ngilive 0.1.0__tar.gz

ngilive-0.1.0/PKG-INFO

@@ -0,0 +1,165 @@
+Metadata-Version: 2.3
+Name: ngilive
+Version: 0.1.0
+Summary: 
+Author: Ole-Jakob Olsen
+Author-email: ole.jakob.olsen@ngi.no
+Requires-Python: >=3.11,<4.0
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Requires-Dist: httpx (>=0.28.1,<0.29.0)
+Requires-Dist: pydantic (>=2.11.9,<3.0.0)
+Description-Content-Type: text/markdown
+
+# NGILIVE SDK
+
+## Usage
+
+Useful library to develop against the NGI Live API.
+
+It helps you get access to the API by doing all the difficult auth things.
+
+Additionally it provides nice type hinted bindings for the API endpoints,
+so you can follow code completion instead of reading documentation!
+
+```python
+from ngilive import API
+
+api = API()
+
+
+sensor_response = api.query_sensors(
+    20190539,
+    logger="IK50",
+    unit="V",
+)
+```
+
+The first time you run it, you will see an output like this in your terminal.
+Perform the log in as prompted, and you will not see it again until your access has
+expired.
+
+```
+[18:41:13] ngilive.auth INFO: Please complete the authentication in your browser: https://keycloak.ngiapi.no/auth/...
+```
+
+## Example Queries
+
+#### Query Sensor Metadata
+
+```python
+from ngilive import API
+
+api = API()
+
+
+sensor_response = api.query_sensors(
+    20190539,
+    logger="IK50",
+    unit="V",
+)
+```
+
+Example response:
+
+```json
+{
+  "sensors": [
+    {
+      "name": "18V_IK50",
+      "unit": "V",
+      "logger": "IK50",
+      "type": "zBat18V",
+      "pos": {
+        "north": null,
+        "east": null,
+        "mash": null,
+        "coordinateSystem": {
+          "authority": "EPSG",
+          "srid": null
+        }
+      }
+    },
+    {
+      "name": "3V_IK50",
+      "unit": "V",
+      "logger": "IK50",
+      "type": "zBat3V",
+      "pos": {
+        "north": null,
+        "east": null,
+        "mash": null,
+        "coordinateSystem": {
+          "authority": "EPSG",
+          "srid": null
+        }
+      }
+    }
+  ]
+}
+```
+
+#### Query datapoints
+
+```python
+datapoints = api.query_datapoints(
+    project_number=20190539,
+    start=datetime.now(tz=UTC) - timedelta(days=1),
+    end=datetime.now(tz=UTC),
+    logger="IK50",
+    unit="V",
+)
+```
+
+## Authentication
+
+#### Authorization Code
+
+You can use this library to obtain an access token and call the API.
+It will open the browser for you, and ask you to log in to geohub.
+
+The below example is useful if you want to control the HTTP client yourself, for
+example using `requests` or `httpx` libraries.
+
+```python
+import httpx
+
+from ngilive.auth import AuthorizationCode
+
+auth = AuthorizationCode()
+access_token = auth.get_token()
+
+response = httpx.get(
+    "http://api.test.ngilive.no/projects/20190539/sensors",
+    headers={"Authorization": f"Bearer {access_token}"},
+)
+```
+
+#### Client Credentials
+
+This example uses client_id and client secret instead of signing in
+in the browser. It is useful in cases where an automatic job should
+call the API, which cannot log in via the browser. For other usecases,
+use AuthorizationCode instead.
+
+You can also use the ClientCredentials helper to get an access token
+like in the above Authorization code example.
+
+```python
+from ngilive import API
+from ngilive.auth import ClientCredentials
+
+auth = ClientCredentials(
+    client_id="data-api-test-client",
+    client_secret="<client secret>",
+    loglevel="DEBUG",
+)
+
+api = API(auth=auth)
+
+# Now you can query the API without logging in
+# sensor_response = api.query_sensors(20190539)
+```
+

ngilive-0.1.0/README.md

@@ -0,0 +1,149 @@
+# NGILIVE SDK
+
+## Usage
+
+Useful library to develop against the NGI Live API.
+
+It helps you get access to the API by doing all the difficult auth things.
+
+Additionally it provides nice type hinted bindings for the API endpoints,
+so you can follow code completion instead of reading documentation!
+
+```python
+from ngilive import API
+
+api = API()
+
+
+sensor_response = api.query_sensors(
+    20190539,
+    logger="IK50",
+    unit="V",
+)
+```
+
+The first time you run it, you will see an output like this in your terminal.
+Perform the log in as prompted, and you will not see it again until your access has
+expired.
+
+```
+[18:41:13] ngilive.auth INFO: Please complete the authentication in your browser: https://keycloak.ngiapi.no/auth/...
+```
+
+## Example Queries
+
+#### Query Sensor Metadata
+
+```python
+from ngilive import API
+
+api = API()
+
+
+sensor_response = api.query_sensors(
+    20190539,
+    logger="IK50",
+    unit="V",
+)
+```
+
+Example response:
+
+```json
+{
+  "sensors": [
+    {
+      "name": "18V_IK50",
+      "unit": "V",
+      "logger": "IK50",
+      "type": "zBat18V",
+      "pos": {
+        "north": null,
+        "east": null,
+        "mash": null,
+        "coordinateSystem": {
+          "authority": "EPSG",
+          "srid": null
+        }
+      }
+    },
+    {
+      "name": "3V_IK50",
+      "unit": "V",
+      "logger": "IK50",
+      "type": "zBat3V",
+      "pos": {
+        "north": null,
+        "east": null,
+        "mash": null,
+        "coordinateSystem": {
+          "authority": "EPSG",
+          "srid": null
+        }
+      }
+    }
+  ]
+}
+```
+
+#### Query datapoints
+
+```python
+datapoints = api.query_datapoints(
+    project_number=20190539,
+    start=datetime.now(tz=UTC) - timedelta(days=1),
+    end=datetime.now(tz=UTC),
+    logger="IK50",
+    unit="V",
+)
+```
+
+## Authentication
+
+#### Authorization Code
+
+You can use this library to obtain an access token and call the API.
+It will open the browser for you, and ask you to log in to geohub.
+
+The below example is useful if you want to control the HTTP client yourself, for
+example using `requests` or `httpx` libraries.
+
+```python
+import httpx
+
+from ngilive.auth import AuthorizationCode
+
+auth = AuthorizationCode()
+access_token = auth.get_token()
+
+response = httpx.get(
+    "http://api.test.ngilive.no/projects/20190539/sensors",
+    headers={"Authorization": f"Bearer {access_token}"},
+)
+```
+
+#### Client Credentials
+
+This example uses client_id and client secret instead of signing in
+in the browser. It is useful in cases where an automatic job should
+call the API, which cannot log in via the browser. For other usecases,
+use AuthorizationCode instead.
+
+You can also use the ClientCredentials helper to get an access token
+like in the above Authorization code example.
+
+```python
+from ngilive import API
+from ngilive.auth import ClientCredentials
+
+auth = ClientCredentials(
+    client_id="data-api-test-client",
+    client_secret="<client secret>",
+    loglevel="DEBUG",
+)
+
+api = API(auth=auth)
+
+# Now you can query the API without logging in
+# sensor_response = api.query_sensors(20190539)
+```

ngilive-0.1.0/pyproject.toml

@@ -0,0 +1,23 @@
+[project]
+name = "ngilive"
+version = "0.1.0"
+description = ""
+authors = [
+    {name = "Ole-Jakob Olsen",email = "ole.jakob.olsen@ngi.no"}
+]
+readme = "README.md"
+requires-python = ">=3.11,<4.0"
+
+
+[tool.poetry]
+packages = [
+    { include = "ngilive", from = "src" },
+]
+
+[tool.poetry.dependencies]
+httpx = "^0.28.1"
+pydantic = "^2.11.9"
+
+[build-system]
+requires = ["poetry-core>=2.0.0,<3.0.0"]
+build-backend = "poetry.core.masonry.api"

ngilive-0.1.0/src/ngilive/__init__.py

@@ -0,0 +1,4 @@
+from ngilive.api import API
+
+__all__ = ["API"]
+

ngilive-0.1.0/src/ngilive/api.py

@@ -0,0 +1,247 @@
+from datetime import datetime
+import logging
+from typing import Any, ParamSpec
+from uuid import UUID
+
+import httpx
+from pydantic import AwareDatetime, BaseModel
+
+from ngilive.auth import Auth, AuthorizationCode
+from ngilive.config import BASE_URL
+from ngilive.httpx_wrapper import HTTPXWrapper
+from ngilive.log import default_handler
+
+
+class EventResponse(BaseModel):
+    event_id: UUID
+    time_from: AwareDatetime
+    time_to: AwareDatetime | None = None
+    type: str
+    tags: list[str]
+
+
+class CoordinateSystem(BaseModel):
+    authority: str
+    srid: str | None = None
+
+
+class SensorLocation(BaseModel):
+    north: float | None = None
+    east: float | None = None
+    mash: float | None = None
+    coordinateSystem: CoordinateSystem | None = None
+
+
+class SensorMeta(BaseModel):
+    name: str | None = None
+    unit: str | None = None
+    logger: str | None = None
+    type: str
+    pos: SensorLocation
+
+
+class SensorMetaResponse(BaseModel):
+    sensors: list[SensorMeta]
+
+
+class SensorName(BaseModel):
+    name: str
+
+
+class Datapoint(BaseModel):
+    timestamp: AwareDatetime
+    value: float
+
+
+class JsonData(BaseModel):
+    sensor: SensorName
+    data: list[Datapoint]
+
+
+class JsonDataResponse(BaseModel):
+    # {
+    #   "data": [
+    #     {
+    #       "sensor": {
+    #         "name": "string"
+    #       },
+    #       "data": [
+    #         {
+    #           "timestamp": "2025-10-04T15:26:34.172Z",
+    #           "value": 0
+    #         }
+    #       ]
+    #     }
+    #   ]
+    # }
+
+    data: list[JsonData]
+
+
+P = ParamSpec("P")
+
+
+class API:
+    def __init__(
+        self,
+        base_url: str = BASE_URL,
+        loglevel: str = "INFO",
+        auth: Auth | None = None,
+    ) -> None:
+        self._logger = logging.getLogger("ngilive.api")
+        self._logger.setLevel(loglevel)
+        if not self._logger.handlers:
+            self._logger.addHandler(default_handler())
+
+        self._c = httpx.Client()
+        self._base = base_url
+        self._logger.debug(f"Initialized api with base url {base_url}")
+
+        if auth is not None:
+            self._logger.debug(f"Using user specified auth provider {type(auth)}")
+            self._auth = auth
+        else:
+            self._auth = AuthorizationCode(loglevel=loglevel)
+            self._logger.debug(f"Using default Auth provider {type(self._auth)}")
+
+        self._httpx = HTTPXWrapper(loglevel)
+
+    @property
+    def base_url(self):
+        return self._base
+
+    def get_token(self) -> str:
+        return self._auth.get_token()
+
+    def query_sensors(
+        self,
+        project: int,
+        name: str | list[str] | None = None,
+        type: str | list[str] | None = None,
+        unit: str | list[str] | None = None,
+        logger: str | list[str] | None = None,
+    ) -> SensorMetaResponse:
+        """Retrieve sensors within a project.
+
+        This endpoint returns the sensors configured for a given project.
+        The response can be filtered by sensor name, type, unit, or logger.
+        Note that the same sensor may exist in multiple loggers.
+
+        Args:
+            project (int):
+                Project number.
+            name (str | list[str] | None, optional):
+                Filters response by sensor name. Note that the same sensor might exist in multiple loggers.
+            type (str | list[str] | None, optional):
+                Filter by sensor type (e.g., ``"Infiltrasjonstrykk"``).
+            unit (str | list[str] | None, optional):
+                Filter by configured sensor unit (e.g., ``"mm"``, ``"kPa"``).
+            logger (str | list[str] | None, optional):
+                Filters the response by logger name.
+        """
+
+        params = {}
+        if name is not None:
+            params["name"] = name
+
+        if type is not None:
+            params["type"] = type
+
+        if unit is not None:
+            params["unit"] = unit
+
+        if logger is not None:
+            params["logger"] = logger
+
+        res = self._httpx.get(
+            f"{self._base}/projects/{project}/sensors",
+            params=params,
+            headers={"Authorization": f"Bearer {self.get_token()}"},
+        )
+        res.raise_for_status()
+
+        return SensorMetaResponse.model_validate(res.json())
+
+    def query_datapoints(
+        self,
+        project_number: int,
+        start: datetime,
+        end: datetime,
+        offset: int | None = None,
+        limit: int | None = None,
+        name: str | list[str] | None = None,
+        type: str | list[str] | None = None,
+        unit: str | list[str] | None = None,
+        logger: str | list[str] | None = None,
+    ) -> JsonDataResponse:
+        """Retrieve datapoints within a project.
+
+        This endpoint returns datapoints for a given project in the specified
+        time interval. Results can be paginated using ``offset`` and ``limit``,
+        and filtered by sensor attributes such as name, type, unit, or logger.
+
+        Args:
+            project_number (int):
+                Project number.
+            start (datetime):
+                Start time of datapoints time series.
+            end (datetime):
+                End time of datapoints time series.
+            offset (int | None, optional):
+                The amount of points that will be skipped before returning data
+                in the query. Used in conjunction with ``limit`` when paging
+                through the data. Example: ``offset=5000&limit=2000`` will return
+                points 5000–7000.
+            limit (int | None, optional):
+                The amount of points that will be returned in the query. Used in
+                conjunction with ``offset`` when paging through the data. Example:
+                ``offset=5000&limit=2000`` will return points 5000–7000.
+            name (str | list[str] | None, optional):
+                Filters response by sensor name. Note that the same sensor might
+                exist in multiple loggers.
+            type (str | list[str] | None, optional):
+                Filters the response by sensor type, for example ``"Infiltrasjonstrykk"``.
+            unit (str | list[str] | None, optional):
+                Filters the response by configured sensor unit, for example
+                ``"mm"`` or ``"kPa"``.
+            logger (str | list[str] | None, optional):
+                Filters the response by logger name.
+        """
+
+        params: dict[str, Any] = {"start": start.isoformat(), "end": end.isoformat()}
+
+        if offset is not None:
+            params["offset"] = offset
+
+        if limit is not None:
+            params["limit"] = limit
+
+        if name is not None:
+            params["name"] = name
+
+        if type is not None:
+            params["type"] = type
+
+        if unit is not None:
+            params["unit"] = unit
+
+        if logger is not None:
+            params["logger"] = logger
+
+        res = self._httpx.get(
+            f"{self._base}/projects/{project_number}/datapoints/json_array_v0",
+            params=params,
+            headers={"Authorization": f"Bearer {self.get_token()}"},
+        )
+        res.raise_for_status()
+
+        return JsonDataResponse.model_validate(res.json())
+
+    def get_event(self, event_id: UUID) -> EventResponse:
+        res = self._httpx.get(
+            f"{self._base}/event/{event_id}",
+            headers={"Authorization": f"Bearer {self.get_token()}"},
+        )
+        res.raise_for_status()
+
+        return EventResponse.model_validate(res.json())

ngilive-0.1.0/src/ngilive/auth.py

@@ -0,0 +1,386 @@
+import base64
+import hashlib
+import html
+import http.server
+import json
+import logging
+import os
+import platform
+import secrets
+import socketserver
+import sys
+import textwrap
+import threading
+import time
+import urllib.parse
+import webbrowser
+from abc import ABC, abstractmethod
+from datetime import datetime, timezone
+from typing import NotRequired, TypedDict, cast
+from urllib.parse import urlencode
+
+import httpx
+
+from ngilive.config import APP_NAME, AUTHORIZE_URL, CLIENT_ID, TOKENS_URL
+from ngilive.terminal_helpers import Terminal
+
+
+def _b64url(n=32) -> str:
+    return base64.urlsafe_b64encode(secrets.token_bytes(n)).rstrip(b"=").decode()
+
+
+class AuthError(Exception):
+    pass
+
+
+class TokenResponseBody(TypedDict):
+    access_token: str
+    refresh_token: str
+    id_token: str
+    expires_in: int
+    refresh_expires_in: int
+    expires_at: NotRequired[float]
+
+
+def ts(timestamp: float | int):
+    dt_local = datetime.fromtimestamp(timestamp, tz=timezone.utc).astimezone()
+    return dt_local.isoformat()
+
+
+class Auth(ABC):
+    def __init__(self, loglevel: str) -> None:
+        self._logger = logging.getLogger("ngilive.auth")
+        self._logger.setLevel(loglevel)
+        if not self._logger.handlers:
+            handler = logging.StreamHandler(sys.stdout)
+            handler.setFormatter(
+                logging.Formatter(
+                    "[%(asctime)s] %(name)s %(levelname)s: %(message)s",
+                    datefmt="%H:%M:%S",
+                )
+            )
+            self._logger.addHandler(handler)
+
+        system = platform.system()
+
+        self._logger.debug(f"Selecting cache dir for system type '{system}'")
+
+        if system == "Windows":
+            base = os.environ.get("LOCALAPPDATA", os.path.expanduser("~"))
+            self._user_cache_dir = os.path.join(base, APP_NAME, "Cache")
+        elif system == "Darwin":
+            self._user_cache_dir = os.path.expanduser(f"~/Library/Caches/{APP_NAME}")
+        else:  # Linux / BSD / others
+            base = os.environ.get("XDG_CACHE_HOME", os.path.expanduser("~/.cache"))
+            self._user_cache_dir = os.path.join(base, APP_NAME)
+
+        self._logger.debug(f"Selected cache dir '{self._user_cache_dir}'")
+
+    @abstractmethod
+    def get_token(self) -> str: ...
+
+    def _get_cache_file(self) -> str:
+        cache_dir = self._user_cache_dir
+        os.makedirs(cache_dir, exist_ok=True)
+        return os.path.join(cache_dir, "token.json")
+
+    def _cache_tokens(self, tokens: TokenResponseBody):
+        # TODO: Better handling of secrets, should not be stored as plain text
+        # Minimally restrict permissions for created file. Ideally use keyring
+        cache_file_path = self._get_cache_file()
+        self._logger.debug(f"Caching tokens at file path: {cache_file_path}")
+
+        tokens["expires_at"] = time.time() + tokens["expires_in"]
+
+        with open(cache_file_path, "w") as f:
+            json.dump(tokens, f)
+
+        self._logger.debug(
+            f"Successfully cached tokens. Expires at {ts(tokens["expires_at"])}"
+        )
+
+    def _load_cached_token(self) -> str | None:
+        try:
+            cache_file_path = self._get_cache_file()
+            self._logger.debug(
+                f"Attempting to load tokens from cache. File path: {cache_file_path}"
+            )
+            with open(cache_file_path, "r") as f:
+                tokens = json.load(f)
+
+        except FileNotFoundError:
+            self._logger.debug("Tokens not loaded from cache. File not found.")
+            return None
+
+        if tokens.get("expires_at", 0) > time.time():
+            self._logger.debug(
+                f"Tokens loaded from cache. Expires at: {ts(tokens["expires_at"])}"
+            )
+            return tokens["access_token"]
+
+        self._logger.debug("Tokens not loaded from cache. Tokens expired.")
+        return None
+
+
+class TCPServer(socketserver.TCPServer):
+    error: str | None = None
+    auth_code: str | None = None
+
+    # This is needed for the socket server to release the bind on the
+    # port as soon as possible
+    allow_reuse_address = True
+
+
+def code_handler(expected_state: str, logger):
+    class CodeHandler(http.server.BaseHTTPRequestHandler):
+        def do_GET(self):
+            query = urllib.parse.urlparse(self.path).query
+            params = urllib.parse.parse_qs(query)
+            code = params.get("code", [None])[0]
+
+            error: str = ""
+
+            if params.get("state", [None])[0] != expected_state:
+                error += "Invalid state parameter. "
+
+            if not code:
+                error = "Could not obtain code for authorization. "
+
+            if error != "":
+                self.send_response(500)
+                self.send_header("Content-type", "text/html")
+                self.end_headers()
+                self.wfile.write(
+                    textwrap.dedent(f"""
+                        <!DOCTYPE html>
+                        <html lang="en">
+                        <head>
+                            <meta charset="utf-8">
+                            <title>{APP_NAME} Authentication</title>
+                        </head>
+                        <body>
+                            <p>
+                                {error}.
+                                You can close this tab.
+                            </p>
+                        </body>
+                        </html>
+                    """).encode("utf-8")
+                )
+
+                cast(TCPServer, self.server).error = error
+            else:
+                self.send_response(200)
+                self.send_header("Content-type", "text/html")
+                self.end_headers()
+                self.wfile.write(
+                    textwrap.dedent(f"""
+                        <!DOCTYPE html>
+                        <html lang="en">
+                        <head>
+                            <meta charset="utf-8">
+                            <title>{html.escape(APP_NAME)} Authentication</title>
+                        </head>
+                        <body>
+                            <p>
+                                {html.escape(APP_NAME)} authentication successful.
+                                You can close this tab.
+                            </p>
+                        </body>
+                        </html>
+                    """).encode("utf-8")
+                )
+
+                cast(TCPServer, self.server).auth_code = code
+
+        def log_message(self, format, *args):
+            _ = format, args
+            logger.debug(
+                f"CodeHandler: Callback received from {self.client_address[0]} with path {self.path}"
+            )
+
+    return CodeHandler
+
+
+def generate_pkce_pair():
+    # RFC 7636: verifier must be 43–128 chars, unreserved URI characters
+    code_verifier = (
+        base64.urlsafe_b64encode(os.urandom(64)).rstrip(b"=").decode("utf-8")
+    )
+
+    # Compute SHA256 and base64url encode
+    code_challenge = (
+        base64.urlsafe_b64encode(hashlib.sha256(code_verifier.encode("utf-8")).digest())
+        .rstrip(b"=")
+        .decode("utf-8")
+    )
+    return code_verifier, code_challenge
+
+
+class AuthorizationCode(Auth):
+    def __init__(
+        self,
+        client_id: str = CLIENT_ID,
+        authorize_url: str = AUTHORIZE_URL,
+        tokens_url: str = TOKENS_URL,
+        timeout: int = 300,  # Seconds
+        loglevel: str = "INFO",
+    ) -> None:
+        self._client_id = client_id
+        self._tokens_url = tokens_url
+        self._authorize_url = authorize_url
+        self._timeout = timeout
+
+        super().__init__(loglevel)
+
+    def get_token(self) -> str:
+        token: str | None = self._load_cached_token()
+        if token is not None:
+            return token
+
+        token = ""
+
+        state = _b64url(16)
+
+        try:
+            with TCPServer(
+                ("localhost", 0), code_handler(state, self._logger)
+            ) as httpd:
+                # TCP Server with port 0 lets the os allocate a free port
+                # Here we find which port it picked
+                port = httpd.server_address[1]
+
+                code_verifier, code_challenge = generate_pkce_pair()
+
+                redirect_url = f"http://localhost:{port}"
+                params = urlencode(
+                    {
+                        "client_id": self._client_id,
+                        "redirect_uri": redirect_url,
+                        "response_type": "code",
+                        "scope": "email",
+                        "code_challenge": code_challenge,
+                        "code_challenge_method": "S256",
+                        "state": state,
+                    }
+                )
+                authorize_url = f"{self._authorize_url}?{params}"
+
+                threading.Thread(
+                    target=webbrowser.open_new_tab, args=(authorize_url,)
+                ).start()
+
+                self._logger.info(
+                    "Please complete the authentication in your browser: "
+                    f"{Terminal.link(authorize_url, authorize_url)}"
+                )
+                self._logger.debug(f"Waiting for callback on {redirect_url} ...")
+
+                # Stop listening every second to unblock
+                httpd.timeout = 1
+
+                # Listen until timeout
+                start, elapsed = time.time(), 0
+
+                while elapsed <= self._timeout:
+                    httpd.handle_request()
+                    if httpd.error:
+                        raise AuthError(httpd.error)
+
+                    if httpd.auth_code:
+                        self._logger.debug("using code to get tokens...")
+                        token_response = httpx.post(
+                            self._tokens_url,
+                            data={
+                                "grant_type": "authorization_code",
+                                "code": httpd.auth_code,
+                                "redirect_uri": redirect_url,
+                                "client_id": self._client_id,
+                                "code_verifier": code_verifier,
+                            },
+                        )
+
+                        try:
+                            token_response.raise_for_status()
+                        except Exception as e:
+                            try:
+                                self._logger.debug(
+                                    f"json response: {token_response.json()}"
+                                )
+                            except Exception:
+                                pass
+
+                            self._logger.error(e)
+                            raise AuthError("An error occured when fetching token")
+
+                        tokens: TokenResponseBody = token_response.json()
+                        self._logger.debug("tokens successfully obtained")
+
+                        self._cache_tokens(tokens)
+                        token = tokens["access_token"]
+                        return token
+
+                    elapsed = time.time() - start
+                    if int(elapsed) % 5 == 0:  # log every 5s
+                        self._logger.debug(f"Still waiting... {int(elapsed)}s elapsed")
+
+        except AuthError as e:
+            self._logger.error(Terminal.color(str(e), "red"))
+            raise e
+
+        except KeyboardInterrupt:
+            self._logger.info("get_token interrupted by keyboard")
+            raise AuthError("Authentication interrupted by user")
+
+        if not token or token == "":
+            raise AuthError("Failed to get token")
+
+
+class ClientCredentials(Auth):
+    def __init__(
+        self,
+        client_id: str,
+        client_secret: str,
+        tokens_url: str = TOKENS_URL,
+        timeout: int = 10,  # Seconds
+        loglevel: str = "INFO",
+    ) -> None:
+        self._client_id = client_id
+        self._client_secret = client_secret
+        self._tokens_url = tokens_url
+        self._timeout = timeout
+
+        super().__init__(loglevel)
+
+    def get_token(self) -> str:
+        token: str | None = self._load_cached_token()
+        if token is not None:
+            return token
+
+        token_response = httpx.post(
+            self._tokens_url,
+            data={
+                "client_id": self._client_id,
+                "client_secret": self._client_secret,
+                "grant_type": "client_credentials",
+            },
+            timeout=self._timeout,
+        )
+
+        try:
+            token_response.raise_for_status()
+        except Exception as e:
+            try:
+                self._logger.debug(f"json response: {token_response.json()}")
+            except Exception:
+                pass
+
+            self._logger.error(e)
+            raise AuthError("An error occured when fetching token")
+
+        tokens: TokenResponseBody = token_response.json()
+        self._logger.debug("tokens successfully obtained")
+
+        self._cache_tokens(tokens)
+        token = tokens["access_token"]
+        return token

ngilive-0.1.0/src/ngilive/config.py

@@ -0,0 +1,6 @@
+CLIENT_ID = "nl-public"
+AUTHORIZE_URL = "https://keycloak.test.ngiapi.no/auth/realms/tenant-geohub-public/protocol/openid-connect/auth"
+TOKENS_URL = "https://keycloak.test.ngiapi.no/auth/realms/tenant-geohub-public/protocol/openid-connect/token"
+BASE_URL = "https://api.test.ngilive.no"
+
+APP_NAME = "NGILive"

ngilive-0.1.0/src/ngilive/httpx_wrapper.py

@@ -0,0 +1,61 @@
+import functools
+import json
+import logging
+from typing import Callable, ParamSpec
+
+import httpx
+
+from ngilive.log import default_handler
+
+
+P = ParamSpec("P")
+
+
+class HTTPXWrapper:
+    def __init__(self, loglevel) -> None:
+        self.get = self._log_call(httpx.get)
+        self.post = self._log_call(httpx.post)
+
+        self._logger = logging.getLogger("ngilive.httpx")
+        self._logger.setLevel(loglevel)
+        if not self._logger.handlers:
+            self._logger.addHandler(default_handler())
+
+    def _log_call(self, fn: Callable[P, httpx.Response]) -> Callable[P, httpx.Response]:
+        @functools.wraps(fn)
+        def wrapper(*args: P.args, **kwargs: P.kwargs) -> httpx.Response:
+            url = args[0]
+            params = kwargs.get("params", {})
+
+            _params = (
+                " ".join(f"{k}={v}" for k, v in params.items())
+                if isinstance(params, dict)
+                else ""
+            )
+
+            resp: httpx.Response = fn(*args, **kwargs)
+
+            status_code = resp.status_code
+
+            response_body = ""
+            if status_code >= 400:
+                response_body = " "
+                try:
+                    response_body += json.dumps(resp.json(), ensure_ascii=False)
+                except Exception:
+                    try:
+                        response_body += resp.text
+                    except Exception:
+                        response_body = ""
+
+                self._logger.error(
+                    f"{fn.__name__.upper()} {url} {_params} {status_code}{response_body}"
+                )
+            else:
+                self._logger.debug(
+                    f"{fn.__name__.upper()} {url} {_params} {status_code}"
+                )
+
+            return resp
+
+        return wrapper

ngilive-0.1.0/src/ngilive/log.py

@@ -0,0 +1,13 @@
+import logging
+import sys
+
+
+def default_handler():
+    handler = logging.StreamHandler(sys.stdout)
+    handler.setFormatter(
+        logging.Formatter(
+            "[%(asctime)s] %(name)s %(levelname)s: %(message)s",
+            datefmt="%H:%M:%S",
+        )
+    )
+    return handler

ngilive-0.1.0/src/ngilive/terminal_helpers.py

@@ -0,0 +1,21 @@
+class Terminal:
+    @staticmethod
+    def link(text: str, url: str) -> str:
+        ESC = "\033"
+        START_LINK = f"{ESC}]8;;{url}{ESC}\\"
+        END_LINK = f"{ESC}]8;;{ESC}\\"
+        STYLE = f"{ESC}[4;34m"  # underline + blue
+        RESET = f"{ESC}[0m"
+        return f"{START_LINK}{STYLE}{text}{RESET}{END_LINK}"
+
+    @staticmethod
+    def color(text: str, color: str = "red") -> str:
+        colors = {
+            "red": "\033[91m",
+            "green": "\033[92m",
+            "yellow": "\033[93m",
+            "blue": "\033[94m",
+            "cyan": "\033[96m",
+            "bold": "\033[1m",
+        }
+        return f"{colors.get(color, '')}{text}\033[0m"