next release - feature parity - high testing coverage

.github/workflows/ci.yml

@@ -8,7 +8,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest]
-        python-version: [3.7, 3.8, 3.9, "3.10", "3.11"]
+        python-version: [3.8, 3.9, "3.10", "3.11"]
     runs-on: ${{ matrix.os }}
     steps:
       - name: Clone Repository

.pre-commit-config.yaml

@@ -9,7 +9,7 @@ repos:
         args: ["--fix=lf"]
 
   - repo: https://github.com/pycqa/isort
-    rev: 5.10.1
+    rev: 5.12.0
     hooks:
       - id: isort
         args:
@@ -40,13 +40,13 @@ repos:
       - id: black
 
   - repo: https://github.com/asottile/pyupgrade
-    rev: v2.34.0
+    rev: v2.37.3
     hooks:
       - id: pyupgrade
         args: ["--py37-plus", "--keep-runtime-typing"]
 
   - repo: https://github.com/commitizen-tools/commitizen
-    rev: v2.28.0
+    rev: v2.32.1
     hooks:
       - id: commitizen
         stages: [commit-msg]

.sourcery.yaml

@@ -0,0 +1,2 @@
+refactor:
+  python_version: '3.7'

Makefile

@@ -22,6 +22,9 @@ clean_infra:
 	docker-compose down --remove-orphans &&\
 	docker system prune -a --volumes -f
 
+sync_infra:
+	python scripts/gh-download.py --repo=supabase/gotrue-js --branch=master --folder=infra
+
 run_tests: run_infra sleep tests
 
 build_sync:

gotrue/__init__.py

@@ -2,13 +2,12 @@
 
 __version__ = "0.5.4"
 
-from ._async.api import AsyncGoTrueAPI
-from ._async.client import AsyncGoTrueClient
-from ._async.storage import AsyncMemoryStorage, AsyncSupportedStorage
-from ._sync.api import SyncGoTrueAPI
-from ._sync.client import SyncGoTrueClient
-from ._sync.storage import SyncMemoryStorage, SyncSupportedStorage
-from .types import *
-
-Client = SyncGoTrueClient
-GoTrueAPI = SyncGoTrueAPI
+from ._async.gotrue_admin_api import AsyncGoTrueAdminAPI  # type: ignore # noqa: F401
+from ._async.gotrue_client import AsyncGoTrueClient  # type: ignore # noqa: F401
+from ._async.storage import AsyncMemoryStorage  # type: ignore # noqa: F401
+from ._async.storage import AsyncSupportedStorage  # type: ignore # noqa: F401
+from ._sync.gotrue_admin_api import SyncGoTrueAdminAPI  # type: ignore # noqa: F401
+from ._sync.gotrue_client import SyncGoTrueClient  # type: ignore # noqa: F401
+from ._sync.storage import SyncMemoryStorage  # type: ignore # noqa: F401
+from ._sync.storage import SyncSupportedStorage  # type: ignore # noqa: F401
+from .types import *  # type: ignore # noqa: F401, F403

gotrue/_async/gotrue_admin_api.py

@@ -0,0 +1,175 @@
+from __future__ import annotations
+
+from typing import Dict, List, Union
+
+from ..helpers import parse_link_response, parse_user_response
+from ..http_clients import AsyncClient
+from ..types import (
+    AdminUserAttributes,
+    AuthMFAAdminDeleteFactorParams,
+    AuthMFAAdminDeleteFactorResponse,
+    AuthMFAAdminListFactorsParams,
+    AuthMFAAdminListFactorsResponse,
+    GenerateLinkParams,
+    GenerateLinkResponse,
+    Options,
+    User,
+    UserResponse,
+)
+from .gotrue_admin_mfa_api import AsyncGoTrueAdminMFAAPI
+from .gotrue_base_api import AsyncGoTrueBaseAPI
+
+
+class AsyncGoTrueAdminAPI(AsyncGoTrueBaseAPI):
+    def __init__(
+        self,
+        *,
+        url: str = "",
+        headers: Dict[str, str] = {},
+        http_client: Union[AsyncClient, None] = None,
+    ) -> None:
+        AsyncGoTrueBaseAPI.__init__(
+            self,
+            url=url,
+            headers=headers,
+            http_client=http_client,
+        )
+        self.mfa = AsyncGoTrueAdminMFAAPI()
+        self.mfa.list_factors = self._list_factors
+        self.mfa.delete_factor = self._delete_factor
+
+    async def sign_out(self, jwt: str) -> None:
+        """
+        Removes a logged-in session.
+        """
+        return await self._request(
+            "POST",
+            "logout",
+            jwt=jwt,
+            no_resolve_json=True,
+        )
+
+    async def invite_user_by_email(
+        self,
+        email: str,
+        options: Options = {},
+    ) -> UserResponse:
+        """
+        Sends an invite link to an email address.
+        """
+        return await self._request(
+            "POST",
+            "invite",
+            body={"email": email, "data": options.get("data")},
+            redirect_to=options.get("redirect_to"),
+            xform=parse_user_response,
+        )
+
+    async def generate_link(self, params: GenerateLinkParams) -> GenerateLinkResponse:
+        """
+        Generates email links and OTPs to be sent via a custom email provider.
+        """
+        return await self._request(
+            "POST",
+            "admin/generate_link",
+            body={
+                "type": params.get("type"),
+                "email": params.get("email"),
+                "password": params.get("password"),
+                "new_email": params.get("new_email"),
+                "data": params.get("options", {}).get("data"),
+            },
+            redirect_to=params.get("options", {}).get("redirect_to"),
+            xform=parse_link_response,
+        )
+
+    # User Admin API
+
+    async def create_user(self, attributes: AdminUserAttributes) -> UserResponse:
+        """
+        Creates a new user.
+
+        This function should only be called on a server.
+        Never expose your `service_role` key in the browser.
+        """
+        return await self._request(
+            "POST",
+            "admin/users",
+            body=attributes,
+            xform=parse_user_response,
+        )
+
+    async def list_users(self) -> List[User]:
+        """
+        Get a list of users.
+
+        This function should only be called on a server.
+        Never expose your `service_role` key in the browser.
+        """
+        return await self._request(
+            "GET",
+            "admin/users",
+            xform=lambda data: [User.parse_obj(user) for user in data["users"]]
+            if "users" in data
+            else [],
+        )
+
+    async def get_user_by_id(self, uid: str) -> UserResponse:
+        """
+        Get user by id.
+
+        This function should only be called on a server.
+        Never expose your `service_role` key in the browser.
+        """
+        return await self._request(
+            "GET",
+            f"admin/users/{uid}",
+            xform=parse_user_response,
+        )
+
+    async def update_user_by_id(
+        self,
+        uid: str,
+        attributes: AdminUserAttributes,
+    ) -> UserResponse:
+        """
+        Updates the user data.
+
+        This function should only be called on a server.
+        Never expose your `service_role` key in the browser.
+        """
+        return await self._request(
+            "PUT",
+            f"admin/users/{uid}",
+            body=attributes,
+            xform=parse_user_response,
+        )
+
+    async def delete_user(self, id: str) -> None:
+        """
+        Delete a user. Requires a `service_role` key.
+
+        This function should only be called on a server.
+        Never expose your `service_role` key in the browser.
+        """
+        return await self._request("DELETE", f"admin/users/{id}")
+
+    async def _list_factors(
+        self,
+        params: AuthMFAAdminListFactorsParams,
+    ) -> AuthMFAAdminListFactorsResponse:
+        return await self._request(
+            "GET",
+            f"admin/users/{params.get('user_id')}/factors",
+            xform=AuthMFAAdminListFactorsResponse.parse_obj,
+        )
+
+    async def _delete_factor(
+        self,
+        params: AuthMFAAdminDeleteFactorParams,
+    ) -> AuthMFAAdminDeleteFactorResponse:
+        return await self._request(
+            "DELETE",
+            f"admin/users/{params.get('user_id')}/factors/{params.get('factor_id')}",
+            xform=AuthMFAAdminDeleteFactorResponse.parse_obj,
+        )

gotrue/_async/gotrue_admin_mfa_api.py

@@ -0,0 +1,32 @@
+from ..types import (
+    AuthMFAAdminDeleteFactorParams,
+    AuthMFAAdminDeleteFactorResponse,
+    AuthMFAAdminListFactorsParams,
+    AuthMFAAdminListFactorsResponse,
+)
+
+
+class AsyncGoTrueAdminMFAAPI:
+    """
+    Contains the full multi-factor authentication administration API.
+    """
+
+    async def list_factors(
+        self,
+        params: AuthMFAAdminListFactorsParams,
+    ) -> AuthMFAAdminListFactorsResponse:
+        """
+        Lists all factors attached to a user.
+        """
+        raise NotImplementedError()  # pragma: no cover
+
+    async def delete_factor(
+        self,
+        params: AuthMFAAdminDeleteFactorParams,
+    ) -> AuthMFAAdminDeleteFactorResponse:
+        """
+        Deletes a factor on a user. This will log the user out of all active
+        sessions (if the deleted factor was verified). There's no need to delete
+        unverified factors.
+        """
+        raise NotImplementedError()  # pragma: no cover

gotrue/_async/gotrue_base_api.py

@@ -0,0 +1,118 @@
+from __future__ import annotations
+
+from typing import Any, Callable, Dict, TypeVar, Union, overload
+
+from httpx import Response
+from pydantic import BaseModel
+from typing_extensions import Literal, Self
+
+from ..helpers import handle_exception
+from ..http_clients import AsyncClient
+
+T = TypeVar("T")
+
+
+class AsyncGoTrueBaseAPI:
+    def __init__(
+        self,
+        *,
+        url: str,
+        headers: Dict[str, str],
+        http_client: Union[AsyncClient, None],
+    ):
+        self._url = url
+        self._headers = headers
+        self._http_client = http_client or AsyncClient()
+
+    async def __aenter__(self) -> Self:
+        return self
+
+    async def __aexit__(self, exc_t, exc_v, exc_tb) -> None:
+        await self.close()
+
+    async def close(self) -> None:
+        await self._http_client.aclose()
+
+    @overload
+    async def _request(
+        self,
+        method: Literal["GET", "OPTIONS", "HEAD", "POST", "PUT", "PATCH", "DELETE"],
+        path: str,
+        *,
+        jwt: Union[str, None] = None,
+        redirect_to: Union[str, None] = None,
+        headers: Union[Dict[str, str], None] = None,
+        query: Union[Dict[str, str], None] = None,
+        body: Union[Any, None] = None,
+        no_resolve_json: Literal[False] = False,
+        xform: Callable[[Any], T],
+    ) -> T:
+        ...  # pragma: no cover
+
+    @overload
+    async def _request(
+        self,
+        method: Literal["GET", "OPTIONS", "HEAD", "POST", "PUT", "PATCH", "DELETE"],
+        path: str,
+        *,
+        jwt: Union[str, None] = None,
+        redirect_to: Union[str, None] = None,
+        headers: Union[Dict[str, str], None] = None,
+        query: Union[Dict[str, str], None] = None,
+        body: Union[Any, None] = None,
+        no_resolve_json: Literal[True],
+        xform: Callable[[Response], T],
+    ) -> T:
+        ...  # pragma: no cover
+
+    @overload
+    async def _request(
+        self,
+        method: Literal["GET", "OPTIONS", "HEAD", "POST", "PUT", "PATCH", "DELETE"],
+        path: str,
+        *,
+        jwt: Union[str, None] = None,
+        redirect_to: Union[str, None] = None,
+        headers: Union[Dict[str, str], None] = None,
+        query: Union[Dict[str, str], None] = None,
+        body: Union[Any, None] = None,
+        no_resolve_json: bool = False,
+    ) -> None:
+        ...  # pragma: no cover
+
+    async def _request(
+        self,
+        method: Literal["GET", "OPTIONS", "HEAD", "POST", "PUT", "PATCH", "DELETE"],
+        path: str,
+        *,
+        jwt: Union[str, None] = None,
+        redirect_to: Union[str, None] = None,
+        headers: Union[Dict[str, str], None] = None,
+        query: Union[Dict[str, str], None] = None,
+        body: Union[Any, None] = None,
+        no_resolve_json: bool = False,
+        xform: Union[Callable[[Any], T], None] = None,
+    ) -> Union[T, None]:
+        url = f"{self._url}/{path}"
+        headers = {**self._headers, **(headers or {})}
+        if "Content-Type" not in headers:
+            headers["Content-Type"] = "application/json;charset=UTF-8"
+        if jwt:
+            headers["Authorization"] = f"Bearer {jwt}"
+        query = query or {}
+        if redirect_to:
+            query["redirect_to"] = redirect_to
+        try:
+            response = await self._http_client.request(
+                method,
+                url,
+                headers=headers,
+                params=query,
+                json=body.dict() if isinstance(body, BaseModel) else body,
+            )
+            response.raise_for_status()
+            result = response if no_resolve_json else response.json()
+            if xform:
+                return xform(result)
+        except Exception as e:
+            raise handle_exception(e)