miso-client 0.1.0__py3-none-any.whl → 0.4.0__py3-none-any.whl

{miso_client-0.1.0.dist-info → miso_client-0.4.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: miso-client
-Version: 0.1.0
+Version: 0.4.0
 Summary: Python client SDK for AI Fabrix authentication, authorization, and logging
 Home-page: https://github.com/aifabrix/miso-client-python
 Author: AI Fabrix Team
@@ -80,10 +80,13 @@ The **AI Fabrix Miso Client SDK** provides authentication, authorization, and lo
 ### 📊 Compliance & Audit
 
 **ISO 27001 Compliance**
-- Comprehensive audit trails for all user actions
+- Comprehensive audit trails for all user actions and HTTP requests
+- Automatic data masking for all sensitive information in logs
+- HTTP request/response audit logging with masked sensitive data
 - Data access logging and monitoring
 - Security event tracking
 - Accountability and non-repudiation
+- Configurable sensitive fields via JSON configuration
 
 **Regulatory Compliance**
 - GDPR-ready data protection
@@ -134,9 +137,13 @@ The **AI Fabrix Miso Client SDK** provides authentication, authorization, and lo
 
 **Observability**
 - Centralized logging with correlation IDs
+- Automatic HTTP request/response audit logging (ISO 27001 compliant)
+- Debug logging with detailed request/response information (when `log_level='debug'`)
 - Performance tracking and metrics
 - Error tracking and debugging
 - Health monitoring
+- Automatic data masking for sensitive information in logs
+- Configurable sensitive fields via JSON configuration
 
 ---
 
@@ -262,7 +269,7 @@ if is_admin:
 
 ### Step 5: Activate Logging
 
-**What happens:** Application logs are sent to the Miso Controller with client token authentication.
+**What happens:** Application logs are sent to the Miso Controller with client token authentication. All HTTP requests are automatically audited with ISO 27001 compliant data masking.
 
 ```python
 from miso_client import MisoClient, load_config
@@ -278,10 +285,17 @@ user = await client.get_user(token)
 await client.log.info('User accessed dashboard', {'userId': user.id if user else None})
 await client.log.error('Operation failed', {'error': str(err)})
 await client.log.warn('Unusual activity', {'details': '...'})
+
+# HTTP requests are automatically audited
+# All sensitive data is automatically masked before logging
+result = await client.http_client.get('/api/users')
+# This automatically creates an audit log: http.request.GET with masked sensitive data
 ```
 
 **What happens to logs?** They're sent to the Miso Controller for centralized monitoring and analysis. Client token is automatically included.
 
+**ISO 27001 Compliance:** All HTTP requests are automatically audited with sensitive data masked. Set `log_level='debug'` to enable detailed request/response logging (all sensitive data is still masked).
+
 → [Complete logging example](examples/step-5-logging.py)  
 → [Logging Reference](docs/api-reference.md#logger-service)
 
@@ -366,6 +380,40 @@ ENCRYPTION_KEY=your-32-byte-encryption-key
 
 ---
 
+### Testing with API Key
+
+**What happens:** When `API_KEY` is set in your `.env` file, you can authenticate requests using the API key as a bearer token, bypassing OAuth2 authentication. This is useful for testing without setting up Keycloak.
+
+```python
+from miso_client import MisoClient, load_config
+
+client = MisoClient(load_config())
+await client.initialize()
+
+# Use API_KEY as bearer token (for testing only)
+api_key_token = "your-api-key-from-env"
+is_valid = await client.validate_token(api_key_token)
+# Returns True if token matches API_KEY from .env
+
+user = await client.get_user(api_key_token)
+# Returns None (API key auth doesn't provide user info)
+```
+
+**Configuration:**
+
+```bash
+# Add to .env for testing
+API_KEY=your-test-api-key-here
+```
+
+**Important:** 
+- API_KEY authentication bypasses OAuth2 validation completely
+- User information methods (`get_user()`, `get_user_info()`) return `None` when using API_KEY
+- Token validation returns `True` if the bearer token matches the configured `API_KEY`
+- This feature is intended for testing and development only
+
+---
+
 ## 🔧 Configuration
 
 ```python
@@ -380,6 +428,8 @@ config = MisoClientConfig(
         port=6379,
     ),
     log_level="info",                         # Optional: 'debug' | 'info' | 'warn' | 'error'
+                                              # Set to 'debug' for detailed HTTP request/response logging
+    api_key="your-test-api-key",              # Optional: API key for testing (bypasses OAuth2)
     cache={                                   # Optional: Cache TTL settings
         "role_ttl": 900,       # Role cache TTL (default: 900s)
         "permission_ttl": 900, # Permission cache TTL (default: 900s)
@@ -389,6 +439,18 @@ config = MisoClientConfig(
 
 **Recommended:** Use `load_config()` to load from `.env` file automatically.
 
+**ISO 27001 Data Masking Configuration:**
+
+Sensitive fields are configured via `miso_client/utils/sensitive_fields_config.json`. You can customize this by:
+
+1. Setting `MISO_SENSITIVE_FIELDS_CONFIG` environment variable to point to a custom JSON file
+2. Using `DataMasker.set_config_path()` to set a custom path programmatically
+
+The default configuration includes ISO 27001 compliant sensitive fields:
+- Authentication: password, token, secret, key, auth, authorization
+- PII: ssn, creditcard, cc, cvv, pin, otp
+- Security: apikey, accesstoken, refreshtoken, privatekey, secretkey, cookie, session
+
 → [Complete Configuration Reference](docs/configuration.md)
 
 ---
@@ -413,6 +475,28 @@ The SDK consists of five core services:
 - **LoggerService** - Centralized logging with API key authentication
 - **RedisService** - Caching and queue management (optional)
 
+### HTTP Client Architecture
+
+The SDK uses a two-layer HTTP client architecture for ISO 27001 compliance:
+
+- **InternalHttpClient** - Core HTTP functionality with automatic client token management (internal)
+- **HttpClient** - Public wrapper that adds automatic ISO 27001 compliant audit and debug logging
+
+**Features:**
+- Automatic audit logging for all HTTP requests (`http.request.{METHOD}`)
+- Debug logging when `log_level === 'debug'` with detailed request/response information
+- Automatic data masking using `DataMasker` before logging (ISO 27001 compliant)
+- Sensitive endpoints (`/api/logs`, `/api/auth/token`) are excluded from audit logging to prevent infinite loops
+- All sensitive data (headers, bodies, query params) is automatically masked before logging
+
+**ISO 27001 Compliance:**
+- All request headers are masked (Authorization, x-client-token, Cookie, etc.)
+- All request bodies are recursively masked for sensitive fields (password, token, secret, SSN, etc.)
+- All response bodies are masked (limited to first 1000 characters)
+- Query parameters are automatically masked
+- Error messages are masked if they contain sensitive data
+- Sensitive fields configuration can be customized via `sensitive_fields_config.json`
+
 → [Architecture Details](docs/api-reference.md#architecture)
 
 ---
@@ -450,6 +534,83 @@ The SDK consists of five core services:
 - [Flask Decorators](docs/examples.md#flask-decorators) - Decorator-based auth
 - [Error Handling](docs/examples.md#error-handling) - Best practices
 
+---
+
+### Structured Error Responses
+
+**What happens:** The SDK automatically parses structured error responses from the API (RFC 7807-style format) and makes them available through the `MisoClientError` exception.
+
+```python
+from miso_client import MisoClient, MisoClientError, ErrorResponse, load_config
+
+client = MisoClient(load_config())
+await client.initialize()
+
+try:
+    result = await client.http_client.get("/api/some-endpoint")
+except MisoClientError as e:
+    # Check if structured error response is available
+    if e.error_response:
+        print(f"Error Type: {e.error_response.type}")
+        print(f"Error Title: {e.error_response.title}")
+        print(f"Status Code: {e.error_response.statusCode}")
+        print(f"Errors: {e.error_response.errors}")
+        print(f"Instance: {e.error_response.instance}")
+    else:
+        # Fallback to traditional error handling
+        print(f"Error: {e.message}")
+        print(f"Status Code: {e.status_code}")
+        print(f"Error Body: {e.error_body}")
+```
+
+**Error Response Structure:**
+
+The `ErrorResponse` model follows RFC 7807-style format:
+
+```json
+{
+   "errors": [
+      "The user has provided input that the browser is unable to convert.",
+      "There are multiple rows in the database for the same value"
+   ],
+   "type": "/Errors/Bad Input",
+   "title": "Bad Request",
+   "statusCode": 400,
+   "instance": "/OpenApi/rest/Xzy"
+}
+```
+
+**Features:**
+
+- **Automatic Parsing**: Structured error responses are automatically parsed from HTTP responses
+- **Backward Compatible**: Falls back to traditional error handling when structured format is not available
+- **Type Safety**: Full type hints with Pydantic models for reliable error handling
+- **Generic Interface**: `ErrorResponse` model can be reused across different applications
+- **Instance URI**: Automatically extracted from request URL if not provided in response
+
+**Using ErrorResponse directly:**
+
+```python
+from miso_client import ErrorResponse
+
+# Create ErrorResponse from dict
+error_data = {
+    "errors": ["Validation failed"],
+    "type": "/Errors/Validation",
+    "title": "Validation Error",
+    "statusCode": 422,
+    "instance": "/api/endpoint"
+}
+error_response = ErrorResponse(**error_data)
+
+# Access fields
+print(error_response.errors)  # ["Validation failed"]
+print(error_response.type)    # "/Errors/Validation"
+print(error_response.title)   # "Validation Error"
+print(error_response.statusCode)  # 422
+print(error_response.instance)   # "/api/endpoint"
+```
+
 ### Common Tasks
 
 **Add authentication middleware (FastAPI):**
@@ -490,6 +651,7 @@ MISO_CONTROLLER_URL=http://localhost:3000
 REDIS_HOST=localhost
 REDIS_PORT=6379
 MISO_LOG_LEVEL=info
+API_KEY=your-test-api-key  # Optional: For testing (bypasses OAuth2)
 ```
 
 ---

miso_client-0.4.0.dist-info/RECORD

@@ -0,0 +1,26 @@
+miso_client/__init__.py,sha256=MjiF-VJCkY6_s5_Oy8U43ZRa-XRVgrTpco-PnGPBTC4,14395
+miso_client/errors.py,sha256=uyS5j-_bUCA5gbINPYQd0wMpGsaEH0tJRK0obQTq2oo,1976
+miso_client/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+miso_client/models/__init__.py,sha256=lMnzU7j2Z5_UehvOeIrbJIo3MH4j5KINGfU1vJTzTyU,139
+miso_client/models/config.py,sha256=TLckmwajrdnJpMTsjCtaFkz8wFAXcEQJfKjXQ8ww6vM,8024
+miso_client/models/error_response.py,sha256=Dd-Rm2ylxU9ssYUsGBifjT-Let2MMxn28LJszQCO5bY,1362
+miso_client/services/__init__.py,sha256=2ok62Z9kaS0Zze-OxRkxEJ4JidzN9jL_pzGMOxpZppQ,489
+miso_client/services/auth.py,sha256=hYnHEoTNgeH_g0ItoVDq99fBZCZX0o-0o-9gRxqZYmw,5465
+miso_client/services/cache.py,sha256=lXcLcRm56snOX3AQiEKi-j7FIikCLYnEK2HXxBkxm2M,6510
+miso_client/services/encryption.py,sha256=8512ACLt0P8t3W_CGzmG0JRSvzDinvjPRvkifdDxIRs,3022
+miso_client/services/logger.py,sha256=dopKQeBZpz9S3iX9vw8xcPsS1oyMASOUQ4-OvCdElTw,16772
+miso_client/services/permission.py,sha256=GOGRAaXSfPKTXqEqbR0XP8hrA-YQgVFbHPxD-gGBUyA,6853
+miso_client/services/redis.py,sha256=BWfgXoSOyyGrB9cf_kTY0lZwfbjUWQhkiOyFFSp590M,5348
+miso_client/services/role.py,sha256=qmxhk54QUGCjCuCWm_ruDlTq7iT9yOicfUvdRVkFKUI,5517
+miso_client/utils/__init__.py,sha256=HArSxVKrmCqFkqFOPwe1i3B2IBHJ1vRqYu98c_KASV0,366
+miso_client/utils/config_loader.py,sha256=yZk4pXNIBu3i61KqxM8QwsjraM0xhqUcH2THl8-DMu0,3027
+miso_client/utils/data_masker.py,sha256=D7AEyViGxoShLa5UUZHYhRCPQMPKqX7qNilTK9h87OM,7035
+miso_client/utils/http_client.py,sha256=AwlP0h17SdJ2lqf5j19HVztjvvMrCPTybkbWdvGzM38,20252
+miso_client/utils/internal_http_client.py,sha256=jgiaO94EiIUbMQWUKN4FhYqOQ9r0BZea0_grRcOepL4,16078
+miso_client/utils/jwt_tools.py,sha256=-pvz5nk5BztEnhFnL-dtOv8Q5E0G2oh4RwFrVk2rVpg,1981
+miso_client/utils/sensitive_fields_loader.py,sha256=EHODxyM1Gw7hgKXCvJ1B4Hf4LZqcEqWEXu4q5CPFaic,3667
+miso_client-0.4.0.dist-info/licenses/LICENSE,sha256=3hoU8LdT9_EIFIx6FjMk5sQnVCBMX3FRIOzqqy5im4c,1076
+miso_client-0.4.0.dist-info/METADATA,sha256=Ek0HsqCnGba1PhmwPWre-KSrxVcOthJ1XtDBuObGyUw,22690
+miso_client-0.4.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+miso_client-0.4.0.dist-info/top_level.txt,sha256=8i_FNeRn8PRy6scnXOpVr-IJYsArkqIvxRMTZPtik9E,12
+miso_client-0.4.0.dist-info/RECORD,,

miso_client-0.1.0.dist-info/RECORD

@@ -1,23 +0,0 @@
-miso_client/__init__.py,sha256=lL254-VN8Q8SV4nJwiTMYEWrYUpBzzG_uxNlNlQKuog,14205
-miso_client/errors.py,sha256=XEa0bbYoP4mH6n8GuTquf-qD4tkCr-Ca3QIWOKZJtxQ,1143
-miso_client/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-miso_client/models/__init__.py,sha256=Oy03VQKAqg0FGZiWfcNdSgOA-PzfbdQDX_1sqfv_r-U,67
-miso_client/models/config.py,sha256=PFiIp8fouoGGBUAu9ODwsVwhuW78v-iqEvDPBQ0YK5Q,7759
-miso_client/services/__init__.py,sha256=DfiZJ45MWQvVqwp0kyxjuK9ngiO3nW8zcdBqd7VOD7Y,488
-miso_client/services/auth.py,sha256=NrVX5MXaLqWinoWB7bAvEurTONkjVm2HlvDJPnmOkKU,4863
-miso_client/services/cache.py,sha256=gu5Ykbh43vrBb9hLvl6OXstGKFZpUUyIAa4fifj6KW8,6786
-miso_client/services/encryption.py,sha256=kQsES7oCs1l8vTmy1G9mI6eXXvrfdNuXMpZzG_xUX0M,3145
-miso_client/services/logger.py,sha256=tpj-N3Rq4dfkJteNu7rt_KniOFkf5eyhuTbFcapM-Nk,16789
-miso_client/services/permission.py,sha256=6vT9BV_NX9dJ7moSN5CBILjEn9u6do9IAeR4k3Fp9Q8,7210
-miso_client/services/redis.py,sha256=4ov5Pu1xKDqSUNMDx9rTvbsTuM4jwaRUrpSiLAzIU_I,5478
-miso_client/services/role.py,sha256=j4qCyYBXinubEpa0Yy_XPqFANuQHSQl0BILugRXM5WY,5896
-miso_client/utils/__init__.py,sha256=YErXOQ6cqaxflEC7JCQuV_XbPU4NTAdBhbe4L5tv73o,365
-miso_client/utils/config_loader.py,sha256=a2Jj8sd_IN8EhCjk3mtdMK1Z3MAG0P8IYThCd66dk3k,2912
-miso_client/utils/data_masker.py,sha256=PJ-8ro2zuzS_XkjB5aV_DjY9NAjnlynJhsy41nFr408,4570
-miso_client/utils/http_client.py,sha256=L9004iavGVM67BIJTl9_aI0rzV6fMSi0WPZi1h-CgTY,13347
-miso_client/utils/jwt_tools.py,sha256=W1WFA_J1YU1Ng-IcsA9KdUTPda4pqIy7TF7nvXl2KLk,2061
-miso_client-0.1.0.dist-info/licenses/LICENSE,sha256=3hoU8LdT9_EIFIx6FjMk5sQnVCBMX3FRIOzqqy5im4c,1076
-miso_client-0.1.0.dist-info/METADATA,sha256=ocOKMvNYl5VKFXr5NbD7FtdwWfMM947h0Rt4lgLRJR0,16006
-miso_client-0.1.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-miso_client-0.1.0.dist-info/top_level.txt,sha256=8i_FNeRn8PRy6scnXOpVr-IJYsArkqIvxRMTZPtik9E,12
-miso_client-0.1.0.dist-info/RECORD,,