infisicalsdk 1.0.3__tar.gz → 1.0.15__tar.gz

infisicalsdk-1.0.15/LICENSE

@@ -0,0 +1,11 @@
+MIT License
+
+Copyright (c) 2025 Infisical
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+NOTE: This license pertains specifically to components of the codebase that do not possess an explicit license. Each distinct SDK incorporated within this software is governed by its individual licensing terms and conditions. The provisions outlined in this MIT license are applicable to those segments of the codebase not explicitly covered by their respective licenses.

{infisicalsdk-1.0.3 → infisicalsdk-1.0.15}/PKG-INFO

@@ -1,13 +1,13 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.4
 Name: infisicalsdk
-Version: 1.0.3
-Summary: Infisical API Client
+Version: 1.0.15
+Summary: Official Infisical SDK for Python (Latest)
 Home-page: https://github.com/Infisical/python-sdk-official
 Author: Infisical
 Author-email: support@infisical.com
-Keywords: Infisical,Infisical API,Infisical SDK
+Keywords: Infisical,Infisical API,Infisical SDK,SDK,Secrets Management
 Description-Content-Type: text/markdown
-Requires-Dist: urllib3<2.1.0,>=1.25.3
+License-File: LICENSE
 Requires-Dist: python-dateutil
 Requires-Dist: aenum
 Requires-Dist: requests~=2.32
@@ -19,8 +19,10 @@ Dynamic: description
 Dynamic: description-content-type
 Dynamic: home-page
 Dynamic: keywords
+Dynamic: license-file
 Dynamic: requires-dist
 Dynamic: summary
 
-    Infisical SDK client for Python. To view documentation, please visit https://github.com/Infisical/python-sdk-official
+    The official Infisical SDK for Python.
+    Documentation can be found at https://github.com/Infisical/python-sdk-official
     

infisicalsdk-1.0.15/README.md

@@ -0,0 +1,40 @@
+<h1 align="center">
+  <img width="300" src="/img/logoname-white.svg#gh-dark-mode-only" alt="infisical">
+</h1>
+<p align="center">
+  <p align="center"><b>Infisical Python SDK</b></p>
+<h4 align="center">
+|
+  <a href="https://infisical.com/docs/sdks/languages/python">Documentation</a> |
+  <a href="https://www.infisical.com">Website</a> |
+  <a href="https://infisical.com/slack">Slack</a> |
+</h4>
+
+<h4 align="center">
+  <a href="https://github.com/Infisical/python-sdk-official/blob/main/LICENSE">
+    <img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="Infisical SDK's are released under the MIT license." />
+  </a>
+  <a href="https://infisical.com/slack">
+    <img src="https://img.shields.io/badge/chat-on%20Slack-blueviolet" alt="Slack community channel" />
+  </a>
+  <a href="https://twitter.com/infisical">
+    <img src="https://img.shields.io/twitter/follow/infisical?label=Follow" alt="Infisical Twitter" />
+  </a>
+</h4>
+
+## Introduction
+
+**[Infisical](https://infisical.com)** is the open source secret management platform that teams use to centralize their secrets like API keys, database credentials, and configurations.
+
+If you’re working with Python, the official Infisical Python SDK package is the easiest way to fetch and work with secrets for your application. You can read the documentation [here](https://infisical.com/docs/sdks/languages/python).
+
+## Documentation
+You can find the documentation for the Python SDK on our [SDK documentation page](https://infisical.com/docs/sdks/languages/python).
+
+## Security
+
+Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public!
+
+Infisical takes security issues very seriously. If you have any concerns about Infisical or believe you have uncovered a vulnerability, please get in touch via the e-mail address security@infisical.com. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible.
+
+Note that this security address should be used only for undisclosed vulnerabilities. Please report any security problems to us before disclosing it publicly.

{infisicalsdk-1.0.3 → infisicalsdk-1.0.15}/infisical_sdk/__init__.py

@@ -1,3 +1,3 @@
 from .client import InfisicalSDKClient # noqa
 from .infisical_requests import InfisicalError # noqa
-from .api_types import SingleSecretResponse, ListSecretsResponse, BaseSecret # noqa
+from .api_types import SingleSecretResponse, ListSecretsResponse, BaseSecret, SymmetricEncryption, DynamicSecretProviders # noqa

infisicalsdk-1.0.15/infisical_sdk/api_types.py

@@ -0,0 +1,397 @@
+from dataclasses import dataclass, field, fields
+from typing import Optional, List, Any, Dict
+from enum import Enum
+import json
+
+
+class ApprovalStatus(str, Enum):
+    """Enum for approval status"""
+    OPEN = "open"
+    APPROVED = "approved"
+    REJECTED = "rejected"
+
+
+class BaseModel:
+    """Base class for all models"""
+    def to_dict(self) -> Dict:
+        """Convert model to dictionary"""
+        result = {}
+        for key, value in self.__dict__.items():
+            if value is not None:  # Skip None values
+                if isinstance(value, BaseModel):
+                    result[key] = value.to_dict()
+                elif isinstance(value, list):
+                    result[key] = [
+                        item.to_dict() if isinstance(item, BaseModel) else item
+                        for item in value
+                    ]
+                elif isinstance(value, Enum):
+                    result[key] = value.value
+                else:
+                    result[key] = value
+        return result
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'BaseModel':
+        """Create model from dictionary"""
+        # Get only the fields that exist in the dataclass
+        valid_fields = {f.name for f in fields(cls)}
+        filtered_data = {k: v for k, v in data.items() if k in valid_fields}
+        return cls(**filtered_data)
+
+    def to_json(self) -> str:
+        """Convert model to JSON string"""
+        return json.dumps(self.to_dict())
+
+    @classmethod
+    def from_json(cls, json_str: str) -> 'BaseModel':
+        """Create model from JSON string"""
+        data = json.loads(json_str)
+        return cls.from_dict(data)
+
+
+@dataclass(frozen=True)
+class SecretTag(BaseModel):
+    """Model for secret tags"""
+    id: str
+    slug: str
+    name: str
+    color: Optional[str] = None
+
+
+@dataclass
+class BaseSecret(BaseModel):
+    """Infisical Secret"""
+    id: str
+    _id: str
+    workspace: str
+    environment: str
+    version: int
+    type: str
+    secretKey: str
+    secretValue: str
+    secretComment: str
+    createdAt: str
+    updatedAt: str
+    secretMetadata: Optional[Dict[str, Any]] = None
+    secretValueHidden: Optional[bool] = False
+    secretReminderNote: Optional[str] = None
+    secretReminderRepeatDays: Optional[int] = None
+    skipMultilineEncoding: Optional[bool] = False
+    metadata: Optional[Any] = None
+    secretPath: Optional[str] = None
+    tags: List[SecretTag] = field(default_factory=list)
+
+
+@dataclass
+class Import(BaseModel):
+    """Model for imports section"""
+    secretPath: str
+    environment: str
+    folderId: Optional[str] = None
+    secrets: List[BaseSecret] = field(default_factory=list)
+
+
+@dataclass
+class ListSecretsResponse(BaseModel):
+    """Complete response model for secrets API"""
+    secrets: List[BaseSecret]
+    imports: List[Import] = field(default_factory=list)
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'ListSecretsResponse':
+        """Create model from dictionary with camelCase keys, handling nested objects"""
+        return cls(
+            secrets=[BaseSecret.from_dict(secret) for secret in data['secrets']],
+            imports=[Import.from_dict(imp) for imp in data.get('imports', [])]
+        )
+
+
+@dataclass
+class SingleSecretResponse(BaseModel):
+    """Response model for get secret API"""
+    secret: BaseSecret
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'SingleSecretResponse':
+        return cls(
+            secret=BaseSecret.from_dict(data['secret']),
+        )
+
+
+@dataclass
+class MachineIdentityLoginResponse(BaseModel):
+    """Response model for machine identity login API"""
+    accessToken: str
+    expiresIn: int
+    accessTokenMaxTTL: int
+    tokenType: str
+
+
+class SymmetricEncryption(str, Enum):
+    AES_GCM_256 = "aes-256-gcm"
+    AES_GCM_128 = "aes-128-gcm"
+
+
+class OrderDirection(str, Enum):
+    ASC = "asc"
+    DESC = "desc"
+
+
+class KmsKeysOrderBy(str, Enum):
+    NAME = "name"
+
+
+@dataclass
+class KmsKey(BaseModel):
+    """Infisical KMS Key"""
+    id: str
+    description: str
+    isDisabled: bool
+    orgId: str
+    name: str
+    createdAt: str
+    updatedAt: str
+    projectId: str
+    version: int
+    encryptionAlgorithm: SymmetricEncryption
+
+
+@dataclass
+class ListKmsKeysResponse(BaseModel):
+    """Complete response model for Kms Keys API"""
+    keys: List[KmsKey]
+    totalCount: int
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'ListKmsKeysResponse':
+        """Create model from dictionary with camelCase keys, handling nested objects"""
+        return cls(
+            keys=[KmsKey.from_dict(key) for key in data['keys']],
+            totalCount=data['totalCount']
+        )
+
+
+@dataclass
+class SingleKmsKeyResponse(BaseModel):
+    """Response model for get/create/update/delete API"""
+    key: KmsKey
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'SingleKmsKeyResponse':
+        return cls(
+            key=KmsKey.from_dict(data['key']),
+        )
+
+
+@dataclass
+class KmsKeyEncryptDataResponse(BaseModel):
+    """Response model for encrypt data API"""
+    ciphertext: str
+
+
+@dataclass
+class KmsKeyDecryptDataResponse(BaseModel):
+    """Response model for decrypt data API"""
+    plaintext: str
+
+@dataclass
+class CreateFolderResponseItem(BaseModel):
+    """Folder model with path for create response"""
+    id: str
+    name: str
+    createdAt: str
+    updatedAt: str
+    envId: str
+    path: str
+    version: Optional[int] = 1
+    parentId: Optional[str] = None
+    isReserved: Optional[bool] = False
+    description: Optional[str] = None
+    lastSecretModified: Optional[str] = None
+
+@dataclass
+class CreateFolderResponse(BaseModel):
+    """Response model for create folder API"""
+    folder: CreateFolderResponseItem
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'CreateFolderResponse':
+        return cls(
+            folder=CreateFolderResponseItem.from_dict(data['folder']),
+        )
+
+
+@dataclass
+class ListFoldersResponseItem(BaseModel):
+    """Response model for list folders API"""
+    id: str
+    name: str
+    createdAt: str
+    updatedAt: str
+    envId: str
+    version: Optional[int] = 1
+    parentId: Optional[str] = None
+    isReserved: Optional[bool] = False
+    description: Optional[str] = None
+    lastSecretModified: Optional[str] = None 
+    relativePath: Optional[str] = None
+
+
+@dataclass
+class ListFoldersResponse(BaseModel):
+    """Complete response model for folders API"""
+    folders: List[ListFoldersResponseItem]
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'ListFoldersResponse':
+        """Create model from dictionary with camelCase keys, handling nested objects"""
+        return cls(
+            folders=[ListFoldersResponseItem.from_dict(folder) for folder in data['folders']]
+        )
+
+
+@dataclass
+class Environment(BaseModel):
+    """Environment model"""
+    envId: str
+    envName: str
+    envSlug: str
+
+@dataclass
+class SingleFolderResponseItem(BaseModel):
+    """Response model for get folder API"""
+    id: str
+    name: str
+    createdAt: str
+    updatedAt: str
+    envId: str
+    path: str
+    projectId: str
+    environment: Environment
+    version: Optional[int] = 1
+    parentId: Optional[str] = None
+    isReserved: Optional[bool] = False
+    description: Optional[str] = None
+    lastSecretModified: Optional[str] = None
+    
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'SingleFolderResponseItem':
+        """Create model from dictionary with nested Environment"""
+        folder_data = data.copy()
+        folder_data['environment'] = Environment.from_dict(data['environment'])
+        
+        return super().from_dict(folder_data)
+
+@dataclass
+class SingleFolderResponse(BaseModel):
+    """Response model for get/create folder API"""
+    folder: SingleFolderResponseItem
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'SingleFolderResponse':
+        return cls(
+            folder=SingleFolderResponseItem.from_dict(data['folder']),
+        )
+
+class DynamicSecretProviders(str, Enum):
+    """Enum for dynamic secret provider types"""
+    AWS_ELASTICACHE = "aws-elasticache"
+    AWS_IAM = "aws-iam"
+    AZURE_ENTRA_ID = "azure-entra-id"
+    AZURE_SQL_DATABASE = "azure-sql-database"
+    CASSANDRA = "cassandra"
+    COUCHBASE = "couchbase"
+    ELASTICSEARCH = "elastic-search"
+    GCP_IAM = "gcp-iam"
+    GITHUB = "github"
+    KUBERNETES = "kubernetes"
+    LDAP = "ldap"
+    MONGO_ATLAS = "mongo-db-atlas"
+    MONGODB = "mongo-db"
+    RABBITMQ = "rabbit-mq"
+    REDIS = "redis"
+    SAP_ASE = "sap-ase"
+    SAP_HANA = "sap-hana"
+    SNOWFLAKE = "snowflake"
+    SQL_DATABASE = "sql-database"
+    TOTP = "totp"
+    VERTICA = "vertica"
+
+@dataclass
+class DynamicSecret(BaseModel):
+    """Infisical Dynamic Secret"""
+    id: str
+    name: str
+    version: int
+    type: str
+    folderId: str
+    createdAt: str
+    updatedAt: str
+    defaultTTL: Optional[str] = None
+    maxTTL: Optional[str] = None
+    status: Optional[str] = None
+    statusDetails: Optional[str] = None
+    usernameTemplate: Optional[str] = None
+    metadata: Optional[List[Dict[str, str]]] = field(default_factory=list)
+    inputs: Optional[Any] = None
+
+@dataclass
+class SingleDynamicSecretResponse(BaseModel):
+    """Response model for get/create/update/delete dynamic secret API"""
+    dynamicSecret: DynamicSecret
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'SingleDynamicSecretResponse':
+        return cls(
+            dynamicSecret=DynamicSecret.from_dict(data['dynamicSecret']),
+        )
+
+@dataclass
+class DynamicSecretLease(BaseModel):
+    """Infisical Dynamic Secret Lease"""
+    id: str
+    expireAt: str
+    createdAt: str
+    updatedAt: str
+    version: int
+    dynamicSecretId: str
+    externalEntityId: str
+    status: Optional[str] = None
+    statusDetails: Optional[str] = None
+    dynamicSecret: Optional[DynamicSecret] = None
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'DynamicSecretLease':
+        """Create model from dictionary with nested DynamicSecret"""
+        lease_data = data.copy()
+        if 'dynamicSecret' in data and data['dynamicSecret'] is not None:
+            lease_data['dynamicSecret'] = DynamicSecret.from_dict(data['dynamicSecret'])
+        
+        return super().from_dict(lease_data)
+
+@dataclass
+class CreateLeaseResponse(BaseModel):
+    """Response model for create lease API - returns lease, dynamicSecret, and data"""
+    lease: DynamicSecretLease
+    dynamicSecret: DynamicSecret
+    data: Any
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'CreateLeaseResponse':
+        return cls(
+            lease=DynamicSecretLease.from_dict(data['lease']),
+            dynamicSecret=DynamicSecret.from_dict(data['dynamicSecret']),
+            data=data.get('data', {}),
+        )
+
+@dataclass
+class SingleLeaseResponse(BaseModel):
+    """Response model for get/delete/renew lease API - returns only lease"""
+    lease: DynamicSecretLease
+
+    @classmethod
+    def from_dict(cls, data: Dict) -> 'SingleLeaseResponse':
+        return cls(
+            lease=DynamicSecretLease.from_dict(data['lease']),
+        )

infisicalsdk-1.0.15/infisical_sdk/client.py

@@ -0,0 +1,66 @@
+from .infisical_requests import InfisicalRequests
+
+from infisical_sdk.resources import Auth
+from infisical_sdk.resources import V3RawSecrets
+from infisical_sdk.resources import KMS
+from infisical_sdk.resources import V2Folders
+from infisical_sdk.resources import DynamicSecrets
+
+from infisical_sdk.util import SecretsCache
+
+class InfisicalSDKClient:
+    def __init__(self, host: str, token: str = None, cache_ttl: int = 60):
+        """
+        Initialize the Infisical SDK client.
+
+        :param str host: The host URL for your Infisical instance. Will default to `https://app.infisical.com` if not specified.
+        :param str token: The authentication token for the client. If not specified, you can use the `auth` methods to authenticate.
+        :param int cache_ttl: The time to live for the secrets cache. This is the number of seconds that secrets fetched from the API will be cached for. Set to `None` to disable caching. Defaults to `60` seconds.
+        """
+        
+        self.host = host
+        self.access_token = token
+
+        self.api = InfisicalRequests(host=host, token=token)
+        self.cache = SecretsCache(cache_ttl)
+        self.auth = Auth(self.api, self.set_token)
+        self.secrets = V3RawSecrets(self.api, self.cache)
+        self.kms = KMS(self.api)
+        self.folders = V2Folders(self.api)
+        self.dynamic_secrets = DynamicSecrets(self.api)
+
+    def set_token(self, token: str):
+        """
+        Set the access token for future requests.
+        """
+        self.api.set_token(token)
+        self.access_token = token
+
+    def get_token(self):
+        """
+        Get the access token for future requests.
+        """
+        return self.access_token
+
+    def close(self):
+        """
+        Close the client and release resources.
+        
+        This stops the background cache cleanup thread. You don't need to call
+        this if you're using the client as a context manager (with statement),
+        as cleanup happens automatically when exiting the context.
+        """
+        if self.cache:
+            self.cache.close()
+
+    # These are automatically called if using the client as a context manager (on start)
+    # Example:
+    # with InfisicalSDKClient(...) as client:
+    # ...  
+    def __enter__(self) -> "InfisicalSDKClient":
+        """Support for context manager protocol."""
+        return self
+
+    def __exit__(self, exc_type, exc_val, exc_tb) -> None:
+        """Ensure cleanup when exiting context."""
+        self.close()

{infisicalsdk-1.0.3 → infisicalsdk-1.0.15}/infisical_sdk/infisical_requests.py

@@ -1,10 +1,34 @@
-from typing import Any, Dict, Generic, Optional, TypeVar
-from urllib.parse import urljoin
+from typing import Any, Dict, Generic, Optional, TypeVar, Type, Callable, List
+import socket
 import requests
+import functools
 from dataclasses import dataclass
+import time
+import random
 
 T = TypeVar("T")
 
+# List of network-related exceptions that should trigger retries
+NETWORK_ERRORS = [
+    requests.exceptions.ConnectionError,
+    requests.exceptions.ChunkedEncodingError,
+    requests.exceptions.ReadTimeout,
+    requests.exceptions.ConnectTimeout,
+    socket.gaierror,
+    socket.timeout,
+    ConnectionResetError,
+    ConnectionRefusedError,
+    ConnectionError,
+    ConnectionAbortedError,
+]
+
+def join_url(base: str, path: str) -> str:
+    """
+    Join base URL and path properly, handling slashes appropriately.
+    """
+    if not base.endswith('/'):
+        base += '/'
+    return base + path.lstrip('/')
 
 class InfisicalError(Exception):
     """Base exception for Infisical client errors"""
@@ -43,6 +67,42 @@ class APIResponse(Generic[T]):
             headers=data['headers']
         )
 
+def with_retry(
+    max_retries: int = 3, 
+    base_delay: float = 1.0, 
+    network_errors: Optional[List[Type[Exception]]] = None
+) -> Callable:
+    """
+    Decorator to add retry logic with exponential backoff to requests methods.
+    """
+    if network_errors is None:
+        network_errors = NETWORK_ERRORS
+        
+    def decorator(func: Callable) -> Callable:
+        @functools.wraps(func)
+        def wrapper(*args, **kwargs):
+            retry_count = 0
+            
+            while True:
+                try:
+                    return func(*args, **kwargs)
+                except tuple(network_errors) as error:
+                    retry_count += 1
+                    if retry_count > max_retries:
+                        raise
+                    
+                    base_delay_with_backoff = base_delay * (2 ** (retry_count - 1))
+                    
+                    # +/-20% jitter
+                    jitter = random.uniform(-0.2, 0.2) * base_delay_with_backoff
+                    delay = base_delay_with_backoff + jitter
+                    
+                    time.sleep(delay)
+        
+        return wrapper
+    
+    return decorator
+
 
 class InfisicalRequests:
     def __init__(self, host: str, token: Optional[str] = None):
@@ -60,7 +120,7 @@ class InfisicalRequests:
 
     def _build_url(self, path: str) -> str:
         """Construct full URL from path"""
-        return urljoin(self.host, path.lstrip("/"))
+        return join_url(self.host, path.lstrip("/"))
 
     def set_token(self, token: str):
         """Set authorization token"""
@@ -87,10 +147,11 @@ class InfisicalRequests:
         except ValueError:
             raise InfisicalError("Invalid JSON response")
 
+    @with_retry(max_retries=4, base_delay=1.0)
     def get(
             self,
             path: str,
-            model: type[T],
+            model: Type[T],
             params: Optional[Dict[str, Any]] = None
           ) -> APIResponse[T]:
 
@@ -113,10 +174,11 @@ class InfisicalRequests:
             headers=dict(response.headers)
         )
 
+    @with_retry(max_retries=4, base_delay=1.0)
     def post(
             self,
             path: str,
-            model: type[T],
+            model: Type[T],
             json: Optional[Dict[str, Any]] = None
           ) -> APIResponse[T]:
 
@@ -137,10 +199,11 @@ class InfisicalRequests:
             headers=dict(response.headers)
         )
 
+    @with_retry(max_retries=4, base_delay=1.0)
     def patch(
             self,
             path: str,
-            model: type[T],
+            model: Type[T],
             json: Optional[Dict[str, Any]] = None
           ) -> APIResponse[T]:
 
@@ -161,10 +224,11 @@ class InfisicalRequests:
             headers=dict(response.headers)
         )
 
+    @with_retry(max_retries=4, base_delay=1.0)
     def delete(
             self,
             path: str,
-            model: type[T],
+            model: Type[T],
             json: Optional[Dict[str, Any]] = None
           ) -> APIResponse[T]:
 

infisicalsdk-1.0.15/infisical_sdk/resources/__init__.py

@@ -0,0 +1,5 @@
+from .secrets import V3RawSecrets
+from .kms import KMS
+from .auth import Auth
+from .folders import V2Folders
+from .dynamic_secrets import DynamicSecrets