fin-infra 0.1.56__tar.gz → 0.1.58__tar.gz

{fin_infra-0.1.56 → fin_infra-0.1.58}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: fin-infra
-Version: 0.1.56
+Version: 0.1.58
 Summary: Financial infrastructure toolkit: banking connections, market data, credit, cashflows, and brokerage integrations
 License: MIT
 Keywords: finance,banking,plaid,brokerage,markets,credit,tax,cashflow,fintech,infra

{fin_infra-0.1.56 → fin_infra-0.1.58}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "fin-infra"
-version = "0.1.56"
+version = "0.1.58"
 description = "Financial infrastructure toolkit: banking connections, market data, credit, cashflows, and brokerage integrations"
 authors = ["Ali Khatami <aliikhatami94@gmail.com>"]
 license = "MIT"

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/banking/history.py

@@ -4,6 +4,9 @@ This module provides functionality to record and retrieve historical account bal
 snapshots over time. This enables balance trend analysis, sparklines, and time-series
 visualizations in fintech dashboards.
 
+⚠️ WARNING: This module uses IN-MEMORY storage by default. All data is LOST on restart.
+For production use, integrate with svc-infra SQL database or set FIN_INFRA_STORAGE_BACKEND.
+
 Features:
 - Record daily balance snapshots for accounts
 - Store snapshots in time-series optimized format
@@ -36,6 +39,8 @@ Integration with svc-infra:
 
 from __future__ import annotations
 
+import logging
+import os
 from datetime import date, datetime, timedelta
 from typing import List, Optional
 from pydantic import BaseModel, Field, ConfigDict
@@ -50,8 +55,31 @@ __all__ = [
 ]
 
 
+_logger = logging.getLogger(__name__)
+
 # In-memory storage for testing (will be replaced with SQL database in production)
+# ⚠️ WARNING: All data is LOST on restart when using in-memory storage!
 _balance_snapshots: List[BalanceSnapshot] = []
+_production_warning_logged = False
+
+
+def _check_in_memory_warning() -> None:
+    """Log a warning if using in-memory storage in production."""
+    global _production_warning_logged
+    if _production_warning_logged:
+        return
+    
+    env = os.getenv("ENV", "development").lower()
+    storage_backend = os.getenv("FIN_INFRA_STORAGE_BACKEND", "memory").lower()
+    
+    if env in ("production", "staging") and storage_backend == "memory":
+        _logger.warning(
+            "⚠️ CRITICAL: Balance history using IN-MEMORY storage in %s environment! "
+            "All balance snapshots will be LOST on restart. "
+            "Set FIN_INFRA_STORAGE_BACKEND=sql for production persistence.",
+            env,
+        )
+        _production_warning_logged = True
 
 
 class BalanceSnapshot(BaseModel):
@@ -87,6 +115,8 @@ def record_balance_snapshot(
     This function stores a point-in-time balance record for trend analysis.
     In production, this would write to a SQL database via svc-infra.
 
+    ⚠️ WARNING: Uses in-memory storage by default. Data is LOST on restart!
+
     Args:
         account_id: Account identifier
         balance: Account balance at the snapshot time
@@ -103,6 +133,9 @@ def record_balance_snapshot(
         - In production, use unique constraint on (account_id, date) in SQL
         - Consider using svc-infra jobs for automatic daily snapshots
     """
+    # Check if in-memory storage is being used in production
+    _check_in_memory_warning()
+    
     snapshot = BalanceSnapshot(
         account_id=account_id,
         balance=balance,

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/credit/experian/auth.py

@@ -27,7 +27,6 @@ import base64
 
 import httpx
 from svc_infra.cache import cache_read
-from svc_infra.cache.tags import invalidate_tags
 
 # Cache key for OAuth tokens: "oauth_token:experian:{base_url_hash}"
 # TTL: 3600 seconds (1 hour) - matches typical OAuth token expiry
@@ -91,7 +90,7 @@ class ExperianAuthManager:
     @cache_read(
         key="oauth_token:experian:{client_id}",  # Use client_id for uniqueness
         ttl=3600,  # 1 hour - matches OAuth token expiry
-        tags=lambda **kw: ["oauth:experian"],
+        tags=lambda **kw: [f"oauth:experian:{kw['client_id']}"],  # Client-specific tag
     )
     async def _get_token_cached(self, *, client_id: str) -> str:
         """Cached token getter (internal method).
@@ -144,10 +143,10 @@ class ExperianAuthManager:
         return data["access_token"]
 
     async def invalidate(self) -> None:
-        """Invalidate cached token (force refresh on next get_token call).
+        """Invalidate cached token for THIS client (force refresh on next get_token call).
 
-        Uses svc-infra cache tag invalidation to clear all tokens with tag
-        "oauth:experian". Useful when token is rejected by API.
+        Invalidates only the token for this specific client_id, not all Experian tokens.
+        Useful when token is rejected by API.
 
         Example:
             >>> try:
@@ -157,4 +156,8 @@ class ExperianAuthManager:
             ...         await auth.invalidate()
             ...         # Next get_token() will fetch new token
         """
-        await invalidate_tags("oauth:experian")
+        # Import here to avoid circular import
+        from svc_infra.cache.tags import invalidate_tags
+
+        # Invalidate using client-specific tag, not all Experian tokens
+        await invalidate_tags(f"oauth:experian:{self.client_id}")

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/credit/experian/provider.py

@@ -7,6 +7,7 @@ Features:
 - HTTP client with retry logic
 - Response parsing to Pydantic models
 - FCRA compliance headers
+- FCRA audit logging (required for regulatory compliance)
 - Error handling
 
 Example:
@@ -28,6 +29,8 @@ Example:
     >>> print(len(report.accounts))  # Real credit accounts
 """
 
+import logging
+from datetime import datetime, timezone
 from typing import Literal
 
 from fin_infra.credit.experian.auth import ExperianAuthManager
@@ -37,6 +40,10 @@ from fin_infra.models.credit import CreditReport, CreditScore
 from fin_infra.providers.base import CreditProvider
 from fin_infra.settings import Settings
 
+# FCRA audit logger - use dedicated logger for compliance auditing
+# This should be configured to write to a tamper-evident, append-only log
+fcra_audit_logger = logging.getLogger("fin_infra.fcra_audit")
+
 
 class ExperianProvider(CreditProvider):
     """Experian credit bureau provider with real API integration.
@@ -143,11 +150,14 @@ class ExperianProvider(CreditProvider):
         """Retrieve current credit score for a user from Experian API.
 
         Makes real API call to Experian. Uses FCRA-compliant permissible purpose.
+        All credit pulls are logged for FCRA compliance (15 USC § 1681b).
 
         Args:
             user_id: User identifier (SSN hash or internal ID)
             **kwargs: Additional parameters
                 - permissible_purpose: FCRA purpose (default: "account_review")
+                - requester_ip: IP address of requester (for audit log)
+                - requester_user_id: ID of user/service making the request
 
         Returns:
             CreditScore with real FICO score from Experian
@@ -162,25 +172,79 @@ class ExperianProvider(CreditProvider):
             >>> print(score.score)  # Real FICO score (300-850)
         """
         permissible_purpose = kwargs.get("permissible_purpose", "account_review")
-
-        # Fetch from Experian API
-        data = await self._client.get_credit_score(
-            user_id,
-            permissible_purpose=permissible_purpose,
+        requester_ip = kwargs.get("requester_ip", "unknown")
+        requester_user_id = kwargs.get("requester_user_id", "unknown")
+        
+        # FCRA Audit Log - REQUIRED for regulatory compliance (15 USC § 1681b)
+        # This log must be retained for at least 2 years per FCRA requirements
+        timestamp = datetime.now(timezone.utc).isoformat()
+        fcra_audit_logger.info(
+            "FCRA_CREDIT_PULL",
+            extra={
+                "action": "credit_score_pull",
+                "subject_user_id": user_id,
+                "requester_user_id": requester_user_id,
+                "requester_ip": requester_ip,
+                "permissible_purpose": permissible_purpose,
+                "provider": "experian",
+                "environment": self.environment,
+                "timestamp": timestamp,
+                "result": "pending",
+            }
         )
 
-        # Parse response to CreditScore model
-        return parse_credit_score(data, user_id=user_id)
+        try:
+            # Fetch from Experian API
+            data = await self._client.get_credit_score(
+                user_id,
+                permissible_purpose=permissible_purpose,
+            )
+
+            # Parse response to CreditScore model
+            result = parse_credit_score(data, user_id=user_id)
+            
+            # Log successful pull
+            fcra_audit_logger.info(
+                "FCRA_CREDIT_PULL_SUCCESS",
+                extra={
+                    "action": "credit_score_pull",
+                    "subject_user_id": user_id,
+                    "requester_user_id": requester_user_id,
+                    "timestamp": timestamp,
+                    "result": "success",
+                    "score_returned": result.score is not None,
+                }
+            )
+            
+            return result
+            
+        except Exception as e:
+            # Log failed pull - still required for FCRA audit trail
+            fcra_audit_logger.warning(
+                "FCRA_CREDIT_PULL_FAILED",
+                extra={
+                    "action": "credit_score_pull",
+                    "subject_user_id": user_id,
+                    "requester_user_id": requester_user_id,
+                    "timestamp": timestamp,
+                    "result": "error",
+                    "error_type": type(e).__name__,
+                }
+            )
+            raise
 
     async def get_credit_report(self, user_id: str, **kwargs) -> CreditReport:
         """Retrieve full credit report for a user from Experian API.
 
         Makes real API call to Experian. Includes FCRA-required permissible purpose header.
+        All credit pulls are logged for FCRA compliance (15 USC § 1681b).
 
         Args:
             user_id: User identifier (SSN hash or internal ID)
             **kwargs: Additional parameters
                 - permissible_purpose: FCRA purpose (default: "account_review")
+                - requester_ip: IP address of requester (for audit log)
+                - requester_user_id: ID of user/service making the request
 
         Returns:
             CreditReport with real credit data from Experian
@@ -196,15 +260,69 @@ class ExperianProvider(CreditProvider):
             >>> print(report.score.score)  # Real FICO score
         """
         permissible_purpose = kwargs.get("permissible_purpose", "account_review")
-
-        # Fetch from Experian API
-        data = await self._client.get_credit_report(
-            user_id,
-            permissible_purpose=permissible_purpose,
+        requester_ip = kwargs.get("requester_ip", "unknown")
+        requester_user_id = kwargs.get("requester_user_id", "unknown")
+        
+        # FCRA Audit Log - REQUIRED for regulatory compliance (15 USC § 1681b)
+        # Full credit report pulls have stricter requirements than score-only pulls
+        # This log must be retained for at least 2 years per FCRA requirements
+        timestamp = datetime.now(timezone.utc).isoformat()
+        fcra_audit_logger.info(
+            "FCRA_CREDIT_PULL",
+            extra={
+                "action": "credit_report_pull",
+                "subject_user_id": user_id,
+                "requester_user_id": requester_user_id,
+                "requester_ip": requester_ip,
+                "permissible_purpose": permissible_purpose,
+                "provider": "experian",
+                "environment": self.environment,
+                "timestamp": timestamp,
+                "result": "pending",
+                "report_type": "full",
+            }
         )
 
-        # Parse response to CreditReport model
-        return parse_credit_report(data, user_id=user_id)
+        try:
+            # Fetch from Experian API
+            data = await self._client.get_credit_report(
+                user_id,
+                permissible_purpose=permissible_purpose,
+            )
+
+            # Parse response to CreditReport model
+            result = parse_credit_report(data, user_id=user_id)
+            
+            # Log successful pull
+            fcra_audit_logger.info(
+                "FCRA_CREDIT_PULL_SUCCESS",
+                extra={
+                    "action": "credit_report_pull",
+                    "subject_user_id": user_id,
+                    "requester_user_id": requester_user_id,
+                    "timestamp": timestamp,
+                    "result": "success",
+                    "accounts_returned": len(result.accounts) if result.accounts else 0,
+                    "inquiries_returned": len(result.inquiries) if result.inquiries else 0,
+                }
+            )
+            
+            return result
+            
+        except Exception as e:
+            # Log failed pull - still required for FCRA audit trail
+            fcra_audit_logger.warning(
+                "FCRA_CREDIT_PULL_FAILED",
+                extra={
+                    "action": "credit_report_pull",
+                    "subject_user_id": user_id,
+                    "requester_user_id": requester_user_id,
+                    "timestamp": timestamp,
+                    "result": "error",
+                    "error_type": type(e).__name__,
+                }
+            )
+            raise
 
     async def subscribe_to_changes(self, user_id: str, webhook_url: str, **kwargs) -> str:
         """Subscribe to credit score change notifications from Experian.

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/investments/ease.py

@@ -46,7 +46,7 @@ def easy_investments(
         Plaid:
             - PLAID_CLIENT_ID: Plaid client ID
             - PLAID_SECRET: Plaid secret key
-            - PLAID_ENV: Environment (sandbox/development/production), default: sandbox
+            - PLAID_ENVIRONMENT: Environment (sandbox/development/production), default: sandbox
 
         SnapTrade:
             - SNAPTRADE_CLIENT_ID: SnapTrade client ID
@@ -177,7 +177,7 @@ def _create_plaid_provider(**config: Any) -> InvestmentProvider:
     # Get credentials from config or environment
     client_id = config.get("client_id") or os.getenv("PLAID_CLIENT_ID")
     secret = config.get("secret") or os.getenv("PLAID_SECRET")
-    environment = config.get("environment") or os.getenv("PLAID_ENV", "sandbox")
+    environment = config.get("environment") or os.getenv("PLAID_ENVIRONMENT", "sandbox")
 
     # Validate required credentials
     if not client_id or not secret:

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/investments/providers/base.py

@@ -217,8 +217,9 @@ class InvestmentProvider(ABC):
         )
 
         total_gain_loss = total_value - total_cost_basis
+        # Use != 0 to handle short sales (negative cost basis)
         total_gain_loss_percent = (
-            (total_gain_loss / total_cost_basis * 100) if total_cost_basis > 0 else 0.0
+            (total_gain_loss / total_cost_basis * 100) if total_cost_basis != 0 else 0.0
         )
 
         return {

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/investments/providers/snaptrade.py

@@ -20,7 +20,6 @@ from ..models import (
     InvestmentAccount,
     InvestmentTransaction,
     Security,
-    SecurityType,
     TransactionType,
 )
 from .base import InvestmentProvider
@@ -96,6 +95,25 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
             timeout=30.0,
         )
 
+    def _auth_headers(self, user_id: str, user_secret: str) -> Dict[str, str]:
+        """Build authentication headers for SnapTrade API requests.
+        
+        SECURITY: User secrets are passed in headers, NOT URL params.
+        URL params are logged in access logs, browser history, and proxy logs.
+        Headers are not logged by default in most web servers.
+        
+        Args:
+            user_id: SnapTrade user ID
+            user_secret: SnapTrade user secret (sensitive!)
+            
+        Returns:
+            Dict with authentication headers
+        """
+        return {
+            "userId": user_id,
+            "userSecret": user_secret,
+        }
+
     async def get_holdings(
         self,
         access_token: str,
@@ -123,12 +141,12 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
             ...     print(f"{holding.security.ticker_symbol}: P&L ${pnl}")
         """
         user_id, user_secret = self._parse_access_token(access_token)
+        auth_headers = self._auth_headers(user_id, user_secret)
 
         try:
             # Get all accounts
             accounts_url = f"{self.base_url}/accounts"
-            params = {"userId": user_id, "userSecret": user_secret}
-            response = await self.client.get(accounts_url, params=params)
+            response = await self.client.get(accounts_url, headers=auth_headers)
             response.raise_for_status()
             accounts = await response.json()
 
@@ -143,8 +161,7 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
                 positions_url = (
                     f"{self.base_url}/accounts/{account_id}/positions"
                 )
-                pos_params = {"userId": user_id, "userSecret": user_secret}
-                pos_response = await self.client.get(positions_url, params=pos_params)
+                pos_response = await self.client.get(positions_url, headers=auth_headers)
                 pos_response.raise_for_status()
                 positions = await pos_response.json()
 
@@ -192,12 +209,12 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
             raise ValueError("start_date must be before end_date")
 
         user_id, user_secret = self._parse_access_token(access_token)
+        auth_headers = self._auth_headers(user_id, user_secret)
 
         try:
             # Get all accounts
             accounts_url = f"{self.base_url}/accounts"
-            params = {"userId": user_id, "userSecret": user_secret}
-            response = await self.client.get(accounts_url, params=params)
+            response = await self.client.get(accounts_url, headers=auth_headers)
             response.raise_for_status()
             accounts = await response.json()
 
@@ -212,13 +229,12 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
                 transactions_url = (
                     f"{self.base_url}/accounts/{account_id}/transactions"
                 )
+                # Date params are non-sensitive, only auth goes in headers
                 tx_params = {
-                    "userId": user_id,
-                    "userSecret": user_secret,
                     "startDate": start_date.isoformat(),
                     "endDate": end_date.isoformat(),
                 }
-                tx_response = await self.client.get(transactions_url, params=tx_params)
+                tx_response = await self.client.get(transactions_url, params=tx_params, headers=auth_headers)
                 tx_response.raise_for_status()
                 transactions = await tx_response.json()
 
@@ -297,12 +313,12 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
             ...     print(f"  P&L: {account.total_unrealized_gain_loss_percent:.2f}%")
         """
         user_id, user_secret = self._parse_access_token(access_token)
+        auth_headers = self._auth_headers(user_id, user_secret)
 
         try:
             # Get all accounts
             accounts_url = f"{self.base_url}/accounts"
-            params = {"userId": user_id, "userSecret": user_secret}
-            response = await self.client.get(accounts_url, params=params)
+            response = await self.client.get(accounts_url, headers=auth_headers)
             response.raise_for_status()
             accounts = await response.json()
 
@@ -315,8 +331,7 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
                 positions_url = (
                     f"{self.base_url}/accounts/{account_id}/positions"
                 )
-                pos_params = {"userId": user_id, "userSecret": user_secret}
-                pos_response = await self.client.get(positions_url, params=pos_params)
+                pos_response = await self.client.get(positions_url, headers=auth_headers)
                 pos_response.raise_for_status()
                 positions = await pos_response.json()
 
@@ -328,8 +343,7 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
 
                 # Get account balances
                 balances_url = f"{self.base_url}/accounts/{account_id}/balances"
-                bal_params = {"userId": user_id, "userSecret": user_secret}
-                bal_response = await self.client.get(balances_url, params=bal_params)
+                bal_response = await self.client.get(balances_url, headers=auth_headers)
                 bal_response.raise_for_status()
                 balances = await bal_response.json()
 
@@ -373,11 +387,11 @@ class SnapTradeInvestmentProvider(InvestmentProvider):
             ...     print(f"Connected: {conn['brokerage_name']}")
         """
         user_id, user_secret = self._parse_access_token(access_token)
+        auth_headers = self._auth_headers(user_id, user_secret)
 
         try:
             url = f"{self.base_url}/connections"
-            params = {"userId": user_id, "userSecret": user_secret}
-            response = await self.client.get(url, params=params)
+            response = await self.client.get(url, headers=auth_headers)
             response.raise_for_status()
             return await response.json()
 

fin_infra-0.1.58/src/fin_infra/models/accounts.py

@@ -0,0 +1,42 @@
+from __future__ import annotations
+
+from decimal import Decimal
+from enum import Enum
+from typing import Optional
+
+from pydantic import BaseModel, field_validator
+
+
+class AccountType(str, Enum):
+    checking = "checking"
+    savings = "savings"
+    credit = "credit"
+    investment = "investment"
+    loan = "loan"
+    other = "other"
+
+
+class Account(BaseModel):
+    """Financial account model.
+    
+    Uses Decimal for balance fields to prevent floating-point precision errors
+    in financial calculations (e.g., $0.01 + $0.02 != $0.03 with float).
+    """
+    id: str
+    name: str
+    type: AccountType
+    mask: Optional[str] = None
+    currency: str = "USD"
+    institution: Optional[str] = None
+    balance_available: Optional[Decimal] = None
+    balance_current: Optional[Decimal] = None
+
+    @field_validator("balance_available", "balance_current", mode="before")
+    @classmethod
+    def _coerce_balance_to_decimal(cls, v):
+        """Coerce float/int to Decimal for backwards compatibility."""
+        if v is None:
+            return v
+        if isinstance(v, (int, float)):
+            return Decimal(str(v))
+        return v

fin_infra-0.1.58/src/fin_infra/models/transactions.py

@@ -0,0 +1,30 @@
+from __future__ import annotations
+
+from datetime import date
+from decimal import Decimal
+from typing import Optional
+
+from pydantic import BaseModel, field_validator
+
+
+class Transaction(BaseModel):
+    """Financial transaction model.
+    
+    Uses Decimal for amount to prevent floating-point precision errors
+    in financial calculations (e.g., $0.01 + $0.02 != $0.03 with float).
+    """
+    id: str
+    account_id: str
+    date: date
+    amount: Decimal
+    currency: str = "USD"
+    description: Optional[str] = None
+    category: Optional[str] = None
+
+    @field_validator("amount", mode="before")
+    @classmethod
+    def _coerce_amount_to_decimal(cls, v):
+        """Coerce float/int to Decimal for backwards compatibility."""
+        if isinstance(v, (int, float)):
+            return Decimal(str(v))
+        return v

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/net_worth/calculator.py

@@ -100,18 +100,27 @@ def calculate_net_worth(
 
     Returns:
         Net worth in base currency
+        
+    Raises:
+        ValueError: If assets or liabilities contain non-base currencies and no
+            exchange rate conversion is available. This prevents silent data loss.
     """
+    import logging
+    logger = logging.getLogger(__name__)
+    
+    # Collect any non-base currency items for error reporting
+    non_base_assets: list[tuple[str, str, float]] = []
+    non_base_liabilities: list[tuple[str, str, float]] = []
+    
     # Sum all assets (use market_value if available, otherwise balance)
     total_assets = 0.0
     for asset in assets:
         # Use market value for investments/crypto (includes unrealized gains)
         amount = asset.market_value if asset.market_value is not None else asset.balance
 
-        # Normalize to base currency (future: implement currency conversion)
-        # For now, assume all are in USD
+        # Check for non-base currency
         if asset.currency != base_currency:
-            # TODO: Implement currency conversion with exchange rate API
-            # For V1, we'll require all accounts in USD or skip non-USD
+            non_base_assets.append((asset.name or asset.account_id, asset.currency, amount))
             continue
 
         total_assets += amount
@@ -119,13 +128,30 @@ def calculate_net_worth(
     # Sum all liabilities
     total_liabilities = 0.0
     for liability in liabilities:
-        # Normalize to base currency
+        # Check for non-base currency
         if liability.currency != base_currency:
-            # TODO: Implement currency conversion
+            non_base_liabilities.append((liability.name or liability.account_id, liability.currency, liability.balance))
             continue
 
         total_liabilities += liability.balance
 
+    # If any non-base currency items were found, log warning and raise error
+    # This prevents silent data loss where user's net worth is wrong
+    if non_base_assets or non_base_liabilities:
+        items_msg = []
+        if non_base_assets:
+            items_msg.append(f"Assets: {non_base_assets}")
+        if non_base_liabilities:
+            items_msg.append(f"Liabilities: {non_base_liabilities}")
+        
+        error_msg = (
+            f"Cannot calculate net worth: found accounts in non-{base_currency} currencies. "
+            f"Currency conversion not yet implemented. {'; '.join(items_msg)}. "
+            f"Either convert all accounts to {base_currency} or wait for currency conversion feature."
+        )
+        logger.warning(error_msg)
+        raise ValueError(error_msg)
+
     return total_assets - total_liabilities
 
 

{fin_infra-0.1.56 → fin_infra-0.1.58}/src/fin_infra/providers/banking/plaid_client.py

@@ -54,12 +54,20 @@ class PlaidClient(BankingProvider):
         
         # Map environment string to Plaid Environment enum
         # Note: Plaid only has Sandbox and Production (no Development in SDK)
+        env_str = environment or "sandbox"
         env_map = {
             "sandbox": plaid.Environment.Sandbox,
-            "development": plaid.Environment.Sandbox,  # Map development to sandbox
+            "development": plaid.Environment.Sandbox,  # Map development to sandbox (Plaid SDK limitation)
             "production": plaid.Environment.Production,
         }
-        host = env_map.get(environment or "sandbox", plaid.Environment.Sandbox)
+        
+        if env_str not in env_map:
+            raise ValueError(
+                f"Invalid Plaid environment: '{env_str}'. "
+                f"Must be one of: sandbox, development, production"
+            )
+        
+        host = env_map[env_str]
         
         # Configure Plaid client (v8.0.0+ API)
         configuration = plaid.Configuration(