ul-api-utils 9.3.0__py3-none-any.whl

ul_api_utils/modules/api_sdk_jwt.py

@@ -0,0 +1,377 @@
+import base64
+import re
+from datetime import datetime, timedelta
+from typing import Set, Dict, Any, NamedTuple, List, Union, Optional, Literal, Tuple, Callable, Iterable
+from uuid import UUID, uuid4
+
+import jwt
+
+from ul_api_utils.access import PermissionDefinition
+from ul_api_utils.errors import AccessApiError, PermissionDeniedApiError
+from ul_api_utils.utils.json_encoder import CustomJSONEncoder
+
+TAlgo = Union[Literal['RS256'], Literal['ES256']]
+ALGORITHM__RS256: TAlgo = 'RS256'
+ALGORITHM__ES256: TAlgo = 'ES256'
+ALGORITHMS: List[str] = [ALGORITHM__ES256, ALGORITHM__RS256]
+
+
+JWT_VERSION: str = '1'
+JWT_ACCESS_TOKEN_TTL: timedelta = timedelta(hours=2)
+JWT_REFRESH_TOKEN_TTL: timedelta = timedelta(days=2)
+
+
+JWT_TYPE__REFRESH = 'refresh'
+JTW_TYPE__ACCESS = 'access'
+
+
+JWT_TYPE__COMPRESSED = {
+    JWT_TYPE__REFRESH: 'r',
+    JTW_TYPE__ACCESS: 'a',
+}
+JWT_TYPE__UNCOMPRESSED = {
+    'r': JWT_TYPE__REFRESH,
+    'a': JTW_TYPE__ACCESS,
+}
+RE_COMPRESSED_PROP = re.compile(r'^[ar](\d+)$')
+JWT_EXP_DATE_TIMESTAMP_BASIS = datetime(2022, 1, 1).timestamp()
+
+# JWT_SYMBOL_MAP_FOR_CNT = " 
	ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"  # "\-
+# JWT_SYMBOL_MAP_FOR_INC = "!#$%&'()*+,./:;<=>?@[]^_`{|}~¡¢£¤¥¦§¨©ª«¬®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþ"
+
+# JWT_SYMBOL_MAP_FOR_CNT = " ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"  # "\-
+# JWT_SYMBOL_MAP_FOR_INC = "!#$%&'()*+,./:;<=>?@[]^_`{|}~¡¢£¤¥¦§¨©ª«¬®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþ"
+
+# JWT_SYMBOL_MAP_FOR_CNT = " 
	!#$%&'()*+,./:;<=>?@[]^_`{|}~"  # "\-
+# JWT_SYMBOL_MAP_FOR_INC = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+
+JWT_SYMBOL_MAP_FOR_CNT = " !#$%&'()*+,./:;<=>?@[]^_`{|}~"  # "\-
+JWT_SYMBOL_MAP_FOR_INC = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+assert len(JWT_SYMBOL_MAP_FOR_INC) == len(set(JWT_SYMBOL_MAP_FOR_INC))
+assert len(JWT_SYMBOL_MAP_FOR_CNT) == len(set(JWT_SYMBOL_MAP_FOR_CNT))
+assert not set(JWT_SYMBOL_MAP_FOR_CNT).intersection(set(JWT_SYMBOL_MAP_FOR_INC))
+assert not set(JWT_SYMBOL_MAP_FOR_INC).intersection(set(JWT_SYMBOL_MAP_FOR_CNT))
+
+
+class ApiSdkJwt(NamedTuple):
+    id: UUID
+    user_id: UUID
+    organization_id: Optional[UUID]
+    version: str
+    token_type: str
+    exp_date: datetime
+    env: str
+    permissions: Set[int]
+    additional_data: Dict[str, Any]
+    is_superuser: Optional[bool] = False
+    raw: Optional[str] = None
+    username: Optional[str] = None
+
+    @staticmethod
+    def load_cert(certificate: str) -> Tuple[str, Callable[[], str]]:
+        from cryptography.hazmat.primitives import serialization
+
+        private_key = serialization.load_pem_private_key(
+            certificate.encode('utf-8'),
+            password=None,
+        )
+
+        def pub_key_factory() -> str:
+            public_key = private_key.public_key()
+            serialized_public = public_key.public_bytes(
+                encoding=serialization.Encoding.PEM,
+                format=serialization.PublicFormat.SubjectPublicKeyInfo,
+            )
+            return serialized_public.decode('utf-8')
+
+        return (
+            certificate,
+            pub_key_factory,
+        )
+
+    @staticmethod
+    def generate_cert(algorithm: TAlgo) -> Tuple[str, Callable[[], str]]:
+        from cryptography.hazmat.primitives import serialization
+        from cryptography.hazmat.primitives.asymmetric import ec
+        from cryptography.hazmat.primitives.asymmetric import rsa
+
+        assert algorithm in ALGORITHMS, f'algorithm {algorithm} is not supported'
+        if algorithm == ALGORITHM__ES256:
+            private_key = ec.generate_private_key(ec.SECP384R1())
+        elif algorithm == ALGORITHM__RS256:
+            private_key = rsa.generate_private_key(65537, 2048)  # type: ignore
+
+        def pub_key_factory() -> str:
+            public_key = private_key.public_key()
+            serialized_public = public_key.public_bytes(
+                encoding=serialization.Encoding.PEM,
+                format=serialization.PublicFormat.SubjectPublicKeyInfo,
+            )
+            return serialized_public.decode('utf-8')
+
+        return (
+            private_key.private_bytes(
+                encoding=serialization.Encoding.PEM,
+                format=serialization.PrivateFormat.PKCS8,
+                encryption_algorithm=serialization.NoEncryption(),
+            ).decode('utf-8'),
+            pub_key_factory,
+        )
+
+    def encode(self, certificate: str, algorithm: TAlgo, compressed: bool = False) -> str:
+        assert algorithm in ALGORITHMS
+        if not isinstance(certificate, str):
+            raise TypeError(f'invalid type of config.jwt_private_key. must be str. {type(certificate).__name__} was given')
+
+        if compressed:
+            data: Dict[str, Any] = {
+                f'{JWT_TYPE__COMPRESSED[self.token_type]}{self.version}': [
+                    self.env,  # env
+                    self.compress_uuid(self.id),  # id
+                    self.compress_uuid(self.user_id),  # user_id
+                    self.compress_uuid(self.organization_id) if self.organization_id else '',  # organization_id
+                    self.is_superuser,
+                    int((self.exp_date.timestamp() - JWT_EXP_DATE_TIMESTAMP_BASIS) / 60),  # exp_date IN MINUTES
+                    self.compress_permissions(self.permissions),  # permissions
+                ],
+                **self.additional_data,
+            }
+        else:
+            data = dict(
+                id=str(self.id),
+                user_id=str(self.user_id),
+                organization_id=str(self.organization_id) if self.organization_id is not None else None,
+                is_superuser=self.is_superuser,
+                version=str(self.version),
+                token_type=self.token_type,
+                exp_date=self.exp_date.isoformat(),
+                env=self.env,
+                permissions=list(self.permissions),
+                **self.additional_data,
+            )
+        return jwt.encode(data, certificate, algorithm=algorithm, json_encoder=CustomJSONEncoder)
+
+    @classmethod
+    def decode(cls, token: str, certificate: str, username: Optional[str] = None) -> 'ApiSdkJwt':
+        data = jwt.decode(token, certificate, algorithms=ALGORITHMS)
+        compressed_props = [k for k in data.keys() if RE_COMPRESSED_PROP.match(k) is not None]
+
+        if len(compressed_props) == 1:  # COMPRESSED
+            env, _id, _user_id, _organization_id, _is_superuser, _exp_date, _permissions = data.pop(compressed_props[0])
+            token_type = JWT_TYPE__UNCOMPRESSED[compressed_props[0][0]]
+            version = int(compressed_props[0][1:])
+
+            # print('2>>>', json.dumps(_permissions, separators=(',', ':')))
+            id = cls.decompress_uuid(_id)
+            user_id = cls.decompress_uuid(_user_id)
+            organization_id = cls.decompress_uuid(_organization_id) if len(_organization_id) > 0 else None
+            is_superuser = bool(_is_superuser)
+            exp_date = datetime.fromtimestamp(JWT_EXP_DATE_TIMESTAMP_BASIS + _exp_date * 60)
+            permissions = set(sorted(cls.decompress_permissions(_permissions)))
+        else:
+            # print('1>>>', json.dumps(list(sorted(data['permissions'])), separators=(',', ':')))
+            id = UUID(data.pop('id'))
+            env = data.pop('env')
+            exp_date = datetime.fromisoformat(data.pop('exp_date'))
+            version = int(data.pop('version'))
+            token_type = data.pop('token_type')
+            user_id = UUID(data.pop('user_id'))
+            organization_id = UUID(data.pop('organization_id')) if data.get('organization_id', None) is not None else None
+            is_superuser = bool(data.pop('is_superuser')) if data.get('is_superuser') else False
+            permissions = set(sorted(data.pop('permissions')))
+
+        if not isinstance(env, str):
+            raise TypeError('invalid type of env')
+
+        if not isinstance(token_type, str):
+            raise TypeError('invalid type of token_type')
+
+        return ApiSdkJwt(
+            id=id,
+            env=env,
+            token_type=token_type,
+            exp_date=exp_date,
+            version=str(version),
+            user_id=user_id,
+            organization_id=organization_id,
+            is_superuser=is_superuser,
+            permissions=permissions,
+            additional_data=data,
+            username=username,
+            raw=token,
+        )
+
+    def ensure_organization_id(self) -> UUID:
+        if self.organization_id is None:
+            raise PermissionDeniedApiError('you must be logged in some organisation')
+        return self.organization_id
+
+    @property
+    def is_expired(self) -> bool:
+        return self.exp_date < datetime.now()
+
+    @property
+    def is_refresh_token(self) -> bool:
+        return self.token_type == JWT_TYPE__REFRESH
+
+    @property
+    def is_access_token(self) -> bool:
+        return self.token_type == JTW_TYPE__ACCESS
+
+    def has_permission(self, permission: Union[PermissionDefinition, int]) -> bool:
+        if isinstance(permission, int):
+            return permission in self.permissions
+
+        if isinstance(permission, PermissionDefinition):
+            return permission.id in self.permissions
+
+        raise TypeError('invalid permission type')
+
+    @staticmethod
+    def create_jwt_pair(
+        *,
+        environment: str,
+        user_id: Union[str, UUID],
+        organization_id: Optional[Union[str, UUID]],
+        permissions: List[Union[int, PermissionDefinition]],
+        is_superuser: Optional[bool] = False,
+        access_expiration_date: Optional[datetime] = None,
+        refresh_expiration_date: Optional[datetime] = None,
+        additional_data: Optional[Dict[str, Any]] = None,
+    ) -> Tuple['ApiSdkJwt', 'ApiSdkJwt']:
+        if additional_data is None:
+            additional_data = dict()
+        id = uuid4()
+        now = datetime.now()
+
+        user_id = user_id if isinstance(user_id, UUID) else UUID(user_id)
+        if organization_id is not None:
+            organization_id = organization_id if isinstance(organization_id, UUID) else UUID(organization_id)
+
+        at = ApiSdkJwt(
+            id=id,
+            env=str(environment),
+            version=JWT_VERSION,
+            user_id=user_id,
+            organization_id=organization_id,
+            is_superuser=is_superuser,
+            permissions={(p if isinstance(p, int) else p.id) for p in permissions},
+            additional_data=additional_data,
+            token_type=JTW_TYPE__ACCESS,
+            exp_date=access_expiration_date or (now + JWT_ACCESS_TOKEN_TTL),
+        )
+        rt = ApiSdkJwt(
+            id=id,
+            env=str(environment),
+            version=JWT_VERSION,
+            user_id=user_id,
+            organization_id=organization_id,
+            is_superuser=is_superuser,
+            permissions={(p if isinstance(p, int) else p.id) for p in permissions},
+            additional_data=additional_data,
+            token_type=JWT_TYPE__REFRESH,
+            exp_date=refresh_expiration_date or (now + JWT_REFRESH_TOKEN_TTL),
+        )
+        return at, rt
+
+    def create_access_token(self, expiration_date: Optional[datetime] = None) -> 'ApiSdkJwt':
+        if not self.is_refresh_token:
+            raise AccessApiError('invalid token type')
+
+        exp_date = expiration_date if expiration_date is not None else min(datetime.now() + JWT_ACCESS_TOKEN_TTL, self.exp_date)
+
+        if exp_date > self.exp_date:
+            exp_date = self.exp_date
+
+        return ApiSdkJwt(
+            id=self.id,
+            env=self.env,
+            version=self.version,
+            user_id=self.user_id,
+            organization_id=self.organization_id,
+            is_superuser=self.is_superuser,
+            permissions=self.permissions,
+            token_type=JTW_TYPE__ACCESS,
+            exp_date=exp_date,
+            additional_data=self.additional_data,
+        )
+
+    @classmethod
+    def compress_uuid(cls, id: UUID) -> str:
+        # return "".join(chr(i+10) for i in id.bytes)
+        # return str(id.int)
+        return base64.b85encode(id.bytes).decode('utf-8')
+
+    @classmethod
+    def decompress_uuid(cls, id: str) -> UUID:
+        return UUID(bytes=base64.b85decode(id))
+
+    @classmethod
+    def compress_permissions(cls, permissions: Iterable[int]) -> str:
+        permissions = list(sorted(set(permissions)))
+        if len(permissions) == 0:
+            return ''
+        if len(permissions) == 1:
+            return str(permissions[0])
+        res_permissions: List[Tuple[int, int]] = []
+        prev_p: Optional[int] = None
+        for p in permissions:
+            if prev_p is None:
+                res_permissions.append((p, 1))
+            else:
+                prev_inc, prev_cnt = res_permissions[-1]
+                cur_inc = p - prev_p
+                if prev_inc == cur_inc:
+                    res_permissions[-1] = prev_inc, prev_cnt + 1
+                else:
+                    res_permissions.append((cur_inc, 1))
+            prev_p = p
+        res = ''
+        for v, c in res_permissions:
+            res += sorted((i for i in (cls._compress_v1(v, c), cls._compress_v2(v, c)) if len(i)), key=len)[0]
+        res = res.strip()
+        return res
+
+    @classmethod
+    def _compress_v1(cls, v: int, c: int) -> str:
+        l_cnt = len(JWT_SYMBOL_MAP_FOR_CNT)
+        # return f'{JWT_SYMBOL_MAP_FOR_CNT[-1] * (c // l_cnt)}{JWT_SYMBOL_MAP_FOR_CNT[(c % l_cnt) - 1] if c % l_cnt != 0 else ""}{v}'
+        return (
+            f'{JWT_SYMBOL_MAP_FOR_CNT[-1] * (c // l_cnt)}{JWT_SYMBOL_MAP_FOR_CNT[(c % l_cnt) - 1] if c % l_cnt != 0 else ""}'
+            f'{v if v < 10 or (v - 9 > len(JWT_SYMBOL_MAP_FOR_INC)) else JWT_SYMBOL_MAP_FOR_INC[v -1 - 9]}'
+        )
+
+    @classmethod
+    def _compress_v2(cls, v: int, c: int) -> str:
+        if v > len(JWT_SYMBOL_MAP_FOR_INC):
+            return ''
+        return f"{JWT_SYMBOL_MAP_FOR_INC[v - 1]}{c if c != 1 else ''}"
+
+    @classmethod
+    def decompress_permissions(cls, permissions: str) -> List[int]:
+        if not permissions:
+            return []
+        res_permissions: List[int] = []
+        for c, v in re.compile(r'(\D+)(\d*)').findall(f' {permissions}' if permissions[0] in '123456789' else permissions):
+            res: List[Tuple[int, int]] = []
+            cur_grp = ''
+            for i, ci in enumerate(c):
+                i_last = i == (len(c) - 1)
+                if ci in JWT_SYMBOL_MAP_FOR_CNT:
+                    cur_grp += ci
+                else:
+                    if len(cur_grp):
+                        cii_v = JWT_SYMBOL_MAP_FOR_INC.find(ci) + 1 + 9
+                        for cii in cur_grp:
+                            res.append((cii_v, JWT_SYMBOL_MAP_FOR_CNT.find(cii) + 1))
+                        cur_grp = ''
+                    else:
+                        res.append((JWT_SYMBOL_MAP_FOR_INC.find(ci) + 1, 1 if (len(v) == 0) or not i_last else int(v)))
+                if i_last and len(cur_grp):
+                    for cii in cur_grp:
+                        res.append((1 if len(v) == 0 else int(v), JWT_SYMBOL_MAP_FOR_CNT.find(cii) + 1))
+                    cur_grp = ''
+            for val, cnt in res:
+                for _i in range(cnt):
+                    res_permissions.append(res_permissions[-1] + val if res_permissions else val)
+        return res_permissions

ul_api_utils/modules/intermediate_state.py

@@ -0,0 +1,34 @@
+from typing import Optional, TYPE_CHECKING, Union
+
+if TYPE_CHECKING:
+    from ul_api_utils.modules.api_sdk import ApiSdk
+    from ul_api_utils.modules.worker_sdk import WorkerSdk
+
+
+_configured_sdk: Optional[str] = None
+_initialized_sdk: Optional[str] = None
+
+
+def try_configure(obj: Union['ApiSdk', 'WorkerSdk']) -> None:
+    global _configured_sdk
+    if _configured_sdk is not None:
+        raise OverflowError(f'configured ApiSdk/WorkerSdk must be only one! {_configured_sdk} has already configured. Please check your isolation of imports.')
+    _configured_sdk = type(obj).__name__
+
+
+def try_init(obj: Union['ApiSdk', 'WorkerSdk'], app_name: str) -> str:
+    if _configured_sdk is None:
+        raise OverflowError(f'{type(obj).__name__} was not configured')
+
+    assert isinstance(app_name, str) and len(app_name.strip()) > 0, f'app_name must be NOT EMPTY str. "{type(app_name).__name__}" was given'
+
+    global _initialized_sdk
+    if _initialized_sdk is not None:
+        raise OverflowError(
+            'initialized ApiSdk/WorkerSdk must be only one! '
+            f'{_configured_sdk} with name="{app_name}" has already initialized. '
+            'Please check your isolation of imports.',
+        )
+    _initialized_sdk = app_name
+
+    return app_name.strip()

ul_api_utils/modules/worker_context.py

@@ -0,0 +1,35 @@
+from logging import Logger
+from typing import Optional, TYPE_CHECKING
+
+
+from ul_api_utils.sentry import sentry
+
+if TYPE_CHECKING:
+    from sentry_sdk import Scope
+    import flask_sqlalchemy
+
+
+class WorkerContext:
+
+    __slots__ = (
+        '_logger',
+        '_sentry_scope',
+        '_db',
+    )
+
+    def __init__(self, *, logger: Logger, sentry_scope: 'Scope', db: Optional['flask_sqlalchemy.SQLAlchemy']) -> None:
+        self._logger = logger
+        self._sentry_scope = sentry_scope
+        self._db = db
+
+    def sentry_capture(self, e: Exception) -> None:
+        sentry.capture_exception(e)
+
+    @property
+    def logger(self) -> Logger:
+        return self._logger
+
+    @property
+    def db(self) -> 'flask_sqlalchemy.SQLAlchemy':
+        assert self._db is not None
+        return self._db

ul_api_utils/modules/worker_sdk.py

@@ -0,0 +1,109 @@
+import functools
+import logging
+from datetime import datetime
+from typing import TypeVar, Callable, Any, Union, Dict, Optional, Tuple, TYPE_CHECKING
+
+from flask import Flask
+from ul_unipipeline.message.uni_message import UniMessage
+from ul_unipipeline.worker.uni_worker import UniWorker
+from ul_unipipeline.worker.uni_worker_consumer_message import UniWorkerConsumerMessage
+
+from ul_api_utils.conf import APPLICATION_START_DT
+from ul_api_utils.modules.intermediate_state import try_init, try_configure
+from ul_api_utils.modules.worker_context import WorkerContext
+from ul_api_utils.modules.worker_sdk_config import WorkerSdkConfig
+from ul_api_utils.resources.socketio import init_socket_io
+from ul_api_utils.sentry import sentry
+
+if TYPE_CHECKING:
+    import flask_socketio  # type: ignore # lib without mypy stubs
+    from ul_db_utils.modules.postgres_modules.db import DbConfig
+
+TI = TypeVar('TI', bound=UniMessage)
+TO = TypeVar('TO', bound=UniMessage)
+
+
+class WorkerSdk:
+    __slots__ = (
+        '_initialized_flask_name',
+        '_config',
+        '_db_initialized',
+        '_flask_app_cache',
+        '_sio',
+    )
+
+    def __init__(self, config: WorkerSdkConfig) -> None:
+        try_configure(self)
+        self._initialized_flask_name: Optional[str] = None
+        self._config = config
+        self._db_initialized = False
+        self._flask_app_cache: Optional[Flask] = None
+        self._sio: Optional['flask_socketio.SocketIO'] = None
+
+    @property
+    def socket(self) -> 'flask_socketio.SocketIO':
+        assert self._sio is not None, "SocketIO client is not configured, try adding SocketIOConfig to your WorkerSdk first."
+        return self._sio
+
+    @property
+    def _flask_app(self) -> Flask:
+        if self._flask_app_cache is not None:
+            return self._flask_app_cache
+
+        if not self._initialized_flask_name:
+            raise OverflowError('app was not initialized')
+
+        self._flask_app_cache = Flask(import_name=self._initialized_flask_name)
+
+        return self._flask_app_cache
+
+    def init(self, app_name: str, *, db_config: Optional['DbConfig'] = None) -> 'WorkerSdk':
+        self._initialized_flask_name = try_init(self, app_name)
+        self._sio = init_socket_io(config=self._config.socket_config)
+        if db_config is not None:
+            from ul_db_utils.utils.waiting_for_postgres import waiting_for_postgres
+            self._db_initialized = True
+            db_config._init_from_sdk_with_flask(self)
+            waiting_for_postgres(db_config.uri)
+        return self
+
+    def init_with_flask(self, app_name: str, *, db_config: Optional['DbConfig'] = None) -> Tuple['WorkerSdk', Flask]:
+        self.init(app_name, db_config=db_config)
+        return self, self._flask_app
+
+    def handle_message(self, log_edges: bool = True) -> Callable[[Callable[[UniWorker[TI, Optional[TO]], WorkerContext, UniWorkerConsumerMessage[TI]], Optional[Union[Optional[TO], Dict[str, Any]]]]], Callable[[UniWorker[TI, Optional[TO]], UniWorkerConsumerMessage[TI]], Optional[Union[Optional[TO], Dict[str, Any]]]]]:  # noqa: E501  # type: ignore
+        assert self._initialized_flask_name is not None
+
+        def wrapper(fn: Callable[[UniWorker[TI, Optional[TO]], WorkerContext, UniWorkerConsumerMessage[TI]], Optional[Union[Optional[TO], Dict[str, Any]]]]) -> Callable[[UniWorker[TI, Optional[TO]], UniWorkerConsumerMessage[TI]], Optional[Union[Optional[TO], Dict[str, Any]]]]:  # noqa: E501
+            mdl = fn.__module__
+            logger = logging.getLogger(mdl)
+
+            @functools.wraps(fn)
+            def wr_handle_message(wrk: UniWorker[TI, Optional[TO]], message: UniWorkerConsumerMessage[TI]) -> Optional[Union[Optional[TO], Dict[str, Any]]]:
+                worker_name = type(wrk).__name__
+                if log_edges:
+                    logger.info(f'worker "{worker_name}" handle message :: START :: {message._meta.payload}')
+                with self._flask_app.app_context(), sentry.configure_scope() as sentry_scope:
+                    sentry_scope.set_tag('app_name', self._initialized_flask_name)
+                    sentry_scope.set_tag('app_type', 'worker')
+                    sentry_scope.set_tag('app_uptime', f'{(datetime.now() - APPLICATION_START_DT).seconds // 60}s')
+                    sentry_scope.set_tag('app_worker_name', type(wrk).__name__)
+                    if message.worker_creator:
+                        sentry_scope.set_tag('app_worker_creator', message.worker_creator)
+
+                    db_instance = None
+                    if self._db_initialized:
+                        from ul_db_utils.modules.postgres_modules import db
+                        db_instance = db.db
+
+                    ctx = WorkerContext(
+                        logger=logger,
+                        sentry_scope=sentry_scope,  # type: ignore
+                        db=db_instance,
+                    )
+                    res = fn(wrk, ctx, message)
+                    if log_edges:
+                        logger.info(f'worker "{worker_name}" handle message :: END :: {res}')
+                    return res
+            return wr_handle_message
+        return wrapper

ul_api_utils/modules/worker_sdk_config.py

@@ -0,0 +1,13 @@
+from pydantic import ConfigDict, BaseModel
+
+from ul_api_utils.resources.socketio import SocketIOConfig
+
+
+class WorkerSdkConfig(BaseModel):
+    socket_config: SocketIOConfig | None = None
+
+    model_config = ConfigDict(
+        extra="forbid",
+        frozen=True,
+        arbitrary_types_allowed=True,
+    )