appmesh 1.3.3__py3-none-any.whl → 1.3.5__py3-none-any.whl

appmesh/appmesh_client.py

@@ -25,13 +25,16 @@ DEFAULT_TOKEN_EXPIRE_SECONDS = "P1W"  # default 7 day(s)
 DEFAULT_RUN_APP_TIMEOUT_SECONDS = "P2D"  # 2 days
 DEFAULT_RUN_APP_LIFECYCLE_SECONDS = "P2DT12H"  # 2.5 days
 
+DEFAULT_SSL_CA_PEM_FILE = "/opt/appmesh/ssl/ca.pem"
+DEFAULT_SSL_CLIENT_PEM_FILE = "/opt/appmesh/ssl/client.pem"
+DEFAULT_SSL_CLIENT_PEM_KEY_FILE = "/opt/appmesh/ssl/client-key.pem"
+
+# TLS-optimized chunk size (slightly less than maximum TLS record size)
+# leaves some room for TLS overhead (like headers) within the 16 KB limit.
+TCP_CHUNK_BLOCK_SIZE = 16 * 1024 - 256  # target to 16KB
+TCP_MESSAGE_HEADER_LENGTH = 4
 REST_TEXT_MESSAGE_JSON_KEY = "message"
 MESSAGE_ENCODING_UTF8 = "utf-8"
-TCP_MESSAGE_HEADER_LENGTH = 4
-
-_SSL_CA_PEM_FILE = "/opt/appmesh/ssl/ca.pem"
-_SSL_CLIENT_PEM_FILE = "/opt/appmesh/ssl/client.pem"
-_SSL_CLIENT_PEM_KEY_FILE = "/opt/appmesh/ssl/client-key.pem"
 
 HTTP_USER_AGENT = "appmesh/python"
 HTTP_USER_AGENT_TCP = "appmesh/python/tcp"
@@ -437,8 +440,8 @@ class AppMeshClient(metaclass=abc.ABCMeta):
     def __init__(
         self,
         rest_url: str = "https://127.0.0.1:6060",
-        rest_ssl_verify=_SSL_CA_PEM_FILE if os.path.exists(_SSL_CA_PEM_FILE) else False,
-        rest_ssl_client_cert=(_SSL_CLIENT_PEM_FILE, _SSL_CLIENT_PEM_KEY_FILE) if os.path.exists(_SSL_CLIENT_PEM_FILE) else None,
+        rest_ssl_verify=DEFAULT_SSL_CA_PEM_FILE if os.path.exists(DEFAULT_SSL_CA_PEM_FILE) else False,
+        rest_ssl_client_cert=(DEFAULT_SSL_CLIENT_PEM_FILE, DEFAULT_SSL_CLIENT_PEM_KEY_FILE) if os.path.exists(DEFAULT_SSL_CLIENT_PEM_FILE) else None,
         rest_timeout=(60, 300),
         jwt_token=None,
     ):
@@ -450,7 +453,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
                 the server's TLS certificate, or a string, in which case it must be a path to a CA bundle to use. Defaults to ``True``.
             rest_ssl_client_cert (tuple, optional): SSL client certificate and key pair. If String, path to ssl client cert file (.pem). If Tuple, ('cert', 'key') pair.
             rest_timeout (tuple, optional): HTTP timeout, Defaults to 60 seconds for connect timeout and 300 seconds for read timeout
-            jwt_token (str, optional): JWT token, provide correct token is same with login() & authenticate().
+            jwt_token (str, optional): JWT token, provide correct token is same with login() & authentication().
         """
 
         self.server_url = rest_url
@@ -1221,24 +1224,20 @@ class AppMeshClient(metaclass=abc.ABCMeta):
     ########################################
     # File management
     ########################################
-    def file_download(self, file_path: str, local_file: str, apply_file_attributes: bool = True) -> bool:
+    def file_download(self, remote_file: str, local_file: str, apply_file_attributes: bool = True) -> None:
         """Copy a remote file to local. Optionally, the local file will have the same permission as the remote file.
 
         Args:
-            file_path (str): the remote file path.
+            remote_file (str): the remote file path.
             local_file (str): the local file path to be downloaded.
             apply_file_attributes (bool): whether to apply file attributes (permissions, owner, group) to the local file.
-
-        Returns:
-            bool: success or failure.
         """
-        resp = self._request_http(AppMeshClient.Method.GET, path="/appmesh/file/download", header={"File-Path": file_path})
-        if resp.status_code != HTTPStatus.OK:
-            raise Exception(resp.text)
+        resp = self._request_http(AppMeshClient.Method.GET, path="/appmesh/file/download", header={"File-Path": remote_file})
+        resp.raise_for_status()
 
         # Write the file content locally
         with open(local_file, "wb") as fp:
-            for chunk in resp.iter_content(chunk_size=512):
+            for chunk in resp.iter_content(chunk_size=8 * 1024):  # 8 KB
                 if chunk:
                     fp.write(chunk)
 
@@ -1251,11 +1250,10 @@ class AppMeshClient(metaclass=abc.ABCMeta):
                 file_gid = int(resp.headers["File-Group"])
                 try:
                     os.chown(path=local_file, uid=file_uid, gid=file_gid)
-                except Exception as ex:
-                    print(ex)
-        return resp.status_code == HTTPStatus.OK
+                except PermissionError:
+                    print(f"Warning: Unable to change owner/group of {local_file}. Operation requires elevated privileges.")
 
-    def file_upload(self, local_file: str, file_path: str, apply_file_attributes: bool = True) -> bool:
+    def file_upload(self, local_file: str, remote_file: str, apply_file_attributes: bool = True) -> None:
         """Upload a local file to the remote server. Optionally, the remote file will have the same permission as the local file.
 
         Dependency:
@@ -1264,22 +1262,22 @@ class AppMeshClient(metaclass=abc.ABCMeta):
 
         Args:
             local_file (str): the local file path.
-            file_path (str): the target remote file to be uploaded.
+            remote_file (str): the target remote file to be uploaded.
             apply_file_attributes (bool): whether to upload file attributes (permissions, owner, group) along with the file.
-
-        Returns:
-            bool: success or failure.
         """
+        if not os.path.exists(local_file):
+            raise FileNotFoundError(f"Local file not found: {local_file}")
+
         from requests_toolbelt import MultipartEncoder
 
         with open(file=local_file, mode="rb") as fp:
-            encoder = MultipartEncoder(fields={"filename": os.path.basename(file_path), "file": ("filename", fp, "application/octet-stream")})
-            header = {"File-Path": file_path, "Content-Type": encoder.content_type}
+            encoder = MultipartEncoder(fields={"filename": os.path.basename(remote_file), "file": ("filename", fp, "application/octet-stream")})
+            header = {"File-Path": remote_file, "Content-Type": encoder.content_type}
 
             # Include file attributes (permissions, owner, group) if requested
             if apply_file_attributes:
                 file_stat = os.stat(local_file)
-                header["File-Mode"] = str(file_stat.st_mode)
+                header["File-Mode"] = str(file_stat.st_mode & 0o777)  # Mask to keep only permission bits
                 header["File-User"] = str(file_stat.st_uid)
                 header["File-Group"] = str(file_stat.st_gid)
 
@@ -1291,9 +1289,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
                 header=header,
                 body=encoder,
             )
-            if resp.status_code != HTTPStatus.OK:
-                raise Exception(resp.text)
-        return True
+            resp.raise_for_status()
 
     ########################################
     # Application run
@@ -1450,11 +1446,11 @@ class AppMeshClientTCP(AppMeshClient):
     """
     Client SDK for interacting with the App Mesh service over TCP, with enhanced support for large file transfers.
 
-    The `AppMeshClientTCP` class extends the functionality of `AppMeshClient` by offering a TCP-based communication layer 
-    for the App Mesh REST API. It overrides the file download and upload methods to support large file transfers with 
+    The `AppMeshClientTCP` class extends the functionality of `AppMeshClient` by offering a TCP-based communication layer
+    for the App Mesh REST API. It overrides the file download and upload methods to support large file transfers with
     improved performance, leveraging TCP for lower latency and higher throughput compared to HTTP.
 
-    This client is suitable for applications requiring efficient data transfers and high-throughput operations within the 
+    This client is suitable for applications requiring efficient data transfers and high-throughput operations within the
     App Mesh ecosystem, while maintaining compatibility with all other attributes and methods from `AppMeshClient`.
 
     Dependency:
@@ -1482,7 +1478,7 @@ class AppMeshClientTCP(AppMeshClient):
 
     def __init__(
         self,
-        rest_ssl_verify=_SSL_CA_PEM_FILE if os.path.exists(_SSL_CA_PEM_FILE) else False,
+        rest_ssl_verify=DEFAULT_SSL_CA_PEM_FILE if os.path.exists(DEFAULT_SSL_CA_PEM_FILE) else False,
         rest_ssl_client_cert=None,
         jwt_token=None,
         tcp_address=("localhost", 6059),
@@ -1493,13 +1489,13 @@ class AppMeshClientTCP(AppMeshClient):
             rest_ssl_verify (str, optional): (optional) SSL CA certification. Either a boolean, in which case it controls whether we verify
                 the server's TLS certificate, or a string, in which case it must be a path to a CA bundle to use. Defaults to ``True``.
             rest_ssl_client_cert (tuple, optional): SSL client certificate and key pair . If String, path to ssl client cert file (.pem). If Tuple, ('cert', 'key') pair.
-            jwt_token (str, optional): JWT token, provide correct token is same with login() & authenticate().
+            jwt_token (str, optional): JWT token, provide correct token is same with login() & authentication().
 
             tcp_address (tuple, optional): TCP connect address.
         """
-        super().__init__(rest_ssl_verify=rest_ssl_verify, rest_ssl_client_cert=rest_ssl_client_cert, jwt_token=jwt_token)
         self.tcp_address = tcp_address
         self.__socket_client = None
+        super().__init__(rest_ssl_verify=rest_ssl_verify, rest_ssl_client_cert=rest_ssl_client_cert, jwt_token=jwt_token)
 
     def __del__(self) -> None:
         """De-construction"""
@@ -1508,15 +1504,31 @@ class AppMeshClientTCP(AppMeshClient):
     def __connect_socket(self) -> None:
         """Establish tcp connection"""
         context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
+        # Set minimum TLS version
         if hasattr(context, "minimum_version"):
             context.minimum_version = ssl.TLSVersion.TLSv1_2
         else:
             context.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1
-        if self.ssl_verify:
-            context.verify_mode = ssl.CERT_REQUIRED
-        if isinstance(self.ssl_verify, str):
-            # Load server-side certificate authority (CA) certificates
-            context.load_verify_locations(self.ssl_verify)
+        # Configure SSL verification
+        if not self.ssl_verify:
+            context.verify_mode = ssl.CERT_NONE
+        else:
+            context.verify_mode = ssl.CERT_REQUIRED  # Require certificate verification
+            context.load_default_certs()  # Load system's default CA certificates
+            if isinstance(self.ssl_verify, str):
+                if os.path.isfile(self.ssl_verify):
+                    # Add custom CA certificate file
+                    try:
+                        context.load_verify_locations(cafile=self.ssl_verify)
+                    except ssl.SSLError:
+                        # If loading fails, try using just the default CAs
+                        context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
+                elif os.path.isdir(self.ssl_verify):
+                    # Load CA certificates from directory
+                    context.load_verify_locations(capath=self.ssl_verify)
+                else:
+                    raise ValueError(f"ssl_verify path '{self.ssl_verify}' is neither a file nor a directory")
+
         if self.ssl_client_cert is not None:
             # Load client-side certificate and private key
             context.load_cert_chain(certfile=self.ssl_client_cert[0], keyfile=self.ssl_client_cert[1])
@@ -1664,31 +1676,34 @@ class AppMeshClientTCP(AppMeshClient):
     ########################################
     # File management
     ########################################
-    def file_download(self, file_path: str, local_file: str) -> bool:
+    def file_download(self, remote_file: str, local_file: str, apply_file_attributes: bool = True) -> None:
         """Copy a remote file to local, the local file will have the same permission as the remote file
 
         Args:
-            file_path (str): the remote file path.
+            remote_file (str): the remote file path.
             local_file (str): the local file path to be downloaded.
-
-        Returns:
-            bool: success or failure.
+            apply_file_attributes (bool): whether to apply file attributes (permissions, owner, group) to the local file.
         """
-        header = {}
-        header["File-Path"] = file_path
+        header = {"File-Path": remote_file}
         header[HTTP_HEADER_KEY_X_RECV_FILE_SOCKET] = "true"
         resp = self._request_http(AppMeshClient.Method.GET, path="/appmesh/file/download", header=header)
-        if resp.status_code == HTTPStatus.OK and HTTP_HEADER_KEY_X_RECV_FILE_SOCKET in resp.headers:
-            with open(local_file, "wb") as fp:
-                chunk_data = bytes()
+
+        resp.raise_for_status()
+        if HTTP_HEADER_KEY_X_RECV_FILE_SOCKET not in resp.headers:
+            raise ValueError(f"Server did not respond with socket transfer option: {HTTP_HEADER_KEY_X_RECV_FILE_SOCKET}")
+
+        with open(local_file, "wb") as fp:
+            chunk_data = bytes()
+            chunk_size = int.from_bytes(self.__recvall(TCP_MESSAGE_HEADER_LENGTH), byteorder="big", signed=False)
+            while chunk_size > 0:
+                chunk_data = self.__recvall(chunk_size)
+                if chunk_data is None or len(chunk_data) == 0:
+                    self.__close_socket()
+                    raise Exception("socket connection broken")
+                fp.write(chunk_data)
                 chunk_size = int.from_bytes(self.__recvall(TCP_MESSAGE_HEADER_LENGTH), byteorder="big", signed=False)
-                while chunk_size > 0:
-                    chunk_data = self.__recvall(chunk_size)
-                    if chunk_data is None or len(chunk_data) == 0:
-                        self.__close_socket()
-                        raise Exception("socket connection broken")
-                    fp.write(chunk_data)
-                    chunk_size = int.from_bytes(self.__recvall(TCP_MESSAGE_HEADER_LENGTH), byteorder="big", signed=False)
+
+        if apply_file_attributes:
             if "File-Mode" in resp.headers:
                 os.chmod(path=local_file, mode=int(resp.headers["File-Mode"]))
             if "File-User" in resp.headers and "File-Group" in resp.headers:
@@ -1696,12 +1711,10 @@ class AppMeshClientTCP(AppMeshClient):
                 file_gid = int(resp.headers["File-Group"])
                 try:
                     os.chown(path=local_file, uid=file_uid, gid=file_gid)
-                except Exception as ex:
-                    print(ex)
-            return True
-        return False
+                except PermissionError:
+                    print(f"Warning: Unable to change owner/group of {local_file}. Operation requires elevated privileges.")
 
-    def file_upload(self, local_file: str, file_path: str):
+    def file_upload(self, local_file: str, remote_file: str, apply_file_attributes: bool = True) -> None:
         """Upload a local file to the remote server, the remote file will have the same permission as the local file
 
         Dependency:
@@ -1710,30 +1723,34 @@ class AppMeshClientTCP(AppMeshClient):
 
         Args:
             local_file (str): the local file path.
-            file_path (str): the target remote file to be uploaded.
-
-        Returns:
-            bool: success or failure.
-            str: text message.
+            remote_file (str): the target remote file to be uploaded.
+            apply_file_attributes (bool): whether to upload file attributes (permissions, owner, group) along with the file.
         """
+        if not os.path.exists(local_file):
+            raise FileNotFoundError(f"Local file not found: {local_file}")
+
         with open(file=local_file, mode="rb") as fp:
-            file_stat = os.stat(local_file)
-            header = {}
-            header["File-Path"] = file_path
-            header["File-Mode"] = str(file_stat.st_mode)
-            header["File-User"] = str(file_stat.st_uid)
-            header["File-Group"] = str(file_stat.st_gid)
-            header["Content-Type"] = "text/plain"
+            header = {"File-Path": remote_file, "Content-Type": "text/plain"}
             header[HTTP_HEADER_KEY_X_SEND_FILE_SOCKET] = "true"
+
+            if apply_file_attributes:
+                file_stat = os.stat(local_file)
+                header["File-Mode"] = str(file_stat.st_mode & 0o777)  # Mask to keep only permission bits
+                header["File-User"] = str(file_stat.st_uid)
+                header["File-Group"] = str(file_stat.st_gid)
+
             # https://stackoverflow.com/questions/22567306/python-requests-file-upload
             resp = self._request_http(AppMeshClient.Method.POST, path="/appmesh/file/upload", header=header)
-            if resp.status_code == HTTPStatus.OK and HTTP_HEADER_KEY_X_SEND_FILE_SOCKET in resp.headers:
-                chunk_size = 8 * 1024  # (8 KB in bytes), 131072 bytes (128 KB) is default max ssl buffer size
+
+            resp.raise_for_status()
+            if HTTP_HEADER_KEY_X_SEND_FILE_SOCKET not in resp.headers:
+                raise ValueError(f"Server did not respond with socket transfer option: {HTTP_HEADER_KEY_X_SEND_FILE_SOCKET}")
+
+            chunk_size = TCP_CHUNK_BLOCK_SIZE
+            while True:
                 chunk_data = fp.read(chunk_size)
-                while chunk_data:
-                    self.__socket_client.sendall(len(chunk_data).to_bytes(TCP_MESSAGE_HEADER_LENGTH, byteorder="big", signed=False))
-                    self.__socket_client.sendall(chunk_data)
-                    chunk_data = fp.read(chunk_size)
-                self.__socket_client.sendall(int(0).to_bytes(TCP_MESSAGE_HEADER_LENGTH, byteorder="big", signed=False))
-                return True, ""
-            return False, resp.json()[REST_TEXT_MESSAGE_JSON_KEY]
+                if not chunk_data:
+                    self.__socket_client.sendall((0).to_bytes(TCP_MESSAGE_HEADER_LENGTH, byteorder="big", signed=False))
+                    break
+                self.__socket_client.sendall(len(chunk_data).to_bytes(TCP_MESSAGE_HEADER_LENGTH, byteorder="big", signed=False))
+                self.__socket_client.sendall(chunk_data)

{appmesh-1.3.3.dist-info → appmesh-1.3.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: appmesh
-Version: 1.3.3
+Version: 1.3.5
 Summary: Client SDK for App Mesh
 Home-page: https://github.com/laoshanxi/app-mesh
 Author: laoshanxi

appmesh-1.3.5.dist-info/RECORD

@@ -0,0 +1,6 @@
+appmesh/__init__.py,sha256=xRdXeFHEieRauuJZElbEBASgXG0ZzU1a5_0isAhM7Gw,11
+appmesh/appmesh_client.py,sha256=bduPEDpI36XQyK_U9y3EvpZvO9CbpDeAB5402yf9qhU,69329
+appmesh-1.3.5.dist-info/METADATA,sha256=VSkQis_Azjvw2FwjrK8qjOvYKw2WRNB37J2tYm_KEbw,11191
+appmesh-1.3.5.dist-info/WHEEL,sha256=P9jw-gEje8ByB7_hXoICnHtVCrEwMQh-630tKvQWehc,91
+appmesh-1.3.5.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
+appmesh-1.3.5.dist-info/RECORD,,

{appmesh-1.3.3.dist-info → appmesh-1.3.5.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.2.0)
+Generator: setuptools (75.3.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

appmesh-1.3.3.dist-info/RECORD

@@ -1,6 +0,0 @@
-appmesh/__init__.py,sha256=xRdXeFHEieRauuJZElbEBASgXG0ZzU1a5_0isAhM7Gw,11
-appmesh/appmesh_client.py,sha256=Hsp4at6YCLcAoz8eRx928amyCTqN4ZAIFnVHxEbzDrI,67720
-appmesh-1.3.3.dist-info/METADATA,sha256=73_wYNYMLoHLoew35YGTd2bGKWhfScEObKhr07yyHx0,11191
-appmesh-1.3.3.dist-info/WHEEL,sha256=OVMc5UfuAQiSplgO0_WdW7vXVGAt9Hdd6qtN4HotdyA,91
-appmesh-1.3.3.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
-appmesh-1.3.3.dist-info/RECORD,,