cribl-control-plane 0.1.0b2__py3-none-any.whl → 0.2.0b1__py3-none-any.whl

cribl_control_plane/_hooks/clientcredentials.py

@@ -21,6 +21,7 @@ class Credentials:
     client_id: str
     client_secret: str
     token_url: str
+    scopes: Optional[List[str]]
     additional_properties: Dict[str, str]
 
     def __init__(
@@ -28,25 +29,27 @@ class Credentials:
         client_id: str,
         client_secret: str,
         token_url: str,
+        scopes: Optional[List[str]],
         additional_properties: Optional[Dict[str, str]] = None,
     ):
         self.client_id = client_id
         self.client_secret = client_secret
         self.token_url = token_url
+        self.scopes = scopes
         self.additional_properties = additional_properties or {}
 
 
 class Session:
     credentials: Credentials
     token: str
-    scopes: Optional[List[str]] = None
+    scopes: List[str]
     expires_at: Optional[int] = None
 
     def __init__(
         self,
         credentials: Credentials,
         token: str,
-        scopes: Optional[List[str]] = None,
+        scopes: List[str],
         expires_at: Optional[int] = None,
     ):
         self.credentials = credentials
@@ -57,7 +60,7 @@ class Session:
 
 class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
     client: HttpClient
-    sessions: Dict[str, Session] = {}
+    sessions: Dict[str, Dict[str, Session]] = {}
 
     def sdk_init(self, config: SDKConfiguration) -> SDKConfiguration:
         if config.client is None:
@@ -69,8 +72,7 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
     def before_request(
         self, hook_ctx: BeforeRequestContext, request: httpx.Request
     ) -> httpx.Request:
-        if hook_ctx.oauth2_scopes is None:
-            # OAuth2 not in use
+        if self.is_hook_disabled(hook_ctx):
             return request
 
         credentials = self.get_credentials(hook_ctx)
@@ -81,22 +83,24 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
             credentials.client_id, credentials.client_secret
         )
 
-        if (
-            session_key not in self.sessions
-            or not self.has_required_scopes(
-                self.sessions[session_key].scopes, hook_ctx.oauth2_scopes
-            )
-            or self.has_token_expired(self.sessions[session_key].expires_at)
-        ):
-            sess = self.do_token_request(
+        scopes = self.get_required_scopes(credentials, hook_ctx)
+        session = self.get_existing_session(session_key, scopes)
+
+        if session is None:
+            # Create new session
+            session = self.do_token_request(
                 hook_ctx,
                 credentials,
-                self.get_scopes(hook_ctx.oauth2_scopes, self.sessions.get(session_key)),
+                scopes,
             )
 
-            self.sessions[session_key] = sess
+            if session_key not in self.sessions:
+                self.sessions[session_key] = {}
+
+            scope_key = self.get_scope_key(scopes)
+            self.sessions[session_key][scope_key] = session
 
-        request.headers["Authorization"] = f"Bearer {self.sessions[session_key].token}"
+        request.headers["Authorization"] = f"Bearer {session.token}"
 
         return request
 
@@ -106,8 +110,7 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
         response: Optional[httpx.Response],
         error: Optional[Exception],
     ) -> Union[Tuple[Optional[httpx.Response], Optional[Exception]], Exception]:
-        if hook_ctx.oauth2_scopes is None:
-            # OAuth2 not in use
+        if self.is_hook_disabled(hook_ctx):
             return (response, error)
 
         # We don't want to refresh the token if the error is not related to the token
@@ -122,12 +125,15 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
             session_key = self.get_session_key(
                 credentials.client_id, credentials.client_secret
             )
-
-            if session_key in self.sessions:
-                del self.sessions[session_key]
+            scopes = self.get_required_scopes(credentials, hook_ctx)
+            scope_key = self.get_scope_key(scopes)
+            self.remove_session(session_key, scope_key)
 
         return (response, error)
 
+    def is_hook_disabled(self, hook_ctx: HookContext) -> bool:
+        return hook_ctx.oauth2_scopes is None
+
     def get_credentials(self, hook_ctx: HookContext) -> Optional[Credentials]:
         source = hook_ctx.security_source
 
@@ -145,21 +151,19 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
         # Extract additional properties from security object
         additional_properties = {}
         for key, value in dict(security.client_oauth).items():
-            if key not in ["client_id", "client_secret", "token_url"]:
+            if key not in ["client_id", "client_secret", "token_url", "scopes"]:
                 additional_properties[key] = value
 
         return Credentials(
             client_id=security.client_oauth.client_id,
             client_secret=security.client_oauth.client_secret,
             token_url=security.client_oauth.token_url,
+            scopes=None,
             additional_properties=additional_properties,
         )
 
     def do_token_request(
-        self,
-        hook_ctx: HookContext,
-        credentials: Credentials,
-        scopes: Optional[List[str]],
+        self, hook_ctx: HookContext, credentials: Credentials, scopes: List[str]
     ) -> Session:
         payload = {
             "grant_type": "client_credentials",
@@ -167,7 +171,7 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
             "client_secret": credentials.client_secret,
         }
 
-        if scopes is not None and len(scopes) > 0:
+        if len(scopes) > 0:
             payload["scope"] = " ".join(scopes)
 
         # Add additional properties to payload
@@ -203,24 +207,70 @@ class ClientCredentialsHook(SDKInitHook, BeforeRequestHook, AfterErrorHook):
         )
 
     def get_session_key(self, client_id: str, client_secret: str) -> str:
+        """Generate a consistent session key for the given client ID and secret."""
         return hashlib.md5(f"{client_id}:{client_secret}".encode()).hexdigest()
 
+    def get_required_scopes(
+        self, credentials: Credentials, hook_ctx: HookContext
+    ) -> List[str]:
+        """Return the list of scopes that need to be requested."""
+        if credentials.scopes is not None:
+            return credentials.scopes
+        return hook_ctx.oauth2_scopes or []
+
+    def get_scope_key(self, scopes: List[str]) -> str:
+        """Generate a consistent scope key for the given scopes."""
+        if not scopes:
+            return ""
+
+        sorted_scopes = sorted(scopes)
+        return "&".join(sorted_scopes)
+
+    def remove_session(self, client_key: str, scope_key: str) -> None:
+        """Remove a session and clean up empty client session maps."""
+        if client_key in self.sessions and scope_key in self.sessions[client_key]:
+            del self.sessions[client_key][scope_key]
+
+            # Clean up empty client sessions
+            if not self.sessions[client_key]:
+                del self.sessions[client_key]
+
+    def get_existing_session(
+        self, client_key: str, required_scopes: List[str]
+    ) -> Optional[Session]:
+        """Find the best session for the required scopes."""
+        if client_key not in self.sessions:
+            return None
+
+        client_sessions = self.sessions[client_key]
+        scope_key = self.get_scope_key(required_scopes)
+
+        if scope_key in client_sessions:
+            exact_match = client_sessions[scope_key]
+            if self.has_token_expired(exact_match.expires_at):
+                self.remove_session(client_key, scope_key)
+            else:
+                return exact_match
+
+        # If no exact match was found, look for a superset match
+        for key, session in client_sessions.items():
+            if self.has_token_expired(session.expires_at):
+                self.remove_session(client_key, key)
+            elif self.has_required_scopes(session.scopes, required_scopes):
+                return session
+
+        return None
+
     def has_required_scopes(
-        self, scopes: Optional[List[str]], required_scopes: List[str]
+        self, scopes: List[str], required_scopes: List[str]
     ) -> bool:
-        if scopes is None:
-            return False
-
+        """Check if all required scopes are present in the given scopes."""
         return all(scope in scopes for scope in required_scopes)
 
-    def get_scopes(
-        self, required_scopes: List[str], sess: Optional[Session]
-    ) -> List[str]:
-        scopes = required_scopes.copy()
-        if sess is not None and sess.scopes is not None:
-            scopes.extend(sess.scopes)
-            scopes = list(set(scopes))
-        return scopes
-
     def has_token_expired(self, expires_at: Optional[int]) -> bool:
-        return expires_at is None or time.time() + 60 >= expires_at
+        """
+        Check if the token has expired.
+        If no expires_in field was returned by the authorization server, the token is considered to never expire.
+        A 60-second buffer is applied to refresh tokens before they actually expire.
+        """
+        return expires_at is not None and time.time() + 60 >= expires_at

cribl_control_plane/_version.py

@@ -3,10 +3,10 @@
 import importlib.metadata
 
 __title__: str = "cribl-control-plane"
-__version__: str = "0.1.0b2"
-__openapi_doc_version__: str = "4.15.0-alpha.1759327501989-3e9845e9"
-__gen_version__: str = "2.716.16"
-__user_agent__: str = "speakeasy-sdk/python 0.1.0b2 2.716.16 4.15.0-alpha.1759327501989-3e9845e9 cribl-control-plane"
+__version__: str = "0.2.0b1"
+__openapi_doc_version__: str = "4.15.0-alpha.1760137873808-498c0e83"
+__gen_version__: str = "2.723.11"
+__user_agent__: str = "speakeasy-sdk/python 0.2.0b1 2.723.11 4.15.0-alpha.1760137873808-498c0e83 cribl-control-plane"
 
 try:
     if __package__ is not None:

cribl_control_plane/errors/apierror.py

@@ -9,7 +9,7 @@ from cribl_control_plane.errors import CriblControlPlaneError
 MAX_MESSAGE_LEN = 10_000
 
 
-@dataclass(frozen=True)
+@dataclass(unsafe_hash=True)
 class APIError(CriblControlPlaneError):
     """The fallback error class if no more specific error class is matched."""
 

cribl_control_plane/errors/criblcontrolplaneerror.py

@@ -5,7 +5,7 @@ from typing import Optional
 from dataclasses import dataclass, field
 
 
-@dataclass(frozen=True)
+@dataclass(unsafe_hash=True)
 class CriblControlPlaneError(Exception):
     """The base class for all HTTP error responses."""
 

cribl_control_plane/errors/error.py

@@ -13,7 +13,7 @@ class ErrorData(BaseModel):
     r"""Error message"""
 
 
-@dataclass(frozen=True)
+@dataclass(unsafe_hash=True)
 class Error(CriblControlPlaneError):
     data: ErrorData = field(hash=False)
 

cribl_control_plane/errors/healthstatus_error.py

@@ -25,7 +25,7 @@ class HealthStatusErrorData(BaseModel):
     ] = None
 
 
-@dataclass(frozen=True)
+@dataclass(unsafe_hash=True)
 class HealthStatusError(CriblControlPlaneError):
     data: HealthStatusErrorData = field(hash=False)
 

cribl_control_plane/errors/no_response_error.py

@@ -3,7 +3,7 @@
 from dataclasses import dataclass
 
 
-@dataclass(frozen=True)
+@dataclass(unsafe_hash=True)
 class NoResponseError(Exception):
     """Error raised when no HTTP response is received from the server."""
 

cribl_control_plane/errors/responsevalidationerror.py

@@ -7,7 +7,7 @@ from dataclasses import dataclass
 from cribl_control_plane.errors import CriblControlPlaneError
 
 
-@dataclass(frozen=True)
+@dataclass(unsafe_hash=True)
 class ResponseValidationError(CriblControlPlaneError):
     """Error raised when there is a type mismatch between the response data and the expected Pydantic model."""
 

cribl_control_plane/httpclient.py

@@ -107,7 +107,6 @@ def close_clients(
     # to them from the owning SDK instance and they can be reaped.
     owner.client = None
     owner.async_client = None
-
     if sync_client is not None and not sync_client_supplied:
         try:
             sync_client.close()

cribl_control_plane/models/__init__.py

@@ -336,7 +336,7 @@ if TYPE_CHECKING:
     from .gitdiffresult import GitDiffResult, GitDiffResultTypedDict
     from .gitfile import GitFile, GitFileTypedDict
     from .gitfilesresponse import GitFilesResponse, GitFilesResponseTypedDict
-    from .gitinfo import GitInfo, GitInfoTypedDict, Remote, RemoteTypedDict
+    from .gitinfo import GitInfo, GitInfoTypedDict, Remote, RemoteEnum, RemoteTypedDict
     from .gitlogresult import GitLogResult, GitLogResultTypedDict
     from .gitrevertparams import GitRevertParams, GitRevertParamsTypedDict
     from .gitrevertresult import (
@@ -1921,6 +1921,27 @@ if TYPE_CHECKING:
         OutputAzureLogsType,
         OutputAzureLogsTypedDict,
     )
+    from .outputchronicle import (
+        OutputChronicle,
+        OutputChronicleAuthenticationMethod,
+        OutputChronicleBackpressureBehavior,
+        OutputChronicleCompression,
+        OutputChronicleCustomLabel,
+        OutputChronicleCustomLabelTypedDict,
+        OutputChronicleExtraHTTPHeader,
+        OutputChronicleExtraHTTPHeaderTypedDict,
+        OutputChronicleFailedRequestLoggingMode,
+        OutputChronicleMode,
+        OutputChroniclePqControls,
+        OutputChroniclePqControlsTypedDict,
+        OutputChronicleQueueFullBehavior,
+        OutputChronicleResponseRetrySetting,
+        OutputChronicleResponseRetrySettingTypedDict,
+        OutputChronicleTimeoutRetrySettings,
+        OutputChronicleTimeoutRetrySettingsTypedDict,
+        OutputChronicleType,
+        OutputChronicleTypedDict,
+    )
     from .outputclickhouse import (
         ColumnMapping,
         ColumnMappingTypedDict,
@@ -2272,8 +2293,6 @@ if TYPE_CHECKING:
         OutputFilesystemTypedDict,
     )
     from .outputgooglechronicle import (
-        CustomLabel,
-        CustomLabelTypedDict,
         ExtraLogType,
         ExtraLogTypeTypedDict,
         OutputGoogleChronicle,
@@ -2281,6 +2300,8 @@ if TYPE_CHECKING:
         OutputGoogleChronicleAuthenticationMethod,
         OutputGoogleChronicleBackpressureBehavior,
         OutputGoogleChronicleCompression,
+        OutputGoogleChronicleCustomLabel,
+        OutputGoogleChronicleCustomLabelTypedDict,
         OutputGoogleChronicleExtraHTTPHeader,
         OutputGoogleChronicleExtraHTTPHeaderTypedDict,
         OutputGoogleChronicleFailedRequestLoggingMode,
@@ -3398,8 +3419,6 @@ __all__ = [
     "CriblLakeDatasetTypedDict",
     "CurrentBranchResult",
     "CurrentBranchResultTypedDict",
-    "CustomLabel",
-    "CustomLabelTypedDict",
     "DNS",
     "DNSTypedDict",
     "DataSetSite",
@@ -4993,6 +5012,25 @@ __all__ = [
     "OutputAzureLogsTimeoutRetrySettingsTypedDict",
     "OutputAzureLogsType",
     "OutputAzureLogsTypedDict",
+    "OutputChronicle",
+    "OutputChronicleAuthenticationMethod",
+    "OutputChronicleBackpressureBehavior",
+    "OutputChronicleCompression",
+    "OutputChronicleCustomLabel",
+    "OutputChronicleCustomLabelTypedDict",
+    "OutputChronicleExtraHTTPHeader",
+    "OutputChronicleExtraHTTPHeaderTypedDict",
+    "OutputChronicleFailedRequestLoggingMode",
+    "OutputChronicleMode",
+    "OutputChroniclePqControls",
+    "OutputChroniclePqControlsTypedDict",
+    "OutputChronicleQueueFullBehavior",
+    "OutputChronicleResponseRetrySetting",
+    "OutputChronicleResponseRetrySettingTypedDict",
+    "OutputChronicleTimeoutRetrySettings",
+    "OutputChronicleTimeoutRetrySettingsTypedDict",
+    "OutputChronicleType",
+    "OutputChronicleTypedDict",
     "OutputClickHouse",
     "OutputClickHouseAuthenticationType",
     "OutputClickHouseBackpressureBehavior",
@@ -5304,6 +5342,8 @@ __all__ = [
     "OutputGoogleChronicleAuthenticationMethod",
     "OutputGoogleChronicleBackpressureBehavior",
     "OutputGoogleChronicleCompression",
+    "OutputGoogleChronicleCustomLabel",
+    "OutputGoogleChronicleCustomLabelTypedDict",
     "OutputGoogleChronicleExtraHTTPHeader",
     "OutputGoogleChronicleExtraHTTPHeaderTypedDict",
     "OutputGoogleChronicleFailedRequestLoggingMode",
@@ -6063,6 +6103,7 @@ __all__ = [
     "RbacResource",
     "ReadMode",
     "Remote",
+    "RemoteEnum",
     "RemoteTypedDict",
     "Renamed",
     "RenamedTypedDict",
@@ -6472,6 +6513,7 @@ _dynamic_imports: dict[str, str] = {
     "GitInfo": ".gitinfo",
     "GitInfoTypedDict": ".gitinfo",
     "Remote": ".gitinfo",
+    "RemoteEnum": ".gitinfo",
     "RemoteTypedDict": ".gitinfo",
     "GitLogResult": ".gitlogresult",
     "GitLogResultTypedDict": ".gitlogresult",
@@ -7931,6 +7973,25 @@ _dynamic_imports: dict[str, str] = {
     "OutputAzureLogsTimeoutRetrySettingsTypedDict": ".outputazurelogs",
     "OutputAzureLogsType": ".outputazurelogs",
     "OutputAzureLogsTypedDict": ".outputazurelogs",
+    "OutputChronicle": ".outputchronicle",
+    "OutputChronicleAuthenticationMethod": ".outputchronicle",
+    "OutputChronicleBackpressureBehavior": ".outputchronicle",
+    "OutputChronicleCompression": ".outputchronicle",
+    "OutputChronicleCustomLabel": ".outputchronicle",
+    "OutputChronicleCustomLabelTypedDict": ".outputchronicle",
+    "OutputChronicleExtraHTTPHeader": ".outputchronicle",
+    "OutputChronicleExtraHTTPHeaderTypedDict": ".outputchronicle",
+    "OutputChronicleFailedRequestLoggingMode": ".outputchronicle",
+    "OutputChronicleMode": ".outputchronicle",
+    "OutputChroniclePqControls": ".outputchronicle",
+    "OutputChroniclePqControlsTypedDict": ".outputchronicle",
+    "OutputChronicleQueueFullBehavior": ".outputchronicle",
+    "OutputChronicleResponseRetrySetting": ".outputchronicle",
+    "OutputChronicleResponseRetrySettingTypedDict": ".outputchronicle",
+    "OutputChronicleTimeoutRetrySettings": ".outputchronicle",
+    "OutputChronicleTimeoutRetrySettingsTypedDict": ".outputchronicle",
+    "OutputChronicleType": ".outputchronicle",
+    "OutputChronicleTypedDict": ".outputchronicle",
     "ColumnMapping": ".outputclickhouse",
     "ColumnMappingTypedDict": ".outputclickhouse",
     "MappingType": ".outputclickhouse",
@@ -8249,8 +8310,6 @@ _dynamic_imports: dict[str, str] = {
     "OutputFilesystemParquetVersion": ".outputfilesystem",
     "OutputFilesystemType": ".outputfilesystem",
     "OutputFilesystemTypedDict": ".outputfilesystem",
-    "CustomLabel": ".outputgooglechronicle",
-    "CustomLabelTypedDict": ".outputgooglechronicle",
     "ExtraLogType": ".outputgooglechronicle",
     "ExtraLogTypeTypedDict": ".outputgooglechronicle",
     "OutputGoogleChronicle": ".outputgooglechronicle",
@@ -8258,6 +8317,8 @@ _dynamic_imports: dict[str, str] = {
     "OutputGoogleChronicleAuthenticationMethod": ".outputgooglechronicle",
     "OutputGoogleChronicleBackpressureBehavior": ".outputgooglechronicle",
     "OutputGoogleChronicleCompression": ".outputgooglechronicle",
+    "OutputGoogleChronicleCustomLabel": ".outputgooglechronicle",
+    "OutputGoogleChronicleCustomLabelTypedDict": ".outputgooglechronicle",
     "OutputGoogleChronicleExtraHTTPHeader": ".outputgooglechronicle",
     "OutputGoogleChronicleExtraHTTPHeaderTypedDict": ".outputgooglechronicle",
     "OutputGoogleChronicleFailedRequestLoggingMode": ".outputgooglechronicle",

cribl_control_plane/models/createversionundoop.py

@@ -4,7 +4,7 @@ from __future__ import annotations
 from cribl_control_plane.types import BaseModel
 from cribl_control_plane.utils import FieldMetadata, QueryParamMetadata
 import pydantic
-from typing import List, Optional
+from typing import Any, Dict, List, Optional
 from typing_extensions import Annotated, NotRequired, TypedDict
 
 
@@ -27,7 +27,7 @@ class CreateVersionUndoResponseTypedDict(TypedDict):
 
     count: NotRequired[int]
     r"""number of items present in the items array"""
-    items: NotRequired[List[str]]
+    items: NotRequired[List[Dict[str, Any]]]
 
 
 class CreateVersionUndoResponse(BaseModel):
@@ -36,4 +36,4 @@ class CreateVersionUndoResponse(BaseModel):
     count: Optional[int] = None
     r"""number of items present in the items array"""
 
-    items: Optional[List[str]] = None
+    items: Optional[List[Dict[str, Any]]] = None

cribl_control_plane/models/distributedsummary.py

@@ -9,7 +9,9 @@ from typing_extensions import Annotated, TypedDict
 class DistributedSummaryGroupsTypedDict(TypedDict):
     count: float
     destinations: float
+    packs: float
     pipelines: float
+    quick_connects: float
     routes: float
     sources: float
 
@@ -19,8 +21,12 @@ class DistributedSummaryGroups(BaseModel):
 
     destinations: float
 
+    packs: float
+
     pipelines: float
 
+    quick_connects: Annotated[float, pydantic.Field(alias="quickConnects")]
+
     routes: float
 
     sources: float

cribl_control_plane/models/gitinfo.py

@@ -1,15 +1,26 @@
 """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT."""
 
 from __future__ import annotations
+from cribl_control_plane import utils
 from cribl_control_plane.types import BaseModel
+from cribl_control_plane.utils import validate_open_enum
+from enum import Enum
+from pydantic.functional_validators import PlainValidator
 from typing import Union
-from typing_extensions import TypeAliasType, TypedDict
+from typing_extensions import Annotated, TypeAliasType, TypedDict
 
 
-RemoteTypedDict = TypeAliasType("RemoteTypedDict", Union[str, bool])
+class RemoteEnum(str, Enum, metaclass=utils.OpenEnumMeta):
+    FALSE = "false"
 
 
-Remote = TypeAliasType("Remote", Union[str, bool])
+RemoteTypedDict = TypeAliasType("RemoteTypedDict", Union[str, RemoteEnum])
+
+
+Remote = TypeAliasType(
+    "Remote",
+    Union[str, Annotated[RemoteEnum, PlainValidator(validate_open_enum(False))]],
+)
 
 
 class GitInfoTypedDict(TypedDict):