hyperpocket 0.3.3__py3-none-any.whl → 0.3.5__py3-none-any.whl

hyperpocket/auth/apitoken/token_handler.py

@@ -0,0 +1,89 @@
+from typing import Optional
+from urllib.parse import urlencode, urljoin
+
+from hyperpocket.auth import AuthProvider
+from hyperpocket.auth.context import AuthContext
+from hyperpocket.auth.handler import AuthHandlerInterface
+from hyperpocket.auth.apitoken.token_context import ApiTokenAuthContext
+from hyperpocket.auth.apitoken.token_schema import ApiTokenRequest, ApiTokenResponse
+from hyperpocket.config import config
+from hyperpocket.futures import FutureStore
+
+
+class ApiTokenAuthHandler(AuthHandlerInterface):
+    name: str = "apitoken"
+    description: str = "This handler is used to authenticate users using the Api token."
+    scoped: bool = False
+
+    _TOKEN_URL: str = urljoin(
+        config().public_base_url + "/",
+        f"{config().callback_url_rewrite_prefix}/auth/token",
+    )
+
+    @staticmethod
+    def provider() -> AuthProvider:
+        return AuthProvider.APITOKEN
+
+    @staticmethod
+    def recommended_scopes() -> set[str]:
+        return set()
+
+    @staticmethod
+    def provider_default() -> bool:
+        return True
+
+    def prepare(
+        self,
+        auth_req: ApiTokenRequest,
+        thread_id: str,
+        profile: str,
+        future_uid: str,
+        *args,
+        **kwargs,
+    ) -> str:
+        redirect_uri = urljoin(
+            config().public_base_url + "/",
+            f"{config().callback_url_rewrite_prefix}/auth/apitoken/token/callback",
+        )
+        url = self._make_auth_url(
+            auth_req=auth_req, redirect_uri=redirect_uri, state=future_uid
+        )
+        FutureStore.create_future(
+            future_uid,
+            data={
+                "redirect_uri": redirect_uri,
+                "thread_id": thread_id,
+                "profile": profile,
+            },
+        )
+
+        return f"User needs to authenticate using the following URL: {url}"
+
+    async def authenticate(
+        self, auth_req: ApiTokenRequest, future_uid: str, *args, **kwargs
+    ) -> AuthContext:
+        future_data = FutureStore.get_future(future_uid)
+        access_token = await future_data.future
+
+        response = ApiTokenResponse(access_token=access_token)
+        context = ApiTokenAuthContext.from_api_token_response(response)
+
+        return context
+
+    async def refresh(
+        self, auth_req: ApiTokenRequest, context: AuthContext, *args, **kwargs
+    ) -> AuthContext:
+        raise Exception("Api token doesn't support refresh")
+
+    def _make_auth_url(self, auth_req: ApiTokenRequest, redirect_uri: str, state: str):
+        params = {
+            "redirect_uri": redirect_uri,
+            "state": state,
+        }
+        auth_url = f"{self._TOKEN_URL}?{urlencode(params)}"
+        return auth_url
+
+    def make_request(
+        self, auth_scopes: Optional[list[str]] = None, **kwargs
+    ) -> ApiTokenRequest:
+        return ApiTokenRequest()

hyperpocket/auth/apitoken/token_schema.py

@@ -0,0 +1,9 @@
+from hyperpocket.auth.schema import AuthenticateRequest, AuthenticateResponse
+
+
+class ApiTokenRequest(AuthenticateRequest):
+    pass
+
+
+class ApiTokenResponse(AuthenticateResponse):
+    access_token: str

hyperpocket/auth/asana/README.md

@@ -0,0 +1,13 @@
+# Asana Authentication
+
+## Supported Authentication Types
+
+- OAuth2
+
+## How to Create an OAuth2 App
+
+- See here: [link](https://developers.asana.com/docs/oauth)
+
+## Additional Resources
+
+- [Official Documentation](https://developers.asana.com)

hyperpocket/auth/asana/context.py

@@ -0,0 +1,15 @@
+from hyperpocket.auth.context import AuthContext
+
+
+class AsanaAuthContext(AuthContext):
+    _ACCESS_TOKEN_KEY: str = "ASANA_TOKEN"
+
+    def to_dict(self) -> dict[str, str]:
+        return {
+            self._ACCESS_TOKEN_KEY: self.access_token,
+        }
+
+    def to_profiled_dict(self, profile: str) -> dict[str, str]:
+        return {
+            f"{profile.upper()}_{self._ACCESS_TOKEN_KEY}": self.access_token,
+        }

hyperpocket/auth/asana/oauth2_context.py

@@ -0,0 +1,36 @@
+from datetime import datetime, timedelta, timezone
+from typing import Optional
+
+from pydantic import Field
+
+from hyperpocket.auth.asana.context import AsanaAuthContext
+from hyperpocket.auth.asana.oauth2_schema import AsanaOAuth2Response
+
+
+class AsanaOAuth2AuthContext(AsanaAuthContext):
+    refresh_token: Optional[str] = Field(default=None, description="refresh token")
+    code: Optional[str] = Field(default=None, description="authorization code")
+
+    @classmethod
+    def from_asana_oauth2_response(cls, response: AsanaOAuth2Response):
+        description = (
+            f"Asana OAuth2 Context logged in as a user {response.authed_user.id}"
+        )
+        now = datetime.now(tz=timezone.utc)
+
+        access_token = response.access_token
+        refresh_token = response.refresh_token
+        expires_in = response.expires_in
+
+        if expires_in:
+            expires_at = now + timedelta(seconds=response.authed_user.expires_in)
+        else:
+            expires_at = None
+
+        return cls(
+            access_token=access_token,
+            refresh_token=refresh_token,
+            expires_at=expires_at,
+            description=description,
+            detail=response,
+        )

hyperpocket/auth/asana/oauth2_handler.py

@@ -0,0 +1,158 @@
+from typing import Optional
+from urllib.parse import urljoin, urlencode
+
+import httpx
+
+from hyperpocket.auth import AuthProvider
+from hyperpocket.auth.context import AuthContext
+from hyperpocket.auth.handler import AuthHandlerInterface
+from hyperpocket.auth.asana.oauth2_context import AsanaOAuth2AuthContext
+from hyperpocket.auth.asana.oauth2_schema import AsanaOAuth2Response, AsanaOAuth2Request
+from hyperpocket.config import config
+from hyperpocket.futures import FutureStore
+
+
+class AsanaOAuth2AuthHandler(AuthHandlerInterface):
+    _ASANA_OAUTH_URL: str = "https://app.asana.com/-/oauth_authorize"  # e.g. "https://slack.com/oauth/v2/authorize"
+    _ASANA_TOKEN_URL: str = "https://app.asana.com/-/oauth_token"  # e.g. "https://slack.com/api/oauth.v2.access"
+
+    name: str = "asana-oauth2"
+    description: str = "This handler is used to authenticate users using the Asana OAuth2 authentication method."
+    scoped: bool = True
+
+    @staticmethod
+    def provider() -> AuthProvider:
+        return AuthProvider.ASANA
+
+    @staticmethod
+    def provider_default() -> bool:
+        return True
+
+    @staticmethod
+    def recommended_scopes() -> set[str]:
+        """
+        This method returns a set of recommended scopes for the service.
+        If the service has a recommended scope, it should be returned here.
+        Example:
+        return {
+            "channels:history",
+            "channels:read",
+            "chat:write",
+            "groups:history",
+            "groups:read",
+            "im:history",
+            "mpim:history",
+            "reactions:read",
+            "reactions:write",
+        }
+        """
+        return set()
+
+    def prepare(
+        self,
+        auth_req: AsanaOAuth2Request,
+        thread_id: str,
+        profile: str,
+        future_uid: str,
+        *args,
+        **kwargs,
+    ) -> str:
+        redirect_uri = urljoin(
+            config().public_base_url + "/",
+            f"{config().callback_url_rewrite_prefix}/auth/asana/oauth2/callback",
+        )
+        auth_url = self._make_auth_url(
+            req=auth_req, redirect_uri=redirect_uri, state=future_uid
+        )
+
+        FutureStore.create_future(
+            future_uid,
+            data={
+                "redirect_uri": redirect_uri,
+                "thread_id": thread_id,
+                "profile": profile,
+            },
+        )
+
+        return f"User needs to authenticate using the following URL: {auth_url}"
+
+    async def authenticate(
+        self, auth_req: AsanaOAuth2Request, future_uid: str, *args, **kwargs
+    ) -> AuthContext:
+        future_data = FutureStore.get_future(future_uid)
+        auth_code = await future_data.future
+
+        async with httpx.AsyncClient() as client:
+            resp = await client.post(
+                url=self._ASANA_TOKEN_URL,
+                data={
+                    "client_id": auth_req.client_id,
+                    "client_secret": auth_req.client_secret,
+                    "code": auth_code,
+                    "redirect_uri": future_data.data["redirect_uri"],
+                },
+            )
+        resp.raise_for_status()
+        resp_json = resp.json()
+        resp_typed = AsanaOAuth2Response(**resp_json)
+        context = AsanaOAuth2AuthContext.from_asana_oauth2_response(resp_typed)
+        context.code = auth_code
+        return context
+
+    async def refresh(
+        self, auth_req: AsanaOAuth2Request, context: AuthContext, *args, **kwargs
+    ) -> AuthContext:
+        asana_context: AsanaOAuth2AuthContext = context
+        refresh_token = asana_context.refresh_token
+
+        async with httpx.AsyncClient() as client:
+            resp = await client.post(
+                url=self._ASANA_TOKEN_URL,
+                data={
+                    "client_id": auth_req.client_id,
+                    "client_secret": auth_req.client_secret,
+                    "grant_type": "authorization_code",
+                    "refresh_token": refresh_token,
+                    "redirect_uri": urljoin(
+                        config().public_base_url + "/",
+                        f"{config().callback_url_rewrite_prefix}/auth/asana/oauth2/callback",
+                    ),
+                    "code": context.code,
+                },
+            )
+
+        resp.raise_for_status()
+        resp_json = resp.json()
+
+        new_resp = AsanaOAuth2Response(
+            **{
+                "access_token": resp_json["access_token"],
+                "refresh_token": resp_json["refresh_token"],
+                "expires_in": resp_json["expires_in"],
+                "token_type": resp_json["token_type"],
+                "data": resp_json["data"],
+            }
+        )
+
+        return AsanaOAuth2AuthContext.from_asana_oauth2_response(new_resp)
+
+    # It doest not support PKCE yet
+    def _make_auth_url(self, req: AsanaOAuth2Request, redirect_uri: str, state: str):
+        params = {
+            "scope": " ".join(req.auth_scopes),
+            "client_id": req.client_id,
+            "redirect_uri": redirect_uri,
+            "state": state,
+            "response_type": "code",
+        }
+        auth_url = f"{self._ASANA_OAUTH_URL}?{urlencode(params)}"
+        return auth_url
+
+    def make_request(
+        self, auth_scopes: Optional[list[str]] = None, **kwargs
+    ) -> AsanaOAuth2Request:
+        return AsanaOAuth2Request(
+            auth_scopes=auth_scopes,
+            client_id=config().auth.asana.client_id,
+            client_secret=config().auth.asana.client_secret,
+        )

hyperpocket/auth/asana/oauth2_schema.py

@@ -0,0 +1,18 @@
+from typing import Optional
+
+from pydantic import BaseModel, Field
+
+from hyperpocket.auth.schema import AuthenticateRequest, AuthenticateResponse
+
+
+class AsanaOAuth2Request(AuthenticateRequest):
+    client_id: str
+    client_secret: str
+
+
+class AsanaOAuth2Response(AuthenticateResponse):
+    access_token: str
+    expires_in: int
+    token_type: str
+    refresh_token: Optional[str] = Field(default=None)
+    data: Optional[dict] = Field(default=None)

hyperpocket/auth/bamboohr/README.md

@@ -0,0 +1,9 @@
+# BambooHR Authentication
+
+## Supported Authentication Types
+
+- Token
+
+## Additional Resources
+
+- [Official Documentation](https://docs.bamboohr.com)

hyperpocket/auth/bamboohr/context.py

@@ -0,0 +1,15 @@
+from hyperpocket.auth.context import AuthContext
+
+
+class BamboohrAuthContext(AuthContext):
+    _ACCESS_TOKEN_KEY: str = "BAMBOOHR_TOKEN"
+
+    def to_dict(self) -> dict[str, str]:
+        return {
+            self._ACCESS_TOKEN_KEY: self.access_token,
+        }
+
+    def to_profiled_dict(self, profile: str) -> dict[str, str]:
+        return {
+            f"{profile.upper()}_{self._ACCESS_TOKEN_KEY}": self.access_token,
+        }

hyperpocket/auth/bamboohr/token_context.py

@@ -0,0 +1,11 @@
+from hyperpocket.auth.bamboohr.context import BamboohrAuthContext
+from hyperpocket.auth.bamboohr.token_schema import BamboohrTokenResponse
+
+
+class BamboohrTokenAuthContext(BamboohrAuthContext):
+    @classmethod
+    def from_bamboohr_token_response(cls, response: BamboohrTokenResponse):
+        description = f"Bamboohr Token Context logged in"
+        return cls(
+            access_token=response.access_token, description=description, expires_at=None
+        )

hyperpocket/auth/bamboohr/token_handler.py

@@ -0,0 +1,92 @@
+from typing import Optional
+from urllib.parse import urljoin, urlencode
+
+from hyperpocket.auth import AuthProvider
+from hyperpocket.auth.context import AuthContext
+from hyperpocket.auth.handler import AuthHandlerInterface, AuthenticateRequest
+from hyperpocket.auth.bamboohr.token_context import BamboohrTokenAuthContext
+from hyperpocket.auth.bamboohr.token_schema import (
+    BamboohrTokenResponse,
+    BamboohrTokenRequest,
+)
+from hyperpocket.config import config
+from hyperpocket.futures import FutureStore
+
+
+class BamboohrTokenAuthHandler(AuthHandlerInterface):
+    name: str = "bamboohr-token"
+    description: str = (
+        "This handler is used to authenticate users using the Bamboohr token."
+    )
+    scoped: bool = False
+
+    _TOKEN_URL: str = urljoin(
+        config().public_base_url + "/",
+        f"{config().callback_url_rewrite_prefix}/auth/token",
+    )
+
+    @staticmethod
+    def provider() -> AuthProvider:
+        return AuthProvider.BAMBOOHR
+
+    @staticmethod
+    def recommended_scopes() -> set[str]:
+        return set()
+
+    def prepare(
+        self,
+        auth_req: BamboohrTokenRequest,
+        thread_id: str,
+        profile: str,
+        future_uid: str,
+        *args,
+        **kwargs,
+    ) -> str:
+        redirect_uri = urljoin(
+            config().public_base_url + "/",
+            f"{config().callback_url_rewrite_prefix}/auth/bamboohr/token/callback",
+        )
+        url = self._make_auth_url(
+            auth_req=auth_req, redirect_uri=redirect_uri, state=future_uid
+        )
+        FutureStore.create_future(
+            future_uid,
+            data={
+                "redirect_uri": redirect_uri,
+                "thread_id": thread_id,
+                "profile": profile,
+            },
+        )
+
+        return f"User needs to authenticate using the following URL: {url}"
+
+    async def authenticate(
+        self, auth_req: BamboohrTokenRequest, future_uid: str, *args, **kwargs
+    ) -> AuthContext:
+        future_data = FutureStore.get_future(future_uid)
+        access_token = await future_data.future
+
+        response = BamboohrTokenResponse(access_token=access_token)
+        context = BamboohrTokenAuthContext.from_bamboohr_token_response(response)
+
+        return context
+
+    async def refresh(
+        self, auth_req: BamboohrTokenRequest, context: AuthContext, *args, **kwargs
+    ) -> AuthContext:
+        raise Exception("Bamboohr token doesn't support refresh")
+
+    def _make_auth_url(
+        self, auth_req: BamboohrTokenRequest, redirect_uri: str, state: str
+    ):
+        params = {
+            "redirect_uri": redirect_uri,
+            "state": state,
+        }
+        auth_url = f"{self._TOKEN_URL}?{urlencode(params)}"
+        return auth_url
+
+    def make_request(
+        self, auth_scopes: Optional[list[str]] = None, **kwargs
+    ) -> BamboohrTokenRequest:
+        return BamboohrTokenRequest()

hyperpocket/auth/bamboohr/token_schema.py

@@ -0,0 +1,11 @@
+from typing import List, Optional
+from pydantic import BaseModel
+from hyperpocket.auth.schema import AuthenticateRequest, AuthenticateResponse
+
+
+class BamboohrTokenRequest(AuthenticateRequest):
+    pass
+
+
+class BamboohrTokenResponse(AuthenticateResponse):
+    access_token: str

hyperpocket/auth/bitbucket/README.md

@@ -0,0 +1,13 @@
+# Bitbucket Authentication
+
+## Supported Authentication Types
+
+- OAuth2
+
+## How to Create an OAuth2 App
+
+- See here: [link](https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/)
+
+## Additional Resources
+
+- [Official Documentation](https://developer.atlassian.com/bitbucket)

hyperpocket/auth/bitbucket/context.py

@@ -0,0 +1,15 @@
+from hyperpocket.auth.context import AuthContext
+
+
+class BitbucketAuthContext(AuthContext):
+    _ACCESS_TOKEN_KEY: str = "BITBUCKET_TOKEN"
+
+    def to_dict(self) -> dict[str, str]:
+        return {
+            self._ACCESS_TOKEN_KEY: self.access_token,
+        }
+
+    def to_profiled_dict(self, profile: str) -> dict[str, str]:
+        return {
+            f"{profile.upper()}_{self._ACCESS_TOKEN_KEY}": self.access_token,
+        }

hyperpocket/auth/bitbucket/oauth2_context.py

@@ -0,0 +1,33 @@
+from datetime import datetime, timedelta, timezone
+from typing import Optional
+
+from pydantic import Field
+
+from hyperpocket.auth.bitbucket.context import BitbucketAuthContext
+from hyperpocket.auth.bitbucket.oauth2_schema import BitbucketOAuth2Response
+
+
+class BitbucketOAuth2AuthContext(BitbucketAuthContext):
+    refresh_token: Optional[str] = Field(default=None, description="refresh token")
+
+    @classmethod
+    def from_bitbucket_oauth2_response(cls, response: BitbucketOAuth2Response):
+        description = f"Bitbucket OAuth2 Context logged in"
+        now = datetime.now(tz=timezone.utc)
+
+        access_token = response.access_token
+        refresh_token = response.refresh_token
+        expires_in = response.expires_in
+
+        if expires_in:
+            expires_at = now + timedelta(seconds=response.authed_user.expires_in)
+        else:
+            expires_at = None
+
+        return cls(
+            access_token=access_token,
+            refresh_token=refresh_token,
+            expires_at=expires_at,
+            description=description,
+            detail=response,
+        )