feat!: move to poetry and remove ID pool feature

.github/workflows/release-please.yml

@@ -17,16 +17,14 @@ jobs:
         id: release
       - uses: actions/checkout@v4
         if: ${{ steps.release.outputs.release_created }}
+      - name: Install poetry
+        if: ${{ steps.release.outputs.release_created }}
+        run: pipx install poetry
       - uses: actions/setup-python@v5
         if: ${{ steps.release.outputs.release_created }}
         with:
-          python-version: '3.10'
-          cache: 'pip'
-      - run: pip install -r requirements.txt        
-        if: ${{ steps.release.outputs.release_created }}
-      - run: python3 -m build
+          python-version: '3.11'
+      - run: poetry install --without dev
         if: ${{ steps.release.outputs.release_created }}
-      - uses: pypa/gh-action-pypi-publish@release/v1
+      - run: poetry publish --build --username __token__ --password ${{ secrets.PYPI_PASSWORD }}
         if: ${{ steps.release.outputs.release_created }}
-        with:
-          password: ${{ secrets.PYPI_PASSWORD }}

.github/workflows/test.yml

@@ -15,25 +15,25 @@ jobs:
     steps:
       - name: Clone
         uses: actions/checkout@v4
+      - name: Install poetry
+        run: pipx install poetry
       - uses: actions/setup-python@v5
         with:
-          python-version: '3.10'
-          cache: 'pip'
+          python-version: '3.11'
       - name: Install deps
-        run: pip install -r requirements.txt        
+        run: poetry install
       - name: Run tests
-        run: python -m coverage run -m pytest
+        run: poetry run coverage run -m pytest
         env:
           CLIENT_ID: ${{ secrets.CLIENT_ID }}
           USERNAME: ${{ secrets.USERNAME }}
           USERNAME2: ${{ secrets.USERNAME2 }}
           PASSWORD: ${{ secrets.PASSWORD }}
           OTPCODE: ${{ secrets.OTPCODE }}
           USER_POOL_ID: ${{ secrets.USER_POOL_ID }}
-          FEDERATED_POOL_ID: ${{ secrets.FEDERATED_POOL_ID }}
       - name: Publish code coverage
-        uses: paambaati/codeclimate-action@v6.0.0
+        uses: paambaati/codeclimate-action@v9.0.0
         env:
           CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
         with:
-          coverageCommand: coverage xml
+          coverageCommand: poetry run coverage xml

.github/workflows/update-doc.yml

@@ -11,8 +11,13 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+      - name: Install poetry
+        run: pipx install poetry
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
       - name: Install deps
-        run: pip install -r requirements.txt
+        run: poetry install
       - name: Create md files
         run: sphinx-build -M markdown ./docs_source ./docs
       - name: Update docs website

.gitignore

@@ -10,3 +10,4 @@ auth
 venv
 .env
 docs
+poetry.lock

LICENSE.md

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022 Scribe Labs Limited
+Copyright (c) 2025 Scribe Labs Limited
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -12,7 +12,7 @@ This library interacts directly with our authentication provider [AWS Cognito](h
 pip install scribeauth
 ```
 
-This library requires Python >= 3.10 that supports typing.
+This library requires Python >= 3.11 that supports typing.
 
 ## Methods
 
@@ -58,30 +58,6 @@ access = ScribeAuth(client_id)
 access.revoke_refresh_token('refresh_token')
 ```
 
-### 5. Getting federated id
-
-```python
-from scribeauth import ScribeAuth
-access = ScribeAuth({'client_id': your_client_id, 'user_pool_id': your_user_pool_id, 'identity_pool_id': your_identity_pool_id})
-access.get_federated_id('your_id_token')
-```
-
-### 6. Getting federated credentials
-
-```python
-from scribeauth import ScribeAuth
-access = ScribeAuth({'client_id': your_client_id, 'user_pool_id': your_user_pool_id, 'identity_pool_id': your_identity_pool_id})
-access.get_federated_credentials('your_federated_id', 'your_id_token')
-```
-
-### 7. Getting signature for request
-
-```python
-from scribeauth import ScribeAuth
-access = ScribeAuth({'client_id': your_client_id, 'user_pool_id': your_user_pool_id, 'identity_pool_id': your_identity_pool_id})
-access.get_signature_for_request(request='your_request', credentials='your_federated_credentials')
-```
-
 ## Flow
 
 - If you never have accessed your Scribe account, it probably still contains the temporary password we generated for you. You can change it directly on the [platform](https://platform.scribelabs.ai) or with the `change_password` method. You won't be able to access anything else until the temporary password has been changed.
@@ -92,10 +68,6 @@ access.get_signature_for_request(request='your_request', credentials='your_feder
 
 - In case you suspect that your refresh token has been leaked, you can revoke it with `revoke_token`. This will also invalidate any access/id token that has been issued with it. In order to get a new one, you'll need to use your username and password again.
 
-- You can get your federated id by using `get_federated_id` and providing your id token. The federated id will allow you to use `get_federated_credentials` to get an access key id, secret key and session token.
-
-- Every API call to be made to Scribe's API Gateway needs to have a signature. You can get the signature for your request by using `get_signature_for_request`. Provide the request you'll be using and your credentials (use `get_federated_credentials` to get them).
-
 ## Command line
 
 You can also use the package as follows for quick access to tokens:
@@ -104,6 +76,12 @@ You can also use the package as follows for quick access to tokens:
 python -m scribeauth --client_id clientid --user_pool_id user_pool_id --username username --password password
 ```
 
+## Development
+
+First step is to install poetry https://python-poetry.org/docs/. Then `poetry install` will install all the dependencies. Might require setting a virtualenv through poetry itself, or manually.
+
+Run the tests with `poetry run pytest`.
+
 ---
 
 To flag an issue, open a ticket on [Github](https://github.com/ScribeLabsAI/ScribeAuth/issues) and contact us on Intercom through the platform.

docs_source/conf.py

@@ -6,10 +6,13 @@
 # -- Project information -----------------------------------------------------
 # https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information
 
+import json
+
 project = "Scribe Auth"
-copyright = "2023, Scribe Labs Limited"
+copyright = "2025, Scribe Labs Limited"
 author = "Ailin Venerus"
-release = "1.0.2"
+with open("../.release-please-manifest.json") as f:
+    release = json.load(f)["."]
 
 # -- General configuration ---------------------------------------------------
 # https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration

docs_source/installation.rst

@@ -7,7 +7,7 @@ To use Scribe Auth, first install it using pip:
 
    (.venv) $ pip install scribeauth
 
-This library requires Python >= 3.10 that supports typings.
+This library requires Python >= 3.11 that supports typings.
 
 
 --------------

pyproject.toml

@@ -0,0 +1,36 @@
+[project]
+name = "scribeauth"
+version = "1.2.0"
+description = "Library to authenticate to Scribe's platform"
+readme = "README.md"
+license = "LICENSE.md"
+requires-python = ">=3.11"
+dependencies = [
+    "boto3[cognito-idp] (>=1.37.11,<2.0.0)"
+]
+keywords = [
+    'Development Status :: 4 - Beta',
+    'Intended Audience :: Developers',
+    'Operating System :: OS Independent',
+    'License :: OSI Approved :: MIT License',
+    'Natural Language :: English',
+    'Programming Language :: Python :: 3.11',
+    'Topic :: Security',
+    'Typing :: Typed'
+]
+url = 'https://github.com/ScribeLabsAI/ScribeAuth'
+
+
+[build-system]
+requires = ["poetry-core>=2.0.0,<3.0.0"]
+build-backend = "poetry.core.masonry.api"
+
+[tool.poetry.group.dev.dependencies]
+types-boto3 = {extras = ["cognito-idp"], version = "^1.37.11"}
+pytest = "^8.3.5"
+sphinx = "^8.2.3"
+pyotp = "^2.9.0"
+dotenv = "^0.9.9"
+sphinx-markdown-builder = "^0.6.8"
+coverage = "^7.6.12"
+

scribeauth/__init__.py

@@ -1,7 +1,9 @@
 from .scribeauth import (
+    Challenge,
     MissingIdException,
     ResourceNotFoundException,
     ScribeAuth,
     Tokens,
+    TooManyRequestsException,
     UnauthorizedException,
 )

scribeauth/__main__.py

@@ -1,6 +1,7 @@
 import argparse
 
 from scribeauth import ScribeAuth
+from scribeauth.scribeauth import Challenge
 
 if __name__ == "__main__":
     parser = argparse.ArgumentParser("scribeauth")
@@ -12,17 +13,17 @@
     parser.add_argument("--password", help="Password", type=str)
     parser.add_argument("--refresh_token", help="Refresh Token", type=str)
     args = parser.parse_args()
-    auth = ScribeAuth({"client_id": args.client_id, "user_pool_id": args.user_pool_id})
+    auth = ScribeAuth(client_id=args.client_id, user_pool_id=args.user_pool_id)
     if args.refresh_token:
         tokens = auth.get_tokens(refresh_token=args.refresh_token)
     else:
         tokens = auth.get_tokens(username=args.username, password=args.password)
         if (
-            "challenge_name" in tokens
-            and tokens["challenge_name"] == "SOFTWARE_TOKEN_MFA"
+            isinstance(tokens, Challenge)
+            and tokens.challenge_name == "SOFTWARE_TOKEN_MFA"
         ):
             code = input("Enter MFA code: ")
             tokens = auth.respond_to_auth_challenge_mfa(
-                args.username, tokens["session"], code
+                username=args.username, session=tokens.session, code=code
             )
     print(tokens)