mlflow-oidc-client-plugin


Namemlflow-oidc-client-plugin JSON
Version 0.1.3 PyPI version JSON
download
home_pagehttps://gitlab.com/lzinsou/mlflow-oidc-client-plugin
SummaryMLflow plugin adding OIDC/OAuth 2.1 client authorization
upload_time2023-04-27 00:48:59
maintainer
docs_urlNone
authorLoris Zinsou
requires_python>=3.10,<4.0
license
keywords mlflow plugin mlops oidc oauth oauth2
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            MLflow Client OIDC/OAuth 2.1 Plugin
===================================

MLflow plugin adding OIDC/OAuth 2.1 authorization support to the client, allowing the use of a tracking server secured behind a compatible proxy.

The plugin is built with [OIDC Client](https://gitlab.com/lzinsou/oidc-client) and supports the same OIDC/OAuth 2.1 authorization flows:
- the **authorization code** flow, for interactive user login;
- the **client credentials** flow, for confidential machine-to-machine communication.

This plugin supports reading authorization settings from `pyproject.toml`.


Requirements
------------

Python 3.10+
MLflow or MLflow Skinny 2+



Installation
------------

```console
pip install mlflow-oidc-client-plugin
```


Getting Started
---------------

First, add the following to the project's `pyproject.toml` configuration file:
```toml
[[tool.mlflow-oidc-client-plugin.tracking-servers]]
uri = "http://mlflow.example.com/"            # URI of your MLflow Tracking Server
issuer = "https://auth.example.com/"          # URI of your OIDC provider
client-id = "<application ID>"                # Client ID of your project
```

You can now run MLflow client commands without any change. The plugin will match the `MLFLOW_TRACKING_URI` environment variable to the appropriate server configuration found in `pyproject.toml`.
```console
# To list logged experiments:
MLFLOW_TRACKING_URI=http://mlflow.example.com/ mlflow experiments search
```


Configuration
-------------

Options may be set with environment variables or in the `pyproject.toml` configuration file, with environment variables taking precedence.

Each tracking server has its own `[[tool.mlflow-oidc-client-plugin.tracking-servers]]` block, which can be given multiple times in the same `pyproject.toml`.

|Environment Variable|Config File|Default Value|Description|
|-|-|-|-|
|MLFLOW_TRACKING_URI|N/A|N/A|MLflow Tracking Server URI|
|MLFLOW_TRACKING_OIDC_ISSUER|issuer|`None` (required)|OIDC authorization issuer URI|
|MLFLOW_TRACKING_OIDC_CLIENT_ID|client-id|`None` (required)|OIDC client ID|
|MLFLOW_TRACKING_OIDC_CLIENT_SECRET|client-secret|`None`|OIDC client secret|
|MLFLOW_TRACKING_OIDC_REDIRECT_URI|redirect-uri|`"http://127.0.0.1:39303/oauth2/callback"`|OIDC redirect URI|
|MLFLOW_TRACKING_OIDC_SCOPE|scope|`"openid profile email"`|OIDC token scope|
|MLFLOW_TRACKING_OIDC_AUDIENCE|scope|Same as the client ID|OIDC token audience|
|MLFLOW_TRACKING_OIDC_INTERACTIVE|interactive|Interactive by default if the application is public (no client secret)|Require a user login in a browser|
|MLFLOW_TRACKING_OIDC_USE_ID_TOKEN|use-id-token|Use the ID token by default if the application is public (no client secret)|Use the ID token instead of the access token as `Bearer` token in the `Authorization` HTTP header|


License
-------

This project is licensed under the terms of the MIT license.


A [yzr](https://www.yzr.ai/) Free and Open Source project.

            

Raw data

            {
    "_id": null,
    "home_page": "https://gitlab.com/lzinsou/mlflow-oidc-client-plugin",
    "name": "mlflow-oidc-client-plugin",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.10,<4.0",
    "maintainer_email": "",
    "keywords": "mlflow,plugin,mlops,oidc,oauth,oauth2",
    "author": "Loris Zinsou",
    "author_email": "lzinsou@protonmail.com",
    "download_url": "https://files.pythonhosted.org/packages/3a/ba/cce95aeaf6fbd9560cd0a982d3c5e15839de546238ae3584cf08f69a6256/mlflow_oidc_client_plugin-0.1.3.tar.gz",
    "platform": null,
    "description": "MLflow Client OIDC/OAuth 2.1 Plugin\n===================================\n\nMLflow plugin adding OIDC/OAuth 2.1 authorization support to the client, allowing the use of a tracking server secured behind a compatible proxy.\n\nThe plugin is built with [OIDC Client](https://gitlab.com/lzinsou/oidc-client) and supports the same OIDC/OAuth 2.1 authorization flows:\n- the **authorization code** flow, for interactive user login;\n- the **client credentials** flow, for confidential machine-to-machine communication.\n\nThis plugin supports reading authorization settings from `pyproject.toml`.\n\n\nRequirements\n------------\n\nPython 3.10+\nMLflow or MLflow Skinny 2+\n\n\n\nInstallation\n------------\n\n```console\npip install mlflow-oidc-client-plugin\n```\n\n\nGetting Started\n---------------\n\nFirst, add the following to the project's `pyproject.toml` configuration file:\n```toml\n[[tool.mlflow-oidc-client-plugin.tracking-servers]]\nuri = \"http://mlflow.example.com/\"            # URI of your MLflow Tracking Server\nissuer = \"https://auth.example.com/\"          # URI of your OIDC provider\nclient-id = \"<application ID>\"                # Client ID of your project\n```\n\nYou can now run MLflow client commands without any change. The plugin will match the `MLFLOW_TRACKING_URI` environment variable to the appropriate server configuration found in `pyproject.toml`.\n```console\n# To list logged experiments:\nMLFLOW_TRACKING_URI=http://mlflow.example.com/ mlflow experiments search\n```\n\n\nConfiguration\n-------------\n\nOptions may be set with environment variables or in the `pyproject.toml` configuration file, with environment variables taking precedence.\n\nEach tracking server has its own `[[tool.mlflow-oidc-client-plugin.tracking-servers]]` block, which can be given multiple times in the same `pyproject.toml`.\n\n|Environment Variable|Config File|Default Value|Description|\n|-|-|-|-|\n|MLFLOW_TRACKING_URI|N/A|N/A|MLflow Tracking Server URI|\n|MLFLOW_TRACKING_OIDC_ISSUER|issuer|`None` (required)|OIDC authorization issuer URI|\n|MLFLOW_TRACKING_OIDC_CLIENT_ID|client-id|`None` (required)|OIDC client ID|\n|MLFLOW_TRACKING_OIDC_CLIENT_SECRET|client-secret|`None`|OIDC client secret|\n|MLFLOW_TRACKING_OIDC_REDIRECT_URI|redirect-uri|`\"http://127.0.0.1:39303/oauth2/callback\"`|OIDC redirect URI|\n|MLFLOW_TRACKING_OIDC_SCOPE|scope|`\"openid profile email\"`|OIDC token scope|\n|MLFLOW_TRACKING_OIDC_AUDIENCE|scope|Same as the client ID|OIDC token audience|\n|MLFLOW_TRACKING_OIDC_INTERACTIVE|interactive|Interactive by default if the application is public (no client secret)|Require a user login in a browser|\n|MLFLOW_TRACKING_OIDC_USE_ID_TOKEN|use-id-token|Use the ID token by default if the application is public (no client secret)|Use the ID token instead of the access token as `Bearer` token in the `Authorization` HTTP header|\n\n\nLicense\n-------\n\nThis project is licensed under the terms of the MIT license.\n\n\nA [yzr](https://www.yzr.ai/) Free and Open Source project.\n",
    "bugtrack_url": null,
    "license": "",
    "summary": "MLflow plugin adding OIDC/OAuth 2.1 client authorization",
    "version": "0.1.3",
    "split_keywords": [
        "mlflow",
        "plugin",
        "mlops",
        "oidc",
        "oauth",
        "oauth2"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "2bb5684b340e9b872815db079b0057a34aeaed69cbc2c32bb98c73bd8e5754b6",
                "md5": "7d380020ff709dd19ef3787007fc62c9",
                "sha256": "5a39635b5226de1eb4f609bac1ebef13648e6acd4ea297c869ad86d256803dcf"
            },
            "downloads": -1,
            "filename": "mlflow_oidc_client_plugin-0.1.3-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "7d380020ff709dd19ef3787007fc62c9",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.10,<4.0",
            "size": 7540,
            "upload_time": "2023-04-27T00:48:57",
            "upload_time_iso_8601": "2023-04-27T00:48:57.713072Z",
            "url": "https://files.pythonhosted.org/packages/2b/b5/684b340e9b872815db079b0057a34aeaed69cbc2c32bb98c73bd8e5754b6/mlflow_oidc_client_plugin-0.1.3-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "3abacce95aeaf6fbd9560cd0a982d3c5e15839de546238ae3584cf08f69a6256",
                "md5": "4b837e90dd4330499f8942aa5995f524",
                "sha256": "8931f36dd34255f48f0496e1dbd26d50f71cf339582704b3e03b3e5eda8d814f"
            },
            "downloads": -1,
            "filename": "mlflow_oidc_client_plugin-0.1.3.tar.gz",
            "has_sig": false,
            "md5_digest": "4b837e90dd4330499f8942aa5995f524",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.10,<4.0",
            "size": 5664,
            "upload_time": "2023-04-27T00:48:59",
            "upload_time_iso_8601": "2023-04-27T00:48:59.778454Z",
            "url": "https://files.pythonhosted.org/packages/3a/ba/cce95aeaf6fbd9560cd0a982d3c5e15839de546238ae3584cf08f69a6256/mlflow_oidc_client_plugin-0.1.3.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-04-27 00:48:59",
    "github": false,
    "gitlab": true,
    "bitbucket": false,
    "gitlab_user": "lzinsou",
    "gitlab_project": "mlflow-oidc-client-plugin",
    "lcname": "mlflow-oidc-client-plugin"
}
        
Elapsed time: 0.23653s