Lightweight client SDK for consuming Signet credentials
Project description
signet-auth-sdk
Lightweight Python client SDK for consuming Signet credentials.
Install
pip install signet-auth-sdk
Requires Python >= 3.9.
Quick start
from signet_auth_sdk import SignetClient
client = SignetClient()
# Get HTTP headers for an authenticated request
headers = client.get_headers("my-jira")
response = requests.get("https://jira.example.com/rest/api/2/search", headers=headers)
Watching for changes
from signet_auth_sdk import SignetClient
client = SignetClient()
def on_change(provider_id: str, headers: dict[str, str]):
print(f"Credentials updated for {provider_id}")
client.on_change(on_change)
client.watch()
# Later:
client.close()
Or use as a context manager:
with SignetClient() as client:
headers = client.get_headers("my-jira")
API reference
SignetClient(credentials_dir=None)
| Parameter | Type | Default | Description |
|---|---|---|---|
credentials_dir |
str | Path | None |
~/.sig/credentials |
Path to credentials directory |
client.get_headers(provider_id) -> dict[str, str]
Returns HTTP headers ready to use with requests, httpx, etc. Raises CredentialNotFoundError if the provider has no stored credential.
client.get_credential(provider_id) -> Credential | None
Returns the raw credential object, or None if not found.
client.get_local_storage(provider_id) -> dict[str, str]
Returns extracted localStorage values (e.g. Slack's xoxc token). Empty dict if not found.
client.list_providers() -> list[ProviderInfo]
Lists all providers with stored credentials.
client.on_change(callback)
Register a callback for credential changes. Called with (provider_id, headers).
client.on_error(callback)
Register a callback for watcher errors. Called with (error,).
client.watch()
Start polling the credentials directory for changes.
client.close()
Stop watching and clean up resources.
format_headers(credential) -> dict[str, str]
Standalone function to convert a Credential into HTTP headers.
extract_local_storage(credential) -> dict[str, str]
Standalone function to extract localStorage values from a credential.
Return values by credential type
get_headers(provider_id) -- returns dict[str, str]
| Credential Type | Example Return Value |
|---|---|
cookie |
{"Cookie": "sid=abc123; csrf=xyz789", "x-csrf-token": "tok", "origin": "https://..."} |
bearer |
{"Authorization": "Bearer eyJhbG...", "x-csrf-token": "tok"} |
api-key |
{"Authorization": "Bearer ghp_test123"} or {"X-API-Key": "key123"} |
basic |
{"Authorization": "Basic YWRtaW46czNjcmV0"} |
For cookie and bearer types, xHeaders (captured during browser authentication, e.g. CSRF tokens, origin headers) are merged into the result. The primary header (Cookie or Authorization) always takes precedence over xHeaders with the same name.
get_credential(provider_id) -- returns Optional[Credential]
Returns the full credential dataclass, discriminated by the type field. Returns None if not found.
CookieCredential:
CookieCredential(
type="cookie",
cookies=[Cookie(name="sid", value="abc123", domain=".example.com", path="/", expires=1735689600, httpOnly=True, secure=True, sameSite="Lax")],
obtainedAt="2025-01-01T00:00:00Z",
xHeaders={"x-csrf-token": "tok123", "origin": "https://example.com"}, # default: {}
localStorage={"token": "xoxc-123-456"}, # default: {}
)
BearerCredential:
BearerCredential(
type="bearer",
accessToken="eyJhbGciOiJSUzI1NiIs...",
refreshToken="dGhpcyBpcyBhIHJlZnJlc2g...", # optional
expiresAt="2025-01-02T00:00:00Z", # optional
scopes=["read", "write"], # optional
tokenEndpoint="https://auth.example.com/token", # optional
xHeaders={"x-csrf-token": "tok"}, # default: {}
localStorage={"token": "xoxc-123"}, # default: {}
)
ApiKeyCredential:
ApiKeyCredential(
type="api-key",
key="ghp_xxxxxxxxxxxxxxxxxxxx",
headerName="Authorization", # configurable header name
headerPrefix="Bearer", # optional prefix before the key
)
BasicCredential:
BasicCredential(
type="basic",
username="admin",
password="s3cret",
)
get_local_storage(provider_id) -- returns dict[str, str]
Returns extracted browser localStorage values. Only cookie and bearer credential types can carry localStorage; api-key and basic always return {}. Returns {} if the provider is not found.
# Example: Slack stores an xoxc token in localStorage alongside cookies
ls = client.get_local_storage("my-slack")
# {"token": "xoxc-123-456-789"}
Credential types
| Type | Headers produced |
|---|---|
cookie |
Cookie: name=value; ... + any xHeaders |
bearer |
Authorization: Bearer <token> + any xHeaders |
api-key |
<headerName>: [prefix] <key> |
basic |
Authorization: Basic <base64> |
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sigcli_sdk-1.0.0.tar.gz.
File metadata
- Download URL: sigcli_sdk-1.0.0.tar.gz
- Upload date:
- Size: 11.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8085f0e808481829e5585d1f91c7cf285f7d95b67ab281df87243311d5052294
|
|
| MD5 |
4cd49a1c706cd1a06163c1fd37f5e818
|
|
| BLAKE2b-256 |
c3157244de0df4f403b38a56f76064330b120dbe3a4ef15c492ba0ae50b5f546
|
File details
Details for the file sigcli_sdk-1.0.0-py3-none-any.whl.
File metadata
- Download URL: sigcli_sdk-1.0.0-py3-none-any.whl
- Upload date:
- Size: 10.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c6df04cc95648bdbea3c4532ff0a605141951cfe09d0ae451aa31c3753ac7499
|
|
| MD5 |
37b6564c4c614c3d2ed19b7b9e3430e4
|
|
| BLAKE2b-256 |
70d4027ae975510fd1f25aa44bb66501dc1a43e4073f4d27efb4be99c000e22b
|
