kscale 0.1.2__py3-none-any.whl → 0.1.4__py3-none-any.whl

kscale/__init__.py

@@ -1,6 +1,6 @@
 """Defines the common interface for the K-Scale Python API."""
 
-__version__ = "0.1.2"
+__version__ = "0.1.4"
 
 from pathlib import Path
 

kscale/web/api.py

@@ -12,3 +12,7 @@ class WebAPI(APIBase):
     async def get_profile_info(self) -> ProfileResponse:
         client = await self.www_client()
         return await client.get_profile_info()
+
+    async def get_api_key(self, num_hours: int = 24) -> str:
+        client = await self.www_client()
+        return await client.get_api_key(num_hours)

kscale/web/cli/user.py

@@ -3,6 +3,7 @@
 import logging
 
 import click
+from tabulate import tabulate
 
 from kscale.utils.cli import coro
 from kscale.web.clients.user import UserClient
@@ -19,14 +20,33 @@ def cli() -> None:
 @cli.command()
 @coro
 async def me() -> None:
+    """Get information about the currently-authenticated user."""
     client = UserClient()
     profile = await client.get_profile_info()
-    logger.info("Email: %s", profile.email)
-    logger.info("Email verified: %s", profile.email_verified)
-    logger.info("User ID: %s", profile.user.user_id)
-    logger.info("Is admin: %s", profile.user.is_admin)
-    logger.info("Can upload: %s", profile.user.can_upload)
-    logger.info("Can test: %s", profile.user.can_test)
+    click.echo(
+        tabulate(
+            [
+                ["Email", profile.email],
+                ["Email verified", profile.email_verified],
+                ["User ID", profile.user.user_id],
+                ["Is admin", profile.user.is_admin],
+                ["Can upload", profile.user.can_upload],
+                ["Can test", profile.user.can_test],
+            ],
+            headers=["Key", "Value"],
+            tablefmt="simple",
+        )
+    )
+
+
+@cli.command()
+@coro
+async def key() -> None:
+    """Get an API key for the currently-authenticated user."""
+    client = UserClient()
+    api_key = await client.get_api_key()
+    click.echo("API key:")
+    click.echo(click.style(api_key, fg="green"))
 
 
 if __name__ == "__main__":

kscale/web/clients/base.py

@@ -3,6 +3,7 @@
 import asyncio
 import json
 import logging
+import os
 import secrets
 import time
 import webbrowser
@@ -19,24 +20,35 @@ from pydantic import BaseModel
 from yarl import URL
 
 from kscale.web.gen.api import OICDInfo
-from kscale.web.utils import DEFAULT_UPLOAD_TIMEOUT, get_api_root, get_cache_dir
+from kscale.web.utils import DEFAULT_UPLOAD_TIMEOUT, get_api_root, get_auth_dir
 
 logger = logging.getLogger(__name__)
 
 # This port matches the available port for the OAuth callback.
 OAUTH_PORT = 16821
 
+# This is the name of the API key header for the K-Scale WWW API.
+HEADER_NAME = "x-kscale-api-key"
+
 
 class OAuthCallback:
     def __init__(self) -> None:
+        self.token_type: str | None = None
         self.access_token: str | None = None
+        self.id_token: str | None = None
+        self.state: str | None = None
+        self.expires_in: str | None = None
         self.app = web.Application()
         self.app.router.add_get("/token", self.handle_token)
         self.app.router.add_get("/callback", self.handle_callback)
 
     async def handle_token(self, request: web.Request) -> web.Response:
         """Handle the token extraction."""
+        self.token_type = request.query.get("token_type")
         self.access_token = request.query.get("access_token")
+        self.id_token = request.query.get("id_token")
+        self.state = request.query.get("state")
+        self.expires_in = request.query.get("expires_in")
         return web.Response(text="OK")
 
     async def handle_callback(self, request: web.Request) -> web.Response:
@@ -45,62 +57,92 @@ class OAuthCallback:
             text="""
                 <!DOCTYPE html>
                 <html lang="en">
-
                 <head>
                     <meta charset="UTF-8">
-                    <meta http-equiv="X-UA-Compatible" content="IE=edge">
                     <meta name="viewport" content="width=device-width, initial-scale=1.0">
                     <title>Authentication successful</title>
                     <style>
                         body {
+                            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
                             display: flex;
                             justify-content: center;
                             align-items: center;
                             min-height: 100vh;
                             margin: 0;
-                            text-align: center;
+                            background: #f5f5f5;
+                            color: #333;
+                        }
+                        .container {
+                            background: white;
+                            padding: 2rem;
+                            border-radius: 8px;
+                            box-shadow: 0 2px 4px rgba(0,0,0,0.1);
+                            max-width: 600px;
+                            width: 90%;
+                        }
+                        h1 {
+                            color: #2c3e50;
+                            margin-bottom: 1rem;
                         }
-                        #content {
-                            padding: 20px;
+                        .token-info {
+                            background: #f8f9fa;
+                            border: 1px solid #dee2e6;
+                            border-radius: 4px;
+                            padding: 1rem;
+                            margin: 1rem 0;
+                            word-break: break-all;
                         }
-                        #closeNotification {
-                            display: none;
-                            padding: 10px 20px;
-                            margin-top: 20px;
-                            cursor: pointer;
-                            margin-left: auto;
-                            margin-right: auto;
+                        .token-label {
+                            font-weight: bold;
+                            color: #6c757d;
+                            margin-bottom: 0.5rem;
+                        }
+                        .success-icon {
+                            color: #28a745;
+                            font-size: 48px;
+                            margin-bottom: 1rem;
                         }
                     </style>
                 </head>
-
                 <body>
-                    <div id="content">
+                    <div class="container">
+                        <div class="success-icon">✓</div>
                         <h1>Authentication successful!</h1>
-                        <p>This window will close in <span id="countdown">3</span> seconds.</p>
-                        <p id="closeNotification" onclick="window.close()">Please close this window manually.</p>
+                        <p>Your authentication tokens are shown below. You can now close this window.</p>
+
+                        <div class="token-info">
+                            <div class="token-label">Access Token:</div>
+                            <div id="accessTokenDisplay"></div>
+                        </div>
+
+                        <div class="token-info">
+                            <div class="token-label">ID Token:</div>
+                            <div id="idTokenDisplay"></div>
+                        </div>
                     </div>
+
                     <script>
                         const params = new URLSearchParams(window.location.hash.substring(1));
-                        const token = params.get('access_token');
-                        if (token) {
-                            fetch('/token?access_token=' + token);
+                        const tokenType = params.get('token_type');
+                        const accessToken = params.get('access_token');
+                        const idToken = params.get('id_token');
+                        const state = params.get('state');
+                        const expiresIn = params.get('expires_in');
+
+                        // Display tokens
+                        document.getElementById('accessTokenDisplay').textContent = accessToken || 'Not provided';
+                        document.getElementById('idTokenDisplay').textContent = idToken || 'Not provided';
+
+                        if (accessToken) {
+                            const tokenUrl = new URL(window.location.href);
+                            tokenUrl.pathname = '/token';
+                            tokenUrl.searchParams.set('access_token', accessToken);
+                            tokenUrl.searchParams.set('token_type', tokenType);
+                            tokenUrl.searchParams.set('id_token', idToken);
+                            tokenUrl.searchParams.set('state', state);
+                            tokenUrl.searchParams.set('expires_in', expiresIn);
+                            fetch(tokenUrl.toString());
                         }
-
-                        let timeLeft = 3;
-                        const countdownElement = document.getElementById('countdown');
-                        const closeNotification = document.getElementById('closeNotification');
-                        const timer = setInterval(() => {
-                            timeLeft--;
-                            countdownElement.textContent = timeLeft;
-                            if (timeLeft <= 0) {
-                                clearInterval(timer);
-                                window.close();
-                                setTimeout(() => {
-                                    closeNotification.style.display = 'block';
-                                }, 500);
-                            }
-                        }, 1000);
                     </script>
                 </body>
                 </html>
@@ -124,7 +166,7 @@ class BaseClient:
 
     @alru_cache
     async def _get_oicd_info(self) -> OICDInfo:
-        cache_path = get_cache_dir() / "oicd_info.json"
+        cache_path = get_auth_dir() / "oicd_info.json"
         if self.use_cache and cache_path.exists():
             with open(cache_path, "r") as f:
                 return OICDInfo(**json.load(f))
@@ -142,7 +184,7 @@ class BaseClient:
         Returns:
             The OpenID Connect server configuration.
         """
-        cache_path = get_cache_dir() / "oicd_metadata.json"
+        cache_path = get_auth_dir() / "oicd_metadata.json"
         if self.use_cache and cache_path.exists():
             with open(cache_path, "r") as f:
                 return json.load(f)
@@ -167,8 +209,23 @@ class BaseClient:
         oicd_info = await self._get_oicd_info()
         metadata = await self._get_oicd_metadata()
         auth_endpoint = metadata["authorization_endpoint"]
-        state = secrets.token_urlsafe(32)
-        nonce = secrets.token_urlsafe(32)
+
+        # Use the cached state and nonce if available, otherwise generate.
+        state_file = get_auth_dir() / "oauth_state.json"
+        state: str | None = None
+        nonce: str | None = None
+        if state_file.exists():
+            with open(state_file, "r") as f:
+                state_data = json.load(f)
+                state = state_data.get("state")
+                nonce = state_data.get("nonce")
+        if state is None:
+            state = secrets.token_urlsafe(32)
+        if nonce is None:
+            nonce = secrets.token_urlsafe(32)
+
+        # Change /oauth2/authorize to /login to use the login endpoint.
+        auth_endpoint = auth_endpoint.replace("/oauth2/authorize", "/login")
 
         auth_url = str(
             URL(auth_endpoint).with_query(
@@ -208,6 +265,11 @@ class BaseClient:
                     raise TimeoutError("Authentication timed out after 30 seconds")
                 await asyncio.sleep(0.1)
 
+            # Save the state and nonce to the cache.
+            state = callback_handler.state
+            state_file.parent.mkdir(parents=True, exist_ok=True)
+            state_file.write_text(json.dumps({"state": state, "nonce": nonce}))
+
             return callback_handler.access_token
         finally:
             await runner.cleanup()
@@ -243,7 +305,7 @@ class BaseClient:
         Returns:
             A bearer token to use with the K-Scale WWW API.
         """
-        cache_path = get_cache_dir() / "bearer_token.txt"
+        cache_path = get_auth_dir() / "bearer_token.txt"
         if self.use_cache and cache_path.exists():
             token = cache_path.read_text()
             if not await self._is_token_expired(token):
@@ -257,9 +319,16 @@ class BaseClient:
     async def get_client(self, *, auth: bool = True) -> httpx.AsyncClient:
         client = self._client if auth else self._client_no_auth
         if client is None:
+            headers: dict[str, str] = {}
+            if auth:
+                if "KSCALE_API_KEY" in os.environ:
+                    headers[HEADER_NAME] = os.environ["KSCALE_API_KEY"]
+                else:
+                    headers["Authorization"] = f"Bearer {await self.get_bearer_token()}"
+
             client = httpx.AsyncClient(
                 base_url=self.base_url,
-                headers={"Authorization": f"Bearer {await self.get_bearer_token()}"} if auth else None,
+                headers=headers,
                 timeout=httpx.Timeout(30.0),
             )
             if auth:

kscale/web/clients/robot_class.py

@@ -3,13 +3,18 @@
 import hashlib
 import json
 import logging
+import tarfile
 from pathlib import Path
 
 import httpx
 
 from kscale.web.clients.base import BaseClient
-from kscale.web.gen.api import RobotClass, RobotDownloadURDFResponse, RobotUploadURDFResponse
-from kscale.web.utils import get_cache_dir, should_refresh_file
+from kscale.web.gen.api import (
+    RobotClass,
+    RobotDownloadURDFResponse,
+    RobotUploadURDFResponse,
+)
+from kscale.web.utils import get_robots_dir, should_refresh_file
 
 logger = logging.getLogger(__name__)
 
@@ -94,7 +99,7 @@ class RobotClassClient(BaseClient):
         return response
 
     async def download_robot_class_urdf(self, class_name: str, *, cache: bool = True) -> Path:
-        cache_path = get_cache_dir() / class_name / "robot.tgz"
+        cache_path = get_robots_dir() / class_name / "robot.tgz"
         if cache and cache_path.exists() and not should_refresh_file(cache_path):
             return cache_path
         data = await self._request("GET", f"/robots/urdf/{class_name}", auth=True)
@@ -128,7 +133,10 @@ class RobotClassClient(BaseClient):
         if hash_value_hex != expected_hash:
             raise ValueError(f"MD5 hash mismatch: {hash_value_hex} != {expected_hash}")
 
-        # Updates the info file.
+        logger.info("Unpacking downloaded file")
+        with tarfile.open(cache_path, "r:gz") as tar:
+            tar.extractall(path=cache_path.parent)
+
         logger.info("Updating downloaded file information")
         info = {"md5_hash": hash_value_hex}
         with open(cache_path_info, "w") as f:

kscale/web/clients/user.py

@@ -8,3 +8,7 @@ class UserClient(BaseClient):
     async def get_profile_info(self) -> ProfileResponse:
         data = await self._request("GET", "/auth/profile", auth=True)
         return ProfileResponse(**data)
+
+    async def get_api_key(self, num_hours: int = 24) -> str:
+        data = await self._request("POST", "/auth/key", auth=True, data={"num_hours": num_hours})
+        return data["api_key"]

kscale/web/utils.py

@@ -13,24 +13,26 @@ DEFAULT_UPLOAD_TIMEOUT = 300.0  # 5 minutes
 
 
 @functools.lru_cache
-def get_cache_dir() -> Path:
+def get_kscale_dir() -> Path:
     """Returns the cache directory for artifacts."""
     return Path(Settings.load().www.cache_dir).expanduser().resolve()
 
 
+def get_auth_dir() -> Path:
+    """Returns the directory for authentication artifacts."""
+    return get_kscale_dir() / "auth"
+
+
+def get_robots_dir() -> Path:
+    """Returns the directory for robot artifacts."""
+    return get_kscale_dir() / "robots"
+
+
 def should_refresh_file(file: Path) -> bool:
     """Returns whether the file should be refreshed."""
     return file.exists() and file.stat().st_mtime < time.time() - Settings.load().www.refresh_interval_minutes * 60
 
 
-@functools.lru_cache
-def get_artifact_dir(artifact_id: str) -> Path:
-    """Returns the directory for a specific artifact."""
-    cache_dir = get_cache_dir() / artifact_id
-    cache_dir.mkdir(parents=True, exist_ok=True)
-    return cache_dir
-
-
 @functools.lru_cache
 def get_api_root() -> str:
     """Returns the root URL for the K-Scale WWW API."""

{kscale-0.1.2.dist-info → kscale-0.1.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: kscale
-Version: 0.1.2
+Version: 0.1.4
 Summary: The kscale project
 Home-page: https://github.com/kscalelabs/kscale
 Author: Benjamin Bolte

{kscale-0.1.2.dist-info → kscale-0.1.4.dist-info}/RECORD

@@ -1,4 +1,4 @@
-kscale/__init__.py,sha256=Do_oyhXSMNLURbvLDeTx4nJqgYgPhuREBynKDoeJyX4,172
+kscale/__init__.py,sha256=yhQJ7pWCzruLSpCCQHN706gdrMsRyf9UFGe9NRP-QPM,172
 kscale/api.py,sha256=jmiuFurTN_Gj_-k-6asqxw8wp-_bgJUXgMPFgJ4lqHA,230
 kscale/cli.py,sha256=PMHLKR5UwdbbReVmqHXpJ-K9-mGHv_0I7KQkwxmFcUA,881
 kscale/conf.py,sha256=x9jJ8pmSweUsLScN741B21SySCrnRZioV-1ZkhmERbI,1585
@@ -13,24 +13,24 @@ kscale/utils/api_base.py,sha256=Kk_WtRDdJHmOg6NtHmVxVrcfARSUkhfr29ypLch_pO0,112
 kscale/utils/checksum.py,sha256=jt6QmmQND9zrOEnUtOfZpLYROhgto4Gh3OpdUWk4tZA,1093
 kscale/utils/cli.py,sha256=JoaY5x5SdUx97KmMM9j5AjRRUqqrTlJ9qVckZptEsYA,827
 kscale/web/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-kscale/web/api.py,sha256=YioIdruq7LCKSBf9SvOGkv914W36_zBmpTzsJqKc0wE,439
-kscale/web/utils.py,sha256=l_m8GETCThhnXbHfXq53j1b-E__uZ5GuUbsQ8HR0WA0,1037
+kscale/web/api.py,sha256=oyW0XLfX96RPe1xNgdf8ejfATdLlNlP0CL1lP0FN1nM,593
+kscale/web/utils.py,sha256=kZcOYw5oa1vDe2wNn8ZaHRGhTElIJ8tSq-vVhtY9dzM,1047
 kscale/web/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 kscale/web/cli/robot.py,sha256=rI-A4_0uvJPeA71Apl4Z3mV5fIfWkgmzT9JRmJYxz3A,3307
 kscale/web/cli/robot_class.py,sha256=ymC5phUqofvOXv5P6f51b9lMK5eRDaavvnzS0x9rDbU,3574
 kscale/web/cli/token.py,sha256=1rFC8MYKtqbNsQa2KIqwW1tqpaMtFaxuNsallwejXTU,787
-kscale/web/cli/user.py,sha256=qO0z2K5uA48hEiOOYEzv6BO2nOlCpITTDZFuiNl6d34,817
+kscale/web/cli/user.py,sha256=aaJJCL1P5lfhK6ZC9OwOHXKA-I3MWqVZ_k7TYnx33CY,1303
 kscale/web/clients/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-kscale/web/clients/base.py,sha256=NRqRH2JTXjJLUMDM93txKgwFu9bQRYhCYLYy7vE76Ik,11462
+kscale/web/clients/base.py,sha256=eHdHH6uYLLN7lKRU78JiyOxtzflvYwQ9f7oxYlDwmK4,14594
 kscale/web/clients/client.py,sha256=QjBicdHQYNoUG9XRjAYmGu3THae9DzWa_hQox3OO1Gw,214
 kscale/web/clients/robot.py,sha256=HMfJnkDxaJ_o7X2vdYYS9iob1JRoBG2qiGmQpCQZpAk,1485
-kscale/web/clients/robot_class.py,sha256=vFXlvwQBmt7zEOixAI-mByBEkXCMZIW5OZjiESMavps,5050
-kscale/web/clients/user.py,sha256=9iv8J-ROm_yBIwi-0oqldReLkNBFktdHRv3UCOxBzjY,377
+kscale/web/clients/robot_class.py,sha256=O_6lAKAcdNGFVtojuiQlgPCVP5MQlYPZG5Z-awwauho,5206
+kscale/web/clients/user.py,sha256=jsa1_s6qXRM-AGBbHlPhd1NierUtynjY9tVAPNr6_Os,568
 kscale/web/gen/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 kscale/web/gen/api.py,sha256=SovcII36JFgK9jd2CXlLPMjiUROGB4vEnapOsYMUrkU,2188
-kscale-0.1.2.dist-info/LICENSE,sha256=HCN2bImAzUOXldAZZI7JZ9PYq6OwMlDAP_PpX1HnuN0,1071
-kscale-0.1.2.dist-info/METADATA,sha256=YEcA0zqZwXvW9BnfZn51PrTXcwemCxMuolC1jB7NG-g,2340
-kscale-0.1.2.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
-kscale-0.1.2.dist-info/entry_points.txt,sha256=N_0pCpPnwGDYVzOeuaSOrbJkS5L3lS9d8CxpJF1f8UI,62
-kscale-0.1.2.dist-info/top_level.txt,sha256=C2ynjYwopg6YjgttnI2dJjasyq3EKNmYp-IfQg9Xms4,7
-kscale-0.1.2.dist-info/RECORD,,
+kscale-0.1.4.dist-info/LICENSE,sha256=HCN2bImAzUOXldAZZI7JZ9PYq6OwMlDAP_PpX1HnuN0,1071
+kscale-0.1.4.dist-info/METADATA,sha256=BIuP-bpb_ed4i0R1LeQ1UAU5UUst3eU3G4E1FkrrT2k,2340
+kscale-0.1.4.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
+kscale-0.1.4.dist-info/entry_points.txt,sha256=N_0pCpPnwGDYVzOeuaSOrbJkS5L3lS9d8CxpJF1f8UI,62
+kscale-0.1.4.dist-info/top_level.txt,sha256=C2ynjYwopg6YjgttnI2dJjasyq3EKNmYp-IfQg9Xms4,7
+kscale-0.1.4.dist-info/RECORD,,