Skip to content

Python client for Logto Management API

License

Notifications You must be signed in to change notification settings

ysemennikov/py-logto-admin

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

py-logto-admin

Python client for Logto Management API.

Table of Contents

What It Does:

The py-logto-admin client allows you to interact with the Logto Management API seamlessly, making it easier to integrate Logto's authentication and user management features into your Python applications.

Key Features:

  • Asynchronous Support: Fully supports asynchronous operations.
  • Modern Python: Utilizes the latest Python features, including type annotations and dataclasses, for enhanced code clarity and robustness.
  • Comprehensive Documentation: Includes thorough documentation and usage instructions directly within the docstrings.
  • Built on top of the OpenAPI Spec: Built using the openapi-python-client, which means the client is generated from the Logto OpenAPI Specification.

Installation

# pip
pip install logto-admin

# poetry
poetry add logto-admin

Usage

import asyncio
import logto_admin

# Create a token manager first.
# It will manage the access token and refresh it every 3000 seconds.
token_manager = logto_admin.TokenManager(
    logto_endpoint="https://[tenant_id].logto.app",
    m2m_app_id="your-M2M-app-id",
    m2m_app_secret="your-M2M-app-secret",
)

# Fetch the initial access token.
# This can be done on startup of your app.
token_manager.fetch_token_info()

# Create an asyncio task for refreshing token periodically
asyncio.create_task(logto_m2m_token_manager.refresh_token_periodically())


# Create your own client class
class LogtoAdmin(logto_admin.AuthenticatedClient):
    """Logto Management API client"""

    def __init__(self) -> None:
        super().__init__(
            base_url="https://[tenant_id].logto.app/api",
            token=token_manager.token_info["access_token"],
            prefix=token_manager.token_info["token_type"],
        )


# Use the client
async def create_user():
    async with LogtoAdmin() as logto_admin_client:
        await logto_admin.api.users.post_api_users.asyncio(
            client=logto_admin_client,
            body=logto_admin.models.PostApiUsersBody(),
        )

Things to know:

  1. Every path/method combo becomes a Python module with two functions:

    1. asyncio: Request that returns parsed data (if successful) or None
    2. asyncio_detailed: Always returns a Request, optionally with parsed set if the request was successful.
  2. All path/query params, and bodies become method arguments.

  3. If the endpoint had any tags on it, the first tag will be used as a module name for the function.

  4. Any endpoint which did not have a tag will be in logto_admin.api.default

Compatibility with Logto API

The Compatibility Table and more detailed info here: Docs / Versioning

Advanced usage

Client customization

There are more settings on the generated Client class which let you control more runtime behavior, check out the docstring on that class for more info. You can also customize the underlying httpx.AsyncClient:

from logto_admin import Client

def log_request(request):
    print(f"Request event hook: {request.method} {request.url} - Waiting for response")

def log_response(response):
    request = response.request
    print(f"Response event hook: {request.method} {request.url} - Status {response.status_code}")

client = Client(
    base_url="https://api.example.com",
    httpx_args={"event_hooks": {"request": [log_request], "response": [log_response]}},
)

# Or get the underlying httpx client to modify directly with client.get_httpx_client() or client.get_async_httpx_client()

You can even set the httpx client directly, but beware that this will override any existing settings (e.g., base_url):

import httpx
from logto_admin import Client

client = Client(
    base_url="https://api.example.com",
)
# Note that base_url needs to be re-set, as would any shared cookies, headers, etc.
client.set_httpx_client(httpx.AsyncClient(base_url="https://api.example.com", proxies="http://localhost:8030"))

SSL

By default, when you're calling an HTTPS API it will attempt to verify that SSL is working correctly. Using certificate verification is highly recommended most of the time, but sometimes you may need to authenticate to a server (especially an internal server) using a custom certificate bundle.

class LogtoAdmin(logto_admin.AuthenticatedClient):
    """Logto Management API client"""

    def __init__(self) -> None:
        super().__init__(
            base_url="https://[tenant_id].logto.app/api",
            token=token_manager.token_info["access_token"],
            prefix=token_manager.token_info["token_type"],
            verify_ssl="/path/to/certificate_bundle.pem",
        )

You can also disable certificate validation altogether, but beware that this is a security risk.

class LogtoAdmin(logto_admin.AuthenticatedClient):
    """Logto Management API client"""

    def __init__(self) -> None:
        super().__init__(
            base_url="https://[tenant_id].logto.app/api",
            token=token_manager.token_info["access_token"],
            prefix=token_manager.token_info["token_type"],
            verify_ssl=False,
        )