Source code for satorbis_kit.auth.environments
"""
OIDC environment configuration.
Defines the known deployment environments (prod, dev) and the
credentials associated with each. Resolution order:
1. ``environment`` parameter passed explicitly to an auth class constructor.
2. ``SATORBIS_ENV`` environment variable (``"prod"`` or ``"dev"``).
3. ``prod`` — the safe default.
"""
import os
from dataclasses import dataclass
from enum import Enum
from typing import Optional
@dataclass(frozen=True)
class _EnvConfig:
domain: str
oidc_client_id: str
project_ids: dict # application name → Zitadel project ID
[docs]
class Environment(str, Enum):
"""Named deployment environments supported by the auth layer."""
PROD = "prod"
DEV = "dev"
_CONFIGS: dict = {
Environment.PROD: _EnvConfig(
domain="https://accounts.satsure.co",
oidc_client_id="359695046548656115",
project_ids={
"spatial_engine": "375777796300997424",
},
),
Environment.DEV: _EnvConfig(
domain="https://dev.accounts.satsure.co",
oidc_client_id="319661228043603232",
project_ids={
"spatial_engine": "360273969737108205",
},
),
}
def _resolve_from_envvar() -> Environment:
raw = os.environ.get("SATORBIS_ENV", "").strip().lower()
if not raw:
return Environment.PROD
try:
return Environment(raw)
except ValueError:
valid = [e.value for e in Environment]
raise ValueError(
f"Invalid SATORBIS_ENV={raw!r}. "
f"Valid values: {valid}"
) from None
[docs]
def get_env_config(
environment: Optional[Environment] = None,
) -> tuple:
"""Return ``(Environment, _EnvConfig)`` for the resolved environment.
Parameters
----------
environment:
Explicit environment selection. When ``None`` the value of the
``SATORBIS_ENV`` environment variable is used; if that is also
absent, ``Environment.PROD`` is returned.
"""
env = environment if environment is not None else _resolve_from_envvar()
return env, _CONFIGS[env]