Metadata-Version: 2.4
Name: heaserver-keychain
Version: 1.15.1
Summary: a service for managing credentials
Home-page: https://code.hci.utah.edu
Author: Comprehensive Oncology Data and Engineering Shared Resource (CODE), Huntsman Cancer Institute, Salt Lake City, UT
Author-email: Andrew.Post@hci.utah.edu
License: Apache License 2.0
Keywords: heaserver-keychain,microservice,healthcare,cancer,research,informatics
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Science/Research
Classifier: Framework :: AsyncIO
Classifier: Environment :: Web Environment
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Software Development
Classifier: Topic :: Scientific/Engineering
Classifier: Topic :: Scientific/Engineering :: Bio-Informatics
Classifier: Topic :: Scientific/Engineering :: Information Analysis
Classifier: Topic :: Scientific/Engineering :: Medical Science Apps.
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: heaserver~=1.61.1
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: keywords
Dynamic: license
Dynamic: license-file
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

# HEA Keychain
[Comprehensive Oncology Data and Engineering Shared Resource (CODE)](https://code.hci.utah.edu), [Huntsman Cancer Institute](https://healthcare.utah.edu/huntsmancancerinstitute/),
Salt Lake City, UT

The HEA server Keychain is a service for managing laboratory and user credentials.


## Version 1.15.1
* Bumped heaserver version to 1.61.1.

## Version 1.15.0
* Bumped heaserver version to 1.61.0.
* Use the /peopleviews and /groupviews endpoints for dropdowns.

## Version 1.14.3
* Bumped heaserver version to 1.59.0.

## Version 1.14.2
* Bumped heaserver version to 1.58.0. Logging should provide more info when a corrupt credentials object breaks the
  cleanup routine.
* Fixed concurrency issues in AWS credentials cleanup coroutine.

## Version 1.14.1.post1
* Fixed mypy issue.

## Version 1.14.1
* Bumped heaserver version to 1.57.0.

## Version 1.14.0
* Implemented sorting.
* Managed credentials are now populated with a lifespan and expiration again.
* Managed credentials now have expiration information in the source and source_detail attributes.
* Managed credentials are now reliably stored with the managed credentials owner.

## Version 1.13.1
* Bumped heaserver version to 1.55.0.
* Form template dropdowns are now sorted.
* Form templates now request only required people and group attributes.

## Version 1.13.0
* Bumped heaserver version to 1.48.0.
* Support added for encrypted Mongo password.
* Support added for encrypting the heaobject.keychain.AWSCredentials session token in mongo.

## Version 1.12.1
* Bumped heaserver version to 1.47.2.
* Using the HEA_ENCRYPTION_KEY works again, although it's not recommended for use in production.

## Version 1.12.0
* Bumped heaserver version to 1.47.0.
* Supports EncryptionKeyFile configuration property.

## Version 1.11.0
* Bumped heaserver version to 1.46.0.
* Supports EncryptionKey configuration property, which causes heaobject.keychain.Credentials password attributes to be 
  encrypted in mongo.
* Supports the HEA_ENCRYPTION_KEY environment variable when building a docker image using this project's Dockerfile.
* Bumped mypy version to 1.16.1.
* Added log files to .gitignore.

## Version 1.10.0
* Bumped heaserver version to 1.44.1.
* New startup.py module to initialize logging before importing any third-party libraries.
* New optional -e/--env command-line argument for setting the runtime environment (development, staging, or
  production). Logging is now configured based on this setting, unless the older -l/--logging argument is provided. The
  default value is development.
* Logs are now scrubbed.
* Presigned URL's backing IAM User's Policy is now locked down to just GetObject and GetObjectVersion Actions 

## Version 1.9.1
* Bumped heaserver verison to 1.43.3.
* Added missing asyncio.to_thread around boto3 calls.
* Improved error handling for old managed credentials cleanup coroutine.

## Version 1.9.0
* Bumped heaserver version to 1.43.0.
* New APIs for getting a CredentialsView object by id or by name.
* Documented APIs that require an Authorization header.

## Version 1.8.5
* Bumped heaserver version to 1.37.1 to address potential issue with the RabbitMQ connection failing.

## Version 1.8.4
* Bumped heaserver version to 1.33.0 to address potential issue where desktop object actions fail to be sent to 
  RabbitMQ.

## Version 1.8.3
* Bumped heaserver version to 1.32.2 to correct a potential issue causing the microservice to fail to send messages to
  the message broker.

## Version 1.8.2
* Bumped heaserver version to 1.32.1.
* The super_admin_default_permissions attribute is now an empty list.

## Version 1.8.1
* When detaching a managed user, ignore missing information.
* Addressed issue where created managed credentials objects do not appear immediately due to caching.
* Bumped heaserver version to 1.32.0.

## Version 1.8.0
* Bumped heaserver version to 1.30.1.
* Added missing type metadata for share objects in the properties metadata.
* Added super_admin_default_permissions property metadata to the properties metadata.
* Added tests for removal of CREATOR privileges.

## Version 1.7.0
* Added support for group permissions.

## Version 1.6.0
* Overhauled managed credentials endpoint.
* Added endpoint for creating credentials for presigned-URLs.

## Version 1.5.0
* Removed integration tests because they are too duplicative of the unit tests.
* Added /credentialsviews endpoint.
* Don't raise boto3 ClientError when trying to delete policies for a role that has already been deleted. There's a good chance the policies are gone too.

## Version 1.4.4
* Bug fix for Managed Credentials not being deleted after expiring.

## Version 1.4.3
* Caching optimizations.

## Version 1.4.2
* Display the role and shares properties again.

## Version 1.4.1
* Use the /credentials endpoint to delete the managed credential not /awscredentials.

## Version 1.4.0
* Fixed issue where credentials were inadvertently deleted.
* Made DELETE call for deleting managed AWS credentials more like other HEA microservices.

## Version 1.3.4
* Changes in naming of menu items for credentials and updated associated icons
* Generated Managed Credential's now outputs the expiration for users to copy to clipboard. 

## Version 1.3.3
* Making AWS Credential Username unique per account.

## Version 1.3.2
* Upgrading dependencies to get bug fixes affecting creating and deleting Managed Credentials.
* Increased delay of background task that checks to see if credentials are expired.

## Version 1.3.1
* Introduces Managed Credentials with ability create and specify life span of credential 

## Version 1.3.0
* Now all Credentials objects have a role attribute, replacing the old AWSCredentials role_arn attribute.

## Version 1.2.0
* Display type display name in properties card.

## Version 1.1.0
* Pass desktop object permissions back to clients.
* Return type_display_name attribute from GET calls.

## Version 1.0.3
* Improved performance.

## Version 1.0.2
* Added endpoint and links for generating an AWS CLI .aws/credentials file.

## Version 1.0.1
* Improved performance.

## Version 1
Initial release.

## Runtime requirements
* Python 3.10, 3.11, or 3.12

## Development environment

### Build requirements
* Any development environment is fine.
* On Windows, you also will need:
    * Build Tools for Visual Studio 2019, found at https://visualstudio.microsoft.com/downloads/. Select the C++ tools.
    * git, found at https://git-scm.com/download/win.
* On Mac, Xcode or the command line developer tools is required, found in the Apple Store app.
* Python 3.10, 3.11, or 3.12: Download and install Python 3.10 from https://www.python.org, and select the options to install 
for all users and add Python to your environment variables. The install for all users option will help keep you from 
accidentally installing packages into your Python installation's site-packages directory instead of to your virtualenv 
environment, described below.
* Create a virtualenv environment using the `python -m venv <venv_directory>` command, substituting `<venv_directory>`
with the directory name of your virtual environment. Run `source <venv_directory>/bin/activate` (or `<venv_directory>/Scripts/activate` on Windows) to activate the virtual
environment. You will need to activate the virtualenv every time before starting work, or your IDE may be able to do
this for you automatically. **Note that PyCharm will do this for you, but you have to create a new Terminal panel
after you newly configure a project with your virtualenv.**
* From the project's root directory, and using the activated virtualenv, run `pip install wheel` followed by
  `pip install -r requirements_dev.txt`. **Do NOT run `python setup.py develop`. It will break your environment.**

### Running tests
Run tests with the `pytest` command from the project root directory. To improve performance, run tests in multiple
processes with `pytest -n auto`.

### Versioning
Use semantic versioning as described in
https://packaging.python.org/guides/distributing-packages-using-setuptools/#choosing-a-versioning-scheme. In addition,
while development is underway, the version should be the next version number suffixed by `.dev`.

### Version tags in git
Version tags should follow the format `heaserver-keychains-<version>`, for example, `heaserver-keychains-1.0.0`.

### Uploading to an index server
The following instructions assume separate stable and staging indexes. Numbered releases, including alphas and betas, go
into the stable index. Snapshots of works in progress go into the staging index. Thus, use staging to upload numbered
releases, verify the uploaded packages, and then upload to stable.

From the project's root directory:
1. For numbered releases, remove `.dev` from the version number in setup.py, tag it in git to indicate a release,
and commit to version control. Skip this step for developer snapshot releases.
2. Run `python setup.py clean --all sdist bdist_wheel` to create the artifacts.
3. Run `twine upload -r <repository> dist/<wheel-filename> dist/<tarball-filename>` to upload to the
 repository. The repository name has to be defined in a twine configuration file such as `$HOME/.pypirc`.
4. For numbered releases, increment the version number in setup.py, append `.dev` to it, and commit to version
control with a commit message like, "Prepare for next development iteration."
