Skip to main content

Shared infra (TOML config loader, path discovery, SSRF defenses, string helpers) for Pipefy SDK and Auth.

Project description

pipefy-infra

Schema-agnostic infrastructure helpers shared by pipefy and pipefy-auth. Sits at the bottom of the workspace dependency graph; depends only on stdlib + pydantic / pydantic-settings.

Adapter layer between Pipefy's application code (pipefy, pipefy-auth) and external concerns (filesystem, OS, network boundary). Each submodule owns one bounded context; the package root exposes only __version__.

pipefy_infra.config

Pipefy on-disk configuration: where it lives and how it's read.

  • config_dir() -> Path. Resolves the OS-appropriate config directory ($XDG_CONFIG_HOME/pipefy on POSIX, %APPDATA%\pipefy on Windows, falling back to ~/.config/pipefy when XDG_CONFIG_HOME is unset).
  • config_file_path() -> Path. Resolves the TOML file path, honouring the PIPEFY_CONFIG_FILE environment override.
  • PipefyTomlConfigSource. A pydantic-settings source that loads top-level TOML keys from config_file_path(). The source knows nothing about specific field names; each consuming BaseSettings subclass filters via its own field definitions plus extra="ignore".
from pipefy_infra.config import config_dir, config_file_path, PipefyTomlConfigSource

pipefy_infra.security

SSRF defenses on URLs destined for outbound HTTP. Layered gates: shape regex at field declaration, synchronous internal-IP check at settings construction, asynchronous DNS-rebinding check at request time.

  • URL_SHAPE_PATTERN. Regex for Field(..., pattern=...) on URL settings fields.
  • validate_https_url(url, field_label, *, allow_insecure=False). Synchronous scheme + literal-IP gate. Enforces HTTPS and rejects literal IPs in private/loopback/link-local/multicast/reserved/unspecified ranges. With allow_insecure=True (driven by PIPEFY_ALLOW_INSECURE_URLS) both http and the literal-IP gate are skipped for dev mode; production callers must follow up with the async DNS gate.
  • assert_hostname_is_not_internal(hostname, *, context). Rejects localhost and literal IPs in blocked ranges.
  • assert_hostname_resolves_to_public_ips(hostname). Asynchronous DNS gate used right before issuing a request; defends against DNS-rebinding.
  • validate_and_assert_public_url(url, *, field_label, allow_insecure=False) -> str. Composite helper that runs the sync gate plus the DNS gate in one call and returns the validated hostname. Use from any new outbound-URL surface.
  • assert_url_is_host_root(url, *, field_label). Rejects non-root paths (including //, ///), query strings, and fragments. For base-URL fields that derive endpoints via f-string concatenation.
  • assert_url_has_no_query_or_fragment(url, *, field_label). Path is allowed; rejects only query and fragment. For URLs that legitimately have a path (OIDC issuer URLs with a realm path) but where a stray query/fragment would corrupt downstream concatenation.

This is the SSRF audit namespace: import the module and call through it so every call site is greppable for audits, matching the stdlib idiom (hmac.compare_digest, secrets.token_urlsafe).

from pipefy_infra import security

security.validate_https_url(url, "graphql_url", allow_insecure=False)
await security.assert_hostname_resolves_to_public_ips(host)

Field definitions

This package owns no schema. Field definitions live with the settings models that use them (pipefy_auth.AuthSettings, pipefy_sdk.PipefySettings).

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pipefy_infra-0.3.0a1.tar.gz (15.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pipefy_infra-0.3.0a1-py3-none-any.whl (12.8 kB view details)

Uploaded Python 3

File details

Details for the file pipefy_infra-0.3.0a1.tar.gz.

File metadata

  • Download URL: pipefy_infra-0.3.0a1.tar.gz
  • Upload date:
  • Size: 15.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.6

File hashes

Hashes for pipefy_infra-0.3.0a1.tar.gz
Algorithm Hash digest
SHA256 e9a36cbcf32140013e8d60edfcef6ee178d2eddadc8788655e5437189107234a
MD5 350a3c5562a9982799f5f4297440a902
BLAKE2b-256 6bfabf5c5ac35168aafba159600a44e7f10975a232c6626729f92dd57e30be72

See more details on using hashes here.

File details

Details for the file pipefy_infra-0.3.0a1-py3-none-any.whl.

File metadata

  • Download URL: pipefy_infra-0.3.0a1-py3-none-any.whl
  • Upload date:
  • Size: 12.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.6

File hashes

Hashes for pipefy_infra-0.3.0a1-py3-none-any.whl
Algorithm Hash digest
SHA256 5bf7f061458725e310249f7c0f9d46a589b770104768d5cfb8bdebf23f0d1126
MD5 6a915aae78db8f865e486b3ad1dfaf6c
BLAKE2b-256 cf5344500b0751ce6e68f7e2cb9e8fc965efefb8e9095fed3c1378b629e6e4c3

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page