SK-1749: Improved samples for Python SDK V2

samples/service_account/scoped_token_generation_example.py

@@ -8,6 +8,7 @@
 file_path = '<CREDENTIALS_FILE_PATH>'
 bearer_token = ''
 
+# To generate Bearer Token from credentials string.
 skyflow_credentials = {
     'clientID': '<YOUR_CLIENT_ID>',
     'clientName': '<YOUR_CLIENT_NAME>',
@@ -16,21 +17,40 @@
     'privateKey': '<YOUR_PRIVATE_KEY>',
 }
 credentials_string = json.dumps(skyflow_credentials)
-# Generate bearer token from credentials file path
 
 options = {'role_ids': ['ROLE_ID1', 'ROLE_ID2']}
-if is_expired(bearer_token):
-    bearer_token, token_type = generate_bearer_token(
-        '<YOUR_CREDENTIALS_FILE_PATH>', options
-    )
 
-    print(bearer_token, token_type)
+def get_scoped_bearer_token_from_file_path():
+    # Generate scoped bearer token from credentials file path.
+    global bearer_token
 
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            token, _ = generate_bearer_token(file_path, options)
+            bearer_token = token
+            return bearer_token
 
-# Generate bearer token from credentials string
-if is_expired(bearer_token):
-    bearer_token, token_type = generate_bearer_token_from_creds(
-        credentials_string, options
-    )
+    except Exception as e:
+        print(f'Error generating token from file path: {str(e)}')
 
-    print(bearer_token, token_type)
+
+
+def get_scoped_bearer_token_from_credentials_string():
+    # Generate scoped bearer token from credentials string.
+    global bearer_token
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            token, _ = generate_bearer_token_from_creds(credentials_string, options)
+            bearer_token = token
+            return bearer_token
+    except Exception as e:
+        print(f"Error generating token from credentials string: {str(e)}")
+
+
+print(get_scoped_bearer_token_from_file_path())
+
+print(get_scoped_bearer_token_from_credentials_string())

samples/service_account/signed_token_generation_example.py

@@ -24,15 +24,36 @@
     'time_to_live': 90,  # in seconds
 }
 
-# Generate bearer token from credentials file path
-if is_expired(bearer_token):
-    actual_token, signed_token = generate_signed_data_tokens(
-        '<YOUR_CREDENTIALS_FILE_PATH>', options
-    )
-
-
-# Generate bearer token from credentials string
-if is_expired(bearer_token):
-    actual_token, signed_token = generate_signed_data_tokens_from_creds(
-        credentials_string, options
-    )
+def get_signed_bearer_token_from_file_path():
+    # Generate signed bearer token from credentials file path.
+    global bearer_token
+
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            data_token, signed_data_token = generate_signed_data_tokens(file_path, options)
+            return data_token, signed_data_token
+
+    except Exception as e:
+        print(f'Error generating token from file path: {str(e)}')
+
+
+def get_signed_bearer_token_from_credentials_string():
+    # Generate signed bearer token from credentials string.
+    global bearer_token
+
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            data_token, signed_data_token = generate_signed_data_tokens_from_creds(credentials_string, options)
+            return data_token, signed_data_token
+
+    except Exception as e:
+        print(f'Error generating token from credentials string: {str(e)}')
+
+
+print(get_signed_bearer_token_from_file_path())
+
+print(get_signed_bearer_token_from_credentials_string())

samples/service_account/token_generation_example.py

@@ -8,6 +8,7 @@
 file_path = 'CREDENTIALS_FILE_PATH'
 bearer_token = ''
 
+# To generate Bearer Token from credentials string.
 skyflow_credentials = {
     'clientID': '<YOUR_CLIENT_ID>',
     'clientName': '<YOUR_CLIENT_NAME>',
@@ -18,15 +19,37 @@
 credentials_string = json.dumps(skyflow_credentials)
 
 
-# Generate bearer token from credentials file path
-if is_expired(bearer_token):
-    bearer_token, token_type = generate_bearer_token('<YOUR_CREDENTIALS_FILE_PATH>')
+def get_bearer_token_from_file_path():
+    # Generate bearer token from credentials file path.
+    global bearer_token
 
-    print(bearer_token, token_type)
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            token, _ = generate_bearer_token(file_path)
+            bearer_token = token
+            return bearer_token
 
+    except Exception as e:
+        print(f'Error generating token from file path: {str(e)}')
 
-# Generate bearer token from credentials string
-if is_expired(bearer_token):
-    bearer_token, token_type = generate_bearer_token_from_creds(credentials_string)
 
-    print(bearer_token, token_type)
+def get_bearer_token_from_credentials_string():
+    # Generate bearer token from credentials string.
+    global bearer_token
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            token, _ = generate_bearer_token_from_creds(credentials_string)
+            bearer_token = token
+            return bearer_token
+    except Exception as e:
+        print(f"Error generating token from credentials string: {str(e)}")
+
+
+
+print(get_bearer_token_from_file_path())
+
+print(get_bearer_token_from_credentials_string())

samples/service_account/token_generation_with_context_example.py

@@ -8,6 +8,7 @@
 file_path = 'CREDENTIALS_FILE_PATH'
 bearer_token = ''
 
+# To generate Bearer Token from credentials string.
 skyflow_credentials = {
     'clientID': '<YOUR_CLIENT_ID>',
     'clientName': '<YOUR_CLIENT_NAME>',
@@ -17,21 +18,38 @@
 }
 credentials_string = json.dumps(skyflow_credentials)
 
-# Generate bearer token from credentials file path
 options = {'ctx': '<CONTEXT_ID>'}
 
-if is_expired(bearer_token):
-    bearer_token, token_type = generate_bearer_token(
-        '<YOUR_CREDENTIALS_FILE_PATH>', options
-    )
+def get_bearer_token_with_context_from_file_path():
+    # Generate bearer token with context from credentials file path.
+    global bearer_token
 
-    print(bearer_token, token_type)
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            token, _ = generate_bearer_token(file_path, options)
+            bearer_token = token
+            return bearer_token
 
+    except Exception as e:
+        print(f'Error generating token from file path: {str(e)}')
 
-# Generate bearer token from credentials string
-if is_expired(bearer_token):
-    bearer_token, token_type = generate_bearer_token_from_creds(
-        credentials_string, options
-    )
 
-    print(bearer_token, token_type)
+def get_bearer_token_with_context_from_credentials_string():
+    # Generate bearer token with context from credentials string.
+    global bearer_token
+    try:
+        if not is_expired(bearer_token):
+            return bearer_token
+        else:
+            token, _ = generate_bearer_token_from_creds(credentials_string, options)
+            bearer_token = token
+            return bearer_token
+    except Exception as e:
+        print(f"Error generating token from credentials string: {str(e)}")
+
+
+print(get_bearer_token_with_context_from_file_path())
+
+print(get_bearer_token_with_context_from_credentials_string())

samples/vault_api/client_operations.py

@@ -1,70 +1,92 @@
-import json
+from skyflow.error import SkyflowError
 from skyflow import Skyflow, LogLevel
 from skyflow import Env
 from skyflow.vault.data import DeleteRequest
 
-# To generate Bearer Token from credentials string.
-skyflow_credentials = {
-    'clientID': '<YOUR_CLIENT_ID>',
-    'clientName': '<YOUR_CLIENT_NAME>',
-    'tokenURI': '<YOUR_TOKEN_URI>',
-    'keyID': '<YOUR_KEY_ID>',
-    'privateKey': '<YOUR_PRIVATE_KEY>',
-}
-credentials_string = json.dumps(skyflow_credentials)
-
-# please pass one of api_key, token, credentials_string & path as credentials
-credentials = {
-    'token': '<BEARER_TOKEN>',
-    #'credentials_string': credentials_string
-}
-
-
-skyflow_client = (
-    Skyflow.builder()
-    .add_vault_config(
-        {
-            'vault_id': '<VAULT_ID1>',  # primary vault
-            'cluster_id': '<CLUSTER_ID1>',  # ID from your vault URL Eg https://{clusterId}.vault.skyflowapis.com
-            'env': Env.PROD,  # Env by default it is set to PROD
-            'credentials': credentials,  # individual credentials
+"""
+Skyflow Secure Data Deletion Example
+
+This example demonstrates how to:
+    1. Configure Skyflow client credentials
+    2. Set up vault configuration
+    3. Create a delete request
+    4. Handle response and errors
+"""
+
+def perform_secure_data_deletion():
+    try:
+        # Step 1: Configure Bearer Token Credentials
+        credentials = {
+            'token': '<YOUR_BEARER_TOKEN>', # Bearer token
+        }
+
+        # Step 2: Configure vault
+        primary_vault_config = {
+            'vault_id': '<YOUR_VAULT_ID1>',  # primary vault
+            'cluster_id': '<YOUR_CLUSTER_ID1>',  # Cluster ID from your vault URL
+            'env': Env.PROD,  # Deployment environment (PROD by default)
+            'credentials': credentials,  # Authentication method
+        }
+
+        # Initialize Skyflow Client
+        skyflow_client = (
+            Skyflow.builder()
+            .add_vault_config(
+                primary_vault_config
+            )
+            .set_log_level(LogLevel.ERROR)  # Logging verbosity
+            .build()
+        )
+
+        # Step 4: Add Secondary Vault Configuration
+
+        secondary_vault_config = {
+            'vault_id': 'YOUR_VAULT_ID2',  # Secondary vault
+            'cluster_id': 'YOUR_CLUSTER_ID2',  # Cluster ID from your vault URL
+            'env': Env.PROD,  # Deployment environment
+            # If credentials aren't specified, Skyflow credentials will be used
         }
-    )
-    .set_log_level(LogLevel.ERROR)  # set log level by default it is set to ERROR
-    .build()
-)
 
+        # Add secondary vault config on the fly
+        skyflow_client.add_vault_config(secondary_vault_config)
+
+        # Step 5: Update Vault Configuration
+        updated_vault_config = {
+            'vault_id': 'YOUR_VAULT_ID2', # Vault ID and cluster ID are unique
+            'cluster_id': 'YOUR_CLUSTER_ID2', # Cluster ID from your vault URL
+            'credentials': credentials,  # Update credentials
+        }
 
-# add vault config on the fly
+        # Update vault config on the fly
+        skyflow_client.update_vault_config(updated_vault_config)
 
-skyflow_client.add_vault_config(
-    {
-        'vault_id': 'VAULT_ID2',  # secondary vault
-        'cluster_id': 'CLUSTER_ID2',  # ID from your vault URL Eg https://{clusterId}.vault.skyflowapis.com
-        'env': Env.PROD,  # Env by default it is set to PROD
-        # if you don't specify individual credentials, skyflow credentials will be used
-    }
-)
+        # Step 6: Prepare Delete Request
+        delete_ids = ['<SKYFLOW_ID1>', '<SKYFLOW_ID2>']
 
+        table_name = '<SENSITIVE_DATA_TABLE>' # Replace with actual table name
 
-skyflow_client.update_vault_config(
-    {
-        'vault_id': 'VAULT_ID2',
-        'cluster_id': 'CLUSTER_ID2',
-        'credentials': credentials,  # update credentials
-    }
-)
+        delete_request = DeleteRequest(
+            table=table_name,
+            ids=delete_ids
+        )
 
+        # Step 7: Perform Secure Deletion on Secondary Vault
+        response = skyflow_client.vault('YOUR_VAULT_ID2').delete(delete_request)
 
-# perform operations
+        # Handle Successful Response
+        print('Delete successful: ', response)
 
-delete_request = DeleteRequest(
-    table = '<TABLE_NAME>',
-    ids = ['<SKYFLOW_ID1>', '<SKYFLOW_ID2>']
-)
+        # Step 8: Remove Secondary Vault Configuration
+        skyflow_client.remove_vault_config(secondary_vault_config.get('vault_id')) # Remove vault configuration
 
-# perform delete call if you don't specify vault() it will return the first valid vault
-response = skyflow_client.vault('VAULT_ID2').delete(delete_request)
+    except SkyflowError as error:
+        print('Skyflow Specific Error: ', {
+            'code': error.http_code,
+            'message': error.message,
+            'details': error.details
+        })
+    except Exception as error:
+        print('Unexpected Error:', error)
 
-# remove vault on the fly
-skyflow_client.remove_vault_config('VAULT_ID')
+# Invoke the secure data deletion function
+perform_secure_data_deletion()