appmesh 1.6.6__py3-none-any.whl → 1.6.8__py3-none-any.whl

appmesh/client_http.py

@@ -17,7 +17,6 @@ from urllib import parse
 import aniso8601
 import jwt
 import requests
-from requests.auth import _basic_auth_str
 from .app import App
 from .app_run import AppRun
 from .app_output import AppOutput
@@ -445,6 +444,44 @@ class AppMeshClient(metaclass=abc.ABCMeta):
 
         self._forward_to = host
 
+    def _normalize_totp_secret(self, secret: str) -> str:
+        """
+        Normalize a TOTP secret to a valid RFC 4648 Base32 format.
+        This includes:
+            - Removing all whitespace
+            - Uppercasing
+            - Replacing visually similar or Crockford-like digits:
+                '1' -> 'I', '0' -> 'O', '8' -> 'B', '9' -> 'G'
+            - Adding RFC 4648 padding
+        """
+        if not secret:
+            raise ValueError("Empty TOTP secret")
+
+        # Remove all whitespace and uppercase
+        secret = "".join(secret.split()).upper()
+
+        # Crockford/Base32-friendly replacements
+        replacements = {
+            "1": "I",
+            "0": "O",
+            "8": "B",
+            "9": "G",
+        }
+
+        for old, new in replacements.items():
+            secret = secret.replace(old, new)
+
+        # Validate that only RFC 4648 Base32 characters remain
+        valid_chars = set("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567")
+        if not set(secret).issubset(valid_chars):
+            raise ValueError("Invalid characters in TOTP secret")
+
+        # Add padding to make length a multiple of 8 (RFC 4648)
+        padding = (8 - (len(secret) % 8)) % 8
+        secret += "=" * padding
+
+        return secret
+
     ########################################
     # Security
     ########################################
@@ -474,7 +511,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             AppMeshClient.Method.POST,
             path="/appmesh/login",
             header={
-                self.HTTP_HEADER_KEY_AUTH: _basic_auth_str(user_name, user_pwd),
+                self.HTTP_HEADER_KEY_AUTH: "Basic " + base64.b64encode(f"{user_name}:{user_pwd}".encode()).decode(),
                 "X-Expire-Seconds": str(self._parse_duration(timeout_seconds)),
                 **({"X-Audience": audience} if audience else {}),
                 # **({"X-Totp-Code": totp_code} if totp_code else {}),
@@ -610,15 +647,22 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             raise Exception(f"Token renewal failed: {str(e)}") from e
 
     def get_totp_secret(self) -> str:
-        """Generate TOTP secret for the current user and return MFA URI.
+        """
+        Generate TOTP secret for the current user and return a normalized secret.
 
         Returns:
-            str: TOTP secret str
+            str: Normalized TOTP secret string
         """
         resp = self._request_http(method=AppMeshClient.Method.POST, path="/appmesh/totp/secret")
         if resp.status_code == HTTPStatus.OK:
             totp_uri = base64.b64decode(resp.json()["mfa_uri"]).decode()
-            return self._parse_totp_uri(totp_uri).get("secret")
+            secret = self._parse_totp_uri(totp_uri).get("secret")
+            if not secret:
+                raise ValueError("TOTP secret missing in response")
+
+            # Normalize to standard Base32
+            return self._normalize_totp_secret(secret)
+
         raise Exception(resp.text)
 
     def setup_totp(self, totp_code: str) -> str:

appmesh/server_http.py

@@ -58,13 +58,13 @@ class AppMeshServer(metaclass=abc.ABCMeta):
     @staticmethod
     def _get_runtime_env() -> Tuple[str, str]:
         """Read and validate required runtime environment variables."""
-        process_id = os.getenv("APP_MESH_PROCESS_KEY")
+        process_key = os.getenv("APP_MESH_PROCESS_KEY")
         app_name = os.getenv("APP_MESH_APPLICATION_NAME")
-        if not process_id:
+        if not process_key:
             raise Exception("Missing environment variable: APP_MESH_PROCESS_KEY. This must be set by App Mesh service.")
         if not app_name:
             raise Exception("Missing environment variable: APP_MESH_APPLICATION_NAME. This must be set by App Mesh service.")
-        return process_id, app_name
+        return process_key, app_name
 
     def task_fetch(self) -> Union[str, bytes]:
         """Fetch task data in the currently running App Mesh application process.
@@ -76,14 +76,14 @@ class AppMeshServer(metaclass=abc.ABCMeta):
         Returns:
             Union[str, bytes]: The payload provided by the client as returned by the service.
         """
-        process_id, app_name = self._get_runtime_env()
+        pkey, app_name = self._get_runtime_env()
         path = f"/appmesh/app/{app_name}/task"
 
         while True:
             resp = self._client._request_http(
                 AppMeshClient.Method.GET,
                 path=path,
-                query={"process_uuid": process_id},
+                query={"process_key": pkey},
             )
 
             if resp.status_code != HTTPStatus.OK:
@@ -102,13 +102,13 @@ class AppMeshServer(metaclass=abc.ABCMeta):
         Args:
             result (Union[str, bytes]): Result payload to be delivered back to the client.
         """
-        process_id, app_name = self._get_runtime_env()
+        pkey, app_name = self._get_runtime_env()
         path = f"/appmesh/app/{app_name}/task"
 
         resp = self._client._request_http(
             AppMeshClient.Method.PUT,
             path=path,
-            query={"process_uuid": process_id},
+            query={"process_key": pkey},
             body=result,
         )
 

{appmesh-1.6.6.dist-info → appmesh-1.6.8.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: appmesh
-Version: 1.6.6
+Version: 1.6.8
 Summary: Client SDK for App Mesh
 Home-page: https://github.com/laoshanxi/app-mesh
 Author: laoshanxi

{appmesh-1.6.6.dist-info → appmesh-1.6.8.dist-info}/RECORD

@@ -3,14 +3,14 @@ appmesh/app.py,sha256=crD4DRFZJuHtZMfSsz7C-EwvjPmGZbFXYXvA_wCdvdI,10734
 appmesh/app_output.py,sha256=vfn322AyixblI8DbXds08h6L_ybObiaRSifsA1-Xcoo,1035
 appmesh/app_run.py,sha256=aYq852a29OThIi32Xtx5s0sTXZ97T0lHD5WXH8yfPoc,2018
 appmesh/appmesh_client.py,sha256=ywB2222PtJUffdfdxZcBfdhZs1KYyc7JvzMxwuK2qyI,378
-appmesh/client_http.py,sha256=dzNZvMztm0POLHNS8iNHo1iuJprjvQP0kii1UWOH-XA,57529
+appmesh/client_http.py,sha256=l8eUmJxXIDjowPvPKIppCLfwlk2kjztU-FXoaOac_tc,59003
 appmesh/client_http_oauth.py,sha256=1d51o0JX_xtB8d2bEuM7_XJHcwMnhcjkbIq7GE1Zxm8,6120
 appmesh/client_tcp.py,sha256=aq6UUzytZA4ibE9WQMMWdo1uW8sHETEhJjsbM6IYSno,11457
-appmesh/server_http.py,sha256=H6DfMhU2NxlBqxjmRG2C8NXMaGDxy_5QVyBmaVrelfI,4322
+appmesh/server_http.py,sha256=rBIYO9rbR-r3x1Jcry440Sp--IM-OWKRaOhNpGdkxh8,4299
 appmesh/server_tcp.py,sha256=-CU5tw97WJmDcUNsNPWqpdZ0wxRzRD6kUP3XyNZUTHc,1444
 appmesh/tcp_messages.py,sha256=H9S_iCy0IuufY2v50_SUgRvcyQmJsySG65tBe_xb3Ko,1878
 appmesh/tcp_transport.py,sha256=0hRSp5fpL9wKB05JIyIRIuyBC8w1IdokryhMDHqtN4M,8946
-appmesh-1.6.6.dist-info/METADATA,sha256=2zvQG43uxfAhmT0v4e-_jyfQJT5veka--K-3Zeokqyw,11828
-appmesh-1.6.6.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-appmesh-1.6.6.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
-appmesh-1.6.6.dist-info/RECORD,,
+appmesh-1.6.8.dist-info/METADATA,sha256=bDxN-Vm4004kC7FdM52yMx-YcmNcFzexBDYBr3p6db4,11828
+appmesh-1.6.8.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+appmesh-1.6.8.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
+appmesh-1.6.8.dist-info/RECORD,,