_name=config.role_name,
                disable_imds_v1=config.disable_imds_v1,
                http_options=HttpOptions(
                    read_timeout=config.timeout,
                    connect_timeout=config.connect_timeout,
                    proxy=config.proxy,
                ),
            )
            return _CredentialsProviderWrap(type_name='ecs_ram_role', provider=provider)
        elif config.type == ac.CREDENTIALS_URI:
            provider = URLCredentialsProvider(
                uri=config.credentials_uri,
                http_options=HttpOptions(
                    read_timeout=config.timeout,
                    connect_timeout=config.connect_timeout,
                    proxy=config.proxy,
                ),
            )
            return _CredentialsProviderWrap(type_name='credentials_uri', provider=provider)
        elif config.type == ac.RAM_ROLE_ARN:
            if config.security_token is not None and config.security_token != '':
                previous_provider = StaticSTSCredentialsProvider(
                    access_key_id=config.access_key_id,
                    access_key_secret=config.access_key_secret,
                    security_token=config.security_token,
                )
            else:
                previous_provider = StaticAKCredentialsProvider(
                    access_key_id=config.access_key_id,
                    access_key_secret=config.access_key_secret,
                )
            provider = RamRoleArnCredentialsProvider(
                credentials_provider=previous_provider,
                role_arn=config.role_arn,
                role_session_name=config.role_session_name,
                duration_seconds=config.role_session_expiration,
                policy=config.policy,
                external_id=config.external_id,
                sts_endpoint=config.sts_endpoint,
                http_options=HttpOptions(
                    read_timeout=config.timeout,
                    connect_timeout=config.connect_timeout,
                    proxy=config.proxy,
                ),
            )
            return _CredentialsProviderWrap(type_name='ram_role_arn', provider=provider)
        elif config.type == ac.RSA_KEY_PAIR:
            provider = RsaKeyPairCredentialsProvider(
                public_key_id=config.public_key_id,
                private_key_file=config.private_key_file,
                duration_seconds=config.role_session_expiration,
                sts_endpoint=config.sts_endpoint,
                http_options=HttpOptions(
                    read_timeout=config.timeout,
                    connect_timeout=config.connect_timeout,
                    proxy=config.proxy,
                ),
            )
            return _CredentialsProviderWrap(type_name='rsa_key_pair', provider=provider)
        elif config.type == ac.OIDC_ROLE_ARN:
            provider = OIDCRoleArnCredentialsProvider(
                role_arn=config.role_arn,
                oidc_provider_arn=config.oidc_provider_arn,
                oidc_token_file_path=config.oidc_token_file_path,
                role_session_name=config.role_session_name,
                duration_seconds=config.role_session_expiration,
                policy=config.policy,
                sts_endpoint=config.sts_endpoint,
                http_options=HttpOptions(
                    read_timeout=config.timeout,
                    connect_timeout=config.connect_timeout,
                    proxy=config.proxy,
                ),
            )
            return _CredentialsProviderWrap(type_name='oidc_role_arn', provider=provider)
        raise CredentialException(
            'invalid type option, support: access_key, sts, bearer, ecs_ram_role, ram_role_arn, rsa_key_pair, oidc_role_arn, credentials_uri')

    @deprecated("Use 'get_credential().access_key_id' instead")
    def get_access_key_id(self):
        return self.cloud_credential.get_access_key_id()

    @deprecated("Use 'get_credential().access_key_secret' instead")
    def get_access_key_secret(self):
        return self.cloud_credential.get_access_key_secret()

    @deprecated("Use 'get_credential().security_token' instead")
    def get_security_token(self):
        return self.cloud_credential.get_security_token()

    @deprecated("Use 'get_credential_async().access_key_id' instead")
    async def get_access_key_id_async(self):
        return await self.cloud_credential.get_access_key_id_async()

    @deprecated("Use 'get_credential_async().access_key_secret' instead")
    async def get_access_key_secret_async(self):
        return await self.cloud_credential.get_access_key_secret_async()

    @deprecated("Use 'get_credential_async().security_token' instead")
    async def get_security_token_async(self):
        return await self.cloud_credential.get_security_token_async()

    @deprecated("Use 'get_credential().type' instead")
    @attribute_error_return_none
    def get_type(self):
        return self.cloud_credential.get_type()

    @deprecated("Use 'get_credential().bearer_token' instead")
    @attribute_error_return_none
    def get_bearer_token(self):
        return self.cloud_credential.bearer_token
feat(api): 实现图像生成及后台同步功能 - 新增图像生成接口，支持试用、积分和自定义API Key模式 - 实现生成图片结果异步上传至MinIO存储，带重试机制 - 优化积分预扣除和异常退还逻辑，保障用户积分准确 - 添加获取生成历史记录接口，支持时间范围和分页 - 提供本地字典配置接口，支持模型、比例、提示模板和尺寸 - 实现图片批量上传接口，支持S3兼容对象存储 feat(admin): 增加管理员角色管理与权限分配接口 - 实现角色列表查询、角色创建、更新及删除功能 - 增加权限列表查询接口 - 实现用户角色分配接口，便于统一管理用户权限 - 增加系统字典增删查改接口，支持分类过滤和排序 - 权限控制全面覆盖管理接口，保证安全访问 feat(auth): 完善用户登录注册及权限相关接口与页面 - 实现手机号验证码发送及校验功能，保障注册安全 - 支持手机号注册、登录及退出接口，集成日志记录 - 增加修改密码功能，验证原密码后更新 - 提供动态导航菜单接口，基于权限展示不同菜单 - 实现管理界面路由及日志、角色、字典管理页面访问权限控制 - 添加系统日志查询接口，支持关键词和等级筛选 feat(app): 初始化Flask应用并配置蓝图与数据库 - 创建应用程序工厂，加载配置，初始化数据库和Redis客户端 - 注册认证、API及管理员蓝图，整合路由 - 根路由渲染主页模板 - 应用上下文中自动创建数据库表，保证运行环境准备完毕 feat(database): 提供数据库创建与迁移支持脚本 - 新增数据库创建脚本，支持自动检测是否已存在 - 添加数据库表初始化脚本，支持创建和删除所有表 - 实现RBAC权限初始化，包含基础权限和角色创建 - 新增字段手动修复脚本，添加用户API Key和积分字段 - 强制迁移脚本支持清理连接和修复表结构，初始化默认数据及角色分配 feat(config): 新增系统配置参数 - 配置数据库、Redis、Session和MinIO相关参数 - 添加AI接口地址及试用Key配置 - 集成阿里云短信服务配置及开发模式相关参数 feat(extensions): 初始化数据库、Redis和MinIO客户端 - 创建全局SQLAlchemy数据库实例和Redis客户端 - 配置基于boto3的MinIO兼容S3客户端 chore(logs): 添加示例系统日志文件 - 记录用户请求、验证码发送成功与失败的日志信息 2026-01-12 00:53:31 +08:00			`from functools import wraps`

			`from alibabacloud_credentials_api import ICredentialsProvider`
			`from alibabacloud_credentials import credentials`
			`from alibabacloud_credentials.exceptions import CredentialException`
			`from alibabacloud_credentials.models import Config, CredentialModel`
			`from alibabacloud_credentials.http import HttpOptions`
			`from alibabacloud_credentials.provider import (StaticAKCredentialsProvider,`
			`StaticSTSCredentialsProvider,`
			`RamRoleArnCredentialsProvider,`
			`OIDCRoleArnCredentialsProvider,`
			`RsaKeyPairCredentialsProvider,`
			`EcsRamRoleCredentialsProvider,`
			`URLCredentialsProvider,`
			`DefaultCredentialsProvider)`
			`from alibabacloud_credentials.utils import auth_constant as ac`
			`from Tea.decorators import deprecated`


			`def attribute_error_return_none(f):`
			`@wraps(f)`
			`def i(args, *kwargs):`
			`try:`
			`return f(args, *kwargs)`
			`except AttributeError:`
			`return`

			`return i`


			`class _CredentialsProviderWrap:`

			`def __init__(self,`
			`*,`
			`type_name: str = None,`
			`provider: ICredentialsProvider = None):`
			`self.type_name = type_name`
			`self.provider = provider`

			`def get_access_key_id(self) -> str:`
			`credential = self.provider.get_credentials()`
			`return credential.get_access_key_id()`

			`async def get_access_key_id_async(self) -> str:`
			`credential = await self.provider.get_credentials_async()`
			`return credential.get_access_key_id()`

			`def get_access_key_secret(self) -> str:`
			`credential = self.provider.get_credentials()`
			`return credential.get_access_key_secret()`

			`async def get_access_key_secret_async(self) -> str:`
			`credential = await self.provider.get_credentials_async()`
			`return credential.get_access_key_secret()`

			`def get_security_token(self):`
			`credential = self.provider.get_credentials()`
			`return credential.get_security_token()`

			`async def get_security_token_async(self):`
			`credential = await self.provider.get_credentials_async()`
			`return credential.get_security_token()`

			`def get_credential(self) -> CredentialModel:`
			`credential = self.provider.get_credentials()`
			`return CredentialModel(`
			`access_key_id=credential.get_access_key_id(),`
			`access_key_secret=credential.get_access_key_secret(),`
			`security_token=credential.get_security_token(),`
			`type=self.type_name,`
			`provider_name=credential.get_provider_name(),`
			`)`

			`async def get_credential_async(self) -> CredentialModel:`
			`credential = await self.provider.get_credentials_async()`
			`return CredentialModel(`
			`access_key_id=credential.get_access_key_id(),`
			`access_key_secret=credential.get_access_key_secret(),`
			`security_token=credential.get_security_token(),`
			`type=self.type_name,`
			`provider_name=credential.get_provider_name(),`
			`)`

			`def get_type(self) -> str:`
			`return self.type_name`


			`class Client:`
			`cloud_credential = None`

			`def __init__(self,`
			`config: Config = None,`
			`provider: ICredentialsProvider = None):`
			`if provider is not None:`
			`self.cloud_credential = _CredentialsProviderWrap(type_name=provider.get_provider_name(), provider=provider)`
			`elif config is None:`
			`provider = DefaultCredentialsProvider()`
			`self.cloud_credential = _CredentialsProviderWrap(type_name='default', provider=provider)`
			`else:`
			`self.cloud_credential = Client.get_credentials(config)`

			`def get_credential(self) -> CredentialModel:`
			`"""`
			`Get credential`
			`@return: the whole credential`
			`"""`
			`return self.cloud_credential.get_credential()`

			`async def get_credential_async(self) -> CredentialModel:`
			`"""`
			`Get credential`
			`@return: the whole credential`
			`"""`
			`return await self.cloud_credential.get_credential_async()`

			`@staticmethod`
			`def get_credentials(config):`
			`if config.type == ac.ACCESS_KEY:`
			`provider = StaticAKCredentialsProvider(`
			`access_key_id=config.access_key_id,`
			`access_key_secret=config.access_key_secret,`
			`)`
			`return _CredentialsProviderWrap(type_name='access_key', provider=provider)`
			`elif config.type == ac.STS:`
			`provider = StaticSTSCredentialsProvider(`
			`access_key_id=config.access_key_id,`
			`access_key_secret=config.access_key_secret,`
			`security_token=config.security_token,`
			`)`
			`return _CredentialsProviderWrap(type_name='sts', provider=provider)`
			`elif config.type == ac.BEARER:`
			`return credentials.BearerTokenCredential(config.bearer_token)`
			`elif config.type == ac.ECS_RAM_ROLE:`
			`provider = EcsRamRoleCredentialsProvider(`
			`role_name=config.role_name,`
			`disable_imds_v1=config.disable_imds_v1,`
			`http_options=HttpOptions(`
			`read_timeout=config.timeout,`
			`connect_timeout=config.connect_timeout,`
			`proxy=config.proxy,`
			`),`
			`)`
			`return _CredentialsProviderWrap(type_name='ecs_ram_role', provider=provider)`
			`elif config.type == ac.CREDENTIALS_URI:`
			`provider = URLCredentialsProvider(`
			`uri=config.credentials_uri,`
			`http_options=HttpOptions(`
			`read_timeout=config.timeout,`
			`connect_timeout=config.connect_timeout,`
			`proxy=config.proxy,`
			`),`
			`)`
			`return _CredentialsProviderWrap(type_name='credentials_uri', provider=provider)`
			`elif config.type == ac.RAM_ROLE_ARN:`
			`if config.security_token is not None and config.security_token != '':`
			`previous_provider = StaticSTSCredentialsProvider(`
			`access_key_id=config.access_key_id,`
			`access_key_secret=config.access_key_secret,`
			`security_token=config.security_token,`
			`)`
			`else:`
			`previous_provider = StaticAKCredentialsProvider(`
			`access_key_id=config.access_key_id,`
			`access_key_secret=config.access_key_secret,`
			`)`
			`provider = RamRoleArnCredentialsProvider(`
			`credentials_provider=previous_provider,`
			`role_arn=config.role_arn,`
			`role_session_name=config.role_session_name,`
			`duration_seconds=config.role_session_expiration,`
			`policy=config.policy,`
			`external_id=config.external_id,`
			`sts_endpoint=config.sts_endpoint,`
			`http_options=HttpOptions(`
			`read_timeout=config.timeout,`
			`connect_timeout=config.connect_timeout,`
			`proxy=config.proxy,`
			`),`
			`)`
			`return _CredentialsProviderWrap(type_name='ram_role_arn', provider=provider)`
			`elif config.type == ac.RSA_KEY_PAIR:`
			`provider = RsaKeyPairCredentialsProvider(`
			`public_key_id=config.public_key_id,`
			`private_key_file=config.private_key_file,`
			`duration_seconds=config.role_session_expiration,`
			`sts_endpoint=config.sts_endpoint,`
			`http_options=HttpOptions(`
			`read_timeout=config.timeout,`
			`connect_timeout=config.connect_timeout,`
			`proxy=config.proxy,`
			`),`
			`)`
			`return _CredentialsProviderWrap(type_name='rsa_key_pair', provider=provider)`
			`elif config.type == ac.OIDC_ROLE_ARN:`
			`provider = OIDCRoleArnCredentialsProvider(`
			`role_arn=config.role_arn,`
			`oidc_provider_arn=config.oidc_provider_arn,`
			`oidc_token_file_path=config.oidc_token_file_path,`
			`role_session_name=config.role_session_name,`
			`duration_seconds=config.role_session_expiration,`
			`policy=config.policy,`
			`sts_endpoint=config.sts_endpoint,`
			`http_options=HttpOptions(`
			`read_timeout=config.timeout,`
			`connect_timeout=config.connect_timeout,`
			`proxy=config.proxy,`
			`),`
			`)`
			`return _CredentialsProviderWrap(type_name='oidc_role_arn', provider=provider)`
			`raise CredentialException(`
			`'invalid type option, support: access_key, sts, bearer, ecs_ram_role, ram_role_arn, rsa_key_pair, oidc_role_arn, credentials_uri')`

			`@deprecated("Use 'get_credential().access_key_id' instead")`
			`def get_access_key_id(self):`
			`return self.cloud_credential.get_access_key_id()`

			`@deprecated("Use 'get_credential().access_key_secret' instead")`
			`def get_access_key_secret(self):`
			`return self.cloud_credential.get_access_key_secret()`

			`@deprecated("Use 'get_credential().security_token' instead")`
			`def get_security_token(self):`
			`return self.cloud_credential.get_security_token()`

			`@deprecated("Use 'get_credential_async().access_key_id' instead")`
			`async def get_access_key_id_async(self):`
			`return await self.cloud_credential.get_access_key_id_async()`

			`@deprecated("Use 'get_credential_async().access_key_secret' instead")`
			`async def get_access_key_secret_async(self):`
			`return await self.cloud_credential.get_access_key_secret_async()`

			`@deprecated("Use 'get_credential_async().security_token' instead")`
			`async def get_security_token_async(self):`
			`return await self.cloud_credential.get_security_token_async()`

			`@deprecated("Use 'get_credential().type' instead")`
			`@attribute_error_return_none`
			`def get_type(self):`
			`return self.cloud_credential.get_type()`

			`@deprecated("Use 'get_credential().bearer_token' instead")`
			`@attribute_error_return_none`
			`def get_bearer_token(self):`
			`return self.cloud_credential.bearer_token`