Metadata-Version: 2.1
Name: onepasswordconnectsdk
Version: 1.1.0
Summary: Python SDK for 1Password Connect
Home-page: https://github.com/1Password/connect-sdk-python
License: MIT
Author: 1Password
Requires-Python: >=3.7,<4.0
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Requires-Dist: python-dateutil (>=2.8.1,<3.0.0)
Requires-Dist: requests (>=2.24.0,<3.0.0)
Requires-Dist: six (>=1.10,<2.0)
Project-URL: Bug Tracker, https://github.com/1Password/connect-sdk-python/issues
Project-URL: Repository, https://github.com/1Password/connect-sdk-python
Project-URL: Report Security Issue, https://bugcrowd.com/agilebits
Description-Content-Type: text/markdown

# 1Password Connect Python SDK

The 1Password Connect SDK provides access to 1Password via [1Password Connect](https://support.1password.com/secrets-automation/) hosted in your infrastructure. The library is intended to be used by Python applications to simplify accessing items in 1Password vaults.

## Prerequisites

- [1Password Connect](https://support.1password.com/secrets-automation/#step-2-deploy-a-1password-connect-server) deployed in your infrastructure
## Installation

To install the 1Password Connect Python SDK:
```bash
$ pip install onepasswordconnectsdk
```

To install a specific release of the 1Password Connect Python SDK:
```bash
$ pip install onepasswordconnectsdk==1.0.1
```

## Usage

**Import 1Password Connect Python SDK**

```python
import onepasswordconnectsdk
```

**Environment Variables**

- **OP_CONNECT_TOKEN** – The token to be used to authenticate with the 1Password Connect API.
- **OP_CONNECT_HOST** - The hostname of the 1Password Connect API.
  Possible values include:
    - `connect-api:8080` if the Connect server is running in the same Kubernetes cluster as your application.
    - `localhost:8080` if the Connect server is running in Docker on the same host.
    - `<ip>:8080` or `<hostname>:8080` if the Connect server is running on another host.
- **OP_VAULT** - The default vault to fetch items from if not specified.

**Create a Client**

There are two methods available for creating a client:

- `new_client_from_environment`: Builds a new client for interacting with 1Password Connect using the `OP_CONNECT_TOKEN` and `OP_CONNECT_HOST` *environment variables*.
- `new_client`: Builds a new client for interacting with 1Password Connect. Accepts the hostname of 1Password Connect and the API token generated for the application.

```python
from onepasswordconnectsdk.client import (
    Client,
    new_client_from_environment,
    new_client
)

# creating client using OP_CONNECT_TOKEN and OP_CONNECT_HOST environment variables
client_from_env: Client = new_client_from_environment()

# creates a client by supplying hostname and 1Password Connect API token
client_from_token: Client = new_client(
    "{1Password_Connect_Host}",
    "{1Password_Connect_API_Token}")
```

**Get Item**

Get a specific item by item and vault ids:

```python
client.get_item("{item_id}", "{vault_id}")
```

**Get Item By Title**

Get a specific item by item title and vault id:

```python
client.get_item_by_title("{item_title}", "{vault_id}")
```

**Get All Items**

Get a summarized list of all items for a specified vault:

```python
client.get_items("{vault_id}")
```

**Delete Item**

Delete an item by item and vault ids:

```python
client.delete_item("{item_id}", "{vault_id}")
```

**Create Item**

Create an item in a specified vault:

```python
from onepasswordconnectsdk.models import (ItemVault, Field)

# Example item creation. Create an item with your desired arguments. 
item = onepasswordconnectsdk.models.Item(vault=ItemVault(id="av223f76ydutdngislnkbz6z5u"),
                                      id="kp2td65r4wbuhocwhhijpdbfqq",
                                      title="newtitle",
                                      category="LOGIN",
                                      tags=["1password-connect"],
                                      fields=[Field(value="new_user",
                                                                  purpose="USERNAME")],
                                      )
client.create_item("{vault_id}", item)
```

**Update Item**

Update the item identified by the specified item and vault ids. The existing item will be overwritten with the newly supplied item.

```python
from onepasswordconnectsdk.models import (ItemVault, Field)

# Example item creation. Create an item with your desired arguments. 
item = onepasswordconnectsdk.models.Item(vault=ItemVault(id="av223f76ydutdngislnkbz6z5u"),
                                      id="kp2td65r4wbuhocwhhijpdbfqq",
                                      title="newtitle",
                                      category="LOGIN",
                                      tags=["1password-connect"],
                                      fields=[Field(value="new_user",
                                                                  purpose="USERNAME")],
                                      )
client.update_item("{item_id}", "{vault_id}", item)
```

**Get Specific Vault**

Get a vault by vault id:

```python
client.get_vault("{vault_id}")
```

**Get Vaults**

Retrieve all vaults available to the service account:

```python
client.get_vaults()
```

**Load Configuration**

Users can create `classes` or `dicts` that describe fields they wish to get the values from in 1Password. Two convienience methods are provided that will handle the fetching of values for these fields:

- **load_dict**: Takes a dictionary with keys specifying the user desired naming scheme of the values to return. Each key's value is a dictionary that includes information on where to find the item field value in 1Password. This returns a dictionary of user specified keys with values retrieved from 1Password
- **load**: Takes an object with class attributes annotated with tags describing where to find desired fields in 1Password. Manipulates given object and fills attributes in with 1Password item field values.

```python
# example dict configuration for onepasswordconnectsdk.load_dict(CONFIG)
CONFIG = {
    "server": {
        "opitem": "My database item",
        "opfield": "specific_section.hostname",
        "opvault": "some_vault_id",
    },
    "database": {
        "opitem": "My database item",
        "opfield": ".database",
    },
    "username": {
        "opitem": "My database item",
        "opfield": ".username",
    },
    "password": {
        "opitem": "My database item",
        "opfield": ".password",
    },
}

values_dict = onepasswordconnectsdk.load_dict(CONFIG)
```

```python
# example class configuration for onepasswordconnectsdk.load(CONFIG)
class Config:
    server: 'opitem:"My database item" opvault:some_vault_id opfield:specific_section.hostname' = None
    database: 'opitem:"My database item" opfield:.database' = None
    username: 'opitem:"My database item" opfield:.username' = None
    password: 'opitem:"My database item" opfield:.password' = None

CONFIG = Config()

values_object = onepasswordconnectsdk.load(CONFIG)
```

## Development

**Testing**

```bash
make test
```

## Security

1Password requests you practice responsible disclosure if you discover a vulnerability. 

Please file requests via [**BugCrowd**](https://bugcrowd.com/agilebits). 

For information about security practices, please visit our [Security homepage](https://bugcrowd.com/agilebits).

