TokenFetcher

class openapi_client.amorphic_api_client.TokenFetcher(aws_profile=None, logger=None)[source]

Bases: object

Utility class to fetch PAT tokens from various sources for local development

__init__(aws_profile=None, logger=None)[source]

Initialize TokenFetcher for retrieving authentication tokens from various sources.

Key Steps: 1. Store AWS profile name for local development 2. Set up logger instance for consistent logging 3. Prepare for token fetching from multiple sources

Parameters:

  • aws_profile (Optional[str]) – AWS profile name for local development

  • logger (Optional[logging.Logger]) – Logger instance for consistent logging

Returns:

Initialized token fetcher instance

Return type:

TokenFetcher

Raises:

None – This method has no external dependencies

fetch_token_from_env(env_var_name)[source]

Fetch token from environment variable.

Key Steps: 1. Retrieve environment variable value using os.getenv 2. Log success if token is found 3. Log warning if environment variable is not found 4. Return token or None

Parameters:

env_var_name (str) – Environment variable name containing the token

Returns:

Token if found, None otherwise

Return type:

Optional[str]

Raises:

None – This method handles all cases gracefully

fetch_token_from_ssm(parameter_name, decrypt=True)[source]

Fetch token from AWS SSM Parameter Store.

Key Steps: 1. Create SSM client using configured AWS credentials 2. Call get_parameter with decryption option 3. Extract token value from response 4. Handle various error conditions (not found, access denied, etc.) 5. Log success or appropriate error messages

Parameters:

  • parameter_name (str) – SSM parameter name containing the token

  • decrypt (bool) – Whether to decrypt SecureString parameters (default: True)

Returns:

Token if found, None otherwise

Return type:

Optional[str]

Raises:

None – This method handles all exceptions internally

fetch_token_from_secrets_manager(secret_arn)[source]

Fetch token from AWS Secrets Manager.

Key Steps: 1. Create Secrets Manager client using configured AWS credentials 2. Call get_secret_value with the provided secret ARN 3. Extract SecretString value from response 4. Handle various error conditions (not found, access denied, etc.) 5. Log success or appropriate error messages

Parameters:

secret_arn (str) – Secret ARN or name containing the token

Returns:

Token if found, None otherwise

Return type:

Optional[str]

Raises:

None – This method handles all exceptions internally

fetch_token(env_var=None, ssm_parameter=None, secret_arn=None)[source]

Fetch token from the specified source with priority order.

Key Steps: 1. Check environment variable source first (highest priority) 2. Check SSM parameter source second 3. Check Secrets Manager source third 4. Raise ValueError if no source is specified 5. Return the token from the first available source

Parameters:

  • env_var (Optional[str]) – Environment variable name containing the token

  • ssm_parameter (Optional[str]) – SSM parameter name containing the token

  • secret_arn (Optional[str]) – Secrets Manager secret ARN containing the token

Returns:

Token from the specified source

Return type:

str

Raises:

  • ValueError – If no token source is specified

  • NoCredentialsError – If AWS credentials are not configured for SSM/Secrets Manager

  • ClientError – If AWS service calls fail

Overview:

The TokenFetcher class is a utility for retrieving PAT (Personal Access Tokens) from various sources including environment variables, AWS SSM Parameter Store, and AWS Secrets Manager. This provides flexibility for different deployment environments and security requirements.

Key Features:

  • Multiple Token Sources: Support for environment variables, SSM, and Secrets Manager

  • AWS Profile Support: Optional AWS profile specification for local development

  • Flexible Configuration: Easy switching between token sources

Basic Usage:

from openapi_client.amorphic_api_client import TokenFetcher

# Create token fetcher
fetcher = TokenFetcher()

# Fetch from environment variable
token = fetcher.fetch_token_from_env('PAT_TOKEN')

# Fetch from AWS SSM
token = fetcher.fetch_token_from_ssm('/myapp/api/token')

# Fetch from AWS Secrets Manager
token = fetcher.fetch_token_from_secrets_manager('arn:aws:secretsmanager:...')

AWS Profile Support:

# For local development with specific AWS profile
fetcher = TokenFetcher(aws_profile='myprofile')
token = fetcher.fetch_token_from_ssm('/myapp/api/token')

Unified Token Fetching:

# Fetch from any configured source
token = fetcher.fetch_token(env_var='PAT_TOKEN')
# OR
token = fetcher.fetch_token(ssm_parameter='/myapp/api/token')
# OR
token = fetcher.fetch_token(secret_arn='arn:aws:secretsmanager:...')