PyPI - otdf-python - Versions diffs - 0.3.1__tar.gz → 0.3.3__tar.gz - Mend

otdf-python 0.3.1tar.gz → 0.3.3tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (255) hide show

{otdf_python-0.3.1 → otdf_python-0.3.3}/.github/check_entitlements.sh RENAMED Viewed

@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/usr/bin/env bash
+set -euo pipefail
 # Derive additional environment variables
 TOKEN_URL="${OIDC_OP_TOKEN_ENDPOINT}"
@@ -24,6 +26,11 @@ get_token() {
 echo "🔐 Getting access token..."
 BEARER=$( get_token | jq -r '.access_token' )
+if [ -z "$BEARER" ]; then
+    echo "❌ Failed to get access token."
+    exit 1
+fi
 # NOTE: It's always okay to print this token, because it will
 # only be valid / available in dummy / dev scenarios
 [[ "${DEBUG:-}" == "1" ]] && echo "Got Access Token: ${BEARER}"

{otdf_python-0.3.1 → otdf_python-0.3.3}/.github/workflows/build-python.yaml RENAMED Viewed

@@ -1,9 +1,6 @@
 # Build otdf-python wheel using uv and output the wheel path for downstream workflows
 name: "Build Python Wheel"
 on:
-  push:
-    branches:
-      - chore/rewrite
   pull_request:
 jobs:

{otdf_python-0.3.1 → otdf_python-0.3.3}/.github/workflows/platform-integration-test.yaml RENAMED Viewed

@@ -154,6 +154,7 @@ jobs:
         with:
           enable-cache: true
           cache-dependency-glob: "uv.lock"
+          python-version: ${{ inputs.python_version }}
       - name: Run all tests, minus integration tests
         env:

{otdf_python-0.3.1 → otdf_python-0.3.3}/.github/workflows/release-please.yaml RENAMED Viewed

@@ -46,14 +46,14 @@ jobs:
           target-branch: main
           token: ${{ secrets.GITHUB_TOKEN }}
-  # Trigger appropriate publish workflows based on release type
-  trigger-publish:
+  # Publish packages only when releases are actually created by release-please
+  publish:
     permissions:
       contents: write
       # This permission is mandatory for PyPI's trusted publishing
       id-token: write
     needs: release-please
-    if: ${{ needs.release-please.outputs.releases_created }}
+    if: ${{ needs.release-please.outputs.releases_created == 'true' }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

otdf_python-0.3.3/.release-please-manifest.json ADDED Viewed

@@ -0,0 +1,3 @@
+{
+    ".": "0.3.3"
+}

otdf_python-0.3.3/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,33 @@
+# Changelog
+## [0.3.3](https://github.com/b-long/opentdf-python-sdk/compare/otdf-python-v0.3.2...otdf-python-v0.3.3) (2025-09-17)
+### Bug Fixes
+* improve docs ([#106](https://github.com/b-long/opentdf-python-sdk/issues/106)) ([49aa4ae](https://github.com/b-long/opentdf-python-sdk/commit/49aa4aea5e576c20b3e26c852331de8b0469742f))
+## [0.3.2](https://github.com/b-long/opentdf-python-sdk/compare/otdf-python-v0.3.1...otdf-python-v0.3.2) (2025-09-12)
+### Bug Fixes
+* fix release-please configuration ([#104](https://github.com/b-long/opentdf-python-sdk/issues/104)) ([3b1c949](https://github.com/b-long/opentdf-python-sdk/commit/3b1c949680b1c4e8ec5bae5d2dbb2f18dc53b559))
+## [0.3.1](https://github.com/b-long/opentdf-python-sdk/compare/otdf-python-v0.3.0...otdf-python-v0.3.1) (2025-09-12)
+### Bug Fixes
+* testing improvements ([#102](https://github.com/b-long/opentdf-python-sdk/issues/102)) ([8e82361](https://github.com/b-long/opentdf-python-sdk/commit/8e8236190df157da8ab7fda0b6dfb9cd78bae3bf))
+## [0.3.0](https://github.com/b-long/opentdf-python-sdk/compare/v0.2.20...otdf-python-v0.3.0) (2025-09-11)
+### ⚠ BREAKING CHANGES
+* rewrite in pure Python ([#62](https://github.com/b-long/opentdf-python-sdk/issues/62))
+### Features
+* configure release-please ([#74](https://github.com/b-long/opentdf-python-sdk/issues/74)) ([439becd](https://github.com/b-long/opentdf-python-sdk/commit/439becd82a5faf834a190516b64e21aa331c0176))

{otdf_python-0.3.1 → otdf_python-0.3.3}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: otdf-python
-Version: 0.3.1
+Version: 0.3.3
 Summary: Unofficial OpenTDF SDK for Python
 Author-email: b-long <b-long@users.noreply.github.com>
 License-File: LICENSE
@@ -32,65 +32,6 @@ Unofficial OpenTDF SDK for Python
 A legacy version (0.2.x) of this project is available for users who need the previous implementation. For more information, see [LEGACY_VERSION.md](docs/LEGACY_VERSION.md) or visit the [legacy branch on GitHub](https://github.com/b-long/opentdf-python-sdk/tree/0.2.x).
-## Prerequisites
-This project uses [uv](https://docs.astral.sh/uv/) for dependency management and task running.
-### Installing uv
-Install `uv` using one of the following methods:
-**macOS/Linux:**
-```bash
-curl -LsSf https://astral.sh/uv/install.sh | sh
-```
-**Windows:**
-```powershell
-powershell -c "irm https://astral.sh/uv/install.ps1 | iex"
-```
-**Using Homebrew (macOS):**
-```bash
-brew install uv
-```
-For more installation options, see the [uv installation guide](https://docs.astral.sh/uv/getting-started/installation/).
-## Development Setup
-1. Clone the repository:
-```bash
-git clone <repository-url>
-cd opentdf-python-sdk
-```
-2. Install dependencies:
-```bash
-uv sync
-```
-## Running Tests
-Run the full test suite:
-```bash
-uv run pytest tests/
-```
-Run specific test files:
-```bash
-uv run pytest tests/test_sdk.py
-```
-Run tests with verbose output:
-```bash
-uv run pytest tests/ -v
-```
-Run integration tests only:
-```bash
-uv run pytest tests/ -m integration
-```
 ## Installation
@@ -99,21 +40,6 @@ Install from PyPI:
 pip install otdf-python
 ```
-## Protobuf & Connect RPC Generation
-This project uses a dedicated submodule, `otdf-python-proto/`, for generating Python protobuf files and Connect RPC clients from OpenTDF platform proto definitions.
-### Regenerating Protobuf & Connect RPC Files
-From the submodule:
-```bash
-cd otdf-python-proto
-uv run python scripts/generate_connect_proto.py
-```
-See [`otdf-python-proto/README.md`](otdf-python-proto/README.md) and [`PROTOBUF_SETUP.md`](PROTOBUF_SETUP.md) for details.
 ## Quick Start
 ### Basic Configuration
@@ -160,7 +86,7 @@ sdk = builder.build()
 from io import BytesIO
 # Create TDF configuration with attributes
-config = sdk.new_tdf_config(attributes=["https://example.com/attr/classification/value/public"])
+config = sdk.new_tdf_config(attributes=["https://example.net/attr/attr1/value/value1"])
 # Encrypt data to TDF format
 input_data = b"Hello, World!"
@@ -176,15 +102,12 @@ with open("encrypted.tdf", "wb") as f:
 ### Decrypt Data
 ```python
-from otdf_python.tdf import TDFReaderConfig
 # Read encrypted TDF file
 with open("encrypted.tdf", "rb") as f:
     encrypted_data = f.read()
 # Decrypt TDF
-reader_config = TDFReaderConfig()
-tdf_reader = sdk.load_tdf(encrypted_data, reader_config)
+tdf_reader = sdk.load_tdf(encrypted_data)
 decrypted_data = tdf_reader.payload
 # Save decrypted data
@@ -208,6 +131,7 @@ src/otdf_python/
 └── ...                     # Additional modules
 tests/
 └── ...                     # Various tests
+```
 ## Contributing
@@ -215,14 +139,14 @@ tests/
 2. Create a feature branch: `git checkout -b feature-name`
 3. Make your changes
 4. Run tests: `uv run pytest tests/`
-5. Commit your changes: `git commit -am 'Add feature'`
+5. Commit your changes: `git commit -am 'feat: add feature'`
 6. Push to the branch: `git push origin feature-name`
 7. Submit a pull request
 ### Release Process
 For maintainers and contributors working on releases:
-- See [RELEASES.md](RELEASES.md) for comprehensive release documentation
+- See [RELEASES.md](docs/RELEASES.md) for comprehensive release documentation
 - Feature branch alpha releases available for testing changes before merge
 - Automated releases via Release Please on the main branch

{otdf_python-0.3.1 → otdf_python-0.3.3}/README.md RENAMED Viewed

@@ -13,65 +13,6 @@ Unofficial OpenTDF SDK for Python
 A legacy version (0.2.x) of this project is available for users who need the previous implementation. For more information, see [LEGACY_VERSION.md](docs/LEGACY_VERSION.md) or visit the [legacy branch on GitHub](https://github.com/b-long/opentdf-python-sdk/tree/0.2.x).
-## Prerequisites
-This project uses [uv](https://docs.astral.sh/uv/) for dependency management and task running.
-### Installing uv
-Install `uv` using one of the following methods:
-**macOS/Linux:**
-```bash
-curl -LsSf https://astral.sh/uv/install.sh | sh
-```
-**Windows:**
-```powershell
-powershell -c "irm https://astral.sh/uv/install.ps1 | iex"
-```
-**Using Homebrew (macOS):**
-```bash
-brew install uv
-```
-For more installation options, see the [uv installation guide](https://docs.astral.sh/uv/getting-started/installation/).
-## Development Setup
-1. Clone the repository:
-```bash
-git clone <repository-url>
-cd opentdf-python-sdk
-```
-2. Install dependencies:
-```bash
-uv sync
-```
-## Running Tests
-Run the full test suite:
-```bash
-uv run pytest tests/
-```
-Run specific test files:
-```bash
-uv run pytest tests/test_sdk.py
-```
-Run tests with verbose output:
-```bash
-uv run pytest tests/ -v
-```
-Run integration tests only:
-```bash
-uv run pytest tests/ -m integration
-```
 ## Installation
@@ -80,21 +21,6 @@ Install from PyPI:
 pip install otdf-python
 ```
-## Protobuf & Connect RPC Generation
-This project uses a dedicated submodule, `otdf-python-proto/`, for generating Python protobuf files and Connect RPC clients from OpenTDF platform proto definitions.
-### Regenerating Protobuf & Connect RPC Files
-From the submodule:
-```bash
-cd otdf-python-proto
-uv run python scripts/generate_connect_proto.py
-```
-See [`otdf-python-proto/README.md`](otdf-python-proto/README.md) and [`PROTOBUF_SETUP.md`](PROTOBUF_SETUP.md) for details.
 ## Quick Start
 ### Basic Configuration
@@ -141,7 +67,7 @@ sdk = builder.build()
 from io import BytesIO
 # Create TDF configuration with attributes
-config = sdk.new_tdf_config(attributes=["https://example.com/attr/classification/value/public"])
+config = sdk.new_tdf_config(attributes=["https://example.net/attr/attr1/value/value1"])
 # Encrypt data to TDF format
 input_data = b"Hello, World!"
@@ -157,15 +83,12 @@ with open("encrypted.tdf", "wb") as f:
 ### Decrypt Data
 ```python
-from otdf_python.tdf import TDFReaderConfig
 # Read encrypted TDF file
 with open("encrypted.tdf", "rb") as f:
     encrypted_data = f.read()
 # Decrypt TDF
-reader_config = TDFReaderConfig()
-tdf_reader = sdk.load_tdf(encrypted_data, reader_config)
+tdf_reader = sdk.load_tdf(encrypted_data)
 decrypted_data = tdf_reader.payload
 # Save decrypted data
@@ -189,6 +112,7 @@ src/otdf_python/
 └── ...                     # Additional modules
 tests/
 └── ...                     # Various tests
+```
 ## Contributing
@@ -196,14 +120,14 @@ tests/
 2. Create a feature branch: `git checkout -b feature-name`
 3. Make your changes
 4. Run tests: `uv run pytest tests/`
-5. Commit your changes: `git commit -am 'Add feature'`
+5. Commit your changes: `git commit -am 'feat: add feature'`
 6. Push to the branch: `git push origin feature-name`
 7. Submit a pull request
 ### Release Process
 For maintainers and contributors working on releases:
-- See [RELEASES.md](RELEASES.md) for comprehensive release documentation
+- See [RELEASES.md](docs/RELEASES.md) for comprehensive release documentation
 - Feature branch alpha releases available for testing changes before merge
 - Automated releases via Release Please on the main branch

otdf_python-0.3.3/docs/CONNECT_RPC.md ADDED Viewed

@@ -0,0 +1,156 @@
+# Connect RPC in OpenTDF Python SDK
+This document describes the Connect RPC implementation in the OpenTDF Python SDK, which provides a modern HTTP-friendly alternative to traditional gRPC.
+## Overview
+Connect RPC is a protocol that brings the benefits of RPC to HTTP APIs. It's designed to be:
+- **HTTP-compatible**: Works with standard HTTP infrastructure
+- **Type-safe**: Generated from Protocol Buffer definitions
+- **Efficient**: Binary protocol with JSON fallback
+- **Simple**: Easy to debug and integrate
+## Architecture
+The SDK uses a two-module structure for protocol buffer generation:
+- **Main SDK**: `src/otdf_python/` - Core SDK functionality
+- **Protocol Generation**: `otdf-python-proto/` - Generated Connect RPC and protobuf files
+### Generated Files
+Connect RPC generates the following files in `otdf-python-proto/src/otdf_python_proto/`:
+- `*_connect.py` - Connect RPC client implementations (recommended)
+- `*_pb2.py` - Protocol buffer message definitions
+- `legacy_grpc/*_pb2_grpc.py` - Traditional gRPC clients (backward compatibility)
+## Usage
+### Client Creation
+Connect RPC clients are created using the generated `*_connect.py` modules:
+```python
+from otdf_python_proto.kas import kas_connect
+from otdf_python_proto.policy import policy_connect
+# Create Connect RPC clients
+kas_client = kas_connect.KeyAccessServiceClient(base_url="https://example.com")
+policy_client = policy_connect.PolicyServiceClient(base_url="https://your-policy-endpoint")
+```
+### Authentication
+Connect RPC clients support standard HTTP authentication:
+```python
+import httpx
+# Create authenticated HTTP client, assuming `token` holds your auth token
+http_client = httpx.Client(
+    headers={"Authorization": f"Bearer {token}"}
+)
+# Use with Connect RPC client
+kas_client = kas_connect.KeyAccessServiceClient(
+    base_url="https://example.com",
+    http_client=http_client
+)
+```
+## Regenerating Connect RPC Files
+To regenerate the Connect RPC and protobuf files:
+```bash
+cd otdf-python-proto
+uv run python scripts/generate_connect_proto.py
+```
+### Download Fresh Proto Files
+To download the latest protocol definitions:
+```bash
+cd otdf-python-proto
+uv run python scripts/generate_connect_proto.py --download
+```
+### Requirements
+- `buf` tool: `brew install bufbuild/buf/buf` (or see [official installation guide](https://buf.build/docs/installation))
+- Python dependencies managed by `uv`
+## Benefits Over gRPC
+1. **HTTP Compatibility**: Works with load balancers, proxies, and other HTTP infrastructure
+2. **Debugging**: Easy to inspect with standard HTTP tools
+3. **Flexibility**: Supports both binary and JSON encoding
+4. **Simplicity**: No special HTTP/2 requirements
+## Migration from gRPC
+If migrating from legacy gRPC clients:
+1. Replace `*_pb2_grpc.py` imports with `*_connect.py`
+2. Update client instantiation to use base URLs instead of channels
+3. Leverage HTTP client features for authentication and configuration
+## Testing
+Connect RPC clients can be easily mocked and tested using standard HTTP testing tools:
+```python
+import httpx
+import respx
+from otdf_python_proto.kas import kas_pb2, kas_connect
+@respx.mock
+def test_connect_rpc_client():
+    # 1. Create a sample protobuf response message
+    expected_response = kas_pb2.RewrapResponse(
+        entity_wrapped_key=b'some-unwrapped-key'
+    )
+    # 2. Mock the correct Connect RPC endpoint URL
+    respx.post("https://example.com/kas.AccessService/Rewrap").mock(
+        return_value=httpx.Response(
+            200,
+            # 3. Return the serialized protobuf message as content
+            content=expected_response.SerializeToString(),
+            headers={'Content-Type': 'application/proto'}
+        )
+    )
+    client = kas_connect.KeyAccessServiceClient(base_url="https://example.com")
+    # Test client calls...
+```
+## Error Handling
+Connect RPC provides structured error handling through standard HTTP status codes and error details:
+```python
+from connectrpc import ConnectError
+try:
+    # Assuming `kas_client` and `request` are defined as in previous examples
+    response = kas_client.rewrap(request)
+except ConnectError as e:
+    print(f"Connect RPC error: {e.code} - {e.message}")
+    # Handle specific error types
+```
+## Performance Considerations
+- Use connection pooling with `httpx.Client` for better performance
+- Configure appropriate timeouts for your use case
+- Consider using binary encoding for high-throughput scenarios
+## Additional Resources
+For more information, see:
+- [Connect RPC Documentation](https://connectrpc.com/docs/)
+- [Connect Python Repository](https://github.com/connectrpc/connect-python)
+- [OpenTDF Platform](https://github.com/opentdf/platform)

otdf_python-0.3.3/docs/DEVELOPING.md ADDED Viewed

@@ -0,0 +1,95 @@
+# Developing the OpenTDF Python SDK
+## Enabling Direct Access Grants
+In order to use token exchange with direct access grants, you will need to enable the `Direct Access Grants` option in your IdP (e.g. Keycloak)
+client settings.
+## Setting Up Your Development Environment
+A convenience script is provided to help set up your development environment with an OpenTDF platform running in docker.
+You can run the following command in your terminal:
+```bash
+.github/start_opentdf_docker.sh
+```
+Using this script will automatically enable direct access grants in Keycloak for you.
+## Dependency Management
+### Prerequisites
+This project uses [uv](https://docs.astral.sh/uv/) for dependency management and task running.
+#### Installing uv
+Install `uv` using one of the following methods:
+**macOS/Linux:**
+```bash
+curl -LsSf https://astral.sh/uv/install.sh | sh
+```
+**Windows:**
+```powershell
+powershell -c "irm https://astral.sh/uv/install.ps1 | iex"
+```
+**Using Homebrew (macOS):**
+```bash
+brew install uv
+```
+For more installation options, see the [uv installation guide](https://docs.astral.sh/uv/getting-started/installation/).
+## Development Setup
+1. Clone the repository:
+```bash
+git clone https://github.com/b-long/opentdf-python-sdk.git
+cd opentdf-python-sdk
+```
+2. Install dependencies:
+```bash
+uv sync
+```
+### Running Tests
+Run the full test suite:
+```bash
+uv run pytest tests/
+```
+Run specific test files:
+```bash
+uv run pytest tests/test_sdk.py
+```
+Run tests with verbose output:
+```bash
+uv run pytest tests/ -v
+```
+Run integration tests only:
+```bash
+uv run pytest tests/ -m integration
+```
+### Protobuf & Connect RPC Generation
+This project uses a dedicated submodule, `otdf-python-proto/`, for generating Python protobuf files and Connect RPC clients from OpenTDF platform proto definitions.
+#### Regenerating Protobuf & Connect RPC Files
+From the submodule:
+```bash
+cd otdf-python-proto
+uv run python scripts/generate_connect_proto.py
+```
+See [`otdf-python-proto/README.md`](../otdf-python-proto/README.md) and [`PROTOBUF_SETUP.md`](./PROTOBUF_SETUP.md) for details.

{otdf_python-0.3.1 → otdf_python-0.3.3}/otdf-python-proto/README.md RENAMED Viewed

@@ -12,7 +12,7 @@ This project now supports **Connect RPC**, a modern HTTP-friendly alternative to
 - 🚀 **Simplified deployment** - No special gRPC infrastructure required
 - 📊 **Better observability** - Standard HTTP status codes and headers
-See [CONNECT_RPC_MIGRATION.md](../CONNECT_RPC_MIGRATION.md) for migration guide and examples.
+See [CONNECT_RPC.md](../docs/CONNECT_RPC.md) for additional information.
 ## Structure
@@ -158,7 +158,7 @@ response = client.GetPolicy(request)
 If you're migrating from traditional gRPC clients to Connect RPC:
-1. Read the [Connect RPC Migration Guide](../CONNECT_RPC_MIGRATION.md)
+1. Read the [Connect RPC Migration Guide](../docs/CONNECT_RPC.md)
 2. Run the Connect RPC generation: `./scripts/build_connect_proto.sh` (or from the submodule: `cd otdf-python-proto && uv run python scripts/generate_connect_proto.py`)
 3. Update your client code to use `*_connect.py` modules
 4. Test with your authentication and deployment setup

{otdf_python-0.3.1 → otdf_python-0.3.3}/otdf-python-proto/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "otdf-python-proto"
-version = "0.3.1"
+version = "0.3.3"
 description = "Generated protobuf files for OpenTDF Python SDK"
 readme = "README.md"
 authors = [

{otdf_python-0.3.1 → otdf_python-0.3.3}/otdf-python-proto/scripts/build_connect_proto.sh RENAMED Viewed

@@ -87,7 +87,7 @@ if [[ $? -eq 0 ]]; then
     echo "  python examples/connect_rpc_client_example.py"
     echo ""
     echo "For more information, see:"
-    echo "  - CONNECT_RPC_MIGRATION.md"
+    echo "  - docs/CONNECT_RPC.md"
     echo "  - https://connectrpc.com/docs/"
 else
     echo "✗ Connect RPC generation failed!"

{otdf_python-0.3.1 → otdf_python-0.3.3}/otdf-python-proto/uv.lock RENAMED Viewed

@@ -481,7 +481,7 @@ wheels = [
 [[package]]
 name = "otdf-python-proto"
-version = "0.3.1"
+version = "0.3.3"
 source = { editable = "." }
 dependencies = [
     { name = "connect-python", extra = ["compiler"] },

{otdf_python-0.3.1 → otdf_python-0.3.3}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "otdf-python"
-version = "0.3.1"
+version = "0.3.3"
 description = "Unofficial OpenTDF SDK for Python"
 readme = "README.md"
 authors = [

otdf-python 0.3.1__tar.gz → 0.3.3__tar.gz

otdf-python 0.3.1tar.gz → 0.3.3tar.gz