• Stars
    star
    200
  • Rank 195,325 (Top 4 %)
  • Language
    Python
  • License
    MIT License
  • Created about 4 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Python SDK for 1Password Connect

1Password Connect Python SDK

Python PyPI version CI License codecov

The 1Password Connect SDK provides access to 1Password via 1Password Connect hosted in your infrastructure. The library is intended to be used by Python applications to simplify accessing items in 1Password vaults.

Prerequisites

Installation

To install the 1Password Connect Python SDK:

$ pip install onepasswordconnectsdk

To install a specific release of the 1Password Connect Python SDK:

$ pip install onepasswordconnectsdk==1.0.1

Usage

Import 1Password Connect Python SDK

import onepasswordconnectsdk

Environment Variables

  • OP_CONNECT_TOKEN – The token to be used to authenticate with the 1Password Connect API.
  • OP_CONNECT_HOST - The hostname of the 1Password Connect API. Possible values include:
    • http(s)://connect-api:8080 if the Connect server is running in the same Kubernetes cluster as your application.
    • http://localhost:8080 if the Connect server is running in Docker on the same host.
    • http(s)://<ip>:8080 or http(s)://<hostname>:8080 if the Connect server is running on another host.
  • OP_VAULT - The default vault to fetch items from if not specified.

Create a Client

There are two methods available for creating a client:

  • new_client_from_environment: Builds a new client for interacting with 1Password Connect using the OP_CONNECT_TOKEN and OP_CONNECT_HOST environment variables.
  • new_client: Builds a new client for interacting with 1Password Connect. Accepts the hostname of 1Password Connect and the API token generated for the application.
from onepasswordconnectsdk.client import (
    Client,
    new_client_from_environment,
    new_client
)

# creating client using OP_CONNECT_TOKEN and OP_CONNECT_HOST environment variables
client_from_env: Client = new_client_from_environment()

# creates a client by supplying hostname and 1Password Connect API token
client_from_token: Client = new_client(
    "{1Password_Connect_Host}",
    "{1Password_Connect_API_Token}")

Get Item

Get a specific item by item and vault ids:

client.get_item("{item_id}", "{vault_id}")

Get Item By Title

Get a specific item by item title and vault id:

client.get_item_by_title("{item_title}", "{vault_id}")

Get All Items

Get a summarized list of all items for a specified vault:

client.get_items("{vault_id}")

Delete Item

Delete an item by item and vault ids:

client.delete_item("{item_id}", "{vault_id}")

Create Item

Create an item in a specified vault:

from onepasswordconnectsdk.models import (ItemVault, Field)

# Example item creation. Create an item with your desired arguments. 
item = onepasswordconnectsdk.models.Item(vault=ItemVault(id="av223f76ydutdngislnkbz6z5u"),
                                      id="kp2td65r4wbuhocwhhijpdbfqq",
                                      title="newtitle",
                                      category="LOGIN",
                                      tags=["1password-connect"],
                                      fields=[Field(value="new_user",
                                                                  purpose="USERNAME")],
                                      )
client.create_item("{vault_id}", item)

Update Item

Update the item identified by the specified item and vault ids. The existing item will be overwritten with the newly supplied item.

from onepasswordconnectsdk.models import (ItemVault, Field)

# Example item creation. Create an item with your desired arguments. 
item = onepasswordconnectsdk.models.Item(vault=ItemVault(id="av223f76ydutdngislnkbz6z5u"),
                                      id="kp2td65r4wbuhocwhhijpdbfqq",
                                      title="newtitle",
                                      category="LOGIN",
                                      tags=["1password-connect"],
                                      fields=[Field(value="new_user",
                                                                  purpose="USERNAME")],
                                      )
client.update_item("{item_id}", "{vault_id}", item)

Get Specific Vault

Get a vault by vault id:

client.get_vault("{vault_id}")

Get Vaults

Retrieve all vaults available to the service account:

client.get_vaults()

List Files List summary information on all files stored in a given item, including file ids.

client.get_files("{item_id}", "{vault_id}")

Get File Details

Get details on a specific file.

client.get_file("{file_id}", "{item_id}", "{vault_id}")

Download File

Returns the contents of a given file.

client.download_file("{file_id}", "{item_id}", "{vault_id}", "{content_path}")

Load Configuration

Users can create classes or dicts that describe fields they wish to get the values from in 1Password. Two convienience methods are provided that will handle the fetching of values for these fields:

  • load_dict: Takes a dictionary with keys specifying the user desired naming scheme of the values to return. Each key's value is a dictionary that includes information on where to find the item field value in 1Password. This returns a dictionary of user specified keys with values retrieved from 1Password
  • load: Takes an object with class attributes annotated with tags describing where to find desired fields in 1Password. Manipulates given object and fills attributes in with 1Password item field values.
# example dict configuration for onepasswordconnectsdk.load_dict(client, CONFIG)
CONFIG = {
    "server": {
        "opitem": "My database item",
        "opfield": "specific_section.hostname",
        "opvault": "some_vault_id",
    },
    "database": {
        "opitem": "My database item",
        "opfield": ".database",
    },
    "username": {
        "opitem": "My database item",
        "opfield": ".username",
    },
    "password": {
        "opitem": "My database item",
        "opfield": ".password",
    },
}

values_dict = onepasswordconnectsdk.load_dict(client, CONFIG)
# example class configuration for onepasswordconnectsdk.load(client, CONFIG)
class Config:
    server: 'opitem:"My database item" opvault:some_vault_id opfield:specific_section.hostname' = None
    database: 'opitem:"My database item" opfield:.database' = None
    username: 'opitem:"My database item" opfield:.username' = None
    password: 'opitem:"My database item" opfield:.password' = None

CONFIG = Config()

values_object = onepasswordconnectsdk.load(client, CONFIG)

Development

Testing

make test

Security

1Password requests you practice responsible disclosure if you discover a vulnerability.

Please file requests via BugCrowd.

For information about security practices, please visit our Security homepage.

More Repositories

1

typeshare

Typeshare is the ultimate tool for synchronizing your type definitions between Rust and other languages for seamless FFI.
Rust
2,393
star
2

1password-teams-open-source

Get a free 1Password Teams membership for your open source project
1,562
star
3

arboard

A clipboard for Rust
Rust
640
star
4

onepassword-operator

The 1Password Connect Kubernetes Operator provides the ability to integrate Kubernetes Secrets with 1Password. The operator also handles autorestarting deployments when 1Password items are updated.
Go
531
star
5

shell-plugins

Seamless authentication for every tool in your terminal.
Go
519
star
6

electron-hardener

A fast and small Rust library to make Electron apps more secure.
Rust
380
star
7

srp

A set of Go functions for Secure Remote Password protocol implementation in 1Password Teams
Go
348
star
8

terraform-provider-onepassword

Use the 1Password Terraform Provider to reference, create, or update items in your 1Password Vaults.
Go
323
star
9

op-vscode

1Password for VS Code
TypeScript
211
star
10

spg

1Password's Strong Password Generator - Go package
Go
202
star
11

vault-plugin-secrets-onepassword

Hashicorp Vault plugin integrates with 1Password Connect to allow for the retrieval, creation, and deletion of items stored in 1Password.
Go
193
star
12

load-secrets-action

Load secrets from 1Password into your GitHub Actions jobs
TypeScript
183
star
13

connect-sdk-go

Go SDK for 1Password Connect
Go
159
star
14

connect

Access your 1Password secrets using a 1Password Connect Server
149
star
15

scim-examples

1Password SCIM Bridge deployment examples
HCL
147
star
16

connect-sdk-js

Node SDK for 1Password Connect
TypeScript
143
star
17

passkey-rs

A framework for defining Webauthn Authenticators that support passkeys
Rust
122
star
18

ansible-onepasswordconnect-collection

The 1Password Connect collection contains modules that interact with your 1Password Connect deployment. The modules communicate with the 1Password Connect API to support Vault Item create/read/update/delete operations.
Python
112
star
19

op-js

A JS library powered by the 1Password CLI
TypeScript
92
star
20

solutions

Examples and templates from the 1Password Solutions team
Python
78
star
21

connect-helm-charts

Official 1Password Helm Charts
Smarty
76
star
22

electron-secure-defaults

Starter kit and documentation for building security conscious Electron apps
TypeScript
74
star
23

typeshare-old

Generate code in different languages from Rust type definitions for FFI interop.
Rust
70
star
24

password-rules-parser

Rust parser for the passwordrules attribute
Rust
68
star
25

sys-locale

A small and lightweight Rust library to obtain the active locale on the system.
Rust
66
star
26

burp-1password-session-analyzer

Burp plugin for the 1Password session protocol for use by security researchers. https://bugcrowd.com/agilebits
Java
51
star
27

kubernetes-secrets-injector

Go
49
star
28

check-signed-commits-action

GitHub Action to check PRs for signed commits
41
star
29

homebrew-tap

Homebrew tap to install 1Password products.
Ruby
37
star
30

install-cli-action

Install 1Password CLI into your GitHub Actions jobs.
Shell
31
star
31

op-scim-helm

Helm charts for the op-scim applications
Smarty
22
star
32

pulumi-onepassword

Pulumi provider for 1Password.
Python
16
star
33

developer-community-projects

Go
15
star
34

op-scim-gcp-marketplace

Makefile
14
star
35

events-api-elastic

Go
12
star
36

events-api-generic

Go
12
star
37

markdown-benchmarks

Benchmarking markdown libraries
C
11
star
38

events-api-splunk

Go
7
star
39

dep-report

Go
7
star
40

postman-integration-secrets-edu-ut-edition

JavaScript
7
star
41

terraform-provider-onepassword-secrets-edu-ut-edition

Go
7
star
42

ring

Fork of https://github.com/briansmith/ring
Assembly
5
star
43

secrets-orb

Shell
5
star
44

blog-ci-docker

Dockerfile for 1password/blog-ci container. Based on https://github.com/felicianotech/docker-hugo
5
star
45

onepassword-sdk-go

Go
5
star
46

onepassword-sdk-js

The official JavaScript SDK for 1Password
JavaScript
5
star
47

publicsuffix-benchmarks

Testing performance of the public suffix list libraries (https://publicsuffix.org)
Rust
4
star
48

extension-messaging

TypeScript
4
star
49

onepassword-sdk-python

Python
3
star
50

go-directequality-checker

Go
2
star
51

docusaurus-extensions

TypeScript
2
star
52

ppa

TeX
1
star