Secret¶
Secret
¶
Bases: Generic[T]
, SecretMonad
The base container for holding secrets.
This class can be instantiated directly with any ProtectedValue
,
but using the monad-like Secret.wrap
method is preferred,
as it will use specialized subclasses that provide extra functionality.
Source code in secret_type/containers/secret.py
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 |
|
protected_type: type
property
¶
The type of the protected value.
token(length: Optional[int] = None) -> SecretStr
classmethod
¶
Generate a cryptographically secure random token, and wrap it in a SecretStr
.
PARAMETER | DESCRIPTION |
---|---|
length |
The length of the token to generate. |
Source code in secret_type/containers/secret.py
26 27 28 29 30 31 32 33 |
|
cast(t: Type[T2], *args, **kwargs) -> Secret[T2]
¶
Casts the content of the secret to a new type. Any additional arguments are passed to the constructor of the new type.
RETURNS | DESCRIPTION |
---|---|
Secret[T2]
|
A new |
PARAMETER | DESCRIPTION |
---|---|
t |
The primitive type to cast to. |
RAISES | DESCRIPTION |
---|---|
ValueError
|
If the value cannot be cast to the new type. |
Source code in secret_type/containers/secret.py
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
|
dangerous_apply(fn: ApplyFn[T, P], *args, **kwargs) -> None
¶
Apply a function to the secret value, discarding the result. Any additional arguments are passed to the function.
Use this method when you want to enact a side-effect with the contents of your secret.
If you want to return a new secret, use dangerous_map
instead.
PARAMETER | DESCRIPTION |
---|---|
fn |
The function to apply to the secret value. The first positional argument must be the unwrapped value. |
Example:
This is how one would print the secret value.
Secret.wrap("hello").dangerous_apply(print)
Source code in secret_type/containers/secret.py
100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 |
|
dangerous_map(fn: MapFn[T, P, T2], *args, **kwargs) -> Secret[T2]
¶
Apply a function to the secret value, and wrap the result in a new secret. Any additional arguments are passed to the function.
You must ensure the return type of fn
is a Secret
or a primitive type.
PARAMETER | DESCRIPTION |
---|---|
fn |
The function to apply to the secret value. The first positional argument must be the unwrapped value. |
RETURNS | DESCRIPTION |
---|---|
Secret[T2]
|
A new |
Example:
This is how one would hash the secret value.
Secret.wrap("foobar").cast(bytes).dangerous_map(lambda x: hashlib.sha1(x).hexdigest())
RAISES | DESCRIPTION |
---|---|
TypeError
|
If the return of |
Source code in secret_type/containers/secret.py
120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 |
|
dangerous_reveal() -> Generator[T, None, None]
¶
A context manager that provides the unwrapped secret value.
This method is intended to be used in a with
statement,
and allows you to operate on the secret value in it's original form.
Example:
This is how one would persist the secret value.
with Secret.wrap("foobar").dangerous_reveal() as value:
save_to_db(value)
Source code in secret_type/containers/secret.py
145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 |
|