miso-client 0.1.0__py3-none-any.whl → 3.7.2__py3-none-any.whl

miso_client/services/redis.py

@@ -5,18 +5,23 @@ This module provides Redis connectivity with graceful degradation when Redis
 is unavailable. It handles caching of roles and permissions, and log queuing.
 """
 
-import redis.asyncio as redis
+import logging
 from typing import Optional
+
+import redis.asyncio as redis
+
 from ..models.config import RedisConfig
 
+logger = logging.getLogger(__name__)
+
 
 class RedisService:
     """Redis service for caching and log queuing."""
-    
+
     def __init__(self, config: Optional[RedisConfig] = None):
         """
         Initialize Redis service.
-        
+
         Args:
             config: Optional Redis configuration
         """
@@ -27,12 +32,12 @@ class RedisService:
     async def connect(self) -> None:
         """
         Connect to Redis.
-        
+
         Raises:
             Exception: If connection fails and config is provided
         """
         if not self.config:
-            print("Redis not configured, using controller fallback")
+            logger.info("Redis not configured, using controller fallback")
             return
 
         try:
@@ -46,17 +51,17 @@ class RedisService:
                 socket_connect_timeout=5,
                 socket_timeout=5,
             )
-            
+
             # Test connection
             # Some redis stubs type ping as possibly non-awaitable; support both
             resp = self.redis.ping()
             if hasattr(resp, "__await__"):
                 await resp  # type: ignore[misc]
             self.connected = True
-            print("Connected to Redis")
-            
+            logger.info("Connected to Redis")
+
         except Exception as error:
-            print(f"Failed to connect to Redis: {error}")
+            logger.error(f"Failed to connect to Redis: {error}", exc_info=error)
             self.connected = False
             if self.config:  # Only raise if Redis was configured
                 raise error
@@ -66,12 +71,12 @@ class RedisService:
         if self.redis:
             await self.redis.aclose()
             self.connected = False
-            print("Disconnected from Redis")
+            logger.info("Disconnected from Redis")
 
     def is_connected(self) -> bool:
         """
         Check if Redis is connected.
-        
+
         Returns:
             True if connected, False otherwise
         """
@@ -80,10 +85,10 @@ class RedisService:
     async def get(self, key: str) -> Optional[str]:
         """
         Get value from Redis.
-        
+
         Args:
             key: Redis key
-            
+
         Returns:
             Value if found, None otherwise
         """
@@ -100,18 +105,18 @@ class RedisService:
                 result = resp
             return None if result is None else str(result)
         except Exception as error:
-            print(f"Redis get error: {error}")
+            logger.error("Redis get error", exc_info=error)
             return None
 
     async def set(self, key: str, value: str, ttl: int) -> bool:
         """
         Set value in Redis with TTL.
-        
+
         Args:
             key: Redis key
             value: Value to store
             ttl: Time to live in seconds
-            
+
         Returns:
             True if successful, False otherwise
         """
@@ -126,16 +131,16 @@ class RedisService:
                 await resp  # type: ignore[misc]
             return True
         except Exception as error:
-            print(f"Redis set error: {error}")
+            logger.error("Redis set error", exc_info=error)
             return False
 
     async def delete(self, key: str) -> bool:
         """
         Delete key from Redis.
-        
+
         Args:
             key: Redis key
-            
+
         Returns:
             True if successful, False otherwise
         """
@@ -150,17 +155,17 @@ class RedisService:
                 await resp  # type: ignore[misc]
             return True
         except Exception as error:
-            print(f"Redis delete error: {error}")
+            logger.error("Redis delete error", exc_info=error)
             return False
 
     async def rpush(self, queue: str, value: str) -> bool:
         """
         Push value to Redis list (for log queuing).
-        
+
         Args:
             queue: Queue name
             value: Value to push
-            
+
         Returns:
             True if successful, False otherwise
         """
@@ -175,5 +180,5 @@ class RedisService:
                 await resp  # type: ignore[misc]
             return True
         except Exception as error:
-            print(f"Redis rpush error: {error}")
+            logger.error("Redis rpush error", exc_info=error)
             return False

miso_client/services/role.py

@@ -6,39 +6,55 @@ Roles are cached with Redis and in-memory fallback using CacheService.
 Optimized to extract userId from JWT token before API calls for cache optimization.
 """
 
+import logging
 import time
-from typing import List, cast
-from ..models.config import RoleResult
+from typing import TYPE_CHECKING, List, Optional, cast
+
+from ..models.config import AuthStrategy, RoleResult
 from ..services.cache import CacheService
+from ..utils.auth_utils import validate_token_request
+from ..utils.error_utils import extract_correlation_id_from_error
 from ..utils.http_client import HttpClient
 from ..utils.jwt_tools import extract_user_id
 
+if TYPE_CHECKING:
+    from ..api import ApiClient
+
+logger = logging.getLogger(__name__)
+
 
 class RoleService:
     """Role service for user authorization with caching."""
-    
-    def __init__(self, http_client: HttpClient, cache: CacheService):
+
+    def __init__(
+        self, http_client: HttpClient, cache: CacheService, api_client: Optional["ApiClient"] = None
+    ):
         """
         Initialize role service.
-        
+
         Args:
-            http_client: HTTP client instance
+            http_client: HTTP client instance (for backward compatibility)
             cache: Cache service instance (handles Redis + in-memory fallback)
+            api_client: Optional API client instance (for typed API calls)
         """
         self.config = http_client.config
         self.http_client = http_client
         self.cache = cache
+        self.api_client = api_client
         self.role_ttl = self.config.role_ttl
 
-    async def get_roles(self, token: str) -> List[str]:
+    async def get_roles(
+        self, token: str, auth_strategy: Optional[AuthStrategy] = None
+    ) -> List[str]:
         """
         Get user roles with Redis caching.
-        
+
         Optimized to extract userId from token first to check cache before API call.
-        
+
         Args:
             token: JWT token
-            
+            auth_strategy: Optional authentication strategy
+
         Returns:
             List of user roles
         """
@@ -56,10 +72,8 @@ class RoleService:
             # Cache miss or no userId in token - fetch from controller
             # If we don't have userId, get it from validate endpoint
             if not user_id:
-                user_info = await self.http_client.authenticated_request(
-                    "POST",
-                    "/api/auth/validate",
-                    token
+                user_info = await validate_token_request(
+                    token, self.http_client, self.api_client, auth_strategy
                 )
                 user_id = user_info.get("user", {}).get("id") if user_info else None
                 if not user_id:
@@ -67,89 +81,110 @@ class RoleService:
                 cache_key = f"roles:{user_id}"
 
             # Cache miss - fetch from controller
-            role_result = await self.http_client.authenticated_request(
-                "GET",
-                "/api/auth/roles",  # Backend knows app/env from client token
-                token
-            )
-            
-            role_data = RoleResult(**role_result)
-            roles = role_data.roles or []
+            if self.api_client:
+                # Use ApiClient for typed API calls
+                response = await self.api_client.roles.get_roles(token, auth_strategy=auth_strategy)
+                roles = response.data.roles or []
+            else:
+                # Fallback to HttpClient for backward compatibility
+                if auth_strategy is not None:
+                    role_result = await self.http_client.authenticated_request(
+                        "GET", "/api/v1/auth/roles", token, auth_strategy=auth_strategy
+                    )
+                else:
+                    role_result = await self.http_client.authenticated_request(
+                        "GET", "/api/v1/auth/roles", token
+                    )
+
+                role_data = RoleResult(**role_result)
+                roles = role_data.roles or []
 
             # Cache the result (CacheService handles Redis + in-memory automatically)
             assert cache_key is not None
             await self.cache.set(
-                cache_key,
-                {"roles": roles, "timestamp": int(time.time() * 1000)},
-                self.role_ttl
+                cache_key, {"roles": roles, "timestamp": int(time.time() * 1000)}, self.role_ttl
             )
 
             return roles
-            
-        except Exception:
-            # Failed to get roles, return empty list
+
+        except Exception as error:
+            correlation_id = extract_correlation_id_from_error(error)
+            logger.error(
+                "Failed to get roles",
+                exc_info=error,
+                extra={"correlationId": correlation_id} if correlation_id else None,
+            )
             return []
 
-    async def has_role(self, token: str, role: str) -> bool:
+    async def has_role(
+        self, token: str, role: str, auth_strategy: Optional[AuthStrategy] = None
+    ) -> bool:
         """
         Check if user has specific role.
-        
+
         Args:
             token: JWT token
             role: Role to check
-            
+            auth_strategy: Optional authentication strategy
+
         Returns:
             True if user has the role, False otherwise
         """
-        roles = await self.get_roles(token)
+        roles = await self.get_roles(token, auth_strategy=auth_strategy)
         return role in roles
 
-    async def has_any_role(self, token: str, roles: List[str]) -> bool:
+    async def has_any_role(
+        self, token: str, roles: List[str], auth_strategy: Optional[AuthStrategy] = None
+    ) -> bool:
         """
         Check if user has any of the specified roles.
-        
+
         Args:
             token: JWT token
             roles: List of roles to check
-            
+            auth_strategy: Optional authentication strategy
+
         Returns:
             True if user has any of the roles, False otherwise
         """
-        user_roles = await self.get_roles(token)
+        user_roles = await self.get_roles(token, auth_strategy=auth_strategy)
         return any(role in user_roles for role in roles)
 
-    async def has_all_roles(self, token: str, roles: List[str]) -> bool:
+    async def has_all_roles(
+        self, token: str, roles: List[str], auth_strategy: Optional[AuthStrategy] = None
+    ) -> bool:
         """
         Check if user has all of the specified roles.
-        
+
         Args:
             token: JWT token
             roles: List of roles to check
-            
+            auth_strategy: Optional authentication strategy
+
         Returns:
             True if user has all roles, False otherwise
         """
-        user_roles = await self.get_roles(token)
+        user_roles = await self.get_roles(token, auth_strategy=auth_strategy)
         return all(role in user_roles for role in roles)
 
-    async def refresh_roles(self, token: str) -> List[str]:
+    async def refresh_roles(
+        self, token: str, auth_strategy: Optional[AuthStrategy] = None
+    ) -> List[str]:
         """
         Force refresh roles from controller (bypass cache).
-        
+
         Args:
             token: JWT token
-            
+            auth_strategy: Optional authentication strategy
+
         Returns:
             Fresh list of user roles
         """
         try:
             # Get user info to extract userId
-            user_info = await self.http_client.authenticated_request(
-                "POST",
-                "/api/auth/validate",
-                token
+            user_info = await validate_token_request(
+                token, self.http_client, self.api_client, auth_strategy
             )
-            
             user_id = user_info.get("user", {}).get("id") if user_info else None
             if not user_id:
                 return []
@@ -157,24 +192,72 @@ class RoleService:
             cache_key = f"roles:{user_id}"
 
             # Fetch fresh roles from controller using refresh endpoint
-            role_result = await self.http_client.authenticated_request(
-                "GET",
-                "/api/auth/roles/refresh",
-                token
-            )
-            
-            role_data = RoleResult(**role_result)
-            roles = role_data.roles or []
+            if self.api_client:
+                # Use ApiClient for typed API calls
+                response = await self.api_client.roles.refresh_roles(
+                    token, auth_strategy=auth_strategy
+                )
+                roles = response.data.roles or []
+            else:
+                # Fallback to HttpClient for backward compatibility
+                if auth_strategy is not None:
+                    role_result = await self.http_client.authenticated_request(
+                        "GET", "/api/v1/auth/roles/refresh", token, auth_strategy=auth_strategy
+                    )
+                else:
+                    role_result = await self.http_client.authenticated_request(
+                        "GET", "/api/v1/auth/roles/refresh", token
+                    )
+
+                role_data = RoleResult(**role_result)
+                roles = role_data.roles or []
 
             # Update cache with fresh data (CacheService handles Redis + in-memory automatically)
             await self.cache.set(
-                cache_key,
-                {"roles": roles, "timestamp": int(time.time() * 1000)},
-                self.role_ttl
+                cache_key, {"roles": roles, "timestamp": int(time.time() * 1000)}, self.role_ttl
             )
 
             return roles
-            
-        except Exception:
-            # Failed to refresh roles, return empty list
+
+        except Exception as error:
+            correlation_id = extract_correlation_id_from_error(error)
+            logger.error(
+                "Failed to refresh roles",
+                exc_info=error,
+                extra={"correlationId": correlation_id} if correlation_id else None,
+            )
             return []
+
+    async def clear_roles_cache(
+        self, token: str, auth_strategy: Optional[AuthStrategy] = None
+    ) -> None:
+        """
+        Clear cached roles for a user.
+
+        Args:
+            token: JWT token
+            auth_strategy: Optional authentication strategy
+        """
+        try:
+            # Extract userId from token to avoid unnecessary API calls
+            user_id = extract_user_id(token)
+            if not user_id:
+                # If userId not in token, try to get it from validate endpoint
+                user_info = await validate_token_request(
+                    token, self.http_client, self.api_client, auth_strategy
+                )
+                user_id = user_info.get("user", {}).get("id") if user_info else None
+                if not user_id:
+                    return  # Cannot clear cache without userId
+
+            cache_key = f"roles:{user_id}"
+            await self.cache.delete(cache_key)
+
+        except Exception as error:
+            correlation_id = extract_correlation_id_from_error(error)
+            logger.error(
+                "Failed to clear roles cache",
+                exc_info=error,
+                extra={"correlationId": correlation_id} if correlation_id else None,
+            )
+            # Silently continue per service method pattern

miso_client/utils/__init__.py

@@ -1,9 +1,9 @@
 """Utility modules for MisoClient SDK."""
 
-from .http_client import HttpClient
 from .config_loader import load_config
 from .data_masker import DataMasker
-from .jwt_tools import decode_token, extract_user_id, extract_session_id
+from .http_client import HttpClient
+from .jwt_tools import decode_token, extract_session_id, extract_user_id
 
 __all__ = [
     "HttpClient",
@@ -12,4 +12,4 @@ __all__ = [
     "decode_token",
     "extract_user_id",
     "extract_session_id",
-]
+]