scalekit-sdk-python 2.2.2__tar.gz → 2.3.0__tar.gz

{scalekit_sdk_python-2.2.2/scalekit_sdk_python.egg-info → scalekit_sdk_python-2.3.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scalekit-sdk-python
-Version: 2.2.2
+Version: 2.3.0
 Summary: Scalekit official Python SDK
 Home-page: https://github.com/scalekit-inc/scalekit-sdk-python
 Author: Team Scalekit

{scalekit_sdk_python-2.2.2 → scalekit_sdk_python-2.3.0}/scalekit/client.py

@@ -16,14 +16,18 @@ from scalekit.organization import OrganizationClient
 from scalekit.directory import DirectoryClient
 from scalekit.users import UserClient
 from scalekit.role import RoleClient
+from scalekit.passwordless import PasswordlessClient
 from scalekit.common.scalekit import (
     AuthorizationUrlOptions,
     CodeAuthenticationOptions,
     GrantType,
     IdpInitiatedLoginClaims,
     LogoutUrlOptions,
+    TokenValidationOptions,
 )
 from scalekit.constants.user import id_token_claim_to_user_map
+from scalekit.common.exceptions import (WebhookVerificationError,
+                                        ScalekitValidateTokenFailureException)
 
 AUTHORIZE_ENDPOINT = "oauth/authorize"
 LOGOUT_ENDPOINT = "oidc/logout" 
@@ -31,10 +35,6 @@ webhook_tolerance_in_seconds = timedelta(minutes=5)
 webhook_signature_version = "v1"
 
 
-class WebhookVerificationError(Exception):
-    pass
-
-
 class ScalekitClient:
     """ Class definition for scalekit client """
 
@@ -54,8 +54,7 @@ class ScalekitClient:
         """
         try:
             self.core_client = CoreClient(
-                env_url=env_url, client_id=client_id, client_secret=client_secret
-            )
+                env_url=env_url, client_id=client_id, client_secret=client_secret)
             self.domain = DomainClient(self.core_client)
             self.connection = ConnectionClient(self.core_client)
             self.organization = OrganizationClient(self.core_client)
@@ -63,6 +62,7 @@ class ScalekitClient:
             self.m2m_client = M2MClient(self.core_client)
             self.users = UserClient(self.core_client)
             self.roles = RoleClient(self.core_client)
+            self.passwordless = PasswordlessClient(self.core_client)
         except Exception as exp:
             raise exp
 
@@ -140,7 +140,7 @@ class ScalekitClient:
             access_token = response["access_token"]
             refresh_token = response.get("refresh_token")
             # Validate id_token
-            claims = self.__validate_token(id_token, {"verify_aud": False})
+            claims = self.__validate_token(id_token, options=None)
             user = {}
             amr_claims = claims.get('amr', [])
             connection_id = amr_claims[0] if amr_claims else None
@@ -158,21 +158,25 @@ class ScalekitClient:
                 "organization_id": organization_id
             }
 
+        except jwt.exceptions.InvalidTokenError as exp:
+            raise ScalekitValidateTokenFailureException(exp)
         except Exception as exp:
             raise exp
 
-    def validate_access_token(self, token: str, options: Optional[Dict] = None, audience = None) -> bool:
+    def validate_access_token(self, token: str, options: Optional[TokenValidationOptions] = None, audience = None) -> bool:
         """
         Method to validate access token
 
         :param token : access token
         :type        : ``` str ```
+        :param options : Optional validation options for issuer, audience, and scopes
+        :type        : ``` TokenValidationOptions ```
+        :param audience : audience for validation (deprecated, use options.audience instead)
+        :type        : ``` str ```
 
         :returns:
             bool
         """
-        options = options if options else {}
-        options["verify_aud"] = False if not audience else True
         try:
             self.__validate_token(token, options=options, audience=audience)
             return True
@@ -205,59 +209,131 @@ class ScalekitClient:
         except Exception as exp:
             raise exp
 
-    def validate_access_token_and_get_claims(self, token: str, options: Optional[Dict] = None, audience = None) -> Dict[str, Any]:
+    def validate_access_token_and_get_claims(self, token: str, options: Optional[TokenValidationOptions] = None, audience = None) -> Dict[str, Any]:
         """
         Method to validate access token and get claims
 
         :param token : access token
         :type        : ``` str ```
+        :param options : Optional validation options for issuer, audience, and scopes
+        :type        : ``` TokenValidationOptions ```
+        :param audience : audience for validation (deprecated, use options.audience instead)
+        :type        : ``` str ```
 
         :returns:
             claims
         """
-
-        options = options if options else {}
-        options["verify_aud"] = False if not audience else True
         
         try:
             claims = self.__validate_token(token, options=options, audience=audience)
             return claims
+        except jwt.exceptions.InvalidTokenError as exp:
+            raise ScalekitValidateTokenFailureException(exp)
         except Exception as exp:
-            raise exp        
+            raise exp
 
-    def get_idp_initiated_login_claims(self, idp_initiated_login_token: str) -> IdpInitiatedLoginClaims:
+    def get_idp_initiated_login_claims(self, idp_initiated_login_token: str, options: Optional[TokenValidationOptions] = None, audience = None) -> IdpInitiatedLoginClaims:
         """
         Method to get IDP initiated login claims
 
         :param idp_initiated_login_token : IDP initiated login token
         :type        : ``` str ```
+        :param options : Optional validation options for issuer and audience
+        :type        : ``` TokenValidationOptions ```
+        :param audience : audience for validation (deprecated, use options.audience instead)
+        :type        : ``` str ```
 
         :returns:
             ``` IdpInitiatedLoginClaims ```
         """
         try:
-            claims = self.__validate_token(idp_initiated_login_token, {"verify_aud": False})
+            claims = self.__validate_token(idp_initiated_login_token, options=options, audience=audience)
             return claims
+        except jwt.exceptions.InvalidTokenError as exp:
+            raise ScalekitValidateTokenFailureException(exp)
         except Exception as exp:
             raise exp
 
     def __validate_token(
-        self, token: str, options: Optional[Dict] = None, audience: Optional[str] = None
+        self, token: str, options: Optional[TokenValidationOptions] = None, audience: Optional[str] = None
     ) -> Dict[str, Any]:
         """
         Method to validate token
 
         :param token : token
         :type        : ``` str ```
+        :param options : validation options for issuer, audience, and scopes
+        :type        : ``` TokenValidationOptions ```
+        :param audience : audience for validation
+        :type        : ``` str ```
 
         :returns:
             payload
         """
+        # Convert TokenValidationOptions to jwt decode options if provided
+        jwt_options = {}
+        if options:
+            if options.issuer:
+                jwt_options["issuer"] = options.issuer
+            if options.audience:
+                jwt_options["audience"] = options.audience
+                jwt_options["verify_aud"] = True
+            elif audience is not None:
+                jwt_options["audience"] = [audience]
+                jwt_options["verify_aud"] = True
+            else:
+                jwt_options["verify_aud"] = False
+        
         self.core_client.get_jwks()
         kid = jwt.get_unverified_header(token)["kid"]
         key = self.core_client.keys[kid]
 
-        return jwt.decode(token, key=key, algorithms="RS256", options=options, audience=audience)
+        payload = jwt.decode(token, key=key, algorithms="RS256", options=jwt_options)
+        
+        # Validate scopes if required
+        if options and options.required_scopes:
+            self.verify_scopes(token, options.required_scopes)
+        
+        return payload
+
+
+
+    def verify_scopes(self, token: str, required_scopes: list[str]) -> bool:
+        """
+        Verify that the token contains the required scopes
+
+        :param token : The token to verify
+        :type        : ``` str ```
+        :param required_scopes : The scopes that must be present in the token
+        :type        : ``` list[str] ```
+
+        :returns:
+            bool: Returns True if all required scopes are present
+        :raises:
+            Error: If required scopes are missing, with details about which scopes are missing
+        """
+        payload = jwt.decode(token, options={"verify_signature": False})
+        scopes = self.__extract_scopes_from_payload(payload)
+        
+        missing_scopes = [scope for scope in required_scopes if scope not in scopes]
+        
+        if missing_scopes:
+            raise ScalekitValidateTokenFailureException(f"Token missing required scopes: {', '.join(missing_scopes)}")
+        
+        return True
+
+    def __extract_scopes_from_payload(self, payload: Dict[str, Any]) -> list[str]:
+        """
+        Extract scopes from token payload
+
+        :param payload : The token payload
+        :type        : ``` Dict[str, Any] ```
+
+        :returns:
+            list[str]: Array of scopes found in the token
+        """
+        scopes = payload.get("scopes", [])
+        return [scope for scope in scopes if scope and scope.strip()]
 
     def verify_webhook_payload(self, secret: str, headers: Dict[str, str], payload: [str | bytes]) -> bool:
         """
@@ -334,10 +410,10 @@ class ScalekitClient:
             raise WebhookVerificationError("Invalid Signature Headers")
 
         if timestamp < (now - webhook_tolerance_in_seconds):
-            raise Exception("Message timestamp too old")
+            raise WebhookVerificationError("Message timestamp too old")
 
         if timestamp > (now + webhook_tolerance_in_seconds):
-            raise Exception("Message timestamp too new")
+            raise WebhookVerificationError("Message timestamp too new")
 
         return timestamp
 

scalekit_sdk_python-2.3.0/scalekit/common/exceptions.py

@@ -0,0 +1,260 @@
+
+import grpc
+from grpc import StatusCode
+from http import HTTPStatus
+from grpc_status import rpc_status
+from requests.models import Response
+from scalekit.v1.errdetails.errdetails_pb2 import ErrorInfo
+
+
+GRPC_TO_HTTP = {
+    StatusCode.OK: HTTPStatus.OK,
+    StatusCode.INVALID_ARGUMENT: HTTPStatus.BAD_REQUEST,
+    StatusCode.FAILED_PRECONDITION: HTTPStatus.BAD_REQUEST,
+    StatusCode.OUT_OF_RANGE: HTTPStatus.BAD_REQUEST,
+    StatusCode.UNAUTHENTICATED: HTTPStatus.UNAUTHORIZED,
+    StatusCode.PERMISSION_DENIED: HTTPStatus.FORBIDDEN,
+    StatusCode.NOT_FOUND: HTTPStatus.NOT_FOUND,
+    StatusCode.ALREADY_EXISTS: HTTPStatus.CONFLICT,
+    StatusCode.ABORTED: HTTPStatus.CONFLICT,
+    StatusCode.RESOURCE_EXHAUSTED: HTTPStatus.TOO_MANY_REQUESTS,
+    StatusCode.CANCELLED: 499,
+    StatusCode.DATA_LOSS: HTTPStatus.INTERNAL_SERVER_ERROR,
+    StatusCode.UNKNOWN: HTTPStatus.INTERNAL_SERVER_ERROR,
+    StatusCode.INTERNAL: HTTPStatus.INTERNAL_SERVER_ERROR,
+    StatusCode.UNIMPLEMENTED: HTTPStatus.NOT_IMPLEMENTED,
+    StatusCode.UNAVAILABLE: HTTPStatus.SERVICE_UNAVAILABLE,
+    StatusCode.DEADLINE_EXCEEDED: HTTPStatus.GATEWAY_TIMEOUT,
+}
+
+HTTP_TO_GRPC = {
+    HTTPStatus.OK: StatusCode.OK,
+    HTTPStatus.BAD_REQUEST: StatusCode.INVALID_ARGUMENT,
+    HTTPStatus.UNAUTHORIZED: StatusCode.UNAUTHENTICATED,
+    HTTPStatus.FORBIDDEN: StatusCode.PERMISSION_DENIED,
+    HTTPStatus.NOT_FOUND: StatusCode.NOT_FOUND,
+    HTTPStatus.CONFLICT: StatusCode.ALREADY_EXISTS,
+    HTTPStatus.TOO_MANY_REQUESTS: StatusCode.RESOURCE_EXHAUSTED,
+    HTTPStatus.INTERNAL_SERVER_ERROR: StatusCode.INTERNAL,
+    HTTPStatus.NOT_IMPLEMENTED: StatusCode.UNIMPLEMENTED,
+    HTTPStatus.SERVICE_UNAVAILABLE: StatusCode.UNAVAILABLE,
+    HTTPStatus.GATEWAY_TIMEOUT: StatusCode.DEADLINE_EXCEEDED,
+}
+
+
+HTTP_STATUS = {
+    'OK': HTTPStatus.OK,
+    'BAD_REQUEST': HTTPStatus.BAD_REQUEST,
+    'UNAUTHORIZED': HTTPStatus.UNAUTHORIZED,
+    'FORBIDDEN': HTTPStatus.FORBIDDEN,
+    'NOT_FOUND': HTTPStatus.NOT_FOUND,
+    'CONFLICT': HTTPStatus.CONFLICT,
+    'TOO_MANY_REQUESTS': HTTPStatus.TOO_MANY_REQUESTS,
+    'INTERNAL_SERVER_ERROR': HTTPStatus.INTERNAL_SERVER_ERROR,
+    'NOT_IMPLEMENTED': HTTPStatus.NOT_IMPLEMENTED,
+    'SERVICE_UNAVAILABLE': HTTPStatus.SERVICE_UNAVAILABLE,
+    'GATEWAY_TIMEOUT': HTTPStatus.GATEWAY_TIMEOUT,
+}
+
+
+class ScalekitException(Exception):
+    """ Base class for all scalekit exceptions """
+    def __init__(self, error):
+        super().__init__(error)
+
+
+class WebhookVerificationError(ScalekitException):
+    """ Exception raised for webhook verification failure """
+    def __init__(self, error):
+        super().__init__(error)
+
+
+class ScalekitValidateTokenFailureException(ScalekitException):
+    """ Exception raised for token validation failure """
+    def __init__(self, error):
+        super().__init__(error)
+
+
+class ScalekitServerException(ScalekitException):
+    """ Base class for all scalekit server exceptions """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+        self._unpacked_details = list()
+        if isinstance(error, Response):
+            if error.reason and isinstance(error.reason, str):
+                self._http_status = HTTP_STATUS.get(error.reason.upper(), HTTPStatus.INTERNAL_SERVER_ERROR)
+            else:
+                self._http_status = HTTP_STATUS.get('INTERNAL_SERVER_ERROR')
+            self._grpc_status = HTTP_TO_GRPC.get(error.status_code, StatusCode.UNKNOWN)
+            self._error_code = error.reason
+            self._err_details = error.text
+            self._message = None
+        elif isinstance(error, grpc.RpcError):
+            self._grpc_status = error.code()
+            self._http_status = GRPC_TO_HTTP.get(self._grpc_status)
+            self._message = rpc_status.from_call(error).message
+            self._err_details = rpc_status.from_call(error).details
+            self._error_code = None
+
+            for detail in self._err_details:
+                info = ErrorInfo()
+                detail.Unpack(info)
+                self._unpacked_details.append(info)
+                if not self._error_code:
+                    self._error_code = info.error_code
+
+    @staticmethod
+    def promote(error: Response | grpc.RpcError):
+        """ Promote a ScalekitServerException (Response or RpcError) to a specific error type """
+        grpc_status = HTTP_TO_GRPC.get(error.status_code) if isinstance(error, Response) else error.code()
+
+        if grpc_status == StatusCode.INVALID_ARGUMENT:
+            return ScalekitBadRequestException(error)
+        elif grpc_status == StatusCode.FAILED_PRECONDITION:
+            return ScalekitBadRequestException(error)
+        elif grpc_status == StatusCode.OUT_OF_RANGE:
+            return ScalekitBadRequestException(error)
+        elif grpc_status == StatusCode.UNAUTHENTICATED:
+            return ScalekitUnauthorizedException(error)
+        elif grpc_status == StatusCode.PERMISSION_DENIED:
+            return ScalekitForbiddenException(error)
+        elif grpc_status == StatusCode.NOT_FOUND:
+            return ScalekitNotFoundException(error)
+        elif grpc_status == StatusCode.ALREADY_EXISTS:
+            return ScalekitConflictException(error)
+        elif grpc_status == StatusCode.ABORTED:
+            return ScalekitConflictException(error)
+        elif grpc_status == StatusCode.RESOURCE_EXHAUSTED:
+            return ScalekitTooManyRequestsException(error)
+        elif grpc_status == StatusCode.CANCELLED:
+            return ScalekitCancelledException(error)
+        elif grpc_status == StatusCode.DATA_LOSS:
+            return ScalekitInternalServerException(error)
+        elif grpc_status == StatusCode.UNKNOWN:
+            return ScalekitInternalServerException(error)
+        elif grpc_status == StatusCode.INTERNAL:
+            return ScalekitInternalServerException(error)
+        elif grpc_status == StatusCode.UNIMPLEMENTED:
+            return ScalekitNotImplementedException(error)
+        elif grpc_status == StatusCode.UNAVAILABLE:
+            return ScalekitServiceUnavailableException(error)
+        elif grpc_status == StatusCode.DEADLINE_EXCEEDED:
+            return ScalekitGatewayTimeoutException(error)
+        else:
+            return ScalekitUnknownException(error)
+
+    def __str__(self):
+        if self._unpacked_details:
+            border = "=" * 40
+            details_str = str(self._unpacked_details)
+            if details_str.startswith("[") and "\n" in details_str:
+                details_str = details_str.replace("[", "[\n", 1)
+            return (f"\n{border}\n"
+                    f"Error Code: {self._error_code}\n"
+                    f"GRPC: ({self._grpc_status.name}: {self._grpc_status.value})\n"
+                    f"HTTP: ({self._http_status.name}: {self._http_status.value})\n"
+                    f"Error Details:\n"
+                    f"{self._message}: {details_str}\n{border}\n")
+        else:
+            border = "=" * 40
+            return (f"\n{border}\n"
+                    f"Error Code: {self._error_code}\n"
+                    f"GRPC: ({self._grpc_status.name}: {self._grpc_status.value})\n"
+                    f"HTTP: ({self._http_status.name}: {self._http_status.value})\n"
+                    f"Error Details: {self._err_details}\n{border}\n")
+
+    @property
+    def http_status(self):
+        """ Getter for HTTP status code """
+        return self._http_status
+
+    @property
+    def error_code(self):
+        """ Getter for Error code """
+        return self._error_code
+
+    @property
+    def err_details(self):
+        """ Getter for Error details object """
+        return self._err_details
+
+    @property
+    def grpc_status(self):
+        """ Getter for GRPC status code """
+        return self._grpc_status
+
+    @property
+    def message(self):
+        """ Getter for Exception message """
+        return self._message
+
+
+class ScalekitBadRequestException(ScalekitServerException):
+    """ Scalekit Exception raised for bad requests """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitUnauthorizedException(ScalekitServerException):
+    """ Scalekit Exception raised for unauthorized access """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitForbiddenException(ScalekitServerException):
+    """ Scalekit Exception raised for forbidden access """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitNotFoundException(ScalekitServerException):
+    """ Scalekit Exception raised when a resource is not found """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitConflictException(ScalekitServerException):
+    """ Scalekit Exception raised for conflicts, such as duplicate resources """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitTooManyRequestsException(ScalekitServerException):
+    """ Scalekit Exception raised when too many requests are made in a short time """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitInternalServerException(ScalekitServerException):
+    """ Scalekit Exception raised for internal server errors """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitNotImplementedException(ScalekitServerException):
+    """ Scalekit Exception raised when a feature is not implemented """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitServiceUnavailableException(ScalekitServerException):
+    """ Scalekit Exception raised when the service is unavailable """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitGatewayTimeoutException(ScalekitServerException):
+    """ Scalekit Exception raised when a gateway timeout occurs """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitCancelledException(ScalekitServerException):
+    """ Scalekit Exception raised when an operation is cancelled """
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)
+
+
+class ScalekitUnknownException(ScalekitServerException):
+    def __init__(self, error: Response | grpc.RpcError):
+        super().__init__(error)

{scalekit_sdk_python-2.2.2 → scalekit_sdk_python-2.3.0}/scalekit/common/scalekit.py

@@ -1,5 +1,5 @@
 from enum import Enum
-from typing import Optional
+from typing import Optional, List
 
 
 class GrantType(Enum):
@@ -71,4 +71,17 @@ class LogoutUrlOptions:
     ):
         self.id_token_hint = id_token_hint
         self.post_logout_redirect_uri = post_logout_redirect_uri
-        self.state = state
+        self.state = state
+
+
+class TokenValidationOptions:
+    """Options for token validation including issuer, audience, and scope validation"""
+    def __init__(
+        self,
+        issuer: Optional[str] = None,
+        audience: Optional[List[str]] = None,
+        required_scopes: Optional[List[str]] = None
+    ):
+        self.issuer = issuer
+        self.audience = audience
+        self.required_scopes = required_scopes

{scalekit_sdk_python-2.2.2 → scalekit_sdk_python-2.3.0}/scalekit/core.py

@@ -8,9 +8,8 @@ import platform
 from urllib.parse import urlparse
 
 from cryptography.hazmat.primitives import serialization
-from grpc_status import rpc_status
 from scalekit.common.scalekit import GrantType
-from scalekit.v1.errdetails.errdetails_pb2 import ErrorInfo
+from scalekit.common.exceptions import ScalekitServerException, ScalekitException
 
 TRequest = TypeVar("TRequest")
 TResponse = TypeVar("TResponse")
@@ -27,7 +26,7 @@ class WithCall(Protocol):
 class CoreClient:
     """Class definition for Core Client"""
 
-    sdk_version = "Scalekit-Python/2.2.2"
+    sdk_version = "Scalekit-Python/2.3.0"
     api_version = "20250718"
     user_agent = f"{sdk_version} Python/{platform.python_version()} ({platform.system()}; {platform.architecture()}"
 
@@ -86,7 +85,7 @@ class CoreClient:
 
         response = self.authenticate(data=json.dumps(params))
         if response.status_code != 200:
-            raise Exception(response.content)
+            raise ScalekitServerException.promote(response)
         response = json.loads(response.content)
         self.access_token = response["access_token"]
 
@@ -105,7 +104,7 @@ class CoreClient:
             verify=True,
         )
         if response.status_code != 200:
-            raise Exception(response.content)
+            raise ScalekitServerException.promote(response)
         return response
 
     def get_jwks(self):
@@ -129,38 +128,6 @@ class CoreClient:
 
             self.keys[kid] = pem_key.decode("utf-8")
 
-    def grpc_exec(
-        self,
-        func: WithCall,
-        data: TRequest,
-        retry=1,
-    ) -> TResponse:
-        try:
-            resp = func(
-                data,
-                metadata=tuple(self.get_headers().items()),
-            )
-            return resp
-        except grpc.RpcError as exp:
-            if retry > 0:
-                return self.grpc_exec(func, data, retry=retry - 1)
-            else:
-                status_code = exp.code()
-                status = rpc_status.from_call(exp)
-                messages = [status.message]
-                if status_code == grpc.StatusCode.INVALID_ARGUMENT:
-                    for detail in status.details:
-                        if detail.Is(ErrorInfo.DESCRIPTOR):
-                            info = ErrorInfo()
-                            detail.Unpack(info)
-                            if info.validation_error_info:
-                                for fv in info.validation_error_info.field_violations:
-                                    messages.append(f"{fv.field}: {fv.description}")
-
-                raise Exception("\n".join(messages))
-        except Exception as exp:
-            raise exp
-
     def get_headers(self, headers: Optional[dict] = None) -> dict:
         """
         Method to get user defined headers and returns collated header params
@@ -180,3 +147,23 @@ class CoreClient:
         if headers:
             return {**default_headers, **headers}
         return default_headers
+
+    def grpc_exec(
+        self,
+        func: WithCall,
+        data: TRequest,
+        retry=1,
+    ) -> TResponse:
+        try:
+            resp = func(
+                data,
+                metadata=tuple(self.get_headers().items()),
+            )
+            return resp
+        except grpc.RpcError as exp:
+            if retry > 0:
+                return self.grpc_exec(func, data, retry=retry - 1)
+            else:
+                raise ScalekitServerException.promote(exp)
+        except Exception as exp:
+            raise ScalekitException(exp)