Merge branch 'main' of https://github.com/DelineaXPM/python-tss-sdk into Dev.GetAllSecrets

Author: delinea-sagar

.github/workflows/run_tests.yml

@@ -9,7 +9,7 @@ jobs:
     environment: testing
     strategy:
       matrix:
-        python: [3.7, 3.8, 3.9, "3.10"]
+        python: [3.8, 3.9, "3.10", "3.11"]
 
     steps:
       - uses: actions/checkout@v3
@@ -30,5 +30,5 @@ jobs:
           TSS_USERNAME: ${{ secrets.TSS_USERNAME }}
           TSS_PASSWORD: ${{ secrets.TSS_PASSWORD }}
           TSS_TENANT: ${{ secrets.TSS_TENANT }}
-          SECRET_ID: ${{ secrets.SECRET_ID }}
-          SECRET_PATH: ${{ secrets.SECRET_PATH }}
+          TSS_SECRET_ID: ${{ secrets.TSS_SECRET_ID }}
+          TSS_SECRET_PATH: ${{ secrets.TSS_SECRET_PATH }}

README.md

@@ -120,7 +120,7 @@ When using a self-signed certificate for SSL, the `REQUESTS_CA_BUNDLE` environme
 
 ## Create a Build Environment (optional)
 
-The SDK requires [Python 3.7](https://www.python.org/downloads/) or higher.
+The SDK requires [Python 3.8](https://www.python.org/downloads/) or higher.
 
 First, ensure Python is in `$PATH`, then run:
 
@@ -144,8 +144,8 @@ Valid credentials are required to run the unit tests. The credentials should be
 export TSS_USERNAME=myusername
 export TSS_PASSWORD=mysecretpassword
 export TSS_TENANT=mytenant
-export SECRET_ID=42
-export SECRET_PATH=\Test Secrets\SecretName
+export TSS_SECRET_ID=42
+export TSS_SECRET_PATH=\Test Secrets\SecretName
 ```
 
 The tests assume that the user associated with the specified `TSS_USERNAME` and `TSS_PASSWORD` can read the secret to be fetched, and that the Secret itself contains `username` and `password` fields.

conftest.py

@@ -12,8 +12,8 @@ def env_vars():
         "username": os.getenv("TSS_USERNAME"),
         "password": os.getenv("TSS_PASSWORD"),
         "tenant": os.getenv("TSS_TENANT"),
-        "secret_id": os.getenv("SECRET_ID"),
-        "secret_path": os.getenv("SECRET_PATH"),
+        "secret_id": os.getenv("TSS_SECRET_ID"),
+        "secret_path": os.getenv("TSS_SECRET_PATH"),
     }
 
 

delinea/secrets/server.py

@@ -430,7 +430,7 @@ class SecretServerV0(SecretServer):
     It gets an ``access_token`` that it uses to create an *HTTP Authorization
     Header* which it includes in each REST API call.
 
-    This class maintains backwards compatability with v0.0.5
+    This class maintains backwards compatibility with v0.0.5
     """
 
     def __init__(

example.py

@@ -1,25 +1,32 @@
 import os
+from conftest import secret_server
 
 from delinea.secrets.server import (
+    SecretServer,
     SecretServerCloud,
     SecretServerError,
+    PasswordGrantAuthorizer,
+    ServerSecret,
 )
 
 if __name__ == "__main__":
-    creds = {
-        "username": os.getenv("TSS_USERNAME"),
-        "password": os.getenv("TSS_PASSWORD"),
-        "tenant": os.getenv("TSS_TENTANT"),
-    }
+    tenant = os.getenv("TSS_TENANT")
+    base_url = f"https://{tenant}.secretservercloud.com"
+    authorizer = PasswordGrantAuthorizer(
+        base_url,
+        os.getenv("TSS_USERNAME"),
+        os.getenv("TSS_PASSWORD"),
+    )
 
-    secret_server = SecretServerCloud(**creds)
+    secret_server_cloud = SecretServerCloud(tenant=tenant, authorizer=authorizer)
 
     try:
-        secret = secret_server.get_secret(1)
+        secret = secret_server_cloud.get_secret(os.getenv("TSS_SECRET_ID"))
+        serverSecret = ServerSecret(**secret)
         print(
-            f"""username: {secret.fields['username'].value}
-                password: {secret.fields['password'].value}
-                template: {secret.secret_template_name}"""
+            f"""username: {serverSecret.fields['username'].value}
+                password: {serverSecret.fields['password'].value}
+                template: {serverSecret.secret_template_name}"""
         )
     except SecretServerError as error:
         print(error.response.text)

pyproject.toml

@@ -9,14 +9,14 @@ author-email = "GitHub@delinea.com"
 classifiers = [
     "License :: OSI Approved :: Apache Software License",
     "Operating System :: OS Independent",
-    "Programming Language :: Python :: 3.7",
     "Programming Language :: Python :: 3.8",
     "Programming Language :: Python :: 3.9",
-    "Programming Language :: Python :: 3.10"
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11"
 ]
 description-file = "README.md"
 requires = [
     "requests >= 2.12.5"
 ]
-requires-python=">=3.7"
+requires-python=">=3.8"
 dist-name = "python-tss-sdk"

tests/test_server.py

@@ -1,56 +1,56 @@
-import pytest
-
-from delinea.secrets.server import (
-    AccessTokenAuthorizer,
-    SecretServer,
-    SecretServerClientError,
-    SecretServerError,
-    ServerSecret,
-)
-
-
-def test_bad_url(env_vars, authorizer):
-    bad_server = SecretServer(
-        f"https://{env_vars['tenant']}.secretservercloud.com/nonexistent",
-        authorizer,
-    )
-    with pytest.raises(SecretServerError):
-        bad_server.get_secret(env_vars["secret_id"])
-
-
-def test_token_url(env_vars, authorizer):
-    assert (
-        authorizer.token_url
-        == f"https://{env_vars['tenant']}.secretservercloud.com/oauth2/token"
-    )
-
-
-def test_api_url(secret_server, env_vars):
-    assert (
-        secret_server.api_url
-        == f"https://{env_vars['tenant']}.secretservercloud.com/api/v1"
-    )
-
-
-def test_access_token_authorizer(env_vars, authorizer):
-    assert SecretServer(
-        f"https://{env_vars['tenant']}.secretservercloud.com/",
-        AccessTokenAuthorizer(authorizer.get_access_token()),
-    ).get_secret(env_vars["secret_id"])["id"] == int(env_vars["secret_id"])
-
-
-def test_server_secret(env_vars, secret_server):
-    assert ServerSecret(**secret_server.get_secret(env_vars["secret_id"])).id == int(
-        env_vars["secret_id"]
-    )
-
-
-def test_server_secret_by_path(env_vars, secret_server):
-    assert ServerSecret(
-        **secret_server.get_secret_by_path(env_vars["secret_path"])
-    ).id == int(env_vars["secret_id"])
-
-
-def test_nonexistent_secret(secret_server):
-    with pytest.raises(SecretServerClientError):
-        secret_server.get_secret(1000)
+import pytest
+
+from delinea.secrets.server import (
+    AccessTokenAuthorizer,
+    SecretServer,
+    SecretServerClientError,
+    SecretServerError,
+    ServerSecret,
+)
+
+
+def test_bad_url(env_vars, authorizer):
+    bad_server = SecretServer(
+        f"https://{env_vars['tenant']}.secretservercloud.com/nonexistent",
+        authorizer,
+    )
+    with pytest.raises(SecretServerError):
+        bad_server.get_secret(env_vars["secret_id"])
+
+
+def test_token_url(env_vars, authorizer):
+    assert (
+        authorizer.token_url
+        == f"https://{env_vars['tenant']}.secretservercloud.com/oauth2/token"
+    )
+
+
+def test_api_url(secret_server, env_vars):
+    assert (
+        secret_server.api_url
+        == f"https://{env_vars['tenant']}.secretservercloud.com/api/v1"
+    )
+
+
+def test_access_token_authorizer(env_vars, authorizer):
+    assert SecretServer(
+        f"https://{env_vars['tenant']}.secretservercloud.com/",
+        AccessTokenAuthorizer(authorizer.get_access_token()),
+    ).get_secret(env_vars["secret_id"])["id"] == int(env_vars["secret_id"])
+
+
+def test_server_secret(env_vars, secret_server):
+    assert ServerSecret(**secret_server.get_secret(env_vars["secret_id"])).id == int(
+        env_vars["secret_id"]
+    )
+
+
+def test_server_secret_by_path(env_vars, secret_server):
+    assert ServerSecret(
+        **secret_server.get_secret_by_path("/tss-sdk-go/Amazon")
+    ).id == int(env_vars["secret_id"])
+
+
+def test_nonexistent_secret(secret_server):
+    with pytest.raises(SecretServerClientError):
+        secret_server.get_secret(1000)

tox.ini

@@ -1,25 +1,25 @@
-# tox (https://tox.readthedocs.io/) is a tool for running tests
-# in multiple virtualenvs. This configuration file will run the
-# test suite on all supported python versions. To use it, "pip install tox"
-# and then run "tox" from this directory.
-
-# Docs for tox config -> https://tox.readthedocs.io/en/latest/config.html
-
-[tox]
-envlist = 3.7, 3.8, 3.9, 3.10
-isolated_build = True
-skipsdist = True
-
-[testenv]
-deps =
-    pytest
-    requests
-    python-dotenv
-passenv =
-    TSS_USERNAME
-    TSS_PASSWORD
-    TSS_TENANT
-    SECRET_ID
-    SECRET_PATH
-commands =
-    pytest
+# tox (https://tox.readthedocs.io/) is a tool for running tests
+# in multiple virtualenvs. This configuration file will run the
+# test suite on all supported python versions. To use it, "pip install tox"
+# and then run "tox" from this directory.
+
+# Docs for tox config -> https://tox.readthedocs.io/en/latest/config.html
+
+[tox]
+envlist = 3.8, 3.9, 3.10, 3.11
+isolated_build = True
+skipsdist = True
+
+[testenv]
+deps =
+    pytest
+    requests
+    python-dotenv
+passenv =
+    TSS_USERNAME
+    TSS_PASSWORD
+    TSS_TENANT
+    TSS_SECRET_ID
+    TSS_SECRET_PATH
+commands =
+    pytest