Authress · wparad · Sep 20, 2024 · Sep 20, 2024 · Sep 20, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,7 @@ This is the changelog for [Authress SDK](readme.md).
 * Prevent unnecessary extra trailing slashes in domain name.
 * Add support for the `generateUserLoginUrl` from the ServiceClientTokenProvider.
 * [Breaking] Removed client_id from ClientAccessKey.py model, because it does not contain a clientId when fetching client data.
+* Add support for `tokenConfiguration` at the tenant level.
 
 ## 2.0 ##
 * Add support for users and groups at the statement level of access records.

diff --git a/authress/__init__.py b/authress/__init__.py
@@ -5,35 +5,11 @@
 
 from __future__ import absolute_import
 
-# import apis into sdk package
-from authress.api.access_records_api import AccessRecordsApi
-from authress.api.accounts_api import AccountsApi
-from authress.api.resource_permissions_api import ResourcePermissionsApi
-from authress.api.service_clients_api import ServiceClientsApi
-from authress.api.user_permissions_api import UserPermissionsApi
 # import AuthressClient
 from authress.authress_client import AuthressClient
 from authress.http_client import HttpClient
 from authress.rest import ApiException
-# import models into sdk package
-from authress.models.access_record import AccessRecord
-from authress.models.access_record_account import AccessRecordAccount
-from authress.models.access_record_collection import AccessRecordCollection
-from authress.models.account import Account
-from authress.models.account_collection import AccountCollection
-from authress.models.claim_request import ClaimRequest
-from authress.models.client import Client
-from authress.models.client_access_key import ClientAccessKey
-from authress.models.client_collection import ClientCollection
-from authress.models.client_options import ClientOptions
-from authress.models.identity import Identity
-from authress.models.identity_collection import IdentityCollection
-from authress.models.identity_request import IdentityRequest
-from authress.models.permission_object import PermissionObject
-from authress.models.resource_permission import ResourcePermission
-
-
-
+
 # import apis into sdk package
 from authress.api.access_records_api import AccessRecordsApi
 from authress.api.accounts_api import AccountsApi
@@ -70,16 +46,21 @@
 from authress.models.account_collection import AccountCollection
 from authress.models.account_links import AccountLinks
 from authress.models.application_delegation import ApplicationDelegation
+from authress.models.authentication_token_configuration import AuthenticationTokenConfiguration
 from authress.models.claim_request import ClaimRequest
 from authress.models.client import Client
 from authress.models.client_access_key import ClientAccessKey
 from authress.models.client_collection import ClientCollection
 from authress.models.client_options import ClientOptions
+from authress.models.client_rate_limit import ClientRateLimit
 from authress.models.collection_links import CollectionLinks
 from authress.models.connection import Connection
 from authress.models.connection_collection import ConnectionCollection
+from authress.models.connection_conditions import ConnectionConditions
 from authress.models.connection_data import ConnectionData
 from authress.models.connection_default_connection_properties import ConnectionDefaultConnectionProperties
+from authress.models.connection_linking_configuration import ConnectionLinkingConfiguration
+from authress.models.connection_user_data_configuration import ConnectionUserDataConfiguration
 from authress.models.extension import Extension
 from authress.models.extension_application import ExtensionApplication
 from authress.models.extension_client import ExtensionClient
@@ -90,6 +71,7 @@
 from authress.models.identity_collection import IdentityCollection
 from authress.models.identity_request import IdentityRequest
 from authress.models.invite import Invite
+from authress.models.invite_statement import InviteStatement
 from authress.models.link import Link
 from authress.models.linked_group import LinkedGroup
 from authress.models.links import Links
@@ -113,6 +95,8 @@
 from authress.models.tenant_collection import TenantCollection
 from authress.models.tenant_connection import TenantConnection
 from authress.models.tenant_data import TenantData
+from authress.models.tenant_domain import TenantDomain
+from authress.models.tenant_user import TenantUser
 from authress.models.token_request import TokenRequest
 from authress.models.user import User
 from authress.models.user_connection_credentials import UserConnectionCredentials
@@ -121,4 +105,4 @@
 from authress.models.user_resources_collection import UserResourcesCollection
 from authress.models.user_role import UserRole
 from authress.models.user_role_collection import UserRoleCollection
-from authress.models.user_token import UserToken
+from authress.models.user_token import UserToken
diff --git a/authress/models/authentication_token_configuration.py b/authress/models/authentication_token_configuration.py
@@ -0,0 +1,109 @@
+# coding: utf-8
+
+"""
+    Authress
+
+    <p> <h2>Introduction</h2> <p>Welcome to the Authress Authorization API. <br>The Authress REST API provides the operations and resources necessary to create records, assign permissions, and verify any user in your platform.</p> <p><ul>   <li>Manage multitenant platforms and create user tenants for SSO connections.</li>   <li>Create records to assign roles and resources to grant access for users.</li>   <li>Check user access control by calling the authorization API at the right time.</li>   <li>Configure service clients to securely access services in your platform.</li> </ul></p> <p>For more in-depth scenarios check out the <a href=\"https://authress.io/knowledge-base\" target=\"_blank\">Authress knowledge base</a>.</p> </p>
+
+    The version of the OpenAPI document: v1
+    Contact: support@authress.io
+    Generated by OpenAPI Generator (https://openapi-generator.tech)
+
+    Do not edit the class manually.
+"""  # noqa: E501
+
+
+from __future__ import annotations
+import pprint
+import re  # noqa: F401
+import json
+
+
+from typing import Optional
+from pydantic import BaseModel, Field, constr, validator
+
+try:
+    from pydantic.v1 import BaseModel, Field, constr, validator
+except ImportError:
+    from pydantic import BaseModel, Field, constr, validator
+
+class AuthenticationTokenConfiguration(BaseModel):
+    """
+    AuthenticationTokenConfiguration
+    """
+    access_token_duration: Optional[constr(strict=True)] = Field(default='PT24H', alias="accessTokenDuration", description="How long should Authress generated access tokens (JWTs) last for in minutes. This controls how often tokens expiry (*exp*). The default is 24 hours. The minimum is one minute and the max is twenty-four hours.")
+    session_duration: Optional[constr(strict=True)] = Field(default='P30D', alias="sessionDuration", description="How long should user authentication sessions last for in minutes. This controls how often users are forced to log in again. User sessions are optimized to provide the best user experience for your application. The default is 90 days. The minimum is one minute and the max is 90 days.")
+    __properties = ["accessTokenDuration", "sessionDuration"]
+
+    @validator('access_token_duration')
+    def access_token_duration_validate_regular_expression(cls, value):
+        """Validates the regular expression"""
+        if value is None:
+            return value
+
+        if not re.match(r"^P(?!$)(\d+Y)?(\d+M)?(\d+W)?(\d+D)?(T(?=\d+[HMS])(\d+H)?(\d+M)?(\d+S)?)?$", value):
+            raise ValueError(r"must validate the regular expression /^P(?!$)(\d+Y)?(\d+M)?(\d+W)?(\d+D)?(T(?=\d+[HMS])(\d+H)?(\d+M)?(\d+S)?)?$/")
+        return value
+
+    @validator('session_duration')
+    def session_duration_validate_regular_expression(cls, value):
+        """Validates the regular expression"""
+        if value is None:
+            return value
+
+        if not re.match(r"^P(?!$)(\d+Y)?(\d+M)?(\d+W)?(\d+D)?(T(?=\d+[HMS])(\d+H)?(\d+M)?(\d+S)?)?$", value):
+            raise ValueError(r"must validate the regular expression /^P(?!$)(\d+Y)?(\d+M)?(\d+W)?(\d+D)?(T(?=\d+[HMS])(\d+H)?(\d+M)?(\d+S)?)?$/")
+        return value
+
+    class Config:
+        """Pydantic configuration"""
+        allow_population_by_field_name = True
+        validate_assignment = True
+
+    def to_str(self) -> str:
+        """Returns the string representation of the model using alias"""
+        return pprint.pformat(self.dict(by_alias=True))
+
+    def to_json(self) -> str:
+        """Returns the JSON representation of the model using alias"""
+        return json.dumps(self.to_dict())
+
+    @classmethod
+    def from_json(cls, json_str: str) -> AuthenticationTokenConfiguration:
+        """Create an instance of AuthenticationTokenConfiguration from a JSON string"""
+        return cls.from_dict(json.loads(json_str))
+
+    def to_dict(self):
+        """Returns the dictionary representation of the model using alias"""
+        _dict = self.dict(by_alias=True,
+                          exclude={
+                          },
+                          exclude_none=True)
+        # set to None if access_token_duration (nullable) is None
+        # and __fields_set__ contains the field
+        if self.access_token_duration is None and "access_token_duration" in self.__fields_set__:
+            _dict['accessTokenDuration'] = None
+
+        # set to None if session_duration (nullable) is None
+        # and __fields_set__ contains the field
+        if self.session_duration is None and "session_duration" in self.__fields_set__:
+            _dict['sessionDuration'] = None
+
+        return _dict
+
+    @classmethod
+    def from_dict(cls, obj: dict) -> AuthenticationTokenConfiguration:
+        """Create an instance of AuthenticationTokenConfiguration from a dict"""
+        if obj is None:
+            return None
+
+        if not isinstance(obj, dict):
+            return AuthenticationTokenConfiguration.parse_obj(obj)
+
+        _obj = AuthenticationTokenConfiguration.parse_obj({
+            "access_token_duration": obj.get("accessTokenDuration") if obj.get("accessTokenDuration") is not None else 'PT24H',
+            "session_duration": obj.get("sessionDuration") if obj.get("sessionDuration") is not None else 'P30D'
+        })
+        return _obj
+
+
diff --git a/authress/models/tenant.py b/authress/models/tenant.py
@@ -24,6 +24,7 @@
     from pydantic.v1 import BaseModel, Field, conlist, constr, validator
 except ImportError:
     from pydantic import BaseModel, Field, conlist, constr, validator
+from authress.models.authentication_token_configuration import AuthenticationTokenConfiguration
 from authress.models.tenant_connection import TenantConnection
 from authress.models.tenant_data import TenantData
 from authress.models.tenant_domain import TenantDomain
@@ -37,8 +38,9 @@ class Tenant(BaseModel):
     data: Optional[TenantData] = None
     domains: Optional[conlist(TenantDomain, max_items=10, min_items=0)] = Field(default=None, description="The associated user email domains that are mapped to this tenant. When a user starts the authentication process, if they are using SSO, Authress will use their specified email address to identify which Authress Tenant to log the user in with.")
     connection: Optional[TenantConnection] = None
+    token_configuration: Optional[AuthenticationTokenConfiguration] = Field(default=None, alias="tokenConfiguration")
     created_time: Optional[datetime] = Field(default=None, alias="createdTime")
-    __properties = ["tenantId", "tenantLookupIdentifier", "data", "domains", "connection", "createdTime"]
+    __properties = ["tenantId", "tenantLookupIdentifier", "data", "domains", "connection", "tokenConfiguration", "createdTime"]
 
     @validator('tenant_id')
     def tenant_id_validate_regular_expression(cls, value):
@@ -62,6 +64,7 @@ def tenant_lookup_identifier_validate_regular_expression(cls, value):
 
     class Config:
         """Pydantic configuration"""
+        extra = 'forbid'
         allow_population_by_field_name = True
         validate_assignment = True
 
@@ -98,6 +101,9 @@ def to_dict(self):
         # override the default output from pydantic by calling `to_dict()` of connection
         if self.connection:
             _dict['connection'] = self.connection.to_dict()
+        # override the default output from pydantic by calling `to_dict()` of token_configuration
+        if self.token_configuration:
+            _dict['tokenConfiguration'] = self.token_configuration.to_dict()
         # set to None if tenant_id (nullable) is None
         # and __fields_set__ contains the field
         if self.tenant_id is None and "tenant_id" in self.__fields_set__:
@@ -135,6 +141,7 @@ def from_dict(cls, obj: dict) -> Tenant:
             "data": TenantData.from_dict(obj.get("data")) if obj.get("data") is not None else None,
             "domains": [TenantDomain.from_dict(_item) for _item in obj.get("domains")] if obj.get("domains") is not None else None,
             "connection": TenantConnection.from_dict(obj.get("connection")) if obj.get("connection") is not None else None,
+            "token_configuration": AuthenticationTokenConfiguration.from_dict(obj.get("tokenConfiguration")) if obj.get("tokenConfiguration") is not None else None,
             "created_time": obj.get("createdTime")
         })
         return _obj

diff --git a/contributing.md b/contributing.md
@@ -23,7 +23,7 @@ podman pull docker://openapitools/openapi-generator-online
 CID=$(podman run -d -p 8888:8080 openapitools/openapi-generator-online)
 sleep 10
 
-# Execute an HTTP request to generate a Ruby client
+# Execute an HTTP request to generate the client
 curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{"openAPIUrl": "https://api.authress.io/", "options": { "useSingleRequestParameter": true, "packageName": "authress", "packageVersion": "99.99.99" } }' 'http://localhost:8888/api/gen/clients/python-pydantic-v1'
 
 

diff --git a/docs/AuthenticationTokenConfiguration.md b/docs/AuthenticationTokenConfiguration.md
@@ -0,0 +1,23 @@
+# AuthenticationTokenConfiguration
+
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**access_token_duration** | **duration** | How long should Authress generated access tokens (JWTs) last for in minutes. This controls how often tokens expiry (*exp*). The default is 24 hours. The minimum is one minute and the max is twenty-four hours. | [optional] [default to 'PT24H']
+**session_duration** | **duration** | How long should user authentication sessions last for in minutes. This controls how often users are forced to log in again. User sessions are optimized to provide the best user experience for your application. The default is 90 days. The minimum is one minute and the max is 90 days. | [optional] [default to 'P30D']
+
+## Example
+
+```python
+from authress.models.authentication_token_configuration import AuthenticationTokenConfiguration
+
+token_configuration = AuthenticationTokenConfiguration(
+    access_token_duration="PT24H",
+    session_duration="P30D"
+)
+
+print token_configuration.to_json()
+```
+
+[[API Models]](./README.md#documentation-for-models) ☆ [[API Endpoints]](./README.md#documentation-for-api-endpoints) ☆ [[Back to Repo]](../README.md)
diff --git a/docs/Tenant.md b/docs/Tenant.md
@@ -9,23 +9,29 @@ Name | Type | Description | Notes
 **data** | [**TenantData**](TenantData.md) |  | [optional] 
 **domains** | [**List[TenantDomain]**](TenantDomain.md) | The associated user email domains that are mapped to this tenant. When a user starts the authentication process, if they are using SSO, Authress will use their specified email address to identify which Authress Tenant to log the user in with. | [optional] 
 **connection** | [**TenantConnection**](TenantConnection.md) |  | [optional] 
+**token_configuration** | [**AuthenticationTokenConfiguration**](AuthenticationTokenConfiguration.md) |  | [optional] 
 **created_time** | **datetime** |  | [optional] [readonly] 
 
 ## Example
 
 ```python
 from authress.models.tenant import Tenant
 
-json = "{}"
-# create an instance of Tenant from a JSON string
-tenant_instance = Tenant.from_json(json)
-# print the JSON string representation of the object
-print Tenant.to_json()
-
-# convert the object into a dict
-tenant_dict = tenant_instance.to_dict()
-# create an instance of Tenant from a dict
-tenant_from_dict = Tenant.from_dict(tenant_dict)
+tenant = Tenant(
+    tenant_id="Tenant_ID-001",
+    tenant_lookup_identifier="example.com",
+    data=TenantData(name="Tenant for Customer Example 001"),
+    domains=[
+        TenantDomain(domain="example.com"), TenantDomain(domain="alternate.example.com")
+    ],
+    connection=TenantConnection(
+        connection_id="google"
+    ),
+    token_configuration = AuthenticationTokenConfiguration(
+        access_token_duration="PT24H",
+        session_duration="P30D"
+    )
+)
 ```
 [[API Models]](./README.md#documentation-for-models) ☆ [[API Endpoints]](./README.md#documentation-for-api-endpoints) ☆ [[Back to Repo]](../README.md)