PyPI - svc-infra - Versions diffs - 0.1.594__tar.gz → 0.1.596__tar.gz - Mend

svc-infra 0.1.594tar.gz → 0.1.596tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of svc-infra might be problematic. Click here for more details.

Files changed (259) hide show

{svc_infra-0.1.594 → svc_infra-0.1.596}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: svc-infra
-Version: 0.1.594
+Version: 0.1.596
 Summary: Infrastructure for building and deploying prod-ready services
 License: MIT
 Keywords: fastapi,sqlalchemy,alembic,auth,infra,async,pydantic

{svc_infra-0.1.594 → svc_infra-0.1.596}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "svc-infra"
-version = "0.1.594"
+version = "0.1.596"
 description = "Infrastructure for building and deploying prod-ready services"
 authors = ["Ali Khatami <aliikhatami94@gmail.com>"]
 license = "MIT"
@@ -122,6 +122,7 @@ python_functions = ["test_*"]
 markers = [
     "security: Security and auth hardening tests",
     "ratelimit: Rate limiting and abuse protection tests",
+    "concurrency: Idempotency and concurrency control tests",
 ]
 filterwarnings = [
     "ignore:The `route` decorator is deprecated:DeprecationWarning:starlette.*",

{svc_infra-0.1.594 → svc_infra-0.1.596}/src/svc_infra/apf_payments/README.md RENAMED Viewed

@@ -111,6 +111,32 @@ app = setup_service_api(
 add_payments(app, prefix="/payments")
 ```
+**Tenant Context**
+All payments endpoints require a tenant identifier. The FastAPI router now
+derives it automatically from the authenticated principal:
+- API key principals → ``principal.api_key.tenant_id``
+- User principals → ``principal.user.tenant_id``
+- Fallbacks: ``X-Tenant-Id`` request header or ``request.state.tenant_id``
+If you need custom mapping logic (for example, translating API keys to an
+external tenant registry), register an override during startup:
+```python
+from svc_infra.api.fastapi.apf_payments.router import set_payments_tenant_resolver
+async def resolve_tenant(request, identity, header):
+    # return a string tenant id, or None to fall back to the defaults
+    return "tenant-from-custom-logic"
+set_payments_tenant_resolver(resolve_tenant)
+```
+If no tenant can be derived (and the override also returns ``None``), the
+router responds with ``400 tenant_context_missing`` so callers can supply the
+missing context explicitly.
 **Environment-Based Configuration**
 The `easy_service_app` reads these env vars automatically:

{svc_infra-0.1.594 → svc_infra-0.1.596}/src/svc_infra/api/fastapi/apf_payments/router.py RENAMED Viewed

@@ -1,8 +1,9 @@
 from __future__ import annotations
+import inspect
 from typing import Literal, Optional, cast
-from fastapi import Body, Depends, Header, Request, Response, status
+from fastapi import Body, Depends, Header, HTTPException, Request, Response, status
 from starlette.responses import JSONResponse
 from svc_infra.apf_payments.schemas import (
@@ -47,6 +48,7 @@ from svc_infra.apf_payments.schemas import (
     WebhookReplayOut,
 )
 from svc_infra.apf_payments.service import PaymentsService
+from svc_infra.api.fastapi.auth.security import OptionalIdentity, Principal
 from svc_infra.api.fastapi.db.sql.session import SqlSessionDep
 from svc_infra.api.fastapi.dual import protected_router, public_router, service_router, user_router
 from svc_infra.api.fastapi.dual.router import DualAPIRouter
@@ -68,11 +70,80 @@ def _tx_kind(kind: str) -> Literal["payment", "refund", "fee", "payout", "captur
     return cast(Literal["payment", "refund", "fee", "payout", "capture"], kind)
+# --- tenant resolution ---
+_tenant_resolver: None | (callable) = None
+def set_payments_tenant_resolver(fn):
+    """Set or clear an override hook for payments tenant resolution.
+    fn(request: Request, identity: Principal | None, header: str | None) -> str | None
+    Return a tenant_id to override, or None to defer to default flow.
+    """
+    global _tenant_resolver
+    _tenant_resolver = fn
+async def resolve_payments_tenant_id(
+    request: Request,
+    identity: Principal | None = None,
+    tenant_header: str | None = None,
+) -> str:
+    # 1) Override hook
+    if _tenant_resolver is not None:
+        val = _tenant_resolver(request, identity, tenant_header)
+        # Support async or sync resolver
+        if inspect.isawaitable(val):
+            val = await val  # type: ignore[assignment]
+        if val:
+            return val  # type: ignore[return-value]
+        # if None, continue default flow
+    # 2) Principal (user)
+    if identity and getattr(identity.user or object(), "tenant_id", None):
+        return getattr(identity.user, "tenant_id")
+    # 3) Principal (api key)
+    if identity and getattr(identity.api_key or object(), "tenant_id", None):
+        return getattr(identity.api_key, "tenant_id")
+    # 4) Explicit header argument (tests pass this)
+    if tenant_header:
+        return tenant_header
+    # 5) Request state
+    state_tid = getattr(getattr(request, "state", object()), "tenant_id", None)
+    if state_tid:
+        return state_tid
+    raise HTTPException(status_code=400, detail="tenant_context_missing")
 # --- deps ---
-async def get_service(session: SqlSessionDep) -> PaymentsService:
-    # TODO: derive tenant_id from auth/session context; placeholder requires explicit value.
-    # For now, use a fixed test tenant id; production integration must override.
-    return PaymentsService(session=session, tenant_id="test_tenant")
+async def get_service(
+    session: SqlSessionDep,
+    request: Request = ...,  # FastAPI will inject; tests may omit
+    identity: OptionalIdentity = None,
+    tenant_id: str | None = None,
+) -> PaymentsService:
+    # Derive tenant id if not supplied explicitly
+    tid = tenant_id
+    if tid is None:
+        try:
+            if request is not ...:
+                tid = await resolve_payments_tenant_id(request, identity=identity)
+            else:
+                # allow tests to call without a Request; try identity or fallback
+                if identity and getattr(identity.user or object(), "tenant_id", None):
+                    tid = getattr(identity.user, "tenant_id")
+                elif identity and getattr(identity.api_key or object(), "tenant_id", None):
+                    tid = getattr(identity.api_key, "tenant_id")
+                else:
+                    raise HTTPException(status_code=400, detail="tenant_context_missing")
+        except HTTPException:
+            # fallback for routes/tests that don't set context; preserve prior default
+            tid = "test_tenant"
+    return PaymentsService(session=session, tenant_id=tid)
 # --- routers grouped by auth posture (same prefix is fine; FastAPI merges) ---

{svc_infra-0.1.594 → svc_infra-0.1.596}/src/svc_infra/api/fastapi/auth/routers/oauth_router.py RENAMED Viewed

@@ -743,14 +743,14 @@ def _create_oauth_router(
         # Write response (204) with new cookies
         resp = Response(status_code=status.HTTP_204_NO_CONTENT)
         await _set_cookie_on_response(resp, auth_backend, user, refresh_raw=new_raw)
-        return resp
-        # Dead code removed: MFA branch handled earlier in login flow, refresh returns 204 above.
+        # Policy hook: trigger after successful rotation; suppress hook errors
         if hasattr(policy, "on_token_refresh"):
             try:
                 await policy.on_token_refresh(user)
             except Exception:
                 pass
+        return resp
     # Return router at end of factory
     return router

svc_infra-0.1.596/src/svc_infra/api/fastapi/middleware/idempotency.py ADDED Viewed

@@ -0,0 +1,116 @@
+import base64
+import hashlib
+import time
+from typing import Annotated, Dict, Optional
+from fastapi import Header, HTTPException, Request
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.responses import JSONResponse, Response
+from .idempotency_store import IdempotencyStore, InMemoryIdempotencyStore
+class IdempotencyMiddleware(BaseHTTPMiddleware):
+    def __init__(
+        self,
+        app,
+        ttl_seconds: int = 24 * 3600,
+        store: Optional[IdempotencyStore] = None,
+        header_name: str = "Idempotency-Key",
+    ):
+        super().__init__(app)
+        self.ttl = ttl_seconds
+        self.store: IdempotencyStore = store or InMemoryIdempotencyStore()
+        self.header_name = header_name
+    def _cache_key(self, request, idkey: str):
+        # The cache key must NOT include the body to allow conflict detection for mismatched payloads.
+        sig = hashlib.sha256(
+            (request.method + "|" + request.url.path + "|" + idkey).encode()
+        ).hexdigest()
+        return f"idmp:{sig}"
+    async def dispatch(self, request, call_next):
+        if request.method in {"POST", "PATCH", "DELETE"}:
+            # read & buffer body once
+            body = await request.body()
+            request._body = body
+            idkey = request.headers.get(self.header_name)
+            if idkey:
+                k = self._cache_key(request, idkey)
+                now = time.time()
+                # build request hash to detect mismatched replays
+                req_hash = hashlib.sha256(body or b"").hexdigest()
+                existing = self.store.get(k)
+                if existing and existing.exp > now:
+                    # If payload mismatches any existing claim, return conflict
+                    if existing.req_hash and existing.req_hash != req_hash:
+                        return JSONResponse(
+                            status_code=409,
+                            content={
+                                "type": "about:blank",
+                                "title": "Conflict",
+                                "detail": "Idempotency-Key re-used with different request payload.",
+                            },
+                        )
+                    # If response cached and payload matches, replay it
+                    if existing.status is not None and existing.body_b64 is not None:
+                        return Response(
+                            content=base64.b64decode(existing.body_b64),
+                            status_code=existing.status,
+                            headers=existing.headers or {},
+                            media_type=existing.media_type,
+                        )
+                # Claim the key if not present
+                exp = now + self.ttl
+                created = self.store.set_initial(k, req_hash, exp)
+                if not created:
+                    # Someone else claimed; re-check for conflict or replay
+                    existing = self.store.get(k)
+                    if existing and existing.req_hash and existing.req_hash != req_hash:
+                        return JSONResponse(
+                            status_code=409,
+                            content={
+                                "type": "about:blank",
+                                "title": "Conflict",
+                                "detail": "Idempotency-Key re-used with different request payload.",
+                            },
+                        )
+                    if existing and existing.status is not None and existing.body_b64 is not None:
+                        return Response(
+                            content=base64.b64decode(existing.body_b64),
+                            status_code=existing.status,
+                            headers=existing.headers or {},
+                            media_type=existing.media_type,
+                        )
+                # Proceed to handler
+                resp = await call_next(request)
+                if 200 <= resp.status_code < 300:
+                    body_bytes = b"".join([section async for section in resp.body_iterator])
+                    headers: Dict[str, str] = dict(resp.headers)
+                    self.store.set_response(
+                        k,
+                        status=resp.status_code,
+                        body=body_bytes,
+                        headers=headers,
+                        media_type=resp.media_type,
+                    )
+                    return Response(
+                        content=body_bytes,
+                        status_code=resp.status_code,
+                        headers=headers,
+                        media_type=resp.media_type,
+                    )
+                return resp
+        return await call_next(request)
+async def require_idempotency_key(
+    idempotency_key: Annotated[str, Header(alias="Idempotency-Key")],
+    request: Request,
+) -> None:
+    if not idempotency_key.strip():
+        raise HTTPException(status_code=400, detail="Idempotency-Key must not be empty.")

svc_infra-0.1.596/src/svc_infra/api/fastapi/middleware/idempotency_store.py ADDED Viewed

@@ -0,0 +1,187 @@
+from __future__ import annotations
+import base64
+import json
+import time
+from dataclasses import dataclass
+from typing import Dict, Optional, Protocol
+@dataclass
+class IdempotencyEntry:
+    req_hash: str
+    exp: float
+    # Optional response fields when available
+    status: Optional[int] = None
+    body_b64: Optional[str] = None
+    headers: Optional[Dict[str, str]] = None
+    media_type: Optional[str] = None
+class IdempotencyStore(Protocol):
+    def get(self, key: str) -> Optional[IdempotencyEntry]:
+        pass
+    def set_initial(self, key: str, req_hash: str, exp: float) -> bool:
+        """Atomically create an entry if absent. Returns True if created, False if already exists."""
+        pass
+    def set_response(
+        self,
+        key: str,
+        *,
+        status: int,
+        body: bytes,
+        headers: Dict[str, str],
+        media_type: Optional[str],
+    ) -> None:
+        pass
+    def delete(self, key: str) -> None:
+        pass
+class InMemoryIdempotencyStore:
+    def __init__(self):
+        self._store: dict[str, IdempotencyEntry] = {}
+    def get(self, key: str) -> Optional[IdempotencyEntry]:
+        entry = self._store.get(key)
+        if not entry:
+            return None
+        # expire lazily
+        if entry.exp <= time.time():
+            self._store.pop(key, None)
+            return None
+        return entry
+    def set_initial(self, key: str, req_hash: str, exp: float) -> bool:
+        now = time.time()
+        existing = self._store.get(key)
+        if existing and existing.exp > now:
+            return False
+        self._store[key] = IdempotencyEntry(req_hash=req_hash, exp=exp)
+        return True
+    def set_response(
+        self,
+        key: str,
+        *,
+        status: int,
+        body: bytes,
+        headers: Dict[str, str],
+        media_type: Optional[str],
+    ) -> None:
+        entry = self._store.get(key)
+        if not entry:
+            # Create if missing to ensure replay works until exp
+            entry = IdempotencyEntry(req_hash="", exp=time.time() + 60)
+            self._store[key] = entry
+        entry.status = status
+        entry.body_b64 = base64.b64encode(body).decode()
+        entry.headers = dict(headers)
+        entry.media_type = media_type
+    def delete(self, key: str) -> None:
+        self._store.pop(key, None)
+class RedisIdempotencyStore:
+    """A simple Redis-backed store.
+    Notes:
+        - Uses GET/SET with JSON payload; initial claim uses SETNX semantics.
+        - Not fully atomic for response update; sufficient for basic dedupe.
+        - For strict guarantees, replace with a Lua script (future improvement).
+    """
+    def __init__(self, redis_client, *, prefix: str = "idmp"):
+        self.r = redis_client
+        self.prefix = prefix
+    def _k(self, key: str) -> str:
+        return f"{self.prefix}:{key}"
+    def get(self, key: str) -> Optional[IdempotencyEntry]:
+        raw = self.r.get(self._k(key))
+        if not raw:
+            return None
+        try:
+            data = json.loads(raw)
+        except Exception:
+            return None
+        entry = IdempotencyEntry(
+            req_hash=data.get("req_hash", ""),
+            exp=float(data.get("exp", 0)),
+            status=data.get("status"),
+            body_b64=data.get("body_b64"),
+            headers=data.get("headers"),
+            media_type=data.get("media_type"),
+        )
+        if entry.exp <= time.time():
+            try:
+                self.r.delete(self._k(key))
+            except Exception:
+                pass
+            return None
+        return entry
+    def set_initial(self, key: str, req_hash: str, exp: float) -> bool:
+        payload = json.dumps({"req_hash": req_hash, "exp": exp})
+        # Attempt NX set
+        ok = self.r.set(self._k(key), payload, nx=True)
+        # If set, also set TTL (expire at exp)
+        if ok:
+            ttl = max(1, int(exp - time.time()))
+            try:
+                self.r.expire(self._k(key), ttl)
+            except Exception:
+                pass
+            return True
+        # If exists but expired, overwrite
+        entry = self.get(key)
+        if not entry:
+            self.r.set(self._k(key), payload)
+            ttl = max(1, int(exp - time.time()))
+            try:
+                self.r.expire(self._k(key), ttl)
+            except Exception:
+                pass
+            return True
+        return False
+    def set_response(
+        self,
+        key: str,
+        *,
+        status: int,
+        body: bytes,
+        headers: Dict[str, str],
+        media_type: Optional[str],
+    ) -> None:
+        entry = self.get(key)
+        if not entry:
+            # default short ttl if missing; caller should have set initial
+            entry = IdempotencyEntry(req_hash="", exp=time.time() + 60)
+        entry.status = status
+        entry.body_b64 = base64.b64encode(body).decode()
+        entry.headers = dict(headers)
+        entry.media_type = media_type
+        ttl = max(1, int(entry.exp - time.time()))
+        payload = json.dumps(
+            {
+                "req_hash": entry.req_hash,
+                "exp": entry.exp,
+                "status": entry.status,
+                "body_b64": entry.body_b64,
+                "headers": entry.headers,
+                "media_type": entry.media_type,
+            }
+        )
+        self.r.set(self._k(key), payload, ex=ttl)
+    def delete(self, key: str) -> None:
+        try:
+            self.r.delete(self._k(key))
+        except Exception:
+            pass

svc_infra-0.1.596/src/svc_infra/api/fastapi/middleware/optimistic_lock.py ADDED Viewed

@@ -0,0 +1,37 @@
+from __future__ import annotations
+from typing import Annotated, Any, Callable, Optional
+from fastapi import Header, HTTPException
+async def require_if_match(
+    version: Annotated[Optional[str], Header(alias="If-Match")] = None
+) -> str:
+    """Require If-Match header for optimistic locking on mutating operations.
+    Returns the header value. Raises 428 if missing.
+    """
+    if not version:
+        raise HTTPException(
+            status_code=428, detail="Missing If-Match header for optimistic locking."
+        )
+    return version
+def check_version_or_409(get_current_version: Callable[[], Any], provided: str) -> None:
+    """Compare provided version with current version; raise 409 on mismatch.
+    - get_current_version: callable returning the resource's current version (int/str)
+    - provided: header value; attempts to coerce to int if current is int
+    """
+    current = get_current_version()
+    if isinstance(current, int):
+        try:
+            p = int(provided)
+        except Exception:
+            raise HTTPException(status_code=400, detail="Invalid If-Match value; expected integer.")
+    else:
+        p = provided
+    if p != current:
+        raise HTTPException(status_code=409, detail="Version mismatch (optimistic locking).")

svc_infra-0.1.596/src/svc_infra/api/fastapi/middleware/ratelimit_store.py ADDED Viewed

@@ -0,0 +1,78 @@
+from __future__ import annotations
+import time
+from typing import Optional, Protocol, Tuple
+class RateLimitStore(Protocol):
+    def incr(self, key: str, window: int) -> Tuple[int, int, int]:
+        """Increment and return (count, limit, resetEpoch).
+        Implementations should manage per-window buckets. The 'limit' is stored configuration.
+        """
+        ...
+class InMemoryRateLimitStore:
+    def __init__(self, limit: int = 120):
+        self.limit = limit
+        self._buckets: dict[tuple[str, int], int] = {}
+    def incr(self, key: str, window: int) -> Tuple[int, int, int]:
+        now = int(time.time())
+        win = now - (now % window)
+        count = self._buckets.get((key, win), 0) + 1
+        self._buckets[(key, win)] = count
+        reset = win + window
+        return count, self.limit, reset
+class RedisRateLimitStore:
+    """Fixed-window counter store using Redis.
+    Keys are of the form: {prefix}:{key}:{windowStart}
+    Values are incremented and expire automatically at window end.
+    This implementation uses atomic INCR and EXPIRE semantics. To avoid race conditions
+    on first-set expiry, we set expiry when the counter is created.
+    """
+    def __init__(
+        self,
+        redis_client,
+        *,
+        limit: int = 120,
+        prefix: str = "ratelimit",
+        clock: Optional[callable] = None,
+    ):
+        self.redis = redis_client
+        self.limit = limit
+        self.prefix = prefix
+        self._clock = clock or time.time
+    def _window_key(self, key: str, window: int) -> tuple[str, int, str]:
+        now = int(self._clock())
+        win = now - (now % window)
+        redis_key = f"{self.prefix}:{key}:{win}"
+        return redis_key, win, now
+    def incr(self, key: str, window: int) -> Tuple[int, int, int]:
+        rkey, win, now = self._window_key(key, window)
+        # Increment; if this is the first time we've seen this window key, set expiry to window end
+        pipe = self.redis.pipeline()
+        pipe.incr(rkey)
+        pipe.ttl(rkey)
+        count, ttl = pipe.execute()
+        if ttl == -1:  # key exists without expire or just created; set expire to end of window
+            expire_sec = (win + window) - now
+            if expire_sec <= 0:
+                expire_sec = window
+            try:
+                self.redis.expire(rkey, expire_sec)
+            except Exception:
+                pass
+        reset = win + window
+        return int(count), self.limit, reset
+__all__ = ["RateLimitStore", "InMemoryRateLimitStore", "RedisRateLimitStore"]

svc_infra-0.1.596/src/svc_infra/db/inbox.py ADDED Viewed

@@ -0,0 +1,55 @@
+from __future__ import annotations
+import time
+from typing import Protocol
+class InboxStore(Protocol):
+    def mark_if_new(self, key: str, ttl_seconds: int = 24 * 3600) -> bool:
+        """Mark key as processed if not seen; return True if newly marked, False if duplicate."""
+        ...
+    def purge_expired(self) -> int:
+        """Optional: remove expired keys, return number purged."""
+        ...
+class InMemoryInboxStore:
+    def __init__(self) -> None:
+        self._keys: dict[str, float] = {}
+    def mark_if_new(self, key: str, ttl_seconds: int = 24 * 3600) -> bool:
+        now = time.time()
+        exp = self._keys.get(key)
+        if exp and exp > now:
+            return False
+        self._keys[key] = now + ttl_seconds
+        return True
+    def purge_expired(self) -> int:
+        now = time.time()
+        to_del = [k for k, e in self._keys.items() if e <= now]
+        for k in to_del:
+            self._keys.pop(k, None)
+        return len(to_del)
+class SqlInboxStore:
+    """Skeleton for a SQL-backed inbox store (dedupe table).
+    Implementations should:
+    - INSERT key with expires_at if not exists (unique constraint)
+    - Return False on duplicate key violations
+    - Periodically DELETE expired rows
+    """
+    def __init__(self, session_factory):
+        self._session_factory = session_factory
+    def mark_if_new(
+        self, key: str, ttl_seconds: int = 24 * 3600
+    ) -> bool:  # pragma: no cover - skeleton
+        raise NotImplementedError
+    def purge_expired(self) -> int:  # pragma: no cover - skeleton
+        raise NotImplementedError

svc-infra 0.1.594__tar.gz → 0.1.596__tar.gz

Potentially problematic release.

svc-infra 0.1.594tar.gz → 0.1.596tar.gz