| Name | beyondtrust-bips-library JSON |
| Version |
1.33.0
JSON |
| download |
| home_page | None |
| Summary | Password Safe API integration written in Python, Abstract complexity of managing secrets with the API. |
| upload_time | 2025-07-28 21:36:26 |
| maintainer | None |
| docs_url | None |
| author | BeyondTrust Corporation |
| requires_python | >=3.11 |
| license | MIT License
Copyright (c) 2023 BeyondTrust Corporation
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
|
| keywords |
beyondtrust
devops
secrets
secretssafe
security
|
| VCS |
|
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# Password Safe API integration
[](LICENSE)
Password Safe API integration written in Python, Abstract complexity of managing secrets with the API
## Python version compatibility
This library is compatible with Python >= v3.11.
## Install Package
```sh
# PyPI
pip install beyondtrust-bips-library
```
## Arguments
### Retrieve Secrets
- api_url:
- description: BeyondTrust Password Safe API URL.
- type: string
- required: True
- api_key:
- description: The API Key configured in BeyondInsight for your application. If not set, then client credentials must be provided.
- type: string
- required: False
- client_id:
- description: API OAuth Client ID.
- type: string
- required: True
- client_secret:
- description: API OAuth Client Secret.
- type: string
- required: True
- secret_list:
- description: List of secrets ["path/title","path/title"] or managed accounts ["ms/ma","ms/ma"] to be retrieved, separated by a comma.
- type: list
- required: True
- certificate_path:
- description: Password Safe API pfx Certificate Path. For use when authenticating using a Client Certificate.
- type: string
- required: False
- certificate_password:
- description: Password Safe API pfx Certificate Password. For use when authenticating using a Client Certificate.
- type: string
- required: False
- verify_ca:
- description: Indicates whether to verify the certificate authority on the Secrets Safe instance.
- type: boolean
- default: True
- required: False
## Methods
- get_secrets(self, paths)
- Invoked for Managed Account or Secrets Safe secrets.
- Returns a list of secrets in the requested order.
- get_secret(self, path)
- Invoked for Managed Account or Secrets Safe secrets.
- Returns the requested secret.
## Example of usage
We strongly recommend you to use a virtual environment and install dependences from requirements.txt file.
Import `secrets_safe_library`
```sh
pip install -r ~/requirements.txt
```
By default urllib3 logs are not shown, If need to show them:
```sh
export URLLIB3_PROPAGATE=True
```
script example using library:
```python
import os
import logging
from secrets_safe_library import secrets_safe, authentication, utils, managed_account
import requests
from requests.adapters import HTTPAdapter
from urllib3.util.retry import Retry
env = os.environ
LOGGER_NAME = "custom_logger"
logging.basicConfig(format = '%(asctime)-5s %(name)-15s %(levelname)-8s %(message)s',
level = logging.DEBUG)
# logger object is optional but is strongly recommended
logger = logging.getLogger(LOGGER_NAME)
TIMEOUT_CONNECTION_SECONDS = 30
TIMEOUT_REQUEST_SECONDS = 30
CERTIFICATE = env['CERTIFICATE']
CERTIFICATE_KEY = env['CERTIFICATE_KEY']
def main():
try:
with requests.Session() as session:
retry_strategy = Retry(
total=3,
backoff_factor=0.2,
status_forcelist=[400, 408, 500, 502, 503, 504],
)
adapter = HTTPAdapter(max_retries=retry_strategy)
session.mount("https://", adapter)
session.mount("http://", adapter)
certificate, certificate_key = utils.prepare_certificate_info(CERTIFICATE, CERTIFICATE_KEY)
authentication_obj = authentication.Authentication(
req=session,
timeout_connection=TIMEOUT_CONNECTION_SECONDS,
timeout_request=TIMEOUT_REQUEST_SECONDS,
api_url="https://example.com:443/BeyondTrust/api/public/v3",
client_id="<client_id>",
client_secret="<client_secret>",
certificate=certificate,
certificate_key=certificate_key,
verify_ca=True,
logger=None
)
# sign app in password safe API
get_api_access_response = authentication_obj.get_api_access()
if get_api_access_response.status_code == 200:
# instantiate secrets safe object
secrets_safe_obj = secrets_safe.SecretsSafe(authentication_obj, logger)
get_secrets_response = secrets_safe_obj.get_secrets(["oagrp/text,oagrp/credential"])
utils.print_log(logger, f"=> Retrive secrets: {get_secrets_response}", logging.DEBUG)
else:
print(f"Please check credentials, error {get_api_access_response.text}")
authentication_obj.sign_app_out()
except Exception as e:
utils.print_log(logger, f"Error: {e}", logging.ERROR)
# calling main method
main()
```
Raw data
{
"_id": null,
"home_page": null,
"name": "beyondtrust-bips-library",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.11",
"maintainer_email": null,
"keywords": "beyondtrust, devops, secrets, secretssafe, security",
"author": "BeyondTrust Corporation",
"author_email": "support@beyondtrust.com",
"download_url": "https://files.pythonhosted.org/packages/c7/f9/28a1ea39a38aa4550fc05c081ed645c72aabcf1dc8cbf946dc585e43bd97/beyondtrust_bips_library-1.33.0.tar.gz",
"platform": null,
"description": "# Password Safe API integration\n[](LICENSE)\n\nPassword Safe API integration written in Python, Abstract complexity of managing secrets with the API\n\n## Python version compatibility\n \nThis library is compatible with Python >= v3.11.\n\n## Install Package\n\n```sh\n# PyPI\npip install beyondtrust-bips-library\n```\n## Arguments\n\n### Retrieve Secrets\n- api_url:\n - description: BeyondTrust Password Safe API URL.\n - type: string\n - required: True\n- api_key:\n - description: The API Key configured in BeyondInsight for your application. If not set, then client credentials must be provided.\n - type: string\n - required: False\n- client_id:\n - description: API OAuth Client ID.\n - type: string\n - required: True\n- client_secret:\n - description: API OAuth Client Secret.\n - type: string\n - required: True\n- secret_list:\n - description: List of secrets [\"path/title\",\"path/title\"] or managed accounts [\"ms/ma\",\"ms/ma\"] to be retrieved, separated by a comma.\n - type: list\n - required: True\n- certificate_path:\n - description: Password Safe API pfx Certificate Path. For use when authenticating using a Client Certificate.\n - type: string\n - required: False\n- certificate_password:\n - description: Password Safe API pfx Certificate Password. For use when authenticating using a Client Certificate.\n - type: string\n - required: False\n- verify_ca:\n - description: Indicates whether to verify the certificate authority on the Secrets Safe instance.\n - type: boolean \n - default: True\n - required: False\n\n## Methods\n- get_secrets(self, paths)\n\t- Invoked for Managed Account or Secrets Safe secrets.\n\t- Returns a list of secrets in the requested order.\n- get_secret(self, path)\n\t- Invoked for Managed Account or Secrets Safe secrets.\n\t- Returns the requested secret.\n\n## Example of usage\n\nWe strongly recommend you to use a virtual environment and install dependences from requirements.txt file.\n\nImport `secrets_safe_library`\n\n```sh\npip install -r ~/requirements.txt\n```\n\nBy default urllib3 logs are not shown, If need to show them:\n\n```sh\nexport URLLIB3_PROPAGATE=True\n```\n\nscript example using library:\n```python\nimport os\nimport logging\nfrom secrets_safe_library import secrets_safe, authentication, utils, managed_account\nimport requests\nfrom requests.adapters import HTTPAdapter\nfrom urllib3.util.retry import Retry\n\nenv = os.environ\nLOGGER_NAME = \"custom_logger\"\n\nlogging.basicConfig(format = '%(asctime)-5s %(name)-15s %(levelname)-8s %(message)s',\n\nlevel = logging.DEBUG)\n\n# logger object is optional but is strongly recommended\nlogger = logging.getLogger(LOGGER_NAME)\n\nTIMEOUT_CONNECTION_SECONDS = 30\nTIMEOUT_REQUEST_SECONDS = 30\n\nCERTIFICATE = env['CERTIFICATE']\nCERTIFICATE_KEY = env['CERTIFICATE_KEY']\n\ndef main():\n try:\n with requests.Session() as session:\n retry_strategy = Retry(\n total=3,\n backoff_factor=0.2,\n status_forcelist=[400, 408, 500, 502, 503, 504],\n )\n adapter = HTTPAdapter(max_retries=retry_strategy)\n session.mount(\"https://\", adapter)\n session.mount(\"http://\", adapter)\n \n certificate, certificate_key = utils.prepare_certificate_info(CERTIFICATE, CERTIFICATE_KEY)\n \n authentication_obj = authentication.Authentication(\n req=session,\n timeout_connection=TIMEOUT_CONNECTION_SECONDS,\n timeout_request=TIMEOUT_REQUEST_SECONDS,\n api_url=\"https://example.com:443/BeyondTrust/api/public/v3\",\n client_id=\"<client_id>\",\n client_secret=\"<client_secret>\",\n certificate=certificate,\n certificate_key=certificate_key,\n verify_ca=True,\n logger=None\n )\n\n # sign app in password safe API\n get_api_access_response = authentication_obj.get_api_access()\n\n if get_api_access_response.status_code == 200:\n # instantiate secrets safe object\n secrets_safe_obj = secrets_safe.SecretsSafe(authentication_obj, logger)\n\n get_secrets_response = secrets_safe_obj.get_secrets([\"oagrp/text,oagrp/credential\"])\n utils.print_log(logger, f\"=> Retrive secrets: {get_secrets_response}\", logging.DEBUG)\n else:\n print(f\"Please check credentials, error {get_api_access_response.text}\")\n \n authentication_obj.sign_app_out()\n\n except Exception as e:\n utils.print_log(logger, f\"Error: {e}\", logging.ERROR)\n\n# calling main method\nmain()\n```\n",
"bugtrack_url": null,
"license": "MIT License\n \n Copyright (c) 2023 BeyondTrust Corporation\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n of this software and associated documentation files (the \"Software\"), to deal\n in the Software without restriction, including without limitation the rights\n to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n copies of the Software, and to permit persons to whom the Software is\n furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n SOFTWARE.\n ",
"summary": "Password Safe API integration written in Python, Abstract complexity of managing secrets with the API.",
"version": "1.33.0",
"project_urls": {
"support": "https://www.beyondtrust.com/docs/index.htm#support"
},
"split_keywords": [
"beyondtrust",
" devops",
" secrets",
" secretssafe",
" security"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "8b5f062a9d413e12e5a9da2216b6c58b13a398bab6038a5f0b3bd3b12b5c6c7f",
"md5": "c5bc2a99ba2c2b43dfbd9e16a9ecc037",
"sha256": "7e3cb3129bb7d54316fdc1ef4ae2e0269d7a7ccd1222aeabc66d580a9225a30f"
},
"downloads": -1,
"filename": "beyondtrust_bips_library-1.33.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c5bc2a99ba2c2b43dfbd9e16a9ecc037",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.11",
"size": 97426,
"upload_time": "2025-07-28T21:36:25",
"upload_time_iso_8601": "2025-07-28T21:36:25.228595Z",
"url": "https://files.pythonhosted.org/packages/8b/5f/062a9d413e12e5a9da2216b6c58b13a398bab6038a5f0b3bd3b12b5c6c7f/beyondtrust_bips_library-1.33.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "c7f928a1ea39a38aa4550fc05c081ed645c72aabcf1dc8cbf946dc585e43bd97",
"md5": "030c9af62bb169a24b60a8d2b68d3111",
"sha256": "e359e85d90e2b03aaa689b0bab990f723d6b4f3828b38c1577ebb6e11097159f"
},
"downloads": -1,
"filename": "beyondtrust_bips_library-1.33.0.tar.gz",
"has_sig": false,
"md5_digest": "030c9af62bb169a24b60a8d2b68d3111",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.11",
"size": 56080,
"upload_time": "2025-07-28T21:36:26",
"upload_time_iso_8601": "2025-07-28T21:36:26.615339Z",
"url": "https://files.pythonhosted.org/packages/c7/f9/28a1ea39a38aa4550fc05c081ed645c72aabcf1dc8cbf946dc585e43bd97/beyondtrust_bips_library-1.33.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-28 21:36:26",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "beyondtrust-bips-library"
}
