corbado / corbado-python

Add passkeys to your Python application with the Corbado Python SDK.
https://www.corbado.com/passkeys/python
MIT License
5 stars 0 forks source link
biometrics corbado corbado-sdk django faceid fastapi fido fido2 flask passkey passkeys python python-sdk touchid webauthn
GitHub Repo Cover

Corbado Python SDK

License documentation Slack

The Corbado Python SDK provides convenient access to the Corbado Backend API from applications written in the Python language.

:warning: The Corbado Python SDK is commonly referred to as a private client, specifically designed for usage within closed backend applications. This particular SDK should exclusively be utilized in such environments, as it is crucial to ensure that the API secret remains strictly confidential and is never shared.

:rocket: Getting started | :hammer_and_wrench: Services | :books: Advanced | :speech_balloon: Support & Feedback

:rocket: Getting started

Requirements

Installation

Use the following command to install the Corbado Python SDK:

pip install passkeys

Usage

To create a Corbado Python SDK instance you need to provide your Project ID and API secret which can be found at the Developer Panel.

config: Config = Config(project_id="{project_id}", api_secret="{api_secret}")
sdk = CorbadoSDK(config=config)

Examples

A list of examples can be found in the integration tests here.

:hammer_and_wrench: Services

The Corbado Python SDK provides the following services:

To use a specific service, such as users, invoke it as shown below:

user_service: UserService = sdk.users

:books: Advanced

Error handling

The Corbado Python SDK raises exceptions for all errors except those that occur in the session service during token validation (See example below on how to catch those errors). The following exceptions are thrown:

'SessionService' returns 'SessionValidationResult' as result of token validation. You can check whether any errors occurred and handle them if needed:

result: SessionValidationResult = self.session_service.get_and_validate_short_session_value(short_session=token)
            if result.error is not None:
                print(result.error)
                raise result.error

If the Backend API returns a HTTP status code other than 200, the Corbado Python SDK throws a ServerException. The ServerExceptionclass provides convenient methods to access all important data: sdk.users.get(user_id="usr-123456789")

        try:
            # Try to get non-existing user with ID 'usr-123456789'
            sdk.users.get(user_id="usr-123456789")
        except ServerException as e:
            # Show HTTP status code (404 in this case)
            print(f"Status Code: {e.http_status_code}")

            # Show request ID (can be used in developer panel to look up the full request
            # and response, see https://app.corbado.com/app/logs/requests)
            print(f"Request id: {e.request_id}")

            # Show full request data
            print(f"Request data: {e.request_data}")

            # Show runtime of request in seconds (server side)
            print(f"Runtime: {e.runtime}")

            # Show error type (not_found)
            print(f"Error type: {e.error_type}")

            # Show full error data
            print(f"Full error: {e.error}")

Developer Setup

Create a virtual environment and install packages -

python3 -m venv venv_name
source venv_name/bin/activate
pip install -r requirements-dev.txt

(Add venv_name to "exclude" list in .flake8, otherwise flake8 will lint the generated venv)

Add environment variables for tests (use the test project from secrets repositoty) -

export CORBADO_API_SECRET=corbado1_123456
export CORBADO_PROJECT_ID=pro-123456
export CORBADO_BACKEND_API="https://backendapi.cloud.corbado.io"

Testing

Run all tests using -

tox run -e py38

The tox tests are configured to run on Python 3.8, 3.9, 3.10, 3.11, 3.12 (you need to remove "-e py38" tox argument)

Run linting and mypy:

mypy -p corbado_python_sdk --exclude generated --strict --disable-error-code attr-defined
flake8 .

Development notes

Use Version file as single source of truth for version control.

Use VSCode with provided project/extentions configuration .vscode/settings.json

Use the recommended extentions from .vscode/extentions.json and explore their functionality to achieve expected code quality by integration tests:

:speech_balloon: Support & Feedback

Report an issue

If you encounter any bugs or have suggestions, please open an issue.

Slack channel

Join our Slack channel to discuss questions or ideas with the Corbado team and other developers.

Slack

Email

You can also reach out to us via email at vincent.delitz@corbado.com.

Vulnerability reporting

Please report suspected security vulnerabilities in private to security@corbado.com. Please do NOT create publicly viewable issues for suspected security vulnerabilities.