4.x gnp (#300)

* add camara auth module

* start adding gnp sim swap

* adding new gnp packages

* update camara auth

* add network packages

* finish adding network apis and prepare for release

* adjust verify v2 channel timeout and prepare for release

Author: maxkahan

http_client/CHANGES.md

@@ -1,3 +1,6 @@
+# 1.4.0
+- Add new `oauth2` logic for calling APIs that require Oauth
+
 # 1.3.1
 - Update minimum dependency version
 

http_client/pyproject.toml

@@ -1,12 +1,12 @@
 [project]
 name = "vonage-http-client"
-version = "1.3.1"
+version = "1.4.0"
 description = "An HTTP client for making requests to Vonage APIs."
 readme = "README.md"
 authors = [{ name = "Vonage", email = "devrel@vonage.com" }]
 requires-python = ">=3.8"
 dependencies = [
-  "vonage-utils>=1.1.1",
+  "vonage-utils>=1.1.2",
   "vonage-jwt>=1.1.1",
   "requests>=2.27.0",
   "typing-extensions>=4.9.0",

http_client/src/vonage_http_client/http_client.py

@@ -130,11 +130,12 @@ def post(
         host: str,
         request_path: str = '',
         params: dict = None,
-        auth_type: Literal['jwt', 'basic', 'body', 'signature'] = 'jwt',
-        sent_data_type: Literal['json', 'data'] = 'json',
+        auth_type: Literal['jwt', 'basic', 'body', 'signature', 'oauth2'] = 'jwt',
+        sent_data_type: Literal['json', 'form', 'query-params'] = 'json',
+        token: Optional[str] = None,
     ) -> Union[dict, None]:
         return self.make_request(
-            'POST', host, request_path, params, auth_type, sent_data_type
+            'POST', host, request_path, params, auth_type, sent_data_type, token
         )
 
     def get(
@@ -192,8 +193,9 @@ def make_request(
         host: str,
         request_path: str = '',
         params: Optional[dict] = None,
-        auth_type: Literal['jwt', 'basic', 'body', 'signature'] = 'jwt',
+        auth_type: Literal['jwt', 'basic', 'body', 'signature', 'oauth2'] = 'jwt',
         sent_data_type: Literal['json', 'form', 'query_params'] = 'json',
+        token: Optional[str] = None,
     ):
         url = f'https://{host}{request_path}'
         logger.debug(
@@ -206,6 +208,8 @@ def make_request(
         elif auth_type == 'body':
             params['api_key'] = self._auth.api_key
             params['api_secret'] = self._auth.api_secret
+        elif auth_type == 'oauth2':
+            self._headers['Authorization'] = f'Bearer {token}'
         elif auth_type == 'signature':
             params['api_key'] = self._auth.api_key
             params['sig'] = self._auth.sign_params(params)

network_auth/BUILD

@@ -0,0 +1,16 @@
+resource(name='pyproject', source='pyproject.toml')
+file(name='readme', source='README.md')
+
+files(sources=['tests/data/*'])
+
+python_distribution(
+    name='vonage-network-auth',
+    dependencies=[
+        ':pyproject',
+        ':readme',
+        'network_auth/src/vonage_network_auth',
+    ],
+    provides=python_artifact(),
+    generate_setup=False,
+    repositories=['@pypi'],
+)

network_auth/CHANGES.md

@@ -0,0 +1,2 @@
+# 0.1.0b0
+- Initial upload

network_auth/README.md

@@ -0,0 +1,36 @@
+# Vonage Network API Authentication Client
+
+This package (`vonage-network-auth`) provides a client for authenticating Network APIs that require Oauth2 authentcation. Using it, it is possible to generate authenticated JWTs for use with GNP APIs, e.g. Sim Swap, Number Verification.
+
+This package is intended to be used as part of an SDK, accessing required methods through the SDK instead of directly. Thus, it doesn't require manual installation or configuration unless you're using this package independently of an SDK.
+
+For full API documentation, refer to the [Vonage developer documentation](https://developer.vonage.com).
+
+Please note this package is in beta.
+
+## Installation
+
+Install from the Python Package Index with pip:
+
+```bash
+pip install vonage-network-auth
+```
+
+## Usage
+
+### Create a `NetworkAuth` Object
+
+```python
+from vonage_network_auth import NetworkAuth
+from vonage_http_client import HttpClient, Auth
+
+network_auth = NetworkAuth(HttpClient(Auth(application_id='application-id', private_key='private-key')))
+```
+
+### Generate an Authenticated Access Token
+
+```python
+token = network_auth.get_oauth2_user_token(
+    number='447700900000', scope='dpv:FraudPreventionAndDetection#check-sim-swap'
+)
+```

network_auth/pyproject.toml

@@ -0,0 +1,25 @@
+[project]
+name = "vonage-network-auth"
+version = "0.1.0b0"
+description = "Package for working with Network APIs that require Oauth2 in Python."
+readme = "README.md"
+authors = [{ name = "Vonage", email = "devrel@vonage.com" }]
+requires-python = ">=3.8"
+dependencies = ["vonage-http-client>=1.4.0", "vonage-utils>=1.1.2"]
+classifiers = [
+  "Programming Language :: Python",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3.8",
+  "Programming Language :: Python :: 3.9",
+  "Programming Language :: Python :: 3.10",
+  "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: 3.12",
+  "License :: OSI Approved :: Apache Software License",
+]
+
+[project.urls]
+Homepage = "https://github.com/Vonage/vonage-python-sdk"
+
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"

network_auth/src/vonage_network_auth/BUILD

@@ -0,0 +1 @@
+python_sources()

network_auth/src/vonage_network_auth/__init__.py

@@ -0,0 +1,4 @@
+from .network_auth import NetworkAuth
+from .responses import OidcResponse, TokenResponse
+
+__all__ = ['NetworkAuth', 'OidcResponse', 'TokenResponse']

network_auth/src/vonage_network_auth/network_auth.py

@@ -0,0 +1,91 @@
+from pydantic import validate_call
+from vonage_http_client.http_client import HttpClient
+
+from .responses import OidcResponse, TokenResponse
+
+
+class NetworkAuth:
+    """Class containing methods for authenticating Network APIs following Camara standards."""
+
+    def __init__(self, http_client: HttpClient):
+        self._http_client = http_client
+        self._host = 'api-eu.vonage.com'
+        self._auth_type = 'jwt'
+        self._sent_data_type = 'form'
+
+    @property
+    def http_client(self) -> HttpClient:
+        """The HTTP client used to make requests to the Network Auth API.
+
+        Returns:
+            HttpClient: The HTTP client used to make requests to the Network Auth API.
+        """
+        return self._http_client
+
+    @validate_call
+    def get_oauth2_user_token(self, number: str, scope: str) -> str:
+        """Get an OAuth2 user token for a given number and scope.
+
+        Args:
+            number (str): The phone number to authenticate.
+            scope (str): The scope of the token.
+
+        Returns:
+            str: The OAuth2 user token.
+        """
+        oidc_response = self.make_oidc_request(number, scope)
+        token_response = self.request_access_token(oidc_response.auth_req_id)
+        return token_response.access_token
+
+    @validate_call
+    def make_oidc_request(self, number: str, scope: str) -> OidcResponse:
+        """Make an OIDC request to authenticate a user.
+
+        Args:
+            number (str): The phone number to authenticate.
+            scope (str): The scope of the token.
+
+        Returns:
+            OidcResponse: A response containing the authentication request ID.
+        """
+        number = self._ensure_plus_prefix(number)
+        params = {'login_hint': number, 'scope': scope}
+
+        response = self._http_client.post(
+            self._host,
+            '/oauth2/bc-authorize',
+            params,
+            self._auth_type,
+            self._sent_data_type,
+        )
+        return OidcResponse(**response)
+
+    @validate_call
+    def request_access_token(
+        self, auth_req_id: str, grant_type: str = 'urn:openid:params:grant-type:ciba'
+    ) -> TokenResponse:
+        """Request a Camara access token using an authentication request ID given as a response to
+        an OIDC request."""
+        params = {'auth_req_id': auth_req_id, 'grant_type': grant_type}
+
+        response = self._http_client.post(
+            self._host,
+            '/oauth2/token',
+            params,
+            self._auth_type,
+            self._sent_data_type,
+        )
+        return TokenResponse(**response)
+
+    def _ensure_plus_prefix(self, number: str) -> str:
+        """Ensure that the number has a plus prefix.
+
+        Args:
+            number (str): The phone number to check.
+
+        Returns:
+            str: The phone number with a plus prefix.
+        """
+        if number.startswith('+'):
+            return number
+        return f'+{number}'