nora-sdk 0.4.0__tar.gz

nora_sdk-0.4.0/LICENSE

@@ -0,0 +1,5 @@
+Copyright (c) Valisoft. All rights reserved.
+
+This software (the "NORA SDK") is provided to NORA customers to build and run
+automations ("robots") on the NORA platform. Redistribution or modification
+outside that purpose is not permitted without written permission from Valisoft.

nora_sdk-0.4.0/PKG-INFO

@@ -0,0 +1,53 @@
+Metadata-Version: 2.4
+Name: nora-sdk
+Version: 0.4.0
+Summary: Client SDK + dev CLI to build and debug robots on NORA (Robots Center).
+Author: Valisoft
+License: Proprietary
+Project-URL: Homepage, https://nora.valisoftconsulting.com
+Keywords: nora,rpa,automation,sdk,robots
+Classifier: Programming Language :: Python :: 3
+Classifier: Operating System :: Microsoft :: Windows
+Classifier: Operating System :: MacOS
+Classifier: License :: Other/Proprietary License
+Classifier: Intended Audience :: Developers
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: httpx<1.0,>=0.27
+Dynamic: license-file
+
+# nora-sdk
+
+Client SDK + `nora` developer CLI to build and debug **robots** on NORA
+(Robots Center). Install it to develop locally; in production the NORA agent
+provides the same SDK automatically, so your robot code is identical.
+
+```bash
+pip install nora-sdk
+```
+
+## Uso en el robot
+```python
+from nora_agent import sdk
+
+item = sdk.get_queue_item("RPA-Challenge")   # consume una cola
+cred = sdk.get_asset("API_KEY")              # lee un asset (secreto)
+sdk.log("info", "hola")                      # log al dashboard
+sdk.update_progress(50, "a mitad")
+```
+
+## Desarrollo local con breakpoints
+```bash
+nora login
+nora dev env --write .env     # NORA_API_URL + token de dev (dev/staging, no prod)
+# apunta tu IDE a .env y debuggea, o:
+nora dev run main.py
+```
+
+## Seguridad
+- El token solo viaja por **HTTPS** (rechaza http salvo localhost).
+- Los nombres en la URL van **percent-encoded** (sin inyección de path/query).
+- Sin `shell`, sin `eval`/`exec`. Dependencia única: `httpx`.
+- El token de dev está limitado a `dev`/`staging`: nunca lee secretos de producción.
+- La sesión se guarda en `~/.nora/credentials.json` con permisos solo-dueño.

nora_sdk-0.4.0/README.md

@@ -0,0 +1,34 @@
+# nora-sdk
+
+Client SDK + `nora` developer CLI to build and debug **robots** on NORA
+(Robots Center). Install it to develop locally; in production the NORA agent
+provides the same SDK automatically, so your robot code is identical.
+
+```bash
+pip install nora-sdk
+```
+
+## Uso en el robot
+```python
+from nora_agent import sdk
+
+item = sdk.get_queue_item("RPA-Challenge")   # consume una cola
+cred = sdk.get_asset("API_KEY")              # lee un asset (secreto)
+sdk.log("info", "hola")                      # log al dashboard
+sdk.update_progress(50, "a mitad")
+```
+
+## Desarrollo local con breakpoints
+```bash
+nora login
+nora dev env --write .env     # NORA_API_URL + token de dev (dev/staging, no prod)
+# apunta tu IDE a .env y debuggea, o:
+nora dev run main.py
+```
+
+## Seguridad
+- El token solo viaja por **HTTPS** (rechaza http salvo localhost).
+- Los nombres en la URL van **percent-encoded** (sin inyección de path/query).
+- Sin `shell`, sin `eval`/`exec`. Dependencia única: `httpx`.
+- El token de dev está limitado a `dev`/`staging`: nunca lee secretos de producción.
+- La sesión se guarda en `~/.nora/credentials.json` con permisos solo-dueño.

nora_sdk-0.4.0/nora_agent/__init__.py

@@ -0,0 +1,3 @@
+"""NORA Agent — lightweight RPA bot runner."""
+
+__version__ = "0.4.0"

nora_sdk-0.4.0/nora_agent/dev_cli.py

@@ -0,0 +1,276 @@
+"""``nora`` developer CLI — run robots locally without embedding credentials.
+
+Commands:
+  nora login                 Authenticate and store a session (refresh token).
+  nora dev run <entry.py>    Mint a short-lived dev token and run the robot with
+                             it injected, so the code is identical to production
+                             and never contains a credential.
+  nora dev env               Print/write env vars to run+debug from an IDE.
+  nora logout                Forget the stored session.
+
+The dev token is restricted to non-production environments: a developer can
+never read production secrets from their machine.
+
+No third-party deps beyond httpx (kept minimal on purpose). No shell, no eval.
+"""
+
+from __future__ import annotations
+
+import argparse
+import getpass
+import json
+import os
+import subprocess
+import sys
+from pathlib import Path
+from urllib.parse import urlparse
+
+import httpx
+
+DEFAULT_API_URL = os.environ.get("NORA_API_URL", "https://nora-api.valisoftconsulting.com/api/v1")
+_CONFIG_DIR = Path.home() / ".nora"
+_CONFIG_FILE = _CONFIG_DIR / "credentials.json"
+_LOCAL_HOSTS = {"localhost", "127.0.0.1", "::1"}
+
+
+def _echo(msg: str) -> None:
+    print(msg)
+
+
+def _err(msg: str) -> None:
+    print(msg, file=sys.stderr)
+
+
+def _require_https(api_url: str) -> None:
+    """Refuse to send credentials/tokens to a non-https endpoint (except localhost)."""
+    parsed = urlparse(api_url)
+    host = (parsed.hostname or "").lower()
+    if parsed.scheme != "https" and host not in _LOCAL_HOSTS:
+        raise SystemExit(
+            f"Refusing to use a non-https API URL ({api_url}). "
+            "Credentials must travel over TLS."
+        )
+
+
+def _save_session(api_url: str, refresh_token: str) -> None:
+    _CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+    # Write with owner-only perms from the start (avoid a brief world-readable window).
+    fd = os.open(str(_CONFIG_FILE), os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
+    with os.fdopen(fd, "w") as f:
+        json.dump({"api_url": api_url, "refresh_token": refresh_token}, f)
+    try:
+        os.chmod(_CONFIG_FILE, 0o600)
+    except OSError:
+        pass
+
+
+def _load_session() -> dict | None:
+    if not _CONFIG_FILE.exists():
+        return None
+    try:
+        return json.loads(_CONFIG_FILE.read_text())
+    except (OSError, ValueError):
+        return None
+
+
+def _access_token_from_refresh(api_url: str, refresh_token: str) -> str:
+    """Exchange the stored refresh token for a fresh access token."""
+    _require_https(api_url)
+    resp = httpx.post(
+        f"{api_url}/auth/refresh", json={"refresh_token": refresh_token}, timeout=30
+    )
+    resp.raise_for_status()
+    return resp.json()["data"]["access_token"]
+
+
+def cmd_login(args: argparse.Namespace) -> int:
+    api_url = args.api_url or DEFAULT_API_URL
+    _require_https(api_url)
+    email = args.email or input("Email: ")
+    password = getpass.getpass("Password: ")
+
+    with httpx.Client(timeout=30) as client:
+        resp = client.post(f"{api_url}/auth/login", json={"email": email, "password": password})
+        if resp.status_code != 200:
+            _err(f"Login failed: {resp.text}")
+            return 1
+        data = resp.json()["data"]
+
+        # MFA-pending: the API returns {"requires_mfa": true, "mfa_token": ...}.
+        if isinstance(data, dict) and data.get("requires_mfa"):
+            code = input("MFA code: ").strip()
+            resp = client.post(
+                f"{api_url}/auth/mfa/login",
+                json={"mfa_token": data["mfa_token"], "code": code},
+            )
+            if resp.status_code != 200:
+                _err(f"MFA failed: {resp.text}")
+                return 1
+            data = resp.json()["data"]
+
+        if isinstance(data, dict) and data.get("org_token"):
+            _err(
+                "Your account belongs to multiple organizations. "
+                "Select one in the web app, then log in here from that org."
+            )
+            return 1
+
+        # The refresh token is delivered as an HttpOnly cookie.
+        refresh = client.cookies.get("nora_refresh_token") or (
+            data.get("refresh_token") if isinstance(data, dict) else None
+        )
+        if not refresh:
+            _err("Could not obtain a session token.")
+            return 1
+
+    _save_session(api_url, refresh)
+    _echo(f"Logged in. Session saved to {_CONFIG_FILE}")
+    return 0
+
+
+def cmd_logout(_args: argparse.Namespace) -> int:
+    if _CONFIG_FILE.exists():
+        _CONFIG_FILE.unlink()
+    _echo("Logged out.")
+    return 0
+
+
+def _mint_dev_token(args: argparse.Namespace) -> tuple[str, str] | None:
+    """Return (api_url, dev_token) for the current session, or None on error."""
+    session = _load_session()
+    if not session:
+        _err("Not logged in. Run 'nora login' first.")
+        return None
+    api_url = session["api_url"]
+    _require_https(api_url)
+    try:
+        access_token = _access_token_from_refresh(api_url, session["refresh_token"])
+    except httpx.HTTPError as e:
+        _err(f"Session expired ({e}). Run 'nora login' again.")
+        return None
+
+    body: dict = {"environment": args.environment, "ttl_seconds": args.ttl}
+    if getattr(args, "assets", None):
+        body["assets"] = [a.strip() for a in args.assets.split(",") if a.strip()]
+
+    resp = httpx.post(
+        f"{api_url}/dev/token",
+        json=body,
+        headers={"Authorization": f"Bearer {access_token}"},
+        timeout=30,
+    )
+    if resp.status_code != 200:
+        _err(f"Could not mint dev token: {resp.text}")
+        return None
+    return api_url, resp.json()["data"]["token"]
+
+
+def cmd_dev_run(args: argparse.Namespace) -> int:
+    entry = Path(args.entry)
+    if not entry.exists():
+        _err(f"Entry file not found: {entry}")
+        return 1
+    minted = _mint_dev_token(args)
+    if not minted:
+        return 1
+    api_url, dev_token = minted
+
+    # Run the robot with the dev token injected exactly like the agent does in
+    # production. The robot's code is identical and holds no credential.
+    # No shell — args are passed as a list, so nothing in `entry`/`script_args`
+    # can be interpreted by a shell.
+    env = dict(os.environ)
+    env["NORA_API_URL"] = api_url
+    env["NORA_EXEC_TOKEN"] = dev_token
+    env["NORA_MACHINE_TOKEN"] = dev_token  # SDK backward-compat
+    env.pop("NORA_ASSETS", None)
+
+    _echo(f"Running {entry} against {args.environment} (dev token, {args.ttl}s)")
+    proc = subprocess.run([sys.executable, str(entry), *args.script_args], env=env)
+    return proc.returncode
+
+
+def cmd_dev_env(args: argparse.Namespace) -> int:
+    """Print (or write) the env vars to run/debug a robot from an IDE.
+
+    Put these in your IDE's run/debug configuration (VS Code envFile, PyCharm
+    env vars, …) and set breakpoints — the SDK will pull live data from the
+    Robots Center using a short-lived dev token (dev/staging only).
+    """
+    minted = _mint_dev_token(args)
+    if not minted:
+        return 1
+    api_url, dev_token = minted
+
+    pairs = [
+        ("NORA_API_URL", api_url),
+        ("NORA_EXEC_TOKEN", dev_token),
+        ("NORA_MACHINE_TOKEN", dev_token),  # SDK backward-compat
+    ]
+    if args.format == "powershell":
+        lines = [f'$env:{k} = "{v}"' for k, v in pairs]
+    elif args.format == "bash":
+        lines = [f'export {k}="{v}"' for k, v in pairs]
+    else:  # dotenv
+        lines = [f"{k}={v}" for k, v in pairs]
+    body = "\n".join(lines) + "\n"
+
+    if args.write:
+        out = Path(args.write)
+        fd = os.open(str(out), os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
+        with os.fdopen(fd, "w") as f:
+            f.write(body)
+        _echo(
+            f"Wrote {out} (env={args.environment}, ttl={args.ttl}s). "
+            "Point your IDE's run config at it and set breakpoints."
+        )
+        _echo("Add this file to .gitignore — it holds a token.")
+    else:
+        # Plain stdout (no markup) so it can be piped/eval'd.
+        print(body, end="")
+    return 0
+
+
+def build_parser() -> argparse.ArgumentParser:
+    parser = argparse.ArgumentParser(prog="nora", description="NORA developer CLI")
+    sub = parser.add_subparsers(dest="command", required=True)
+
+    p_login = sub.add_parser("login", help="Authenticate and store a session")
+    p_login.add_argument("--email")
+    p_login.add_argument("--api-url", dest="api_url")
+    p_login.set_defaults(func=cmd_login)
+
+    sub.add_parser("logout", help="Forget the stored session").set_defaults(func=cmd_logout)
+
+    p_dev = sub.add_parser("dev", help="Local development commands")
+    dev_sub = p_dev.add_subparsers(dest="dev_command", required=True)
+    p_run = dev_sub.add_parser("run", help="Run a robot locally with a dev token")
+    p_run.add_argument("entry", help="Path to the robot entry file (e.g. main.py)")
+    p_run.add_argument("--environment", "-e", default="dev", choices=["dev", "staging"])
+    p_run.add_argument("--assets", help="Comma-separated asset names to scope the token to")
+    p_run.add_argument("--ttl", type=int, default=1800, help="Token lifetime in seconds")
+    p_run.add_argument("script_args", nargs="*", help="Arguments passed to the robot")
+    p_run.set_defaults(func=cmd_dev_run)
+
+    p_env = dev_sub.add_parser(
+        "env", help="Print/write env vars to run+debug a robot from your IDE (breakpoints)"
+    )
+    p_env.add_argument("--environment", "-e", default="dev", choices=["dev", "staging"])
+    p_env.add_argument("--assets", help="Comma-separated asset names to scope the token to")
+    # Default 8h so a debug session with breakpoints doesn't expire mid-pause.
+    p_env.add_argument("--ttl", type=int, default=28800, help="Token lifetime in seconds")
+    p_env.add_argument("--format", choices=["dotenv", "bash", "powershell"], default="dotenv")
+    p_env.add_argument("--write", metavar="PATH", help="Write to a file (e.g. .env) instead of stdout")
+    p_env.set_defaults(func=cmd_dev_env)
+
+    return parser
+
+
+def main() -> None:
+    parser = build_parser()
+    args = parser.parse_args()
+    sys.exit(args.func(args))
+
+
+if __name__ == "__main__":
+    main()

nora_sdk-0.4.0/nora_agent/sdk.py

@@ -0,0 +1,285 @@
+"""NORA Agent SDK — helpers for bot scripts to interact with NORA API.
+
+Security notes:
+- The access token is only ever sent over HTTPS (plain http is refused except
+  for localhost), so a misconfigured/poisoned NORA_API_URL cannot exfiltrate it.
+- Every value placed in a URL path (asset/queue/item names, job id) is
+  percent-encoded, so a crafted name cannot inject extra path or query segments.
+- No eval/exec and no shell are used anywhere in this module.
+"""
+
+from __future__ import annotations
+
+import os
+from typing import Any
+from urllib.parse import quote, urlparse
+
+import httpx
+
+_LOCAL_HOSTS = {"localhost", "127.0.0.1", "::1"}
+
+
+def _enforce_https(api_url: str) -> str:
+    """Refuse to send the bearer token over an unencrypted connection.
+
+    https is required for every host except localhost (local development).
+    """
+    parsed = urlparse(api_url)
+    host = (parsed.hostname or "").lower()
+    if parsed.scheme != "https" and host not in _LOCAL_HOSTS:
+        raise RuntimeError(
+            f"NORA_API_URL must use https (got scheme '{parsed.scheme}' for host "
+            f"'{host}'). Refusing to send the access token over plain http."
+        )
+    return api_url
+
+
+def _seg(value: Any) -> str:
+    """Percent-encode a single URL path segment (no '/' passes through).
+
+    Prevents a crafted name (e.g. '../', 'a/b', '?x=1') from injecting extra
+    path or query components into the request URL.
+    """
+    return quote(str(value), safe="")
+
+
+def _client() -> tuple[httpx.Client, str]:
+    api_url = _enforce_https(os.environ.get("NORA_API_URL", "http://localhost:8000/api/v1"))
+    # Prefer the per-job exec token; fall back to NORA_MACHINE_TOKEN for agents
+    # that predate exec tokens (the agent sets both to the same value).
+    token = os.environ.get("NORA_EXEC_TOKEN") or os.environ.get("NORA_MACHINE_TOKEN", "")
+    # verify=True (httpx default) — TLS certificate validation stays on.
+    client = httpx.Client(
+        timeout=15.0,
+        headers={"Authorization": f"Bearer {token}"},
+    )
+    return client, api_url
+
+
+def get_job_id() -> str | None:
+    """Return the ID of the job that launched this bot, or None when running
+    outside the agent (e.g. local dev). Injected by the agent as NORA_JOB_ID."""
+    return os.environ.get("NORA_JOB_ID") or None
+
+
+def get_asset(name: str, environment: str = "production") -> dict[str, Any]:
+    """Fetch a decrypted asset by name. Returns {name, type, environment, value, username?}.
+
+    When the process declares an asset manifest, the agent pre-fetches those
+    assets and injects them as NORA_ASSETS — we serve them from there without a
+    network call. Anything else falls back to the scoped runtime API.
+    """
+    injected = os.environ.get("NORA_ASSETS")
+    if injected:
+        import json
+        try:
+            cached = json.loads(injected)
+        except ValueError:
+            cached = {}
+        if name in cached:
+            return cached[name]
+
+    client, api_url = _client()
+    try:
+        resp = client.get(
+            f"{api_url}/agent/assets/{_seg(name)}",
+            params={"environment": environment},
+        )
+        resp.raise_for_status()
+        return resp.json()["data"]
+    finally:
+        client.close()
+
+
+def get_queue_item(queue_name: str) -> dict[str, Any] | None:
+    """Claim the next available item from a queue. Returns item data or None."""
+    client, api_url = _client()
+    try:
+        resp = client.post(f"{api_url}/agent/queues/{_seg(queue_name)}/next")
+        resp.raise_for_status()
+        return resp.json()["data"]
+    finally:
+        client.close()
+
+
+def complete_queue_item(queue_name: str, item_id: str, result: dict[str, Any]) -> None:
+    """Mark a queue item as completed with result data."""
+    client, api_url = _client()
+    try:
+        resp = client.put(
+            f"{api_url}/agent/queues/{_seg(queue_name)}/items/{_seg(item_id)}/complete",
+            json={"result": result},
+        )
+        resp.raise_for_status()
+    finally:
+        client.close()
+
+
+def fail_queue_item(queue_name: str, item_id: str, error_message: str) -> None:
+    """Mark a queue item as failed (may retry based on queue max_retries)."""
+    client, api_url = _client()
+    try:
+        resp = client.put(
+            f"{api_url}/agent/queues/{_seg(queue_name)}/items/{_seg(item_id)}/fail",
+            json={"error_message": error_message},
+        )
+        resp.raise_for_status()
+    finally:
+        client.close()
+
+
+def check_for_update(current_version: str) -> dict[str, Any]:
+    """Check if a newer agent version is available.
+
+    Returns:
+        dict with keys: update_available, latest_version, is_mandatory,
+        changelog, download_url_macos, download_url_windows.
+    """
+    client, api_url = _client()
+    try:
+        resp = client.get(
+            f"{api_url}/agent/version/latest",
+            params={"current": current_version},
+        )
+        resp.raise_for_status()
+        return resp.json()["data"]
+    finally:
+        client.close()
+
+
+def log(level: str, message: str, data: dict[str, Any] | None = None) -> None:
+    """Append a structured log line to the current job's log stream.
+
+    Requires NORA_JOB_ID (injected automatically by the agent).
+    """
+    import json
+    import time
+
+    job_id = os.environ.get("NORA_JOB_ID")
+    if not job_id:
+        return  # No-op outside of a job context
+
+    ts = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
+    line = f"[{ts}] [{level.upper()}] {message}"
+    if data:
+        line += f" | {json.dumps(data, ensure_ascii=False)}"
+
+    client, api_url = _client()
+    try:
+        resp = client.patch(
+            f"{api_url}/agent/jobs/{_seg(job_id)}/logs",
+            json={"logs": line + "\n"},
+        )
+        resp.raise_for_status()
+    finally:
+        client.close()
+
+
+def update_progress(percent: int, message: str | None = None) -> None:
+    """Report execution progress to the NORA dashboard.
+
+    Requires NORA_JOB_ID (injected automatically by the agent).
+    """
+    job_id = os.environ.get("NORA_JOB_ID")
+    if not job_id:
+        return  # No-op outside of a job context
+
+    client, api_url = _client()
+    try:
+        resp = client.patch(
+            f"{api_url}/agent/jobs/{_seg(job_id)}/progress",
+            json={"percent": max(0, min(100, percent)), "message": message},
+        )
+        resp.raise_for_status()
+    finally:
+        client.close()
+
+
+def add_queue_items(
+    queue_name: str,
+    items: list[dict[str, Any]],
+    priority: int = 3,
+) -> int:
+    """Add items to a queue from within a bot script.
+
+    Args:
+        queue_name: The name of the target queue.
+        items:      List of dicts — each dict is the payload for one item.
+        priority:   1=low, 3=normal, 5=urgent (applied to all items).
+
+    Returns:
+        Number of items successfully added.
+    """
+    client, api_url = _client()
+    try:
+        resp = client.post(
+            f"{api_url}/agent/queues/{_seg(queue_name)}/items/bulk",
+            json={"items": items, "priority": priority},
+        )
+        resp.raise_for_status()
+        return resp.json()["data"]["added"]
+    finally:
+        client.close()
+
+
+def send_queue_item_for_review(queue_name: str, item_id: str) -> dict[str, Any]:
+    """Mark a queue item as pending human review.
+
+    After calling this, use wait_for_queue_review() to block until the
+    operator approves or rejects the item.
+    """
+    client, api_url = _client()
+    try:
+        resp = client.put(
+            f"{api_url}/agent/queues/{_seg(queue_name)}/items/{_seg(item_id)}/review"
+        )
+        resp.raise_for_status()
+        return resp.json()["data"]
+    finally:
+        client.close()
+
+
+def wait_for_queue_review(
+    queue_name: str,
+    item_id: str,
+    poll_interval: float = 5.0,
+    timeout: float = 3600.0,
+) -> str:
+    """Block execution until an operator approves or rejects the item.
+
+    Returns:
+        "approved"  — item status changed to "new" (continue processing).
+        "rejected"  — item status changed to "failed" (skip this item).
+
+    Raises:
+        TimeoutError: if timeout seconds elapse without a decision.
+        RuntimeError: if the item is in an unexpected state.
+    """
+    import time
+
+    deadline = time.monotonic() + timeout
+    while time.monotonic() < deadline:
+        client, api_url = _client()
+        try:
+            resp = client.get(
+                f"{api_url}/agent/queues/{_seg(queue_name)}/items/{_seg(item_id)}"
+            )
+            resp.raise_for_status()
+            item = resp.json()["data"]
+        finally:
+            client.close()
+
+        status = item.get("status")
+        if status == "new":
+            return "approved"
+        if status == "failed":
+            return "rejected"
+        if status != "pending_review":
+            raise RuntimeError(
+                f"Unexpected item status '{status}' for item {item_id}"
+            )
+        time.sleep(poll_interval)
+
+    raise TimeoutError(
+        f"Item {item_id} was not reviewed within {timeout} seconds"
+    )

nora_sdk-0.4.0/nora_sdk.egg-info/PKG-INFO

@@ -0,0 +1,53 @@
+Metadata-Version: 2.4
+Name: nora-sdk
+Version: 0.4.0
+Summary: Client SDK + dev CLI to build and debug robots on NORA (Robots Center).
+Author: Valisoft
+License: Proprietary
+Project-URL: Homepage, https://nora.valisoftconsulting.com
+Keywords: nora,rpa,automation,sdk,robots
+Classifier: Programming Language :: Python :: 3
+Classifier: Operating System :: Microsoft :: Windows
+Classifier: Operating System :: MacOS
+Classifier: License :: Other/Proprietary License
+Classifier: Intended Audience :: Developers
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: httpx<1.0,>=0.27
+Dynamic: license-file
+
+# nora-sdk
+
+Client SDK + `nora` developer CLI to build and debug **robots** on NORA
+(Robots Center). Install it to develop locally; in production the NORA agent
+provides the same SDK automatically, so your robot code is identical.
+
+```bash
+pip install nora-sdk
+```
+
+## Uso en el robot
+```python
+from nora_agent import sdk
+
+item = sdk.get_queue_item("RPA-Challenge")   # consume una cola
+cred = sdk.get_asset("API_KEY")              # lee un asset (secreto)
+sdk.log("info", "hola")                      # log al dashboard
+sdk.update_progress(50, "a mitad")
+```
+
+## Desarrollo local con breakpoints
+```bash
+nora login
+nora dev env --write .env     # NORA_API_URL + token de dev (dev/staging, no prod)
+# apunta tu IDE a .env y debuggea, o:
+nora dev run main.py
+```
+
+## Seguridad
+- El token solo viaja por **HTTPS** (rechaza http salvo localhost).
+- Los nombres en la URL van **percent-encoded** (sin inyección de path/query).
+- Sin `shell`, sin `eval`/`exec`. Dependencia única: `httpx`.
+- El token de dev está limitado a `dev`/`staging`: nunca lee secretos de producción.
+- La sesión se guarda en `~/.nora/credentials.json` con permisos solo-dueño.

nora_sdk-0.4.0/nora_sdk.egg-info/SOURCES.txt

@@ -0,0 +1,12 @@
+LICENSE
+README.md
+pyproject.toml
+nora_agent/__init__.py
+nora_agent/dev_cli.py
+nora_agent/sdk.py
+nora_sdk.egg-info/PKG-INFO
+nora_sdk.egg-info/SOURCES.txt
+nora_sdk.egg-info/dependency_links.txt
+nora_sdk.egg-info/entry_points.txt
+nora_sdk.egg-info/requires.txt
+nora_sdk.egg-info/top_level.txt

nora_sdk-0.4.0/nora_sdk.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

nora_sdk-0.4.0/nora_sdk.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+nora = nora_agent.dev_cli:main

nora_sdk-0.4.0/nora_sdk.egg-info/requires.txt

@@ -0,0 +1 @@
+httpx<1.0,>=0.27

nora_sdk-0.4.0/nora_sdk.egg-info/top_level.txt

@@ -0,0 +1 @@
+nora_agent

nora_sdk-0.4.0/pyproject.toml

@@ -0,0 +1,40 @@
+[build-system]
+requires = ["setuptools>=68", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "nora-sdk"
+description = "Client SDK + dev CLI to build and debug robots on NORA (Robots Center)."
+readme = "README.md"
+requires-python = ">=3.10"
+license = { text = "Proprietary" }
+authors = [{ name = "Valisoft" }]
+keywords = ["nora", "rpa", "automation", "sdk", "robots"]
+dynamic = ["version"]
+
+# Minimal, pinned dependency surface on purpose (smaller supply-chain attack
+# surface). The SDK and the `nora` CLI need only httpx.
+dependencies = ["httpx>=0.27,<1.0"]
+
+classifiers = [
+  "Programming Language :: Python :: 3",
+  "Operating System :: Microsoft :: Windows",
+  "Operating System :: MacOS",
+  "License :: Other/Proprietary License",
+  "Intended Audience :: Developers",
+]
+
+[project.urls]
+Homepage = "https://nora.valisoftconsulting.com"
+
+[project.scripts]
+nora = "nora_agent.dev_cli:main"
+
+[tool.setuptools]
+# The package contents are assembled from agent/nora_agent by sdk/assemble.py
+# (single source of truth) — only the client-facing modules, never the agent
+# runtime/installer/service code.
+packages = ["nora_agent"]
+
+[tool.setuptools.dynamic]
+version = { attr = "nora_agent.__version__" }

nora_sdk-0.4.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+