1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
|
# -*- coding: utf-8 -*-
# File generated from our OpenAPI spec
from stripe._createable_api_resource import CreateableAPIResource
from stripe._list_object import ListObject
from stripe._listable_api_resource import ListableAPIResource
from stripe._request_options import RequestOptions
from stripe._stripe_object import StripeObject
from typing import ClassVar, List, Optional, cast
from typing_extensions import Literal, NotRequired, TypedDict, Unpack
class Secret(CreateableAPIResource["Secret"], ListableAPIResource["Secret"]):
"""
Secret Store is an API that allows Stripe Apps developers to securely persist secrets for use by UI Extensions and app backends.
The primary resource in Secret Store is a `secret`. Other apps can't view secrets created by an app. Additionally, secrets are scoped to provide further permission control.
All Dashboard users and the app backend share `account` scoped secrets. Use the `account` scope for secrets that don't change per-user, like a third-party API key.
A `user` scoped secret is accessible by the app backend and one specific Dashboard user. Use the `user` scope for per-user secrets like per-user OAuth tokens, where different users might have different permissions.
Related guide: [Store data between page reloads](https://stripe.com/docs/stripe-apps/store-auth-data-custom-objects)
"""
OBJECT_NAME: ClassVar[Literal["apps.secret"]] = "apps.secret"
class Scope(StripeObject):
type: Literal["account", "user"]
"""
The secret scope type.
"""
user: Optional[str]
"""
The user ID, if type is set to "user"
"""
class CreateParams(RequestOptions):
expand: NotRequired[List[str]]
"""
Specifies which fields in the response should be expanded.
"""
expires_at: NotRequired[int]
"""
The Unix timestamp for the expiry time of the secret, after which the secret deletes.
"""
name: str
"""
A name for the secret that's unique within the scope.
"""
payload: str
"""
The plaintext secret value to be stored.
"""
scope: "Secret.CreateParamsScope"
"""
Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user.
"""
class CreateParamsScope(TypedDict):
type: Literal["account", "user"]
"""
The secret scope type.
"""
user: NotRequired[str]
"""
The user ID. This field is required if `type` is set to `user`, and should not be provided if `type` is set to `account`.
"""
class DeleteWhereParams(RequestOptions):
expand: NotRequired[List[str]]
"""
Specifies which fields in the response should be expanded.
"""
name: str
"""
A name for the secret that's unique within the scope.
"""
scope: "Secret.DeleteWhereParamsScope"
"""
Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user.
"""
class DeleteWhereParamsScope(TypedDict):
type: Literal["account", "user"]
"""
The secret scope type.
"""
user: NotRequired[str]
"""
The user ID. This field is required if `type` is set to `user`, and should not be provided if `type` is set to `account`.
"""
class FindParams(RequestOptions):
expand: NotRequired[List[str]]
"""
Specifies which fields in the response should be expanded.
"""
name: str
"""
A name for the secret that's unique within the scope.
"""
scope: "Secret.FindParamsScope"
"""
Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user.
"""
class FindParamsScope(TypedDict):
type: Literal["account", "user"]
"""
The secret scope type.
"""
user: NotRequired[str]
"""
The user ID. This field is required if `type` is set to `user`, and should not be provided if `type` is set to `account`.
"""
class ListParams(RequestOptions):
ending_before: NotRequired[str]
"""
A cursor for use in pagination. `ending_before` is an object ID that defines your place in the list. For instance, if you make a list request and receive 100 objects, starting with `obj_bar`, your subsequent call can include `ending_before=obj_bar` in order to fetch the previous page of the list.
"""
expand: NotRequired[List[str]]
"""
Specifies which fields in the response should be expanded.
"""
limit: NotRequired[int]
"""
A limit on the number of objects to be returned. Limit can range between 1 and 100, and the default is 10.
"""
scope: "Secret.ListParamsScope"
"""
Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user.
"""
starting_after: NotRequired[str]
"""
A cursor for use in pagination. `starting_after` is an object ID that defines your place in the list. For instance, if you make a list request and receive 100 objects, ending with `obj_foo`, your subsequent call can include `starting_after=obj_foo` in order to fetch the next page of the list.
"""
class ListParamsScope(TypedDict):
type: Literal["account", "user"]
"""
The secret scope type.
"""
user: NotRequired[str]
"""
The user ID. This field is required if `type` is set to `user`, and should not be provided if `type` is set to `account`.
"""
created: int
"""
Time at which the object was created. Measured in seconds since the Unix epoch.
"""
deleted: Optional[bool]
"""
If true, indicates that this secret has been deleted
"""
expires_at: Optional[int]
"""
The Unix timestamp for the expiry time of the secret, after which the secret deletes.
"""
id: str
"""
Unique identifier for the object.
"""
livemode: bool
"""
Has the value `true` if the object exists in live mode or the value `false` if the object exists in test mode.
"""
name: str
"""
A name for the secret that's unique within the scope.
"""
object: Literal["apps.secret"]
"""
String representing the object's type. Objects of the same type share the same value.
"""
payload: Optional[str]
"""
The plaintext secret value to be stored.
"""
scope: Scope
@classmethod
def create(cls, **params: Unpack["Secret.CreateParams"]) -> "Secret":
"""
Create or replace a secret in the secret store.
"""
return cast(
"Secret",
cls._static_request(
"post",
cls.class_url(),
params=params,
),
)
@classmethod
async def create_async(
cls, **params: Unpack["Secret.CreateParams"]
) -> "Secret":
"""
Create or replace a secret in the secret store.
"""
return cast(
"Secret",
await cls._static_request_async(
"post",
cls.class_url(),
params=params,
),
)
@classmethod
def delete_where(
cls, **params: Unpack["Secret.DeleteWhereParams"]
) -> "Secret":
"""
Deletes a secret from the secret store by name and scope.
"""
return cast(
"Secret",
cls._static_request(
"post",
"/v1/apps/secrets/delete",
params=params,
),
)
@classmethod
async def delete_where_async(
cls, **params: Unpack["Secret.DeleteWhereParams"]
) -> "Secret":
"""
Deletes a secret from the secret store by name and scope.
"""
return cast(
"Secret",
await cls._static_request_async(
"post",
"/v1/apps/secrets/delete",
params=params,
),
)
@classmethod
def find(cls, **params: Unpack["Secret.FindParams"]) -> "Secret":
"""
Finds a secret in the secret store by name and scope.
"""
return cast(
"Secret",
cls._static_request(
"get",
"/v1/apps/secrets/find",
params=params,
),
)
@classmethod
async def find_async(
cls, **params: Unpack["Secret.FindParams"]
) -> "Secret":
"""
Finds a secret in the secret store by name and scope.
"""
return cast(
"Secret",
await cls._static_request_async(
"get",
"/v1/apps/secrets/find",
params=params,
),
)
@classmethod
def list(
cls, **params: Unpack["Secret.ListParams"]
) -> ListObject["Secret"]:
"""
List all secrets stored on the given scope.
"""
result = cls._static_request(
"get",
cls.class_url(),
params=params,
)
if not isinstance(result, ListObject):
raise TypeError(
"Expected list object from API, got %s"
% (type(result).__name__)
)
return result
@classmethod
async def list_async(
cls, **params: Unpack["Secret.ListParams"]
) -> ListObject["Secret"]:
"""
List all secrets stored on the given scope.
"""
result = await cls._static_request_async(
"get",
cls.class_url(),
params=params,
)
if not isinstance(result, ListObject):
raise TypeError(
"Expected list object from API, got %s"
% (type(result).__name__)
)
return result
_inner_class_types = {"scope": Scope}
|
