ftrackhq
diff --git a/‎.pre-commit-config.yaml‎
Lines changed: 9 additions & 6 deletions b/‎.pre-commit-config.yaml‎
Lines changed: 9 additions & 6 deletions
diff --git a/‎library/authenticate/ftrack/library/authenticate/placeholder‎ renamed to ‎library/authenticate/README.md‎ b/‎library/authenticate/ftrack/library/authenticate/placeholder‎ renamed to ‎library/authenticate/README.md‎
diff --git a/‎tool/connect/ftrack/tool/connect/commands/__init__.py‎ renamed to ‎library/authenticate/ftrack/library/authenticate/__init__.py‎ b/‎tool/connect/ftrack/tool/connect/commands/__init__.py‎ renamed to ‎library/authenticate/ftrack/library/authenticate/__init__.py‎
diff --git a/‎library/authenticate/ftrack/library/authenticate/authenticate.py‎
Lines changed: 136 additions & 0 deletions b/‎library/authenticate/ftrack/library/authenticate/authenticate.py‎
Lines changed: 136 additions & 0 deletions
diff --git a/‎library/authenticate/ftrack/library/authenticate/helper/__init__.py‎
Lines changed: 2 additions & 0 deletions b/‎library/authenticate/ftrack/library/authenticate/helper/__init__.py‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎library/authenticate/ftrack/library/authenticate/helper/credential.py‎
Lines changed: 154 additions & 0 deletions b/‎library/authenticate/ftrack/library/authenticate/helper/credential.py‎
Lines changed: 154 additions & 0 deletions
@@ -1,7 +1,10 @@
 repos:
--   repo: https://github.com/psf/black
-    rev: 23.1.0
-    hooks:
-    - id: black
-      language_version: python3.10
-      exclude: tools/cookiecutter*
+- repo: https://github.com/astral-sh/ruff-pre-commit
+  # Ruff version.
+  rev: v0.8.3
+  hooks:
+    # Run the linter.
+    - id: ruff
+      args: [ --fix ]
+    # Run the formatter.
+    - id: ruff-format
@@ -0,0 +1,136 @@
+# :coding: utf-8
+# :copyright: Copyright (c) 2024 ftrack
+
+import logging
+import threading
+import webbrowser
+from typing import TYPE_CHECKING, Optional
+
+from ftrack.library.utility.url.checker import ftrack_server_url_checker
+
+from .util.identifier import generate_url_identifier
+
+if TYPE_CHECKING:
+    from .helper.credential import (
+        CredentialFactory,
+        CredentialInterface,
+    )
+    from .helper.webserver import WebServerFactory, WebServerInterface
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+
+
+class Authenticate:
+    """
+    Handles authentication by opening a browser and running a local web server
+    to capture credential via callback.
+    """
+
+    def __init__(
+        self,
+        server_url: str,
+        credential_factory: "CredentialFactory",
+        web_server_factory: "WebServerFactory",
+        redirect_port: int = 5000,
+    ) -> None:
+        """
+        Initialize the Authenticate instance.
+
+        :param server_url: The base URL for the authentication request.
+        :param credential_factory: The credential provider factory instance.
+        :param web_server_factory: The web server factory instance.
+        :param redirect_port: The port on which the local web server will run.
+        """
+        try:
+            self._server_url: str = ftrack_server_url_checker(server_url)
+        except ValueError as e:
+            logging.error(f"Invalid server URL: {e}")
+            raise
+        self._credential_instance: "CredentialInterface" = credential_factory.make()
+        self._web_server_factory: "WebServerFactory" = web_server_factory
+        self._web_server_instance: Optional["WebServerInterface"] = None
+        self._redirect_port: int = redirect_port
+        self._redirect_uri: str = f"http://localhost:{redirect_port}/callback"
+        self._server_ready: threading.Event = threading.Event()
+
+    @property
+    def server_url(self):
+        return self._server_url
+
+    @property
+    def credential_instance(self):
+        return self._credential_instance
+
+    @property
+    def web_server_factory(self):
+        return self._web_server_factory
+
+    @property
+    def web_server_instance(self):
+        return self._web_server_instance
+
+    @property
+    def redirect_port(self):
+        return self._redirect_port
+
+    @property
+    def redirect_uri(self):
+        return self._redirect_uri
+
+    def authenticate_browser(self) -> None:
+        """
+        Launch the authentication process:
+        - Starts a local web server in a separate thread.
+        - Opens the authentication URL in the default web browser.
+        - Waits for the web server to handle the callback and capture credential.
+        """
+        try:
+            # Create a web server instance
+            self.web_server_factory.credential_instance = self.credential_instance
+            self.web_server_factory.server_url = self.server_url
+            self.web_server_factory.port = self.redirect_port
+            self._web_server_instance = self.web_server_factory.make()
+
+            # Start the web server in a separate thread
+            server_thread: threading.Thread = threading.Thread(
+                target=self.run_server, daemon=True
+            )
+            server_thread.start()
+
+            # Wait until the server is ready before proceeding
+            self._server_ready.wait()
+
+            # Format the authentication URL
+            auth_url: str = f"{self.server_url}/user/api_credentials?identifier={generate_url_identifier('ftrack-connect')}&redirect_url={self.redirect_uri}"
+
+            # Log the URL being opened
+            logging.info(f"Opening browser for authentication: {auth_url}")
+
+            # Open the authentication URL in the browser
+            webbrowser.open_new_tab(auth_url)
+
+            # Wait for the server to shut down after successful authentication
+            server_thread.join()
+        except Exception as e:
+            logging.error(f"An error occurred during browser authentication: {e}")
+            raise
+
+    def run_server(self) -> None:
+        """
+        Start the web server and notify the main thread that it's ready.
+        """
+        self._server_ready.set()
+        self.web_server_instance.run_server()
+
+    def authenticate_credential(
+        self, server_url: str, api_user: str, api_key: str
+    ) -> None:
+        """
+        Save captured credential securely using the utility method.
+
+        :param server_url: The server URL captured during authentication.
+        :param api_user: The username captured during authentication.
+        :param api_key: The API key captured during authentication.
+        """
+        self.credential_instance.credential_store(server_url, api_user, api_key)
@@ -0,0 +1,2 @@
+# :coding: utf-8
+# :copyright: Copyright (c) 2024 ftrack
@@ -0,0 +1,154 @@
+# :coding: utf-8
+# :copyright: Copyright (c) 2024 ftrack
+
+import logging
+from abc import ABC, abstractmethod
+from typing import Dict, Optional, Type
+
+import keyring
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+
+
+class CredentialInterface(ABC):
+    """
+    Abstract base class for credential.
+    """
+
+    @abstractmethod
+    def __init__(self, credential_identifier: str) -> None:
+        """
+        Initialize the credential with a credential identifier.
+
+        :param credential_identifier: Unique identifier for credentials.
+        """
+        pass
+
+    @abstractmethod
+    def credential_load(self) -> Optional[Dict[str, str]]:
+        """
+        Retrieve credentials.
+
+        :return: Dictionary containing server_url, api_user, and api_key, or None if not found.
+        """
+        pass
+
+    @abstractmethod
+    def credential_store(self, server_url: str, api_user: str, api_key: str) -> None:
+        """
+        Save credentials securely.
+
+        :param server_url: Server URL.
+        :param api_user: User's name.
+        :param api_key: API key for authentication.
+        """
+        pass
+
+
+class CredentialFactory:
+    """Factory class for creating credential."""
+
+    def __init__(
+        self,
+        credential_identifier: Optional[str] = None,
+        variant: str = "keyring",
+    ) -> None:
+        self._credential_identifier: Optional[str] = None
+        self._variant: str = variant
+        self._available_variant: Dict[str, Type["CredentialInterface"]] = {
+            "keyring": KeyringCredential
+        }
+        self.credential_identifier: Optional[str] = credential_identifier
+
+    @property
+    def credential_identifier(self) -> Optional[str]:
+        return self._credential_identifier
+
+    @credential_identifier.setter
+    def credential_identifier(self, value: Optional[str]) -> None:
+        if not isinstance(value, str) and value is not None:
+            raise ValueError("Credential identifier must be a string or None.")
+        self._credential_identifier = value
+
+    @property
+    def variant(self) -> str:
+        return self._variant
+
+    @variant.setter
+    def variant(self, value: str) -> None:
+        if not isinstance(value, str):
+            raise ValueError("Variant must be a string.")
+        self._variant = value
+
+    @property
+    def available_variant(self) -> Dict[str, Type["CredentialInterface"]]:
+        return self._available_variant
+
+    def make(self) -> "CredentialInterface":
+        """
+        Create and return a CredentialInterface-based credential.
+
+        :return: Instance of a CredentialInterface.
+        """
+        if not self.credential_identifier:
+            raise ValueError("Credential identifier is required.")
+        return self.available_variant[self.variant](self.credential_identifier)
+
+
+class KeyringCredential(CredentialInterface):
+    """
+    Credential that uses the system keyring to store and retrieve credentials.
+    """
+
+    def __init__(self, credential_identifier: str) -> None:
+        self._credential_identifier: str = credential_identifier
+
+    @property
+    def credential_identifier(self) -> str:
+        return self._credential_identifier
+
+    def credential_load(self) -> Optional[Dict[str, str]]:
+        """
+        Retrieve credentials from the keyring.
+
+        :return: Dictionary containing server_url, api_user, and api_key, or None if not found.
+        """
+        try:
+            server_url = keyring.get_password(self.credential_identifier, "server_url")
+            api_user = keyring.get_password(self.credential_identifier, "api_user")
+            api_key = keyring.get_password(self.credential_identifier, "api_key")
+
+            if server_url and api_user and api_key:
+                return {
+                    "server_url": server_url,
+                    "api_user": api_user,
+                    "api_key": api_key,
+                }
+
+            logging.warning(
+                f"No credential found for identifier: {self.credential_identifier}."
+            )
+            return None
+        except Exception as e:
+            logging.error(f"Failed to retrieve credential: {e}")
+            raise
+
+    def credential_store(self, server_url: str, api_user: str, api_key: str) -> None:
+        """
+        Save credentials securely using the system keyring.
+
+        :param server_url: Server URL.
+        :param api_user: User's name.
+        :param api_key: API key for authentication.
+        """
+        try:
+            keyring.set_password(self.credential_identifier, "server_url", server_url)
+            keyring.set_password(self.credential_identifier, "api_user", api_user)
+            keyring.set_password(self.credential_identifier, "api_key", api_key)
+            logging.info(
+                f"Credentials saved for identifier: {self.credential_identifier}."
+            )
+        except Exception as e:
+            logging.error(f"Failed to save credential: {e}")
+            raise
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# :coding: utf-8`
	`2`	`+# :copyright: Copyright (c) 2024 ftrack`