contentgrid-extension-helpers 0.0.2__tar.gz → 0.0.3__tar.gz

{contentgrid_extension_helpers-0.0.2/src/contentgrid_extension_helpers.egg-info → contentgrid_extension_helpers-0.0.3}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.4
 Name: contentgrid-extension-helpers
-Version: 0.0.2
+Version: 0.0.3
 Summary: Helper functions for contentgrid extensions.
 Author-email: Ranec Belpaire <ranec.belpaire@xenit.eu>
 License: Copyright 2024 Xenit Solutions
@@ -26,7 +26,12 @@ Requires-Dist: requests<3,>=2.20.0
 Requires-Dist: uri-template<2
 Requires-Dist: fastapi>=0.111
 Requires-Dist: PyJWT>2
-Requires-Dist: contentgrid_hal_client>=0.0.10
+Requires-Dist: cryptography>45
+Requires-Dist: contentgrid_hal_client>=0.1
+Requires-Dist: contentgrid_application_client>=0.1
+Requires-Dist: contentgrid_management_client>=0.1
+Requires-Dist: pydantic<3,>=2
+Dynamic: license-file
 
 ### ContentGrid-Extension-Helpers
 

{contentgrid_extension_helpers-0.0.2 → contentgrid_extension_helpers-0.0.3}/pyproject.toml

@@ -21,7 +21,11 @@ dependencies = [
     "uri-template < 2",
     "fastapi >= 0.111",
     "PyJWT > 2",
-    "contentgrid_hal_client >= 0.0.10",
+    "cryptography > 45",
+    "contentgrid_hal_client >= 0.1",
+    "contentgrid_application_client >= 0.1",
+    "contentgrid_management_client >= 0.1",
+    "pydantic >= 2, <3",
 ]
 
 requires-python = ">=3.5"

{contentgrid_extension_helpers-0.0.2 → contentgrid_extension_helpers-0.0.3}/requirements.txt

@@ -3,4 +3,5 @@ Requests==2.31.0
 uri-template==1.3.0
 fastapi==0.111.1
 PyJWT==2.8.0
-contentgrid_hal_client==0.0.12
+contentgrid_hal_client==0.0.12
+pydantic==2.11.7

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/authentication/user.py

@@ -0,0 +1,35 @@
+from typing import List
+from pydantic import BaseModel, Field
+
+class ContentGridUser(BaseModel):
+    sub: str
+    iss: str
+    exp: float
+    name: str | None = None
+    email: str | None = None
+    access_token: str
+    domains : List[str] = Field(validation_alias="context:application:domains")
+    application_id : str = Field(validation_alias="context:application:id")
+    
+    
+    
+if __name__ == "__main__":
+    user = ContentGridUser(
+        **{
+            "sub": "https://auth.sandbox.contentgrid.cloud/realms/cg-77594d8b-9bc9-40ed-b2a8-9c03a2905a20#d91e9a4d-8447-4bf1-8d10-339b2e5951ea",
+            "aud": "contentgrid:extension:extract",
+            "restrict:principal_claims": "24ZPEGV0IS5MAF8C2BjmaqH1p7wL4YS409zlL8ZE+nEUHsFFDu80eDpJXoFvZIb1Hh9bxamGaK0gE14wvA+btCuDrg5lkGcdCVj3zm/RWnIFKzlGUVn7Zkj4z4PCzsq/itKVNXEYBtAS/d0NRFSiZGvy775kFdK1VOi+hxsic1bHAZTvSs1jEFuddxEULExh2MqZ5h43n/vEhB0sxkmXevR7XSE4iolDzCWGrw6HzUZYP/QlSlz/S3cK+aeoShAP1G2SbuTGub5h1fsKMM22eg==",
+            "iss": "https://extensions.sandbox.contentgrid.cloud/authentication/external",
+            "may_act": {
+                "sub": "extract",
+                "iss": "https://auth.sandbox.contentgrid.cloud/realms/extensions"
+            },
+            "context:application:domains": [
+                "8be240cc-4581-43c2-96db-a8ccf8579e7d.sandbox.contentgrid.cloud"
+            ],
+            "exp": 1755775732,
+            "context:application:id": "8be240cc-4581-43c2-96db-a8ccf8579e7d",
+            "access_token" : "123"
+        }
+    )
+    print(user)

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/config.py

@@ -0,0 +1,40 @@
+
+from pydantic_settings import BaseSettings, SettingsConfigDict
+from typing import List, Optional
+    
+# Pydantic settings is used throughout this file.
+# The library allows for easy configuration management, including environment variable loading and validation.
+# Each field can be configured to load from environment variables, and validation can be applied to ensure correct types and formats.
+# Example:
+# class MyConfig(BaseSettings):
+#     my_field: str = "default_value"
+#     my_required_bool: bool  # This field must be provided
+#     my_optional_field: Optional[int] = None
+# 
+# ENVIRONMENT VARIABLES:
+# MY_FIELD=my_value
+# MY_REQUIRED_BOOL=t
+# MY_OPTIONAL_FIELD=42
+# See https://docs.pydantic.dev/latest/api/pydantic_settings/ for more details.
+
+class ExtensionConfig(BaseSettings):
+    model_config = SettingsConfigDict(
+        env_file=['.env', '.env.secret'],
+        env_file_encoding='utf-8',
+        extra='ignore',
+    )
+    
+    cors_origins : List[str] = [] # is taken into account if production is True
+
+    # Server Configuration
+    server_url: Optional[str] = None  # Base URL for the server, can be set to None for local development
+    server_host: Optional[str] = ""
+    server_port: Optional[int] = None
+    web_concurrency: Optional[int] = None
+    
+    # Environment Configuration
+    ci: bool = False
+    production: bool = False
+
+
+extension_config = ExtensionConfig()

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/authentication/user.py

@@ -0,0 +1,73 @@
+from typing import Optional, cast, TypeVar, Generic
+from fastapi import Depends
+from typing_extensions import Annotated
+from pydantic import BaseModel
+from pydantic_settings import BaseSettings
+from contentgrid_extension_helpers.authentication.user import ContentGridUser
+from contentgrid_extension_helpers.authentication.oidc import create_current_user_dependency, get_oauth_jwks_client, create_oauth2_scheme
+
+oauth2_scheme = create_oauth2_scheme()
+
+UserModelType = TypeVar('UserModelType', bound=BaseModel)
+
+class ContentGridUserConfig(BaseSettings):
+    extension_name : str # Should be the same extension name as defined in tokenmonger and keycloak (without the contentgrid:extension: prefix)
+    oauth_issuer: str
+    extension_auth_url: str
+
+class ContentGridUserDependency(Generic[UserModelType]):
+    def __init__(
+        self,         
+        extension_name: Optional[str] = None,
+        oauth_issuer: Optional[str] = None,
+        custom_audience: Optional[str] = None,
+        user_model: type[UserModelType] = ContentGridUser,
+        algorithms: Optional[list[str]] = None,
+        verify_exp: bool = True,
+        verify_aud: bool = True,
+        verify_iss: bool = True,
+        verify_nbf: bool = False,
+        verify_iat: bool = False,
+    ) -> None:
+        
+        self.user_model = user_model
+        
+        # Create config dict with provided parameters
+        config_dict = {}
+        if extension_name is not None:
+            config_dict['extension_name'] = extension_name
+        if oauth_issuer is not None:
+            config_dict['oauth_issuer'] = oauth_issuer
+            
+        # Create ExtensionFlowConfig instance which will use env vars for missing values
+        self.user_config = ContentGridUserConfig(**config_dict)
+        
+        if not custom_audience:
+            self.audience = f"contentgrid:extension:{self.user_config.extension_name}"
+        else:
+            self.audience = custom_audience
+        
+        _ , self.jwks_client = get_oauth_jwks_client(self.user_config.oauth_issuer)
+                
+        self.user_dependency = create_current_user_dependency(
+            jwks_client=self.jwks_client,
+            oidc_issuer=self.user_config.oauth_issuer,
+            audience=self.audience,
+            user_model=user_model,
+            algorithms = algorithms,
+            verify_exp = verify_exp,
+            verify_aud = verify_aud,
+            verify_iss = verify_iss,
+            verify_nbf = verify_nbf,
+            verify_iat = verify_iat,
+        )
+    
+    @property
+    def config(self) -> ContentGridUserConfig:
+        return self.user_config
+
+    async def __call__(
+        self, token: Annotated[str, Depends(oauth2_scheme)]
+    ) -> UserModelType:
+        user = cast(UserModelType, await self.user_dependency(token))
+        return user

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/clients/contentgrid/__init__.py

@@ -0,0 +1,3 @@
+from .client_factory import ContentGridBaseClientFactory # noqa: F401
+from .service_account_factory import ContentGridServiceAccountFactory # noqa: F401
+from .extension_flow_factory import ContentGridExtensionFlowClientFactory # noqa: F401

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/clients/contentgrid/client_factory.py

@@ -0,0 +1,71 @@
+from abc import ABC
+from typing import Optional, TypeVar, List
+from contentgrid_hal_client.hal import HALFormsClient
+from fastapi import HTTPException, status
+from pydantic import HttpUrl
+from pydantic_settings import BaseSettings
+import logging
+
+
+T = TypeVar('T', bound=HALFormsClient)
+
+logger = logging.getLogger(__name__)
+
+class ContentGridClientFactorySettings(BaseSettings):
+    pass
+
+class ContentGridBaseClientFactory(ABC):
+    def __init__(self) -> None:
+        self.env_config = ContentGridClientFactorySettings()
+        
+    def _get_client_endpoint(
+        self,
+        origin: Optional[HttpUrl] = None,
+        allowed_domains: Optional[List[str]] = None,
+        default_endpoint: Optional[str] = None
+    ) -> str:
+        """
+        Get client endpoint with domain validation.
+        
+        Args:
+            origin: Origin URL to validate and use
+            allowed_domains: List of allowed domain strings for validation
+            default_endpoint: Default endpoint to use if no origin provided
+            user: ContentGrid user (optional, used for domain extraction if no allowed_domains)
+            
+        Returns:
+            Validated client endpoint URL
+            
+        Raises:
+            ValueError: If domain validation fails in production mode
+        """
+        if allowed_domains is None:
+            # No domains available, will rely on default_endpoint or production check
+            allowed_domains = []
+            
+        if origin:
+            origin_host = origin.host
+            origin_scheme = origin.scheme
+            endpoint = f"{origin_scheme}://{origin_host}"
+            
+            # Validate domain if we have allowed domains defined (even if empty)
+            if origin_host not in allowed_domains:
+                error_msg = f"Origin domain '{origin_host}' not in allowed domains: {allowed_domains}"
+                raise HTTPException(
+                    status_code=status.HTTP_403_FORBIDDEN,
+                    detail=error_msg, 
+                )
+            
+            return endpoint
+        
+        elif default_endpoint:
+            # Use default endpoint
+            return default_endpoint
+            
+        elif allowed_domains:
+            # Fallback to the first allowed domain
+            return "https://" + allowed_domains[0]
+            
+        else:
+            error_msg = "No endpoint available: provide either 'origin', 'default_endpoint', or ensure 'allowed_domains'/'user.domains' are available"
+            raise ValueError(error_msg)

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/clients/contentgrid/extension_flow_factory.py

@@ -0,0 +1,85 @@
+from typing import Annotated, Optional, Type, TypeVar
+
+from contentgrid_extension_helpers.authentication.user import ContentGridUser
+from fastapi import Depends, Query
+from contentgrid_extension_helpers.authentication.oidc import (
+    create_oauth2_scheme,
+)
+from contentgrid_application_client.application import ContentGridApplicationClient
+from contentgrid_hal_client.hal import HALFormsClient
+from contentgrid_hal_client.security import IdentityAuthenticationManager
+from pydantic import HttpUrl
+from contentgrid_extension_helpers.dependencies.authentication.user import ContentGridUserDependency
+from .client_factory import ContentGridBaseClientFactory, ContentGridClientFactorySettings
+
+T = TypeVar('T', ContentGridApplicationClient, HALFormsClient)
+
+oauth2_scheme = create_oauth2_scheme()
+
+class ExtensionFlowConfig(ContentGridClientFactorySettings):
+    extension_client_name: str 
+    extension_client_secret: str
+    system_exchange_uri: str = "https://extensions.sandbox.contentgrid.cloud/authentication/system/token"
+    extension_auth_url: str = "https://auth.sandbox.contentgrid.cloud/realms/extensions/protocol/openid-connect/token"
+    delegated_exchange_uri: str = "https://extensions.sandbox.contentgrid.cloud/authentication/delegated/token"
+
+class ContentGridExtensionFlowClientFactory(ContentGridBaseClientFactory):
+    def __init__(
+        self,
+        extension_auth_url: Optional[str] = None,
+        extension_client_name: Optional[str] = None,
+        extension_client_secret: Optional[str] = None,
+        system_exchange_uri: Optional[str] = None,
+        delegated_exchange_uri: Optional[str] = None,
+    ) -> None:
+        # Create config dict with provided parameters
+        config_dict = {}
+        if extension_auth_url is not None:
+            config_dict['extension_auth_url'] = extension_auth_url
+        if extension_client_name is not None:
+            config_dict['extension_client_name'] = extension_client_name
+        if extension_client_secret is not None:
+            config_dict['extension_client_secret'] = extension_client_secret
+        if system_exchange_uri is not None:
+            config_dict['system_exchange_uri'] = system_exchange_uri
+        if delegated_exchange_uri is not None:
+            config_dict['delegated_exchange_uri'] = delegated_exchange_uri
+            
+        # Create ExtensionFlowConfig instance which will use env vars for missing values
+        self.extension_config = ExtensionFlowConfig(**config_dict)
+
+        self.identity_auth_manager = IdentityAuthenticationManager(
+            auth_uri=self.extension_config.extension_auth_url,
+            client_id=self.extension_config.extension_client_name,
+            client_secret=self.extension_config.extension_client_secret,
+            system_exchange_uri=self.extension_config.system_exchange_uri,
+            delegated_exchange_uri=self.extension_config.delegated_exchange_uri,
+        )
+        super().__init__()
+        
+    @property
+    def config(self) -> ExtensionFlowConfig:
+        return self.extension_config
+        
+    def get_client(self, user: ContentGridUser, origin: Optional[HttpUrl], client_type: Type[T] = ContentGridApplicationClient) -> T:
+        """Get a client of the specified type."""
+        client_endpoint = self._get_client_endpoint(
+            origin=origin,
+            allowed_domains=user.domains
+        )
+        auth_manager = self.identity_auth_manager.for_user(user.access_token, urls={client_endpoint})
+        
+        return client_type(
+            client_endpoint=client_endpoint,
+            auth_manager=auth_manager,
+        )
+        
+    def create_client_dependency(self, user_dependency: ContentGridUserDependency, client_type: Type[T] = ContentGridApplicationClient):
+        """Create a dependency function for the specified client type."""
+        def client_dependency(
+            user: Annotated[ContentGridUser, Depends(user_dependency)], 
+            origin: Annotated[Optional[HttpUrl], Query()] = None
+        ) -> T:
+            return self.get_client(user, origin, client_type)
+
+        return client_dependency

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/clients/contentgrid/service_account_factory.py

@@ -0,0 +1,87 @@
+from typing import Annotated, Optional, Type, TypeVar, List
+from fastapi import Query
+from contentgrid_application_client.application import ContentGridApplicationClient
+from contentgrid_hal_client.hal import HALFormsClient
+from contentgrid_hal_client.security import ClientCredentialsApplicationAuthenticationManager
+from pydantic import Field, HttpUrl
+from pydantic_settings import SettingsConfigDict
+from .client_factory import ContentGridBaseClientFactory, ContentGridClientFactorySettings
+
+T = TypeVar('T', ContentGridApplicationClient, HALFormsClient)
+
+class ContentGridServiceAccountFactorySettings(ContentGridClientFactorySettings):
+    model_config = SettingsConfigDict(env_prefix='CG_')
+
+    auth_url: str
+    client_name: str
+    client_secret: str
+    # Default endpoint for service account, can be overridden
+    default_endpoint: Optional[str] = Field(default=None, alias='CG_APP_URL')
+    # Allowed domains for service account access
+    allowed_domains: Optional[List[str]] = None
+
+class ContentGridServiceAccountFactory(ContentGridBaseClientFactory):
+    def __init__(
+        self,
+        auth_url: Optional[str] = None,
+        client_name: Optional[str] = None,
+        client_secret: Optional[str] = None,
+        default_endpoint: Optional[str] = None,
+        allowed_domains: Optional[List[str]] = None,
+    ) -> None:
+        # Create config dict with provided parameters
+        config_dict = {}
+        if auth_url is not None:
+            config_dict['auth_url'] = auth_url
+        if client_name is not None:
+            config_dict['client_name'] = client_name
+        if client_secret is not None:
+            config_dict['client_secret'] = client_secret
+        if default_endpoint is not None:
+            config_dict['default_endpoint'] = default_endpoint
+        if allowed_domains is not None:
+            config_dict['allowed_domains'] = allowed_domains
+            
+        # Create ServiceAccountFactorySettings instance which will use env vars for missing values
+        self.service_account_config = ContentGridServiceAccountFactorySettings(**config_dict)
+
+        self.authentication_manager = ClientCredentialsApplicationAuthenticationManager(
+            auth_uri=self.service_account_config.auth_url,
+            client_id=self.service_account_config.client_name,
+            client_secret=self.service_account_config.client_secret,
+        )
+        super().__init__()
+        
+    @property
+    def config(self) -> ContentGridServiceAccountFactorySettings:
+        return self.service_account_config
+        
+    def get_client(self, origin: Optional[HttpUrl] = None, client_type: Type[T] = ContentGridApplicationClient) -> T:
+        """Get a client of the specified type using service account authentication."""
+        client_endpoint = self._get_client_endpoint(
+            origin=origin,
+            allowed_domains=self.service_account_config.allowed_domains,
+            default_endpoint=self.service_account_config.default_endpoint
+        )
+        
+        # Create a new authentication manager instance for this specific endpoint
+        auth_manager = ClientCredentialsApplicationAuthenticationManager(
+            auth_uri=self.service_account_config.auth_url,
+            client_id=self.service_account_config.client_name,
+            client_secret=self.service_account_config.client_secret,
+            resources=[client_endpoint]
+        )
+        
+        return client_type(
+            client_endpoint=client_endpoint,
+            auth_manager=auth_manager,
+        )
+        
+    def create_client_dependency(self, client_type: Type[T] = ContentGridApplicationClient):
+        """Create a dependency function for the specified client type (no user required)."""
+        def client_dependency(
+            origin: Annotated[Optional[HttpUrl], Query()] = None
+        ) -> T:
+            return self.get_client(origin, client_type)
+
+        return client_dependency

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/sqlalch/db/__init__.py

@@ -0,0 +1,14 @@
+"""Database factory classes for different database backends."""
+
+from .base_factory import DatabaseConfig, DatabaseSessionFactory
+from .sqlite import SQLiteConfig, SQLiteSessionFactory
+from .postgres import PostgresConfig, PostgresSessionFactory
+
+__all__ = [
+    "DatabaseConfig",
+    "DatabaseSessionFactory", 
+    "SQLiteConfig",
+    "SQLiteSessionFactory",
+    "PostgresConfig", 
+    "PostgresSessionFactory"
+]

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/sqlalch/db/base_factory.py

@@ -0,0 +1,107 @@
+import logging
+from abc import ABC, abstractmethod
+from contextlib import contextmanager
+from typing import Optional, Dict, Any, Generator
+from sqlmodel import SQLModel, Session, create_engine, text
+from pydantic_settings import BaseSettings
+
+class DatabaseConfig(BaseSettings):
+    debug: bool = False
+
+class DatabaseSessionFactory(ABC):
+    """Abstract factory class to create database connections based on configuration."""
+    
+    def __init__(self, config : Optional[DatabaseConfig] = None):
+        """Initialize with database configuration."""
+        self.db_config = config if config else DatabaseConfig()
+        
+        # Get values from abstract methods and validate them
+        connection_string = self.create_connection_string()
+        connect_args = self.create_connect_args()
+        engine_kwargs = self.create_engine_kwargs()
+        
+        # Assert that required values are provided
+        assert connection_string is not None and connection_string.strip(), "Connection string must be a non-empty string"
+        assert isinstance(connect_args, dict), "Connect args must be a dictionary"
+        assert isinstance(engine_kwargs, dict), "Engine kwargs must be a dictionary"
+        
+        self.engine = create_engine(
+            connection_string,
+            connect_args=connect_args,
+            echo="debug" if self.db_config.debug else None,  # Log SQL queries in debug mode
+            **engine_kwargs
+        )
+    
+    @abstractmethod
+    def create_connection_string(self) -> str:
+        """Create the database connection string."""
+        pass
+    
+    @abstractmethod
+    def create_connect_args(self) -> Dict[str, Any]:
+        """Create connection arguments."""
+        pass
+    
+    @abstractmethod
+    def create_engine_kwargs(self) -> Dict[str, Any]:
+        """Create engine keyword arguments."""
+        pass
+        
+    def create_db_and_tables(self) -> None:
+        """Create database tables from SQLModel metadata."""
+        SQLModel.metadata.create_all(self.engine)
+        
+    # IMPORTANT : NO AUTOCOMMITS
+    # SQLAlchemy session management
+    # This function is used for dependency injection in FastAPI
+    # It provides a session that is NOT automatically committed. 
+    # It is the responsibility of the caller to commit one or more transactions.
+    # When an error occurs the session is rolledback.
+    def __call__(self) -> Generator[Session, None, None]:
+        """Get a database session for dependency injection."""
+        session = Session(self.engine)
+        try:
+            yield session
+        except Exception as e:
+            logging.exception(f"Database session error - Unexpected error: {e}")
+            session.rollback()
+            raise
+        finally:
+            session.close()
+
+    # Context managers can no be used for dependency injection in FastAPI
+    # but they are useful for manual session management in scripts or tests.
+    @contextmanager
+    def get_db_session(self) -> Generator[Session, None, None]:
+        """Context manager for database sessions."""
+        session = Session(self.engine)
+        try:
+            yield session
+            session.commit()
+        except Exception as e:
+            logging.exception(f"Database transaction error - Unexpected error: {e}")
+            session.rollback()
+            raise
+        finally:
+            session.close()
+    
+    def database_health_check(self) -> bool:
+        """Check if database connection is healthy."""
+        try:
+            with self.get_db_session() as session:
+                # Simple query to test connection
+                session.exec(text("SELECT 1"))
+                return True
+        except Exception as e:
+            logging.exception(f"Database health check failed - Unexpected error: {e}")
+            return False
+        
+    def wipe_database(self) -> None:
+        """Wipes the database by dropping all tables and recreating them."""
+        from sqlmodel import SQLModel
+        try:
+            SQLModel.metadata.drop_all(self.engine)
+            SQLModel.metadata.create_all(self.engine)
+            logging.debug("Database tables dropped and recreated successfully")
+        except Exception as e:
+            logging.warning(f"Database cleanup failed: {e}")

contentgrid_extension_helpers-0.0.3/src/contentgrid_extension_helpers/dependencies/sqlalch/db/postgres.py

@@ -0,0 +1,104 @@
+
+from typing import Optional, Dict, Any
+from .base_factory import DatabaseConfig, DatabaseSessionFactory
+
+class PostgresConfig(DatabaseConfig):
+    pg_host: Optional[str] = None
+    pg_port: Optional[int] = None
+    pg_user: Optional[str] = None
+    pg_passwd: Optional[str] = None
+    pg_dbname: Optional[str] = None
+    
+    # Database Connection Pool Configuration
+    db_pool_size: int = 10
+    db_max_overflow: int = 20
+    db_pool_recycle: int = 3600
+    db_pool_pre_ping: bool = True
+
+# Pydantic settings is used throughout this file.
+# The library allows for easy configuration management, including environment variable loading and validation.
+# Each field can be configured to load from environment variables, and validation can be applied to ensure correct types and formats.
+# Example:
+# class MyConfig(BaseSettings):
+#     my_field: str = "default_value"
+#     my_required_bool: bool  # This field must be provided
+#     my_optional_field: Optional[int] = None
+# 
+# ENVIRONMENT VARIABLES:
+# MY_FIELD=my_value
+# MY_REQUIRED_BOOL=t
+# MY_OPTIONAL_FIELD=42
+# See https://docs.pydantic.dev/latest/api/pydantic_settings/ for more details.
+
+class PostgresSessionFactory(DatabaseSessionFactory):
+    """Factory class to create PostgreSQL database connections."""
+    def __init__(self, pg_host: Optional[str] = None, pg_port: Optional[int] = None,
+                 pg_user: Optional[str] = None, pg_passwd: Optional[str] = None,
+                 pg_dbname: Optional[str] = None, debug: Optional[bool] = None,
+                 db_pool_size: Optional[int] = None, db_max_overflow: Optional[int] = None,
+                 db_pool_recycle: Optional[int] = None, db_pool_pre_ping: Optional[bool] = None):
+        """Initialize with PostgreSQL configuration."""
+        # Create config dict with provided parameters
+        config_dict = {}
+        if debug is not None:
+            config_dict['debug'] = debug
+        if db_pool_size is not None:
+            config_dict['db_pool_size'] = db_pool_size
+        if db_max_overflow is not None:
+            config_dict['db_max_overflow'] = db_max_overflow
+        if db_pool_recycle is not None:
+            config_dict['db_pool_recycle'] = db_pool_recycle
+        if db_pool_pre_ping is not None:
+            config_dict['db_pool_pre_ping'] = db_pool_pre_ping
+            
+        # Override with explicit parameters if provided
+        if pg_host is not None:
+            config_dict['pg_host'] = pg_host
+        if pg_port is not None:
+            config_dict['pg_port'] = pg_port
+        if pg_user is not None:
+            config_dict['pg_user'] = pg_user
+        if pg_passwd is not None:
+            config_dict['pg_passwd'] = pg_passwd
+        if pg_dbname is not None:
+            config_dict['pg_dbname'] = pg_dbname
+            
+        # Create PostgresConfig instance which will use env vars for missing values
+        self.postgres_config = PostgresConfig(**config_dict)
+            
+        # Validate required fields
+        missing_fields = []
+        if not self.postgres_config.pg_host:
+            missing_fields.append("PG_HOST")
+        if not self.postgres_config.pg_port:
+            missing_fields.append("PG_PORT")
+        if not self.postgres_config.pg_user:
+            missing_fields.append("PG_USER")
+        if not self.postgres_config.pg_passwd:
+            missing_fields.append("PG_PASSWD")
+        if not self.postgres_config.pg_dbname:
+            missing_fields.append("PG_DBNAME")
+        
+        if missing_fields:
+            raise ValueError(
+                f"Failed to configure postgres. Missing parameters or environment variables: {', '.join(missing_fields)}"
+            )
+        
+        super().__init__(self.postgres_config)
+    
+    def create_connection_string(self) -> str:
+        """Create the PostgreSQL connection string."""
+        return f"postgresql+psycopg2://{self.postgres_config.pg_user}:{self.postgres_config.pg_passwd}@{self.postgres_config.pg_host}:{self.postgres_config.pg_port}/{self.postgres_config.pg_dbname}"
+    
+    def create_connect_args(self) -> Dict[str, Any]:
+        """Create PostgreSQL connection arguments."""
+        return {}
+    
+    def create_engine_kwargs(self) -> Dict[str, Any]:
+        """Create PostgreSQL engine keyword arguments."""
+        return {
+            "pool_size": self.postgres_config.db_pool_size,
+            "max_overflow": self.postgres_config.db_max_overflow,
+            "pool_pre_ping": self.postgres_config.db_pool_pre_ping,
+            "pool_recycle": self.postgres_config.db_pool_recycle
+        }