pytest-nhsd-apim 3.3.15__py3-none-any.whl → 3.4.1__py3-none-any.whl

pytest_nhsd_apim/apigee_apis.py

@@ -476,7 +476,7 @@ class DeveloperAppsAPI:
         resp = self.client.delete(url=url)
         if resp.status_code != 200:
             raise Exception(
-                f"GET request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+                f"DELETE request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
             )
         return resp.json()
 
@@ -1241,11 +1241,218 @@ class UserRolesAPI:
 
 
 class AppKeysAPI:
+    """
+    Manage consumer credentials for apps associated with individual developers.
+
+    Credential pairs consisting of consumer key and consumer secret are provisioned
+    by Apigee Edge to apps for specific API products. Apigee Edge maintains the
+    relationship between consumer keys and API products, enabling API products to be
+    added to and removed from consumer keys. A single consumer key can be used to
+    access multiple API products. Keys may be manually or automatically approved for
+    API products--how they are issued depends on the API product configuration. A key
+    must approved and approved for an API product to be capable of accessing any of
+    the URIs defined in the API product.
+    """
+
     def __init__(self, client: RestClient) -> None:
         self.client = client
-        raise NotImplementedError(
-            f"Ugh! this is awkward, this API is not available yet...feel free to give us a shout or to open a PR https://github.com/NHSDigital/pytest-nhsd-apim/blob/0cf274850a8fe61e17f214380496ba09fd6cc973/src/pytest_nhsd_apim/apigee_apis.py#L1142"
-        )
+
+    def create_app_key(self, email: str, app_name: str, body: dict) -> "dict":
+        """
+        Creates a custom consumer key and secret for a developer app.
+        This is particularly useful if you want to migrate existing consumer
+        keys/secrets to Edge from another system.
+
+        After creating the consumer key and secret, associate the key with an
+        API product, as described in Add API Product to Key.
+
+        Consumer keys and secrets can contain letters, numbers, underscores,
+        and hyphens. No other special characters are allowed.
+
+        Note: Be aware of the following size limits on API keys. By staying
+        within these limits, you help avoid service disruptions.
+
+        - Consumer key (API key) size: 2 KB
+
+        - Consumer secret size: 2 KB
+
+        If a consumer key and secret already exist, you can either keep them
+        or delete them, as described in Delete Key for a Developer App.
+
+        In addition, you can use this API if you have existing API keys and
+        secrets that you want to copy into Edge from another system. For more
+        information, see Import existing consumer keys and secrets.
+        """
+
+        resource = f"/developers/{email}/apps/{app_name}/keys/create"
+        url = f"{self.client.base_url}{resource}"
+        resp = self.client.post(url=url, json=body)
+        if resp.status_code != 201:
+            raise Exception(
+                f"POST request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+            )
+        return resp.json()
+    
+    def delete_app_key(self, email: str, app_name: str, app_key: str) -> None:
+        """
+        Deletes a consumer key that belongs to an app, and removes all API products
+        associated with the app. Once deleted, the consumer key cannot be used
+        to access any APIs.
+
+        After you delete a consumer key, you may want to:
+
+        - Create a new consumer key and secret for the developer app, and
+          subsequently add an API product to the key.
+
+        - Delete the developer app, if it is no longer required.
+        """
+
+        resource = f"/developers/{email}/apps/{app_name}/keys/{app_key}"
+        url = f"{self.client.base_url}{resource}"
+        resp = self.client.delete(url=url)
+        if resp.status_code != 200:
+            raise Exception(
+                f"DELETE request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+            )
+        return resp.json()
+    
+    def get_app_key(self, email: str, app_name: str, key: str, **query_params) -> "list[str]":
+        """
+        Gets details for a consumer key for a developer app, including the key
+        and secret value, associated API products, and other information.
+        """
+
+        params = query_params
+        resource = f"/developers/{email}/apps/{app_name}/keys/{key}"
+        url = f"{self.client.base_url}{resource}"
+        resp = self.client.get(url=url, params=params)
+        if resp.status_code != 200:
+            raise Exception(
+                f"GET request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+            )
+        return resp.json()
+
+    def post_app_key(self, email: str, app_name: str, key: str, body: dict, **query_params) -> "dict":
+        """
+        Enables you to perform one of the following tasks:
+
+        - Add an API product to a developer app key, enabling the app that holds
+          the key to access the API resources bundled in the API product. You can
+          also use this API to add attributes to the key. You must include all existing
+          attributes, whether or not you are updating them, as well as any new attributes
+          that you are adding. After adding the API product, you can use the same key
+          to access all API products associated with the app.
+
+        - Approve or revoke a specific consumer key for an app. Call the API with the
+          action query parameter set to approve or revoke (with no request body) and
+          set the Content-type header to application/octet-stream. If successful, the HTTP
+          status code for success is: 204 No Content
+
+        - You can approve a consumer key that is currently revoked or pending. Once
+          approved, the app can use the consumer key to access APIs. Revoking a consumer
+          key renders it unusable for the app to use to access an API.
+
+        - Note: Any access tokens associated with a revoked app key will remain active.
+          However, Apigee Edge checks the status of the app key and if set to revoked it
+          will not allow API calls to go through.
+        """
+
+        resource = f"/developers/{email}/apps/{app_name}/keys/{key}"
+        url = f"{self.client.base_url}{resource}"
+        resp = self.client.post(url=url, json=body, params=query_params)
+        if resp.status_code != 200 and resp.status_code != 204:
+            raise Exception(
+                f"POST request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+            )
+        if resp.status_code == 204:
+            return resp
+        else:
+            return resp.json()
+
+    def put_app_key(self, email: str, app_name: str, key: str, body: dict) -> "dict":
+        """
+        Updates the allowed OAuth scopes associated with an app.
+
+        Note: Specify the complete list of scopes to apply. The specified list replaces
+        the existing scopes on the app. Therefore, to add a scope, you must specify all
+        of the existing scopes along with the added scope.
+
+        This API does not change the list of scopes in the API product(s) included in
+        the app; rather, it sets allowed list of scopes in the scopes element under the
+        apiProducts element in the attributes of the app.
+
+        Important: The specified scopes must already exist on the API product(s)
+        associated with the app. You can't arbitrarily add a scope that does not already
+        exist in an API product. For example, if the app has one API product with these
+        scopes: READ, WRITE. You can't use this API to add a new scope, such as DELETE
+        (unless the app has another product with that scope). If you do this, you'll get
+        a 400 Bad Request error. For example:
+
+        {
+          "code": "keymanagement.service.InvalidScopes",
+          "message": "Invalid scopes. Scopes must be contained in [READ, WRITE]",
+          "contexts": []
+
+        }
+
+        It would be allowed to remove one or both of the existing scopes, and later add
+        one or both back.
+        """
+
+        resource = f"/developers/{email}/apps/{app_name}/keys/{key}"
+        url = f"{self.client.base_url}{resource}"
+        resp = self.client.put(url=url, json=body)
+        if resp.status_code != 200:
+            raise Exception(
+                f"PUT request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+            )
+        return resp.json()
+    
+    def delete_product_app_key_association(self, email: str, app_name: str, app_key: str, apiproduct_name: str) -> None:
+        """
+        Removes an API product from an app's consumer key, and thereby renders the app
+        unable to access the API resources defined in that API product.
+
+        Note that the consumer key itself still exists after this call. Only the
+        association of the key with the API product is removed.
+        """
+
+        resource = f"/developers/{email}/apps/{app_name}/keys/{app_key}/apiproducts/{apiproduct_name}"
+        url = f"{self.client.base_url}{resource}"
+        resp = self.client.delete(url=url)
+        if resp.status_code != 200:
+            raise Exception(
+                f"DELETE request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+            )
+        return resp.json()
+
+    def post_product_app_key_association(self, email: str, app_name: str, key: str, apiproduct_name: str, **query_params) -> "dict":
+        """
+        Approves or revokes an API product for an API key. Call the API with the action
+        query parameter set to approve or revoke (with no request body) and set the
+        Content-type header to application/octet-stream. If successful, the HTTP status
+        code for success is: 204 No Content
+
+        To consume API resources defined in an API product, an app's consumer key must
+        be approved and it must also be approved for that specific API product.
+
+        Notes:
+
+        - The API product must already be associated with the app.
+
+        - Any access tokens associated with a revoked app key will remain active. However,
+          Apigee Edge checks the status of the app key and if set to revoked it will not
+          allow API calls to go through.
+        """
+
+        resource = f"/developers/{email}/apps/{app_name}/keys/{key}/apiproducts/{apiproduct_name}"
+        url = f"{self.client.base_url}{resource}"
+        resp = self.client.post(url=url, params=query_params)
+        if resp.status_code != 204:
+            raise Exception(
+                f"POST request to {resp.url} failed with status_code: {resp.status_code}, Reason: {resp.reason} and Content: {resp.text}"
+            )
+        return resp   
 
 
 class UsersAPI:

pytest_nhsd_apim/apigee_edge.py

@@ -18,6 +18,7 @@ from .log import log, log_method
 from .apigee_apis import (
     ApigeeNonProdCredentials,
     ApigeeClient,
+    AppKeysAPI,
     DebugSessionsAPI,
     AccessTokensAPI,
     ApiProductsAPI,
@@ -583,3 +584,13 @@ def developer_apps_api():
     config = ApigeeNonProdCredentials()
     client = ApigeeClient(config=config)
     return DeveloperAppsAPI(client=client)
+
+@pytest.fixture(scope="session")
+@log_method
+def developer_app_keys_api():
+    """
+    Authenitcated wrapper for Apigee's developer app keys API
+    """
+    config = ApigeeNonProdCredentials()
+    client = ApigeeClient(config=config)
+    return AppKeysAPI(client=client)

pytest_nhsd_apim/pytest_nhsd_apim.py

@@ -48,7 +48,8 @@ from .apigee_edge import (
     trace,
     products_api,
     access_token_api,
-    developer_apps_api
+    developer_apps_api,
+    developer_app_keys_api
 )
 from .auth_journey import (
     _jwt_keys,

{pytest_nhsd_apim-3.3.15.dist-info → pytest_nhsd_apim-3.4.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pytest-nhsd-apim
-Version: 3.3.15
+Version: 3.4.1
 Summary: Pytest plugin accessing NHSDigital's APIM proxies
 Home-page: https://github.com/NHSDigital/pytest-nhsd-apim
 Author: Adrian Ciobanita
@@ -11,7 +11,7 @@ License: MIT
 Classifier: Framework :: Pytest
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
-Requires-Dist: Authlib (==0.15.5)
+Requires-Dist: Authlib (==1.3.1)
 Requires-Dist: cryptography (==42.0.0)
 Requires-Dist: lxml (==4.9.1)
 Requires-Dist: pycryptodome (==3.20.0)
@@ -99,6 +99,7 @@ The APIs we offer at the moment are:
 | ApiProductsAPI  | [here](/src/pytest_nhsd_apim/apigee_apis.py#L575)  |[Overview](https://apidocs.apigee.com/docs/api-products/1/overview)|
 | DebugSessionsAPI  | [here](/src/pytest_nhsd_apim/apigee_apis.py#L844)  |[Overview](https://apidocs.apigee.com/docs/debug-sessions/1/overview)|
 | AccessTokensAPI  | [here](/src/pytest_nhsd_apim/apigee_apis.py#L983)  |[Overview](https://apidocs.apigee.com/docs/oauth-20-access-tokens/1/overview)|
+| AppKeysAPI  | [here](/src/pytest_nhsd_apim/apigee_apis.py#L1243)  |[Overview](https://apidocs.apigee.com/docs/developer-app-keys/1/overview)|
 
 For a more detailed implementation of the available APIs please refer to the tests [here](/tests/test_apigee_apis.py).
 We will keep adding APIs with time, if you are looking for a particular APIs not listed above please feel free to open a pull request and send it to us.

pytest_nhsd_apim-3.4.1.dist-info/RECORD

@@ -0,0 +1,16 @@
+pytest_nhsd_apim/__init__.py,sha256=CRwQfUDrbXIqvJX6OfTR4jGdhlU9kjGmBAptJasRg7E,72
+pytest_nhsd_apim/apigee_apis.py,sha256=tcAo254Mvx__qAX7Focb-6855eTLWL2TUsna1vT6Eow,67284
+pytest_nhsd_apim/apigee_edge.py,sha256=NQrW8PeA_-X4zt2torTmBOaFIzRKjh6pT1ksolNjpmA,19065
+pytest_nhsd_apim/auth_journey.py,sha256=UovbLXhokUnikrMOaXIhjV8t5aRrcxinAbS96nfZWcY,5154
+pytest_nhsd_apim/config.py,sha256=ScKfV8iURqDXX2ajgGsRDcVn9RZy2DxLoEU2QQt9lmA,4246
+pytest_nhsd_apim/identity_service.py,sha256=HrXfSm0dIFg51LBng_nf2iIGlOcwzV_J1vA4agm_Ne4,19766
+pytest_nhsd_apim/log.py,sha256=8gYHqzlQM546FB2XvFmLTk1YfZRNeNhIwLmOy0GScr8,2685
+pytest_nhsd_apim/nhsd_apim_authorization.py,sha256=TE_6YnoM7kpRReiZP6-Z52rRs9bUuax1mpXqkbzg8zQ,3505
+pytest_nhsd_apim/pytest_nhsd_apim.py,sha256=ZCItUqcM23CCmcRyGU8bEwI3vJnNcGdoOlbSfvYILR8,5242
+pytest_nhsd_apim/secrets.py,sha256=yIYwOZwpliIomtqSJGIYRbAE2HYvLvQU4W2kOa9TnXo,2354
+pytest_nhsd_apim/token_cache.py,sha256=6L08taTlSyRsx2NCb0LSGsHdWx_wmqwlFtcF7pZMhUg,3540
+pytest_nhsd_apim-3.4.1.dist-info/METADATA,sha256=XbxWjUsREhPEjML0PHDDJIG2v2YNQER3-kmxmYmxNps,4660
+pytest_nhsd_apim-3.4.1.dist-info/WHEEL,sha256=2wepM1nk4DS4eFpYrW1TTqPcoGNfHhhO_i5m4cOimbo,92
+pytest_nhsd_apim-3.4.1.dist-info/entry_points.txt,sha256=XWicT3meTpqLXnZcXNoAd2IfXspFPlNgMgLBMy4nqwQ,57
+pytest_nhsd_apim-3.4.1.dist-info/top_level.txt,sha256=ZK5GZP-g_K8gNfm4a58T9JCRb0i1X267ngvNelCGgfQ,17
+pytest_nhsd_apim-3.4.1.dist-info/RECORD,,

pytest_nhsd_apim-3.3.15.dist-info/RECORD

@@ -1,16 +0,0 @@
-pytest_nhsd_apim/__init__.py,sha256=CRwQfUDrbXIqvJX6OfTR4jGdhlU9kjGmBAptJasRg7E,72
-pytest_nhsd_apim/apigee_apis.py,sha256=nVarxYSD1TIjCduBQyW8LIODyPk76xpELXD2lhyWLHc,57427
-pytest_nhsd_apim/apigee_edge.py,sha256=sIITiwkyKoNVDJ9OmnxV3mipF6LJR0w2qpmvT5Mwr1M,18777
-pytest_nhsd_apim/auth_journey.py,sha256=UovbLXhokUnikrMOaXIhjV8t5aRrcxinAbS96nfZWcY,5154
-pytest_nhsd_apim/config.py,sha256=ScKfV8iURqDXX2ajgGsRDcVn9RZy2DxLoEU2QQt9lmA,4246
-pytest_nhsd_apim/identity_service.py,sha256=HrXfSm0dIFg51LBng_nf2iIGlOcwzV_J1vA4agm_Ne4,19766
-pytest_nhsd_apim/log.py,sha256=8gYHqzlQM546FB2XvFmLTk1YfZRNeNhIwLmOy0GScr8,2685
-pytest_nhsd_apim/nhsd_apim_authorization.py,sha256=TE_6YnoM7kpRReiZP6-Z52rRs9bUuax1mpXqkbzg8zQ,3505
-pytest_nhsd_apim/pytest_nhsd_apim.py,sha256=_snJGTUVsHA70FGrKNNXjx9yNc_UjO1Ffhw0SLQtYUs,5214
-pytest_nhsd_apim/secrets.py,sha256=yIYwOZwpliIomtqSJGIYRbAE2HYvLvQU4W2kOa9TnXo,2354
-pytest_nhsd_apim/token_cache.py,sha256=6L08taTlSyRsx2NCb0LSGsHdWx_wmqwlFtcF7pZMhUg,3540
-pytest_nhsd_apim-3.3.15.dist-info/METADATA,sha256=y8LIwibo_Ulh9ouBI3RFahR7U7k1xIHnd9h7v_DvDI8,4518
-pytest_nhsd_apim-3.3.15.dist-info/WHEEL,sha256=2wepM1nk4DS4eFpYrW1TTqPcoGNfHhhO_i5m4cOimbo,92
-pytest_nhsd_apim-3.3.15.dist-info/entry_points.txt,sha256=XWicT3meTpqLXnZcXNoAd2IfXspFPlNgMgLBMy4nqwQ,57
-pytest_nhsd_apim-3.3.15.dist-info/top_level.txt,sha256=ZK5GZP-g_K8gNfm4a58T9JCRb0i1X267ngvNelCGgfQ,17
-pytest_nhsd_apim-3.3.15.dist-info/RECORD,,