nlbone 0.9.7__tar.gz → 0.11.1__tar.gz

{nlbone-0.9.7 → nlbone-0.11.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: nlbone
-Version: 0.9.7
+Version: 0.11.1
 Summary: Backbone package for interfaces and infrastructure in Python projects
 Author-email: Amir Hosein Kahkbazzadeh <a.khakbazzadeh@gmail.com>
 License: MIT

{nlbone-0.9.7 → nlbone-0.11.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "nlbone"
-version = "0.9.7"
+version = "0.11.1"
 description = "Backbone package for interfaces and infrastructure in Python projects"
 readme = "README.md"
 requires-python = ">=3.10"

nlbone-0.11.1/src/nlbone/adapters/auth/__init__.py

@@ -0,0 +1,3 @@
+from .async_auth_service import AsyncAuthService, get_async_auth_service
+from .auth_service import AuthService, get_auth_service
+from .keycloak import KeycloakAuthService

nlbone-0.11.1/src/nlbone/adapters/auth/async_auth_service.py

@@ -0,0 +1,110 @@
+from functools import lru_cache
+from typing import Any, Optional, Set
+
+import httpx
+
+from nlbone.config.settings import get_settings
+from nlbone.core.ports.auth import AsyncAuthService as BaseAuthService
+from nlbone.utils.cache import cached
+from nlbone.utils.http import normalize_https_base
+
+
+class AsyncAuthService(BaseAuthService):
+    _client: Optional[httpx.AsyncClient] = None
+
+    def __init__(self):
+        s = get_settings()
+        self.client_id = s.CLIENT_ID or s.KEYCLOAK_CLIENT_ID
+        self.client_secret = s.CLIENT_SECRET.get_secret_value().strip()
+        self._base_url = normalize_https_base(s.AUTH_SERVICE_URL.unicode_string(), enforce_https=False)
+        self._timeout = float(s.HTTP_TIMEOUT_SECONDS)
+
+    @classmethod
+    def get_client(cls) -> httpx.AsyncClient:
+        if cls._client is None or cls._client.is_closed:
+            s = get_settings()
+            cls._client = httpx.AsyncClient(
+                timeout=float(s.HTTP_TIMEOUT_SECONDS),
+                limits=httpx.Limits(
+                    max_keepalive_connections=s.HTTPX_MAX_KEEPALIVE_CONNECTIONS,
+                    max_connections=s.HTTPX_MAX_CONNECTIONS,
+                ),
+            )
+        return cls._client
+
+    @cached(ttl=15 * 60)
+    async def verify_token(self, token: str) -> Optional[dict[str, Any]]:
+        if not token:
+            return None
+
+        url = f"{self._base_url}/introspect"
+        client = self.get_client()
+
+        try:
+            response = await client.post(url, data={"token": token})
+            if response.status_code == 200:
+                data = response.json()
+                if data.get("active") is True:
+                    return data
+        except httpx.RequestError as e:
+            pass
+
+        return None
+
+    async def has_access(self, token: str, permissions: list[str]) -> bool:
+        data = await self.verify_token(token)
+        if not data:
+            return False
+
+        allowed = set(data.get("allowed_permissions", []))
+        required = {f"{self.client_id}#{perm}" for perm in permissions}
+
+        return required.issubset(allowed)
+
+    async def client_has_access(
+        self, token: str, permissions: list[str], allowed_clients: Set[str] | None = None
+    ) -> bool:
+        return await self.has_access(token, permissions)
+
+    async def get_client_id(self, token: str) -> Optional[str]:
+        data = await self.verify_token(token)
+        if data:
+            username = data.get("preferred_username", "")
+            if username.startswith("service-account"):
+                return username
+        return None
+
+    async def is_client_token(self, token: str, allowed_clients: Set[str] | None = None) -> bool:
+        data = await self.verify_token(token)
+        if data:
+            return data.get("preferred_username", "").startswith("service-account")
+        return False
+
+    async def get_client_token(self) -> dict | None:
+        url = f"{self._base_url}/token"
+        client = self.get_client()
+
+        try:
+            result = await client.post(
+                url,
+                data={
+                    "client_id": self.client_id,
+                    "client_secret": self.client_secret,
+                    "grant_type": "client_credentials",
+                },
+            )
+            if result.status_code == 200:
+                return result.json()
+        except httpx.RequestError:
+            pass
+
+        return None
+
+    async def get_permissions(self, token: str) -> list[str]:
+        data = await self.verify_token(token)
+        return data.get("allowed_permissions", []) if data else []
+
+
+@lru_cache(maxsize=1)
+def get_async_auth_service() -> AsyncAuthService:
+    return AsyncAuthService()

nlbone-0.11.1/src/nlbone/adapters/auth/async_token_provider.py

@@ -0,0 +1,49 @@
+import asyncio
+import time
+from typing import Optional
+
+from nlbone.core.ports.auth import AsyncAuthService as BaseAuthService
+
+
+class AsyncClientTokenProvider:
+    """
+    Caches Keycloak client-credentials token and refreshes before expiry.
+    """
+
+    def __init__(self, auth: BaseAuthService, *, skew_seconds: int = 30) -> None:
+        self._auth = auth
+        self._skew = skew_seconds
+        self._lock = asyncio.Lock()
+        self._token: Optional[str] = None  # access_token
+        self._expires_at: float = 0.0  # epoch seconds
+
+    def _needs_refresh(self) -> bool:
+        return not self._token or time.time() >= (self._expires_at - self._skew)
+
+    async def get_access_token(self) -> str:
+        """
+        Return a valid access token; refresh asynchronously if needed.
+        """
+        if not self._needs_refresh() and self._token:
+            return self._token
+
+        async with self._lock:
+            if not self._needs_refresh() and self._token:
+                return self._token
+
+            data = await self._auth.get_client_token()
+
+            if not data or "access_token" not in data:
+                raise RuntimeError("Failed to retrieve access_token")
+
+            access_token = data["access_token"]
+            expires_in = int(data.get("expires_in", 15 * 60))
+
+            self._token = access_token
+            self._expires_at = time.time() + max(1, expires_in)
+
+            return self._token
+
+    async def get_auth_header(self) -> str:
+        token = await self.get_access_token()
+        return f"Bearer {token}"

{nlbone-0.9.7 → nlbone-0.11.1}/src/nlbone/adapters/db/postgres/query_builder.py

@@ -1,7 +1,8 @@
 from typing import Any, Callable, List, Optional, Sequence, Type, Union
 
-from sqlalchemy import and_, asc, case, desc, literal, or_
+from sqlalchemy import Select, and_, asc, case, desc, func, literal, or_, select
 from sqlalchemy.dialects.postgresql import ENUM as PGEnum
+from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import Query, Session, aliased
 from sqlalchemy.orm.attributes import InstrumentedAttribute
 from sqlalchemy.orm.interfaces import LoaderOption
@@ -384,6 +385,19 @@ def _apply_order(pagination: PaginateRequest, entity, query):
     return query
 
 
+def apply_pagination_async(pagination: PaginateRequest, entity, stmt: Select = None, limit: bool = True) -> Select:
+    if stmt is None:
+        stmt = select(entity)
+
+    stmt = _apply_filters(pagination, entity, stmt)
+    stmt = _apply_order(pagination, entity, stmt)
+
+    if limit:
+        stmt = stmt.limit(pagination.limit).offset(pagination.offset)
+
+    return stmt
+
+
 def apply_pagination(pagination: PaginateRequest, entity, session: Session, limit=True, query=None) -> Query:
     if not query:
         query = session.query(entity)
@@ -437,6 +451,43 @@ def _serialize_item(item: Any, output_cls: OutputType) -> Any:
         return item
 
 
+async def get_paginated_response_async(
+    pagination,
+    entity,
+    session: AsyncSession,
+    *,
+    with_count: bool = True,
+    output_cls: Optional[Type] = None,
+    eager_options: Optional[Sequence[LoaderOption]] = None,
+    query: Optional[Select] = None,
+) -> dict:
+    stmt = query if query is not None else select(entity)
+
+    if eager_options:
+        stmt = stmt.options(*eager_options)
+
+    filtered_stmt = apply_pagination_async(pagination, entity, stmt=stmt, limit=False)
+
+    total_count = None
+    if with_count:
+        subquery = filtered_stmt.subquery()
+        count_stmt = select(func.count()).select_from(subquery)
+        total_count = await session.scalar(count_stmt)
+
+    final_stmt = filtered_stmt.limit(pagination.limit).offset(pagination.offset)
+    result = await session.execute(final_stmt)
+    rows = result.scalars().all()
+
+    if output_cls is not None:
+        data = [output_cls.model_validate(r, from_attributes=True).model_dump() for r in rows]
+    else:
+        data = rows
+
+    return PaginateResponse(
+        total_count=total_count, data=data, limit=pagination.limit, offset=pagination.offset
+    ).to_dict()
+
+
 def get_paginated_response(
     pagination,
     entity,

nlbone-0.11.1/src/nlbone/adapters/http_clients/pricing/async_pricing_service.py

@@ -0,0 +1,66 @@
+from decimal import Decimal
+from typing import Dict, Literal, Optional
+
+import httpx
+
+from nlbone.adapters.auth.async_token_provider import AsyncClientTokenProvider
+from nlbone.adapters.http_clients import CalculatePriceIn, CalculatePriceOut
+from nlbone.adapters.http_clients.pricing.pricing_service import PricingError
+from nlbone.config.settings import get_settings
+from nlbone.utils.http import normalize_https_base
+
+
+class AsyncPricingService:
+    def __init__(
+        self,
+        token_provider: AsyncClientTokenProvider,
+        base_url: Optional[str] = None,
+        timeout_seconds: Optional[float] = None,
+        client: Optional[httpx.AsyncClient] = None,
+    ) -> None:
+        s = get_settings()
+        self._token_provider = token_provider
+        self._base_url = normalize_https_base(base_url or str(s.PRICING_SERVICE_URL), enforce_https=False)
+        self._timeout = httpx.Timeout(timeout_seconds or float(s.HTTP_TIMEOUT_SECONDS), connect=5.0)
+        self._client = client or httpx.AsyncClient(
+            timeout=self._timeout,
+            verify=True if s.ENV == "prod" else False,
+            limits=httpx.Limits(
+                max_keepalive_connections=s.HTTPX_MAX_KEEPALIVE_CONNECTIONS, max_connections=s.HTTPX_MAX_CONNECTIONS
+            ),
+        )
+
+    async def calculate(
+        self, items: list[CalculatePriceIn], response: Literal["list", "dict"] = "dict"
+    ) -> CalculatePriceOut:
+        payload = {"items": [i.model_dump(mode="json") for i in items]}
+
+        response_obj = await self._client.post(
+            f"{self._base_url}/price/calculate",
+            params={"response": response},
+            headers={"X-Api-Key": get_settings().PRICING_API_SECRET, "X-Client-Id": get_settings().KEYCLOAK_CLIENT_ID},
+            # headers=auth_headers(await self._token_provider.get_access_token()),
+            json=payload,
+        )
+
+        if response_obj.status_code not in (200, 204):
+            raise PricingError(response_obj.status_code, response_obj.text)
+
+        if response_obj.status_code == 204 or not response_obj.content:
+            return CalculatePriceOut.model_validate(root=[])
+
+        return CalculatePriceOut.model_validate(response_obj.json())
+
+    async def exchange_rates(self) -> Dict[str, Decimal]:
+        response_obj = await self._client.get(
+            f"{self._base_url}/variables/key/exchange_rates",
+            headers={"X-Api-Key": get_settings().PRICING_API_SECRET, "X-Client-Id": get_settings().KEYCLOAK_CLIENT_ID},
+            # headers=auth_headers(await self._token_provider.get_access_token()),
+        )
+
+        if response_obj.status_code != 200:
+            raise PricingError(response_obj.status_code, response_obj.text)
+
+        values = response_obj.json().get("values", [])
+
+        return {str(v["key"]): Decimal(str(v["value"])) for v in values}

{nlbone-0.9.7 → nlbone-0.11.1}/src/nlbone/adapters/http_clients/pricing/pricing_service.py

@@ -76,11 +76,11 @@ class DecimalEncoder(json.JSONEncoder):
 
 class PricingService:
     def __init__(
-            self,
-            token_provider: ClientTokenProvider,
-            base_url: Optional[str] = None,
-            timeout_seconds: Optional[float] = None,
-            client: httpx.Client | None = None,
+        self,
+        token_provider: ClientTokenProvider,
+        base_url: Optional[str] = None,
+        timeout_seconds: Optional[float] = None,
+        client: httpx.Client | None = None,
     ) -> None:
         s = get_settings()
         self._base_url = normalize_https_base(base_url or str(s.PRICING_SERVICE_URL), enforce_https=False)
@@ -89,10 +89,7 @@ class PricingService:
         self._token_provider = token_provider
 
     def calculate(self, items: list[CalculatePriceIn], response: Literal["list", "dict"] = "dict") -> CalculatePriceOut:
-        body = json.dumps(
-            {"items": [i.model_dump() for i in items]},
-            cls=DecimalEncoder
-        )
+        body = json.dumps({"items": [i.model_dump() for i in items]}, cls=DecimalEncoder)
         body = json.loads(body)
 
         r = self._client.post(

{nlbone-0.9.7 → nlbone-0.11.1}/src/nlbone/adapters/http_clients/uploadchi/uploadchi.py

@@ -56,7 +56,7 @@ class UploadchiClient(FileServicePort):
         tok = _resolve_token(token)
         files = {"file": (filename, file_bytes)}
         data = (params or {}).copy()
-        r = self._client.post(self._base_url, files=files, data=data, headers=auth_headers(tok))
+        r = self._client.post(f"{self._base_url}/files", files=files, data=data, headers=auth_headers(tok))
         if r.status_code >= 400:
             raise UploadchiError(r.status_code, r.text)
         return r.json()
@@ -66,7 +66,7 @@ class UploadchiClient(FileServicePort):
             raise UploadchiError(detail="token_provider is not provided", status=400)
         tok = _resolve_token(token)
         r = self._client.post(
-            f"{self._base_url}/{file_id}/commit",
+            f"{self._base_url}/files/{file_id}/commit",
             headers=auth_headers(tok or self._token_provider.get_access_token()),
         )
         if r.status_code not in (204, 200):
@@ -77,7 +77,7 @@ class UploadchiClient(FileServicePort):
             raise UploadchiError(detail="token_provider is not provided", status=400)
         tok = _resolve_token(token)
         r = self._client.post(
-            f"{self._base_url}/{file_id}/rollback",
+            f"{self._base_url}/files/{file_id}/rollback",
             headers=auth_headers(tok or self._token_provider.get_access_token()),
         )
         if r.status_code not in (204, 200):
@@ -93,21 +93,21 @@ class UploadchiClient(FileServicePort):
     ) -> dict:
         tok = _resolve_token(token)
         q = build_list_query(limit, offset, filters, sort)
-        r = self._client.get(self._base_url, params=q, headers=auth_headers(tok))
+        r = self._client.get(f"{self._base_url}/files", params=q, headers=auth_headers(tok))
         if r.status_code >= 400:
             raise UploadchiError(r.status_code, r.text)
         return r.json()
 
     def get_file(self, file_id: str, token: str | None = None) -> dict:
         tok = _resolve_token(token)
-        r = self._client.get(f"{self._base_url}/{file_id}", headers=auth_headers(tok))
+        r = self._client.get(f"{self._base_url}/files/{file_id}", headers=auth_headers(tok))
         if r.status_code >= 400:
             raise UploadchiError(r.status_code, r.text)
         return r.json()
 
     def download_file(self, file_id: str, token: str | None = None) -> tuple[bytes, str, str]:
         tok = _resolve_token(token)
-        r = self._client.get(f"{self._base_url}/{file_id}/download", headers=auth_headers(tok))
+        r = self._client.get(f"{self._base_url}/files/{file_id}/download", headers=auth_headers(tok))
         if r.status_code >= 400:
             raise UploadchiError(r.status_code, r.text)
         filename = _filename_from_cd(r.headers.get("content-disposition"), fallback=f"file-{file_id}")
@@ -117,7 +117,7 @@ class UploadchiClient(FileServicePort):
     def delete_file(self, file_id: str, token: str | None = None) -> None:
         tok = _resolve_token(token)
         r = self._client.delete(
-            f"{self._base_url}/{file_id}", headers=auth_headers(tok or self._token_provider.get_access_token())
+            f"{self._base_url}/files/{file_id}", headers=auth_headers(tok or self._token_provider.get_access_token())
         )
         if r.status_code not in (204, 200):
             raise UploadchiError(r.status_code, r.text)

{nlbone-0.9.7 → nlbone-0.11.1}/src/nlbone/adapters/http_clients/uploadchi/uploadchi_async.py

@@ -4,7 +4,7 @@ from typing import Any, AsyncIterator, Optional
 
 import httpx
 
-from nlbone.adapters.auth.token_provider import ClientTokenProvider
+from nlbone.adapters.auth.async_token_provider import AsyncClientTokenProvider
 from nlbone.adapters.http_clients.uploadchi.uploadchi import UploadchiError, _filename_from_cd, _resolve_token
 from nlbone.config.settings import get_settings
 from nlbone.core.ports.files import AsyncFileServicePort
@@ -14,16 +14,21 @@ from nlbone.utils.http import auth_headers, build_list_query
 class UploadchiAsyncClient(AsyncFileServicePort):
     def __init__(
         self,
-        token_provider: ClientTokenProvider | None = None,
+        token_provider: Optional[AsyncClientTokenProvider] = None,
         base_url: Optional[str] = None,
         timeout_seconds: Optional[float] = None,
-        client: httpx.AsyncClient | None = None,
+        client: Optional[httpx.AsyncClient] = None,
     ) -> None:
         s = get_settings()
         self._base_url = base_url or str(s.UPLOADCHI_BASE_URL)
         self._timeout = timeout_seconds or float(s.HTTP_TIMEOUT_SECONDS)
         self._client = client or httpx.AsyncClient(
-            base_url=self._base_url, timeout=self._timeout, follow_redirects=True
+            base_url=self._base_url,
+            timeout=self._timeout,
+            limits=httpx.Limits(
+                max_keepalive_connections=s.HTTPX_MAX_KEEPALIVE_CONNECTIONS, max_connections=s.HTTPX_MAX_CONNECTIONS
+            ),
+            follow_redirects=True,
         )
         self._token_provider = token_provider
 
@@ -36,7 +41,9 @@ class UploadchiAsyncClient(AsyncFileServicePort):
         tok = _resolve_token(token)
         files = {"file": (filename, file_bytes)}
         data = (params or {}).copy()
-        r = await self._client.post("", files=files, data=data, headers=auth_headers(tok))
+        r = await self._client.post(
+            "/files", files=files, data=data, headers=auth_headers(tok or await self._token_provider.get_access_token())
+        )
         if r.status_code >= 400:
             raise UploadchiError(r.status_code, await r.aread())
         return r.json()
@@ -46,7 +53,7 @@ class UploadchiAsyncClient(AsyncFileServicePort):
             raise UploadchiError(detail="token_provider is not provided", status=400)
         tok = _resolve_token(token)
         r = await self._client.post(
-            f"/{file_id}/commit", headers=auth_headers(tok or self._token_provider.get_access_token())
+            f"/files/{file_id}/commit", headers=auth_headers(tok or await self._token_provider.get_access_token())
         )
         if r.status_code not in (204, 200):
             raise UploadchiError(r.status_code, await r.aread())
@@ -56,7 +63,7 @@ class UploadchiAsyncClient(AsyncFileServicePort):
             raise UploadchiError(detail="token_provider is not provided", status=400)
         tok = _resolve_token(token)
         r = await self._client.post(
-            f"/{file_id}/rollback", headers=auth_headers(tok or self._token_provider.get_access_token())
+            f"/files/{file_id}/rollback", headers=auth_headers(tok or await self._token_provider.get_access_token())
         )
         if r.status_code not in (204, 200):
             raise UploadchiError(r.status_code, await r.aread())
@@ -71,21 +78,29 @@ class UploadchiAsyncClient(AsyncFileServicePort):
     ) -> dict:
         tok = _resolve_token(token)
         q = build_list_query(limit, offset, filters, sort)
-        r = await self._client.get("", params=q, headers=auth_headers(tok))
+        r = await self._client.get(
+            "/files", params=q, headers=auth_headers(tok or await self._token_provider.get_access_token())
+        )
         if r.status_code >= 400:
             raise UploadchiError(r.status_code, await r.aread())
         return r.json()
 
     async def get_file(self, file_id: str, token: str | None = None) -> dict:
         tok = _resolve_token(token)
-        r = await self._client.get(f"/{file_id}", headers=auth_headers(tok))
+        r = await self._client.get(
+            f"/files/{file_id}", headers=auth_headers(tok or await self._token_provider.get_access_token())
+        )
         if r.status_code >= 400:
             raise UploadchiError(r.status_code, await r.aread())
         return r.json()
 
     async def download_file(self, file_id: str, token: str | None = None) -> tuple[AsyncIterator[bytes], str, str]:
         tok = _resolve_token(token)
-        r = await self._client.get(f"/{file_id}/download", headers=auth_headers(tok), stream=True)
+        r = await self._client.get(
+            f"/files/{file_id}/download",
+            headers=auth_headers(tok or await self._token_provider.get_access_token()),
+            stream=True,
+        )
         if r.status_code >= 400:
             body = await r.aread()
             raise UploadchiError(r.status_code, body.decode(errors="ignore"))
@@ -103,7 +118,9 @@ class UploadchiAsyncClient(AsyncFileServicePort):
 
     async def delete_file(self, file_id: str, token: str | None = None) -> None:
         tok = _resolve_token(token)
-        r = await self._client.delete(f"/{file_id}", headers=auth_headers(tok))
+        r = await self._client.delete(
+            f"/files/{file_id}", headers=auth_headers(tok or await self._token_provider.get_access_token())
+        )
         if r.status_code not in (204, 200):
             body = await r.aread()
             raise UploadchiError(r.status_code, body.decode(errors="ignore"))

{nlbone-0.9.7 → nlbone-0.11.1}/src/nlbone/config/settings.py

@@ -52,6 +52,8 @@ class Settings(BaseSettings):
     # HTTP / Timeouts
     # ---------------------------
     HTTP_TIMEOUT_SECONDS: float = Field(default=10.0)
+    HTTPX_MAX_KEEPALIVE_CONNECTIONS: int = Field(default=10)
+    HTTPX_MAX_CONNECTIONS: int = Field(default=30)
 
     # ---------------------------
     # Keycloak / Auth
@@ -104,7 +106,7 @@ class Settings(BaseSettings):
     # ---------------------------
     # UPLOADCHI
     # ---------------------------
-    UPLOADCHI_BASE_URL: AnyHttpUrl = Field(default="https://uploadchi.numberland.ir/v1/files")
+    UPLOADCHI_BASE_URL: AnyHttpUrl = Field(default="https://uploadchi.numberland.ir/v1")
     UPLOADCHI_TOKEN: SecretStr = Field(default="")
 
     # ---------------------------

{nlbone-0.9.7 → nlbone-0.11.1}/src/nlbone/container.py

@@ -5,6 +5,8 @@ from typing import Dict, Optional
 from dependency_injector import containers, providers
 from pydantic_settings import BaseSettings
 
+from nlbone.adapters.auth.async_auth_service import AsyncAuthService as AsyncAuthService_IMP
+from nlbone.adapters.auth.async_token_provider import AsyncClientTokenProvider
 from nlbone.adapters.auth.auth_service import AuthService as AuthService_IMP
 from nlbone.adapters.auth.token_provider import ClientTokenProvider
 from nlbone.adapters.cache.async_redis import AsyncRedisCache
@@ -12,9 +14,10 @@ from nlbone.adapters.cache.memory import InMemoryCache
 from nlbone.adapters.cache.redis import RedisCache
 from nlbone.adapters.db.postgres.engine import get_async_session_factory, get_sync_session_factory
 from nlbone.adapters.http_clients import PricingService
+from nlbone.adapters.http_clients.pricing.async_pricing_service import AsyncPricingService
 from nlbone.adapters.http_clients.uploadchi import UploadchiClient
 from nlbone.adapters.http_clients.uploadchi.uploadchi_async import UploadchiAsyncClient
-from nlbone.core.ports.auth import AuthService
+from nlbone.core.ports.auth import AsyncAuthService, AuthService
 from nlbone.core.ports.cache import AsyncCachePort, CachePort
 from nlbone.core.ports.files import AsyncFileServicePort, FileServicePort
 
@@ -31,15 +34,21 @@ class Container(containers.DeclarativeContainer):
     # --- Services ---
     auth: providers.Singleton[AuthService] = providers.Singleton(AuthService_IMP)
     token_provider = providers.Singleton(ClientTokenProvider, auth=auth, skew_seconds=30)
+    async_auth: providers.Singleton[AsyncAuthService] = providers.Singleton(AsyncAuthService_IMP)
+    async_token_provider = providers.Singleton(AsyncClientTokenProvider, auth=async_auth, skew_seconds=30)
+
     file_service: providers.Singleton[FileServicePort] = providers.Singleton(
         UploadchiClient, token_provider=token_provider
     )
     afiles_service: providers.Singleton[AsyncFileServicePort] = providers.Singleton(
-        UploadchiAsyncClient, token_provider=token_provider
+        UploadchiAsyncClient, token_provider=async_token_provider
     )
     pricing_service: providers.Singleton[PricingService] = providers.Singleton(
         PricingService, token_provider=token_provider
     )
+    async_pricing_service: providers.Singleton[AsyncPricingService] = providers.Singleton(
+        AsyncPricingService, token_provider=async_token_provider
+    )
 
     cache: providers.Singleton[CachePort] = providers.Selector(
         config.CACHE_BACKEND,

nlbone-0.11.1/src/nlbone/core/ports/auth.py

@@ -0,0 +1,23 @@
+from typing import Protocol, runtime_checkable
+
+
+@runtime_checkable
+class AuthService(Protocol):
+    def has_access(self, token: str, permissions: list[str]) -> bool: ...
+    def verify_token(self, token: str) -> dict | None: ...
+    def get_client_token(self) -> dict | None: ...
+    def is_client_token(self, token: str, allowed_clients: set[str] | None = None) -> bool: ...
+    def client_has_access(self, token: str, perms: list[str], allowed_clients: set[str] | None = None) -> bool: ...
+    def get_permissions(self, token: str) -> list[str]: ...
+
+
+@runtime_checkable
+class AsyncAuthService(Protocol):
+    async def has_access(self, token: str, permissions: list[str]) -> bool: ...
+    async def verify_token(self, token: str) -> dict | None: ...
+    async def get_client_token(self) -> dict | None: ...
+    async def is_client_token(self, token: str, allowed_clients: set[str] | None = None) -> bool: ...
+    async def client_has_access(
+        self, token: str, perms: list[str], allowed_clients: set[str] | None = None
+    ) -> bool: ...
+    async def get_permissions(self, token: str) -> list[str]: ...

{nlbone-0.9.7 → nlbone-0.11.1}/src/nlbone/interfaces/api/additional_filed/assembler.py

@@ -2,11 +2,61 @@ import inspect
 from typing import Any, Dict
 
 from pydantic import BaseModel
+from sqlalchemy.ext.asyncio import AsyncSession
 
 from nlbone.container import Container
 from nlbone.interfaces.api.additional_filed.field_registry import FieldRule, ResourceRegistry
 
 
+async def assemble_response_async(
+    obj: Any,
+    reg: ResourceRegistry,
+    selected_rules: Dict[str, FieldRule],
+    session: AsyncSession,
+    base_schema: type[BaseModel] | None,
+    scope_map: dict[str, set[str]] = None,
+    **kwargs,
+) -> Dict[str, Any]:
+    """
+    Async version of assemble_response.
+    Awaits loaders if they are coroutines.
+    """
+    base = {f: getattr(obj, f, None) for f in reg.default_fields - set(reg.rules.keys())}
+    if base_schema:
+        base = base_schema.model_validate(base).model_dump()
+
+    ctx = {
+        "file_service": Container.afiles_service(),
+        "entity": obj,
+        "db": session,
+        "pricing_service": Container.async_pricing_service(),
+        **kwargs,
+    }
+
+    roots = {name.split(".", 1)[0] for name in selected_rules.keys()}
+
+    for root in roots:
+        rule = reg.rules.get(root)
+        if not rule:
+            continue
+
+        if rule.loader:
+            dependencies = ctx | {"scope": scope_map.get(root, {""})} if scope_map else ctx
+
+            result = inject_dependencies(rule.loader, dependencies=dependencies)
+
+            if inspect.iscoroutine(result):
+                value = await result
+            else:
+                value = result
+        else:
+            value = _get_nested_attr(obj, root)
+
+        _put_nested_key(base, root, value)
+
+    return base
+
+
 def assemble_response(
     obj: Any,
     reg: ResourceRegistry,