pangea-sdk 3.8.0b4__py3-none-any.whl → 4.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. pangea/__init__.py +1 -2
  2. pangea/asyncio/request.py +17 -22
  3. pangea/asyncio/services/__init__.py +0 -2
  4. pangea/asyncio/services/audit.py +188 -23
  5. pangea/asyncio/services/authn.py +167 -108
  6. pangea/asyncio/services/authz.py +36 -45
  7. pangea/asyncio/services/embargo.py +2 -2
  8. pangea/asyncio/services/file_scan.py +3 -3
  9. pangea/asyncio/services/intel.py +44 -26
  10. pangea/asyncio/services/redact.py +60 -4
  11. pangea/asyncio/services/vault.py +145 -30
  12. pangea/dump_audit.py +1 -1
  13. pangea/request.py +30 -24
  14. pangea/response.py +34 -42
  15. pangea/services/__init__.py +0 -2
  16. pangea/services/audit/audit.py +202 -34
  17. pangea/services/audit/models.py +56 -8
  18. pangea/services/audit/util.py +3 -3
  19. pangea/services/authn/authn.py +116 -65
  20. pangea/services/authn/models.py +88 -4
  21. pangea/services/authz.py +51 -56
  22. pangea/services/base.py +23 -6
  23. pangea/services/embargo.py +2 -2
  24. pangea/services/file_scan.py +3 -2
  25. pangea/services/intel.py +25 -23
  26. pangea/services/redact.py +124 -4
  27. pangea/services/vault/models/common.py +121 -6
  28. pangea/services/vault/models/symmetric.py +2 -2
  29. pangea/services/vault/vault.py +143 -32
  30. pangea/utils.py +20 -109
  31. pangea/verify_audit.py +267 -83
  32. {pangea_sdk-3.8.0b4.dist-info → pangea_sdk-4.0.0.dist-info}/METADATA +12 -20
  33. pangea_sdk-4.0.0.dist-info/RECORD +46 -0
  34. {pangea_sdk-3.8.0b4.dist-info → pangea_sdk-4.0.0.dist-info}/WHEEL +1 -1
  35. pangea/asyncio/__init__.py +0 -1
  36. pangea/asyncio/file_uploader.py +0 -39
  37. pangea/asyncio/services/sanitize.py +0 -185
  38. pangea/asyncio/services/share.py +0 -573
  39. pangea/file_uploader.py +0 -35
  40. pangea/services/sanitize.py +0 -275
  41. pangea/services/share/file_format.py +0 -170
  42. pangea/services/share/share.py +0 -877
  43. pangea_sdk-3.8.0b4.dist-info/RECORD +0 -54
pangea/services/redact.py CHANGED
@@ -1,9 +1,11 @@
1
1
  # Copyright 2022 Pangea Cyber Corporation
2
2
  # Author: Pangea Cyber Corporation
3
+ from __future__ import annotations
3
4
 
4
5
  import enum
5
6
  from typing import Dict, List, Optional, Union
6
7
 
8
+ from pangea.config import PangeaConfig
7
9
  from pangea.response import APIRequestModel, APIResponseModel, PangeaResponse, PangeaResponseResult
8
10
  from pangea.services.base import ServiceBase
9
11
 
@@ -15,6 +17,44 @@ class RedactFormat(str, enum.Enum):
15
17
  """JSON format."""
16
18
 
17
19
 
20
+ class RedactType(str, enum.Enum):
21
+ MASK = "mask"
22
+ PARTIAL_MASKING = "partial_masking"
23
+ REPLACEMENT = "replacement"
24
+ DETECT_ONLY = "detect_only"
25
+ HASH = "hash"
26
+ FPE = "fpe"
27
+
28
+
29
+ class FPEAlphabet(str, enum.Enum):
30
+ NUMERIC = "numeric"
31
+ ALPHANUMERICLOWER = "alphanumericlower"
32
+ ALPHANUMERIC = "alphanumeric"
33
+
34
+
35
+ class MaskingType(str, enum.Enum):
36
+ MASK = "mask"
37
+ UNMASK = "unmask"
38
+
39
+
40
+ class PartialMasking(APIRequestModel):
41
+ masking_type: Optional[MaskingType] = None
42
+ unmasked_from_left: Optional[int] = None
43
+ unmasked_from_right: Optional[int] = None
44
+ masked_from_left: Optional[int] = None
45
+ masked_from_right: Optional[int] = None
46
+ chars_to_ignore: Optional[List[str]] = None
47
+ masking_char: Optional[List[str]] = None
48
+
49
+
50
+ class RedactionMethodOverrides(APIRequestModel):
51
+ redaction_type: RedactType
52
+ hash: Optional[Dict] = None
53
+ fpe_alphabet: Optional[FPEAlphabet] = None
54
+ partial_masking: Optional[PartialMasking] = None
55
+ redaction_value: Optional[str] = None
56
+
57
+
18
58
  class RedactRequest(APIRequestModel):
19
59
  """
20
60
  Input class to make a redact request
@@ -25,6 +65,7 @@ class RedactRequest(APIRequestModel):
25
65
  rules: Optional[List[str]] = None
26
66
  rulesets: Optional[List[str]] = None
27
67
  return_result: Optional[bool] = None
68
+ redaction_method_overrides: Optional[RedactionMethodOverrides] = None
28
69
 
29
70
 
30
71
  class RecognizerResult(APIResponseModel):
@@ -92,6 +133,7 @@ class StructuredRequest(APIRequestModel):
92
133
  rules: Optional[List[str]] = None
93
134
  rulesets: Optional[List[str]] = None
94
135
  return_result: Optional[bool] = None
136
+ redaction_method_overrides: Optional[RedactionMethodOverrides] = None
95
137
 
96
138
 
97
139
  class StructuredResult(PangeaResponseResult):
@@ -105,6 +147,32 @@ class StructuredResult(PangeaResponseResult):
105
147
  report: Optional[DebugReport] = None
106
148
 
107
149
 
150
+ class UnredactRequest(APIRequestModel):
151
+ """
152
+ Class input to unredact data request
153
+
154
+ Arguments:
155
+ redacted_data: Data to unredact
156
+ fpe_context (base64): FPE context used to decrypt and unredact data
157
+
158
+ """
159
+
160
+ redacted_data: RedactedData
161
+ fpe_context: str
162
+
163
+
164
+ RedactedData = Union[str, Dict]
165
+
166
+
167
+ class UnredactResult(PangeaResponseResult):
168
+ """
169
+ Result class after an unredact request
170
+
171
+ """
172
+
173
+ data: RedactedData
174
+
175
+
108
176
  class Redact(ServiceBase):
109
177
  """Redact service client.
110
178
 
@@ -132,7 +200,24 @@ class Redact(ServiceBase):
132
200
 
133
201
  service_name = "redact"
134
202
 
135
- def __init__(self, token, config=None, logger_name="pangea", config_id: Optional[str] = None):
203
+ def __init__(
204
+ self, token: str, config: PangeaConfig | None = None, logger_name: str = "pangea", config_id: str | None = None
205
+ ) -> None:
206
+ """
207
+ Redact client
208
+
209
+ Initializes a new Redact client.
210
+
211
+ Args:
212
+ token: Pangea API token.
213
+ config: Configuration.
214
+ logger_name: Logger name.
215
+ config_id: Configuration ID.
216
+
217
+ Examples:
218
+ config = PangeaConfig(domain="pangea_domain")
219
+ redact = Redact(token="pangea_token", config=config)
220
+ """
136
221
  super().__init__(token, config, logger_name, config_id=config_id)
137
222
 
138
223
  def redact(
@@ -142,6 +227,7 @@ class Redact(ServiceBase):
142
227
  rules: Optional[List[str]] = None,
143
228
  rulesets: Optional[List[str]] = None,
144
229
  return_result: Optional[bool] = None,
230
+ redaction_method_overrides: Optional[RedactionMethodOverrides] = None,
145
231
  ) -> PangeaResponse[RedactResult]:
146
232
  """
147
233
  Redact
@@ -157,6 +243,7 @@ class Redact(ServiceBase):
157
243
  rules (list[str], optional): An array of redact rule short names
158
244
  rulesets (list[str], optional): An array of redact rulesets short names
159
245
  return_result(bool, optional): Setting this value to false will omit the redacted result only returning count
246
+ redaction_method_overrides: A set of redaction method overrides for any enabled rule. These methods override the config declared methods
160
247
 
161
248
  Raises:
162
249
  PangeaAPIException: If an API Error happens
@@ -170,8 +257,15 @@ class Redact(ServiceBase):
170
257
  response = redact.redact(text="Jenny Jenny... 555-867-5309")
171
258
  """
172
259
 
173
- input = RedactRequest(text=text, debug=debug, rules=rules, rulesets=rulesets, return_result=return_result)
174
- return self.request.post("v1/redact", RedactResult, data=input.dict(exclude_none=True))
260
+ input = RedactRequest(
261
+ text=text,
262
+ debug=debug,
263
+ rules=rules,
264
+ rulesets=rulesets,
265
+ return_result=return_result,
266
+ redaction_method_overrides=redaction_method_overrides,
267
+ )
268
+ return self.request.post("v1/redact", RedactResult, data=input.model_dump(exclude_none=True))
175
269
 
176
270
  def redact_structured(
177
271
  self,
@@ -182,6 +276,7 @@ class Redact(ServiceBase):
182
276
  rules: Optional[List[str]] = None,
183
277
  rulesets: Optional[List[str]] = None,
184
278
  return_result: Optional[bool] = None,
279
+ redaction_method_overrides: Optional[RedactionMethodOverrides] = None,
185
280
  ) -> PangeaResponse[StructuredResult]:
186
281
  """
187
282
  Redact structured
@@ -201,6 +296,7 @@ class Redact(ServiceBase):
201
296
  rules (list[str], optional): An array of redact rule short names
202
297
  rulesets (list[str], optional): An array of redact rulesets short names
203
298
  return_result(bool, optional): Setting this value to false will omit the redacted result only returning count
299
+ redaction_method_overrides: A set of redaction method overrides for any enabled rule. These methods override the config declared methods
204
300
 
205
301
  Raises:
206
302
  PangeaAPIException: If an API Error happens
@@ -227,5 +323,29 @@ class Redact(ServiceBase):
227
323
  rules=rules,
228
324
  rulesets=rulesets,
229
325
  return_result=return_result,
326
+ redaction_method_overrides=redaction_method_overrides,
230
327
  )
231
- return self.request.post("v1/redact_structured", StructuredResult, data=input.dict(exclude_none=True))
328
+ return self.request.post("v1/redact_structured", StructuredResult, data=input.model_dump(exclude_none=True))
329
+
330
+ def unredact(self, redacted_data: RedactedData, fpe_context: str) -> PangeaResponse[UnredactResult]:
331
+ """
332
+ Unredact
333
+
334
+ Decrypt or unredact fpe redactions
335
+
336
+ OperationId: redact_post_v1_unredact
337
+
338
+ Args:
339
+ redacted_data: Data to unredact
340
+ fpe_context (base64): FPE context used to decrypt and unredact data
341
+
342
+ Raises:
343
+ PangeaAPIException: If an API Error happens
344
+
345
+ Returns:
346
+ Pangea Response with redacted data in the response.result field,
347
+ available response fields can be found in our
348
+ [API Documentation](https://pangea.cloud/docs/api/redact#unredact)
349
+ """
350
+ input = UnredactRequest(redacted_data=redacted_data, fpe_context=fpe_context)
351
+ return self.request.post("v1/unredact", UnredactResult, data=input.model_dump(exclude_none=True))
@@ -1,10 +1,10 @@
1
1
  # Copyright 2022 Pangea Cyber Corporation
2
2
  # Author: Pangea Cyber Corporation
3
- import datetime
3
+
4
4
  import enum
5
5
  from typing import Dict, Generic, List, NewType, Optional, TypeVar, Union
6
6
 
7
- from pangea.response import APIRequestModel, PangeaResponseResult
7
+ from pangea.response import APIRequestModel, PangeaDateTime, PangeaResponseResult
8
8
 
9
9
  # EncodedPublicKey is a PEM public key, with no further encoding (i.e. no base64)
10
10
  # It may be used for example in openssh with no further processing
@@ -22,6 +22,8 @@ class KeyPurpose(str, enum.Enum):
22
22
  SIGNING = "signing"
23
23
  ENCRYPTION = "encryption"
24
24
  JWT = "jwt"
25
+ FPE = "fpe"
26
+ """Format-preserving encryption."""
25
27
 
26
28
  def __str__(self):
27
29
  return str(self.value)
@@ -84,6 +86,11 @@ class SymmetricAlgorithm(str, enum.Enum):
84
86
  AES128_CBC = "AES-CBC-128"
85
87
  AES256_CBC = "AES-CBC-256"
86
88
  AES = "AES-CFB-128" # deprecated, use AES128_CFB instead
89
+ AES128_FF3_1_BETA = "AES-FF3-1-128-BETA"
90
+ """128-bit encryption using the FF3-1 algorithm."""
91
+
92
+ AES256_FF3_1_BETA = "AES-FF3-1-256-BETA"
93
+ """256-bit encryption using the FF3-1 algorithm."""
87
94
 
88
95
  def __str__(self):
89
96
  return str(self.value)
@@ -174,7 +181,7 @@ class CommonStoreRequest(APIRequestModel):
174
181
  tags: Optional[Tags] = None
175
182
  rotation_frequency: Optional[str] = None
176
183
  rotation_state: Optional[ItemVersionState] = None
177
- expiration: Optional[datetime.datetime] = None
184
+ expiration: Optional[PangeaDateTime] = None
178
185
 
179
186
 
180
187
  class CommonStoreResult(PangeaResponseResult):
@@ -191,7 +198,7 @@ class CommonGenerateRequest(APIRequestModel):
191
198
  tags: Optional[Tags] = None
192
199
  rotation_frequency: Optional[str] = None
193
200
  rotation_state: Optional[ItemVersionState] = None
194
- expiration: Optional[datetime.datetime] = None
201
+ expiration: Optional[PangeaDateTime] = None
195
202
 
196
203
 
197
204
  class CommonGenerateResult(PangeaResponseResult):
@@ -254,7 +261,7 @@ class ListItemData(ItemData):
254
261
  class ListResult(PangeaResponseResult):
255
262
  items: List[ListItemData] = []
256
263
  count: int
257
- last: Optional[str]
264
+ last: Optional[str] = None
258
265
 
259
266
 
260
267
  class ListRequest(APIRequestModel):
@@ -305,7 +312,7 @@ class UpdateRequest(APIRequestModel):
305
312
  rotation_frequency: Optional[str] = None
306
313
  rotation_state: Optional[ItemVersionState] = None
307
314
  rotation_grace_period: Optional[str] = None
308
- expiration: Optional[datetime.datetime] = None
315
+ expiration: Optional[PangeaDateTime] = None
309
316
  item_state: Optional[ItemState] = None
310
317
 
311
318
 
@@ -427,3 +434,111 @@ class EncryptStructuredResult(PangeaResponseResult, Generic[TDict]):
427
434
 
428
435
  structured_data: TDict
429
436
  """Encrypted structured data."""
437
+
438
+
439
+ class TransformAlphabet(str, enum.Enum):
440
+ """Set of characters to use for format-preserving encryption (FPE)."""
441
+
442
+ NUMERIC = "numeric"
443
+ """Numeric (0-9)."""
444
+
445
+ ALPHA_LOWER = "alphalower"
446
+ """Lowercase alphabet (a-z)."""
447
+
448
+ ALPHA_UPPER = "alphaupper"
449
+ """Uppercase alphabet (A-Z)."""
450
+
451
+ ALPHANUMERIC_LOWER = "alphanumericlower"
452
+ """Lowercase alphabet with numbers (a-z, 0-9)."""
453
+
454
+ ALPHANUMERIC_UPPER = "alphanumericupper"
455
+ """Uppercase alphabet with numbers (A-Z, 0-9)."""
456
+
457
+ ALPHANUMERIC = "alphanumeric"
458
+ """Alphanumeric (a-z, A-Z, 0-9)."""
459
+
460
+ def __str__(self) -> str:
461
+ return str(self.value)
462
+
463
+ def __repr__(self) -> str:
464
+ return str(self.value)
465
+
466
+
467
+ class EncryptTransformRequest(APIRequestModel):
468
+ id: str
469
+ """The item ID."""
470
+
471
+ plain_text: str
472
+ """A message to be encrypted."""
473
+
474
+ alphabet: TransformAlphabet
475
+ """Set of characters to use for format-preserving encryption (FPE)."""
476
+
477
+ tweak: Optional[str] = None
478
+ """
479
+ User provided tweak string. If not provided, a random string will be
480
+ generated and returned. The user must securely store the tweak source which
481
+ will be needed to decrypt the data.
482
+ """
483
+
484
+ version: Optional[int] = None
485
+ """The item version."""
486
+
487
+
488
+ class EncryptTransformResult(PangeaResponseResult):
489
+ id: str
490
+ """The item ID."""
491
+
492
+ version: int
493
+ """The item version."""
494
+
495
+ algorithm: str
496
+ """The algorithm of the key."""
497
+
498
+ cipher_text: str
499
+ """The encrypted message."""
500
+
501
+ tweak: str
502
+ """
503
+ User provided tweak string. If not provided, a random string will be
504
+ generated and returned. The user must securely store the tweak source which
505
+ will be needed to decrypt the data.
506
+ """
507
+
508
+ alphabet: str
509
+ """Set of characters to use for format-preserving encryption (FPE)."""
510
+
511
+
512
+ class DecryptTransformRequest(APIRequestModel):
513
+ id: str
514
+ """The item ID."""
515
+
516
+ cipher_text: str
517
+ """A message encrypted by Vault."""
518
+
519
+ tweak: str
520
+ """
521
+ User provided tweak string. If not provided, a random string will be
522
+ generated and returned. The user must securely store the tweak source which
523
+ will be needed to decrypt the data.
524
+ """
525
+
526
+ alphabet: TransformAlphabet
527
+ """Set of characters to use for format-preserving encryption (FPE)."""
528
+
529
+ version: Optional[int] = None
530
+ """The item version."""
531
+
532
+
533
+ class DecryptTransformResult(PangeaResponseResult):
534
+ id: str
535
+ """The item ID."""
536
+
537
+ version: int
538
+ """The item version."""
539
+
540
+ algorithm: str
541
+ """The algorithm of the key."""
542
+
543
+ plain_text: str
544
+ """Decrypted message."""
@@ -39,7 +39,7 @@ class EncryptRequest(APIRequestModel):
39
39
  id: str
40
40
  plain_text: str
41
41
  version: Optional[int] = None
42
- additional_data: Optional[str]
42
+ additional_data: Optional[str] = None
43
43
 
44
44
 
45
45
  class EncryptResult(PangeaResponseResult):
@@ -53,7 +53,7 @@ class DecryptRequest(APIRequestModel):
53
53
  id: str
54
54
  cipher_text: str
55
55
  version: Optional[int] = None
56
- additional_data: Optional[str]
56
+ additional_data: Optional[str] = None
57
57
 
58
58
 
59
59
  class DecryptResult(PangeaResponseResult):