chore: disallow unsupported parent methods, fix (new) linter issues

Signed-off-by: Norbert Biczo <[email protected]>

Author: pyrooka

ibm_cloud_sdk_core/authenticators/container_authenticator.py

@@ -66,6 +66,7 @@ class ContainerAuthenticator(IAMRequestBasedAuthenticator):
 
     def __init__(
         self,
+        *,
         cr_token_filename: Optional[str] = None,
         iam_profile_name: Optional[str] = None,
         iam_profile_id: Optional[str] = None,

ibm_cloud_sdk_core/authenticators/iam_assume_authenticator.py

@@ -14,7 +14,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from typing import Dict, Optional
+from typing import Any, Dict, Optional
 
 from ibm_cloud_sdk_core.token_managers.iam_assume_token_manager import IAMAssumeTokenManager
 
@@ -60,9 +60,9 @@ class IAMAssumeAuthenticator(IAMRequestBasedAuthenticator):
 
     Raises:
         TypeError: The `disable_ssl_verification` is not a bool.
-        ValueError: The `apikey` is not valid for IAM token requests or the following keyword arguments are incorrectly specified:
-            `iam_profile_id`, `iam_profile_crn`, `iam_profile_name`, `iam_account_id`,
-        ValueError: The apikey, client_id, and/or client_secret are not valid for IAM token requests.
+        ValueError: The `apikey`, `client_id`, and/or `client_secret` are not valid for IAM token requests or the
+            following keyword arguments are incorrectly specified:
+            `iam_profile_id`, `iam_profile_crn`, `iam_profile_name`, `iam_account_id`.
     """
 
     def __init__(
@@ -102,6 +102,14 @@ def __init__(
 
         self.validate()
 
+    # Disable a few methods, inherited from the parent class.
+    def __getattribute__(self, name: str) -> Any:
+        disallowed_attrs = ['set_scope', 'set_client_id_and_secret']
+        if name in disallowed_attrs:
+            raise AttributeError(f"'IAMAssumeAuthenticator' has no attribute '{name}'")
+
+        return super().__getattribute__(name)
+
     def authentication_type(self) -> str:
         """Returns this authenticator's type ('iamAssume')."""
         return Authenticator.AUTHTYPE_IAM_ASSUME

ibm_cloud_sdk_core/token_managers/container_token_manager.py

@@ -85,6 +85,7 @@ class ContainerTokenManager(IAMRequestBasedTokenManager):
 
     def __init__(
         self,
+        *,
         cr_token_filename: Optional[str] = None,
         iam_profile_name: Optional[str] = None,
         iam_profile_id: Optional[str] = None,

ibm_cloud_sdk_core/token_managers/iam_assume_token_manager.py

@@ -32,7 +32,8 @@ class IAMAssumeTokenManager(IAMRequestBasedTokenManager):
         iam_profile_crn (str): the CRN of the trusted profile
         iam_profile_name (str): the name of the trusted profile (must be used together with `iam_account_id`)
         iam_account_id (str): the ID of the trusted profile (must be used together with `iam_profile_name`)
-        iam_deletgate (IAMTokenManager): an IAMTokenManager instance used to obtain the user's IAM access token from the `apikey`.
+        iam_deletgate (IAMTokenManager): an IAMTokenManager instance used to obtain the user's IAM access token
+            from the `apikey`.
         url (str): The IAM endpoint to token requests.
         headers (dict): Default headers to be sent with every IAM token request.
         proxies (dict): Proxies to use for communicating with IAM.
@@ -62,7 +63,7 @@ class IAMAssumeTokenManager(IAMRequestBasedTokenManager):
         proxies.http: The proxy endpoint to use for HTTP requests.
         proxies.https: The proxy endpoint to use for HTTPS requests.
         scope: The "scope" to use when fetching the bearer token from the IAM token server.
-        This can be used to obtain an access token with a specific scope.
+            This can be used to obtain an access token with a specific scope.
     """
 
     def __init__(

ibm_cloud_sdk_core/token_managers/iam_request_based_token_manager.py

@@ -70,6 +70,7 @@ class IAMRequestBasedTokenManager(JWTTokenManager):
 
     def __init__(
         self,
+        *,
         url: Optional[str] = None,
         client_id: Optional[str] = None,
         client_secret: Optional[str] = None,

test/test_container_authenticator.py

@@ -84,7 +84,7 @@ def test_container_authenticator_with_scope():
 
 def test_authenticator_validate_failed():
     with pytest.raises(ValueError) as err:
-        ContainerAuthenticator(None)
+        ContainerAuthenticator()
     assert str(err.value) == 'At least one of iam_profile_name or iam_profile_id must be specified.'
 
     with pytest.raises(ValueError) as err:

test/test_iam_assume_authenticator.py

@@ -43,13 +43,6 @@ def test_iam_assume_authenticator():
     assert authenticator.token_manager.iam_profile_name == 'my-profile-name'
     assert authenticator.token_manager.iam_account_id == 'my-acc-id'
 
-    authenticator.set_client_id_and_secret('tom', 'jerry')
-    assert authenticator.token_manager.client_id == 'tom'
-    assert authenticator.token_manager.client_secret == 'jerry'
-
-    authenticator.set_scope('scope1 scope2 scope3')
-    assert authenticator.token_manager.scope == 'scope1 scope2 scope3'
-
     with pytest.raises(TypeError) as err:
         authenticator.set_headers('dummy')
     assert str(err.value) == 'headers must be a dictionary'
@@ -218,3 +211,13 @@ def test_multiple_iam_assume_authenticators():
     authenticator_2 = IAMAssumeAuthenticator('my_other_apikey', iam_profile_id='my_profile_id_2')
     assert authenticator_2.token_manager.iam_delegate.request_payload['apikey'] == 'my_other_apikey'
     assert authenticator_1.token_manager.iam_delegate.request_payload['apikey'] == 'my_apikey'
+
+
+def test_iam_assume_authenticator_unsupported_methods():
+    authenticator = IAMAssumeAuthenticator('my_apikey', iam_profile_id='my_profile_id')
+    with pytest.raises(AttributeError) as err:
+        authenticator.set_scope('my_scope')
+    assert str(err.value) == "'IAMAssumeAuthenticator' has no attribute 'set_scope'"
+    with pytest.raises(AttributeError) as err:
+        authenticator.set_client_id_and_secret('my_client_id', 'my_client_secret')
+    assert str(err.value) == "'IAMAssumeAuthenticator' has no attribute 'set_client_id_and_secret'"