cribl-control-plane 0.0.38__py3-none-any.whl → 0.4.0a6__py3-none-any.whl

cribl_control_plane/_hooks/clientcredentials.py

@@ -21,6 +21,7 @@ class Credentials:
     client_id: str
     client_secret: str
     token_url: str
+    scopes: Optional[List[str]]
     additional_properties: Dict[str, str]
 
     def __init__(
@@ -28,25 +29,27 @@ class Credentials:
         client_id: str,
         client_secret: str,
         token_url: str,
+        scopes: Optional[List[str]],
         additional_properties: Optional[Dict[str, str]] = None,
     ):
         self.client_id = client_id
         self.client_secret = client_secret
         self.token_url = token_url
+        self.scopes = scopes
         self.additional_properties = additional_properties or {}
 
 
 class Session:
     credentials: Credentials
     token: str
-    scopes: Optional[List[str]] = None
+    scopes: List[str]
     expires_at: Optional[int] = None
 
     def __init__(
         self,
         credentials: Credentials,
         token: str,
-        scopes: Optional[List[str]] = None,
+        scopes: List[str],
         expires_at: Optional[int] = None,
     ):
         self.credentials = credentials
@@ -57,7 +60,7 @@ class Session:
 
 class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
     client: HttpClient
-    sessions: Dict[str, Session] = {}
+    sessions: Dict[str, Dict[str, Session]] = {}
 
     def sdk_init(self, config: SDKConfiguration) -> SDKConfiguration:
         if config.client is None:
@@ -69,8 +72,7 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
     def before_request(
         self, hook_ctx: BeforeRequestContext, request: httpx.Request
     ) -> httpx.Request:
-        if hook_ctx.oauth2_scopes is None:
-            # OAuth2 not in use
+        if self.is_hook_disabled(hook_ctx):
             return request
 
         credentials = self.get_credentials(hook_ctx)
@@ -81,22 +83,24 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
             credentials.client_id, credentials.client_secret
         )
 
-        if (
-            session_key not in self.sessions
-            or not self.has_required_scopes(
-                self.sessions[session_key].scopes, hook_ctx.oauth2_scopes
-            )
-            or self.has_token_expired(self.sessions[session_key].expires_at)
-        ):
-            sess = self.do_token_request(
+        scopes = self.get_required_scopes(credentials, hook_ctx)
+        session = self.get_existing_session(session_key, scopes)
+
+        if session is None:
+            # Create new session
+            session = self.do_token_request(
                 hook_ctx,
                 credentials,
-                self.get_scopes(hook_ctx.oauth2_scopes, self.sessions.get(session_key)),
+                scopes,
             )
 
-            self.sessions[session_key] = sess
+            if session_key not in self.sessions:
+                self.sessions[session_key] = {}
+
+            scope_key = self.get_scope_key(scopes)
+            self.sessions[session_key][scope_key] = session
 
-        request.headers["Authorization"] = f"Bearer {self.sessions[session_key].token}"
+        request.headers["Authorization"] = f"Bearer {session.token}"
 
         return request
 
@@ -106,8 +110,7 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
         response: Optional[httpx.Response],
         error: Optional[Exception],
     ) -> Union[Tuple[Optional[httpx.Response], Optional[Exception]], Exception]:
-        if hook_ctx.oauth2_scopes is None:
-            # OAuth2 not in use
+        if self.is_hook_disabled(hook_ctx):
             return (response, error)
 
         # We don't want to refresh the token if the error is not related to the token
@@ -122,12 +125,15 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
             session_key = self.get_session_key(
                 credentials.client_id, credentials.client_secret
             )
-
-            if session_key in self.sessions:
-                del self.sessions[session_key]
+            scopes = self.get_required_scopes(credentials, hook_ctx)
+            scope_key = self.get_scope_key(scopes)
+            self.remove_session(session_key, scope_key)
 
         return (response, error)
 
+    def is_hook_disabled(self, hook_ctx: HookContext) -> bool:
+        return hook_ctx.oauth2_scopes is None
+
     def get_credentials(self, hook_ctx: HookContext) -> Optional[Credentials]:
         source = hook_ctx.security_source
 
@@ -145,21 +151,19 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
         # Extract additional properties from security object
         additional_properties = {}
         for key, value in dict(security.client_oauth).items():
-            if key not in ["client_id", "client_secret", "token_url"]:
+            if key not in ["client_id", "client_secret", "token_url", "scopes"]:
                 additional_properties[key] = value
 
         return Credentials(
             client_id=security.client_oauth.client_id,
             client_secret=security.client_oauth.client_secret,
             token_url=security.client_oauth.token_url,
+            scopes=None,
             additional_properties=additional_properties,
         )
 
     def do_token_request(
-        self,
-        hook_ctx: HookContext,
-        credentials: Credentials,
-        scopes: Optional[List[str]],
+        self, hook_ctx: HookContext, credentials: Credentials, scopes: List[str]
     ) -> Session:
         payload = {
             "grant_type": "client_credentials",
@@ -167,7 +171,7 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
             "client_secret": credentials.client_secret,
         }
 
-        if scopes is not None and len(scopes) > 0:
+        if len(scopes) > 0:
             payload["scope"] = " ".join(scopes)
 
         # Add additional properties to payload
@@ -188,7 +192,7 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
 
         response_data = response.json()
 
-        if response_data.get("token_type") != "Bearer":
+        if response_data.get("token_type", "").lower() != "bearer":
             raise Exception("Unexpected token type from token endpoint")
 
         expires_at = None
@@ -203,24 +207,70 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
         )
 
     def get_session_key(self, client_id: str, client_secret: str) -> str:
+        """Generate a consistent session key for the given client ID and secret."""
         return hashlib.md5(f"{client_id}:{client_secret}".encode()).hexdigest()
 
+    def get_required_scopes(
+        self, credentials: Credentials, hook_ctx: HookContext
+    ) -> List[str]:
+        """Return the list of scopes that need to be requested."""
+        if credentials.scopes is not None:
+            return credentials.scopes
+        return hook_ctx.oauth2_scopes or []
+
+    def get_scope_key(self, scopes: List[str]) -> str:
+        """Generate a consistent scope key for the given scopes."""
+        if not scopes:
+            return ""
+
+        sorted_scopes = sorted(scopes)
+        return "&".join(sorted_scopes)
+
+    def remove_session(self, client_key: str, scope_key: str) -> None:
+        """Remove a session and clean up empty client session maps."""
+        if client_key in self.sessions and scope_key in self.sessions[client_key]:
+            del self.sessions[client_key][scope_key]
+
+            # Clean up empty client sessions
+            if not self.sessions[client_key]:
+                del self.sessions[client_key]
+
+    def get_existing_session(
+        self, client_key: str, required_scopes: List[str]
+    ) -> Optional[Session]:
+        """Find the best session for the required scopes."""
+        if client_key not in self.sessions:
+            return None
+
+        client_sessions = self.sessions[client_key]
+        scope_key = self.get_scope_key(required_scopes)
+
+        if scope_key in client_sessions:
+            exact_match = client_sessions[scope_key]
+            if self.has_token_expired(exact_match.expires_at):
+                self.remove_session(client_key, scope_key)
+            else:
+                return exact_match
+
+        # If no exact match was found, look for a superset match
+        for key, session in client_sessions.items():
+            if self.has_token_expired(session.expires_at):
+                self.remove_session(client_key, key)
+            elif self.has_required_scopes(session.scopes, required_scopes):
+                return session
+
+        return None
+
     def has_required_scopes(
-        self, scopes: Optional[List[str]], required_scopes: List[str]
+        self, scopes: List[str], required_scopes: List[str]
     ) -> bool:
-        if scopes is None:
-            return False
-
+        """Check if all required scopes are present in the given scopes."""
         return all(scope in scopes for scope in required_scopes)
 
-    def get_scopes(
-        self, required_scopes: List[str], sess: Optional[Session]
-    ) -> List[str]:
-        scopes = required_scopes.copy()
-        if sess is not None and sess.scopes is not None:
-            scopes.extend(sess.scopes)
-            scopes = list(set(scopes))
-        return scopes
-
     def has_token_expired(self, expires_at: Optional[int]) -> bool:
-        return expires_at is None or time.time() + 60 >= expires_at
+        """
+        Check if the token has expired.
+        If no expires_in field was returned by the authorization server, the token is considered to never expire.
+        A 60-second buffer is applied to refresh tokens before they actually expire.
+        """
+        return expires_at is not None and time.time() + 60 >= expires_at

cribl_control_plane/_version.py

@@ -3,10 +3,10 @@
 import importlib.metadata
 
 __title__: str = "cribl-control-plane"
-__version__: str = "0.0.38"
-__openapi_doc_version__: str = "4.14.0-alpha.1756226637429-1513a21f"
-__gen_version__: str = "2.686.7"
-__user_agent__: str = "speakeasy-sdk/python 0.0.38 2.686.7 4.14.0-alpha.1756226637429-1513a21f cribl-control-plane"
+__version__: str = "0.4.0a6"
+__openapi_doc_version__: str = "4.15.0-alpha.1763072414698-97546d75"
+__gen_version__: str = "2.763.3"
+__user_agent__: str = "speakeasy-sdk/python 0.4.0a6 2.763.3 4.15.0-alpha.1763072414698-97546d75 cribl-control-plane"
 
 try:
     if __package__ is not None:

cribl_control_plane/acl.py

@@ -14,13 +14,15 @@ from typing import Any, Mapping, Optional
 class ACL(BaseSDK):
     teams: Teams
 
-    def __init__(self, sdk_config: SDKConfiguration) -> None:
-        BaseSDK.__init__(self, sdk_config)
+    def __init__(
+        self, sdk_config: SDKConfiguration, parent_ref: Optional[object] = None
+    ) -> None:
+        BaseSDK.__init__(self, sdk_config, parent_ref=parent_ref)
         self.sdk_configuration = sdk_config
         self._init_sdks()
 
     def _init_sdks(self):
-        self.teams = Teams(self.sdk_configuration)
+        self.teams = Teams(self.sdk_configuration, parent_ref=self.parent_ref)
 
     def get(
         self,

cribl_control_plane/auth_sdk.py

@@ -3,15 +3,18 @@
 from .basesdk import BaseSDK
 from .sdkconfiguration import SDKConfiguration
 from cribl_control_plane.tokens import Tokens
+from typing import Optional
 
 
 class AuthSDK(BaseSDK):
     tokens: Tokens
 
-    def __init__(self, sdk_config: SDKConfiguration) -> None:
-        BaseSDK.__init__(self, sdk_config)
+    def __init__(
+        self, sdk_config: SDKConfiguration, parent_ref: Optional[object] = None
+    ) -> None:
+        BaseSDK.__init__(self, sdk_config, parent_ref=parent_ref)
         self.sdk_configuration = sdk_config
         self._init_sdks()
 
     def _init_sdks(self):
-        self.tokens = Tokens(self.sdk_configuration)
+        self.tokens = Tokens(self.sdk_configuration, parent_ref=self.parent_ref)

cribl_control_plane/basesdk.py

@@ -19,9 +19,19 @@ from urllib.parse import parse_qs, urlparse
 
 class BaseSDK:
     sdk_configuration: SDKConfiguration
+    parent_ref: Optional[object] = None
+    """
+    Reference to the root SDK instance, if any. This will prevent it from
+    being garbage collected while there are active streams.
+    """
 
-    def __init__(self, sdk_config: SDKConfiguration) -> None:
+    def __init__(
+        self,
+        sdk_config: SDKConfiguration,
+        parent_ref: Optional[object] = None,
+    ) -> None:
         self.sdk_configuration = sdk_config
+        self.parent_ref = parent_ref
 
     def _get_url(self, base_url, url_variables):
         sdk_url, sdk_variables = self.sdk_configuration.get_server_details()

cribl_control_plane/commits.py

@@ -14,13 +14,15 @@ from typing import Any, List, Mapping, Optional
 class Commits(BaseSDK):
     files: CommitsFiles
 
-    def __init__(self, sdk_config: SDKConfiguration) -> None:
-        BaseSDK.__init__(self, sdk_config)
+    def __init__(
+        self, sdk_config: SDKConfiguration, parent_ref: Optional[object] = None
+    ) -> None:
+        BaseSDK.__init__(self, sdk_config, parent_ref=parent_ref)
         self.sdk_configuration = sdk_config
         self._init_sdks()
 
     def _init_sdks(self):
-        self.files = CommitsFiles(self.sdk_configuration)
+        self.files = CommitsFiles(self.sdk_configuration, parent_ref=self.parent_ref)
 
     def create(
         self,
@@ -779,7 +781,7 @@ class Commits(BaseSDK):
         Revert a commit in the local repository.
 
         :param commit:
-        :param group_id: Group ID
+        :param group_id: The <code>id</code> of the Worker Group or Edge Fleet to revert the commit for. Required in Distributed deployments. Omit in Single-instance deployments.
         :param force:
         :param message:
         :param retries: Override the default retry configuration for this method
@@ -880,7 +882,7 @@ class Commits(BaseSDK):
         Revert a commit in the local repository.
 
         :param commit:
-        :param group_id: Group ID
+        :param group_id: The <code>id</code> of the Worker Group or Edge Fleet to revert the commit for. Required in Distributed deployments. Omit in Single-instance deployments.
         :param force:
         :param message:
         :param retries: Override the default retry configuration for this method

cribl_control_plane/destinations.py

@@ -18,14 +18,16 @@ class Destinations(BaseSDK):
     pq: DestinationsPq
     samples: Samples
 
-    def __init__(self, sdk_config: SDKConfiguration) -> None:
-        BaseSDK.__init__(self, sdk_config)
+    def __init__(
+        self, sdk_config: SDKConfiguration, parent_ref: Optional[object] = None
+    ) -> None:
+        BaseSDK.__init__(self, sdk_config, parent_ref=parent_ref)
         self.sdk_configuration = sdk_config
         self._init_sdks()
 
     def _init_sdks(self):
-        self.pq = DestinationsPq(self.sdk_configuration)
-        self.samples = Samples(self.sdk_configuration)
+        self.pq = DestinationsPq(self.sdk_configuration, parent_ref=self.parent_ref)
+        self.samples = Samples(self.sdk_configuration, parent_ref=self.parent_ref)
 
     def list(
         self,

cribl_control_plane/destinations_pq.py

@@ -83,7 +83,7 @@ class DestinationsPq(BaseSDK):
         )
 
         response_data: Any = None
-        if utils.match_response(http_res, "200", "application/json"):
+        if utils.match_response(http_res, "201", "application/json"):
             return unmarshal_json_response(models.DeleteOutputPqByIDResponse, http_res)
         if utils.match_response(http_res, "500", "application/json"):
             response_data = unmarshal_json_response(errors.ErrorData, http_res)
@@ -170,7 +170,7 @@ class DestinationsPq(BaseSDK):
         )
 
         response_data: Any = None
-        if utils.match_response(http_res, "200", "application/json"):
+        if utils.match_response(http_res, "201", "application/json"):
             return unmarshal_json_response(models.DeleteOutputPqByIDResponse, http_res)
         if utils.match_response(http_res, "500", "application/json"):
             response_data = unmarshal_json_response(errors.ErrorData, http_res)

cribl_control_plane/errors/__init__.py

@@ -1,14 +1,18 @@
 """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
 
+from .criblcontrolplaneerror import CriblControlPlaneError
 from typing import TYPE_CHECKING
 from importlib import import_module
 import builtins
+import sys
 
 if TYPE_CHECKING:
     from .apierror import APIError
-    from .criblcontrolplaneerror import CriblControlPlaneError
     from .error import Error, ErrorData
-    from .healthstatus_error import HealthStatusError, HealthStatusErrorData
+    from .healthserverstatus_error import (
+        HealthServerStatusError,
+        HealthServerStatusErrorData,
+    )
     from .no_response_error import NoResponseError
     from .responsevalidationerror import ResponseValidationError
 
@@ -17,24 +21,35 @@ __all__ = [
     "CriblControlPlaneError",
     "Error",
     "ErrorData",
-    "HealthStatusError",
-    "HealthStatusErrorData",
+    "HealthServerStatusError",
+    "HealthServerStatusErrorData",
     "NoResponseError",
     "ResponseValidationError",
 ]
 
 _dynamic_imports: dict[str, str] = {
     "APIError": ".apierror",
-    "CriblControlPlaneError": ".criblcontrolplaneerror",
     "Error": ".error",
     "ErrorData": ".error",
-    "HealthStatusError": ".healthstatus_error",
-    "HealthStatusErrorData": ".healthstatus_error",
+    "HealthServerStatusError": ".healthserverstatus_error",
+    "HealthServerStatusErrorData": ".healthserverstatus_error",
     "NoResponseError": ".no_response_error",
     "ResponseValidationError": ".responsevalidationerror",
 }
 
 
+def dynamic_import(modname, retries=3):
+    for attempt in range(retries):
+        try:
+            return import_module(modname, __package__)
+        except KeyError:
+            # Clear any half-initialized module and retry
+            sys.modules.pop(modname, None)
+            if attempt == retries - 1:
+                break
+    raise KeyError(f"Failed to import module '{modname}' after {retries} attempts")
+
+
 def __getattr__(attr_name: str) -> object:
     module_name = _dynamic_imports.get(attr_name)
     if module_name is None:
@@ -43,7 +58,7 @@ def __getattr__(attr_name: str) -> object:
         )
 
     try:
-        module = import_module(module_name, __package__)
+        module = dynamic_import(module_name)
         result = getattr(module, attr_name)
         return result
     except ImportError as e:

cribl_control_plane/errors/apierror.py

@@ -2,12 +2,14 @@
 
 import httpx
 from typing import Optional
+from dataclasses import dataclass
 
 from cribl_control_plane.errors import CriblControlPlaneError
 
 MAX_MESSAGE_LEN = 10_000
 
 
+@dataclass(unsafe_hash=True)
 class APIError(CriblControlPlaneError):
     """The fallback error class if no more specific error class is matched."""
 

cribl_control_plane/errors/criblcontrolplaneerror.py

@@ -2,25 +2,29 @@
 
 import httpx
 from typing import Optional
+from dataclasses import dataclass, field
 
 
+@dataclass(unsafe_hash=True)
 class CriblControlPlaneError(Exception):
     """The base class for all HTTP error responses."""
 
     message: str
     status_code: int
     body: str
-    headers: httpx.Headers
-    raw_response: httpx.Response
+    headers: httpx.Headers = field(hash=False)
+    raw_response: httpx.Response = field(hash=False)
 
     def __init__(
         self, message: str, raw_response: httpx.Response, body: Optional[str] = None
     ):
-        self.message = message
-        self.status_code = raw_response.status_code
-        self.body = body if body is not None else raw_response.text
-        self.headers = raw_response.headers
-        self.raw_response = raw_response
+        object.__setattr__(self, "message", message)
+        object.__setattr__(self, "status_code", raw_response.status_code)
+        object.__setattr__(
+            self, "body", body if body is not None else raw_response.text
+        )
+        object.__setattr__(self, "headers", raw_response.headers)
+        object.__setattr__(self, "raw_response", raw_response)
 
     def __str__(self):
         return self.message

cribl_control_plane/errors/error.py

@@ -3,6 +3,7 @@
 from __future__ import annotations
 from cribl_control_plane.errors import CriblControlPlaneError
 from cribl_control_plane.types import BaseModel
+from dataclasses import dataclass, field
 import httpx
 from typing import Optional
 
@@ -12,8 +13,9 @@ class ErrorData(BaseModel):
     r"""Error message"""
 
 
+@dataclass(unsafe_hash=True)
 class Error(CriblControlPlaneError):
-    data: ErrorData
+    data: ErrorData = field(hash=False)
 
     def __init__(
         self, data: ErrorData, raw_response: httpx.Response, body: Optional[str] = None
@@ -21,4 +23,4 @@ class Error(CriblControlPlaneError):
         fallback = body or raw_response.text
         message = str(data.message) or fallback
         super().__init__(message, raw_response, body)
-        self.data = data
+        object.__setattr__(self, "data", data)

cribl_control_plane/errors/healthserverstatus_error.py

@@ -0,0 +1,41 @@
+"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
+
+from __future__ import annotations
+from cribl_control_plane.errors import CriblControlPlaneError
+from cribl_control_plane.models import healthserverstatus as models_healthserverstatus
+from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from dataclasses import dataclass, field
+import httpx
+import pydantic
+from pydantic.functional_validators import PlainValidator
+from typing import Optional
+from typing_extensions import Annotated
+
+
+class HealthServerStatusErrorData(BaseModel):
+    start_time: Annotated[float, pydantic.Field(alias="startTime")]
+
+    status: Annotated[
+        models_healthserverstatus.Status, PlainValidator(validate_open_enum(False))
+    ]
+
+    role: Annotated[
+        Optional[models_healthserverstatus.Role],
+        PlainValidator(validate_open_enum(False)),
+    ] = None
+
+
+@dataclass(unsafe_hash=True)
+class HealthServerStatusError(CriblControlPlaneError):
+    data: HealthServerStatusErrorData = field(hash=False)
+
+    def __init__(
+        self,
+        data: HealthServerStatusErrorData,
+        raw_response: httpx.Response,
+        body: Optional[str] = None,
+    ):
+        message = body or raw_response.text
+        super().__init__(message, raw_response, body)
+        object.__setattr__(self, "data", data)

cribl_control_plane/errors/no_response_error.py

@@ -1,12 +1,16 @@
 """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
 
+from dataclasses import dataclass
+
+
+@dataclass(unsafe_hash=True)
 class NoResponseError(Exception):
     """Error raised when no HTTP response is received from the server."""
 
     message: str
 
     def __init__(self, message: str = "No response received"):
-        self.message = message
+        object.__setattr__(self, "message", message)
         super().__init__(message)
 
     def __str__(self):

cribl_control_plane/errors/responsevalidationerror.py

@@ -2,10 +2,12 @@
 
 import httpx
 from typing import Optional
+from dataclasses import dataclass
 
 from cribl_control_plane.errors import CriblControlPlaneError
 
 
+@dataclass(unsafe_hash=True)
 class ResponseValidationError(CriblControlPlaneError):
     """Error raised when there is a type mismatch between the response data and the expected Pydantic model."""
 

cribl_control_plane/groups_configs.py

@@ -3,15 +3,20 @@
 from .basesdk import BaseSDK
 from .sdkconfiguration import SDKConfiguration
 from cribl_control_plane.configs_versions import ConfigsVersions
+from typing import Optional
 
 
 class GroupsConfigs(BaseSDK):
     versions: ConfigsVersions
 
-    def __init__(self, sdk_config: SDKConfiguration) -> None:
-        BaseSDK.__init__(self, sdk_config)
+    def __init__(
+        self, sdk_config: SDKConfiguration, parent_ref: Optional[object] = None
+    ) -> None:
+        BaseSDK.__init__(self, sdk_config, parent_ref=parent_ref)
         self.sdk_configuration = sdk_config
         self._init_sdks()
 
     def _init_sdks(self):
-        self.versions = ConfigsVersions(self.sdk_configuration)
+        self.versions = ConfigsVersions(
+            self.sdk_configuration, parent_ref=self.parent_ref
+        )