diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 1aa8e3f282a..2c9fce78b18 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "5.0.0-beta.1" + ".": "5.0.0-beta.2" } \ No newline at end of file diff --git a/.stats.yml b/.stats.yml index 2dc0294f22e..b047b943714 100644 --- a/.stats.yml +++ b/.stats.yml @@ -1,4 +1,4 @@ -configured_endpoints: 2015 -openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-83f49bc3fa9273ef989d3e8bcd27f6fdaa7d04ae2519a91f4878f46acc501bb9.yml -openapi_spec_hash: 3f4be3af6f51eea4787dc8345f9ca9c1 -config_hash: 9d1829ed664bb3efa8638f98bb32cf46 +configured_endpoints: 2041 +openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-9ba099b7936091cc984d2a24fc4d32c3ffcb1d71d86412c8c9084d201e16b3ac.yml +openapi_spec_hash: 45edc9a107cf5a5e3b204b230b0d336d +config_hash: be3f6e9410db673744447f9dbe92d922 diff --git a/CHANGELOG.md b/CHANGELOG.md index 13307919a9f..508a9b12a31 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,55 @@ # Changelog +## 5.0.0-beta.2 (2026-02-27) + +Full Changelog: [v5.0.0-beta.1...v5.0.0-beta.2](https://github.com/cloudflare/cloudflare-python/compare/v5.0.0-beta.1...v5.0.0-beta.2) + +### Features + +* feat: GIN-1439: Add gateway PAC files ([89ad3ec](https://github.com/cloudflare/cloudflare-python/commit/89ad3ecda80085641644c675ebd4581d5688edf8)) +* feat(custom_origin_trust_store): enable custom_origin_trust_store ([2309442](https://github.com/cloudflare/cloudflare-python/commit/23094425d29e7fffdd5bf82d326aa7ec7e929f6f)) +* feat(dex): add DEX rules ([1e9c242](https://github.com/cloudflare/cloudflare-python/commit/1e9c2423aed148c30b92b5a3d25b3d62252f4137)) +* feat(email_security): Add phishguard reports endpoint ([e7c939e](https://github.com/cloudflare/cloudflare-python/commit/e7c939ecfa41ca7c825b3d4ff592c62619d26c31)) +* feat(radar): Add Botnet and PQ Endpoints to developer docs ([ec3681f](https://github.com/cloudflare/cloudflare-python/commit/ec3681f12a7c0335a60b0778190c80b72f76422b)) +* feat(stainless): AUTH-7071 Complete Access Users endpoint ([52a4415](https://github.com/cloudflare/cloudflare-python/commit/52a4415eb345c4316b353404bfe9bf228573a197)) +* feat(stainless): TUN-10249 Add WARP Subnet endpoints ([3accc56](https://github.com/cloudflare/cloudflare-python/commit/3accc56c43e04292b700ea573d036872a8e9cb7b)) +* fix: add 'rdp' as an initialism ([6242c20](https://github.com/cloudflare/cloudflare-python/commit/6242c20ec596748717cddaadd9999738cb924b8f)) +* fix: broken reference for the queues 'consumer' model ([3f5cf39](https://github.com/cloudflare/cloudflare-python/commit/3f5cf39405b6b38fc594ce348d93a6e7da92c276)) +* **radar:** Add Botnet Threat Feed endpoint ([ec3681f](https://github.com/cloudflare/cloudflare-python/commit/ec3681f12a7c0335a60b0778190c80b72f76422b)) +* test: skip prism tests for endpoints with non-JSON content types ([631d664](https://github.com/cloudflare/cloudflare-python/commit/631d664d36c72148726a7261839ad0f6d24b7ac4)) + + +### Chores + +* **api:** update composite API spec ([6d6d553](https://github.com/cloudflare/cloudflare-python/commit/6d6d5539bbcd680f4b7088ae907652f13654b293)) +* **api:** update composite API spec ([7871f72](https://github.com/cloudflare/cloudflare-python/commit/7871f72d038e64e238a37208ed3b2b426502ae40)) +* **api:** update composite API spec ([81877fb](https://github.com/cloudflare/cloudflare-python/commit/81877fbdfb72658e98d681562970c83a9726b965)) +* **api:** update composite API spec ([dd86a6d](https://github.com/cloudflare/cloudflare-python/commit/dd86a6d78421df0c111d6890c28cd44e1b6ac9bc)) +* **api:** update composite API spec ([4d0d80e](https://github.com/cloudflare/cloudflare-python/commit/4d0d80ec8abc912f36a3c903070d9b6bb3190b24)) +* **api:** update composite API spec ([77984d0](https://github.com/cloudflare/cloudflare-python/commit/77984d017d5233928992070f2bb2053aba7bdc99)) +* **api:** update composite API spec ([6135f31](https://github.com/cloudflare/cloudflare-python/commit/6135f31e65e5d7e4e3d0f2aad4061ffd9a1991b7)) +* **api:** update composite API spec ([f05b011](https://github.com/cloudflare/cloudflare-python/commit/f05b0113c65d29cd633a391f4dc0e8cd3f77d7c4)) +* **api:** update composite API spec ([d69da32](https://github.com/cloudflare/cloudflare-python/commit/d69da3279597672cfe526d542ebcf1fed45db06d)) +* **api:** update composite API spec ([0f390d2](https://github.com/cloudflare/cloudflare-python/commit/0f390d2655e10178e65f5eb59ccf363d18144378)) +* **api:** update composite API spec ([174f4ad](https://github.com/cloudflare/cloudflare-python/commit/174f4add3df8acfc85df10ad0d2cf1962c6de2e9)) +* **api:** update composite API spec ([90d7acd](https://github.com/cloudflare/cloudflare-python/commit/90d7acdb5dc0cb0e27e1dde183b46cc579233f37)) +* **api:** update composite API spec ([17bbdbb](https://github.com/cloudflare/cloudflare-python/commit/17bbdbb67606d49f7bfbc4979ec76ecb6b2e90ed)) +* **api:** update composite API spec ([7b7407c](https://github.com/cloudflare/cloudflare-python/commit/7b7407ca94a413c23a0e68882c00d430174b8740)) +* **api:** update composite API spec ([b0eb476](https://github.com/cloudflare/cloudflare-python/commit/b0eb476c790c319f7e2949d5f232bb726b3cd5bd)) +* **api:** update composite API spec ([79a09b5](https://github.com/cloudflare/cloudflare-python/commit/79a09b5304a8733b5eff39931f5f3b26d92d7cc9)) +* **api:** update composite API spec ([a0a0048](https://github.com/cloudflare/cloudflare-python/commit/a0a00481356d678ec42a357483e3da472a16d86d)) +* **api:** update composite API spec ([2b950cf](https://github.com/cloudflare/cloudflare-python/commit/2b950cfd2456c31b7c85174f23605cb9e8a470c0)) +* **api:** update composite API spec ([6e6f2f5](https://github.com/cloudflare/cloudflare-python/commit/6e6f2f55b1da2f39b4578fa86840f8687f5d4581)) +* **api:** update composite API spec ([146459d](https://github.com/cloudflare/cloudflare-python/commit/146459da763b77bcd858d6550ed77e8477bc6e24)) +* **api:** update composite API spec ([17a33ff](https://github.com/cloudflare/cloudflare-python/commit/17a33ff8bba4c8adceb155db74bc6a606a3a43cc)) +* **api:** update composite API spec ([09e3fb1](https://github.com/cloudflare/cloudflare-python/commit/09e3fb14dfba4fdf088feaa2d567e63065c5960e)) +* **api:** update composite API spec ([ad6565c](https://github.com/cloudflare/cloudflare-python/commit/ad6565c1373fc9c7fe70358fe1df4bbd4ef3f831)) +* **api:** update composite API spec ([dd1052d](https://github.com/cloudflare/cloudflare-python/commit/dd1052dec57ca99a90848910908b05680428b9a8)) +* **api:** update composite API spec ([20bfdf8](https://github.com/cloudflare/cloudflare-python/commit/20bfdf876f557f7b581728db112789cc583d7aa6)) +* **api:** update composite API spec ([bb37db8](https://github.com/cloudflare/cloudflare-python/commit/bb37db8de6c2e0b289b0a7eb60fcabf178f43a50)) +* **api:** update composite API spec ([e531924](https://github.com/cloudflare/cloudflare-python/commit/e531924080c7d5d184a0734932f08ee59b5d085f)) +* **api:** update composite API spec ([4727ace](https://github.com/cloudflare/cloudflare-python/commit/4727acec0eb9ce14c6a1d8ded3d69a00a3bf22c9)) + ## 5.0.0-beta.1 (2026-02-13) Full Changelog: [v4.3.1...v5.0.0-beta.1](https://github.com/cloudflare/cloudflare-python/compare/v4.3.1...v5.0.0-beta.1) diff --git a/api.md b/api.md index 890a848cb44..3f5cd6f421a 100644 --- a/api.md +++ b/api.md @@ -791,7 +791,7 @@ from cloudflare.types.ssl import ( Methods: - client.ssl.certificate_packs.create(\*, zone_id, \*\*params) -> Optional[CertificatePackCreateResponse] -- client.ssl.certificate_packs.list(\*, zone_id, \*\*params) -> SyncSinglePage[CertificatePackListResponse] +- client.ssl.certificate_packs.list(\*, zone_id, \*\*params) -> SyncV4PagePaginationArray[CertificatePackListResponse] - client.ssl.certificate_packs.delete(certificate_pack_id, \*, zone_id) -> Optional[CertificatePackDeleteResponse] - client.ssl.certificate_packs.edit(certificate_pack_id, \*, zone_id, \*\*params) -> Optional[CertificatePackEditResponse] - client.ssl.certificate_packs.get(certificate_pack_id, \*, zone_id) -> Optional[CertificatePackGetResponse] @@ -869,6 +869,21 @@ Methods: - client.acm.total_tls.edit(\*, zone_id, \*\*params) -> Optional[TotalTLSEditResponse] - client.acm.total_tls.get(\*, zone_id) -> Optional[TotalTLSGetResponse] +## CustomTrustStore + +Types: + +```python +from cloudflare.types.acm import CustomTrustStore, CustomTrustStoreDeleteResponse +``` + +Methods: + +- client.acm.custom_trust_store.create(\*, zone_id, \*\*params) -> Optional[CustomTrustStore] +- client.acm.custom_trust_store.list(\*, zone_id, \*\*params) -> SyncV4PagePaginationArray[CustomTrustStore] +- client.acm.custom_trust_store.delete(custom_origin_trust_store_id, \*, zone_id) -> Optional[CustomTrustStoreDeleteResponse] +- client.acm.custom_trust_store.get(custom_origin_trust_store_id, \*, zone_id) -> Optional[CustomTrustStore] + # Argo ## SmartRouting @@ -1450,6 +1465,20 @@ Methods: - client.email_security.investigate.release.bulk(\*, account_id, \*\*params) -> SyncSinglePage[ReleaseBulkResponse] +## Phishguard + +### Reports + +Types: + +```python +from cloudflare.types.email_security.phishguard import ReportListResponse +``` + +Methods: + +- client.email_security.phishguard.reports.list(\*, account_id, \*\*params) -> SyncSinglePage[ReportListResponse] + ## Settings ### AllowPolicies @@ -6286,12 +6315,22 @@ Methods: Types: ```python -from cloudflare.types.zero_trust.access import AccessUser, UserListResponse +from cloudflare.types.zero_trust.access import ( + AccessUser, + UserCreateResponse, + UserUpdateResponse, + UserListResponse, + UserGetResponse, +) ``` Methods: +- client.zero_trust.access.users.create(\*, account_id, \*\*params) -> Optional[UserCreateResponse] +- client.zero_trust.access.users.update(user_id, \*, account_id, \*\*params) -> Optional[UserUpdateResponse] - client.zero_trust.access.users.list(\*, account_id, \*\*params) -> SyncV4PagePaginationArray[UserListResponse] +- client.zero_trust.access.users.delete(user_id, \*, account_id) -> object +- client.zero_trust.access.users.get(user_id, \*, account_id) -> Optional[UserGetResponse] #### ActiveSessions @@ -6578,6 +6617,28 @@ Methods: - client.zero_trust.dex.traceroute_tests.network_path(test_id, \*, account_id, \*\*params) -> Optional[NetworkPathResponse] - client.zero_trust.dex.traceroute_tests.percentiles(test_id, \*, account_id, \*\*params) -> Optional[TracerouteTestPercentilesResponse] +### Rules + +Types: + +```python +from cloudflare.types.zero_trust.dex import ( + RuleCreateResponse, + RuleUpdateResponse, + RuleListResponse, + RuleDeleteResponse, + RuleGetResponse, +) +``` + +Methods: + +- client.zero_trust.dex.rules.create(\*, account_id, \*\*params) -> Optional[RuleCreateResponse] +- client.zero_trust.dex.rules.update(rule_id, \*, account_id, \*\*params) -> Optional[RuleUpdateResponse] +- client.zero_trust.dex.rules.list(\*, account_id, \*\*params) -> SyncV4PagePagination[Optional[RuleListResponse]] +- client.zero_trust.dex.rules.delete(rule_id, \*, account_id) -> Optional[RuleDeleteResponse] +- client.zero_trust.dex.rules.get(rule_id, \*, account_id) -> Optional[RuleGetResponse] + ## Tunnels Types: @@ -6716,40 +6777,29 @@ Methods: Types: ```python -from cloudflare.types.zero_trust.dlp import ( - Dataset, - DatasetArray, - DatasetCreation, - DatasetCreateResponse, - DatasetUpdateResponse, - DatasetGetResponse, -) +from cloudflare.types.zero_trust.dlp import Dataset, DatasetArray, DatasetCreation ``` Methods: -- client.zero_trust.dlp.datasets.create(\*, account_id, \*\*params) -> Optional[DatasetCreateResponse] -- client.zero_trust.dlp.datasets.update(dataset_id, \*, account_id, \*\*params) -> Optional[DatasetUpdateResponse] +- client.zero_trust.dlp.datasets.create(\*, account_id, \*\*params) -> Optional[DatasetCreation] +- client.zero_trust.dlp.datasets.update(dataset_id, \*, account_id, \*\*params) -> Optional[Dataset] - client.zero_trust.dlp.datasets.list(\*, account_id) -> SyncSinglePage[Dataset] - client.zero_trust.dlp.datasets.delete(dataset_id, \*, account_id) -> None -- client.zero_trust.dlp.datasets.get(dataset_id, \*, account_id) -> Optional[DatasetGetResponse] +- client.zero_trust.dlp.datasets.get(dataset_id, \*, account_id) -> Optional[Dataset] #### Upload Types: ```python -from cloudflare.types.zero_trust.dlp.datasets import ( - NewVersion, - UploadCreateResponse, - UploadEditResponse, -) +from cloudflare.types.zero_trust.dlp.datasets import NewVersion ``` Methods: -- client.zero_trust.dlp.datasets.upload.create(dataset_id, \*, account_id) -> Optional[UploadCreateResponse] -- client.zero_trust.dlp.datasets.upload.edit(version, dataset, \*, account_id, dataset_id, \*\*params) -> Optional[UploadEditResponse] +- client.zero_trust.dlp.datasets.upload.create(dataset_id, \*, account_id) -> Optional[NewVersion] +- client.zero_trust.dlp.datasets.upload.edit(version, dataset, \*, account_id, dataset_id, \*\*params) -> Optional[Dataset] #### Versions @@ -6847,57 +6897,42 @@ Methods: Types: ```python -from cloudflare.types.zero_trust.dlp import ( - ContextAwareness, - Profile, - SkipConfiguration, - ProfileGetResponse, -) +from cloudflare.types.zero_trust.dlp import ContextAwareness, Profile, SkipConfiguration ``` Methods: - client.zero_trust.dlp.profiles.list(\*, account_id, \*\*params) -> SyncSinglePage[Profile] -- client.zero_trust.dlp.profiles.get(profile_id, \*, account_id) -> Optional[ProfileGetResponse] +- client.zero_trust.dlp.profiles.get(profile_id, \*, account_id) -> Optional[Profile] #### Custom Types: ```python -from cloudflare.types.zero_trust.dlp.profiles import ( - CustomProfile, - Pattern, - CustomCreateResponse, - CustomUpdateResponse, - CustomGetResponse, -) +from cloudflare.types.zero_trust.dlp.profiles import CustomProfile, Pattern ``` Methods: -- client.zero_trust.dlp.profiles.custom.create(\*, account_id, \*\*params) -> Optional[CustomCreateResponse] -- client.zero_trust.dlp.profiles.custom.update(profile_id, \*, account_id, \*\*params) -> Optional[CustomUpdateResponse] +- client.zero_trust.dlp.profiles.custom.create(\*, account_id, \*\*params) -> Optional[Profile] +- client.zero_trust.dlp.profiles.custom.update(profile_id, \*, account_id, \*\*params) -> Optional[Profile] - client.zero_trust.dlp.profiles.custom.delete(profile_id, \*, account_id) -> object -- client.zero_trust.dlp.profiles.custom.get(profile_id, \*, account_id) -> Optional[CustomGetResponse] +- client.zero_trust.dlp.profiles.custom.get(profile_id, \*, account_id) -> Optional[Profile] #### Predefined Types: ```python -from cloudflare.types.zero_trust.dlp.profiles import ( - PredefinedProfile, - PredefinedUpdateResponse, - PredefinedGetResponse, -) +from cloudflare.types.zero_trust.dlp.profiles import PredefinedProfile ``` Methods: -- client.zero_trust.dlp.profiles.predefined.update(profile_id, \*, account_id, \*\*params) -> Optional[PredefinedUpdateResponse] +- client.zero_trust.dlp.profiles.predefined.update(profile_id, \*, account_id, \*\*params) -> Optional[PredefinedProfile] - client.zero_trust.dlp.profiles.predefined.delete(profile_id, \*, account_id) -> object -- client.zero_trust.dlp.profiles.predefined.get(profile_id, \*, account_id) -> Optional[PredefinedGetResponse] +- client.zero_trust.dlp.profiles.predefined.get(profile_id, \*, account_id) -> Optional[PredefinedProfile] ### Limits @@ -7214,6 +7249,27 @@ Methods: - client.zero_trust.gateway.certificates.deactivate(certificate_id, \*, account_id, \*\*params) -> Optional[CertificateDeactivateResponse] - client.zero_trust.gateway.certificates.get(certificate_id, \*, account_id) -> Optional[CertificateGetResponse] +### Pacfiles + +Types: + +```python +from cloudflare.types.zero_trust.gateway import ( + PacfileCreateResponse, + PacfileUpdateResponse, + PacfileListResponse, + PacfileGetResponse, +) +``` + +Methods: + +- client.zero_trust.gateway.pacfiles.create(\*, account_id, \*\*params) -> Optional[PacfileCreateResponse] +- client.zero_trust.gateway.pacfiles.update(pacfile_id, \*, account_id, \*\*params) -> Optional[PacfileUpdateResponse] +- client.zero_trust.gateway.pacfiles.list(\*, account_id) -> SyncSinglePage[PacfileListResponse] +- client.zero_trust.gateway.pacfiles.delete(pacfile_id, \*, account_id) -> object +- client.zero_trust.gateway.pacfiles.get(pacfile_id, \*, account_id) -> Optional[PacfileGetResponse] + ## Networks ### Routes @@ -7274,6 +7330,26 @@ Methods: - client.zero_trust.networks.subnets.list(\*, account_id, \*\*params) -> SyncV4PagePaginationArray[SubnetListResponse] +#### WARP + +Types: + +```python +from cloudflare.types.zero_trust.networks.subnets import ( + WARPCreateResponse, + WARPDeleteResponse, + WARPEditResponse, + WARPGetResponse, +) +``` + +Methods: + +- client.zero_trust.networks.subnets.warp.create(\*, account_id, \*\*params) -> WARPCreateResponse +- client.zero_trust.networks.subnets.warp.delete(subnet_id, \*, account_id) -> Optional[WARPDeleteResponse] +- client.zero_trust.networks.subnets.warp.edit(subnet_id, \*, account_id, \*\*params) -> WARPEditResponse +- client.zero_trust.networks.subnets.warp.get(subnet_id, \*, account_id) -> WARPGetResponse + #### CloudflareSource Types: @@ -8057,6 +8133,36 @@ Methods: - client.radar.netflows.top.ases(\*\*params) -> TopAsesResponse - client.radar.netflows.top.locations(\*\*params) -> TopLocationsResponse +## PostQuantum + +### Origin + +Types: + +```python +from cloudflare.types.radar.post_quantum import ( + OriginSummaryResponse, + OriginTimeseriesGroupsResponse, +) +``` + +Methods: + +- client.radar.post_quantum.origin.summary(dimension, \*\*params) -> OriginSummaryResponse +- client.radar.post_quantum.origin.timeseries_groups(dimension, \*\*params) -> OriginTimeseriesGroupsResponse + +### TLS + +Types: + +```python +from cloudflare.types.radar.post_quantum import TLSSupportResponse +``` + +Methods: + +- client.radar.post_quantum.tls.support(\*\*params) -> TLSSupportResponse + ## Search Types: @@ -8601,6 +8707,7 @@ Types: from cloudflare.types.radar.entities import ( ASNListResponse, ASNAsSetResponse, + ASNBotnetThreatFeedResponse, ASNGetResponse, ASNIPResponse, ASNRelResponse, @@ -8611,6 +8718,7 @@ Methods: - client.radar.entities.asns.list(\*\*params) -> ASNListResponse - client.radar.entities.asns.as_set(asn, \*\*params) -> ASNAsSetResponse +- client.radar.entities.asns.botnet_threat_feed(\*\*params) -> ASNBotnetThreatFeedResponse - client.radar.entities.asns.get(asn, \*\*params) -> ASNGetResponse - client.radar.entities.asns.ip(\*\*params) -> ASNIPResponse - client.radar.entities.asns.rel(asn, \*\*params) -> ASNRelResponse @@ -9383,19 +9491,14 @@ Methods: Types: ```python -from cloudflare.types.snippets import ( - SnippetUpdateResponse, - SnippetListResponse, - SnippetDeleteResponse, - SnippetGetResponse, -) +from cloudflare.types.snippets import SnippetUpdateResponse, SnippetListResponse, SnippetGetResponse ``` Methods: - client.snippets.update(snippet_name, \*, zone_id, \*\*params) -> SnippetUpdateResponse - client.snippets.list(\*, zone_id, \*\*params) -> SyncV4PagePaginationArray[SnippetListResponse] -- client.snippets.delete(snippet_name, \*, zone_id) -> str +- client.snippets.delete(snippet_name, \*, zone_id) -> object - client.snippets.get(snippet_name, \*, zone_id) -> SnippetGetResponse ## Content @@ -9406,17 +9509,11 @@ Methods: ## Rules -Types: - -```python -from cloudflare.types.snippets import RuleUpdateResponse, RuleListResponse, RuleDeleteResponse -``` - Methods: -- client.snippets.rules.update(\*, zone_id, \*\*params) -> SyncSinglePage[RuleUpdateResponse] -- client.snippets.rules.list(\*, zone_id) -> SyncSinglePage[RuleListResponse] -- client.snippets.rules.delete(\*, zone_id) -> SyncSinglePage[RuleDeleteResponse] +- client.snippets.rules.update(\*, zone_id, \*\*params) -> object +- client.snippets.rules.list(\*, zone_id) -> object +- client.snippets.rules.delete(\*, zone_id) -> object # RealtimeKit @@ -9814,7 +9911,6 @@ Types: from cloudflare.types.cloudforce_one import ( ThreatEventCreateResponse, ThreatEventListResponse, - ThreatEventDeleteResponse, ThreatEventBulkCreateResponse, ThreatEventEditResponse, ThreatEventGetResponse, @@ -9825,7 +9921,6 @@ Methods: - client.cloudforce_one.threat_events.create(\*, path_account_id, \*\*params) -> ThreatEventCreateResponse - client.cloudforce_one.threat_events.list(\*, account_id, \*\*params) -> ThreatEventListResponse -- client.cloudforce_one.threat_events.delete(event_id, \*, account_id) -> ThreatEventDeleteResponse - client.cloudforce_one.threat_events.bulk_create(\*, account_id, \*\*params) -> ThreatEventBulkCreateResponse - client.cloudforce_one.threat_events.edit(event_id, \*, account_id, \*\*params) -> ThreatEventEditResponse - client.cloudforce_one.threat_events.get(event_id, \*, account_id) -> ThreatEventGetResponse @@ -10613,9 +10708,15 @@ Methods: ### Schema +Types: + +```python +from cloudflare.types.ai.models import SchemaGetResponse +``` + Methods: -- client.ai.models.schema.get(\*, account_id, \*\*params) -> object +- client.ai.models.schema.get(\*, account_id, \*\*params) -> SchemaGetResponse ## ToMarkdown diff --git a/pyproject.toml b/pyproject.toml index a5a2adb78ec..2375f19d098 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "cloudflare" -version = "5.0.0-beta.1" +version = "5.0.0-beta.2" description = "The official Python library for the cloudflare API" dynamic = ["readme"] license = "Apache-2.0" diff --git a/src/cloudflare/_version.py b/src/cloudflare/_version.py index d358440ad0c..f204e83c6ac 100644 --- a/src/cloudflare/_version.py +++ b/src/cloudflare/_version.py @@ -1,4 +1,4 @@ # File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. __title__ = "cloudflare" -__version__ = "5.0.0-beta.1" # x-release-please-version +__version__ = "5.0.0-beta.2" # x-release-please-version diff --git a/src/cloudflare/resources/accounts/members.py b/src/cloudflare/resources/accounts/members.py index 61eb3ff9fc2..015215bb852 100644 --- a/src/cloudflare/resources/accounts/members.py +++ b/src/cloudflare/resources/accounts/members.py @@ -73,6 +73,10 @@ def create( roles: Array of roles associated with this member. + status: Status of the member invitation. If not provided during creation, defaults to + 'pending'. Changing from 'accepted' back to 'pending' will trigger a replacement + of the member resource in Terraform. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request @@ -108,6 +112,10 @@ def create( policies: Array of policies associated with this member. + status: Status of the member invitation. If not provided during creation, defaults to + 'pending'. Changing from 'accepted' back to 'pending' will trigger a replacement + of the member resource in Terraform. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request @@ -461,6 +469,10 @@ async def create( roles: Array of roles associated with this member. + status: Status of the member invitation. If not provided during creation, defaults to + 'pending'. Changing from 'accepted' back to 'pending' will trigger a replacement + of the member resource in Terraform. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request @@ -496,6 +508,10 @@ async def create( policies: Array of policies associated with this member. + status: Status of the member invitation. If not provided during creation, defaults to + 'pending'. Changing from 'accepted' back to 'pending' will trigger a replacement + of the member resource in Terraform. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request diff --git a/src/cloudflare/resources/acm/__init__.py b/src/cloudflare/resources/acm/__init__.py index ed969a286c5..c4b907c8226 100644 --- a/src/cloudflare/resources/acm/__init__.py +++ b/src/cloudflare/resources/acm/__init__.py @@ -16,6 +16,14 @@ TotalTLSResourceWithStreamingResponse, AsyncTotalTLSResourceWithStreamingResponse, ) +from .custom_trust_store import ( + CustomTrustStoreResource, + AsyncCustomTrustStoreResource, + CustomTrustStoreResourceWithRawResponse, + AsyncCustomTrustStoreResourceWithRawResponse, + CustomTrustStoreResourceWithStreamingResponse, + AsyncCustomTrustStoreResourceWithStreamingResponse, +) __all__ = [ "TotalTLSResource", @@ -24,6 +32,12 @@ "AsyncTotalTLSResourceWithRawResponse", "TotalTLSResourceWithStreamingResponse", "AsyncTotalTLSResourceWithStreamingResponse", + "CustomTrustStoreResource", + "AsyncCustomTrustStoreResource", + "CustomTrustStoreResourceWithRawResponse", + "AsyncCustomTrustStoreResourceWithRawResponse", + "CustomTrustStoreResourceWithStreamingResponse", + "AsyncCustomTrustStoreResourceWithStreamingResponse", "ACMResource", "AsyncACMResource", "ACMResourceWithRawResponse", diff --git a/src/cloudflare/resources/acm/acm.py b/src/cloudflare/resources/acm/acm.py index 4d576c8fa13..ec37c76a47b 100644 --- a/src/cloudflare/resources/acm/acm.py +++ b/src/cloudflare/resources/acm/acm.py @@ -12,6 +12,14 @@ AsyncTotalTLSResourceWithStreamingResponse, ) from ..._resource import SyncAPIResource, AsyncAPIResource +from .custom_trust_store import ( + CustomTrustStoreResource, + AsyncCustomTrustStoreResource, + CustomTrustStoreResourceWithRawResponse, + AsyncCustomTrustStoreResourceWithRawResponse, + CustomTrustStoreResourceWithStreamingResponse, + AsyncCustomTrustStoreResourceWithStreamingResponse, +) __all__ = ["ACMResource", "AsyncACMResource"] @@ -21,6 +29,10 @@ class ACMResource(SyncAPIResource): def total_tls(self) -> TotalTLSResource: return TotalTLSResource(self._client) + @cached_property + def custom_trust_store(self) -> CustomTrustStoreResource: + return CustomTrustStoreResource(self._client) + @cached_property def with_raw_response(self) -> ACMResourceWithRawResponse: """ @@ -46,6 +58,10 @@ class AsyncACMResource(AsyncAPIResource): def total_tls(self) -> AsyncTotalTLSResource: return AsyncTotalTLSResource(self._client) + @cached_property + def custom_trust_store(self) -> AsyncCustomTrustStoreResource: + return AsyncCustomTrustStoreResource(self._client) + @cached_property def with_raw_response(self) -> AsyncACMResourceWithRawResponse: """ @@ -74,6 +90,10 @@ def __init__(self, acm: ACMResource) -> None: def total_tls(self) -> TotalTLSResourceWithRawResponse: return TotalTLSResourceWithRawResponse(self._acm.total_tls) + @cached_property + def custom_trust_store(self) -> CustomTrustStoreResourceWithRawResponse: + return CustomTrustStoreResourceWithRawResponse(self._acm.custom_trust_store) + class AsyncACMResourceWithRawResponse: def __init__(self, acm: AsyncACMResource) -> None: @@ -83,6 +103,10 @@ def __init__(self, acm: AsyncACMResource) -> None: def total_tls(self) -> AsyncTotalTLSResourceWithRawResponse: return AsyncTotalTLSResourceWithRawResponse(self._acm.total_tls) + @cached_property + def custom_trust_store(self) -> AsyncCustomTrustStoreResourceWithRawResponse: + return AsyncCustomTrustStoreResourceWithRawResponse(self._acm.custom_trust_store) + class ACMResourceWithStreamingResponse: def __init__(self, acm: ACMResource) -> None: @@ -92,6 +116,10 @@ def __init__(self, acm: ACMResource) -> None: def total_tls(self) -> TotalTLSResourceWithStreamingResponse: return TotalTLSResourceWithStreamingResponse(self._acm.total_tls) + @cached_property + def custom_trust_store(self) -> CustomTrustStoreResourceWithStreamingResponse: + return CustomTrustStoreResourceWithStreamingResponse(self._acm.custom_trust_store) + class AsyncACMResourceWithStreamingResponse: def __init__(self, acm: AsyncACMResource) -> None: @@ -100,3 +128,7 @@ def __init__(self, acm: AsyncACMResource) -> None: @cached_property def total_tls(self) -> AsyncTotalTLSResourceWithStreamingResponse: return AsyncTotalTLSResourceWithStreamingResponse(self._acm.total_tls) + + @cached_property + def custom_trust_store(self) -> AsyncCustomTrustStoreResourceWithStreamingResponse: + return AsyncCustomTrustStoreResourceWithStreamingResponse(self._acm.custom_trust_store) diff --git a/src/cloudflare/resources/acm/custom_trust_store.py b/src/cloudflare/resources/acm/custom_trust_store.py new file mode 100644 index 00000000000..d7b87885150 --- /dev/null +++ b/src/cloudflare/resources/acm/custom_trust_store.py @@ -0,0 +1,540 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Type, Optional, cast + +import httpx + +from ..._types import Body, Omit, Query, Headers, NotGiven, omit, not_given +from ..._utils import maybe_transform, async_maybe_transform +from ..._compat import cached_property +from ..._resource import SyncAPIResource, AsyncAPIResource +from ..._response import ( + to_raw_response_wrapper, + to_streamed_response_wrapper, + async_to_raw_response_wrapper, + async_to_streamed_response_wrapper, +) +from ..._wrappers import ResultWrapper +from ...types.acm import custom_trust_store_list_params, custom_trust_store_create_params +from ...pagination import SyncV4PagePaginationArray, AsyncV4PagePaginationArray +from ..._base_client import AsyncPaginator, make_request_options +from ...types.acm.custom_trust_store import CustomTrustStore +from ...types.acm.custom_trust_store_delete_response import CustomTrustStoreDeleteResponse + +__all__ = ["CustomTrustStoreResource", "AsyncCustomTrustStoreResource"] + + +class CustomTrustStoreResource(SyncAPIResource): + @cached_property + def with_raw_response(self) -> CustomTrustStoreResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return CustomTrustStoreResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> CustomTrustStoreResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return CustomTrustStoreResourceWithStreamingResponse(self) + + def create( + self, + *, + zone_id: str, + certificate: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[CustomTrustStore]: + """ + Add Custom Origin Trust Store for a Zone. + + Args: + zone_id: Identifier. + + certificate: The zone's SSL certificate or certificate and the intermediate(s). + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + return self._post( + f"/zones/{zone_id}/acm/custom_trust_store", + body=maybe_transform( + {"certificate": certificate}, custom_trust_store_create_params.CustomTrustStoreCreateParams + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[CustomTrustStore]]._unwrapper, + ), + cast_to=cast(Type[Optional[CustomTrustStore]], ResultWrapper[CustomTrustStore]), + ) + + def list( + self, + *, + zone_id: str, + limit: int | Omit = omit, + offset: int | Omit = omit, + page: float | Omit = omit, + per_page: float | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> SyncV4PagePaginationArray[CustomTrustStore]: + """ + Get Custom Origin Trust Store for a Zone. + + Args: + zone_id: Identifier. + + limit: Limit to the number of records returned. + + offset: Offset the results + + page: Page number of paginated results. + + per_page: Number of records per page. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + return self._get_api_list( + f"/zones/{zone_id}/acm/custom_trust_store", + page=SyncV4PagePaginationArray[CustomTrustStore], + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "limit": limit, + "offset": offset, + "page": page, + "per_page": per_page, + }, + custom_trust_store_list_params.CustomTrustStoreListParams, + ), + ), + model=CustomTrustStore, + ) + + def delete( + self, + custom_origin_trust_store_id: str, + *, + zone_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[CustomTrustStoreDeleteResponse]: + """Removes a CA certificate from the custom origin trust store. + + Origins using + certificates signed by this CA will no longer be trusted. + + Args: + zone_id: Identifier. + + custom_origin_trust_store_id: Identifier. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + if not custom_origin_trust_store_id: + raise ValueError( + f"Expected a non-empty value for `custom_origin_trust_store_id` but received {custom_origin_trust_store_id!r}" + ) + return self._delete( + f"/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[CustomTrustStoreDeleteResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[CustomTrustStoreDeleteResponse]], ResultWrapper[CustomTrustStoreDeleteResponse]), + ) + + def get( + self, + custom_origin_trust_store_id: str, + *, + zone_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[CustomTrustStore]: + """ + Retrieves details about a specific certificate in the custom origin trust store, + including expiration and subject information. + + Args: + zone_id: Identifier. + + custom_origin_trust_store_id: Identifier. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + if not custom_origin_trust_store_id: + raise ValueError( + f"Expected a non-empty value for `custom_origin_trust_store_id` but received {custom_origin_trust_store_id!r}" + ) + return self._get( + f"/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[CustomTrustStore]]._unwrapper, + ), + cast_to=cast(Type[Optional[CustomTrustStore]], ResultWrapper[CustomTrustStore]), + ) + + +class AsyncCustomTrustStoreResource(AsyncAPIResource): + @cached_property + def with_raw_response(self) -> AsyncCustomTrustStoreResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncCustomTrustStoreResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncCustomTrustStoreResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncCustomTrustStoreResourceWithStreamingResponse(self) + + async def create( + self, + *, + zone_id: str, + certificate: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[CustomTrustStore]: + """ + Add Custom Origin Trust Store for a Zone. + + Args: + zone_id: Identifier. + + certificate: The zone's SSL certificate or certificate and the intermediate(s). + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + return await self._post( + f"/zones/{zone_id}/acm/custom_trust_store", + body=await async_maybe_transform( + {"certificate": certificate}, custom_trust_store_create_params.CustomTrustStoreCreateParams + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[CustomTrustStore]]._unwrapper, + ), + cast_to=cast(Type[Optional[CustomTrustStore]], ResultWrapper[CustomTrustStore]), + ) + + def list( + self, + *, + zone_id: str, + limit: int | Omit = omit, + offset: int | Omit = omit, + page: float | Omit = omit, + per_page: float | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> AsyncPaginator[CustomTrustStore, AsyncV4PagePaginationArray[CustomTrustStore]]: + """ + Get Custom Origin Trust Store for a Zone. + + Args: + zone_id: Identifier. + + limit: Limit to the number of records returned. + + offset: Offset the results + + page: Page number of paginated results. + + per_page: Number of records per page. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + return self._get_api_list( + f"/zones/{zone_id}/acm/custom_trust_store", + page=AsyncV4PagePaginationArray[CustomTrustStore], + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "limit": limit, + "offset": offset, + "page": page, + "per_page": per_page, + }, + custom_trust_store_list_params.CustomTrustStoreListParams, + ), + ), + model=CustomTrustStore, + ) + + async def delete( + self, + custom_origin_trust_store_id: str, + *, + zone_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[CustomTrustStoreDeleteResponse]: + """Removes a CA certificate from the custom origin trust store. + + Origins using + certificates signed by this CA will no longer be trusted. + + Args: + zone_id: Identifier. + + custom_origin_trust_store_id: Identifier. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + if not custom_origin_trust_store_id: + raise ValueError( + f"Expected a non-empty value for `custom_origin_trust_store_id` but received {custom_origin_trust_store_id!r}" + ) + return await self._delete( + f"/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[CustomTrustStoreDeleteResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[CustomTrustStoreDeleteResponse]], ResultWrapper[CustomTrustStoreDeleteResponse]), + ) + + async def get( + self, + custom_origin_trust_store_id: str, + *, + zone_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[CustomTrustStore]: + """ + Retrieves details about a specific certificate in the custom origin trust store, + including expiration and subject information. + + Args: + zone_id: Identifier. + + custom_origin_trust_store_id: Identifier. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not zone_id: + raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") + if not custom_origin_trust_store_id: + raise ValueError( + f"Expected a non-empty value for `custom_origin_trust_store_id` but received {custom_origin_trust_store_id!r}" + ) + return await self._get( + f"/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[CustomTrustStore]]._unwrapper, + ), + cast_to=cast(Type[Optional[CustomTrustStore]], ResultWrapper[CustomTrustStore]), + ) + + +class CustomTrustStoreResourceWithRawResponse: + def __init__(self, custom_trust_store: CustomTrustStoreResource) -> None: + self._custom_trust_store = custom_trust_store + + self.create = to_raw_response_wrapper( + custom_trust_store.create, + ) + self.list = to_raw_response_wrapper( + custom_trust_store.list, + ) + self.delete = to_raw_response_wrapper( + custom_trust_store.delete, + ) + self.get = to_raw_response_wrapper( + custom_trust_store.get, + ) + + +class AsyncCustomTrustStoreResourceWithRawResponse: + def __init__(self, custom_trust_store: AsyncCustomTrustStoreResource) -> None: + self._custom_trust_store = custom_trust_store + + self.create = async_to_raw_response_wrapper( + custom_trust_store.create, + ) + self.list = async_to_raw_response_wrapper( + custom_trust_store.list, + ) + self.delete = async_to_raw_response_wrapper( + custom_trust_store.delete, + ) + self.get = async_to_raw_response_wrapper( + custom_trust_store.get, + ) + + +class CustomTrustStoreResourceWithStreamingResponse: + def __init__(self, custom_trust_store: CustomTrustStoreResource) -> None: + self._custom_trust_store = custom_trust_store + + self.create = to_streamed_response_wrapper( + custom_trust_store.create, + ) + self.list = to_streamed_response_wrapper( + custom_trust_store.list, + ) + self.delete = to_streamed_response_wrapper( + custom_trust_store.delete, + ) + self.get = to_streamed_response_wrapper( + custom_trust_store.get, + ) + + +class AsyncCustomTrustStoreResourceWithStreamingResponse: + def __init__(self, custom_trust_store: AsyncCustomTrustStoreResource) -> None: + self._custom_trust_store = custom_trust_store + + self.create = async_to_streamed_response_wrapper( + custom_trust_store.create, + ) + self.list = async_to_streamed_response_wrapper( + custom_trust_store.list, + ) + self.delete = async_to_streamed_response_wrapper( + custom_trust_store.delete, + ) + self.get = async_to_streamed_response_wrapper( + custom_trust_store.get, + ) diff --git a/src/cloudflare/resources/ai/models/schema.py b/src/cloudflare/resources/ai/models/schema.py index 2f12236dd38..d555ab98627 100644 --- a/src/cloudflare/resources/ai/models/schema.py +++ b/src/cloudflare/resources/ai/models/schema.py @@ -19,6 +19,7 @@ from ...._wrappers import ResultWrapper from ...._base_client import make_request_options from ....types.ai.models import schema_get_params +from ....types.ai.models.schema_get_response import SchemaGetResponse __all__ = ["SchemaResource", "AsyncSchemaResource"] @@ -54,7 +55,7 @@ def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> object: + ) -> SchemaGetResponse: """ Get Model Schema @@ -79,9 +80,9 @@ def get( extra_body=extra_body, timeout=timeout, query=maybe_transform({"model": model}, schema_get_params.SchemaGetParams), - post_parser=ResultWrapper[object]._unwrapper, + post_parser=ResultWrapper[SchemaGetResponse]._unwrapper, ), - cast_to=cast(Type[object], ResultWrapper[object]), + cast_to=cast(Type[SchemaGetResponse], ResultWrapper[SchemaGetResponse]), ) @@ -116,7 +117,7 @@ async def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> object: + ) -> SchemaGetResponse: """ Get Model Schema @@ -141,9 +142,9 @@ async def get( extra_body=extra_body, timeout=timeout, query=await async_maybe_transform({"model": model}, schema_get_params.SchemaGetParams), - post_parser=ResultWrapper[object]._unwrapper, + post_parser=ResultWrapper[SchemaGetResponse]._unwrapper, ), - cast_to=cast(Type[object], ResultWrapper[object]), + cast_to=cast(Type[SchemaGetResponse], ResultWrapper[SchemaGetResponse]), ) diff --git a/src/cloudflare/resources/aisearch/instances/instances.py b/src/cloudflare/resources/aisearch/instances/instances.py index 44984f27f89..256d55b0ba3 100644 --- a/src/cloudflare/resources/aisearch/instances/instances.py +++ b/src/cloudflare/resources/aisearch/instances/instances.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Type, Iterable, cast +from typing import Type, Iterable, Optional, cast from typing_extensions import Literal import httpx @@ -90,15 +90,17 @@ def create( id: str, source: str, type: Literal["r2", "web-crawler"], - ai_gateway_id: str | Omit = omit, + ai_gateway_id: Optional[str] | Omit = omit, aisearch_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -135,20 +137,24 @@ def create( "", ] | Omit = omit, + fusion_method: Literal["max", "rrf"] | Omit = omit, hybrid_search_enabled: bool | Omit = omit, max_num_results: int | Omit = omit, metadata: instance_create_params.Metadata | Omit = omit, public_endpoint_params: instance_create_params.PublicEndpointParams | Omit = omit, reranking: bool | Omit = omit, reranking_model: Literal["@cf/baai/bge-reranker-base", ""] | Omit = omit, + retrieval_options: Optional[instance_create_params.RetrievalOptions] | Omit = omit, rewrite_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -172,7 +178,7 @@ def create( | Omit = omit, rewrite_query: bool | Omit = omit, score_threshold: float | Omit = omit, - source_params: instance_create_params.SourceParams | Omit = omit, + source_params: Optional[instance_create_params.SourceParams] | Omit = omit, token_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -182,7 +188,7 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceCreateResponse: """ - Create new instances. + Create a new instances. Args: id: Use your AI Search ID. @@ -211,12 +217,14 @@ def create( "chunk_size": chunk_size, "custom_metadata": custom_metadata, "embedding_model": embedding_model, + "fusion_method": fusion_method, "hybrid_search_enabled": hybrid_search_enabled, "max_num_results": max_num_results, "metadata": metadata, "public_endpoint_params": public_endpoint_params, "reranking": reranking, "reranking_model": reranking_model, + "retrieval_options": retrieval_options, "rewrite_model": rewrite_model, "rewrite_query": rewrite_query, "score_threshold": score_threshold, @@ -240,15 +248,17 @@ def update( id: str, *, account_id: str, - ai_gateway_id: str | Omit = omit, + ai_gateway_id: Optional[str] | Omit = omit, aisearch_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -288,6 +298,7 @@ def update( "", ] | Omit = omit, + fusion_method: Literal["max", "rrf"] | Omit = omit, hybrid_search_enabled: bool | Omit = omit, max_num_results: int | Omit = omit, metadata: instance_update_params.Metadata | Omit = omit, @@ -295,14 +306,17 @@ def update( public_endpoint_params: instance_update_params.PublicEndpointParams | Omit = omit, reranking: bool | Omit = omit, reranking_model: Literal["@cf/baai/bge-reranker-base", ""] | Omit = omit, + retrieval_options: Optional[instance_update_params.RetrievalOptions] | Omit = omit, rewrite_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -326,16 +340,18 @@ def update( | Omit = omit, rewrite_query: bool | Omit = omit, score_threshold: float | Omit = omit, - source_params: instance_update_params.SourceParams | Omit = omit, + source_params: Optional[instance_update_params.SourceParams] | Omit = omit, summarization: bool | Omit = omit, summarization_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -357,9 +373,9 @@ def update( "", ] | Omit = omit, - system_prompt_aisearch: str | Omit = omit, - system_prompt_index_summarization: str | Omit = omit, - system_prompt_rewrite_query: str | Omit = omit, + system_prompt_aisearch: Optional[str] | Omit = omit, + system_prompt_index_summarization: Optional[str] | Omit = omit, + system_prompt_rewrite_query: Optional[str] | Omit = omit, token_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -399,6 +415,7 @@ def update( "chunk_size": chunk_size, "custom_metadata": custom_metadata, "embedding_model": embedding_model, + "fusion_method": fusion_method, "hybrid_search_enabled": hybrid_search_enabled, "max_num_results": max_num_results, "metadata": metadata, @@ -406,6 +423,7 @@ def update( "public_endpoint_params": public_endpoint_params, "reranking": reranking, "reranking_model": reranking_model, + "retrieval_options": retrieval_options, "rewrite_model": rewrite_model, "rewrite_query": rewrite_query, "score_threshold": score_threshold, @@ -530,12 +548,14 @@ def chat_completions( aisearch_options: instance_chat_completions_params.AISearchOptions | Omit = omit, model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -566,7 +586,8 @@ def chat_completions( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceChatCompletionsResponse: """ - Chat Completions + Performs a chat completion request against an AI Search instance, using indexed + content as context for generating responses. Args: id: Use your AI Search ID. @@ -657,7 +678,8 @@ def search( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceSearchResponse: """ - Search + Executes a semantic search query against an AI Search instance to find relevant + indexed content. Args: id: Use your AI Search ID. @@ -706,7 +728,7 @@ def stats( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceStatsResponse: """ - Stats + Retrieves usage statistics for AI Search instances. Args: id: Use your AI Search ID. @@ -771,15 +793,17 @@ async def create( id: str, source: str, type: Literal["r2", "web-crawler"], - ai_gateway_id: str | Omit = omit, + ai_gateway_id: Optional[str] | Omit = omit, aisearch_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -816,20 +840,24 @@ async def create( "", ] | Omit = omit, + fusion_method: Literal["max", "rrf"] | Omit = omit, hybrid_search_enabled: bool | Omit = omit, max_num_results: int | Omit = omit, metadata: instance_create_params.Metadata | Omit = omit, public_endpoint_params: instance_create_params.PublicEndpointParams | Omit = omit, reranking: bool | Omit = omit, reranking_model: Literal["@cf/baai/bge-reranker-base", ""] | Omit = omit, + retrieval_options: Optional[instance_create_params.RetrievalOptions] | Omit = omit, rewrite_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -853,7 +881,7 @@ async def create( | Omit = omit, rewrite_query: bool | Omit = omit, score_threshold: float | Omit = omit, - source_params: instance_create_params.SourceParams | Omit = omit, + source_params: Optional[instance_create_params.SourceParams] | Omit = omit, token_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -863,7 +891,7 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceCreateResponse: """ - Create new instances. + Create a new instances. Args: id: Use your AI Search ID. @@ -892,12 +920,14 @@ async def create( "chunk_size": chunk_size, "custom_metadata": custom_metadata, "embedding_model": embedding_model, + "fusion_method": fusion_method, "hybrid_search_enabled": hybrid_search_enabled, "max_num_results": max_num_results, "metadata": metadata, "public_endpoint_params": public_endpoint_params, "reranking": reranking, "reranking_model": reranking_model, + "retrieval_options": retrieval_options, "rewrite_model": rewrite_model, "rewrite_query": rewrite_query, "score_threshold": score_threshold, @@ -921,15 +951,17 @@ async def update( id: str, *, account_id: str, - ai_gateway_id: str | Omit = omit, + ai_gateway_id: Optional[str] | Omit = omit, aisearch_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -969,6 +1001,7 @@ async def update( "", ] | Omit = omit, + fusion_method: Literal["max", "rrf"] | Omit = omit, hybrid_search_enabled: bool | Omit = omit, max_num_results: int | Omit = omit, metadata: instance_update_params.Metadata | Omit = omit, @@ -976,14 +1009,17 @@ async def update( public_endpoint_params: instance_update_params.PublicEndpointParams | Omit = omit, reranking: bool | Omit = omit, reranking_model: Literal["@cf/baai/bge-reranker-base", ""] | Omit = omit, + retrieval_options: Optional[instance_update_params.RetrievalOptions] | Omit = omit, rewrite_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -1007,16 +1043,18 @@ async def update( | Omit = omit, rewrite_query: bool | Omit = omit, score_threshold: float | Omit = omit, - source_params: instance_update_params.SourceParams | Omit = omit, + source_params: Optional[instance_update_params.SourceParams] | Omit = omit, summarization: bool | Omit = omit, summarization_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -1038,9 +1076,9 @@ async def update( "", ] | Omit = omit, - system_prompt_aisearch: str | Omit = omit, - system_prompt_index_summarization: str | Omit = omit, - system_prompt_rewrite_query: str | Omit = omit, + system_prompt_aisearch: Optional[str] | Omit = omit, + system_prompt_index_summarization: Optional[str] | Omit = omit, + system_prompt_rewrite_query: Optional[str] | Omit = omit, token_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -1080,6 +1118,7 @@ async def update( "chunk_size": chunk_size, "custom_metadata": custom_metadata, "embedding_model": embedding_model, + "fusion_method": fusion_method, "hybrid_search_enabled": hybrid_search_enabled, "max_num_results": max_num_results, "metadata": metadata, @@ -1087,6 +1126,7 @@ async def update( "public_endpoint_params": public_endpoint_params, "reranking": reranking, "reranking_model": reranking_model, + "retrieval_options": retrieval_options, "rewrite_model": rewrite_model, "rewrite_query": rewrite_query, "score_threshold": score_threshold, @@ -1211,12 +1251,14 @@ async def chat_completions( aisearch_options: instance_chat_completions_params.AISearchOptions | Omit = omit, model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -1247,7 +1289,8 @@ async def chat_completions( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceChatCompletionsResponse: """ - Chat Completions + Performs a chat completion request against an AI Search instance, using indexed + content as context for generating responses. Args: id: Use your AI Search ID. @@ -1338,7 +1381,8 @@ async def search( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceSearchResponse: """ - Search + Executes a semantic search query against an AI Search instance to find relevant + indexed content. Args: id: Use your AI Search ID. @@ -1387,7 +1431,7 @@ async def stats( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> InstanceStatsResponse: """ - Stats + Retrieves usage statistics for AI Search instances. Args: id: Use your AI Search ID. diff --git a/src/cloudflare/resources/aisearch/instances/items.py b/src/cloudflare/resources/aisearch/instances/items.py index 7ed961721d2..eaa492c2593 100644 --- a/src/cloudflare/resources/aisearch/instances/items.py +++ b/src/cloudflare/resources/aisearch/instances/items.py @@ -64,7 +64,7 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncV4PagePaginationArray[ItemListResponse]: """ - Items List. + Lists indexed items in an AI Search instance. Args: id: Use your AI Search ID. @@ -116,7 +116,7 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> ItemGetResponse: """ - Get Item. + Retrieves a specific indexed item from an AI Search instance. Args: id: Use your AI Search ID. @@ -185,7 +185,7 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[ItemListResponse, AsyncV4PagePaginationArray[ItemListResponse]]: """ - Items List. + Lists indexed items in an AI Search instance. Args: id: Use your AI Search ID. @@ -237,7 +237,7 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> ItemGetResponse: """ - Get Item. + Retrieves a specific indexed item from an AI Search instance. Args: id: Use your AI Search ID. diff --git a/src/cloudflare/resources/aisearch/instances/jobs.py b/src/cloudflare/resources/aisearch/instances/jobs.py index 2c6bb4226f5..d5c03bf6e7a 100644 --- a/src/cloudflare/resources/aisearch/instances/jobs.py +++ b/src/cloudflare/resources/aisearch/instances/jobs.py @@ -61,7 +61,7 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> JobCreateResponse: """ - Create new job + Creates a new indexing job for an AI Search instance. Args: id: Use your AI Search ID. @@ -105,7 +105,7 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncV4PagePaginationArray[JobListResponse]: """ - List Jobs + Lists indexing jobs for an AI Search instance. Args: id: Use your AI Search ID. @@ -155,7 +155,7 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> JobGetResponse: """ - Get a Job Details + Retrieves details for a specific AI Search indexing job. Args: id: Use your AI Search ID. @@ -202,7 +202,7 @@ def logs( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> JobLogsResponse: """ - List Job Logs + Lists log entries for an AI Search indexing job. Args: id: Use your AI Search ID. @@ -274,7 +274,7 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> JobCreateResponse: """ - Create new job + Creates a new indexing job for an AI Search instance. Args: id: Use your AI Search ID. @@ -318,7 +318,7 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[JobListResponse, AsyncV4PagePaginationArray[JobListResponse]]: """ - List Jobs + Lists indexing jobs for an AI Search instance. Args: id: Use your AI Search ID. @@ -368,7 +368,7 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> JobGetResponse: """ - Get a Job Details + Retrieves details for a specific AI Search indexing job. Args: id: Use your AI Search ID. @@ -415,7 +415,7 @@ async def logs( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> JobLogsResponse: """ - List Job Logs + Lists log entries for an AI Search indexing job. Args: id: Use your AI Search ID. diff --git a/src/cloudflare/resources/aisearch/tokens.py b/src/cloudflare/resources/aisearch/tokens.py index 1834a9b0c6a..8916dfecec0 100644 --- a/src/cloudflare/resources/aisearch/tokens.py +++ b/src/cloudflare/resources/aisearch/tokens.py @@ -64,7 +64,7 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> TokenCreateResponse: """ - Create new tokens. + Create a new tokens. Args: extra_headers: Send extra headers @@ -310,7 +310,7 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> TokenCreateResponse: """ - Create new tokens. + Create a new tokens. Args: extra_headers: Send extra headers diff --git a/src/cloudflare/resources/cloudforce_one/threat_events/threat_events.py b/src/cloudflare/resources/cloudforce_one/threat_events/threat_events.py index a7192f4b7e3..54df839157c 100644 --- a/src/cloudflare/resources/cloudforce_one/threat_events/threat_events.py +++ b/src/cloudflare/resources/cloudforce_one/threat_events/threat_events.py @@ -110,7 +110,6 @@ from ....types.cloudforce_one.threat_event_edit_response import ThreatEventEditResponse from ....types.cloudforce_one.threat_event_list_response import ThreatEventListResponse from ....types.cloudforce_one.threat_event_create_response import ThreatEventCreateResponse -from ....types.cloudforce_one.threat_event_delete_response import ThreatEventDeleteResponse from ....types.cloudforce_one.threat_event_bulk_create_response import ThreatEventBulkCreateResponse __all__ = ["ThreatEventsResource", "AsyncThreatEventsResource"] @@ -329,50 +328,6 @@ def list( cast_to=ThreatEventListResponse, ) - def delete( - self, - event_id: str, - *, - account_id: str, - # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. - # The extra values given here take precedence over values defined on the client or passed to this method. - extra_headers: Headers | None = None, - extra_query: Query | None = None, - extra_body: Body | None = None, - timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> ThreatEventDeleteResponse: - """The `datasetId` parameter must be defined. - - To list existing datasets (and their - IDs) in your account, use the - [`List Datasets`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/list/) - endpoint. - - Args: - account_id: Account ID. - - event_id: Event UUID. - - extra_headers: Send extra headers - - extra_query: Add additional query parameters to the request - - extra_body: Add additional JSON properties to the request - - timeout: Override the client-level default timeout for this request, in seconds - """ - if not account_id: - raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") - if not event_id: - raise ValueError(f"Expected a non-empty value for `event_id` but received {event_id!r}") - return self._delete( - f"/accounts/{account_id}/cloudforce-one/events/{event_id}", - options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout - ), - cast_to=ThreatEventDeleteResponse, - ) - def bulk_create( self, *, @@ -756,50 +711,6 @@ async def list( cast_to=ThreatEventListResponse, ) - async def delete( - self, - event_id: str, - *, - account_id: str, - # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. - # The extra values given here take precedence over values defined on the client or passed to this method. - extra_headers: Headers | None = None, - extra_query: Query | None = None, - extra_body: Body | None = None, - timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> ThreatEventDeleteResponse: - """The `datasetId` parameter must be defined. - - To list existing datasets (and their - IDs) in your account, use the - [`List Datasets`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/list/) - endpoint. - - Args: - account_id: Account ID. - - event_id: Event UUID. - - extra_headers: Send extra headers - - extra_query: Add additional query parameters to the request - - extra_body: Add additional JSON properties to the request - - timeout: Override the client-level default timeout for this request, in seconds - """ - if not account_id: - raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") - if not event_id: - raise ValueError(f"Expected a non-empty value for `event_id` but received {event_id!r}") - return await self._delete( - f"/accounts/{account_id}/cloudforce-one/events/{event_id}", - options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout - ), - cast_to=ThreatEventDeleteResponse, - ) - async def bulk_create( self, *, @@ -980,9 +891,6 @@ def __init__(self, threat_events: ThreatEventsResource) -> None: self.list = to_raw_response_wrapper( threat_events.list, ) - self.delete = to_raw_response_wrapper( - threat_events.delete, - ) self.bulk_create = to_raw_response_wrapper( threat_events.bulk_create, ) @@ -1046,9 +954,6 @@ def __init__(self, threat_events: AsyncThreatEventsResource) -> None: self.list = async_to_raw_response_wrapper( threat_events.list, ) - self.delete = async_to_raw_response_wrapper( - threat_events.delete, - ) self.bulk_create = async_to_raw_response_wrapper( threat_events.bulk_create, ) @@ -1112,9 +1017,6 @@ def __init__(self, threat_events: ThreatEventsResource) -> None: self.list = to_streamed_response_wrapper( threat_events.list, ) - self.delete = to_streamed_response_wrapper( - threat_events.delete, - ) self.bulk_create = to_streamed_response_wrapper( threat_events.bulk_create, ) @@ -1178,9 +1080,6 @@ def __init__(self, threat_events: AsyncThreatEventsResource) -> None: self.list = async_to_streamed_response_wrapper( threat_events.list, ) - self.delete = async_to_streamed_response_wrapper( - threat_events.delete, - ) self.bulk_create = async_to_streamed_response_wrapper( threat_events.bulk_create, ) diff --git a/src/cloudflare/resources/custom_certificates/custom_certificates.py b/src/cloudflare/resources/custom_certificates/custom_certificates.py index 0d205aea65f..2e9c11871fd 100644 --- a/src/cloudflare/resources/custom_certificates/custom_certificates.py +++ b/src/cloudflare/resources/custom_certificates/custom_certificates.py @@ -3,12 +3,12 @@ from __future__ import annotations from typing import Type, Optional, cast -from typing_extensions import Literal, overload +from typing_extensions import Literal import httpx from ..._types import Body, Omit, Query, Headers, NotGiven, omit, not_given -from ..._utils import required_args, maybe_transform, async_maybe_transform +from ..._utils import maybe_transform, async_maybe_transform from ..._compat import cached_property from .prioritize import ( PrioritizeResource, @@ -73,6 +73,7 @@ def create( certificate: str, private_key: str, bundle_method: BundleMethod | Omit = omit, + deploy: Literal["staging", "production"] | Omit = omit, geo_restrictions: GeoRestrictionsParam | Omit = omit, policy: str | Omit = omit, type: Literal["legacy_custom", "sni_custom"] | Omit = omit, @@ -98,6 +99,8 @@ def create( the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. + deploy: The environment to deploy the certificate to, defaults to production + geo_restrictions: Specify the region where your private key can be held locally for optimal TLS performance. HTTPS connections to any excluded data center will still be fully encrypted, but will incur some latency while Keyless SSL is used to complete the @@ -114,7 +117,9 @@ def create( (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will - be rejected. + be rejected. Note: The API accepts this field as either "policy" or + "policy_restrictions" in requests. Responses return this field as + "policy_restrictions". type: The type 'legacy_custom' enables support for legacy clients which do not include SNI in the TLS handshake. @@ -136,6 +141,7 @@ def create( "certificate": certificate, "private_key": private_key, "bundle_method": bundle_method, + "deploy": deploy, "geo_restrictions": geo_restrictions, "policy": policy, "type": type, @@ -263,13 +269,17 @@ def delete( ), ) - @overload def edit( self, custom_certificate_id: str, *, zone_id: str, bundle_method: BundleMethod | Omit = omit, + certificate: str | Omit = omit, + deploy: Literal["staging", "production"] | Omit = omit, + geo_restrictions: GeoRestrictionsParam | Omit = omit, + policy: str | Omit = omit, + private_key: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -293,53 +303,9 @@ def edit( the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. - extra_headers: Send extra headers - - extra_query: Add additional query parameters to the request - - extra_body: Add additional JSON properties to the request - - timeout: Override the client-level default timeout for this request, in seconds - """ - ... - - @overload - def edit( - self, - custom_certificate_id: str, - *, - zone_id: str, - certificate: str, - private_key: str, - bundle_method: BundleMethod | Omit = omit, - geo_restrictions: GeoRestrictionsParam | Omit = omit, - policy: str | Omit = omit, - # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. - # The extra values given here take precedence over values defined on the client or passed to this method. - extra_headers: Headers | None = None, - extra_query: Query | None = None, - extra_body: Body | None = None, - timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomCertificate]: - """Upload a new private key and/or PEM/CRT for the SSL certificate. - - Note: PATCHing - a configuration for sni_custom certificates will result in a new resource id - being returned, and the previous one being deleted. - - Args: - zone_id: Identifier. - - custom_certificate_id: Identifier. - certificate: The zone's SSL certificate or certificate and the intermediate(s). - private_key: The zone's private key. - - bundle_method: A ubiquitous bundle has the highest probability of being verified everywhere, - even by clients using outdated or unusual trust stores. An optimal bundle uses - the shortest chain and newest intermediates. And the force bundle verifies the - chain, but does not otherwise modify it. + deploy: The environment to deploy the certificate to, defaults to production geo_restrictions: Specify the region where your private key can be held locally for optimal TLS performance. HTTPS connections to any excluded data center will still be fully @@ -357,7 +323,11 @@ def edit( (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will - be rejected. + be rejected. Note: The API accepts this field as either "policy" or + "policy_restrictions" in requests. Responses return this field as + "policy_restrictions". + + private_key: The zone's private key. extra_headers: Send extra headers @@ -367,26 +337,6 @@ def edit( timeout: Override the client-level default timeout for this request, in seconds """ - ... - - @required_args(["zone_id"], ["zone_id", "certificate", "private_key"]) - def edit( - self, - custom_certificate_id: str, - *, - zone_id: str, - bundle_method: BundleMethod | Omit = omit, - certificate: str | Omit = omit, - private_key: str | Omit = omit, - geo_restrictions: GeoRestrictionsParam | Omit = omit, - policy: str | Omit = omit, - # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. - # The extra values given here take precedence over values defined on the client or passed to this method. - extra_headers: Headers | None = None, - extra_query: Query | None = None, - extra_body: Body | None = None, - timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomCertificate]: if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") if not custom_certificate_id: @@ -399,9 +349,10 @@ def edit( { "bundle_method": bundle_method, "certificate": certificate, - "private_key": private_key, + "deploy": deploy, "geo_restrictions": geo_restrictions, "policy": policy, + "private_key": private_key, }, custom_certificate_edit_params.CustomCertificateEditParams, ), @@ -428,7 +379,9 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[CustomCertificate]: """ - SSL Configuration Details + Retrieves details for a specific custom SSL certificate, including certificate + metadata, bundle method, geographic restrictions, and associated keyless server + configuration. Args: zone_id: Identifier. @@ -493,6 +446,7 @@ async def create( certificate: str, private_key: str, bundle_method: BundleMethod | Omit = omit, + deploy: Literal["staging", "production"] | Omit = omit, geo_restrictions: GeoRestrictionsParam | Omit = omit, policy: str | Omit = omit, type: Literal["legacy_custom", "sni_custom"] | Omit = omit, @@ -518,6 +472,8 @@ async def create( the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. + deploy: The environment to deploy the certificate to, defaults to production + geo_restrictions: Specify the region where your private key can be held locally for optimal TLS performance. HTTPS connections to any excluded data center will still be fully encrypted, but will incur some latency while Keyless SSL is used to complete the @@ -534,7 +490,9 @@ async def create( (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will - be rejected. + be rejected. Note: The API accepts this field as either "policy" or + "policy_restrictions" in requests. Responses return this field as + "policy_restrictions". type: The type 'legacy_custom' enables support for legacy clients which do not include SNI in the TLS handshake. @@ -556,6 +514,7 @@ async def create( "certificate": certificate, "private_key": private_key, "bundle_method": bundle_method, + "deploy": deploy, "geo_restrictions": geo_restrictions, "policy": policy, "type": type, @@ -683,13 +642,17 @@ async def delete( ), ) - @overload async def edit( self, custom_certificate_id: str, *, zone_id: str, bundle_method: BundleMethod | Omit = omit, + certificate: str | Omit = omit, + deploy: Literal["staging", "production"] | Omit = omit, + geo_restrictions: GeoRestrictionsParam | Omit = omit, + policy: str | Omit = omit, + private_key: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -713,53 +676,9 @@ async def edit( the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. - extra_headers: Send extra headers - - extra_query: Add additional query parameters to the request - - extra_body: Add additional JSON properties to the request - - timeout: Override the client-level default timeout for this request, in seconds - """ - ... - - @overload - async def edit( - self, - custom_certificate_id: str, - *, - zone_id: str, - certificate: str, - private_key: str, - bundle_method: BundleMethod | Omit = omit, - geo_restrictions: GeoRestrictionsParam | Omit = omit, - policy: str | Omit = omit, - # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. - # The extra values given here take precedence over values defined on the client or passed to this method. - extra_headers: Headers | None = None, - extra_query: Query | None = None, - extra_body: Body | None = None, - timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomCertificate]: - """Upload a new private key and/or PEM/CRT for the SSL certificate. - - Note: PATCHing - a configuration for sni_custom certificates will result in a new resource id - being returned, and the previous one being deleted. - - Args: - zone_id: Identifier. - - custom_certificate_id: Identifier. - certificate: The zone's SSL certificate or certificate and the intermediate(s). - private_key: The zone's private key. - - bundle_method: A ubiquitous bundle has the highest probability of being verified everywhere, - even by clients using outdated or unusual trust stores. An optimal bundle uses - the shortest chain and newest intermediates. And the force bundle verifies the - chain, but does not otherwise modify it. + deploy: The environment to deploy the certificate to, defaults to production geo_restrictions: Specify the region where your private key can be held locally for optimal TLS performance. HTTPS connections to any excluded data center will still be fully @@ -777,7 +696,11 @@ async def edit( (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will - be rejected. + be rejected. Note: The API accepts this field as either "policy" or + "policy_restrictions" in requests. Responses return this field as + "policy_restrictions". + + private_key: The zone's private key. extra_headers: Send extra headers @@ -787,26 +710,6 @@ async def edit( timeout: Override the client-level default timeout for this request, in seconds """ - ... - - @required_args(["zone_id"], ["zone_id", "certificate", "private_key"]) - async def edit( - self, - custom_certificate_id: str, - *, - zone_id: str, - bundle_method: BundleMethod | Omit = omit, - certificate: str | Omit = omit, - private_key: str | Omit = omit, - geo_restrictions: GeoRestrictionsParam | Omit = omit, - policy: str | Omit = omit, - # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. - # The extra values given here take precedence over values defined on the client or passed to this method. - extra_headers: Headers | None = None, - extra_query: Query | None = None, - extra_body: Body | None = None, - timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomCertificate]: if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") if not custom_certificate_id: @@ -819,9 +722,10 @@ async def edit( { "bundle_method": bundle_method, "certificate": certificate, - "private_key": private_key, + "deploy": deploy, "geo_restrictions": geo_restrictions, "policy": policy, + "private_key": private_key, }, custom_certificate_edit_params.CustomCertificateEditParams, ), @@ -848,7 +752,9 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[CustomCertificate]: """ - SSL Configuration Details + Retrieves details for a specific custom SSL certificate, including certificate + metadata, bundle method, geographic restrictions, and associated keyless server + configuration. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/custom_hostnames/custom_hostnames.py b/src/cloudflare/resources/custom_hostnames/custom_hostnames.py index aa342d44e05..2600edcb6dd 100644 --- a/src/cloudflare/resources/custom_hostnames/custom_hostnames.py +++ b/src/cloudflare/resources/custom_hostnames/custom_hostnames.py @@ -232,7 +232,8 @@ def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> CustomHostnameDeleteResponse: """ - Delete Custom Hostname (and any issued SSL certificates) + Permanently deletes a custom hostname and revokes any SSL certificates that were + issued for it. This action cannot be undone. Args: zone_id: Identifier. @@ -350,7 +351,8 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[CustomHostnameGetResponse]: """ - Custom Hostname Details + Retrieves detailed information about a specific custom hostname, including SSL + certificate status, ownership verification, and origin configuration. Args: zone_id: Identifier. @@ -564,7 +566,8 @@ async def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> CustomHostnameDeleteResponse: """ - Delete Custom Hostname (and any issued SSL certificates) + Permanently deletes a custom hostname and revokes any SSL certificates that were + issued for it. This action cannot be undone. Args: zone_id: Identifier. @@ -682,7 +685,8 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[CustomHostnameGetResponse]: """ - Custom Hostname Details + Retrieves detailed information about a specific custom hostname, including SSL + certificate status, ownership verification, and origin configuration. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/custom_hostnames/fallback_origin.py b/src/cloudflare/resources/custom_hostnames/fallback_origin.py index 3fec4f02098..97e7faf3aff 100644 --- a/src/cloudflare/resources/custom_hostnames/fallback_origin.py +++ b/src/cloudflare/resources/custom_hostnames/fallback_origin.py @@ -58,8 +58,10 @@ def update( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[FallbackOriginUpdateResponse]: - """ - Update Fallback Origin for Custom Hostnames + """Updates the fallback origin configuration for custom hostnames on a zone. + + Sets + the default origin server for custom hostname traffic. Args: zone_id: Identifier. @@ -100,8 +102,10 @@ def delete( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[FallbackOriginDeleteResponse]: - """ - Delete Fallback Origin for Custom Hostnames + """Removes the fallback origin configuration for custom hostnames on a zone. + + Custom + hostnames without specific origins will no longer have a fallback. Args: zone_id: Identifier. @@ -140,7 +144,9 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[FallbackOriginGetResponse]: """ - Get Fallback Origin for Custom Hostnames + Retrieves the current fallback origin configuration for custom hostnames on a + zone. The fallback origin handles traffic when specific custom hostname origins + are unavailable. Args: zone_id: Identifier. @@ -200,8 +206,10 @@ async def update( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[FallbackOriginUpdateResponse]: - """ - Update Fallback Origin for Custom Hostnames + """Updates the fallback origin configuration for custom hostnames on a zone. + + Sets + the default origin server for custom hostname traffic. Args: zone_id: Identifier. @@ -244,8 +252,10 @@ async def delete( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[FallbackOriginDeleteResponse]: - """ - Delete Fallback Origin for Custom Hostnames + """Removes the fallback origin configuration for custom hostnames on a zone. + + Custom + hostnames without specific origins will no longer have a fallback. Args: zone_id: Identifier. @@ -284,7 +294,9 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[FallbackOriginGetResponse]: """ - Get Fallback Origin for Custom Hostnames + Retrieves the current fallback origin configuration for custom hostnames on a + zone. The fallback origin handles traffic when specific custom hostname origins + are unavailable. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/email_security/__init__.py b/src/cloudflare/resources/email_security/__init__.py index 092b0ddf17c..a9983bf300c 100644 --- a/src/cloudflare/resources/email_security/__init__.py +++ b/src/cloudflare/resources/email_security/__init__.py @@ -8,6 +8,14 @@ SettingsResourceWithStreamingResponse, AsyncSettingsResourceWithStreamingResponse, ) +from .phishguard import ( + PhishguardResource, + AsyncPhishguardResource, + PhishguardResourceWithRawResponse, + AsyncPhishguardResourceWithRawResponse, + PhishguardResourceWithStreamingResponse, + AsyncPhishguardResourceWithStreamingResponse, +) from .investigate import ( InvestigateResource, AsyncInvestigateResource, @@ -40,6 +48,12 @@ "AsyncInvestigateResourceWithRawResponse", "InvestigateResourceWithStreamingResponse", "AsyncInvestigateResourceWithStreamingResponse", + "PhishguardResource", + "AsyncPhishguardResource", + "PhishguardResourceWithRawResponse", + "AsyncPhishguardResourceWithRawResponse", + "PhishguardResourceWithStreamingResponse", + "AsyncPhishguardResourceWithStreamingResponse", "SettingsResource", "AsyncSettingsResource", "SettingsResourceWithRawResponse", diff --git a/src/cloudflare/resources/email_security/email_security.py b/src/cloudflare/resources/email_security/email_security.py index e66c2ed32c6..82f8770b88f 100644 --- a/src/cloudflare/resources/email_security/email_security.py +++ b/src/cloudflare/resources/email_security/email_security.py @@ -20,6 +20,14 @@ SettingsResourceWithStreamingResponse, AsyncSettingsResourceWithStreamingResponse, ) +from .phishguard.phishguard import ( + PhishguardResource, + AsyncPhishguardResource, + PhishguardResourceWithRawResponse, + AsyncPhishguardResourceWithRawResponse, + PhishguardResourceWithStreamingResponse, + AsyncPhishguardResourceWithStreamingResponse, +) from .investigate.investigate import ( InvestigateResource, AsyncInvestigateResource, @@ -37,6 +45,10 @@ class EmailSecurityResource(SyncAPIResource): def investigate(self) -> InvestigateResource: return InvestigateResource(self._client) + @cached_property + def phishguard(self) -> PhishguardResource: + return PhishguardResource(self._client) + @cached_property def settings(self) -> SettingsResource: return SettingsResource(self._client) @@ -70,6 +82,10 @@ class AsyncEmailSecurityResource(AsyncAPIResource): def investigate(self) -> AsyncInvestigateResource: return AsyncInvestigateResource(self._client) + @cached_property + def phishguard(self) -> AsyncPhishguardResource: + return AsyncPhishguardResource(self._client) + @cached_property def settings(self) -> AsyncSettingsResource: return AsyncSettingsResource(self._client) @@ -106,6 +122,10 @@ def __init__(self, email_security: EmailSecurityResource) -> None: def investigate(self) -> InvestigateResourceWithRawResponse: return InvestigateResourceWithRawResponse(self._email_security.investigate) + @cached_property + def phishguard(self) -> PhishguardResourceWithRawResponse: + return PhishguardResourceWithRawResponse(self._email_security.phishguard) + @cached_property def settings(self) -> SettingsResourceWithRawResponse: return SettingsResourceWithRawResponse(self._email_security.settings) @@ -123,6 +143,10 @@ def __init__(self, email_security: AsyncEmailSecurityResource) -> None: def investigate(self) -> AsyncInvestigateResourceWithRawResponse: return AsyncInvestigateResourceWithRawResponse(self._email_security.investigate) + @cached_property + def phishguard(self) -> AsyncPhishguardResourceWithRawResponse: + return AsyncPhishguardResourceWithRawResponse(self._email_security.phishguard) + @cached_property def settings(self) -> AsyncSettingsResourceWithRawResponse: return AsyncSettingsResourceWithRawResponse(self._email_security.settings) @@ -140,6 +164,10 @@ def __init__(self, email_security: EmailSecurityResource) -> None: def investigate(self) -> InvestigateResourceWithStreamingResponse: return InvestigateResourceWithStreamingResponse(self._email_security.investigate) + @cached_property + def phishguard(self) -> PhishguardResourceWithStreamingResponse: + return PhishguardResourceWithStreamingResponse(self._email_security.phishguard) + @cached_property def settings(self) -> SettingsResourceWithStreamingResponse: return SettingsResourceWithStreamingResponse(self._email_security.settings) @@ -157,6 +185,10 @@ def __init__(self, email_security: AsyncEmailSecurityResource) -> None: def investigate(self) -> AsyncInvestigateResourceWithStreamingResponse: return AsyncInvestigateResourceWithStreamingResponse(self._email_security.investigate) + @cached_property + def phishguard(self) -> AsyncPhishguardResourceWithStreamingResponse: + return AsyncPhishguardResourceWithStreamingResponse(self._email_security.phishguard) + @cached_property def settings(self) -> AsyncSettingsResourceWithStreamingResponse: return AsyncSettingsResourceWithStreamingResponse(self._email_security.settings) diff --git a/src/cloudflare/resources/email_security/investigate/investigate.py b/src/cloudflare/resources/email_security/investigate/investigate.py index 4d937d99aa8..819279a8b67 100644 --- a/src/cloudflare/resources/email_security/investigate/investigate.py +++ b/src/cloudflare/resources/email_security/investigate/investigate.py @@ -175,7 +175,7 @@ def list( domain: The sender domains the search filters by. - end: The end of the search date range. Defaults to `now`. + end: The end of the search date range. Defaults to `now` if not provided. final_disposition: The dispositions the search filters by. @@ -210,7 +210,8 @@ def list( - x_originating_ip - Subject - start: The beginning of the search date range. Defaults to `now - 30 days`. + start: The beginning of the search date range. Defaults to `now - 30 days` if not + provided. extra_headers: Send extra headers @@ -392,7 +393,7 @@ def list( domain: The sender domains the search filters by. - end: The end of the search date range. Defaults to `now`. + end: The end of the search date range. Defaults to `now` if not provided. final_disposition: The dispositions the search filters by. @@ -427,7 +428,8 @@ def list( - x_originating_ip - Subject - start: The beginning of the search date range. Defaults to `now - 30 days`. + start: The beginning of the search date range. Defaults to `now - 30 days` if not + provided. extra_headers: Send extra headers diff --git a/src/cloudflare/resources/email_security/investigate/move.py b/src/cloudflare/resources/email_security/investigate/move.py index 489423e8a70..f4a2267332a 100644 --- a/src/cloudflare/resources/email_security/investigate/move.py +++ b/src/cloudflare/resources/email_security/investigate/move.py @@ -108,7 +108,7 @@ def bulk( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncSinglePage[MoveBulkResponse]: """ - Maximum batch size: 100 messages per request + Maximum batch size: 1000 messages per request Args: account_id: Account Identifier @@ -229,7 +229,7 @@ def bulk( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[MoveBulkResponse, AsyncSinglePage[MoveBulkResponse]]: """ - Maximum batch size: 100 messages per request + Maximum batch size: 1000 messages per request Args: account_id: Account Identifier diff --git a/src/cloudflare/resources/email_security/phishguard/__init__.py b/src/cloudflare/resources/email_security/phishguard/__init__.py new file mode 100644 index 00000000000..ee970b25eb1 --- /dev/null +++ b/src/cloudflare/resources/email_security/phishguard/__init__.py @@ -0,0 +1,33 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from .reports import ( + ReportsResource, + AsyncReportsResource, + ReportsResourceWithRawResponse, + AsyncReportsResourceWithRawResponse, + ReportsResourceWithStreamingResponse, + AsyncReportsResourceWithStreamingResponse, +) +from .phishguard import ( + PhishguardResource, + AsyncPhishguardResource, + PhishguardResourceWithRawResponse, + AsyncPhishguardResourceWithRawResponse, + PhishguardResourceWithStreamingResponse, + AsyncPhishguardResourceWithStreamingResponse, +) + +__all__ = [ + "ReportsResource", + "AsyncReportsResource", + "ReportsResourceWithRawResponse", + "AsyncReportsResourceWithRawResponse", + "ReportsResourceWithStreamingResponse", + "AsyncReportsResourceWithStreamingResponse", + "PhishguardResource", + "AsyncPhishguardResource", + "PhishguardResourceWithRawResponse", + "AsyncPhishguardResourceWithRawResponse", + "PhishguardResourceWithStreamingResponse", + "AsyncPhishguardResourceWithStreamingResponse", +] diff --git a/src/cloudflare/resources/email_security/phishguard/phishguard.py b/src/cloudflare/resources/email_security/phishguard/phishguard.py new file mode 100644 index 00000000000..2b2e99a5db5 --- /dev/null +++ b/src/cloudflare/resources/email_security/phishguard/phishguard.py @@ -0,0 +1,102 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from .reports import ( + ReportsResource, + AsyncReportsResource, + ReportsResourceWithRawResponse, + AsyncReportsResourceWithRawResponse, + ReportsResourceWithStreamingResponse, + AsyncReportsResourceWithStreamingResponse, +) +from ...._compat import cached_property +from ...._resource import SyncAPIResource, AsyncAPIResource + +__all__ = ["PhishguardResource", "AsyncPhishguardResource"] + + +class PhishguardResource(SyncAPIResource): + @cached_property + def reports(self) -> ReportsResource: + return ReportsResource(self._client) + + @cached_property + def with_raw_response(self) -> PhishguardResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return PhishguardResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> PhishguardResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return PhishguardResourceWithStreamingResponse(self) + + +class AsyncPhishguardResource(AsyncAPIResource): + @cached_property + def reports(self) -> AsyncReportsResource: + return AsyncReportsResource(self._client) + + @cached_property + def with_raw_response(self) -> AsyncPhishguardResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncPhishguardResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncPhishguardResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncPhishguardResourceWithStreamingResponse(self) + + +class PhishguardResourceWithRawResponse: + def __init__(self, phishguard: PhishguardResource) -> None: + self._phishguard = phishguard + + @cached_property + def reports(self) -> ReportsResourceWithRawResponse: + return ReportsResourceWithRawResponse(self._phishguard.reports) + + +class AsyncPhishguardResourceWithRawResponse: + def __init__(self, phishguard: AsyncPhishguardResource) -> None: + self._phishguard = phishguard + + @cached_property + def reports(self) -> AsyncReportsResourceWithRawResponse: + return AsyncReportsResourceWithRawResponse(self._phishguard.reports) + + +class PhishguardResourceWithStreamingResponse: + def __init__(self, phishguard: PhishguardResource) -> None: + self._phishguard = phishguard + + @cached_property + def reports(self) -> ReportsResourceWithStreamingResponse: + return ReportsResourceWithStreamingResponse(self._phishguard.reports) + + +class AsyncPhishguardResourceWithStreamingResponse: + def __init__(self, phishguard: AsyncPhishguardResource) -> None: + self._phishguard = phishguard + + @cached_property + def reports(self) -> AsyncReportsResourceWithStreamingResponse: + return AsyncReportsResourceWithStreamingResponse(self._phishguard.reports) diff --git a/src/cloudflare/resources/email_security/phishguard/reports.py b/src/cloudflare/resources/email_security/phishguard/reports.py new file mode 100644 index 00000000000..880fe8397f2 --- /dev/null +++ b/src/cloudflare/resources/email_security/phishguard/reports.py @@ -0,0 +1,215 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Union +from datetime import date, datetime + +import httpx + +from ...._types import Body, Omit, Query, Headers, NotGiven, omit, not_given +from ...._utils import maybe_transform +from ...._compat import cached_property +from ...._resource import SyncAPIResource, AsyncAPIResource +from ...._response import ( + to_raw_response_wrapper, + to_streamed_response_wrapper, + async_to_raw_response_wrapper, + async_to_streamed_response_wrapper, +) +from ....pagination import SyncSinglePage, AsyncSinglePage +from ...._base_client import AsyncPaginator, make_request_options +from ....types.email_security.phishguard import report_list_params +from ....types.email_security.phishguard.report_list_response import ReportListResponse + +__all__ = ["ReportsResource", "AsyncReportsResource"] + + +class ReportsResource(SyncAPIResource): + @cached_property + def with_raw_response(self) -> ReportsResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return ReportsResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> ReportsResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return ReportsResourceWithStreamingResponse(self) + + def list( + self, + *, + account_id: str, + end: Union[str, datetime] | Omit = omit, + from_date: Union[str, date] | Omit = omit, + start: Union[str, datetime] | Omit = omit, + to_date: Union[str, date] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> SyncSinglePage[ReportListResponse]: + """ + Get `PhishGuard` reports + + Args: + account_id: Account Identifier + + end: The end of the search date range (RFC3339 format). + + start: The beginning of the search date range (RFC3339 format). + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._get_api_list( + f"/accounts/{account_id}/email-security/phishguard/reports", + page=SyncSinglePage[ReportListResponse], + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "end": end, + "from_date": from_date, + "start": start, + "to_date": to_date, + }, + report_list_params.ReportListParams, + ), + ), + model=ReportListResponse, + ) + + +class AsyncReportsResource(AsyncAPIResource): + @cached_property + def with_raw_response(self) -> AsyncReportsResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncReportsResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncReportsResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncReportsResourceWithStreamingResponse(self) + + def list( + self, + *, + account_id: str, + end: Union[str, datetime] | Omit = omit, + from_date: Union[str, date] | Omit = omit, + start: Union[str, datetime] | Omit = omit, + to_date: Union[str, date] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> AsyncPaginator[ReportListResponse, AsyncSinglePage[ReportListResponse]]: + """ + Get `PhishGuard` reports + + Args: + account_id: Account Identifier + + end: The end of the search date range (RFC3339 format). + + start: The beginning of the search date range (RFC3339 format). + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._get_api_list( + f"/accounts/{account_id}/email-security/phishguard/reports", + page=AsyncSinglePage[ReportListResponse], + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "end": end, + "from_date": from_date, + "start": start, + "to_date": to_date, + }, + report_list_params.ReportListParams, + ), + ), + model=ReportListResponse, + ) + + +class ReportsResourceWithRawResponse: + def __init__(self, reports: ReportsResource) -> None: + self._reports = reports + + self.list = to_raw_response_wrapper( + reports.list, + ) + + +class AsyncReportsResourceWithRawResponse: + def __init__(self, reports: AsyncReportsResource) -> None: + self._reports = reports + + self.list = async_to_raw_response_wrapper( + reports.list, + ) + + +class ReportsResourceWithStreamingResponse: + def __init__(self, reports: ReportsResource) -> None: + self._reports = reports + + self.list = to_streamed_response_wrapper( + reports.list, + ) + + +class AsyncReportsResourceWithStreamingResponse: + def __init__(self, reports: AsyncReportsResource) -> None: + self._reports = reports + + self.list = async_to_streamed_response_wrapper( + reports.list, + ) diff --git a/src/cloudflare/resources/email_security/submissions.py b/src/cloudflare/resources/email_security/submissions.py index 4e8ff7ee97b..5eff9c1c234 100644 --- a/src/cloudflare/resources/email_security/submissions.py +++ b/src/cloudflare/resources/email_security/submissions.py @@ -74,13 +74,14 @@ def list( Args: account_id: Account Identifier - end: The end of the search date range. Defaults to `now`. + end: The end of the search date range. Defaults to `now` if not provided. page: The page number of paginated results. per_page: The number of results per page. - start: The beginning of the search date range. Defaults to `now - 30 days`. + start: The beginning of the search date range. Defaults to `now - 30 days` if not + provided. extra_headers: Send extra headers @@ -169,13 +170,14 @@ def list( Args: account_id: Account Identifier - end: The end of the search date range. Defaults to `now`. + end: The end of the search date range. Defaults to `now` if not provided. page: The page number of paginated results. per_page: The number of results per page. - start: The beginning of the search date range. Defaults to `now - 30 days`. + start: The beginning of the search date range. Defaults to `now - 30 days` if not + provided. extra_headers: Send extra headers diff --git a/src/cloudflare/resources/hostnames/settings/tls.py b/src/cloudflare/resources/hostnames/settings/tls.py index 1444a94a19a..188f5c24d61 100644 --- a/src/cloudflare/resources/hostnames/settings/tls.py +++ b/src/cloudflare/resources/hostnames/settings/tls.py @@ -69,11 +69,26 @@ def update( Args: zone_id: Identifier. - setting_id: The TLS Setting name. + setting_id: + The TLS Setting name. The value type depends on the setting: + + - `ciphers`: value is an array of cipher suite strings (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: value is a TLS version string (`"1.0"`, `"1.1"`, `"1.2"`, + or `"1.3"`) + - `http2`: value is `"on"` or `"off"` hostname: The hostname for which the tls settings are set. - value: The tls setting value. + value: The TLS setting value. The type depends on the `setting_id` used in the request + path: + + - `ciphers`: an array of allowed cipher suite strings in BoringSSL format (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: a string indicating the minimum TLS version — one of + `"1.0"`, `"1.1"`, `"1.2"`, or `"1.3"` (e.g., `"1.2"`) + - `http2`: a string indicating whether HTTP/2 is enabled — `"on"` or `"off"` + (e.g., `"on"`) extra_headers: Send extra headers @@ -121,7 +136,14 @@ def delete( Args: zone_id: Identifier. - setting_id: The TLS Setting name. + setting_id: + The TLS Setting name. The value type depends on the setting: + + - `ciphers`: value is an array of cipher suite strings (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: value is a TLS version string (`"1.0"`, `"1.1"`, `"1.2"`, + or `"1.3"`) + - `http2`: value is `"on"` or `"off"` hostname: The hostname for which the tls settings are set. @@ -169,7 +191,14 @@ def get( Args: zone_id: Identifier. - setting_id: The TLS Setting name. + setting_id: + The TLS Setting name. The value type depends on the setting: + + - `ciphers`: value is an array of cipher suite strings (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: value is a TLS version string (`"1.0"`, `"1.1"`, `"1.2"`, + or `"1.3"`) + - `http2`: value is `"on"` or `"off"` extra_headers: Send extra headers @@ -233,11 +262,26 @@ async def update( Args: zone_id: Identifier. - setting_id: The TLS Setting name. + setting_id: + The TLS Setting name. The value type depends on the setting: + + - `ciphers`: value is an array of cipher suite strings (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: value is a TLS version string (`"1.0"`, `"1.1"`, `"1.2"`, + or `"1.3"`) + - `http2`: value is `"on"` or `"off"` hostname: The hostname for which the tls settings are set. - value: The tls setting value. + value: The TLS setting value. The type depends on the `setting_id` used in the request + path: + + - `ciphers`: an array of allowed cipher suite strings in BoringSSL format (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: a string indicating the minimum TLS version — one of + `"1.0"`, `"1.1"`, `"1.2"`, or `"1.3"` (e.g., `"1.2"`) + - `http2`: a string indicating whether HTTP/2 is enabled — `"on"` or `"off"` + (e.g., `"on"`) extra_headers: Send extra headers @@ -285,7 +329,14 @@ async def delete( Args: zone_id: Identifier. - setting_id: The TLS Setting name. + setting_id: + The TLS Setting name. The value type depends on the setting: + + - `ciphers`: value is an array of cipher suite strings (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: value is a TLS version string (`"1.0"`, `"1.1"`, `"1.2"`, + or `"1.3"`) + - `http2`: value is `"on"` or `"off"` hostname: The hostname for which the tls settings are set. @@ -333,7 +384,14 @@ def get( Args: zone_id: Identifier. - setting_id: The TLS Setting name. + setting_id: + The TLS Setting name. The value type depends on the setting: + + - `ciphers`: value is an array of cipher suite strings (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: value is a TLS version string (`"1.0"`, `"1.1"`, `"1.2"`, + or `"1.3"`) + - `http2`: value is `"on"` or `"off"` extra_headers: Send extra headers diff --git a/src/cloudflare/resources/intel/indicator_feeds/indicator_feeds.py b/src/cloudflare/resources/intel/indicator_feeds/indicator_feeds.py index 4123cc30790..bf6f0191b47 100644 --- a/src/cloudflare/resources/intel/indicator_feeds/indicator_feeds.py +++ b/src/cloudflare/resources/intel/indicator_feeds/indicator_feeds.py @@ -86,7 +86,7 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[IndicatorFeedCreateResponse]: """ - Create new indicator feed + Creates a new custom threat indicator feed for sharing threat intelligence data. Args: account_id: Identifier @@ -142,7 +142,7 @@ def update( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[IndicatorFeedUpdateResponse]: """ - Update indicator feed metadata + Revises details for a specific custom threat indicator feed. Args: account_id: Identifier @@ -203,7 +203,7 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncSinglePage[IndicatorFeedListResponse]: """ - Get indicator feeds owned by this account + Retrieves details for all accessible custom threat indicator feeds. Args: account_id: Identifier @@ -240,7 +240,7 @@ def data( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> str: """ - Get indicator feed data + Retrieves the raw data entries in a custom threat indicator feed. Args: account_id: Identifier @@ -279,7 +279,7 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[IndicatorFeedGetResponse]: """ - Get indicator feed metadata + Retrieves details for a specific custom threat indicator feed. Args: account_id: Identifier @@ -351,7 +351,7 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[IndicatorFeedCreateResponse]: """ - Create new indicator feed + Creates a new custom threat indicator feed for sharing threat intelligence data. Args: account_id: Identifier @@ -407,7 +407,7 @@ async def update( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[IndicatorFeedUpdateResponse]: """ - Update indicator feed metadata + Revises details for a specific custom threat indicator feed. Args: account_id: Identifier @@ -468,7 +468,7 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[IndicatorFeedListResponse, AsyncSinglePage[IndicatorFeedListResponse]]: """ - Get indicator feeds owned by this account + Retrieves details for all accessible custom threat indicator feeds. Args: account_id: Identifier @@ -505,7 +505,7 @@ async def data( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> str: """ - Get indicator feed data + Retrieves the raw data entries in a custom threat indicator feed. Args: account_id: Identifier @@ -544,7 +544,7 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[IndicatorFeedGetResponse]: """ - Get indicator feed metadata + Retrieves details for a specific custom threat indicator feed. Args: account_id: Identifier diff --git a/src/cloudflare/resources/intel/indicator_feeds/permissions.py b/src/cloudflare/resources/intel/indicator_feeds/permissions.py index fc98e15a3a9..678794ced06 100644 --- a/src/cloudflare/resources/intel/indicator_feeds/permissions.py +++ b/src/cloudflare/resources/intel/indicator_feeds/permissions.py @@ -60,7 +60,7 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[PermissionCreateResponse]: """ - Grant permission to indicator feed + Grants access permissions for a custom threat indicator feed to other accounts. Args: account_id: Identifier @@ -110,7 +110,7 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[PermissionListResponse]: """ - List indicator feed permissions + Lists current access permissions for custom threat indicator feeds. Args: account_id: Identifier @@ -151,7 +151,7 @@ def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[PermissionDeleteResponse]: """ - Revoke permission to indicator feed + Revokes access permissions for a custom threat indicator feed. Args: account_id: Identifier @@ -224,7 +224,7 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[PermissionCreateResponse]: """ - Grant permission to indicator feed + Grants access permissions for a custom threat indicator feed to other accounts. Args: account_id: Identifier @@ -274,7 +274,7 @@ async def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[PermissionListResponse]: """ - List indicator feed permissions + Lists current access permissions for custom threat indicator feeds. Args: account_id: Identifier @@ -315,7 +315,7 @@ async def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[PermissionDeleteResponse]: """ - Revoke permission to indicator feed + Revokes access permissions for a custom threat indicator feed. Args: account_id: Identifier diff --git a/src/cloudflare/resources/intel/indicator_feeds/snapshots.py b/src/cloudflare/resources/intel/indicator_feeds/snapshots.py index 0dc19ac33f9..a92b19cfd1b 100644 --- a/src/cloudflare/resources/intel/indicator_feeds/snapshots.py +++ b/src/cloudflare/resources/intel/indicator_feeds/snapshots.py @@ -58,7 +58,7 @@ def update( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[SnapshotUpdateResponse]: """ - Update indicator feed data + Revises the raw data entries in a custom threat indicator feed. Args: account_id: Identifier @@ -129,7 +129,7 @@ async def update( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[SnapshotUpdateResponse]: """ - Update indicator feed data + Revises the raw data entries in a custom threat indicator feed. Args: account_id: Identifier diff --git a/src/cloudflare/resources/keyless_certificates.py b/src/cloudflare/resources/keyless_certificates.py index e7406b9ad41..8b0180c31d5 100644 --- a/src/cloudflare/resources/keyless_certificates.py +++ b/src/cloudflare/resources/keyless_certificates.py @@ -67,7 +67,8 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[KeylessCertificate]: """ - Create Keyless SSL Configuration + Creates a Keyless SSL configuration that allows SSL/TLS termination without + exposing private keys to Cloudflare. Keys remain on your infrastructure. Args: zone_id: Identifier. @@ -169,8 +170,10 @@ def delete( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[KeylessCertificateDeleteResponse]: - """ - Delete Keyless SSL Configuration + """Removes a Keyless SSL configuration. + + SSL connections will no longer use the + keyless server for cryptographic operations. Args: zone_id: Identifier. @@ -364,7 +367,8 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[KeylessCertificate]: """ - Create Keyless SSL Configuration + Creates a Keyless SSL configuration that allows SSL/TLS termination without + exposing private keys to Cloudflare. Keys remain on your infrastructure. Args: zone_id: Identifier. @@ -466,8 +470,10 @@ async def delete( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[KeylessCertificateDeleteResponse]: - """ - Delete Keyless SSL Configuration + """Removes a Keyless SSL configuration. + + SSL connections will no longer use the + keyless server for cryptographic operations. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/magic_cloud_networking/on_ramps/on_ramps.py b/src/cloudflare/resources/magic_cloud_networking/on_ramps/on_ramps.py index 589e6689a8c..3e602ee1b06 100644 --- a/src/cloudflare/resources/magic_cloud_networking/on_ramps/on_ramps.py +++ b/src/cloudflare/resources/magic_cloud_networking/on_ramps/on_ramps.py @@ -112,11 +112,10 @@ def create( Create a new On-ramp (Closed Beta). Args: - dynamic_routing: if set to true, install_routes_in_cloud and install_routes_in_magic_wan should - be set to false + dynamic_routing: Enables BGP routing. When enabling this feature, set both + install_routes_in_cloud and install_routes_in_magic_wan to false. - cloud_asn: the ASN to use on the cloud side. If unset or zero, the cloud's default will be - used. + cloud_asn: Sets the cloud-side ASN. If unset or zero, the cloud's default ASN takes effect. extra_headers: Send extra headers @@ -608,11 +607,10 @@ async def create( Create a new On-ramp (Closed Beta). Args: - dynamic_routing: if set to true, install_routes_in_cloud and install_routes_in_magic_wan should - be set to false + dynamic_routing: Enables BGP routing. When enabling this feature, set both + install_routes_in_cloud and install_routes_in_magic_wan to false. - cloud_asn: the ASN to use on the cloud side. If unset or zero, the cloud's default will be - used. + cloud_asn: Sets the cloud-side ASN. If unset or zero, the cloud's default ASN takes effect. extra_headers: Send extra headers diff --git a/src/cloudflare/resources/mtls_certificates/mtls_certificates.py b/src/cloudflare/resources/mtls_certificates/mtls_certificates.py index 663dbe56585..dc612d6f41a 100644 --- a/src/cloudflare/resources/mtls_certificates/mtls_certificates.py +++ b/src/cloudflare/resources/mtls_certificates/mtls_certificates.py @@ -74,7 +74,10 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[MTLSCertificateCreateResponse]: """ - Upload a certificate that you want to use with mTLS-enabled Cloudflare services. + Upload a certificate that you want to use with mTLS-enabled Cloudflare services, + such as Bring Your Own CA (BYO-CA) for mTLS. To create certificates issued by + the Cloudflare managed CA, use the + [Create Client Certificate endpoint](/api/resources/client_certificates/methods/create/). Args: account_id: Identifier. @@ -131,7 +134,10 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncSinglePage[MTLSCertificate]: """ - Lists all mTLS certificates. + Lists all mTLS certificates uploaded to your account, such as Bring Your Own CA + (BYO-CA) for mTLS. To list certificates issued by the Cloudflare managed CA, use + the + [List Client Certificates endpoint](/api/resources/client_certificates/methods/list/). Args: account_id: Identifier. @@ -214,8 +220,11 @@ def get( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[MTLSCertificate]: - """ - Fetches a single mTLS certificate. + """Fetches a single mTLS certificate uploaded to your account. + + To get a certificate + issued by the Cloudflare managed CA, use the + [Client Certificate Details endpoint](/api/resources/client_certificates/methods/get/). Args: account_id: Identifier. @@ -289,7 +298,10 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[MTLSCertificateCreateResponse]: """ - Upload a certificate that you want to use with mTLS-enabled Cloudflare services. + Upload a certificate that you want to use with mTLS-enabled Cloudflare services, + such as Bring Your Own CA (BYO-CA) for mTLS. To create certificates issued by + the Cloudflare managed CA, use the + [Create Client Certificate endpoint](/api/resources/client_certificates/methods/create/). Args: account_id: Identifier. @@ -346,7 +358,10 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[MTLSCertificate, AsyncSinglePage[MTLSCertificate]]: """ - Lists all mTLS certificates. + Lists all mTLS certificates uploaded to your account, such as Bring Your Own CA + (BYO-CA) for mTLS. To list certificates issued by the Cloudflare managed CA, use + the + [List Client Certificates endpoint](/api/resources/client_certificates/methods/list/). Args: account_id: Identifier. @@ -429,8 +444,11 @@ async def get( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[MTLSCertificate]: - """ - Fetches a single mTLS certificate. + """Fetches a single mTLS certificate uploaded to your account. + + To get a certificate + issued by the Cloudflare managed CA, use the + [Client Certificate Details endpoint](/api/resources/client_certificates/methods/get/). Args: account_id: Identifier. diff --git a/src/cloudflare/resources/origin_ca_certificates.py b/src/cloudflare/resources/origin_ca_certificates.py index 094ff74f3c7..1943091279a 100644 --- a/src/cloudflare/resources/origin_ca_certificates.py +++ b/src/cloudflare/resources/origin_ca_certificates.py @@ -71,8 +71,14 @@ def create( Args: csr: The Certificate Signing Request (CSR). Must be newline-encoded. - hostnames: Array of hostnames or wildcard names (e.g., \\**.example.com) bound to the - certificate. + hostnames: Array of hostnames or wildcard names bound to the certificate. Hostnames must be + fully qualified domain names (FQDNs) belonging to zones on your account (e.g., + `example.com` or `sub.example.com`). Wildcards are supported only as a `*.` + prefix for a single level (e.g., `*.example.com`). Double wildcards + (`*.*.example.com`) and interior wildcards (`foo.*.example.com`) are not + allowed. The wildcard suffix must be a multi-label domain (`*.example.com` is + valid, but `*.com` is not). Unicode/IDN hostnames are accepted and automatically + converted to punycode. request_type: Signature type desired on certificate ("origin-rsa" (rsa), "origin-ecc" (ecdsa), or "keyless-certificate" (for Keyless SSL servers). @@ -299,8 +305,14 @@ async def create( Args: csr: The Certificate Signing Request (CSR). Must be newline-encoded. - hostnames: Array of hostnames or wildcard names (e.g., \\**.example.com) bound to the - certificate. + hostnames: Array of hostnames or wildcard names bound to the certificate. Hostnames must be + fully qualified domain names (FQDNs) belonging to zones on your account (e.g., + `example.com` or `sub.example.com`). Wildcards are supported only as a `*.` + prefix for a single level (e.g., `*.example.com`). Double wildcards + (`*.*.example.com`) and interior wildcards (`foo.*.example.com`) are not + allowed. The wildcard suffix must be a multi-label domain (`*.example.com` is + valid, but `*.com` is not). Unicode/IDN hostnames are accepted and automatically + converted to punycode. request_type: Signature type desired on certificate ("origin-rsa" (rsa), "origin-ecc" (ecdsa), or "keyless-certificate" (for Keyless SSL servers). diff --git a/src/cloudflare/resources/origin_tls_client_auth/hostname_certificates.py b/src/cloudflare/resources/origin_tls_client_auth/hostname_certificates.py index f95b8739151..34a887f7db5 100644 --- a/src/cloudflare/resources/origin_tls_client_auth/hostname_certificates.py +++ b/src/cloudflare/resources/origin_tls_client_auth/hostname_certificates.py @@ -116,7 +116,8 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncSinglePage[HostnameCertificateListResponse]: """ - List Certificates + Lists all client certificates configured for per-hostname authenticated origin + pulls on the zone. Args: zone_id: Identifier. @@ -153,7 +154,11 @@ def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[HostnameCertificateDeleteResponse]: """ - Delete Hostname Client Certificate + Removes a client certificate used for authenticated origin pulls on a specific + hostname. Note: Before deleting the certificate, you must first invalidate the + hostname for client authentication by sending a PUT request with `enabled` set + to null. After invalidating the association, the certificate can be safely + deleted. Args: zone_id: Identifier. @@ -319,7 +324,8 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[HostnameCertificateListResponse, AsyncSinglePage[HostnameCertificateListResponse]]: """ - List Certificates + Lists all client certificates configured for per-hostname authenticated origin + pulls on the zone. Args: zone_id: Identifier. @@ -356,7 +362,11 @@ async def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[HostnameCertificateDeleteResponse]: """ - Delete Hostname Client Certificate + Removes a client certificate used for authenticated origin pulls on a specific + hostname. Note: Before deleting the certificate, you must first invalidate the + hostname for client authentication by sending a PUT request with `enabled` set + to null. After invalidating the association, the certificate can be safely + deleted. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/origin_tls_client_auth/hostnames.py b/src/cloudflare/resources/origin_tls_client_auth/hostnames.py index a4f59591ae7..7ea1313f8e5 100644 --- a/src/cloudflare/resources/origin_tls_client_auth/hostnames.py +++ b/src/cloudflare/resources/origin_tls_client_auth/hostnames.py @@ -102,7 +102,8 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[AuthenticatedOriginPull]: """ - Get the Hostname Status for Client Authentication + Retrieves the client certificate authentication status for a specific hostname, + showing whether authenticated origin pulls are enabled. Args: zone_id: Identifier. @@ -211,7 +212,8 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[AuthenticatedOriginPull]: """ - Get the Hostname Status for Client Authentication + Retrieves the client certificate authentication status for a specific hostname, + showing whether authenticated origin pulls are enabled. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/origin_tls_client_auth/origin_tls_client_auth.py b/src/cloudflare/resources/origin_tls_client_auth/origin_tls_client_auth.py index 1f418d7b2c4..7db340c4549 100644 --- a/src/cloudflare/resources/origin_tls_client_auth/origin_tls_client_auth.py +++ b/src/cloudflare/resources/origin_tls_client_auth/origin_tls_client_auth.py @@ -173,7 +173,8 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncSinglePage[OriginTLSClientAuthListResponse]: """ - List Certificates + Lists all client certificates configured for zone-level authenticated origin + pulls. Args: zone_id: Identifier. @@ -213,7 +214,7 @@ def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[OriginTLSClientAuthDeleteResponse]: """ - Delete Certificate + Removes a client certificate used for zone-level authenticated origin pulls. Args: zone_id: Identifier. @@ -262,7 +263,8 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[OriginTLSClientAuthGetResponse]: """ - Get Certificate Details + Retrieves details for a specific client certificate used in zone-level + authenticated origin pulls. Args: zone_id: Identifier. @@ -406,7 +408,8 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[OriginTLSClientAuthListResponse, AsyncSinglePage[OriginTLSClientAuthListResponse]]: """ - List Certificates + Lists all client certificates configured for zone-level authenticated origin + pulls. Args: zone_id: Identifier. @@ -446,7 +449,7 @@ async def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[OriginTLSClientAuthDeleteResponse]: """ - Delete Certificate + Removes a client certificate used for zone-level authenticated origin pulls. Args: zone_id: Identifier. @@ -495,7 +498,8 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[OriginTLSClientAuthGetResponse]: """ - Get Certificate Details + Retrieves details for a specific client certificate used in zone-level + authenticated origin pulls. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/origin_tls_client_auth/zone_certificates.py b/src/cloudflare/resources/origin_tls_client_auth/zone_certificates.py index 8056208ce43..b424f4e36f0 100644 --- a/src/cloudflare/resources/origin_tls_client_auth/zone_certificates.py +++ b/src/cloudflare/resources/origin_tls_client_auth/zone_certificates.py @@ -116,7 +116,8 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncSinglePage[ZoneCertificateListResponse]: """ - List Certificates + Lists all client certificates configured for zone-level authenticated origin + pulls. Args: zone_id: Identifier. @@ -153,7 +154,7 @@ def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ZoneCertificateDeleteResponse]: """ - Delete Certificate + Removes a client certificate used for zone-level authenticated origin pulls. Args: zone_id: Identifier. @@ -197,7 +198,8 @@ def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ZoneCertificateGetResponse]: """ - Get Certificate Details + Retrieves details for a specific client certificate used in zone-level + authenticated origin pulls. Args: zone_id: Identifier. @@ -317,7 +319,8 @@ def list( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[ZoneCertificateListResponse, AsyncSinglePage[ZoneCertificateListResponse]]: """ - List Certificates + Lists all client certificates configured for zone-level authenticated origin + pulls. Args: zone_id: Identifier. @@ -354,7 +357,7 @@ async def delete( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ZoneCertificateDeleteResponse]: """ - Delete Certificate + Removes a client certificate used for zone-level authenticated origin pulls. Args: zone_id: Identifier. @@ -398,7 +401,8 @@ async def get( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ZoneCertificateGetResponse]: """ - Get Certificate Details + Retrieves details for a specific client certificate used in zone-level + authenticated origin pulls. Args: zone_id: Identifier. diff --git a/src/cloudflare/resources/page_shield/policies.py b/src/cloudflare/resources/page_shield/policies.py index debfeeb0a6b..c14c60eaae1 100644 --- a/src/cloudflare/resources/page_shield/policies.py +++ b/src/cloudflare/resources/page_shield/policies.py @@ -53,7 +53,7 @@ def create( self, *, zone_id: str, - action: Literal["allow", "log"], + action: Literal["allow", "log", "add_reporting_directives"], description: str, enabled: bool, expression: str, @@ -119,7 +119,7 @@ def update( policy_id: str, *, zone_id: str, - action: Literal["allow", "log"] | Omit = omit, + action: Literal["allow", "log", "add_reporting_directives"] | Omit = omit, description: str | Omit = omit, enabled: bool | Omit = omit, expression: str | Omit = omit, @@ -330,7 +330,7 @@ async def create( self, *, zone_id: str, - action: Literal["allow", "log"], + action: Literal["allow", "log", "add_reporting_directives"], description: str, enabled: bool, expression: str, @@ -396,7 +396,7 @@ async def update( policy_id: str, *, zone_id: str, - action: Literal["allow", "log"] | Omit = omit, + action: Literal["allow", "log", "add_reporting_directives"] | Omit = omit, description: str | Omit = omit, enabled: bool | Omit = omit, expression: str | Omit = omit, diff --git a/src/cloudflare/resources/queues/consumers.py b/src/cloudflare/resources/queues/consumers.py index 3d1a696af75..109a2646d75 100644 --- a/src/cloudflare/resources/queues/consumers.py +++ b/src/cloudflare/resources/queues/consumers.py @@ -53,10 +53,10 @@ def create( queue_id: str, *, account_id: str, + script_name: str, + type: Literal["worker"], dead_letter_queue: str | Omit = omit, - script_name: str | Omit = omit, - settings: consumer_create_params.MqWorkerConsumerSettings | Omit = omit, - type: Literal["worker"] | Omit = omit, + settings: consumer_create_params.MqWorkerConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -90,9 +90,9 @@ def create( queue_id: str, *, account_id: str, + type: Literal["http_pull"], dead_letter_queue: str | Omit = omit, - settings: consumer_create_params.MqHTTPConsumerSettings | Omit = omit, - type: Literal["http_pull"] | Omit = omit, + settings: consumer_create_params.MqHTTPConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -118,18 +118,18 @@ def create( """ ... - @required_args(["account_id"]) + @required_args(["account_id", "script_name", "type"], ["account_id", "type"]) def create( self, queue_id: str, *, account_id: str, - dead_letter_queue: str | Omit = omit, script_name: str | Omit = omit, - settings: consumer_create_params.MqWorkerConsumerSettings - | consumer_create_params.MqHTTPConsumerSettings + type: Literal["worker"] | Literal["http_pull"], + dead_letter_queue: str | Omit = omit, + settings: consumer_create_params.MqWorkerConsumerRequestSettings + | consumer_create_params.MqHTTPConsumerRequestSettings | Omit = omit, - type: Literal["worker"] | Literal["http_pull"] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -147,10 +147,10 @@ def create( f"/accounts/{account_id}/queues/{queue_id}/consumers", body=maybe_transform( { - "dead_letter_queue": dead_letter_queue, "script_name": script_name, - "settings": settings, "type": type, + "dead_letter_queue": dead_letter_queue, + "settings": settings, }, consumer_create_params.ConsumerCreateParams, ), @@ -174,10 +174,10 @@ def update( *, account_id: str, queue_id: str, + script_name: str, + type: Literal["worker"], dead_letter_queue: str | Omit = omit, - script_name: str | Omit = omit, - settings: consumer_update_params.MqWorkerConsumerSettings | Omit = omit, - type: Literal["worker"] | Omit = omit, + settings: consumer_update_params.MqWorkerConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -214,9 +214,9 @@ def update( *, account_id: str, queue_id: str, + type: Literal["http_pull"], dead_letter_queue: str | Omit = omit, - settings: consumer_update_params.MqHTTPConsumerSettings | Omit = omit, - type: Literal["http_pull"] | Omit = omit, + settings: consumer_update_params.MqHTTPConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -244,19 +244,19 @@ def update( """ ... - @required_args(["account_id", "queue_id"]) + @required_args(["account_id", "queue_id", "script_name", "type"], ["account_id", "queue_id", "type"]) def update( self, consumer_id: str, *, account_id: str, queue_id: str, - dead_letter_queue: str | Omit = omit, script_name: str | Omit = omit, - settings: consumer_update_params.MqWorkerConsumerSettings - | consumer_update_params.MqHTTPConsumerSettings + type: Literal["worker"] | Literal["http_pull"], + dead_letter_queue: str | Omit = omit, + settings: consumer_update_params.MqWorkerConsumerRequestSettings + | consumer_update_params.MqHTTPConsumerRequestSettings | Omit = omit, - type: Literal["worker"] | Literal["http_pull"] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -276,10 +276,10 @@ def update( f"/accounts/{account_id}/queues/{queue_id}/consumers/{consumer_id}", body=maybe_transform( { - "dead_letter_queue": dead_letter_queue, "script_name": script_name, - "settings": settings, "type": type, + "dead_letter_queue": dead_letter_queue, + "settings": settings, }, consumer_update_params.ConsumerUpdateParams, ), @@ -463,10 +463,10 @@ async def create( queue_id: str, *, account_id: str, + script_name: str, + type: Literal["worker"], dead_letter_queue: str | Omit = omit, - script_name: str | Omit = omit, - settings: consumer_create_params.MqWorkerConsumerSettings | Omit = omit, - type: Literal["worker"] | Omit = omit, + settings: consumer_create_params.MqWorkerConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -500,9 +500,9 @@ async def create( queue_id: str, *, account_id: str, + type: Literal["http_pull"], dead_letter_queue: str | Omit = omit, - settings: consumer_create_params.MqHTTPConsumerSettings | Omit = omit, - type: Literal["http_pull"] | Omit = omit, + settings: consumer_create_params.MqHTTPConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -528,18 +528,18 @@ async def create( """ ... - @required_args(["account_id"]) + @required_args(["account_id", "script_name", "type"], ["account_id", "type"]) async def create( self, queue_id: str, *, account_id: str, - dead_letter_queue: str | Omit = omit, script_name: str | Omit = omit, - settings: consumer_create_params.MqWorkerConsumerSettings - | consumer_create_params.MqHTTPConsumerSettings + type: Literal["worker"] | Literal["http_pull"], + dead_letter_queue: str | Omit = omit, + settings: consumer_create_params.MqWorkerConsumerRequestSettings + | consumer_create_params.MqHTTPConsumerRequestSettings | Omit = omit, - type: Literal["worker"] | Literal["http_pull"] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -557,10 +557,10 @@ async def create( f"/accounts/{account_id}/queues/{queue_id}/consumers", body=await async_maybe_transform( { - "dead_letter_queue": dead_letter_queue, "script_name": script_name, - "settings": settings, "type": type, + "dead_letter_queue": dead_letter_queue, + "settings": settings, }, consumer_create_params.ConsumerCreateParams, ), @@ -584,10 +584,10 @@ async def update( *, account_id: str, queue_id: str, + script_name: str, + type: Literal["worker"], dead_letter_queue: str | Omit = omit, - script_name: str | Omit = omit, - settings: consumer_update_params.MqWorkerConsumerSettings | Omit = omit, - type: Literal["worker"] | Omit = omit, + settings: consumer_update_params.MqWorkerConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -624,9 +624,9 @@ async def update( *, account_id: str, queue_id: str, + type: Literal["http_pull"], dead_letter_queue: str | Omit = omit, - settings: consumer_update_params.MqHTTPConsumerSettings | Omit = omit, - type: Literal["http_pull"] | Omit = omit, + settings: consumer_update_params.MqHTTPConsumerRequestSettings | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -654,19 +654,19 @@ async def update( """ ... - @required_args(["account_id", "queue_id"]) + @required_args(["account_id", "queue_id", "script_name", "type"], ["account_id", "queue_id", "type"]) async def update( self, consumer_id: str, *, account_id: str, queue_id: str, - dead_letter_queue: str | Omit = omit, script_name: str | Omit = omit, - settings: consumer_update_params.MqWorkerConsumerSettings - | consumer_update_params.MqHTTPConsumerSettings + type: Literal["worker"] | Literal["http_pull"], + dead_letter_queue: str | Omit = omit, + settings: consumer_update_params.MqWorkerConsumerRequestSettings + | consumer_update_params.MqHTTPConsumerRequestSettings | Omit = omit, - type: Literal["worker"] | Literal["http_pull"] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -686,10 +686,10 @@ async def update( f"/accounts/{account_id}/queues/{queue_id}/consumers/{consumer_id}", body=await async_maybe_transform( { - "dead_letter_queue": dead_letter_queue, "script_name": script_name, - "settings": settings, "type": type, + "dead_letter_queue": dead_letter_queue, + "settings": settings, }, consumer_update_params.ConsumerUpdateParams, ), diff --git a/src/cloudflare/resources/r2/super_slurper/connectivity_precheck.py b/src/cloudflare/resources/r2/super_slurper/connectivity_precheck.py index 2ea1083ea6f..9c06a8df785 100644 --- a/src/cloudflare/resources/r2/super_slurper/connectivity_precheck.py +++ b/src/cloudflare/resources/r2/super_slurper/connectivity_precheck.py @@ -7,7 +7,7 @@ import httpx -from ...._types import Body, Omit, Query, Headers, NotGiven, omit, not_given +from ...._types import Body, Omit, Query, Headers, NotGiven, SequenceNotStr, omit, not_given from ...._utils import required_args, maybe_transform, async_maybe_transform from ...._compat import cached_property from ...._resource import SyncAPIResource, AsyncAPIResource @@ -57,6 +57,7 @@ def source( secret: connectivity_precheck_source_params.R2SlurperS3SourceSchemaSecret, vendor: Literal["s3"], endpoint: Optional[str] | Omit = omit, + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, region: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. @@ -88,6 +89,7 @@ def source( bucket: str, secret: connectivity_precheck_source_params.R2SlurperGcsSourceSchemaSecret, vendor: Literal["gcs"], + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -119,6 +121,7 @@ def source( secret: connectivity_precheck_source_params.R2SlurperR2SourceSchemaSecret, vendor: Provider, jurisdiction: Literal["default", "eu", "fedramp"] | Omit = omit, + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -152,6 +155,7 @@ def source( | connectivity_precheck_source_params.R2SlurperR2SourceSchemaSecret, vendor: Literal["s3"] | Literal["gcs"] | Provider, endpoint: Optional[str] | Omit = omit, + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, region: Optional[str] | Omit = omit, jurisdiction: Literal["default", "eu", "fedramp"] | Omit = omit, @@ -172,6 +176,7 @@ def source( "secret": secret, "vendor": vendor, "endpoint": endpoint, + "keys": keys, "path_prefix": path_prefix, "region": region, "jurisdiction": jurisdiction, @@ -272,6 +277,7 @@ async def source( secret: connectivity_precheck_source_params.R2SlurperS3SourceSchemaSecret, vendor: Literal["s3"], endpoint: Optional[str] | Omit = omit, + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, region: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. @@ -303,6 +309,7 @@ async def source( bucket: str, secret: connectivity_precheck_source_params.R2SlurperGcsSourceSchemaSecret, vendor: Literal["gcs"], + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -334,6 +341,7 @@ async def source( secret: connectivity_precheck_source_params.R2SlurperR2SourceSchemaSecret, vendor: Provider, jurisdiction: Literal["default", "eu", "fedramp"] | Omit = omit, + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -367,6 +375,7 @@ async def source( | connectivity_precheck_source_params.R2SlurperR2SourceSchemaSecret, vendor: Literal["s3"] | Literal["gcs"] | Provider, endpoint: Optional[str] | Omit = omit, + keys: Optional[SequenceNotStr[str]] | Omit = omit, path_prefix: Optional[str] | Omit = omit, region: Optional[str] | Omit = omit, jurisdiction: Literal["default", "eu", "fedramp"] | Omit = omit, @@ -387,6 +396,7 @@ async def source( "secret": secret, "vendor": vendor, "endpoint": endpoint, + "keys": keys, "path_prefix": path_prefix, "region": region, "jurisdiction": jurisdiction, diff --git a/src/cloudflare/resources/radar/__init__.py b/src/cloudflare/resources/radar/__init__.py index b4245d8dc48..2c3d00a3fd1 100644 --- a/src/cloudflare/resources/radar/__init__.py +++ b/src/cloudflare/resources/radar/__init__.py @@ -152,6 +152,14 @@ GeolocationsResourceWithStreamingResponse, AsyncGeolocationsResourceWithStreamingResponse, ) +from .post_quantum import ( + PostQuantumResource, + AsyncPostQuantumResource, + PostQuantumResourceWithRawResponse, + AsyncPostQuantumResourceWithRawResponse, + PostQuantumResourceWithStreamingResponse, + AsyncPostQuantumResourceWithStreamingResponse, +) from .verified_bots import ( VerifiedBotsResource, AsyncVerifiedBotsResource, @@ -234,6 +242,12 @@ "AsyncNetFlowsResourceWithRawResponse", "NetFlowsResourceWithStreamingResponse", "AsyncNetFlowsResourceWithStreamingResponse", + "PostQuantumResource", + "AsyncPostQuantumResource", + "PostQuantumResourceWithRawResponse", + "AsyncPostQuantumResourceWithRawResponse", + "PostQuantumResourceWithStreamingResponse", + "AsyncPostQuantumResourceWithStreamingResponse", "SearchResource", "AsyncSearchResource", "SearchResourceWithRawResponse", diff --git a/src/cloudflare/resources/radar/ai/bots/bots.py b/src/cloudflare/resources/radar/ai/bots/bots.py index 71be23206f2..b6568fdd877 100644 --- a/src/cloudflare/resources/radar/ai/bots/bots.py +++ b/src/cloudflare/resources/radar/ai/bots/bots.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Type, Union, cast +from typing import List, Type, Union, cast from datetime import datetime from typing_extensions import Literal @@ -62,9 +62,30 @@ def with_streaming_response(self) -> BotsResourceWithStreamingResponse: def summary_v2( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -75,6 +96,7 @@ def summary_v2( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -95,6 +117,8 @@ def summary_v2( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -123,6 +147,8 @@ def summary_v2( name: Array of names used to label the series in the response. + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -145,6 +171,7 @@ def summary_v2( query=maybe_transform( { "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -155,6 +182,7 @@ def summary_v2( "limit_per_group": limit_per_group, "location": location, "name": name, + "user_agent": user_agent, "vertical": vertical, }, bot_summary_v2_params.BotSummaryV2Params, @@ -169,6 +197,27 @@ def timeseries( *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -201,6 +250,8 @@ def timeseries( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -252,6 +303,7 @@ def timeseries( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -274,10 +326,31 @@ def timeseries( def timeseries_groups( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -288,7 +361,8 @@ def timeseries_groups( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, - normalization: Literal["PERCENTAGE_CHANGE", "MIN0_MAX"] | Omit = omit, + normalization: Literal["PERCENTAGE", "MIN0_MAX"] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -298,7 +372,7 @@ def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> BotTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from AI bots, grouped by chosen the + Retrieves the distribution of HTTP requests from AI bots, grouped by the specified dimension over time. Args: @@ -313,6 +387,8 @@ def timeseries_groups( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -344,6 +420,8 @@ def timeseries_groups( normalization: Normalization method applied to the results. Refer to [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -367,6 +445,7 @@ def timeseries_groups( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -378,6 +457,7 @@ def timeseries_groups( "location": location, "name": name, "normalization": normalization, + "user_agent": user_agent, "vertical": vertical, }, bot_timeseries_groups_params.BotTimeseriesGroupsParams, @@ -414,9 +494,30 @@ def with_streaming_response(self) -> AsyncBotsResourceWithStreamingResponse: async def summary_v2( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -427,6 +528,7 @@ async def summary_v2( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -447,6 +549,8 @@ async def summary_v2( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -475,6 +579,8 @@ async def summary_v2( name: Array of names used to label the series in the response. + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -497,6 +603,7 @@ async def summary_v2( query=await async_maybe_transform( { "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -507,6 +614,7 @@ async def summary_v2( "limit_per_group": limit_per_group, "location": location, "name": name, + "user_agent": user_agent, "vertical": vertical, }, bot_summary_v2_params.BotSummaryV2Params, @@ -521,6 +629,27 @@ async def timeseries( *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -553,6 +682,8 @@ async def timeseries( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -604,6 +735,7 @@ async def timeseries( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -626,10 +758,31 @@ async def timeseries( async def timeseries_groups( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -640,7 +793,8 @@ async def timeseries_groups( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, - normalization: Literal["PERCENTAGE_CHANGE", "MIN0_MAX"] | Omit = omit, + normalization: Literal["PERCENTAGE", "MIN0_MAX"] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -650,7 +804,7 @@ async def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> BotTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from AI bots, grouped by chosen the + Retrieves the distribution of HTTP requests from AI bots, grouped by the specified dimension over time. Args: @@ -665,6 +819,8 @@ async def timeseries_groups( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -696,6 +852,8 @@ async def timeseries_groups( normalization: Normalization method applied to the results. Refer to [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -719,6 +877,7 @@ async def timeseries_groups( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -730,6 +889,7 @@ async def timeseries_groups( "location": location, "name": name, "normalization": normalization, + "user_agent": user_agent, "vertical": vertical, }, bot_timeseries_groups_params.BotTimeseriesGroupsParams, diff --git a/src/cloudflare/resources/radar/ai/timeseries_groups.py b/src/cloudflare/resources/radar/ai/timeseries_groups.py index b956cf33749..b7165e971cb 100644 --- a/src/cloudflare/resources/radar/ai/timeseries_groups.py +++ b/src/cloudflare/resources/radar/ai/timeseries_groups.py @@ -3,7 +3,7 @@ from __future__ import annotations import typing_extensions -from typing import Type, Union, cast +from typing import List, Type, Union, cast from datetime import datetime from typing_extensions import Literal @@ -60,9 +60,30 @@ def with_streaming_response(self) -> TimeseriesGroupsResourceWithStreamingRespon ) def summary( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -73,6 +94,7 @@ def summary( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -93,6 +115,8 @@ def summary( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -121,6 +145,8 @@ def summary( name: Array of names used to label the series in the response. + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -143,6 +169,7 @@ def summary( query=maybe_transform( { "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -153,6 +180,7 @@ def summary( "limit_per_group": limit_per_group, "location": location, "name": name, + "user_agent": user_agent, "vertical": vertical, }, timeseries_group_summary_params.TimeseriesGroupSummaryParams, @@ -170,6 +198,27 @@ def timeseries( *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -202,6 +251,8 @@ def timeseries( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -253,6 +304,7 @@ def timeseries( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -278,10 +330,31 @@ def timeseries( ) def timeseries_groups( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -292,7 +365,8 @@ def timeseries_groups( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, - normalization: Literal["PERCENTAGE_CHANGE", "MIN0_MAX"] | Omit = omit, + normalization: Literal["PERCENTAGE", "MIN0_MAX"] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -302,7 +376,7 @@ def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> TimeseriesGroupTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from AI bots, grouped by chosen the + Retrieves the distribution of HTTP requests from AI bots, grouped by the specified dimension over time. Args: @@ -317,6 +391,8 @@ def timeseries_groups( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -348,6 +424,8 @@ def timeseries_groups( normalization: Normalization method applied to the results. Refer to [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -371,6 +449,7 @@ def timeseries_groups( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -382,6 +461,7 @@ def timeseries_groups( "location": location, "name": name, "normalization": normalization, + "user_agent": user_agent, "vertical": vertical, }, timeseries_group_timeseries_groups_params.TimeseriesGroupTimeseriesGroupsParams, @@ -514,9 +594,30 @@ def with_streaming_response(self) -> AsyncTimeseriesGroupsResourceWithStreamingR ) async def summary( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -527,6 +628,7 @@ async def summary( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -547,6 +649,8 @@ async def summary( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -575,6 +679,8 @@ async def summary( name: Array of names used to label the series in the response. + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -597,6 +703,7 @@ async def summary( query=await async_maybe_transform( { "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -607,6 +714,7 @@ async def summary( "limit_per_group": limit_per_group, "location": location, "name": name, + "user_agent": user_agent, "vertical": vertical, }, timeseries_group_summary_params.TimeseriesGroupSummaryParams, @@ -624,6 +732,27 @@ async def timeseries( *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -656,6 +785,8 @@ async def timeseries( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -707,6 +838,7 @@ async def timeseries( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -732,10 +864,31 @@ async def timeseries( ) async def timeseries_groups( self, - dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL"], + dimension: Literal["USER_AGENT", "CRAWL_PURPOSE", "INDUSTRY", "VERTICAL", "CONTENT_TYPE"], *, agg_interval: Literal["15m", "1h", "1d", "1w"] | Omit = omit, asn: SequenceNotStr[str] | Omit = omit, + content_type: List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ] + | Omit = omit, continent: SequenceNotStr[str] | Omit = omit, crawl_purpose: SequenceNotStr[str] | Omit = omit, date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, @@ -746,7 +899,8 @@ async def timeseries_groups( limit_per_group: int | Omit = omit, location: SequenceNotStr[str] | Omit = omit, name: SequenceNotStr[str] | Omit = omit, - normalization: Literal["PERCENTAGE_CHANGE", "MIN0_MAX"] | Omit = omit, + normalization: Literal["PERCENTAGE", "MIN0_MAX"] | Omit = omit, + user_agent: SequenceNotStr[str] | Omit = omit, vertical: SequenceNotStr[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -756,7 +910,7 @@ async def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> TimeseriesGroupTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from AI bots, grouped by chosen the + Retrieves the distribution of HTTP requests from AI bots, grouped by the specified dimension over time. Args: @@ -771,6 +925,8 @@ async def timeseries_groups( results. For example, `-174, 3356` excludes results from AS174, but includes results from AS3356. + content_type: Filters results by content type category. + continent: Filters results by continent. Specify a comma-separated list of alpha-2 codes. Prefix with `-` to exclude continents from results. For example, `-EU,NA` excludes results from EU, but includes results from NA. @@ -802,6 +958,8 @@ async def timeseries_groups( normalization: Normalization method applied to the results. Refer to [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). + user_agent: Filters results by user agent. + vertical: Filters results by vertical. extra_headers: Send extra headers @@ -825,6 +983,7 @@ async def timeseries_groups( { "agg_interval": agg_interval, "asn": asn, + "content_type": content_type, "continent": continent, "crawl_purpose": crawl_purpose, "date_end": date_end, @@ -836,6 +995,7 @@ async def timeseries_groups( "location": location, "name": name, "normalization": normalization, + "user_agent": user_agent, "vertical": vertical, }, timeseries_group_timeseries_groups_params.TimeseriesGroupTimeseriesGroupsParams, diff --git a/src/cloudflare/resources/radar/bots/bots.py b/src/cloudflare/resources/radar/bots/bots.py index 3b891df90bc..e3ef5e4287e 100644 --- a/src/cloudflare/resources/radar/bots/bots.py +++ b/src/cloudflare/resources/radar/bots/bots.py @@ -501,8 +501,8 @@ def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> BotTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from bots, grouped by chosen the - specified dimension over time. + Retrieves the distribution of HTTP requests from bots, grouped by the specified + dimension over time. Args: dimension: Specifies the attribute by which to group the results. @@ -1050,8 +1050,8 @@ async def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> BotTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from bots, grouped by chosen the - specified dimension over time. + Retrieves the distribution of HTTP requests from bots, grouped by the specified + dimension over time. Args: dimension: Specifies the attribute by which to group the results. diff --git a/src/cloudflare/resources/radar/bots/web_crawlers.py b/src/cloudflare/resources/radar/bots/web_crawlers.py index b5c0c6f0bc9..106f7759e88 100644 --- a/src/cloudflare/resources/radar/bots/web_crawlers.py +++ b/src/cloudflare/resources/radar/bots/web_crawlers.py @@ -159,7 +159,7 @@ def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> WebCrawlerTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from crawlers, grouped by chosen the + Retrieves the distribution of HTTP requests from crawlers, grouped by the specified dimension over time. Args: @@ -364,7 +364,7 @@ async def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> WebCrawlerTimeseriesGroupsResponse: """ - Retrieves the distribution of HTTP requests from crawlers, grouped by chosen the + Retrieves the distribution of HTTP requests from crawlers, grouped by the specified dimension over time. Args: diff --git a/src/cloudflare/resources/radar/ct/ct.py b/src/cloudflare/resources/radar/ct/ct.py index 2c803e15a5a..2102278a793 100644 --- a/src/cloudflare/resources/radar/ct/ct.py +++ b/src/cloudflare/resources/radar/ct/ct.py @@ -496,8 +496,8 @@ def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> CTTimeseriesGroupsResponse: """ - Retrieves the distribution of certificates grouped by chosen the specified - dimension over time. + Retrieves the distribution of certificates grouped by the specified dimension + over time. Args: dimension: Specifies the certificate attribute by which to group the results. @@ -1060,8 +1060,8 @@ async def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> CTTimeseriesGroupsResponse: """ - Retrieves the distribution of certificates grouped by chosen the specified - dimension over time. + Retrieves the distribution of certificates grouped by the specified dimension + over time. Args: dimension: Specifies the certificate attribute by which to group the results. diff --git a/src/cloudflare/resources/radar/entities/asns.py b/src/cloudflare/resources/radar/entities/asns.py index 3e20efe46e0..8654bd4fadc 100644 --- a/src/cloudflare/resources/radar/entities/asns.py +++ b/src/cloudflare/resources/radar/entities/asns.py @@ -2,12 +2,13 @@ from __future__ import annotations -from typing import Type, cast +from typing import Type, Union, cast +from datetime import date from typing_extensions import Literal import httpx -from ...._types import Body, Omit, Query, Headers, NotGiven, omit, not_given +from ...._types import Body, Omit, Query, Headers, NotGiven, SequenceNotStr, omit, not_given from ...._utils import maybe_transform, async_maybe_transform from ...._compat import cached_property from ...._resource import SyncAPIResource, AsyncAPIResource @@ -19,12 +20,20 @@ ) from ...._wrappers import ResultWrapper from ...._base_client import make_request_options -from ....types.radar.entities import asn_ip_params, asn_get_params, asn_rel_params, asn_list_params, asn_as_set_params +from ....types.radar.entities import ( + asn_ip_params, + asn_get_params, + asn_rel_params, + asn_list_params, + asn_as_set_params, + asn_botnet_threat_feed_params, +) from ....types.radar.entities.asn_ip_response import ASNIPResponse from ....types.radar.entities.asn_get_response import ASNGetResponse from ....types.radar.entities.asn_rel_response import ASNRelResponse from ....types.radar.entities.asn_list_response import ASNListResponse from ....types.radar.entities.asn_as_set_response import ASNAsSetResponse +from ....types.radar.entities.asn_botnet_threat_feed_response import ASNBotnetThreatFeedResponse __all__ = ["ASNsResource", "AsyncASNsResource"] @@ -154,6 +163,89 @@ def as_set( cast_to=cast(Type[ASNAsSetResponse], ResultWrapper[ASNAsSetResponse]), ) + def botnet_threat_feed( + self, + *, + asn: SequenceNotStr[str] | Omit = omit, + compare_date_range: str | Omit = omit, + date: Union[str, date] | Omit = omit, + format: Literal["JSON", "CSV"] | Omit = omit, + limit: int | Omit = omit, + location: str | Omit = omit, + metric: Literal["OFFENSE_COUNT", "NUMBER_OF_OFFENDING_IPS"] | Omit = omit, + offset: int | Omit = omit, + sort_order: Literal["ASC", "DESC"] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> ASNBotnetThreatFeedResponse: + """ + Retrieves a ranked list of Autonomous Systems based on their presence in the + Cloudflare Botnet Threat Feed. Rankings can be sorted by offense count or number + of bad IPs. Optionally compare to a previous date to see rank changes. + + Args: + asn: Filters results by Autonomous System. Specify one or more Autonomous System + Numbers (ASNs) as a comma-separated list. Prefix with `-` to exclude ASNs from + results. For example, `-174, 3356` excludes results from AS174, but includes + results from AS3356. + + compare_date_range: Relative date range for rank change comparison (e.g., "1d", "7d", "30d"). + + date: The date to retrieve (YYYY-MM-DD format). If not specified, returns the most + recent available data. Note: This is the date the report was generated. The + report is generated from information collected from the previous day (e.g., the + 2026-02-23 entry contains data from 2026-02-22). + + format: Format in which results will be returned. + + limit: Limits the number of objects returned in the response. + + location: Filters results by location. Specify an alpha-2 location code. + + metric: Metric to rank ASNs by. + + offset: Skips the specified number of objects before fetching the results. + + sort_order: Sort order. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + return self._get( + "/radar/entities/asns/botnet_threat_feed", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "asn": asn, + "compare_date_range": compare_date_range, + "date": date, + "format": format, + "limit": limit, + "location": location, + "metric": metric, + "offset": offset, + "sort_order": sort_order, + }, + asn_botnet_threat_feed_params.ASNBotnetThreatFeedParams, + ), + post_parser=ResultWrapper[ASNBotnetThreatFeedResponse]._unwrapper, + ), + cast_to=cast(Type[ASNBotnetThreatFeedResponse], ResultWrapper[ASNBotnetThreatFeedResponse]), + ) + def get( self, asn: int, @@ -424,6 +516,89 @@ async def as_set( cast_to=cast(Type[ASNAsSetResponse], ResultWrapper[ASNAsSetResponse]), ) + async def botnet_threat_feed( + self, + *, + asn: SequenceNotStr[str] | Omit = omit, + compare_date_range: str | Omit = omit, + date: Union[str, date] | Omit = omit, + format: Literal["JSON", "CSV"] | Omit = omit, + limit: int | Omit = omit, + location: str | Omit = omit, + metric: Literal["OFFENSE_COUNT", "NUMBER_OF_OFFENDING_IPS"] | Omit = omit, + offset: int | Omit = omit, + sort_order: Literal["ASC", "DESC"] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> ASNBotnetThreatFeedResponse: + """ + Retrieves a ranked list of Autonomous Systems based on their presence in the + Cloudflare Botnet Threat Feed. Rankings can be sorted by offense count or number + of bad IPs. Optionally compare to a previous date to see rank changes. + + Args: + asn: Filters results by Autonomous System. Specify one or more Autonomous System + Numbers (ASNs) as a comma-separated list. Prefix with `-` to exclude ASNs from + results. For example, `-174, 3356` excludes results from AS174, but includes + results from AS3356. + + compare_date_range: Relative date range for rank change comparison (e.g., "1d", "7d", "30d"). + + date: The date to retrieve (YYYY-MM-DD format). If not specified, returns the most + recent available data. Note: This is the date the report was generated. The + report is generated from information collected from the previous day (e.g., the + 2026-02-23 entry contains data from 2026-02-22). + + format: Format in which results will be returned. + + limit: Limits the number of objects returned in the response. + + location: Filters results by location. Specify an alpha-2 location code. + + metric: Metric to rank ASNs by. + + offset: Skips the specified number of objects before fetching the results. + + sort_order: Sort order. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + return await self._get( + "/radar/entities/asns/botnet_threat_feed", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=await async_maybe_transform( + { + "asn": asn, + "compare_date_range": compare_date_range, + "date": date, + "format": format, + "limit": limit, + "location": location, + "metric": metric, + "offset": offset, + "sort_order": sort_order, + }, + asn_botnet_threat_feed_params.ASNBotnetThreatFeedParams, + ), + post_parser=ResultWrapper[ASNBotnetThreatFeedResponse]._unwrapper, + ), + cast_to=cast(Type[ASNBotnetThreatFeedResponse], ResultWrapper[ASNBotnetThreatFeedResponse]), + ) + async def get( self, asn: int, @@ -579,6 +754,9 @@ def __init__(self, asns: ASNsResource) -> None: self.as_set = to_raw_response_wrapper( asns.as_set, ) + self.botnet_threat_feed = to_raw_response_wrapper( + asns.botnet_threat_feed, + ) self.get = to_raw_response_wrapper( asns.get, ) @@ -600,6 +778,9 @@ def __init__(self, asns: AsyncASNsResource) -> None: self.as_set = async_to_raw_response_wrapper( asns.as_set, ) + self.botnet_threat_feed = async_to_raw_response_wrapper( + asns.botnet_threat_feed, + ) self.get = async_to_raw_response_wrapper( asns.get, ) @@ -621,6 +802,9 @@ def __init__(self, asns: ASNsResource) -> None: self.as_set = to_streamed_response_wrapper( asns.as_set, ) + self.botnet_threat_feed = to_streamed_response_wrapper( + asns.botnet_threat_feed, + ) self.get = to_streamed_response_wrapper( asns.get, ) @@ -642,6 +826,9 @@ def __init__(self, asns: AsyncASNsResource) -> None: self.as_set = async_to_streamed_response_wrapper( asns.as_set, ) + self.botnet_threat_feed = async_to_streamed_response_wrapper( + asns.botnet_threat_feed, + ) self.get = async_to_streamed_response_wrapper( asns.get, ) diff --git a/src/cloudflare/resources/radar/entities/locations.py b/src/cloudflare/resources/radar/entities/locations.py index 594c5078309..51e63d24533 100644 --- a/src/cloudflare/resources/radar/entities/locations.py +++ b/src/cloudflare/resources/radar/entities/locations.py @@ -49,10 +49,13 @@ def with_streaming_response(self) -> LocationsResourceWithStreamingResponse: def list( self, *, + continent: Literal["AF", "AS", "EU", "NA", "OC", "SA"] | Omit = omit, format: Literal["JSON", "CSV"] | Omit = omit, limit: int | Omit = omit, location: str | Omit = omit, offset: int | Omit = omit, + region: str | Omit = omit, + subregion: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -64,6 +67,8 @@ def list( Retrieves a list of locations. Args: + continent: Filters results by continent code. + format: Format in which results will be returned. limit: Limits the number of objects returned in the response. @@ -73,6 +78,10 @@ def list( offset: Skips the specified number of objects before fetching the results. + region: Filters results by region. + + subregion: Filters results by subregion. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request @@ -90,10 +99,13 @@ def list( timeout=timeout, query=maybe_transform( { + "continent": continent, "format": format, "limit": limit, "location": location, "offset": offset, + "region": region, + "subregion": subregion, }, location_list_params.LocationListParams, ), @@ -172,10 +184,13 @@ def with_streaming_response(self) -> AsyncLocationsResourceWithStreamingResponse async def list( self, *, + continent: Literal["AF", "AS", "EU", "NA", "OC", "SA"] | Omit = omit, format: Literal["JSON", "CSV"] | Omit = omit, limit: int | Omit = omit, location: str | Omit = omit, offset: int | Omit = omit, + region: str | Omit = omit, + subregion: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -187,6 +202,8 @@ async def list( Retrieves a list of locations. Args: + continent: Filters results by continent code. + format: Format in which results will be returned. limit: Limits the number of objects returned in the response. @@ -196,6 +213,10 @@ async def list( offset: Skips the specified number of objects before fetching the results. + region: Filters results by region. + + subregion: Filters results by subregion. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request @@ -213,10 +234,13 @@ async def list( timeout=timeout, query=await async_maybe_transform( { + "continent": continent, "format": format, "limit": limit, "location": location, "offset": offset, + "region": region, + "subregion": subregion, }, location_list_params.LocationListParams, ), diff --git a/src/cloudflare/resources/radar/netflows/netflows.py b/src/cloudflare/resources/radar/netflows/netflows.py index 863ad0a5911..829305489be 100644 --- a/src/cloudflare/resources/radar/netflows/netflows.py +++ b/src/cloudflare/resources/radar/netflows/netflows.py @@ -388,7 +388,7 @@ def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> NetFlowsTimeseriesGroupsResponse: """ - Retrieves the distribution of NetFlows traffic, grouped by chosen the specified + Retrieves the distribution of NetFlows traffic, grouped by the specified dimension over time. Args: @@ -823,7 +823,7 @@ async def timeseries_groups( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> NetFlowsTimeseriesGroupsResponse: """ - Retrieves the distribution of NetFlows traffic, grouped by chosen the specified + Retrieves the distribution of NetFlows traffic, grouped by the specified dimension over time. Args: diff --git a/src/cloudflare/resources/radar/post_quantum/__init__.py b/src/cloudflare/resources/radar/post_quantum/__init__.py new file mode 100644 index 00000000000..1b6ec0920cd --- /dev/null +++ b/src/cloudflare/resources/radar/post_quantum/__init__.py @@ -0,0 +1,47 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from .tls import ( + TLSResource, + AsyncTLSResource, + TLSResourceWithRawResponse, + AsyncTLSResourceWithRawResponse, + TLSResourceWithStreamingResponse, + AsyncTLSResourceWithStreamingResponse, +) +from .origin import ( + OriginResource, + AsyncOriginResource, + OriginResourceWithRawResponse, + AsyncOriginResourceWithRawResponse, + OriginResourceWithStreamingResponse, + AsyncOriginResourceWithStreamingResponse, +) +from .post_quantum import ( + PostQuantumResource, + AsyncPostQuantumResource, + PostQuantumResourceWithRawResponse, + AsyncPostQuantumResourceWithRawResponse, + PostQuantumResourceWithStreamingResponse, + AsyncPostQuantumResourceWithStreamingResponse, +) + +__all__ = [ + "OriginResource", + "AsyncOriginResource", + "OriginResourceWithRawResponse", + "AsyncOriginResourceWithRawResponse", + "OriginResourceWithStreamingResponse", + "AsyncOriginResourceWithStreamingResponse", + "TLSResource", + "AsyncTLSResource", + "TLSResourceWithRawResponse", + "AsyncTLSResourceWithRawResponse", + "TLSResourceWithStreamingResponse", + "AsyncTLSResourceWithStreamingResponse", + "PostQuantumResource", + "AsyncPostQuantumResource", + "PostQuantumResourceWithRawResponse", + "AsyncPostQuantumResourceWithRawResponse", + "PostQuantumResourceWithStreamingResponse", + "AsyncPostQuantumResourceWithStreamingResponse", +] diff --git a/src/cloudflare/resources/radar/post_quantum/origin.py b/src/cloudflare/resources/radar/post_quantum/origin.py new file mode 100644 index 00000000000..87f5ad54f8f --- /dev/null +++ b/src/cloudflare/resources/radar/post_quantum/origin.py @@ -0,0 +1,385 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Type, Union, cast +from datetime import datetime +from typing_extensions import Literal + +import httpx + +from ...._types import Body, Omit, Query, Headers, NotGiven, SequenceNotStr, omit, not_given +from ...._utils import maybe_transform, async_maybe_transform +from ...._compat import cached_property +from ...._resource import SyncAPIResource, AsyncAPIResource +from ...._response import ( + to_raw_response_wrapper, + to_streamed_response_wrapper, + async_to_raw_response_wrapper, + async_to_streamed_response_wrapper, +) +from ...._wrappers import ResultWrapper +from ...._base_client import make_request_options +from ....types.radar.post_quantum import origin_summary_params, origin_timeseries_groups_params +from ....types.radar.post_quantum.origin_summary_response import OriginSummaryResponse +from ....types.radar.post_quantum.origin_timeseries_groups_response import OriginTimeseriesGroupsResponse + +__all__ = ["OriginResource", "AsyncOriginResource"] + + +class OriginResource(SyncAPIResource): + @cached_property + def with_raw_response(self) -> OriginResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return OriginResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> OriginResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return OriginResourceWithStreamingResponse(self) + + def summary( + self, + dimension: Literal["KEY_AGREEMENT"], + *, + date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, + date_range: SequenceNotStr[str] | Omit = omit, + date_start: SequenceNotStr[Union[str, datetime]] | Omit = omit, + format: Literal["JSON", "CSV"] | Omit = omit, + name: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> OriginSummaryResponse: + """ + Returns a summary of origin post-quantum data grouped by the specified + dimension. + + Args: + dimension: Specifies the origin post-quantum data dimension by which to group the results. + + date_end: End of the date range (inclusive). + + date_range: Filters results by date range. For example, use `7d` and `7dcontrol` to compare + this week with the previous week. Use this parameter or set specific start and + end dates (`dateStart` and `dateEnd` parameters). + + date_start: Start of the date range. + + format: Format in which results will be returned. + + name: Array of names used to label the series in the response. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not dimension: + raise ValueError(f"Expected a non-empty value for `dimension` but received {dimension!r}") + return self._get( + f"/radar/post_quantum/origin/summary/{dimension}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "date_end": date_end, + "date_range": date_range, + "date_start": date_start, + "format": format, + "name": name, + }, + origin_summary_params.OriginSummaryParams, + ), + post_parser=ResultWrapper[OriginSummaryResponse]._unwrapper, + ), + cast_to=cast(Type[OriginSummaryResponse], ResultWrapper[OriginSummaryResponse]), + ) + + def timeseries_groups( + self, + dimension: Literal["KEY_AGREEMENT"], + *, + date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, + date_range: SequenceNotStr[str] | Omit = omit, + date_start: SequenceNotStr[Union[str, datetime]] | Omit = omit, + format: Literal["JSON", "CSV"] | Omit = omit, + name: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> OriginTimeseriesGroupsResponse: + """ + Returns a timeseries of origin post-quantum data grouped by the specified + dimension. + + Args: + dimension: Specifies the origin post-quantum data dimension by which to group the results. + + date_end: End of the date range (inclusive). + + date_range: Filters results by date range. For example, use `7d` and `7dcontrol` to compare + this week with the previous week. Use this parameter or set specific start and + end dates (`dateStart` and `dateEnd` parameters). + + date_start: Start of the date range. + + format: Format in which results will be returned. + + name: Array of names used to label the series in the response. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not dimension: + raise ValueError(f"Expected a non-empty value for `dimension` but received {dimension!r}") + return self._get( + f"/radar/post_quantum/origin/timeseries_groups/{dimension}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "date_end": date_end, + "date_range": date_range, + "date_start": date_start, + "format": format, + "name": name, + }, + origin_timeseries_groups_params.OriginTimeseriesGroupsParams, + ), + post_parser=ResultWrapper[OriginTimeseriesGroupsResponse]._unwrapper, + ), + cast_to=cast(Type[OriginTimeseriesGroupsResponse], ResultWrapper[OriginTimeseriesGroupsResponse]), + ) + + +class AsyncOriginResource(AsyncAPIResource): + @cached_property + def with_raw_response(self) -> AsyncOriginResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncOriginResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncOriginResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncOriginResourceWithStreamingResponse(self) + + async def summary( + self, + dimension: Literal["KEY_AGREEMENT"], + *, + date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, + date_range: SequenceNotStr[str] | Omit = omit, + date_start: SequenceNotStr[Union[str, datetime]] | Omit = omit, + format: Literal["JSON", "CSV"] | Omit = omit, + name: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> OriginSummaryResponse: + """ + Returns a summary of origin post-quantum data grouped by the specified + dimension. + + Args: + dimension: Specifies the origin post-quantum data dimension by which to group the results. + + date_end: End of the date range (inclusive). + + date_range: Filters results by date range. For example, use `7d` and `7dcontrol` to compare + this week with the previous week. Use this parameter or set specific start and + end dates (`dateStart` and `dateEnd` parameters). + + date_start: Start of the date range. + + format: Format in which results will be returned. + + name: Array of names used to label the series in the response. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not dimension: + raise ValueError(f"Expected a non-empty value for `dimension` but received {dimension!r}") + return await self._get( + f"/radar/post_quantum/origin/summary/{dimension}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=await async_maybe_transform( + { + "date_end": date_end, + "date_range": date_range, + "date_start": date_start, + "format": format, + "name": name, + }, + origin_summary_params.OriginSummaryParams, + ), + post_parser=ResultWrapper[OriginSummaryResponse]._unwrapper, + ), + cast_to=cast(Type[OriginSummaryResponse], ResultWrapper[OriginSummaryResponse]), + ) + + async def timeseries_groups( + self, + dimension: Literal["KEY_AGREEMENT"], + *, + date_end: SequenceNotStr[Union[str, datetime]] | Omit = omit, + date_range: SequenceNotStr[str] | Omit = omit, + date_start: SequenceNotStr[Union[str, datetime]] | Omit = omit, + format: Literal["JSON", "CSV"] | Omit = omit, + name: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> OriginTimeseriesGroupsResponse: + """ + Returns a timeseries of origin post-quantum data grouped by the specified + dimension. + + Args: + dimension: Specifies the origin post-quantum data dimension by which to group the results. + + date_end: End of the date range (inclusive). + + date_range: Filters results by date range. For example, use `7d` and `7dcontrol` to compare + this week with the previous week. Use this parameter or set specific start and + end dates (`dateStart` and `dateEnd` parameters). + + date_start: Start of the date range. + + format: Format in which results will be returned. + + name: Array of names used to label the series in the response. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not dimension: + raise ValueError(f"Expected a non-empty value for `dimension` but received {dimension!r}") + return await self._get( + f"/radar/post_quantum/origin/timeseries_groups/{dimension}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=await async_maybe_transform( + { + "date_end": date_end, + "date_range": date_range, + "date_start": date_start, + "format": format, + "name": name, + }, + origin_timeseries_groups_params.OriginTimeseriesGroupsParams, + ), + post_parser=ResultWrapper[OriginTimeseriesGroupsResponse]._unwrapper, + ), + cast_to=cast(Type[OriginTimeseriesGroupsResponse], ResultWrapper[OriginTimeseriesGroupsResponse]), + ) + + +class OriginResourceWithRawResponse: + def __init__(self, origin: OriginResource) -> None: + self._origin = origin + + self.summary = to_raw_response_wrapper( + origin.summary, + ) + self.timeseries_groups = to_raw_response_wrapper( + origin.timeseries_groups, + ) + + +class AsyncOriginResourceWithRawResponse: + def __init__(self, origin: AsyncOriginResource) -> None: + self._origin = origin + + self.summary = async_to_raw_response_wrapper( + origin.summary, + ) + self.timeseries_groups = async_to_raw_response_wrapper( + origin.timeseries_groups, + ) + + +class OriginResourceWithStreamingResponse: + def __init__(self, origin: OriginResource) -> None: + self._origin = origin + + self.summary = to_streamed_response_wrapper( + origin.summary, + ) + self.timeseries_groups = to_streamed_response_wrapper( + origin.timeseries_groups, + ) + + +class AsyncOriginResourceWithStreamingResponse: + def __init__(self, origin: AsyncOriginResource) -> None: + self._origin = origin + + self.summary = async_to_streamed_response_wrapper( + origin.summary, + ) + self.timeseries_groups = async_to_streamed_response_wrapper( + origin.timeseries_groups, + ) diff --git a/src/cloudflare/resources/radar/post_quantum/post_quantum.py b/src/cloudflare/resources/radar/post_quantum/post_quantum.py new file mode 100644 index 00000000000..3860bba6380 --- /dev/null +++ b/src/cloudflare/resources/radar/post_quantum/post_quantum.py @@ -0,0 +1,134 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from .tls import ( + TLSResource, + AsyncTLSResource, + TLSResourceWithRawResponse, + AsyncTLSResourceWithRawResponse, + TLSResourceWithStreamingResponse, + AsyncTLSResourceWithStreamingResponse, +) +from .origin import ( + OriginResource, + AsyncOriginResource, + OriginResourceWithRawResponse, + AsyncOriginResourceWithRawResponse, + OriginResourceWithStreamingResponse, + AsyncOriginResourceWithStreamingResponse, +) +from ...._compat import cached_property +from ...._resource import SyncAPIResource, AsyncAPIResource + +__all__ = ["PostQuantumResource", "AsyncPostQuantumResource"] + + +class PostQuantumResource(SyncAPIResource): + @cached_property + def origin(self) -> OriginResource: + return OriginResource(self._client) + + @cached_property + def tls(self) -> TLSResource: + return TLSResource(self._client) + + @cached_property + def with_raw_response(self) -> PostQuantumResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return PostQuantumResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> PostQuantumResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return PostQuantumResourceWithStreamingResponse(self) + + +class AsyncPostQuantumResource(AsyncAPIResource): + @cached_property + def origin(self) -> AsyncOriginResource: + return AsyncOriginResource(self._client) + + @cached_property + def tls(self) -> AsyncTLSResource: + return AsyncTLSResource(self._client) + + @cached_property + def with_raw_response(self) -> AsyncPostQuantumResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncPostQuantumResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncPostQuantumResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncPostQuantumResourceWithStreamingResponse(self) + + +class PostQuantumResourceWithRawResponse: + def __init__(self, post_quantum: PostQuantumResource) -> None: + self._post_quantum = post_quantum + + @cached_property + def origin(self) -> OriginResourceWithRawResponse: + return OriginResourceWithRawResponse(self._post_quantum.origin) + + @cached_property + def tls(self) -> TLSResourceWithRawResponse: + return TLSResourceWithRawResponse(self._post_quantum.tls) + + +class AsyncPostQuantumResourceWithRawResponse: + def __init__(self, post_quantum: AsyncPostQuantumResource) -> None: + self._post_quantum = post_quantum + + @cached_property + def origin(self) -> AsyncOriginResourceWithRawResponse: + return AsyncOriginResourceWithRawResponse(self._post_quantum.origin) + + @cached_property + def tls(self) -> AsyncTLSResourceWithRawResponse: + return AsyncTLSResourceWithRawResponse(self._post_quantum.tls) + + +class PostQuantumResourceWithStreamingResponse: + def __init__(self, post_quantum: PostQuantumResource) -> None: + self._post_quantum = post_quantum + + @cached_property + def origin(self) -> OriginResourceWithStreamingResponse: + return OriginResourceWithStreamingResponse(self._post_quantum.origin) + + @cached_property + def tls(self) -> TLSResourceWithStreamingResponse: + return TLSResourceWithStreamingResponse(self._post_quantum.tls) + + +class AsyncPostQuantumResourceWithStreamingResponse: + def __init__(self, post_quantum: AsyncPostQuantumResource) -> None: + self._post_quantum = post_quantum + + @cached_property + def origin(self) -> AsyncOriginResourceWithStreamingResponse: + return AsyncOriginResourceWithStreamingResponse(self._post_quantum.origin) + + @cached_property + def tls(self) -> AsyncTLSResourceWithStreamingResponse: + return AsyncTLSResourceWithStreamingResponse(self._post_quantum.tls) diff --git a/src/cloudflare/resources/radar/post_quantum/tls.py b/src/cloudflare/resources/radar/post_quantum/tls.py new file mode 100644 index 00000000000..e10649bee1d --- /dev/null +++ b/src/cloudflare/resources/radar/post_quantum/tls.py @@ -0,0 +1,184 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Type, cast + +import httpx + +from ...._types import Body, Query, Headers, NotGiven, not_given +from ...._utils import maybe_transform, async_maybe_transform +from ...._compat import cached_property +from ...._resource import SyncAPIResource, AsyncAPIResource +from ...._response import ( + to_raw_response_wrapper, + to_streamed_response_wrapper, + async_to_raw_response_wrapper, + async_to_streamed_response_wrapper, +) +from ...._wrappers import ResultWrapper +from ...._base_client import make_request_options +from ....types.radar.post_quantum import tls_support_params +from ....types.radar.post_quantum.tls_support_response import TLSSupportResponse + +__all__ = ["TLSResource", "AsyncTLSResource"] + + +class TLSResource(SyncAPIResource): + @cached_property + def with_raw_response(self) -> TLSResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return TLSResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> TLSResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return TLSResourceWithStreamingResponse(self) + + def support( + self, + *, + host: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> TLSSupportResponse: + """ + Tests whether a hostname or IP address supports Post-Quantum (PQ) TLS key + exchange. Returns information about the negotiated key exchange algorithm and + whether it uses PQ cryptography. + + Args: + host: Hostname or IP address to test for Post-Quantum TLS support, optionally with + port (defaults to 443). + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + return self._get( + "/radar/post_quantum/tls/support", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform({"host": host}, tls_support_params.TLSSupportParams), + post_parser=ResultWrapper[TLSSupportResponse]._unwrapper, + ), + cast_to=cast(Type[TLSSupportResponse], ResultWrapper[TLSSupportResponse]), + ) + + +class AsyncTLSResource(AsyncAPIResource): + @cached_property + def with_raw_response(self) -> AsyncTLSResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncTLSResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncTLSResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncTLSResourceWithStreamingResponse(self) + + async def support( + self, + *, + host: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> TLSSupportResponse: + """ + Tests whether a hostname or IP address supports Post-Quantum (PQ) TLS key + exchange. Returns information about the negotiated key exchange algorithm and + whether it uses PQ cryptography. + + Args: + host: Hostname or IP address to test for Post-Quantum TLS support, optionally with + port (defaults to 443). + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + return await self._get( + "/radar/post_quantum/tls/support", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=await async_maybe_transform({"host": host}, tls_support_params.TLSSupportParams), + post_parser=ResultWrapper[TLSSupportResponse]._unwrapper, + ), + cast_to=cast(Type[TLSSupportResponse], ResultWrapper[TLSSupportResponse]), + ) + + +class TLSResourceWithRawResponse: + def __init__(self, tls: TLSResource) -> None: + self._tls = tls + + self.support = to_raw_response_wrapper( + tls.support, + ) + + +class AsyncTLSResourceWithRawResponse: + def __init__(self, tls: AsyncTLSResource) -> None: + self._tls = tls + + self.support = async_to_raw_response_wrapper( + tls.support, + ) + + +class TLSResourceWithStreamingResponse: + def __init__(self, tls: TLSResource) -> None: + self._tls = tls + + self.support = to_streamed_response_wrapper( + tls.support, + ) + + +class AsyncTLSResourceWithStreamingResponse: + def __init__(self, tls: AsyncTLSResource) -> None: + self._tls = tls + + self.support = async_to_streamed_response_wrapper( + tls.support, + ) diff --git a/src/cloudflare/resources/radar/radar.py b/src/cloudflare/resources/radar/radar.py index 8cc06d6d13d..8663fda883b 100644 --- a/src/cloudflare/resources/radar/radar.py +++ b/src/cloudflare/resources/radar/radar.py @@ -156,6 +156,14 @@ AnnotationsResourceWithStreamingResponse, AsyncAnnotationsResourceWithStreamingResponse, ) +from .post_quantum.post_quantum import ( + PostQuantumResource, + AsyncPostQuantumResource, + PostQuantumResourceWithRawResponse, + AsyncPostQuantumResourceWithRawResponse, + PostQuantumResourceWithStreamingResponse, + AsyncPostQuantumResourceWithStreamingResponse, +) from .verified_bots.verified_bots import ( VerifiedBotsResource, AsyncVerifiedBotsResource, @@ -217,6 +225,10 @@ def dns(self) -> DNSResource: def netflows(self) -> NetFlowsResource: return NetFlowsResource(self._client) + @cached_property + def post_quantum(self) -> PostQuantumResource: + return PostQuantumResource(self._client) + @cached_property def search(self) -> SearchResource: return SearchResource(self._client) @@ -326,6 +338,10 @@ def dns(self) -> AsyncDNSResource: def netflows(self) -> AsyncNetFlowsResource: return AsyncNetFlowsResource(self._client) + @cached_property + def post_quantum(self) -> AsyncPostQuantumResource: + return AsyncPostQuantumResource(self._client) + @cached_property def search(self) -> AsyncSearchResource: return AsyncSearchResource(self._client) @@ -438,6 +454,10 @@ def dns(self) -> DNSResourceWithRawResponse: def netflows(self) -> NetFlowsResourceWithRawResponse: return NetFlowsResourceWithRawResponse(self._radar.netflows) + @cached_property + def post_quantum(self) -> PostQuantumResourceWithRawResponse: + return PostQuantumResourceWithRawResponse(self._radar.post_quantum) + @cached_property def search(self) -> SearchResourceWithRawResponse: return SearchResourceWithRawResponse(self._radar.search) @@ -531,6 +551,10 @@ def dns(self) -> AsyncDNSResourceWithRawResponse: def netflows(self) -> AsyncNetFlowsResourceWithRawResponse: return AsyncNetFlowsResourceWithRawResponse(self._radar.netflows) + @cached_property + def post_quantum(self) -> AsyncPostQuantumResourceWithRawResponse: + return AsyncPostQuantumResourceWithRawResponse(self._radar.post_quantum) + @cached_property def search(self) -> AsyncSearchResourceWithRawResponse: return AsyncSearchResourceWithRawResponse(self._radar.search) @@ -624,6 +648,10 @@ def dns(self) -> DNSResourceWithStreamingResponse: def netflows(self) -> NetFlowsResourceWithStreamingResponse: return NetFlowsResourceWithStreamingResponse(self._radar.netflows) + @cached_property + def post_quantum(self) -> PostQuantumResourceWithStreamingResponse: + return PostQuantumResourceWithStreamingResponse(self._radar.post_quantum) + @cached_property def search(self) -> SearchResourceWithStreamingResponse: return SearchResourceWithStreamingResponse(self._radar.search) @@ -717,6 +745,10 @@ def dns(self) -> AsyncDNSResourceWithStreamingResponse: def netflows(self) -> AsyncNetFlowsResourceWithStreamingResponse: return AsyncNetFlowsResourceWithStreamingResponse(self._radar.netflows) + @cached_property + def post_quantum(self) -> AsyncPostQuantumResourceWithStreamingResponse: + return AsyncPostQuantumResourceWithStreamingResponse(self._radar.post_quantum) + @cached_property def search(self) -> AsyncSearchResourceWithStreamingResponse: return AsyncSearchResourceWithStreamingResponse(self._radar.search) diff --git a/src/cloudflare/resources/resource_sharing/recipients.py b/src/cloudflare/resources/resource_sharing/recipients.py index 317084c89ac..828a348060a 100644 --- a/src/cloudflare/resources/resource_sharing/recipients.py +++ b/src/cloudflare/resources/resource_sharing/recipients.py @@ -63,7 +63,8 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[RecipientCreateResponse]: """ - Create a new share recipient + Adds a recipient to a resource share, granting them access to the shared + resources. Args: path_account_id: Account identifier. @@ -307,7 +308,8 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[RecipientCreateResponse]: """ - Create a new share recipient + Adds a recipient to a resource share, granting them access to the shared + resources. Args: path_account_id: Account identifier. diff --git a/src/cloudflare/resources/resource_sharing/resource_sharing.py b/src/cloudflare/resources/resource_sharing/resource_sharing.py index 88d07b557b1..0ad7712a109 100644 --- a/src/cloudflare/resources/resource_sharing/resource_sharing.py +++ b/src/cloudflare/resources/resource_sharing/resource_sharing.py @@ -94,7 +94,8 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ResourceSharingCreateResponse]: """ - Create a new share + Creates a new resource share for sharing Cloudflare resources with other + accounts or organizations. Args: account_id: Account identifier. @@ -420,7 +421,8 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ResourceSharingCreateResponse]: """ - Create a new share + Creates a new resource share for sharing Cloudflare resources with other + accounts or organizations. Args: account_id: Account identifier. diff --git a/src/cloudflare/resources/resource_sharing/resources.py b/src/cloudflare/resources/resource_sharing/resources.py index ec35ed84afd..98f316493b6 100644 --- a/src/cloudflare/resources/resource_sharing/resources.py +++ b/src/cloudflare/resources/resource_sharing/resources.py @@ -74,7 +74,7 @@ def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ResourceCreateResponse]: """ - Create a new share resource + Adds a resource to an existing share, making it available to share recipients. Args: account_id: Account identifier. @@ -393,7 +393,7 @@ async def create( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[ResourceCreateResponse]: """ - Create a new share resource + Adds a resource to an existing share, making it available to share recipients. Args: account_id: Account identifier. diff --git a/src/cloudflare/resources/snippets/content.py b/src/cloudflare/resources/snippets/content.py index be4473336d9..84f9ba1e83e 100644 --- a/src/cloudflare/resources/snippets/content.py +++ b/src/cloudflare/resources/snippets/content.py @@ -58,9 +58,9 @@ def get( Fetches the content of a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. extra_headers: Send extra headers @@ -120,9 +120,9 @@ async def get( Fetches the content of a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. extra_headers: Send extra headers diff --git a/src/cloudflare/resources/snippets/rules.py b/src/cloudflare/resources/snippets/rules.py index 60f627b1c83..0d6cf5b8afc 100644 --- a/src/cloudflare/resources/snippets/rules.py +++ b/src/cloudflare/resources/snippets/rules.py @@ -2,12 +2,12 @@ from __future__ import annotations -from typing import Iterable +from typing import Type, Iterable, cast import httpx from ..._types import Body, Query, Headers, NotGiven, not_given -from ..._utils import maybe_transform +from ..._utils import maybe_transform, async_maybe_transform from ..._compat import cached_property from ..._resource import SyncAPIResource, AsyncAPIResource from ..._response import ( @@ -16,12 +16,9 @@ async_to_raw_response_wrapper, async_to_streamed_response_wrapper, ) -from ...pagination import SyncSinglePage, AsyncSinglePage -from ..._base_client import AsyncPaginator, make_request_options +from ..._wrappers import ResultWrapper +from ..._base_client import make_request_options from ...types.snippets import rule_update_params -from ...types.snippets.rule_list_response import RuleListResponse -from ...types.snippets.rule_delete_response import RuleDeleteResponse -from ...types.snippets.rule_update_response import RuleUpdateResponse __all__ = ["RulesResource", "AsyncRulesResource"] @@ -57,14 +54,14 @@ def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> SyncSinglePage[RuleUpdateResponse]: + ) -> object: """ Updates all snippet rules belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - rules: A list of snippet rules. + rules: Lists snippet rules. extra_headers: Send extra headers @@ -76,15 +73,17 @@ def update( """ if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") - return self._get_api_list( + return self._put( f"/zones/{zone_id}/snippets/snippet_rules", - page=SyncSinglePage[RuleUpdateResponse], body=maybe_transform({"rules": rules}, rule_update_params.RuleUpdateParams), options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[object]._unwrapper, ), - model=RuleUpdateResponse, - method="put", + cast_to=cast(Type[object], ResultWrapper[object]), ) def list( @@ -97,12 +96,12 @@ def list( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> SyncSinglePage[RuleListResponse]: + ) -> object: """ Fetches all snippet rules belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. extra_headers: Send extra headers @@ -114,13 +113,16 @@ def list( """ if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") - return self._get_api_list( + return self._get( f"/zones/{zone_id}/snippets/snippet_rules", - page=SyncSinglePage[RuleListResponse], options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[object]._unwrapper, ), - model=RuleListResponse, + cast_to=cast(Type[object], ResultWrapper[object]), ) def delete( @@ -133,12 +135,12 @@ def delete( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> SyncSinglePage[RuleDeleteResponse]: + ) -> object: """ Deletes all snippet rules belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. extra_headers: Send extra headers @@ -150,14 +152,16 @@ def delete( """ if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") - return self._get_api_list( + return self._delete( f"/zones/{zone_id}/snippets/snippet_rules", - page=SyncSinglePage[RuleDeleteResponse], options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[object]._unwrapper, ), - model=RuleDeleteResponse, - method="delete", + cast_to=cast(Type[object], ResultWrapper[object]), ) @@ -181,7 +185,7 @@ def with_streaming_response(self) -> AsyncRulesResourceWithStreamingResponse: """ return AsyncRulesResourceWithStreamingResponse(self) - def update( + async def update( self, *, zone_id: str, @@ -192,14 +196,14 @@ def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> AsyncPaginator[RuleUpdateResponse, AsyncSinglePage[RuleUpdateResponse]]: + ) -> object: """ Updates all snippet rules belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - rules: A list of snippet rules. + rules: Lists snippet rules. extra_headers: Send extra headers @@ -211,18 +215,20 @@ def update( """ if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") - return self._get_api_list( + return await self._put( f"/zones/{zone_id}/snippets/snippet_rules", - page=AsyncSinglePage[RuleUpdateResponse], - body=maybe_transform({"rules": rules}, rule_update_params.RuleUpdateParams), + body=await async_maybe_transform({"rules": rules}, rule_update_params.RuleUpdateParams), options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[object]._unwrapper, ), - model=RuleUpdateResponse, - method="put", + cast_to=cast(Type[object], ResultWrapper[object]), ) - def list( + async def list( self, *, zone_id: str, @@ -232,12 +238,12 @@ def list( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> AsyncPaginator[RuleListResponse, AsyncSinglePage[RuleListResponse]]: + ) -> object: """ Fetches all snippet rules belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. extra_headers: Send extra headers @@ -249,16 +255,19 @@ def list( """ if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") - return self._get_api_list( + return await self._get( f"/zones/{zone_id}/snippets/snippet_rules", - page=AsyncSinglePage[RuleListResponse], options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[object]._unwrapper, ), - model=RuleListResponse, + cast_to=cast(Type[object], ResultWrapper[object]), ) - def delete( + async def delete( self, *, zone_id: str, @@ -268,12 +277,12 @@ def delete( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> AsyncPaginator[RuleDeleteResponse, AsyncSinglePage[RuleDeleteResponse]]: + ) -> object: """ Deletes all snippet rules belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. extra_headers: Send extra headers @@ -285,14 +294,16 @@ def delete( """ if not zone_id: raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") - return self._get_api_list( + return await self._delete( f"/zones/{zone_id}/snippets/snippet_rules", - page=AsyncSinglePage[RuleDeleteResponse], options=make_request_options( - extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[object]._unwrapper, ), - model=RuleDeleteResponse, - method="delete", + cast_to=cast(Type[object], ResultWrapper[object]), ) diff --git a/src/cloudflare/resources/snippets/snippets.py b/src/cloudflare/resources/snippets/snippets.py index aa40465dcb3..21e928d8b84 100644 --- a/src/cloudflare/resources/snippets/snippets.py +++ b/src/cloudflare/resources/snippets/snippets.py @@ -38,7 +38,6 @@ from ...types.snippets import snippet_list_params, snippet_update_params from ...types.snippets.snippet_get_response import SnippetGetResponse from ...types.snippets.snippet_list_response import SnippetListResponse -from ...types.snippets.snippet_delete_response import SnippetDeleteResponse from ...types.snippets.snippet_update_response import SnippetUpdateResponse __all__ = ["SnippetsResource", "AsyncSnippetsResource"] @@ -89,11 +88,11 @@ def update( Creates or updates a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. - metadata: Metadata about the snippet. + metadata: Provide metadata about the snippet. extra_headers: Send extra headers @@ -142,11 +141,11 @@ def list( Fetches all snippets belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - page: The current page number. + page: Specifies the current page number. - per_page: The number of results to return per page. + per_page: Specifies how many results to return per page. extra_headers: Send extra headers @@ -188,14 +187,14 @@ def delete( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> str: + ) -> object: """ Deletes a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. extra_headers: Send extra headers @@ -216,9 +215,9 @@ def delete( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[SnippetDeleteResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[object]]._unwrapper, ), - cast_to=cast(Type[str], ResultWrapper[str]), + cast_to=cast(Type[object], ResultWrapper[object]), ) def get( @@ -237,9 +236,9 @@ def get( Fetches a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. extra_headers: Send extra headers @@ -311,11 +310,11 @@ async def update( Creates or updates a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. - metadata: Metadata about the snippet. + metadata: Provide metadata about the snippet. extra_headers: Send extra headers @@ -364,11 +363,11 @@ def list( Fetches all snippets belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - page: The current page number. + page: Specifies the current page number. - per_page: The number of results to return per page. + per_page: Specifies how many results to return per page. extra_headers: Send extra headers @@ -410,14 +409,14 @@ async def delete( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> str: + ) -> object: """ Deletes a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. extra_headers: Send extra headers @@ -438,9 +437,9 @@ async def delete( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[SnippetDeleteResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[object]]._unwrapper, ), - cast_to=cast(Type[str], ResultWrapper[str]), + cast_to=cast(Type[object], ResultWrapper[object]), ) async def get( @@ -459,9 +458,9 @@ async def get( Fetches a snippet belonging to the zone. Args: - zone_id: The unique ID of the zone. + zone_id: Use this field to specify the unique ID of the zone. - snippet_name: The identifying name of the snippet. + snippet_name: Identify the snippet. extra_headers: Send extra headers diff --git a/src/cloudflare/resources/ssl/certificate_packs/certificate_packs.py b/src/cloudflare/resources/ssl/certificate_packs/certificate_packs.py index 2dc361a85e7..773b8ed172d 100644 --- a/src/cloudflare/resources/ssl/certificate_packs/certificate_packs.py +++ b/src/cloudflare/resources/ssl/certificate_packs/certificate_packs.py @@ -27,7 +27,7 @@ ) from ...._wrappers import ResultWrapper from ....types.ssl import certificate_pack_edit_params, certificate_pack_list_params, certificate_pack_create_params -from ....pagination import SyncSinglePage, AsyncSinglePage +from ....pagination import SyncV4PagePaginationArray, AsyncV4PagePaginationArray from ...._base_client import AsyncPaginator, make_request_options from ....types.ssl.host import Host from ....types.ssl.certificate_pack_get_response import CertificatePackGetResponse @@ -139,6 +139,9 @@ def list( self, *, zone_id: str, + deploy: Literal["staging", "production"] | Omit = omit, + page: float | Omit = omit, + per_page: float | Omit = omit, status: Literal["all"] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -146,13 +149,19 @@ def list( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> SyncSinglePage[CertificatePackListResponse]: + ) -> SyncV4PagePaginationArray[CertificatePackListResponse]: """ For a given zone, list all active certificate packs. Args: zone_id: Identifier. + deploy: Specify the deployment environment for the certificate packs. + + page: Page number of paginated results. + + per_page: Number of certificate packs per page. + status: Include Certificate Packs of all statuses, not just active ones. extra_headers: Send extra headers @@ -167,13 +176,21 @@ def list( raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") return self._get_api_list( f"/zones/{zone_id}/ssl/certificate_packs", - page=SyncSinglePage[CertificatePackListResponse], + page=SyncV4PagePaginationArray[CertificatePackListResponse], options=make_request_options( extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout, - query=maybe_transform({"status": status}, certificate_pack_list_params.CertificatePackListParams), + query=maybe_transform( + { + "deploy": deploy, + "page": page, + "per_page": per_page, + "status": status, + }, + certificate_pack_list_params.CertificatePackListParams, + ), ), model=CertificatePackListResponse, ) @@ -426,6 +443,9 @@ def list( self, *, zone_id: str, + deploy: Literal["staging", "production"] | Omit = omit, + page: float | Omit = omit, + per_page: float | Omit = omit, status: Literal["all"] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -433,13 +453,19 @@ def list( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> AsyncPaginator[CertificatePackListResponse, AsyncSinglePage[CertificatePackListResponse]]: + ) -> AsyncPaginator[CertificatePackListResponse, AsyncV4PagePaginationArray[CertificatePackListResponse]]: """ For a given zone, list all active certificate packs. Args: zone_id: Identifier. + deploy: Specify the deployment environment for the certificate packs. + + page: Page number of paginated results. + + per_page: Number of certificate packs per page. + status: Include Certificate Packs of all statuses, not just active ones. extra_headers: Send extra headers @@ -454,13 +480,21 @@ def list( raise ValueError(f"Expected a non-empty value for `zone_id` but received {zone_id!r}") return self._get_api_list( f"/zones/{zone_id}/ssl/certificate_packs", - page=AsyncSinglePage[CertificatePackListResponse], + page=AsyncV4PagePaginationArray[CertificatePackListResponse], options=make_request_options( extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout, - query=maybe_transform({"status": status}, certificate_pack_list_params.CertificatePackListParams), + query=maybe_transform( + { + "deploy": deploy, + "page": page, + "per_page": per_page, + "status": status, + }, + certificate_pack_list_params.CertificatePackListParams, + ), ), model=CertificatePackListResponse, ) diff --git a/src/cloudflare/resources/stream/live_inputs/live_inputs.py b/src/cloudflare/resources/stream/live_inputs/live_inputs.py index 25a527c5b09..3badf065da5 100644 --- a/src/cloudflare/resources/stream/live_inputs/live_inputs.py +++ b/src/cloudflare/resources/stream/live_inputs/live_inputs.py @@ -63,6 +63,7 @@ def create( account_id: str, default_creator: str | Omit = omit, delete_recording_after_days: float | Omit = omit, + enabled: bool | Omit = omit, meta: object | Omit = omit, recording: live_input_create_params.Recording | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. @@ -87,6 +88,8 @@ def create( indicate no change, or include with a `null` value to remove an existing scheduled deletion. + enabled: Indicates whether the live input is enabled and can accept streams. + meta: A user modifiable key-value store used to reference other systems of record for managing live inputs. @@ -110,6 +113,7 @@ def create( { "default_creator": default_creator, "delete_recording_after_days": delete_recording_after_days, + "enabled": enabled, "meta": meta, "recording": recording, }, @@ -132,6 +136,7 @@ def update( account_id: str, default_creator: str | Omit = omit, delete_recording_after_days: float | Omit = omit, + enabled: bool | Omit = omit, meta: object | Omit = omit, recording: live_input_update_params.Recording | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. @@ -157,6 +162,8 @@ def update( indicate no change, or include with a `null` value to remove an existing scheduled deletion. + enabled: Indicates whether the live input is enabled and can accept streams. + meta: A user modifiable key-value store used to reference other systems of record for managing live inputs. @@ -184,6 +191,7 @@ def update( { "default_creator": default_creator, "delete_recording_after_days": delete_recording_after_days, + "enabled": enabled, "meta": meta, "recording": recording, }, @@ -366,6 +374,7 @@ async def create( account_id: str, default_creator: str | Omit = omit, delete_recording_after_days: float | Omit = omit, + enabled: bool | Omit = omit, meta: object | Omit = omit, recording: live_input_create_params.Recording | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. @@ -390,6 +399,8 @@ async def create( indicate no change, or include with a `null` value to remove an existing scheduled deletion. + enabled: Indicates whether the live input is enabled and can accept streams. + meta: A user modifiable key-value store used to reference other systems of record for managing live inputs. @@ -413,6 +424,7 @@ async def create( { "default_creator": default_creator, "delete_recording_after_days": delete_recording_after_days, + "enabled": enabled, "meta": meta, "recording": recording, }, @@ -435,6 +447,7 @@ async def update( account_id: str, default_creator: str | Omit = omit, delete_recording_after_days: float | Omit = omit, + enabled: bool | Omit = omit, meta: object | Omit = omit, recording: live_input_update_params.Recording | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. @@ -460,6 +473,8 @@ async def update( indicate no change, or include with a `null` value to remove an existing scheduled deletion. + enabled: Indicates whether the live input is enabled and can accept streams. + meta: A user modifiable key-value store used to reference other systems of record for managing live inputs. @@ -487,6 +502,7 @@ async def update( { "default_creator": default_creator, "delete_recording_after_days": delete_recording_after_days, + "enabled": enabled, "meta": meta, "recording": recording, }, diff --git a/src/cloudflare/resources/workers/observability/telemetry.py b/src/cloudflare/resources/workers/observability/telemetry.py index 4970c5c4fac..7e3e42469d4 100644 --- a/src/cloudflare/resources/workers/observability/telemetry.py +++ b/src/cloudflare/resources/workers/observability/telemetry.py @@ -132,7 +132,7 @@ def query( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> TelemetryQueryResponse: """ - Runs a temporary or saved query + Run a temporary or saved query. Args: query_id: Unique identifier for the query to execute @@ -226,7 +226,7 @@ def values( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> SyncSinglePage[TelemetryValuesResponse]: """ - List unique values found in your events + List unique values found in your events. Args: needle: Search for a specific substring in the event. @@ -368,7 +368,7 @@ async def query( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> TelemetryQueryResponse: """ - Runs a temporary or saved query + Run a temporary or saved query. Args: query_id: Unique identifier for the query to execute @@ -462,7 +462,7 @@ def values( timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> AsyncPaginator[TelemetryValuesResponse, AsyncSinglePage[TelemetryValuesResponse]]: """ - List unique values found in your events + List unique values found in your events. Args: needle: Search for a specific substring in the event. diff --git a/src/cloudflare/resources/workers/scripts/scripts.py b/src/cloudflare/resources/workers/scripts/scripts.py index 8b39ff1240d..f4f5877b34f 100644 --- a/src/cloudflare/resources/workers/scripts/scripts.py +++ b/src/cloudflare/resources/workers/scripts/scripts.py @@ -184,6 +184,7 @@ def update( *, account_id: str, metadata: script_update_params.Metadata, + bindings_inherit: Literal["strict"] | Omit = omit, files: SequenceNotStr[FileTypes] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -205,6 +206,10 @@ def update( metadata: JSON-encoded metadata about the uploaded parts and Worker configuration. + bindings_inherit: When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the Worker. Without this, + unresolvable inherit bindings are silently dropped. + files: An array of modules (often JavaScript files) comprising a Worker script. At least one module must be present and referenced in the metadata as `main_module` or `body_part` by filename.
Possible Content-Type(s) are: @@ -246,6 +251,7 @@ def update( extra_body=extra_body, timeout=timeout, multipart_syntax="json", + query=maybe_transform({"bindings_inherit": bindings_inherit}, script_update_params.ScriptUpdateParams), post_parser=ResultWrapper[ScriptUpdateResponse]._unwrapper, ), cast_to=cast(Type[ScriptUpdateResponse], ResultWrapper[ScriptUpdateResponse]), @@ -520,6 +526,7 @@ async def update( *, account_id: str, metadata: script_update_params.Metadata, + bindings_inherit: Literal["strict"] | Omit = omit, files: SequenceNotStr[FileTypes] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -541,6 +548,10 @@ async def update( metadata: JSON-encoded metadata about the uploaded parts and Worker configuration. + bindings_inherit: When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the Worker. Without this, + unresolvable inherit bindings are silently dropped. + files: An array of modules (often JavaScript files) comprising a Worker script. At least one module must be present and referenced in the metadata as `main_module` or `body_part` by filename.
Possible Content-Type(s) are: @@ -582,6 +593,9 @@ async def update( extra_body=extra_body, timeout=timeout, multipart_syntax="json", + query=await async_maybe_transform( + {"bindings_inherit": bindings_inherit}, script_update_params.ScriptUpdateParams + ), post_parser=ResultWrapper[ScriptUpdateResponse]._unwrapper, ), cast_to=cast(Type[ScriptUpdateResponse], ResultWrapper[ScriptUpdateResponse]), diff --git a/src/cloudflare/resources/workers/scripts/versions.py b/src/cloudflare/resources/workers/scripts/versions.py index 503c9871299..bb39678aaa4 100644 --- a/src/cloudflare/resources/workers/scripts/versions.py +++ b/src/cloudflare/resources/workers/scripts/versions.py @@ -3,6 +3,7 @@ from __future__ import annotations from typing import Type, cast +from typing_extensions import Literal import httpx @@ -63,6 +64,7 @@ def create( *, account_id: str, metadata: version_create_params.Metadata, + bindings_inherit: Literal["strict"] | Omit = omit, files: SequenceNotStr[FileTypes] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -84,6 +86,10 @@ def create( metadata: JSON-encoded metadata about the uploaded parts and Worker configuration. + bindings_inherit: When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the Worker. Without this, + unresolvable inherit bindings are silently dropped. + files: An array of modules (often JavaScript files) comprising a Worker script. At least one module must be present and referenced in the metadata as `main_module` or `body_part` by filename.
Possible Content-Type(s) are: @@ -125,6 +131,9 @@ def create( extra_body=extra_body, timeout=timeout, multipart_syntax="json", + query=maybe_transform( + {"bindings_inherit": bindings_inherit}, version_create_params.VersionCreateParams + ), post_parser=ResultWrapper[VersionCreateResponse]._unwrapper, ), cast_to=cast(Type[VersionCreateResponse], ResultWrapper[VersionCreateResponse]), @@ -266,6 +275,7 @@ async def create( *, account_id: str, metadata: version_create_params.Metadata, + bindings_inherit: Literal["strict"] | Omit = omit, files: SequenceNotStr[FileTypes] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -287,6 +297,10 @@ async def create( metadata: JSON-encoded metadata about the uploaded parts and Worker configuration. + bindings_inherit: When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the Worker. Without this, + unresolvable inherit bindings are silently dropped. + files: An array of modules (often JavaScript files) comprising a Worker script. At least one module must be present and referenced in the metadata as `main_module` or `body_part` by filename.
Possible Content-Type(s) are: @@ -327,6 +341,9 @@ async def create( extra_body=extra_body, timeout=timeout, multipart_syntax="json", + query=await async_maybe_transform( + {"bindings_inherit": bindings_inherit}, version_create_params.VersionCreateParams + ), post_parser=ResultWrapper[VersionCreateResponse]._unwrapper, ), cast_to=cast(Type[VersionCreateResponse], ResultWrapper[VersionCreateResponse]), diff --git a/src/cloudflare/resources/workers_for_platforms/dispatch/namespaces/scripts/scripts.py b/src/cloudflare/resources/workers_for_platforms/dispatch/namespaces/scripts/scripts.py index 04c42ec677a..268afbd1f05 100644 --- a/src/cloudflare/resources/workers_for_platforms/dispatch/namespaces/scripts/scripts.py +++ b/src/cloudflare/resources/workers_for_platforms/dispatch/namespaces/scripts/scripts.py @@ -3,6 +3,7 @@ from __future__ import annotations from typing import Type, Optional, cast +from typing_extensions import Literal import httpx @@ -134,6 +135,7 @@ def update( account_id: str, dispatch_namespace: str, metadata: script_update_params.Metadata, + bindings_inherit: Literal["strict"] | Omit = omit, files: SequenceNotStr[FileTypes] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -157,6 +159,10 @@ def update( metadata: JSON-encoded metadata about the uploaded parts and Worker configuration. + bindings_inherit: When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the script. Without this, + unresolvable inherit bindings are silently dropped. + files: An array of modules (often JavaScript files) comprising a Worker script. At least one module must be present and referenced in the metadata as `main_module` or `body_part` by filename.
Possible Content-Type(s) are: @@ -200,6 +206,7 @@ def update( extra_body=extra_body, timeout=timeout, multipart_syntax="json", + query=maybe_transform({"bindings_inherit": bindings_inherit}, script_update_params.ScriptUpdateParams), post_parser=ResultWrapper[ScriptUpdateResponse]._unwrapper, ), cast_to=cast(Type[ScriptUpdateResponse], ResultWrapper[ScriptUpdateResponse]), @@ -363,6 +370,7 @@ async def update( account_id: str, dispatch_namespace: str, metadata: script_update_params.Metadata, + bindings_inherit: Literal["strict"] | Omit = omit, files: SequenceNotStr[FileTypes] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -386,6 +394,10 @@ async def update( metadata: JSON-encoded metadata about the uploaded parts and Worker configuration. + bindings_inherit: When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the script. Without this, + unresolvable inherit bindings are silently dropped. + files: An array of modules (often JavaScript files) comprising a Worker script. At least one module must be present and referenced in the metadata as `main_module` or `body_part` by filename.
Possible Content-Type(s) are: @@ -429,6 +441,9 @@ async def update( extra_body=extra_body, timeout=timeout, multipart_syntax="json", + query=await async_maybe_transform( + {"bindings_inherit": bindings_inherit}, script_update_params.ScriptUpdateParams + ), post_parser=ResultWrapper[ScriptUpdateResponse]._unwrapper, ), cast_to=cast(Type[ScriptUpdateResponse], ResultWrapper[ScriptUpdateResponse]), diff --git a/src/cloudflare/resources/zero_trust/access/applications/applications.py b/src/cloudflare/resources/zero_trust/access/applications/applications.py index e34872af219..bf6af193bac 100644 --- a/src/cloudflare/resources/zero_trust/access/applications/applications.py +++ b/src/cloudflare/resources/zero_trust/access/applications/applications.py @@ -143,7 +143,9 @@ def create( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.SelfHostedApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.SelfHostedApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.SelfHostedApplicationPolicy] | Omit = omit, @@ -214,8 +216,16 @@ def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -375,7 +385,9 @@ def create( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.BrowserSSHApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.BrowserSSHApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.BrowserSSHApplicationPolicy] | Omit = omit, @@ -446,8 +458,16 @@ def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -539,7 +559,9 @@ def create( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.BrowserVNCApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.BrowserVNCApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.BrowserVNCApplicationPolicy] | Omit = omit, @@ -610,8 +632,16 @@ def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -1059,7 +1089,7 @@ def create( self, *, domain: str, - target_criteria: Iterable[application_create_params.BrowserRdpApplicationTargetCriterion], + target_criteria: Iterable[application_create_params.BrowserRDPApplicationTargetCriterion], type: ApplicationType, account_id: str | Omit = omit, zone_id: str | Omit = omit, @@ -1073,17 +1103,19 @@ def create( custom_deny_url: str | Omit = omit, custom_non_identity_deny_url: str | Omit = omit, custom_pages: SequenceNotStr[str] | Omit = omit, - destinations: Iterable[application_create_params.BrowserRdpApplicationDestination] | Omit = omit, + destinations: Iterable[application_create_params.BrowserRDPApplicationDestination] | Omit = omit, enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.BrowserRDPApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.BrowserRDPApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, - policies: SequenceNotStr[application_create_params.BrowserRdpApplicationPolicy] | Omit = omit, + policies: SequenceNotStr[application_create_params.BrowserRDPApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, - scim_config: application_create_params.BrowserRdpApplicationSCIMConfig | Omit = omit, + scim_config: application_create_params.BrowserRDPApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, session_duration: str | Omit = omit, @@ -1148,8 +1180,16 @@ def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -1204,6 +1244,232 @@ def create( """ ... + @overload + def create( + self, + *, + type: ApplicationType, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_create_params.McpServerApplicationDestination] | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_create_params.McpServerApplicationOAuthConfiguration | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + policies: SequenceNotStr[application_create_params.McpServerApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_create_params.McpServerApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationCreateResponse]: + """ + Adds a new application to Access. + + Args: + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + + @overload + def create( + self, + *, + type: ApplicationType, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_create_params.McpServerPortalApplicationDestination] | Omit = omit, + domain: str | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_create_params.McpServerPortalApplicationOAuthConfiguration | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + policies: SequenceNotStr[application_create_params.McpServerPortalApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_create_params.McpServerPortalApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationCreateResponse]: + """ + Adds a new application to Access. + + Args: + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + domain: The primary hostname and path secured by Access. This domain will be displayed + if the app is visible in the App Launcher. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + def create( self, *, @@ -1241,12 +1507,26 @@ def create( destinations: Iterable[application_create_params.SelfHostedApplicationDestination] | Iterable[application_create_params.BrowserSSHApplicationDestination] | Iterable[application_create_params.BrowserVNCApplicationDestination] - | Iterable[application_create_params.BrowserRdpApplicationDestination] + | Iterable[application_create_params.BrowserRDPApplicationDestination] + | Iterable[application_create_params.McpServerApplicationDestination] + | Iterable[application_create_params.McpServerPortalApplicationDestination] | Omit = omit, enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.SelfHostedApplicationMfaConfig + | application_create_params.BrowserSSHApplicationMfaConfig + | application_create_params.BrowserVNCApplicationMfaConfig + | application_create_params.BrowserRDPApplicationMfaConfig + | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.SelfHostedApplicationOAuthConfiguration + | application_create_params.BrowserSSHApplicationOAuthConfiguration + | application_create_params.BrowserVNCApplicationOAuthConfiguration + | application_create_params.BrowserRDPApplicationOAuthConfiguration + | application_create_params.McpServerApplicationOAuthConfiguration + | application_create_params.McpServerPortalApplicationOAuthConfiguration + | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.SelfHostedApplicationPolicy] @@ -1259,7 +1539,9 @@ def create( | SequenceNotStr[application_create_params.GatewayIdentityProxyEndpointApplicationPolicy] | SequenceNotStr[application_create_params.BookmarkApplicationPolicy] | Iterable[application_create_params.InfrastructureApplicationPolicy] - | SequenceNotStr[application_create_params.BrowserRdpApplicationPolicy] + | SequenceNotStr[application_create_params.BrowserRDPApplicationPolicy] + | SequenceNotStr[application_create_params.McpServerApplicationPolicy] + | SequenceNotStr[application_create_params.McpServerPortalApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, @@ -1267,7 +1549,9 @@ def create( | application_create_params.SaaSApplicationSCIMConfig | application_create_params.BrowserSSHApplicationSCIMConfig | application_create_params.BrowserVNCApplicationSCIMConfig - | application_create_params.BrowserRdpApplicationSCIMConfig + | application_create_params.BrowserRDPApplicationSCIMConfig + | application_create_params.McpServerApplicationSCIMConfig + | application_create_params.McpServerPortalApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, @@ -1283,7 +1567,7 @@ def create( landing_page_design: application_create_params.AppLauncherApplicationLandingPageDesign | Omit = omit, skip_app_launcher_login_page: bool | Omit = omit, target_criteria: Iterable[application_create_params.InfrastructureApplicationTargetCriterion] - | Iterable[application_create_params.BrowserRdpApplicationTargetCriterion] + | Iterable[application_create_params.BrowserRDPApplicationTargetCriterion] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -1326,7 +1610,9 @@ def create( "enable_binding_cookie": enable_binding_cookie, "http_only_cookie_attribute": http_only_cookie_attribute, "logo_url": logo_url, + "mfa_config": mfa_config, "name": name, + "oauth_configuration": oauth_configuration, "options_preflight_bypass": options_preflight_bypass, "path_cookie_attribute": path_cookie_attribute, "policies": policies, @@ -1386,7 +1672,9 @@ def update( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.SelfHostedApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.SelfHostedApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.SelfHostedApplicationPolicy] | Omit = omit, @@ -1459,8 +1747,16 @@ def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -1624,7 +1920,9 @@ def update( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.BrowserSSHApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.BrowserSSHApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.BrowserSSHApplicationPolicy] | Omit = omit, @@ -1697,8 +1995,16 @@ def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -1791,7 +2097,9 @@ def update( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.BrowserVNCApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.BrowserVNCApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.BrowserVNCApplicationPolicy] | Omit = omit, @@ -1864,8 +2172,16 @@ def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -2332,7 +2648,7 @@ def update( app_id: AppID, *, domain: str, - target_criteria: Iterable[application_update_params.BrowserRdpApplicationTargetCriterion], + target_criteria: Iterable[application_update_params.BrowserRDPApplicationTargetCriterion], type: ApplicationType, account_id: str | Omit = omit, zone_id: str | Omit = omit, @@ -2346,17 +2662,19 @@ def update( custom_deny_url: str | Omit = omit, custom_non_identity_deny_url: str | Omit = omit, custom_pages: SequenceNotStr[str] | Omit = omit, - destinations: Iterable[application_update_params.BrowserRdpApplicationDestination] | Omit = omit, + destinations: Iterable[application_update_params.BrowserRDPApplicationDestination] | Omit = omit, enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.BrowserRDPApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.BrowserRDPApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, - policies: SequenceNotStr[application_update_params.BrowserRdpApplicationPolicy] | Omit = omit, + policies: SequenceNotStr[application_update_params.BrowserRDPApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, - scim_config: application_update_params.BrowserRdpApplicationSCIMConfig | Omit = omit, + scim_config: application_update_params.BrowserRDPApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, session_duration: str | Omit = omit, @@ -2423,8 +2741,16 @@ def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -2479,52 +2805,298 @@ def update( """ ... + @overload def update( self, app_id: AppID, *, - domain: str | Omit = omit, - type: ApplicationType - | Literal[ - "self_hosted", - "saas", - "ssh", - "vnc", - "app_launcher", - "warp", - "biso", - "bookmark", - "dash_sso", - "infrastructure", - "rdp", - "mcp", - "mcp_portal", - "proxy_endpoint", - ] - | Omit = omit, + type: ApplicationType, account_id: str | Omit = omit, zone_id: str | Omit = omit, allow_authenticate_via_warp: bool | Omit = omit, - allow_iframe: bool | Omit = omit, allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, - app_launcher_visible: bool | Omit = omit, auto_redirect_to_identity: bool | Omit = omit, - cors_headers: CORSHeadersParam | Omit = omit, custom_deny_message: str | Omit = omit, custom_deny_url: str | Omit = omit, custom_non_identity_deny_url: str | Omit = omit, custom_pages: SequenceNotStr[str] | Omit = omit, - destinations: Iterable[application_update_params.SelfHostedApplicationDestination] - | Iterable[application_update_params.BrowserSSHApplicationDestination] - | Iterable[application_update_params.BrowserVNCApplicationDestination] - | Iterable[application_update_params.BrowserRdpApplicationDestination] - | Omit = omit, - enable_binding_cookie: bool | Omit = omit, + destinations: Iterable[application_update_params.McpServerApplicationDestination] | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.McpServerApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, - path_cookie_attribute: bool | Omit = omit, + policies: SequenceNotStr[application_update_params.McpServerApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_update_params.McpServerApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationUpdateResponse]: + """ + Updates an Access application. + + Args: + app_id: Identifier. + + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + + @overload + def update( + self, + app_id: AppID, + *, + type: ApplicationType, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_update_params.McpServerPortalApplicationDestination] | Omit = omit, + domain: str | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_update_params.McpServerPortalApplicationOAuthConfiguration | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + policies: SequenceNotStr[application_update_params.McpServerPortalApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_update_params.McpServerPortalApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationUpdateResponse]: + """ + Updates an Access application. + + Args: + app_id: Identifier. + + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + domain: The primary hostname and path secured by Access. This domain will be displayed + if the app is visible in the App Launcher. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + + def update( + self, + app_id: AppID, + *, + domain: str | Omit = omit, + type: ApplicationType + | Literal[ + "self_hosted", + "saas", + "ssh", + "vnc", + "app_launcher", + "warp", + "biso", + "bookmark", + "dash_sso", + "infrastructure", + "rdp", + "mcp", + "mcp_portal", + "proxy_endpoint", + ] + | Omit = omit, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allow_iframe: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + app_launcher_visible: bool | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + cors_headers: CORSHeadersParam | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_update_params.SelfHostedApplicationDestination] + | Iterable[application_update_params.BrowserSSHApplicationDestination] + | Iterable[application_update_params.BrowserVNCApplicationDestination] + | Iterable[application_update_params.BrowserRDPApplicationDestination] + | Iterable[application_update_params.McpServerApplicationDestination] + | Iterable[application_update_params.McpServerPortalApplicationDestination] + | Omit = omit, + enable_binding_cookie: bool | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + mfa_config: application_update_params.SelfHostedApplicationMfaConfig + | application_update_params.BrowserSSHApplicationMfaConfig + | application_update_params.BrowserVNCApplicationMfaConfig + | application_update_params.BrowserRDPApplicationMfaConfig + | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_update_params.SelfHostedApplicationOAuthConfiguration + | application_update_params.BrowserSSHApplicationOAuthConfiguration + | application_update_params.BrowserVNCApplicationOAuthConfiguration + | application_update_params.BrowserRDPApplicationOAuthConfiguration + | application_update_params.McpServerApplicationOAuthConfiguration + | application_update_params.McpServerPortalApplicationOAuthConfiguration + | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.SelfHostedApplicationPolicy] | SequenceNotStr[application_update_params.SaaSApplicationPolicy] | SequenceNotStr[application_update_params.BrowserSSHApplicationPolicy] @@ -2535,7 +3107,9 @@ def update( | SequenceNotStr[application_update_params.GatewayIdentityProxyEndpointApplicationPolicy] | SequenceNotStr[application_update_params.BookmarkApplicationPolicy] | Iterable[application_update_params.InfrastructureApplicationPolicy] - | SequenceNotStr[application_update_params.BrowserRdpApplicationPolicy] + | SequenceNotStr[application_update_params.BrowserRDPApplicationPolicy] + | SequenceNotStr[application_update_params.McpServerApplicationPolicy] + | SequenceNotStr[application_update_params.McpServerPortalApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, @@ -2543,7 +3117,9 @@ def update( | application_update_params.SaaSApplicationSCIMConfig | application_update_params.BrowserSSHApplicationSCIMConfig | application_update_params.BrowserVNCApplicationSCIMConfig - | application_update_params.BrowserRdpApplicationSCIMConfig + | application_update_params.BrowserRDPApplicationSCIMConfig + | application_update_params.McpServerApplicationSCIMConfig + | application_update_params.McpServerPortalApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, @@ -2559,7 +3135,7 @@ def update( landing_page_design: application_update_params.AppLauncherApplicationLandingPageDesign | Omit = omit, skip_app_launcher_login_page: bool | Omit = omit, target_criteria: Iterable[application_update_params.InfrastructureApplicationTargetCriterion] - | Iterable[application_update_params.BrowserRdpApplicationTargetCriterion] + | Iterable[application_update_params.BrowserRDPApplicationTargetCriterion] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -2604,7 +3180,9 @@ def update( "enable_binding_cookie": enable_binding_cookie, "http_only_cookie_attribute": http_only_cookie_attribute, "logo_url": logo_url, + "mfa_config": mfa_config, "name": name, + "oauth_configuration": oauth_configuration, "options_preflight_bypass": options_preflight_bypass, "path_cookie_attribute": path_cookie_attribute, "policies": policies, @@ -2969,7 +3547,9 @@ async def create( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.SelfHostedApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.SelfHostedApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.SelfHostedApplicationPolicy] | Omit = omit, @@ -3040,8 +3620,16 @@ async def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -3201,7 +3789,9 @@ async def create( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.BrowserSSHApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.BrowserSSHApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.BrowserSSHApplicationPolicy] | Omit = omit, @@ -3272,8 +3862,16 @@ async def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -3365,7 +3963,9 @@ async def create( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.BrowserVNCApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.BrowserVNCApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.BrowserVNCApplicationPolicy] | Omit = omit, @@ -3436,8 +4036,16 @@ async def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -3885,7 +4493,7 @@ async def create( self, *, domain: str, - target_criteria: Iterable[application_create_params.BrowserRdpApplicationTargetCriterion], + target_criteria: Iterable[application_create_params.BrowserRDPApplicationTargetCriterion], type: ApplicationType, account_id: str | Omit = omit, zone_id: str | Omit = omit, @@ -3899,17 +4507,19 @@ async def create( custom_deny_url: str | Omit = omit, custom_non_identity_deny_url: str | Omit = omit, custom_pages: SequenceNotStr[str] | Omit = omit, - destinations: Iterable[application_create_params.BrowserRdpApplicationDestination] | Omit = omit, + destinations: Iterable[application_create_params.BrowserRDPApplicationDestination] | Omit = omit, enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.BrowserRDPApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.BrowserRDPApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, - policies: SequenceNotStr[application_create_params.BrowserRdpApplicationPolicy] | Omit = omit, + policies: SequenceNotStr[application_create_params.BrowserRDPApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, - scim_config: application_create_params.BrowserRdpApplicationSCIMConfig | Omit = omit, + scim_config: application_create_params.BrowserRDPApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, session_duration: str | Omit = omit, @@ -3974,8 +4584,16 @@ async def create( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -4030,14 +4648,240 @@ async def create( """ ... + @overload async def create( self, *, - domain: str | Omit = omit, - type: ApplicationType - | Literal[ - "self_hosted", - "saas", + type: ApplicationType, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_create_params.McpServerApplicationDestination] | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_create_params.McpServerApplicationOAuthConfiguration | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + policies: SequenceNotStr[application_create_params.McpServerApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_create_params.McpServerApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationCreateResponse]: + """ + Adds a new application to Access. + + Args: + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + + @overload + async def create( + self, + *, + type: ApplicationType, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_create_params.McpServerPortalApplicationDestination] | Omit = omit, + domain: str | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_create_params.McpServerPortalApplicationOAuthConfiguration | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + policies: SequenceNotStr[application_create_params.McpServerPortalApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_create_params.McpServerPortalApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationCreateResponse]: + """ + Adds a new application to Access. + + Args: + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + domain: The primary hostname and path secured by Access. This domain will be displayed + if the app is visible in the App Launcher. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + + async def create( + self, + *, + domain: str | Omit = omit, + type: ApplicationType + | Literal[ + "self_hosted", + "saas", "ssh", "vnc", "app_launcher", @@ -4067,12 +4911,26 @@ async def create( destinations: Iterable[application_create_params.SelfHostedApplicationDestination] | Iterable[application_create_params.BrowserSSHApplicationDestination] | Iterable[application_create_params.BrowserVNCApplicationDestination] - | Iterable[application_create_params.BrowserRdpApplicationDestination] + | Iterable[application_create_params.BrowserRDPApplicationDestination] + | Iterable[application_create_params.McpServerApplicationDestination] + | Iterable[application_create_params.McpServerPortalApplicationDestination] | Omit = omit, enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_create_params.SelfHostedApplicationMfaConfig + | application_create_params.BrowserSSHApplicationMfaConfig + | application_create_params.BrowserVNCApplicationMfaConfig + | application_create_params.BrowserRDPApplicationMfaConfig + | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_create_params.SelfHostedApplicationOAuthConfiguration + | application_create_params.BrowserSSHApplicationOAuthConfiguration + | application_create_params.BrowserVNCApplicationOAuthConfiguration + | application_create_params.BrowserRDPApplicationOAuthConfiguration + | application_create_params.McpServerApplicationOAuthConfiguration + | application_create_params.McpServerPortalApplicationOAuthConfiguration + | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_create_params.SelfHostedApplicationPolicy] @@ -4085,7 +4943,9 @@ async def create( | SequenceNotStr[application_create_params.GatewayIdentityProxyEndpointApplicationPolicy] | SequenceNotStr[application_create_params.BookmarkApplicationPolicy] | Iterable[application_create_params.InfrastructureApplicationPolicy] - | SequenceNotStr[application_create_params.BrowserRdpApplicationPolicy] + | SequenceNotStr[application_create_params.BrowserRDPApplicationPolicy] + | SequenceNotStr[application_create_params.McpServerApplicationPolicy] + | SequenceNotStr[application_create_params.McpServerPortalApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, @@ -4093,7 +4953,9 @@ async def create( | application_create_params.SaaSApplicationSCIMConfig | application_create_params.BrowserSSHApplicationSCIMConfig | application_create_params.BrowserVNCApplicationSCIMConfig - | application_create_params.BrowserRdpApplicationSCIMConfig + | application_create_params.BrowserRDPApplicationSCIMConfig + | application_create_params.McpServerApplicationSCIMConfig + | application_create_params.McpServerPortalApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, @@ -4109,7 +4971,7 @@ async def create( landing_page_design: application_create_params.AppLauncherApplicationLandingPageDesign | Omit = omit, skip_app_launcher_login_page: bool | Omit = omit, target_criteria: Iterable[application_create_params.InfrastructureApplicationTargetCriterion] - | Iterable[application_create_params.BrowserRdpApplicationTargetCriterion] + | Iterable[application_create_params.BrowserRDPApplicationTargetCriterion] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -4152,7 +5014,9 @@ async def create( "enable_binding_cookie": enable_binding_cookie, "http_only_cookie_attribute": http_only_cookie_attribute, "logo_url": logo_url, + "mfa_config": mfa_config, "name": name, + "oauth_configuration": oauth_configuration, "options_preflight_bypass": options_preflight_bypass, "path_cookie_attribute": path_cookie_attribute, "policies": policies, @@ -4212,7 +5076,9 @@ async def update( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.SelfHostedApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.SelfHostedApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.SelfHostedApplicationPolicy] | Omit = omit, @@ -4285,8 +5151,16 @@ async def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -4450,7 +5324,9 @@ async def update( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.BrowserSSHApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.BrowserSSHApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.BrowserSSHApplicationPolicy] | Omit = omit, @@ -4523,8 +5399,16 @@ async def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -4617,7 +5501,9 @@ async def update( enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.BrowserVNCApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.BrowserVNCApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.BrowserVNCApplicationPolicy] | Omit = omit, @@ -4690,8 +5576,16 @@ async def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -5158,7 +6052,7 @@ async def update( app_id: AppID, *, domain: str, - target_criteria: Iterable[application_update_params.BrowserRdpApplicationTargetCriterion], + target_criteria: Iterable[application_update_params.BrowserRDPApplicationTargetCriterion], type: ApplicationType, account_id: str | Omit = omit, zone_id: str | Omit = omit, @@ -5172,17 +6066,19 @@ async def update( custom_deny_url: str | Omit = omit, custom_non_identity_deny_url: str | Omit = omit, custom_pages: SequenceNotStr[str] | Omit = omit, - destinations: Iterable[application_update_params.BrowserRdpApplicationDestination] | Omit = omit, + destinations: Iterable[application_update_params.BrowserRDPApplicationDestination] | Omit = omit, enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.BrowserRDPApplicationMfaConfig | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.BrowserRDPApplicationOAuthConfiguration | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, - policies: SequenceNotStr[application_update_params.BrowserRdpApplicationPolicy] | Omit = omit, + policies: SequenceNotStr[application_update_params.BrowserRDPApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, - scim_config: application_update_params.BrowserRdpApplicationSCIMConfig | Omit = omit, + scim_config: application_update_params.BrowserRDPApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, session_duration: str | Omit = omit, @@ -5249,8 +6145,16 @@ async def update( logo_url: The image URL for the logo shown in the App Launcher dashboard. + mfa_config: Configures multi-factor authentication (MFA) settings. + name: The name of the application. + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go directly to the origin. Cannot turn on if cors_headers is set. @@ -5305,6 +6209,238 @@ async def update( """ ... + @overload + async def update( + self, + app_id: AppID, + *, + type: ApplicationType, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_update_params.McpServerApplicationDestination] | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_update_params.McpServerApplicationOAuthConfiguration | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + policies: SequenceNotStr[application_update_params.McpServerApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_update_params.McpServerApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationUpdateResponse]: + """ + Updates an Access application. + + Args: + app_id: Identifier. + + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + + @overload + async def update( + self, + app_id: AppID, + *, + type: ApplicationType, + account_id: str | Omit = omit, + zone_id: str | Omit = omit, + allow_authenticate_via_warp: bool | Omit = omit, + allowed_idps: SequenceNotStr[AllowedIdPs] | Omit = omit, + auto_redirect_to_identity: bool | Omit = omit, + custom_deny_message: str | Omit = omit, + custom_deny_url: str | Omit = omit, + custom_non_identity_deny_url: str | Omit = omit, + custom_pages: SequenceNotStr[str] | Omit = omit, + destinations: Iterable[application_update_params.McpServerPortalApplicationDestination] | Omit = omit, + domain: str | Omit = omit, + http_only_cookie_attribute: bool | Omit = omit, + logo_url: str | Omit = omit, + name: str | Omit = omit, + oauth_configuration: application_update_params.McpServerPortalApplicationOAuthConfiguration | Omit = omit, + options_preflight_bypass: bool | Omit = omit, + policies: SequenceNotStr[application_update_params.McpServerPortalApplicationPolicy] | Omit = omit, + same_site_cookie_attribute: str | Omit = omit, + scim_config: application_update_params.McpServerPortalApplicationSCIMConfig | Omit = omit, + session_duration: str | Omit = omit, + tags: SequenceNotStr[str] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[ApplicationUpdateResponse]: + """ + Updates an Access application. + + Args: + app_id: Identifier. + + type: The application type. + + account_id: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID. + + zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID. + + allow_authenticate_via_warp: When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + + allowed_idps: The identity providers your users can select when connecting to this + application. Defaults to all IdPs configured in your account. + + auto_redirect_to_identity: When set to `true`, users skip the identity provider selection step during + login. You must specify only one identity provider in allowed_idps. + + custom_deny_message: The custom error message shown to a user when they are denied access to the + application. + + custom_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + + custom_non_identity_deny_url: The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + + custom_pages: The custom pages that will be displayed when applicable for this application + + destinations: List of destinations secured by Access. This supersedes `self_hosted_domains` to + allow for more flexibility in defining different types of domains. If + `destinations` are provided, then `self_hosted_domains` will be ignored. + + domain: The primary hostname and path secured by Access. This domain will be displayed + if the app is visible in the App Launcher. + + http_only_cookie_attribute: Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + + logo_url: The image URL for the logo shown in the App Launcher dashboard. + + name: The name of the application. + + oauth_configuration: **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + + options_preflight_bypass: Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + + policies: The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + + same_site_cookie_attribute: Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + + scim_config: Configuration for provisioning to this application via SCIM. This is currently + in closed beta. + + session_duration: The amount of time that tokens issued for this application will be valid. Must + be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, + s, m, h. Note: unsupported for infrastructure type applications. + + tags: The tags you want assigned to an application. Tags are used to filter + applications in the App Launcher dashboard. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + ... + async def update( self, app_id: AppID, @@ -5343,12 +6479,26 @@ async def update( destinations: Iterable[application_update_params.SelfHostedApplicationDestination] | Iterable[application_update_params.BrowserSSHApplicationDestination] | Iterable[application_update_params.BrowserVNCApplicationDestination] - | Iterable[application_update_params.BrowserRdpApplicationDestination] + | Iterable[application_update_params.BrowserRDPApplicationDestination] + | Iterable[application_update_params.McpServerApplicationDestination] + | Iterable[application_update_params.McpServerPortalApplicationDestination] | Omit = omit, enable_binding_cookie: bool | Omit = omit, http_only_cookie_attribute: bool | Omit = omit, logo_url: str | Omit = omit, + mfa_config: application_update_params.SelfHostedApplicationMfaConfig + | application_update_params.BrowserSSHApplicationMfaConfig + | application_update_params.BrowserVNCApplicationMfaConfig + | application_update_params.BrowserRDPApplicationMfaConfig + | Omit = omit, name: str | Omit = omit, + oauth_configuration: application_update_params.SelfHostedApplicationOAuthConfiguration + | application_update_params.BrowserSSHApplicationOAuthConfiguration + | application_update_params.BrowserVNCApplicationOAuthConfiguration + | application_update_params.BrowserRDPApplicationOAuthConfiguration + | application_update_params.McpServerApplicationOAuthConfiguration + | application_update_params.McpServerPortalApplicationOAuthConfiguration + | Omit = omit, options_preflight_bypass: bool | Omit = omit, path_cookie_attribute: bool | Omit = omit, policies: SequenceNotStr[application_update_params.SelfHostedApplicationPolicy] @@ -5361,7 +6511,9 @@ async def update( | SequenceNotStr[application_update_params.GatewayIdentityProxyEndpointApplicationPolicy] | SequenceNotStr[application_update_params.BookmarkApplicationPolicy] | Iterable[application_update_params.InfrastructureApplicationPolicy] - | SequenceNotStr[application_update_params.BrowserRdpApplicationPolicy] + | SequenceNotStr[application_update_params.BrowserRDPApplicationPolicy] + | SequenceNotStr[application_update_params.McpServerApplicationPolicy] + | SequenceNotStr[application_update_params.McpServerPortalApplicationPolicy] | Omit = omit, read_service_tokens_from_header: str | Omit = omit, same_site_cookie_attribute: str | Omit = omit, @@ -5369,7 +6521,9 @@ async def update( | application_update_params.SaaSApplicationSCIMConfig | application_update_params.BrowserSSHApplicationSCIMConfig | application_update_params.BrowserVNCApplicationSCIMConfig - | application_update_params.BrowserRdpApplicationSCIMConfig + | application_update_params.BrowserRDPApplicationSCIMConfig + | application_update_params.McpServerApplicationSCIMConfig + | application_update_params.McpServerPortalApplicationSCIMConfig | Omit = omit, self_hosted_domains: SequenceNotStr[SelfHostedDomains] | Omit = omit, service_auth_401_redirect: bool | Omit = omit, @@ -5385,7 +6539,7 @@ async def update( landing_page_design: application_update_params.AppLauncherApplicationLandingPageDesign | Omit = omit, skip_app_launcher_login_page: bool | Omit = omit, target_criteria: Iterable[application_update_params.InfrastructureApplicationTargetCriterion] - | Iterable[application_update_params.BrowserRdpApplicationTargetCriterion] + | Iterable[application_update_params.BrowserRDPApplicationTargetCriterion] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -5430,7 +6584,9 @@ async def update( "enable_binding_cookie": enable_binding_cookie, "http_only_cookie_attribute": http_only_cookie_attribute, "logo_url": logo_url, + "mfa_config": mfa_config, "name": name, + "oauth_configuration": oauth_configuration, "options_preflight_bypass": options_preflight_bypass, "path_cookie_attribute": path_cookie_attribute, "policies": policies, diff --git a/src/cloudflare/resources/zero_trust/access/applications/policies.py b/src/cloudflare/resources/zero_trust/access/applications/policies.py index 3d403b9ca6c..8d7dc0d9675 100644 --- a/src/cloudflare/resources/zero_trust/access/applications/policies.py +++ b/src/cloudflare/resources/zero_trust/access/applications/policies.py @@ -58,7 +58,9 @@ def create( zone_id: str | Omit = omit, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_create_params.ConnectionRules | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_create_params.MfaConfig | Omit = omit, precedence: int | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, @@ -88,10 +90,15 @@ def create( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + isolation_required: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + precedence: The order of execution for this policy. Must be unique for each policy within an app. @@ -131,7 +138,9 @@ def create( { "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "isolation_required": isolation_required, + "mfa_config": mfa_config, "precedence": precedence, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, @@ -158,7 +167,9 @@ def update( zone_id: str | Omit = omit, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_update_params.ConnectionRules | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_update_params.MfaConfig | Omit = omit, precedence: int | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, @@ -189,10 +200,15 @@ def update( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + isolation_required: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + precedence: The order of execution for this policy. Must be unique for each policy within an app. @@ -234,7 +250,9 @@ def update( { "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "isolation_required": isolation_required, + "mfa_config": mfa_config, "precedence": precedence, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, @@ -481,7 +499,9 @@ async def create( zone_id: str | Omit = omit, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_create_params.ConnectionRules | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_create_params.MfaConfig | Omit = omit, precedence: int | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, @@ -511,10 +531,15 @@ async def create( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + isolation_required: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + precedence: The order of execution for this policy. Must be unique for each policy within an app. @@ -554,7 +579,9 @@ async def create( { "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "isolation_required": isolation_required, + "mfa_config": mfa_config, "precedence": precedence, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, @@ -581,7 +608,9 @@ async def update( zone_id: str | Omit = omit, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_update_params.ConnectionRules | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_update_params.MfaConfig | Omit = omit, precedence: int | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, @@ -612,10 +641,15 @@ async def update( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + isolation_required: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + precedence: The order of execution for this policy. Must be unique for each policy within an app. @@ -657,7 +691,9 @@ async def update( { "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "isolation_required": isolation_required, + "mfa_config": mfa_config, "precedence": precedence, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, diff --git a/src/cloudflare/resources/zero_trust/access/policies.py b/src/cloudflare/resources/zero_trust/access/policies.py index 8e80d9f3b1d..691667fd3bc 100644 --- a/src/cloudflare/resources/zero_trust/access/policies.py +++ b/src/cloudflare/resources/zero_trust/access/policies.py @@ -61,8 +61,10 @@ def create( name: str, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_create_params.ConnectionRules | Omit = omit, exclude: Iterable[AccessRuleParam] | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_create_params.MfaConfig | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, require: Iterable[AccessRuleParam] | Omit = omit, @@ -93,6 +95,9 @@ def create( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + exclude: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules. @@ -100,6 +105,8 @@ def create( this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + purpose_justification_prompt: A custom message that will appear on the purpose justification screen. purpose_justification_required: Require users to enter a justification when they log in to the application. @@ -130,8 +137,10 @@ def create( "name": name, "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "exclude": exclude, "isolation_required": isolation_required, + "mfa_config": mfa_config, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, "require": require, @@ -159,8 +168,10 @@ def update( name: str, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_update_params.ConnectionRules | Omit = omit, exclude: Iterable[AccessRuleParam] | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_update_params.MfaConfig | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, require: Iterable[AccessRuleParam] | Omit = omit, @@ -193,6 +204,9 @@ def update( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + exclude: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules. @@ -200,6 +214,8 @@ def update( this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + purpose_justification_prompt: A custom message that will appear on the purpose justification screen. purpose_justification_required: Require users to enter a justification when they log in to the application. @@ -232,8 +248,10 @@ def update( "name": name, "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "exclude": exclude, "isolation_required": isolation_required, + "mfa_config": mfa_config, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, "require": require, @@ -421,8 +439,10 @@ async def create( name: str, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_create_params.ConnectionRules | Omit = omit, exclude: Iterable[AccessRuleParam] | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_create_params.MfaConfig | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, require: Iterable[AccessRuleParam] | Omit = omit, @@ -453,6 +473,9 @@ async def create( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + exclude: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules. @@ -460,6 +483,8 @@ async def create( this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + purpose_justification_prompt: A custom message that will appear on the purpose justification screen. purpose_justification_required: Require users to enter a justification when they log in to the application. @@ -490,8 +515,10 @@ async def create( "name": name, "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "exclude": exclude, "isolation_required": isolation_required, + "mfa_config": mfa_config, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, "require": require, @@ -519,8 +546,10 @@ async def update( name: str, approval_groups: Iterable[ApprovalGroupParam] | Omit = omit, approval_required: bool | Omit = omit, + connection_rules: policy_update_params.ConnectionRules | Omit = omit, exclude: Iterable[AccessRuleParam] | Omit = omit, isolation_required: bool | Omit = omit, + mfa_config: policy_update_params.MfaConfig | Omit = omit, purpose_justification_prompt: str | Omit = omit, purpose_justification_required: bool | Omit = omit, require: Iterable[AccessRuleParam] | Omit = omit, @@ -553,6 +582,9 @@ async def update( approval_required: Requires the user to request access from an administrator at the start of each session. + connection_rules: The rules that define how users may connect to targets secured by your + application. + exclude: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules. @@ -560,6 +592,8 @@ async def update( this policy. 'Client Web Isolation' must be on for the account in order to use this feature. + mfa_config: Configures multi-factor authentication (MFA) settings. + purpose_justification_prompt: A custom message that will appear on the purpose justification screen. purpose_justification_required: Require users to enter a justification when they log in to the application. @@ -592,8 +626,10 @@ async def update( "name": name, "approval_groups": approval_groups, "approval_required": approval_required, + "connection_rules": connection_rules, "exclude": exclude, "isolation_required": isolation_required, + "mfa_config": mfa_config, "purpose_justification_prompt": purpose_justification_prompt, "purpose_justification_required": purpose_justification_required, "require": require, diff --git a/src/cloudflare/resources/zero_trust/access/users/users.py b/src/cloudflare/resources/zero_trust/access/users/users.py index 515fed442eb..2a0b9cc6a98 100644 --- a/src/cloudflare/resources/zero_trust/access/users/users.py +++ b/src/cloudflare/resources/zero_trust/access/users/users.py @@ -2,10 +2,12 @@ from __future__ import annotations +from typing import Type, Optional, cast + import httpx from ....._types import Body, Omit, Query, Headers, NotGiven, omit, not_given -from ....._utils import maybe_transform +from ....._utils import maybe_transform, async_maybe_transform from ....._compat import cached_property from ....._resource import SyncAPIResource, AsyncAPIResource from ....._response import ( @@ -14,6 +16,7 @@ async_to_raw_response_wrapper, async_to_streamed_response_wrapper, ) +from ....._wrappers import ResultWrapper from .failed_logins import ( FailedLoginsResource, AsyncFailedLoginsResource, @@ -40,8 +43,11 @@ LastSeenIdentityResourceWithStreamingResponse, AsyncLastSeenIdentityResourceWithStreamingResponse, ) -from .....types.zero_trust.access import user_list_params +from .....types.zero_trust.access import user_list_params, user_create_params, user_update_params +from .....types.zero_trust.access.user_get_response import UserGetResponse from .....types.zero_trust.access.user_list_response import UserListResponse +from .....types.zero_trust.access.user_create_response import UserCreateResponse +from .....types.zero_trust.access.user_update_response import UserUpdateResponse __all__ = ["UsersResource", "AsyncUsersResource"] @@ -78,6 +84,117 @@ def with_streaming_response(self) -> UsersResourceWithStreamingResponse: """ return UsersResourceWithStreamingResponse(self) + def create( + self, + *, + account_id: str, + email: str, + name: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[UserCreateResponse]: + """ + Creates a new user. + + Args: + account_id: Identifier. + + email: The email of the user. + + name: The name of the user. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._post( + f"/accounts/{account_id}/access/users", + body=maybe_transform( + { + "email": email, + "name": name, + }, + user_create_params.UserCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[UserCreateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[UserCreateResponse]], ResultWrapper[UserCreateResponse]), + ) + + def update( + self, + user_id: str, + *, + account_id: str, + email: str, + name: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[UserUpdateResponse]: + """Updates a specific user's name for an account. + + Requires the user's current email + as confirmation (email cannot be changed). + + Args: + account_id: Identifier. + + user_id: UUID. + + email: The email of the user. + + name: The name of the user. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not user_id: + raise ValueError(f"Expected a non-empty value for `user_id` but received {user_id!r}") + return self._put( + f"/accounts/{account_id}/access/users/{user_id}", + body=maybe_transform( + { + "email": email, + "name": name, + }, + user_update_params.UserUpdateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[UserUpdateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[UserUpdateResponse]], ResultWrapper[UserUpdateResponse]), + ) + def list( self, *, @@ -142,6 +259,96 @@ def list( model=UserListResponse, ) + def delete( + self, + user_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> object: + """Deletes a specific user for an account. + + This will also revoke any active seats + and tokens for the user. + + Args: + account_id: Identifier. + + user_id: UUID. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not user_id: + raise ValueError(f"Expected a non-empty value for `user_id` but received {user_id!r}") + return self._delete( + f"/accounts/{account_id}/access/users/{user_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[object]]._unwrapper, + ), + cast_to=cast(Type[object], ResultWrapper[object]), + ) + + def get( + self, + user_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[UserGetResponse]: + """ + Gets a specific user for an account. + + Args: + account_id: Identifier. + + user_id: UUID. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not user_id: + raise ValueError(f"Expected a non-empty value for `user_id` but received {user_id!r}") + return self._get( + f"/accounts/{account_id}/access/users/{user_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[UserGetResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[UserGetResponse]], ResultWrapper[UserGetResponse]), + ) + class AsyncUsersResource(AsyncAPIResource): @cached_property @@ -175,6 +382,117 @@ def with_streaming_response(self) -> AsyncUsersResourceWithStreamingResponse: """ return AsyncUsersResourceWithStreamingResponse(self) + async def create( + self, + *, + account_id: str, + email: str, + name: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[UserCreateResponse]: + """ + Creates a new user. + + Args: + account_id: Identifier. + + email: The email of the user. + + name: The name of the user. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return await self._post( + f"/accounts/{account_id}/access/users", + body=await async_maybe_transform( + { + "email": email, + "name": name, + }, + user_create_params.UserCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[UserCreateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[UserCreateResponse]], ResultWrapper[UserCreateResponse]), + ) + + async def update( + self, + user_id: str, + *, + account_id: str, + email: str, + name: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[UserUpdateResponse]: + """Updates a specific user's name for an account. + + Requires the user's current email + as confirmation (email cannot be changed). + + Args: + account_id: Identifier. + + user_id: UUID. + + email: The email of the user. + + name: The name of the user. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not user_id: + raise ValueError(f"Expected a non-empty value for `user_id` but received {user_id!r}") + return await self._put( + f"/accounts/{account_id}/access/users/{user_id}", + body=await async_maybe_transform( + { + "email": email, + "name": name, + }, + user_update_params.UserUpdateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[UserUpdateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[UserUpdateResponse]], ResultWrapper[UserUpdateResponse]), + ) + def list( self, *, @@ -239,14 +557,116 @@ def list( model=UserListResponse, ) + async def delete( + self, + user_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> object: + """Deletes a specific user for an account. + + This will also revoke any active seats + and tokens for the user. + + Args: + account_id: Identifier. + + user_id: UUID. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not user_id: + raise ValueError(f"Expected a non-empty value for `user_id` but received {user_id!r}") + return await self._delete( + f"/accounts/{account_id}/access/users/{user_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[object]]._unwrapper, + ), + cast_to=cast(Type[object], ResultWrapper[object]), + ) + + async def get( + self, + user_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[UserGetResponse]: + """ + Gets a specific user for an account. + + Args: + account_id: Identifier. + + user_id: UUID. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not user_id: + raise ValueError(f"Expected a non-empty value for `user_id` but received {user_id!r}") + return await self._get( + f"/accounts/{account_id}/access/users/{user_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[UserGetResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[UserGetResponse]], ResultWrapper[UserGetResponse]), + ) + class UsersResourceWithRawResponse: def __init__(self, users: UsersResource) -> None: self._users = users + self.create = to_raw_response_wrapper( + users.create, + ) + self.update = to_raw_response_wrapper( + users.update, + ) self.list = to_raw_response_wrapper( users.list, ) + self.delete = to_raw_response_wrapper( + users.delete, + ) + self.get = to_raw_response_wrapper( + users.get, + ) @cached_property def active_sessions(self) -> ActiveSessionsResourceWithRawResponse: @@ -265,9 +685,21 @@ class AsyncUsersResourceWithRawResponse: def __init__(self, users: AsyncUsersResource) -> None: self._users = users + self.create = async_to_raw_response_wrapper( + users.create, + ) + self.update = async_to_raw_response_wrapper( + users.update, + ) self.list = async_to_raw_response_wrapper( users.list, ) + self.delete = async_to_raw_response_wrapper( + users.delete, + ) + self.get = async_to_raw_response_wrapper( + users.get, + ) @cached_property def active_sessions(self) -> AsyncActiveSessionsResourceWithRawResponse: @@ -286,9 +718,21 @@ class UsersResourceWithStreamingResponse: def __init__(self, users: UsersResource) -> None: self._users = users + self.create = to_streamed_response_wrapper( + users.create, + ) + self.update = to_streamed_response_wrapper( + users.update, + ) self.list = to_streamed_response_wrapper( users.list, ) + self.delete = to_streamed_response_wrapper( + users.delete, + ) + self.get = to_streamed_response_wrapper( + users.get, + ) @cached_property def active_sessions(self) -> ActiveSessionsResourceWithStreamingResponse: @@ -307,9 +751,21 @@ class AsyncUsersResourceWithStreamingResponse: def __init__(self, users: AsyncUsersResource) -> None: self._users = users + self.create = async_to_streamed_response_wrapper( + users.create, + ) + self.update = async_to_streamed_response_wrapper( + users.update, + ) self.list = async_to_streamed_response_wrapper( users.list, ) + self.delete = async_to_streamed_response_wrapper( + users.delete, + ) + self.get = async_to_streamed_response_wrapper( + users.get, + ) @cached_property def active_sessions(self) -> AsyncActiveSessionsResourceWithStreamingResponse: diff --git a/src/cloudflare/resources/zero_trust/dex/__init__.py b/src/cloudflare/resources/zero_trust/dex/__init__.py index c088f4cb408..b4e5b64def8 100644 --- a/src/cloudflare/resources/zero_trust/dex/__init__.py +++ b/src/cloudflare/resources/zero_trust/dex/__init__.py @@ -16,6 +16,14 @@ ColosResourceWithStreamingResponse, AsyncColosResourceWithStreamingResponse, ) +from .rules import ( + RulesResource, + AsyncRulesResource, + RulesResourceWithRawResponse, + AsyncRulesResourceWithRawResponse, + RulesResourceWithStreamingResponse, + AsyncRulesResourceWithStreamingResponse, +) from .tests import ( TestsResource, AsyncTestsResource, @@ -122,6 +130,12 @@ "AsyncTracerouteTestsResourceWithRawResponse", "TracerouteTestsResourceWithStreamingResponse", "AsyncTracerouteTestsResourceWithStreamingResponse", + "RulesResource", + "AsyncRulesResource", + "RulesResourceWithRawResponse", + "AsyncRulesResourceWithRawResponse", + "RulesResourceWithStreamingResponse", + "AsyncRulesResourceWithStreamingResponse", "DEXResource", "AsyncDEXResource", "DEXResourceWithRawResponse", diff --git a/src/cloudflare/resources/zero_trust/dex/dex.py b/src/cloudflare/resources/zero_trust/dex/dex.py index ae354ec6334..82bd1271b6f 100644 --- a/src/cloudflare/resources/zero_trust/dex/dex.py +++ b/src/cloudflare/resources/zero_trust/dex/dex.py @@ -10,6 +10,14 @@ ColosResourceWithStreamingResponse, AsyncColosResourceWithStreamingResponse, ) +from .rules import ( + RulesResource, + AsyncRulesResource, + RulesResourceWithRawResponse, + AsyncRulesResourceWithRawResponse, + RulesResourceWithStreamingResponse, + AsyncRulesResourceWithStreamingResponse, +) from ...._compat import cached_property from .tests.tests import ( TestsResource, @@ -105,6 +113,10 @@ def traceroute_test_results(self) -> TracerouteTestResultsResource: def traceroute_tests(self) -> TracerouteTestsResource: return TracerouteTestsResource(self._client) + @cached_property + def rules(self) -> RulesResource: + return RulesResource(self._client) + @cached_property def with_raw_response(self) -> DEXResourceWithRawResponse: """ @@ -158,6 +170,10 @@ def traceroute_test_results(self) -> AsyncTracerouteTestResultsResource: def traceroute_tests(self) -> AsyncTracerouteTestsResource: return AsyncTracerouteTestsResource(self._client) + @cached_property + def rules(self) -> AsyncRulesResource: + return AsyncRulesResource(self._client) + @cached_property def with_raw_response(self) -> AsyncDEXResourceWithRawResponse: """ @@ -214,6 +230,10 @@ def traceroute_test_results(self) -> TracerouteTestResultsResourceWithRawRespons def traceroute_tests(self) -> TracerouteTestsResourceWithRawResponse: return TracerouteTestsResourceWithRawResponse(self._dex.traceroute_tests) + @cached_property + def rules(self) -> RulesResourceWithRawResponse: + return RulesResourceWithRawResponse(self._dex.rules) + class AsyncDEXResourceWithRawResponse: def __init__(self, dex: AsyncDEXResource) -> None: @@ -251,6 +271,10 @@ def traceroute_test_results(self) -> AsyncTracerouteTestResultsResourceWithRawRe def traceroute_tests(self) -> AsyncTracerouteTestsResourceWithRawResponse: return AsyncTracerouteTestsResourceWithRawResponse(self._dex.traceroute_tests) + @cached_property + def rules(self) -> AsyncRulesResourceWithRawResponse: + return AsyncRulesResourceWithRawResponse(self._dex.rules) + class DEXResourceWithStreamingResponse: def __init__(self, dex: DEXResource) -> None: @@ -288,6 +312,10 @@ def traceroute_test_results(self) -> TracerouteTestResultsResourceWithStreamingR def traceroute_tests(self) -> TracerouteTestsResourceWithStreamingResponse: return TracerouteTestsResourceWithStreamingResponse(self._dex.traceroute_tests) + @cached_property + def rules(self) -> RulesResourceWithStreamingResponse: + return RulesResourceWithStreamingResponse(self._dex.rules) + class AsyncDEXResourceWithStreamingResponse: def __init__(self, dex: AsyncDEXResource) -> None: @@ -324,3 +352,7 @@ def traceroute_test_results(self) -> AsyncTracerouteTestResultsResourceWithStrea @cached_property def traceroute_tests(self) -> AsyncTracerouteTestsResourceWithStreamingResponse: return AsyncTracerouteTestsResourceWithStreamingResponse(self._dex.traceroute_tests) + + @cached_property + def rules(self) -> AsyncRulesResourceWithStreamingResponse: + return AsyncRulesResourceWithStreamingResponse(self._dex.rules) diff --git a/src/cloudflare/resources/zero_trust/dex/rules.py b/src/cloudflare/resources/zero_trust/dex/rules.py new file mode 100644 index 00000000000..bfc1fab8624 --- /dev/null +++ b/src/cloudflare/resources/zero_trust/dex/rules.py @@ -0,0 +1,666 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Type, Optional, cast +from typing_extensions import Literal + +import httpx + +from ...._types import Body, Omit, Query, Headers, NotGiven, omit, not_given +from ...._utils import maybe_transform, async_maybe_transform +from ...._compat import cached_property +from ...._resource import SyncAPIResource, AsyncAPIResource +from ...._response import ( + to_raw_response_wrapper, + to_streamed_response_wrapper, + async_to_raw_response_wrapper, + async_to_streamed_response_wrapper, +) +from ...._wrappers import ResultWrapper +from ....pagination import SyncV4PagePagination, AsyncV4PagePagination +from ...._base_client import AsyncPaginator, make_request_options +from ....types.zero_trust.dex import rule_list_params, rule_create_params, rule_update_params +from ....types.zero_trust.dex.rule_get_response import RuleGetResponse +from ....types.zero_trust.dex.rule_list_response import RuleListResponse +from ....types.zero_trust.dex.rule_create_response import RuleCreateResponse +from ....types.zero_trust.dex.rule_delete_response import RuleDeleteResponse +from ....types.zero_trust.dex.rule_update_response import RuleUpdateResponse + +__all__ = ["RulesResource", "AsyncRulesResource"] + + +class RulesResource(SyncAPIResource): + @cached_property + def with_raw_response(self) -> RulesResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return RulesResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> RulesResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return RulesResourceWithStreamingResponse(self) + + def create( + self, + *, + account_id: str, + match: str, + name: str, + description: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleCreateResponse]: + """ + Create a DEX Rule + + Args: + match: The wirefilter expression to match. + + name: The name of the Rule. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._post( + f"/accounts/{account_id}/dex/rules", + body=maybe_transform( + { + "match": match, + "name": name, + "description": description, + }, + rule_create_params.RuleCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleCreateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleCreateResponse]], ResultWrapper[RuleCreateResponse]), + ) + + def update( + self, + rule_id: str, + *, + account_id: str, + description: str | Omit = omit, + match: str | Omit = omit, + name: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleUpdateResponse]: + """ + Update a DEX Rule + + Args: + rule_id: API Resource UUID tag. + + match: The wirefilter expression to match. + + name: The name of the Rule. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not rule_id: + raise ValueError(f"Expected a non-empty value for `rule_id` but received {rule_id!r}") + return self._patch( + f"/accounts/{account_id}/dex/rules/{rule_id}", + body=maybe_transform( + { + "description": description, + "match": match, + "name": name, + }, + rule_update_params.RuleUpdateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleUpdateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleUpdateResponse]], ResultWrapper[RuleUpdateResponse]), + ) + + def list( + self, + *, + account_id: str, + page: float, + per_page: float, + name: str | Omit = omit, + sort_by: Literal["name", "created_at", "updated_at"] | Omit = omit, + sort_order: Literal["ASC", "DESC"] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> SyncV4PagePagination[Optional[RuleListResponse]]: + """ + List DEX Rules + + Args: + page: Page number of paginated results + + per_page: Number of items per page + + name: Filter results by rule name + + sort_by: Which property to sort results by + + sort_order: Sort direction for sort_by property + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._get_api_list( + f"/accounts/{account_id}/dex/rules", + page=SyncV4PagePagination[Optional[RuleListResponse]], + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "page": page, + "per_page": per_page, + "name": name, + "sort_by": sort_by, + "sort_order": sort_order, + }, + rule_list_params.RuleListParams, + ), + ), + model=RuleListResponse, + ) + + def delete( + self, + rule_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleDeleteResponse]: + """ + Delete a DEX Rule + + Args: + rule_id: API Resource UUID tag. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not rule_id: + raise ValueError(f"Expected a non-empty value for `rule_id` but received {rule_id!r}") + return self._delete( + f"/accounts/{account_id}/dex/rules/{rule_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleDeleteResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleDeleteResponse]], ResultWrapper[RuleDeleteResponse]), + ) + + def get( + self, + rule_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleGetResponse]: + """ + Get details for a DEX Rule + + Args: + rule_id: API Resource UUID tag. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not rule_id: + raise ValueError(f"Expected a non-empty value for `rule_id` but received {rule_id!r}") + return self._get( + f"/accounts/{account_id}/dex/rules/{rule_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleGetResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleGetResponse]], ResultWrapper[RuleGetResponse]), + ) + + +class AsyncRulesResource(AsyncAPIResource): + @cached_property + def with_raw_response(self) -> AsyncRulesResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncRulesResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncRulesResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncRulesResourceWithStreamingResponse(self) + + async def create( + self, + *, + account_id: str, + match: str, + name: str, + description: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleCreateResponse]: + """ + Create a DEX Rule + + Args: + match: The wirefilter expression to match. + + name: The name of the Rule. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return await self._post( + f"/accounts/{account_id}/dex/rules", + body=await async_maybe_transform( + { + "match": match, + "name": name, + "description": description, + }, + rule_create_params.RuleCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleCreateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleCreateResponse]], ResultWrapper[RuleCreateResponse]), + ) + + async def update( + self, + rule_id: str, + *, + account_id: str, + description: str | Omit = omit, + match: str | Omit = omit, + name: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleUpdateResponse]: + """ + Update a DEX Rule + + Args: + rule_id: API Resource UUID tag. + + match: The wirefilter expression to match. + + name: The name of the Rule. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not rule_id: + raise ValueError(f"Expected a non-empty value for `rule_id` but received {rule_id!r}") + return await self._patch( + f"/accounts/{account_id}/dex/rules/{rule_id}", + body=await async_maybe_transform( + { + "description": description, + "match": match, + "name": name, + }, + rule_update_params.RuleUpdateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleUpdateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleUpdateResponse]], ResultWrapper[RuleUpdateResponse]), + ) + + def list( + self, + *, + account_id: str, + page: float, + per_page: float, + name: str | Omit = omit, + sort_by: Literal["name", "created_at", "updated_at"] | Omit = omit, + sort_order: Literal["ASC", "DESC"] | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> AsyncPaginator[Optional[RuleListResponse], AsyncV4PagePagination[Optional[RuleListResponse]]]: + """ + List DEX Rules + + Args: + page: Page number of paginated results + + per_page: Number of items per page + + name: Filter results by rule name + + sort_by: Which property to sort results by + + sort_order: Sort direction for sort_by property + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._get_api_list( + f"/accounts/{account_id}/dex/rules", + page=AsyncV4PagePagination[Optional[RuleListResponse]], + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + query=maybe_transform( + { + "page": page, + "per_page": per_page, + "name": name, + "sort_by": sort_by, + "sort_order": sort_order, + }, + rule_list_params.RuleListParams, + ), + ), + model=RuleListResponse, + ) + + async def delete( + self, + rule_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleDeleteResponse]: + """ + Delete a DEX Rule + + Args: + rule_id: API Resource UUID tag. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not rule_id: + raise ValueError(f"Expected a non-empty value for `rule_id` but received {rule_id!r}") + return await self._delete( + f"/accounts/{account_id}/dex/rules/{rule_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleDeleteResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleDeleteResponse]], ResultWrapper[RuleDeleteResponse]), + ) + + async def get( + self, + rule_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[RuleGetResponse]: + """ + Get details for a DEX Rule + + Args: + rule_id: API Resource UUID tag. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not rule_id: + raise ValueError(f"Expected a non-empty value for `rule_id` but received {rule_id!r}") + return await self._get( + f"/accounts/{account_id}/dex/rules/{rule_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[RuleGetResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[RuleGetResponse]], ResultWrapper[RuleGetResponse]), + ) + + +class RulesResourceWithRawResponse: + def __init__(self, rules: RulesResource) -> None: + self._rules = rules + + self.create = to_raw_response_wrapper( + rules.create, + ) + self.update = to_raw_response_wrapper( + rules.update, + ) + self.list = to_raw_response_wrapper( + rules.list, + ) + self.delete = to_raw_response_wrapper( + rules.delete, + ) + self.get = to_raw_response_wrapper( + rules.get, + ) + + +class AsyncRulesResourceWithRawResponse: + def __init__(self, rules: AsyncRulesResource) -> None: + self._rules = rules + + self.create = async_to_raw_response_wrapper( + rules.create, + ) + self.update = async_to_raw_response_wrapper( + rules.update, + ) + self.list = async_to_raw_response_wrapper( + rules.list, + ) + self.delete = async_to_raw_response_wrapper( + rules.delete, + ) + self.get = async_to_raw_response_wrapper( + rules.get, + ) + + +class RulesResourceWithStreamingResponse: + def __init__(self, rules: RulesResource) -> None: + self._rules = rules + + self.create = to_streamed_response_wrapper( + rules.create, + ) + self.update = to_streamed_response_wrapper( + rules.update, + ) + self.list = to_streamed_response_wrapper( + rules.list, + ) + self.delete = to_streamed_response_wrapper( + rules.delete, + ) + self.get = to_streamed_response_wrapper( + rules.get, + ) + + +class AsyncRulesResourceWithStreamingResponse: + def __init__(self, rules: AsyncRulesResource) -> None: + self._rules = rules + + self.create = async_to_streamed_response_wrapper( + rules.create, + ) + self.update = async_to_streamed_response_wrapper( + rules.update, + ) + self.list = async_to_streamed_response_wrapper( + rules.list, + ) + self.delete = async_to_streamed_response_wrapper( + rules.delete, + ) + self.get = async_to_streamed_response_wrapper( + rules.get, + ) diff --git a/src/cloudflare/resources/zero_trust/dlp/datasets/datasets.py b/src/cloudflare/resources/zero_trust/dlp/datasets/datasets.py index 7a8a7aff008..6aa79dd7ef5 100644 --- a/src/cloudflare/resources/zero_trust/dlp/datasets/datasets.py +++ b/src/cloudflare/resources/zero_trust/dlp/datasets/datasets.py @@ -37,9 +37,7 @@ ) from .....types.zero_trust.dlp import dataset_create_params, dataset_update_params from .....types.zero_trust.dlp.dataset import Dataset -from .....types.zero_trust.dlp.dataset_get_response import DatasetGetResponse -from .....types.zero_trust.dlp.dataset_create_response import DatasetCreateResponse -from .....types.zero_trust.dlp.dataset_update_response import DatasetUpdateResponse +from .....types.zero_trust.dlp.dataset_creation import DatasetCreation __all__ = ["DatasetsResource", "AsyncDatasetsResource"] @@ -87,7 +85,7 @@ def create( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[DatasetCreateResponse]: + ) -> Optional[DatasetCreation]: """Create a new dataset Args: @@ -137,9 +135,9 @@ def create( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[DatasetCreateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[DatasetCreation]]._unwrapper, ), - cast_to=cast(Type[Optional[DatasetCreateResponse]], ResultWrapper[DatasetCreateResponse]), + cast_to=cast(Type[Optional[DatasetCreation]], ResultWrapper[DatasetCreation]), ) def update( @@ -156,7 +154,7 @@ def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[DatasetUpdateResponse]: + ) -> Optional[Dataset]: """ Update details about a dataset @@ -196,9 +194,9 @@ def update( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[DatasetUpdateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Dataset]]._unwrapper, ), - cast_to=cast(Type[Optional[DatasetUpdateResponse]], ResultWrapper[DatasetUpdateResponse]), + cast_to=cast(Type[Optional[Dataset]], ResultWrapper[Dataset]), ) def list( @@ -283,7 +281,7 @@ def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[DatasetGetResponse]: + ) -> Optional[Dataset]: """ Fetch a specific dataset @@ -307,9 +305,9 @@ def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[DatasetGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Dataset]]._unwrapper, ), - cast_to=cast(Type[Optional[DatasetGetResponse]], ResultWrapper[DatasetGetResponse]), + cast_to=cast(Type[Optional[Dataset]], ResultWrapper[Dataset]), ) @@ -356,7 +354,7 @@ async def create( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[DatasetCreateResponse]: + ) -> Optional[DatasetCreation]: """Create a new dataset Args: @@ -406,9 +404,9 @@ async def create( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[DatasetCreateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[DatasetCreation]]._unwrapper, ), - cast_to=cast(Type[Optional[DatasetCreateResponse]], ResultWrapper[DatasetCreateResponse]), + cast_to=cast(Type[Optional[DatasetCreation]], ResultWrapper[DatasetCreation]), ) async def update( @@ -425,7 +423,7 @@ async def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[DatasetUpdateResponse]: + ) -> Optional[Dataset]: """ Update details about a dataset @@ -465,9 +463,9 @@ async def update( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[DatasetUpdateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Dataset]]._unwrapper, ), - cast_to=cast(Type[Optional[DatasetUpdateResponse]], ResultWrapper[DatasetUpdateResponse]), + cast_to=cast(Type[Optional[Dataset]], ResultWrapper[Dataset]), ) def list( @@ -552,7 +550,7 @@ async def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[DatasetGetResponse]: + ) -> Optional[Dataset]: """ Fetch a specific dataset @@ -576,9 +574,9 @@ async def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[DatasetGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Dataset]]._unwrapper, ), - cast_to=cast(Type[Optional[DatasetGetResponse]], ResultWrapper[DatasetGetResponse]), + cast_to=cast(Type[Optional[Dataset]], ResultWrapper[Dataset]), ) diff --git a/src/cloudflare/resources/zero_trust/dlp/datasets/upload.py b/src/cloudflare/resources/zero_trust/dlp/datasets/upload.py index 12a6ca39c94..089d3a8a166 100644 --- a/src/cloudflare/resources/zero_trust/dlp/datasets/upload.py +++ b/src/cloudflare/resources/zero_trust/dlp/datasets/upload.py @@ -28,8 +28,8 @@ ) from ....._wrappers import ResultWrapper from ....._base_client import make_request_options -from .....types.zero_trust.dlp.datasets.upload_edit_response import UploadEditResponse -from .....types.zero_trust.dlp.datasets.upload_create_response import UploadCreateResponse +from .....types.zero_trust.dlp.dataset import Dataset +from .....types.zero_trust.dlp.datasets.new_version import NewVersion __all__ = ["UploadResource", "AsyncUploadResource"] @@ -65,7 +65,7 @@ def create( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[UploadCreateResponse]: + ) -> Optional[NewVersion]: """ Prepare to upload a new version of a dataset @@ -89,9 +89,9 @@ def create( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[UploadCreateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[NewVersion]]._unwrapper, ), - cast_to=cast(Type[Optional[UploadCreateResponse]], ResultWrapper[UploadCreateResponse]), + cast_to=cast(Type[Optional[NewVersion]], ResultWrapper[NewVersion]), ) def edit( @@ -107,7 +107,7 @@ def edit( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[UploadEditResponse]: + ) -> Optional[Dataset]: """This is used for single-column EDMv1 and Custom Word Lists. The EDM format can @@ -137,9 +137,9 @@ def edit( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[UploadEditResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Dataset]]._unwrapper, ), - cast_to=cast(Type[Optional[UploadEditResponse]], ResultWrapper[UploadEditResponse]), + cast_to=cast(Type[Optional[Dataset]], ResultWrapper[Dataset]), ) @@ -174,7 +174,7 @@ async def create( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[UploadCreateResponse]: + ) -> Optional[NewVersion]: """ Prepare to upload a new version of a dataset @@ -198,9 +198,9 @@ async def create( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[UploadCreateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[NewVersion]]._unwrapper, ), - cast_to=cast(Type[Optional[UploadCreateResponse]], ResultWrapper[UploadCreateResponse]), + cast_to=cast(Type[Optional[NewVersion]], ResultWrapper[NewVersion]), ) async def edit( @@ -216,7 +216,7 @@ async def edit( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[UploadEditResponse]: + ) -> Optional[Dataset]: """This is used for single-column EDMv1 and Custom Word Lists. The EDM format can @@ -246,9 +246,9 @@ async def edit( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[UploadEditResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Dataset]]._unwrapper, ), - cast_to=cast(Type[Optional[UploadEditResponse]], ResultWrapper[UploadEditResponse]), + cast_to=cast(Type[Optional[Dataset]], ResultWrapper[Dataset]), ) diff --git a/src/cloudflare/resources/zero_trust/dlp/entries/custom.py b/src/cloudflare/resources/zero_trust/dlp/entries/custom.py index ad9e74d0e47..12e290917de 100644 --- a/src/cloudflare/resources/zero_trust/dlp/entries/custom.py +++ b/src/cloudflare/resources/zero_trust/dlp/entries/custom.py @@ -56,6 +56,7 @@ def create( enabled: bool, name: str, pattern: PatternParam, + description: Optional[str] | Omit = omit, profile_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -85,6 +86,7 @@ def create( "enabled": enabled, "name": name, "pattern": pattern, + "description": description, "profile_id": profile_id, }, custom_create_params.CustomCreateParams, @@ -107,6 +109,7 @@ def update( enabled: bool, name: str, pattern: PatternParam, + description: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -137,6 +140,7 @@ def update( "enabled": enabled, "name": name, "pattern": pattern, + "description": description, }, custom_update_params.CustomUpdateParams, ), @@ -297,6 +301,7 @@ async def create( enabled: bool, name: str, pattern: PatternParam, + description: Optional[str] | Omit = omit, profile_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -326,6 +331,7 @@ async def create( "enabled": enabled, "name": name, "pattern": pattern, + "description": description, "profile_id": profile_id, }, custom_create_params.CustomCreateParams, @@ -348,6 +354,7 @@ async def update( enabled: bool, name: str, pattern: PatternParam, + description: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. extra_headers: Headers | None = None, @@ -378,6 +385,7 @@ async def update( "enabled": enabled, "name": name, "pattern": pattern, + "description": description, }, custom_update_params.CustomUpdateParams, ), diff --git a/src/cloudflare/resources/zero_trust/dlp/entries/entries.py b/src/cloudflare/resources/zero_trust/dlp/entries/entries.py index a2e7b357ae1..619df5a3f6a 100644 --- a/src/cloudflare/resources/zero_trust/dlp/entries/entries.py +++ b/src/cloudflare/resources/zero_trust/dlp/entries/entries.py @@ -93,6 +93,7 @@ def create( enabled: bool, name: str, pattern: PatternParam, + description: Optional[str] | Omit = omit, profile_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -122,6 +123,7 @@ def create( "enabled": enabled, "name": name, "pattern": pattern, + "description": description, "profile_id": profile_id, }, entry_create_params.EntryCreateParams, @@ -145,6 +147,7 @@ def update( name: str, pattern: PatternParam, type: Literal["custom"], + description: Optional[str] | Omit = omit, enabled: bool | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -234,6 +237,7 @@ def update( name: str | Omit = omit, pattern: PatternParam | Omit = omit, type: Literal["custom"] | Literal["predefined"] | Literal["integration"], + description: Optional[str] | Omit = omit, enabled: bool | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -255,6 +259,7 @@ def update( "name": name, "pattern": pattern, "type": type, + "description": description, "enabled": enabled, }, entry_update_params.EntryUpdateParams, @@ -431,6 +436,7 @@ async def create( enabled: bool, name: str, pattern: PatternParam, + description: Optional[str] | Omit = omit, profile_id: str | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -460,6 +466,7 @@ async def create( "enabled": enabled, "name": name, "pattern": pattern, + "description": description, "profile_id": profile_id, }, entry_create_params.EntryCreateParams, @@ -483,6 +490,7 @@ async def update( name: str, pattern: PatternParam, type: Literal["custom"], + description: Optional[str] | Omit = omit, enabled: bool | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -572,6 +580,7 @@ async def update( name: str | Omit = omit, pattern: PatternParam | Omit = omit, type: Literal["custom"] | Literal["predefined"] | Literal["integration"], + description: Optional[str] | Omit = omit, enabled: bool | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -593,6 +602,7 @@ async def update( "name": name, "pattern": pattern, "type": type, + "description": description, "enabled": enabled, }, entry_update_params.EntryUpdateParams, diff --git a/src/cloudflare/resources/zero_trust/dlp/payload_logs.py b/src/cloudflare/resources/zero_trust/dlp/payload_logs.py index 99dbbf7784c..ff0e10e81d4 100644 --- a/src/cloudflare/resources/zero_trust/dlp/payload_logs.py +++ b/src/cloudflare/resources/zero_trust/dlp/payload_logs.py @@ -3,6 +3,7 @@ from __future__ import annotations from typing import Type, Optional, cast +from typing_extensions import Literal import httpx @@ -49,6 +50,7 @@ def update( self, *, account_id: str, + masking_level: Literal["full", "partial", "clear", "default"] | Omit = omit, public_key: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -61,6 +63,27 @@ def update( Set payload log settings Args: + masking_level: Masking level for payload logs. + + - `full`: The entire payload is masked. + - `partial`: Only partial payload content is masked. + - `clear`: No masking is applied to the payload content. + - `default`: DLP uses its default masking behavior. + + public_key: Base64-encoded public key for encrypting payload logs. + + - Set to null or empty string to disable payload logging. + - Set to a non-empty base64 string to enable payload logging with the given key. + + For customers with configurable payload masking feature rolled out: + + - If the field is missing, the existing setting will be kept. Note that this is + different from setting to null or empty string. + + For all other customers: + + - If the field is missing, the existing setting will be cleared. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request @@ -73,7 +96,13 @@ def update( raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") return self._put( f"/accounts/{account_id}/dlp/payload_log", - body=maybe_transform({"public_key": public_key}, payload_log_update_params.PayloadLogUpdateParams), + body=maybe_transform( + { + "masking_level": masking_level, + "public_key": public_key, + }, + payload_log_update_params.PayloadLogUpdateParams, + ), options=make_request_options( extra_headers=extra_headers, extra_query=extra_query, @@ -146,6 +175,7 @@ async def update( self, *, account_id: str, + masking_level: Literal["full", "partial", "clear", "default"] | Omit = omit, public_key: Optional[str] | Omit = omit, # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. # The extra values given here take precedence over values defined on the client or passed to this method. @@ -158,6 +188,27 @@ async def update( Set payload log settings Args: + masking_level: Masking level for payload logs. + + - `full`: The entire payload is masked. + - `partial`: Only partial payload content is masked. + - `clear`: No masking is applied to the payload content. + - `default`: DLP uses its default masking behavior. + + public_key: Base64-encoded public key for encrypting payload logs. + + - Set to null or empty string to disable payload logging. + - Set to a non-empty base64 string to enable payload logging with the given key. + + For customers with configurable payload masking feature rolled out: + + - If the field is missing, the existing setting will be kept. Note that this is + different from setting to null or empty string. + + For all other customers: + + - If the field is missing, the existing setting will be cleared. + extra_headers: Send extra headers extra_query: Add additional query parameters to the request @@ -171,7 +222,11 @@ async def update( return await self._put( f"/accounts/{account_id}/dlp/payload_log", body=await async_maybe_transform( - {"public_key": public_key}, payload_log_update_params.PayloadLogUpdateParams + { + "masking_level": masking_level, + "public_key": public_key, + }, + payload_log_update_params.PayloadLogUpdateParams, ), options=make_request_options( extra_headers=extra_headers, diff --git a/src/cloudflare/resources/zero_trust/dlp/profiles/custom.py b/src/cloudflare/resources/zero_trust/dlp/profiles/custom.py index 4b0ee289b78..586ccceee16 100644 --- a/src/cloudflare/resources/zero_trust/dlp/profiles/custom.py +++ b/src/cloudflare/resources/zero_trust/dlp/profiles/custom.py @@ -18,11 +18,9 @@ ) from ....._wrappers import ResultWrapper from ....._base_client import make_request_options +from .....types.zero_trust.dlp.profile import Profile from .....types.zero_trust.dlp.profiles import custom_create_params, custom_update_params from .....types.zero_trust.dlp.context_awareness_param import ContextAwarenessParam -from .....types.zero_trust.dlp.profiles.custom_get_response import CustomGetResponse -from .....types.zero_trust.dlp.profiles.custom_create_response import CustomCreateResponse -from .....types.zero_trust.dlp.profiles.custom_update_response import CustomUpdateResponse __all__ = ["CustomResource", "AsyncCustomResource"] @@ -66,7 +64,7 @@ def create( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomCreateResponse]: + ) -> Optional[Profile]: """ Creates a DLP custom profile. @@ -92,7 +90,7 @@ def create( if not account_id: raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") return cast( - Optional[CustomCreateResponse], + Optional[Profile], self._post( f"/accounts/{account_id}/dlp/profiles/custom", body=maybe_transform( @@ -114,10 +112,10 @@ def create( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[CustomCreateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[CustomCreateResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) @@ -142,7 +140,7 @@ def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomUpdateResponse]: + ) -> Optional[Profile]: """ Updates a DLP custom profile. @@ -170,7 +168,7 @@ def update( if not profile_id: raise ValueError(f"Expected a non-empty value for `profile_id` but received {profile_id!r}") return cast( - Optional[CustomUpdateResponse], + Optional[Profile], self._put( f"/accounts/{account_id}/dlp/profiles/custom/{profile_id}", body=maybe_transform( @@ -192,10 +190,10 @@ def update( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[CustomUpdateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[CustomUpdateResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) @@ -251,7 +249,7 @@ def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomGetResponse]: + ) -> Optional[Profile]: """ Fetches a custom DLP profile by id. @@ -269,7 +267,7 @@ def get( if not profile_id: raise ValueError(f"Expected a non-empty value for `profile_id` but received {profile_id!r}") return cast( - Optional[CustomGetResponse], + Optional[Profile], self._get( f"/accounts/{account_id}/dlp/profiles/custom/{profile_id}", options=make_request_options( @@ -277,10 +275,10 @@ def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[CustomGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[CustomGetResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) @@ -325,7 +323,7 @@ async def create( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomCreateResponse]: + ) -> Optional[Profile]: """ Creates a DLP custom profile. @@ -351,7 +349,7 @@ async def create( if not account_id: raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") return cast( - Optional[CustomCreateResponse], + Optional[Profile], await self._post( f"/accounts/{account_id}/dlp/profiles/custom", body=await async_maybe_transform( @@ -373,10 +371,10 @@ async def create( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[CustomCreateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[CustomCreateResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) @@ -401,7 +399,7 @@ async def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomUpdateResponse]: + ) -> Optional[Profile]: """ Updates a DLP custom profile. @@ -429,7 +427,7 @@ async def update( if not profile_id: raise ValueError(f"Expected a non-empty value for `profile_id` but received {profile_id!r}") return cast( - Optional[CustomUpdateResponse], + Optional[Profile], await self._put( f"/accounts/{account_id}/dlp/profiles/custom/{profile_id}", body=await async_maybe_transform( @@ -451,10 +449,10 @@ async def update( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[CustomUpdateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[CustomUpdateResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) @@ -510,7 +508,7 @@ async def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[CustomGetResponse]: + ) -> Optional[Profile]: """ Fetches a custom DLP profile by id. @@ -528,7 +526,7 @@ async def get( if not profile_id: raise ValueError(f"Expected a non-empty value for `profile_id` but received {profile_id!r}") return cast( - Optional[CustomGetResponse], + Optional[Profile], await self._get( f"/accounts/{account_id}/dlp/profiles/custom/{profile_id}", options=make_request_options( @@ -536,10 +534,10 @@ async def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[CustomGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[CustomGetResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) diff --git a/src/cloudflare/resources/zero_trust/dlp/profiles/predefined.py b/src/cloudflare/resources/zero_trust/dlp/profiles/predefined.py index aec84a044a9..acd8781e73a 100644 --- a/src/cloudflare/resources/zero_trust/dlp/profiles/predefined.py +++ b/src/cloudflare/resources/zero_trust/dlp/profiles/predefined.py @@ -19,8 +19,7 @@ from ....._wrappers import ResultWrapper from ....._base_client import make_request_options from .....types.zero_trust.dlp.profiles import predefined_update_params -from .....types.zero_trust.dlp.profiles.predefined_get_response import PredefinedGetResponse -from .....types.zero_trust.dlp.profiles.predefined_update_response import PredefinedUpdateResponse +from .....types.zero_trust.dlp.profiles.predefined_profile import PredefinedProfile __all__ = ["PredefinedResource", "AsyncPredefinedResource"] @@ -62,7 +61,7 @@ def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[PredefinedUpdateResponse]: + ) -> Optional[PredefinedProfile]: """This is similar to `update_predefined` but only returns entries that are enabled. @@ -100,9 +99,9 @@ def update( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[PredefinedUpdateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[PredefinedProfile]]._unwrapper, ), - cast_to=cast(Type[Optional[PredefinedUpdateResponse]], ResultWrapper[PredefinedUpdateResponse]), + cast_to=cast(Type[Optional[PredefinedProfile]], ResultWrapper[PredefinedProfile]), ) def delete( @@ -157,7 +156,7 @@ def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[PredefinedGetResponse]: + ) -> Optional[PredefinedProfile]: """ This is similar to `get_predefined` but only returns entries that are enabled. This is needed for our terraform API Fetches a predefined DLP profile by id. @@ -182,9 +181,9 @@ def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[PredefinedGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[PredefinedProfile]]._unwrapper, ), - cast_to=cast(Type[Optional[PredefinedGetResponse]], ResultWrapper[PredefinedGetResponse]), + cast_to=cast(Type[Optional[PredefinedProfile]], ResultWrapper[PredefinedProfile]), ) @@ -225,7 +224,7 @@ async def update( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[PredefinedUpdateResponse]: + ) -> Optional[PredefinedProfile]: """This is similar to `update_predefined` but only returns entries that are enabled. @@ -263,9 +262,9 @@ async def update( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[PredefinedUpdateResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[PredefinedProfile]]._unwrapper, ), - cast_to=cast(Type[Optional[PredefinedUpdateResponse]], ResultWrapper[PredefinedUpdateResponse]), + cast_to=cast(Type[Optional[PredefinedProfile]], ResultWrapper[PredefinedProfile]), ) async def delete( @@ -320,7 +319,7 @@ async def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[PredefinedGetResponse]: + ) -> Optional[PredefinedProfile]: """ This is similar to `get_predefined` but only returns entries that are enabled. This is needed for our terraform API Fetches a predefined DLP profile by id. @@ -345,9 +344,9 @@ async def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[PredefinedGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[PredefinedProfile]]._unwrapper, ), - cast_to=cast(Type[Optional[PredefinedGetResponse]], ResultWrapper[PredefinedGetResponse]), + cast_to=cast(Type[Optional[PredefinedProfile]], ResultWrapper[PredefinedProfile]), ) diff --git a/src/cloudflare/resources/zero_trust/dlp/profiles/profiles.py b/src/cloudflare/resources/zero_trust/dlp/profiles/profiles.py index 096173e5b54..cb224c7e480 100644 --- a/src/cloudflare/resources/zero_trust/dlp/profiles/profiles.py +++ b/src/cloudflare/resources/zero_trust/dlp/profiles/profiles.py @@ -37,7 +37,6 @@ from ....._base_client import AsyncPaginator, make_request_options from .....types.zero_trust.dlp import profile_list_params from .....types.zero_trust.dlp.profile import Profile -from .....types.zero_trust.dlp.profile_get_response import ProfileGetResponse __all__ = ["ProfilesResource", "AsyncProfilesResource"] @@ -123,7 +122,7 @@ def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[ProfileGetResponse]: + ) -> Optional[Profile]: """ Fetches a DLP profile by ID. @@ -141,7 +140,7 @@ def get( if not profile_id: raise ValueError(f"Expected a non-empty value for `profile_id` but received {profile_id!r}") return cast( - Optional[ProfileGetResponse], + Optional[Profile], self._get( f"/accounts/{account_id}/dlp/profiles/{profile_id}", options=make_request_options( @@ -149,10 +148,10 @@ def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[ProfileGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[ProfileGetResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) @@ -239,7 +238,7 @@ async def get( extra_query: Query | None = None, extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, - ) -> Optional[ProfileGetResponse]: + ) -> Optional[Profile]: """ Fetches a DLP profile by ID. @@ -257,7 +256,7 @@ async def get( if not profile_id: raise ValueError(f"Expected a non-empty value for `profile_id` but received {profile_id!r}") return cast( - Optional[ProfileGetResponse], + Optional[Profile], await self._get( f"/accounts/{account_id}/dlp/profiles/{profile_id}", options=make_request_options( @@ -265,10 +264,10 @@ async def get( extra_query=extra_query, extra_body=extra_body, timeout=timeout, - post_parser=ResultWrapper[Optional[ProfileGetResponse]]._unwrapper, + post_parser=ResultWrapper[Optional[Profile]]._unwrapper, ), cast_to=cast( - Any, ResultWrapper[ProfileGetResponse] + Any, ResultWrapper[Profile] ), # Union types cannot be passed in as arguments in the type system ), ) diff --git a/src/cloudflare/resources/zero_trust/gateway/__init__.py b/src/cloudflare/resources/zero_trust/gateway/__init__.py index dd71429636f..070241ac482 100644 --- a/src/cloudflare/resources/zero_trust/gateway/__init__.py +++ b/src/cloudflare/resources/zero_trust/gateway/__init__.py @@ -32,6 +32,14 @@ LoggingResourceWithStreamingResponse, AsyncLoggingResourceWithStreamingResponse, ) +from .pacfiles import ( + PacfilesResource, + AsyncPacfilesResource, + PacfilesResourceWithRawResponse, + AsyncPacfilesResourceWithRawResponse, + PacfilesResourceWithStreamingResponse, + AsyncPacfilesResourceWithStreamingResponse, +) from .app_types import ( AppTypesResource, AsyncAppTypesResource, @@ -150,6 +158,12 @@ "AsyncCertificatesResourceWithRawResponse", "CertificatesResourceWithStreamingResponse", "AsyncCertificatesResourceWithStreamingResponse", + "PacfilesResource", + "AsyncPacfilesResource", + "PacfilesResourceWithRawResponse", + "AsyncPacfilesResourceWithRawResponse", + "PacfilesResourceWithStreamingResponse", + "AsyncPacfilesResourceWithStreamingResponse", "GatewayResource", "AsyncGatewayResource", "GatewayResourceWithRawResponse", diff --git a/src/cloudflare/resources/zero_trust/gateway/gateway.py b/src/cloudflare/resources/zero_trust/gateway/gateway.py index c012dda9b45..e4badcc9720 100644 --- a/src/cloudflare/resources/zero_trust/gateway/gateway.py +++ b/src/cloudflare/resources/zero_trust/gateway/gateway.py @@ -22,6 +22,14 @@ LoggingResourceWithStreamingResponse, AsyncLoggingResourceWithStreamingResponse, ) +from .pacfiles import ( + PacfilesResource, + AsyncPacfilesResource, + PacfilesResourceWithRawResponse, + AsyncPacfilesResourceWithRawResponse, + PacfilesResourceWithStreamingResponse, + AsyncPacfilesResourceWithStreamingResponse, +) from ...._types import Body, Query, Headers, NotGiven, not_given from .app_types import ( AppTypesResource, @@ -144,6 +152,10 @@ def rules(self) -> RulesResource: def certificates(self) -> CertificatesResource: return CertificatesResource(self._client) + @cached_property + def pacfiles(self) -> PacfilesResource: + return PacfilesResource(self._client) + @cached_property def with_raw_response(self) -> GatewayResourceWithRawResponse: """ @@ -279,6 +291,10 @@ def rules(self) -> AsyncRulesResource: def certificates(self) -> AsyncCertificatesResource: return AsyncCertificatesResource(self._client) + @cached_property + def pacfiles(self) -> AsyncPacfilesResource: + return AsyncPacfilesResource(self._client) + @cached_property def with_raw_response(self) -> AsyncGatewayResourceWithRawResponse: """ @@ -424,6 +440,10 @@ def rules(self) -> RulesResourceWithRawResponse: def certificates(self) -> CertificatesResourceWithRawResponse: return CertificatesResourceWithRawResponse(self._gateway.certificates) + @cached_property + def pacfiles(self) -> PacfilesResourceWithRawResponse: + return PacfilesResourceWithRawResponse(self._gateway.pacfiles) + class AsyncGatewayResourceWithRawResponse: def __init__(self, gateway: AsyncGatewayResource) -> None: @@ -476,6 +496,10 @@ def rules(self) -> AsyncRulesResourceWithRawResponse: def certificates(self) -> AsyncCertificatesResourceWithRawResponse: return AsyncCertificatesResourceWithRawResponse(self._gateway.certificates) + @cached_property + def pacfiles(self) -> AsyncPacfilesResourceWithRawResponse: + return AsyncPacfilesResourceWithRawResponse(self._gateway.pacfiles) + class GatewayResourceWithStreamingResponse: def __init__(self, gateway: GatewayResource) -> None: @@ -528,6 +552,10 @@ def rules(self) -> RulesResourceWithStreamingResponse: def certificates(self) -> CertificatesResourceWithStreamingResponse: return CertificatesResourceWithStreamingResponse(self._gateway.certificates) + @cached_property + def pacfiles(self) -> PacfilesResourceWithStreamingResponse: + return PacfilesResourceWithStreamingResponse(self._gateway.pacfiles) + class AsyncGatewayResourceWithStreamingResponse: def __init__(self, gateway: AsyncGatewayResource) -> None: @@ -579,3 +607,7 @@ def rules(self) -> AsyncRulesResourceWithStreamingResponse: @cached_property def certificates(self) -> AsyncCertificatesResourceWithStreamingResponse: return AsyncCertificatesResourceWithStreamingResponse(self._gateway.certificates) + + @cached_property + def pacfiles(self) -> AsyncPacfilesResourceWithStreamingResponse: + return AsyncPacfilesResourceWithStreamingResponse(self._gateway.pacfiles) diff --git a/src/cloudflare/resources/zero_trust/gateway/pacfiles.py b/src/cloudflare/resources/zero_trust/gateway/pacfiles.py new file mode 100644 index 00000000000..e35cc351c4e --- /dev/null +++ b/src/cloudflare/resources/zero_trust/gateway/pacfiles.py @@ -0,0 +1,614 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Type, Optional, cast + +import httpx + +from ...._types import Body, Omit, Query, Headers, NotGiven, omit, not_given +from ...._utils import maybe_transform, async_maybe_transform +from ...._compat import cached_property +from ...._resource import SyncAPIResource, AsyncAPIResource +from ...._response import ( + to_raw_response_wrapper, + to_streamed_response_wrapper, + async_to_raw_response_wrapper, + async_to_streamed_response_wrapper, +) +from ...._wrappers import ResultWrapper +from ....pagination import SyncSinglePage, AsyncSinglePage +from ...._base_client import AsyncPaginator, make_request_options +from ....types.zero_trust.gateway import pacfile_create_params, pacfile_update_params +from ....types.zero_trust.gateway.pacfile_get_response import PacfileGetResponse +from ....types.zero_trust.gateway.pacfile_list_response import PacfileListResponse +from ....types.zero_trust.gateway.pacfile_create_response import PacfileCreateResponse +from ....types.zero_trust.gateway.pacfile_update_response import PacfileUpdateResponse + +__all__ = ["PacfilesResource", "AsyncPacfilesResource"] + + +class PacfilesResource(SyncAPIResource): + @cached_property + def with_raw_response(self) -> PacfilesResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return PacfilesResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> PacfilesResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return PacfilesResourceWithStreamingResponse(self) + + def create( + self, + *, + account_id: str, + contents: str, + name: str, + description: str | Omit = omit, + slug: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[PacfileCreateResponse]: + """ + Create a new Zero Trust Gateway PAC file. + + Args: + contents: Actual contents of the PAC file + + name: Name of the PAC file. + + description: Detailed description of the PAC file. + + slug: URL-friendly version of the PAC file name. If not provided, it will be + auto-generated + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._post( + f"/accounts/{account_id}/gateway/pacfiles", + body=maybe_transform( + { + "contents": contents, + "name": name, + "description": description, + "slug": slug, + }, + pacfile_create_params.PacfileCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[PacfileCreateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[PacfileCreateResponse]], ResultWrapper[PacfileCreateResponse]), + ) + + def update( + self, + pacfile_id: str, + *, + account_id: str, + contents: str, + description: str, + name: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[PacfileUpdateResponse]: + """ + Update a configured Zero Trust Gateway PAC file. + + Args: + contents: Actual contents of the PAC file + + description: Detailed description of the PAC file. + + name: Name of the PAC file. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not pacfile_id: + raise ValueError(f"Expected a non-empty value for `pacfile_id` but received {pacfile_id!r}") + return self._put( + f"/accounts/{account_id}/gateway/pacfiles/{pacfile_id}", + body=maybe_transform( + { + "contents": contents, + "description": description, + "name": name, + }, + pacfile_update_params.PacfileUpdateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[PacfileUpdateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[PacfileUpdateResponse]], ResultWrapper[PacfileUpdateResponse]), + ) + + def list( + self, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> SyncSinglePage[PacfileListResponse]: + """ + List all Zero Trust Gateway PAC files for an account. + + Args: + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._get_api_list( + f"/accounts/{account_id}/gateway/pacfiles", + page=SyncSinglePage[PacfileListResponse], + options=make_request_options( + extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + ), + model=PacfileListResponse, + ) + + def delete( + self, + pacfile_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> object: + """ + Delete a configured Zero Trust Gateway PAC file. + + Args: + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not pacfile_id: + raise ValueError(f"Expected a non-empty value for `pacfile_id` but received {pacfile_id!r}") + return self._delete( + f"/accounts/{account_id}/gateway/pacfiles/{pacfile_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[object]]._unwrapper, + ), + cast_to=cast(Type[object], ResultWrapper[object]), + ) + + def get( + self, + pacfile_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[PacfileGetResponse]: + """ + Get a single Zero Trust Gateway PAC file. + + Args: + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not pacfile_id: + raise ValueError(f"Expected a non-empty value for `pacfile_id` but received {pacfile_id!r}") + return self._get( + f"/accounts/{account_id}/gateway/pacfiles/{pacfile_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[PacfileGetResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[PacfileGetResponse]], ResultWrapper[PacfileGetResponse]), + ) + + +class AsyncPacfilesResource(AsyncAPIResource): + @cached_property + def with_raw_response(self) -> AsyncPacfilesResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncPacfilesResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncPacfilesResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncPacfilesResourceWithStreamingResponse(self) + + async def create( + self, + *, + account_id: str, + contents: str, + name: str, + description: str | Omit = omit, + slug: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[PacfileCreateResponse]: + """ + Create a new Zero Trust Gateway PAC file. + + Args: + contents: Actual contents of the PAC file + + name: Name of the PAC file. + + description: Detailed description of the PAC file. + + slug: URL-friendly version of the PAC file name. If not provided, it will be + auto-generated + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return await self._post( + f"/accounts/{account_id}/gateway/pacfiles", + body=await async_maybe_transform( + { + "contents": contents, + "name": name, + "description": description, + "slug": slug, + }, + pacfile_create_params.PacfileCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[PacfileCreateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[PacfileCreateResponse]], ResultWrapper[PacfileCreateResponse]), + ) + + async def update( + self, + pacfile_id: str, + *, + account_id: str, + contents: str, + description: str, + name: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[PacfileUpdateResponse]: + """ + Update a configured Zero Trust Gateway PAC file. + + Args: + contents: Actual contents of the PAC file + + description: Detailed description of the PAC file. + + name: Name of the PAC file. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not pacfile_id: + raise ValueError(f"Expected a non-empty value for `pacfile_id` but received {pacfile_id!r}") + return await self._put( + f"/accounts/{account_id}/gateway/pacfiles/{pacfile_id}", + body=await async_maybe_transform( + { + "contents": contents, + "description": description, + "name": name, + }, + pacfile_update_params.PacfileUpdateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[PacfileUpdateResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[PacfileUpdateResponse]], ResultWrapper[PacfileUpdateResponse]), + ) + + def list( + self, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> AsyncPaginator[PacfileListResponse, AsyncSinglePage[PacfileListResponse]]: + """ + List all Zero Trust Gateway PAC files for an account. + + Args: + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._get_api_list( + f"/accounts/{account_id}/gateway/pacfiles", + page=AsyncSinglePage[PacfileListResponse], + options=make_request_options( + extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout + ), + model=PacfileListResponse, + ) + + async def delete( + self, + pacfile_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> object: + """ + Delete a configured Zero Trust Gateway PAC file. + + Args: + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not pacfile_id: + raise ValueError(f"Expected a non-empty value for `pacfile_id` but received {pacfile_id!r}") + return await self._delete( + f"/accounts/{account_id}/gateway/pacfiles/{pacfile_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[object]]._unwrapper, + ), + cast_to=cast(Type[object], ResultWrapper[object]), + ) + + async def get( + self, + pacfile_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[PacfileGetResponse]: + """ + Get a single Zero Trust Gateway PAC file. + + Args: + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not pacfile_id: + raise ValueError(f"Expected a non-empty value for `pacfile_id` but received {pacfile_id!r}") + return await self._get( + f"/accounts/{account_id}/gateway/pacfiles/{pacfile_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[PacfileGetResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[PacfileGetResponse]], ResultWrapper[PacfileGetResponse]), + ) + + +class PacfilesResourceWithRawResponse: + def __init__(self, pacfiles: PacfilesResource) -> None: + self._pacfiles = pacfiles + + self.create = to_raw_response_wrapper( + pacfiles.create, + ) + self.update = to_raw_response_wrapper( + pacfiles.update, + ) + self.list = to_raw_response_wrapper( + pacfiles.list, + ) + self.delete = to_raw_response_wrapper( + pacfiles.delete, + ) + self.get = to_raw_response_wrapper( + pacfiles.get, + ) + + +class AsyncPacfilesResourceWithRawResponse: + def __init__(self, pacfiles: AsyncPacfilesResource) -> None: + self._pacfiles = pacfiles + + self.create = async_to_raw_response_wrapper( + pacfiles.create, + ) + self.update = async_to_raw_response_wrapper( + pacfiles.update, + ) + self.list = async_to_raw_response_wrapper( + pacfiles.list, + ) + self.delete = async_to_raw_response_wrapper( + pacfiles.delete, + ) + self.get = async_to_raw_response_wrapper( + pacfiles.get, + ) + + +class PacfilesResourceWithStreamingResponse: + def __init__(self, pacfiles: PacfilesResource) -> None: + self._pacfiles = pacfiles + + self.create = to_streamed_response_wrapper( + pacfiles.create, + ) + self.update = to_streamed_response_wrapper( + pacfiles.update, + ) + self.list = to_streamed_response_wrapper( + pacfiles.list, + ) + self.delete = to_streamed_response_wrapper( + pacfiles.delete, + ) + self.get = to_streamed_response_wrapper( + pacfiles.get, + ) + + +class AsyncPacfilesResourceWithStreamingResponse: + def __init__(self, pacfiles: AsyncPacfilesResource) -> None: + self._pacfiles = pacfiles + + self.create = async_to_streamed_response_wrapper( + pacfiles.create, + ) + self.update = async_to_streamed_response_wrapper( + pacfiles.update, + ) + self.list = async_to_streamed_response_wrapper( + pacfiles.list, + ) + self.delete = async_to_streamed_response_wrapper( + pacfiles.delete, + ) + self.get = async_to_streamed_response_wrapper( + pacfiles.get, + ) diff --git a/src/cloudflare/resources/zero_trust/networks/subnets/__init__.py b/src/cloudflare/resources/zero_trust/networks/subnets/__init__.py index 3af4ace5d3b..3b0a923b401 100644 --- a/src/cloudflare/resources/zero_trust/networks/subnets/__init__.py +++ b/src/cloudflare/resources/zero_trust/networks/subnets/__init__.py @@ -1,5 +1,13 @@ # File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. +from .warp import ( + WARPResource, + AsyncWARPResource, + WARPResourceWithRawResponse, + AsyncWARPResourceWithRawResponse, + WARPResourceWithStreamingResponse, + AsyncWARPResourceWithStreamingResponse, +) from .subnets import ( SubnetsResource, AsyncSubnetsResource, @@ -18,6 +26,12 @@ ) __all__ = [ + "WARPResource", + "AsyncWARPResource", + "WARPResourceWithRawResponse", + "AsyncWARPResourceWithRawResponse", + "WARPResourceWithStreamingResponse", + "AsyncWARPResourceWithStreamingResponse", "CloudflareSourceResource", "AsyncCloudflareSourceResource", "CloudflareSourceResourceWithRawResponse", diff --git a/src/cloudflare/resources/zero_trust/networks/subnets/subnets.py b/src/cloudflare/resources/zero_trust/networks/subnets/subnets.py index c7d545c3809..d723f449966 100644 --- a/src/cloudflare/resources/zero_trust/networks/subnets/subnets.py +++ b/src/cloudflare/resources/zero_trust/networks/subnets/subnets.py @@ -6,6 +6,14 @@ import httpx +from .warp import ( + WARPResource, + AsyncWARPResource, + WARPResourceWithRawResponse, + AsyncWARPResourceWithRawResponse, + WARPResourceWithStreamingResponse, + AsyncWARPResourceWithStreamingResponse, +) from ....._types import Body, Omit, Query, Headers, NotGiven, omit, not_given from ....._utils import maybe_transform from ....._compat import cached_property @@ -33,6 +41,10 @@ class SubnetsResource(SyncAPIResource): + @cached_property + def warp(self) -> WARPResource: + return WARPResource(self._client) + @cached_property def cloudflare_source(self) -> CloudflareSourceResource: return CloudflareSourceResource(self._client) @@ -150,6 +162,10 @@ def list( class AsyncSubnetsResource(AsyncAPIResource): + @cached_property + def warp(self) -> AsyncWARPResource: + return AsyncWARPResource(self._client) + @cached_property def cloudflare_source(self) -> AsyncCloudflareSourceResource: return AsyncCloudflareSourceResource(self._client) @@ -274,6 +290,10 @@ def __init__(self, subnets: SubnetsResource) -> None: subnets.list, ) + @cached_property + def warp(self) -> WARPResourceWithRawResponse: + return WARPResourceWithRawResponse(self._subnets.warp) + @cached_property def cloudflare_source(self) -> CloudflareSourceResourceWithRawResponse: return CloudflareSourceResourceWithRawResponse(self._subnets.cloudflare_source) @@ -287,6 +307,10 @@ def __init__(self, subnets: AsyncSubnetsResource) -> None: subnets.list, ) + @cached_property + def warp(self) -> AsyncWARPResourceWithRawResponse: + return AsyncWARPResourceWithRawResponse(self._subnets.warp) + @cached_property def cloudflare_source(self) -> AsyncCloudflareSourceResourceWithRawResponse: return AsyncCloudflareSourceResourceWithRawResponse(self._subnets.cloudflare_source) @@ -300,6 +324,10 @@ def __init__(self, subnets: SubnetsResource) -> None: subnets.list, ) + @cached_property + def warp(self) -> WARPResourceWithStreamingResponse: + return WARPResourceWithStreamingResponse(self._subnets.warp) + @cached_property def cloudflare_source(self) -> CloudflareSourceResourceWithStreamingResponse: return CloudflareSourceResourceWithStreamingResponse(self._subnets.cloudflare_source) @@ -313,6 +341,10 @@ def __init__(self, subnets: AsyncSubnetsResource) -> None: subnets.list, ) + @cached_property + def warp(self) -> AsyncWARPResourceWithStreamingResponse: + return AsyncWARPResourceWithStreamingResponse(self._subnets.warp) + @cached_property def cloudflare_source(self) -> AsyncCloudflareSourceResourceWithStreamingResponse: return AsyncCloudflareSourceResourceWithStreamingResponse(self._subnets.cloudflare_source) diff --git a/src/cloudflare/resources/zero_trust/networks/subnets/warp.py b/src/cloudflare/resources/zero_trust/networks/subnets/warp.py new file mode 100644 index 00000000000..79caba44736 --- /dev/null +++ b/src/cloudflare/resources/zero_trust/networks/subnets/warp.py @@ -0,0 +1,609 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Type, Optional, cast + +import httpx + +from ....._types import Body, Omit, Query, Headers, NotGiven, omit, not_given +from ....._utils import maybe_transform, async_maybe_transform +from ....._compat import cached_property +from ....._resource import SyncAPIResource, AsyncAPIResource +from ....._response import ( + to_raw_response_wrapper, + to_streamed_response_wrapper, + async_to_raw_response_wrapper, + async_to_streamed_response_wrapper, +) +from ....._wrappers import ResultWrapper +from ....._base_client import make_request_options +from .....types.zero_trust.networks.subnets import warp_edit_params, warp_create_params +from .....types.zero_trust.networks.subnets.warp_get_response import WARPGetResponse +from .....types.zero_trust.networks.subnets.warp_edit_response import WARPEditResponse +from .....types.zero_trust.networks.subnets.warp_create_response import WARPCreateResponse +from .....types.zero_trust.networks.subnets.warp_delete_response import WARPDeleteResponse + +__all__ = ["WARPResource", "AsyncWARPResource"] + + +class WARPResource(SyncAPIResource): + @cached_property + def with_raw_response(self) -> WARPResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return WARPResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> WARPResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return WARPResourceWithStreamingResponse(self) + + def create( + self, + *, + account_id: str, + name: str, + network: str, + comment: str | Omit = omit, + is_default_network: bool | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> WARPCreateResponse: + """Create a WARP IP assignment subnet. + + Currently, only IPv4 subnets can be created. + + **Network constraints:** + + - The network must be within one of the following private IP ranges: + - `10.0.0.0/8` (RFC 1918) + - `172.16.0.0/12` (RFC 1918) + - `192.168.0.0/16` (RFC 1918) + - `100.64.0.0/10` (RFC 6598 - CGNAT) + - The subnet must have a prefix length of `/24` or larger (e.g., `/16`, `/20`, + `/24` are valid; `/25`, `/28` are not) + + Args: + account_id: Cloudflare account ID + + name: A user-friendly name for the subnet. + + network: The private IPv4 or IPv6 range defining the subnet, in CIDR notation. + + comment: An optional description of the subnet. + + is_default_network: If `true`, this is the default subnet for the account. There can only be one + default subnet per account. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return self._post( + f"/accounts/{account_id}/zerotrust/subnets/warp", + body=maybe_transform( + { + "name": name, + "network": network, + "comment": comment, + "is_default_network": is_default_network, + }, + warp_create_params.WARPCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[WARPCreateResponse]._unwrapper, + ), + cast_to=cast(Type[WARPCreateResponse], ResultWrapper[WARPCreateResponse]), + ) + + def delete( + self, + subnet_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[WARPDeleteResponse]: + """Delete a WARP IP assignment subnet. + + This operation is idempotent - deleting an + already-deleted or non-existent subnet will return success with a null result. + + Args: + account_id: Cloudflare account ID + + subnet_id: The UUID of the subnet. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not subnet_id: + raise ValueError(f"Expected a non-empty value for `subnet_id` but received {subnet_id!r}") + return self._delete( + f"/accounts/{account_id}/zerotrust/subnets/warp/{subnet_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[WARPDeleteResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[WARPDeleteResponse]], ResultWrapper[WARPDeleteResponse]), + ) + + def edit( + self, + subnet_id: str, + *, + account_id: str, + comment: str | Omit = omit, + is_default_network: bool | Omit = omit, + name: str | Omit = omit, + network: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> WARPEditResponse: + """ + Updates a WARP IP assignment subnet. + + **Update constraints:** + + - The `network` field cannot be modified for WARP subnets. Only `name`, + `comment`, and `is_default_network` can be updated. + - IPv6 subnets cannot be updated + + Args: + account_id: Cloudflare account ID + + subnet_id: The UUID of the subnet. + + comment: An optional description of the subnet. + + is_default_network: If `true`, this is the default subnet for the account. There can only be one + default subnet per account. + + name: A user-friendly name for the subnet. + + network: The private IPv4 or IPv6 range defining the subnet, in CIDR notation. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not subnet_id: + raise ValueError(f"Expected a non-empty value for `subnet_id` but received {subnet_id!r}") + return self._patch( + f"/accounts/{account_id}/zerotrust/subnets/warp/{subnet_id}", + body=maybe_transform( + { + "comment": comment, + "is_default_network": is_default_network, + "name": name, + "network": network, + }, + warp_edit_params.WARPEditParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[WARPEditResponse]._unwrapper, + ), + cast_to=cast(Type[WARPEditResponse], ResultWrapper[WARPEditResponse]), + ) + + def get( + self, + subnet_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> WARPGetResponse: + """ + Get a WARP IP assignment subnet. + + Args: + account_id: Cloudflare account ID + + subnet_id: The UUID of the subnet. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not subnet_id: + raise ValueError(f"Expected a non-empty value for `subnet_id` but received {subnet_id!r}") + return self._get( + f"/accounts/{account_id}/zerotrust/subnets/warp/{subnet_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[WARPGetResponse]._unwrapper, + ), + cast_to=cast(Type[WARPGetResponse], ResultWrapper[WARPGetResponse]), + ) + + +class AsyncWARPResource(AsyncAPIResource): + @cached_property + def with_raw_response(self) -> AsyncWARPResourceWithRawResponse: + """ + This property can be used as a prefix for any HTTP method call to return + the raw response object instead of the parsed content. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#accessing-raw-response-data-eg-headers + """ + return AsyncWARPResourceWithRawResponse(self) + + @cached_property + def with_streaming_response(self) -> AsyncWARPResourceWithStreamingResponse: + """ + An alternative to `.with_raw_response` that doesn't eagerly read the response body. + + For more information, see https://www.github.com/cloudflare/cloudflare-python#with_streaming_response + """ + return AsyncWARPResourceWithStreamingResponse(self) + + async def create( + self, + *, + account_id: str, + name: str, + network: str, + comment: str | Omit = omit, + is_default_network: bool | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> WARPCreateResponse: + """Create a WARP IP assignment subnet. + + Currently, only IPv4 subnets can be created. + + **Network constraints:** + + - The network must be within one of the following private IP ranges: + - `10.0.0.0/8` (RFC 1918) + - `172.16.0.0/12` (RFC 1918) + - `192.168.0.0/16` (RFC 1918) + - `100.64.0.0/10` (RFC 6598 - CGNAT) + - The subnet must have a prefix length of `/24` or larger (e.g., `/16`, `/20`, + `/24` are valid; `/25`, `/28` are not) + + Args: + account_id: Cloudflare account ID + + name: A user-friendly name for the subnet. + + network: The private IPv4 or IPv6 range defining the subnet, in CIDR notation. + + comment: An optional description of the subnet. + + is_default_network: If `true`, this is the default subnet for the account. There can only be one + default subnet per account. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + return await self._post( + f"/accounts/{account_id}/zerotrust/subnets/warp", + body=await async_maybe_transform( + { + "name": name, + "network": network, + "comment": comment, + "is_default_network": is_default_network, + }, + warp_create_params.WARPCreateParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[WARPCreateResponse]._unwrapper, + ), + cast_to=cast(Type[WARPCreateResponse], ResultWrapper[WARPCreateResponse]), + ) + + async def delete( + self, + subnet_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> Optional[WARPDeleteResponse]: + """Delete a WARP IP assignment subnet. + + This operation is idempotent - deleting an + already-deleted or non-existent subnet will return success with a null result. + + Args: + account_id: Cloudflare account ID + + subnet_id: The UUID of the subnet. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not subnet_id: + raise ValueError(f"Expected a non-empty value for `subnet_id` but received {subnet_id!r}") + return await self._delete( + f"/accounts/{account_id}/zerotrust/subnets/warp/{subnet_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[Optional[WARPDeleteResponse]]._unwrapper, + ), + cast_to=cast(Type[Optional[WARPDeleteResponse]], ResultWrapper[WARPDeleteResponse]), + ) + + async def edit( + self, + subnet_id: str, + *, + account_id: str, + comment: str | Omit = omit, + is_default_network: bool | Omit = omit, + name: str | Omit = omit, + network: str | Omit = omit, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> WARPEditResponse: + """ + Updates a WARP IP assignment subnet. + + **Update constraints:** + + - The `network` field cannot be modified for WARP subnets. Only `name`, + `comment`, and `is_default_network` can be updated. + - IPv6 subnets cannot be updated + + Args: + account_id: Cloudflare account ID + + subnet_id: The UUID of the subnet. + + comment: An optional description of the subnet. + + is_default_network: If `true`, this is the default subnet for the account. There can only be one + default subnet per account. + + name: A user-friendly name for the subnet. + + network: The private IPv4 or IPv6 range defining the subnet, in CIDR notation. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not subnet_id: + raise ValueError(f"Expected a non-empty value for `subnet_id` but received {subnet_id!r}") + return await self._patch( + f"/accounts/{account_id}/zerotrust/subnets/warp/{subnet_id}", + body=await async_maybe_transform( + { + "comment": comment, + "is_default_network": is_default_network, + "name": name, + "network": network, + }, + warp_edit_params.WARPEditParams, + ), + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[WARPEditResponse]._unwrapper, + ), + cast_to=cast(Type[WARPEditResponse], ResultWrapper[WARPEditResponse]), + ) + + async def get( + self, + subnet_id: str, + *, + account_id: str, + # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs. + # The extra values given here take precedence over values defined on the client or passed to this method. + extra_headers: Headers | None = None, + extra_query: Query | None = None, + extra_body: Body | None = None, + timeout: float | httpx.Timeout | None | NotGiven = not_given, + ) -> WARPGetResponse: + """ + Get a WARP IP assignment subnet. + + Args: + account_id: Cloudflare account ID + + subnet_id: The UUID of the subnet. + + extra_headers: Send extra headers + + extra_query: Add additional query parameters to the request + + extra_body: Add additional JSON properties to the request + + timeout: Override the client-level default timeout for this request, in seconds + """ + if not account_id: + raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}") + if not subnet_id: + raise ValueError(f"Expected a non-empty value for `subnet_id` but received {subnet_id!r}") + return await self._get( + f"/accounts/{account_id}/zerotrust/subnets/warp/{subnet_id}", + options=make_request_options( + extra_headers=extra_headers, + extra_query=extra_query, + extra_body=extra_body, + timeout=timeout, + post_parser=ResultWrapper[WARPGetResponse]._unwrapper, + ), + cast_to=cast(Type[WARPGetResponse], ResultWrapper[WARPGetResponse]), + ) + + +class WARPResourceWithRawResponse: + def __init__(self, warp: WARPResource) -> None: + self._warp = warp + + self.create = to_raw_response_wrapper( + warp.create, + ) + self.delete = to_raw_response_wrapper( + warp.delete, + ) + self.edit = to_raw_response_wrapper( + warp.edit, + ) + self.get = to_raw_response_wrapper( + warp.get, + ) + + +class AsyncWARPResourceWithRawResponse: + def __init__(self, warp: AsyncWARPResource) -> None: + self._warp = warp + + self.create = async_to_raw_response_wrapper( + warp.create, + ) + self.delete = async_to_raw_response_wrapper( + warp.delete, + ) + self.edit = async_to_raw_response_wrapper( + warp.edit, + ) + self.get = async_to_raw_response_wrapper( + warp.get, + ) + + +class WARPResourceWithStreamingResponse: + def __init__(self, warp: WARPResource) -> None: + self._warp = warp + + self.create = to_streamed_response_wrapper( + warp.create, + ) + self.delete = to_streamed_response_wrapper( + warp.delete, + ) + self.edit = to_streamed_response_wrapper( + warp.edit, + ) + self.get = to_streamed_response_wrapper( + warp.get, + ) + + +class AsyncWARPResourceWithStreamingResponse: + def __init__(self, warp: AsyncWARPResource) -> None: + self._warp = warp + + self.create = async_to_streamed_response_wrapper( + warp.create, + ) + self.delete = async_to_streamed_response_wrapper( + warp.delete, + ) + self.edit = async_to_streamed_response_wrapper( + warp.edit, + ) + self.get = async_to_streamed_response_wrapper( + warp.get, + ) diff --git a/src/cloudflare/resources/zero_trust/organizations/organizations.py b/src/cloudflare/resources/zero_trust/organizations/organizations.py index 322f37c0f13..9a5730fae56 100644 --- a/src/cloudflare/resources/zero_trust/organizations/organizations.py +++ b/src/cloudflare/resources/zero_trust/organizations/organizations.py @@ -75,6 +75,9 @@ def create( deny_unmatched_requests_exempted_zone_names: SequenceNotStr[str] | Omit = omit, is_ui_read_only: bool | Omit = omit, login_design: LoginDesignParam | Omit = omit, + mfa_config: organization_create_params.MfaConfig | Omit = omit, + mfa_configuration_allowed: bool | Omit = omit, + mfa_required_for_all_apps: bool | Omit = omit, session_duration: str | Omit = omit, ui_read_only_toggle_reason: str | Omit = omit, user_seat_expiration_inactive_time: str | Omit = omit, @@ -118,6 +121,15 @@ def create( is_ui_read_only: Lock all settings as Read-Only in the Dashboard, regardless of user permission. Updates may only be made via the API or Terraform for this account when enabled. + mfa_config: Configures multi-factor authentication (MFA) settings for an organization. + + mfa_configuration_allowed: Indicates if this organization can enforce multi-factor authentication (MFA) + requirements at the application and policy level. + + mfa_required_for_all_apps: Determines whether global MFA settings apply to applications by default. The + organization must have MFA enabled with at least one authentication method and a + session duration configured. + session_duration: The amount of time that tokens issued for applications will be valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s, m, h. @@ -165,6 +177,9 @@ def create( "deny_unmatched_requests_exempted_zone_names": deny_unmatched_requests_exempted_zone_names, "is_ui_read_only": is_ui_read_only, "login_design": login_design, + "mfa_config": mfa_config, + "mfa_configuration_allowed": mfa_configuration_allowed, + "mfa_required_for_all_apps": mfa_required_for_all_apps, "session_duration": session_duration, "ui_read_only_toggle_reason": ui_read_only_toggle_reason, "user_seat_expiration_inactive_time": user_seat_expiration_inactive_time, @@ -195,6 +210,9 @@ def update( deny_unmatched_requests_exempted_zone_names: SequenceNotStr[str] | Omit = omit, is_ui_read_only: bool | Omit = omit, login_design: LoginDesignParam | Omit = omit, + mfa_config: organization_update_params.MfaConfig | Omit = omit, + mfa_configuration_allowed: bool | Omit = omit, + mfa_required_for_all_apps: bool | Omit = omit, name: str | Omit = omit, session_duration: str | Omit = omit, ui_read_only_toggle_reason: str | Omit = omit, @@ -237,6 +255,15 @@ def update( is_ui_read_only: Lock all settings as Read-Only in the Dashboard, regardless of user permission. Updates may only be made via the API or Terraform for this account when enabled. + mfa_config: Configures multi-factor authentication (MFA) settings for an organization. + + mfa_configuration_allowed: Indicates if this organization can enforce multi-factor authentication (MFA) + requirements at the application and policy level. + + mfa_required_for_all_apps: Determines whether global MFA settings apply to applications by default. The + organization must have MFA enabled with at least one authentication method and a + session duration configured. + name: The name of your Zero Trust organization. session_duration: The amount of time that tokens issued for applications will be valid. Must be in @@ -286,6 +313,9 @@ def update( "deny_unmatched_requests_exempted_zone_names": deny_unmatched_requests_exempted_zone_names, "is_ui_read_only": is_ui_read_only, "login_design": login_design, + "mfa_config": mfa_config, + "mfa_configuration_allowed": mfa_configuration_allowed, + "mfa_required_for_all_apps": mfa_required_for_all_apps, "name": name, "session_duration": session_duration, "ui_read_only_toggle_reason": ui_read_only_toggle_reason, @@ -477,6 +507,9 @@ async def create( deny_unmatched_requests_exempted_zone_names: SequenceNotStr[str] | Omit = omit, is_ui_read_only: bool | Omit = omit, login_design: LoginDesignParam | Omit = omit, + mfa_config: organization_create_params.MfaConfig | Omit = omit, + mfa_configuration_allowed: bool | Omit = omit, + mfa_required_for_all_apps: bool | Omit = omit, session_duration: str | Omit = omit, ui_read_only_toggle_reason: str | Omit = omit, user_seat_expiration_inactive_time: str | Omit = omit, @@ -520,6 +553,15 @@ async def create( is_ui_read_only: Lock all settings as Read-Only in the Dashboard, regardless of user permission. Updates may only be made via the API or Terraform for this account when enabled. + mfa_config: Configures multi-factor authentication (MFA) settings for an organization. + + mfa_configuration_allowed: Indicates if this organization can enforce multi-factor authentication (MFA) + requirements at the application and policy level. + + mfa_required_for_all_apps: Determines whether global MFA settings apply to applications by default. The + organization must have MFA enabled with at least one authentication method and a + session duration configured. + session_duration: The amount of time that tokens issued for applications will be valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s, m, h. @@ -567,6 +609,9 @@ async def create( "deny_unmatched_requests_exempted_zone_names": deny_unmatched_requests_exempted_zone_names, "is_ui_read_only": is_ui_read_only, "login_design": login_design, + "mfa_config": mfa_config, + "mfa_configuration_allowed": mfa_configuration_allowed, + "mfa_required_for_all_apps": mfa_required_for_all_apps, "session_duration": session_duration, "ui_read_only_toggle_reason": ui_read_only_toggle_reason, "user_seat_expiration_inactive_time": user_seat_expiration_inactive_time, @@ -597,6 +642,9 @@ async def update( deny_unmatched_requests_exempted_zone_names: SequenceNotStr[str] | Omit = omit, is_ui_read_only: bool | Omit = omit, login_design: LoginDesignParam | Omit = omit, + mfa_config: organization_update_params.MfaConfig | Omit = omit, + mfa_configuration_allowed: bool | Omit = omit, + mfa_required_for_all_apps: bool | Omit = omit, name: str | Omit = omit, session_duration: str | Omit = omit, ui_read_only_toggle_reason: str | Omit = omit, @@ -639,6 +687,15 @@ async def update( is_ui_read_only: Lock all settings as Read-Only in the Dashboard, regardless of user permission. Updates may only be made via the API or Terraform for this account when enabled. + mfa_config: Configures multi-factor authentication (MFA) settings for an organization. + + mfa_configuration_allowed: Indicates if this organization can enforce multi-factor authentication (MFA) + requirements at the application and policy level. + + mfa_required_for_all_apps: Determines whether global MFA settings apply to applications by default. The + organization must have MFA enabled with at least one authentication method and a + session duration configured. + name: The name of your Zero Trust organization. session_duration: The amount of time that tokens issued for applications will be valid. Must be in @@ -688,6 +745,9 @@ async def update( "deny_unmatched_requests_exempted_zone_names": deny_unmatched_requests_exempted_zone_names, "is_ui_read_only": is_ui_read_only, "login_design": login_design, + "mfa_config": mfa_config, + "mfa_configuration_allowed": mfa_configuration_allowed, + "mfa_required_for_all_apps": mfa_required_for_all_apps, "name": name, "session_duration": session_duration, "ui_read_only_toggle_reason": ui_read_only_toggle_reason, diff --git a/src/cloudflare/resources/zones/zones.py b/src/cloudflare/resources/zones/zones.py index ea3f6779233..cd31a0ddf93 100644 --- a/src/cloudflare/resources/zones/zones.py +++ b/src/cloudflare/resources/zones/zones.py @@ -145,12 +145,16 @@ def create( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[Zone]: - """ - Create Zone + """Create Zone Args: name: The domain name. + Per + [RFC 1035](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.4) the + overall zone name can be up to 253 characters, with each segment ("label") not + exceeding 63 characters. + type: A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. @@ -465,12 +469,16 @@ async def create( extra_body: Body | None = None, timeout: float | httpx.Timeout | None | NotGiven = not_given, ) -> Optional[Zone]: - """ - Create Zone + """Create Zone Args: name: The domain name. + Per + [RFC 1035](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.4) the + overall zone name can be up to 253 characters, with each segment ("label") not + exceeding 63 characters. + type: A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. diff --git a/src/cloudflare/types/accounts/member_create_params.py b/src/cloudflare/types/accounts/member_create_params.py index 0fbe8a7347d..48c257c5826 100644 --- a/src/cloudflare/types/accounts/member_create_params.py +++ b/src/cloudflare/types/accounts/member_create_params.py @@ -28,6 +28,12 @@ class IAMCreateMemberWithRoles(TypedDict, total=False): """Array of roles associated with this member.""" status: Literal["accepted", "pending"] + """Status of the member invitation. + + If not provided during creation, defaults to 'pending'. Changing from 'accepted' + back to 'pending' will trigger a replacement of the member resource in + Terraform. + """ class IAMCreateMemberWithPolicies(TypedDict, total=False): @@ -41,6 +47,12 @@ class IAMCreateMemberWithPolicies(TypedDict, total=False): """Array of policies associated with this member.""" status: Literal["accepted", "pending"] + """Status of the member invitation. + + If not provided during creation, defaults to 'pending'. Changing from 'accepted' + back to 'pending' will trigger a replacement of the member resource in + Terraform. + """ class IAMCreateMemberWithPoliciesPolicyPermissionGroup(TypedDict, total=False): diff --git a/src/cloudflare/types/acm/__init__.py b/src/cloudflare/types/acm/__init__.py index 9a1d8d08f7f..cb5eb45f418 100644 --- a/src/cloudflare/types/acm/__init__.py +++ b/src/cloudflare/types/acm/__init__.py @@ -2,9 +2,13 @@ from __future__ import annotations +from .custom_trust_store import CustomTrustStore as CustomTrustStore from .certificate_authority import CertificateAuthority as CertificateAuthority from .total_tls_edit_params import TotalTLSEditParams as TotalTLSEditParams from .total_tls_get_response import TotalTLSGetResponse as TotalTLSGetResponse from .total_tls_edit_response import TotalTLSEditResponse as TotalTLSEditResponse from .total_tls_update_params import TotalTLSUpdateParams as TotalTLSUpdateParams from .total_tls_update_response import TotalTLSUpdateResponse as TotalTLSUpdateResponse +from .custom_trust_store_list_params import CustomTrustStoreListParams as CustomTrustStoreListParams +from .custom_trust_store_create_params import CustomTrustStoreCreateParams as CustomTrustStoreCreateParams +from .custom_trust_store_delete_response import CustomTrustStoreDeleteResponse as CustomTrustStoreDeleteResponse diff --git a/src/cloudflare/types/acm/custom_trust_store.py b/src/cloudflare/types/acm/custom_trust_store.py new file mode 100644 index 00000000000..24871405329 --- /dev/null +++ b/src/cloudflare/types/acm/custom_trust_store.py @@ -0,0 +1,34 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from datetime import datetime +from typing_extensions import Literal + +from ..._models import BaseModel + +__all__ = ["CustomTrustStore"] + + +class CustomTrustStore(BaseModel): + id: str + """Identifier.""" + + certificate: str + """The zone's SSL certificate or certificate and the intermediate(s).""" + + expires_on: datetime + """When the certificate expires.""" + + issuer: str + """The certificate authority that issued the certificate.""" + + signature: str + """The type of hash used for the certificate.""" + + status: Literal["initializing", "pending_deployment", "active", "pending_deletion", "deleted", "expired"] + """Status of the zone's custom SSL.""" + + updated_at: datetime + """When the certificate was last modified.""" + + uploaded_on: datetime + """When the certificate was uploaded to Cloudflare.""" diff --git a/src/cloudflare/types/acm/custom_trust_store_create_params.py b/src/cloudflare/types/acm/custom_trust_store_create_params.py new file mode 100644 index 00000000000..38498ed17fa --- /dev/null +++ b/src/cloudflare/types/acm/custom_trust_store_create_params.py @@ -0,0 +1,15 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["CustomTrustStoreCreateParams"] + + +class CustomTrustStoreCreateParams(TypedDict, total=False): + zone_id: Required[str] + """Identifier.""" + + certificate: Required[str] + """The zone's SSL certificate or certificate and the intermediate(s).""" diff --git a/src/cloudflare/types/acm/custom_trust_store_delete_response.py b/src/cloudflare/types/acm/custom_trust_store_delete_response.py new file mode 100644 index 00000000000..804ac6f88ba --- /dev/null +++ b/src/cloudflare/types/acm/custom_trust_store_delete_response.py @@ -0,0 +1,12 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional + +from ..._models import BaseModel + +__all__ = ["CustomTrustStoreDeleteResponse"] + + +class CustomTrustStoreDeleteResponse(BaseModel): + id: Optional[str] = None + """Identifier.""" diff --git a/src/cloudflare/types/acm/custom_trust_store_list_params.py b/src/cloudflare/types/acm/custom_trust_store_list_params.py new file mode 100644 index 00000000000..065c67d4223 --- /dev/null +++ b/src/cloudflare/types/acm/custom_trust_store_list_params.py @@ -0,0 +1,24 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["CustomTrustStoreListParams"] + + +class CustomTrustStoreListParams(TypedDict, total=False): + zone_id: Required[str] + """Identifier.""" + + limit: int + """Limit to the number of records returned.""" + + offset: int + """Offset the results""" + + page: float + """Page number of paginated results.""" + + per_page: float + """Number of records per page.""" diff --git a/src/cloudflare/types/ai/ai_run_params.py b/src/cloudflare/types/ai/ai_run_params.py index 753b2da85d4..6ce24ce4ae0 100644 --- a/src/cloudflare/types/ai/ai_run_params.py +++ b/src/cloudflare/types/ai/ai_run_params.py @@ -20,6 +20,7 @@ "PromptResponseFormat", "Messages", "MessagesMessage", + "MessagesMessageContentUnionMember1", "MessagesFunction", "MessagesResponseFormat", "MessagesTool", @@ -36,6 +37,8 @@ "Variant12", "Variant13", "Variant13Message", + "Variant13MessageContentUnionMember1", + "Variant13MessageContentUnionMember1ImageURL", "MultimodalEmbeddings", ] @@ -284,8 +287,16 @@ class Messages(TypedDict, total=False): """ +class MessagesMessageContentUnionMember1(TypedDict, total=False): + text: str + """Text content""" + + type: str + """Type of the content (text)""" + + class MessagesMessage(TypedDict, total=False): - content: Required[str] + content: Required[Union[str, Iterable[MessagesMessageContentUnionMember1]]] """The content of the message as a string.""" role: Required[str] @@ -563,8 +574,26 @@ class Variant13(TypedDict, total=False): """ +class Variant13MessageContentUnionMember1ImageURL(TypedDict, total=False): + """Image URL object (when type is 'image_url').""" + + url: Required[str] + """Image URI with data (e.g. data:image/jpeg;base64,/9j/...).""" + + +class Variant13MessageContentUnionMember1(TypedDict, total=False): + type: Required[str] + """Type of the content part (e.g. 'text', 'image_url').""" + + image_url: Variant13MessageContentUnionMember1ImageURL + """Image URL object (when type is 'image_url').""" + + text: str + """Text content (when type is 'text').""" + + class Variant13Message(TypedDict, total=False): - content: Required[str] + content: Required[Union[str, Iterable[Variant13MessageContentUnionMember1]]] """The content of the message as a string.""" role: Required[str] diff --git a/src/cloudflare/types/ai/models/__init__.py b/src/cloudflare/types/ai/models/__init__.py index 64ed676cee2..1c8d1e37dad 100644 --- a/src/cloudflare/types/ai/models/__init__.py +++ b/src/cloudflare/types/ai/models/__init__.py @@ -3,3 +3,4 @@ from __future__ import annotations from .schema_get_params import SchemaGetParams as SchemaGetParams +from .schema_get_response import SchemaGetResponse as SchemaGetResponse diff --git a/src/cloudflare/types/ai/models/schema_get_response.py b/src/cloudflare/types/ai/models/schema_get_response.py new file mode 100644 index 00000000000..8935fb04255 --- /dev/null +++ b/src/cloudflare/types/ai/models/schema_get_response.py @@ -0,0 +1,29 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from pydantic import Field as FieldInfo + +from ...._models import BaseModel + +__all__ = ["SchemaGetResponse", "Input", "Output"] + + +class Input(BaseModel): + additional_properties: bool = FieldInfo(alias="additionalProperties") + + description: str + + type: str + + +class Output(BaseModel): + additional_properties: bool = FieldInfo(alias="additionalProperties") + + description: str + + type: str + + +class SchemaGetResponse(BaseModel): + input: Input + + output: Output diff --git a/src/cloudflare/types/aisearch/instance_chat_completions_params.py b/src/cloudflare/types/aisearch/instance_chat_completions_params.py index 9dee87fffad..a60d3a9a458 100644 --- a/src/cloudflare/types/aisearch/instance_chat_completions_params.py +++ b/src/cloudflare/types/aisearch/instance_chat_completions_params.py @@ -14,10 +14,6 @@ "AISearchOptionsQueryRewrite", "AISearchOptionsReranking", "AISearchOptionsRetrieval", - "AISearchOptionsRetrievalFilters", - "AISearchOptionsRetrievalFiltersUnionMember0", - "AISearchOptionsRetrievalFiltersUnionMember1", - "AISearchOptionsRetrievalFiltersUnionMember1Filter", ] @@ -30,12 +26,14 @@ class InstanceChatCompletionsParams(TypedDict, total=False): model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -74,12 +72,14 @@ class AISearchOptionsQueryRewrite(TypedDict, total=False): model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -112,37 +112,19 @@ class AISearchOptionsReranking(TypedDict, total=False): model: Literal["@cf/baai/bge-reranker-base", ""] -class AISearchOptionsRetrievalFiltersUnionMember0(TypedDict, total=False): - key: Required[str] - - type: Required[Literal["eq", "ne", "gt", "gte", "lt", "lte"]] - - value: Required[Union[str, float, bool]] - - -class AISearchOptionsRetrievalFiltersUnionMember1Filter(TypedDict, total=False): - key: Required[str] - - type: Required[Literal["eq", "ne", "gt", "gte", "lt", "lte"]] - - value: Required[Union[str, float, bool]] - - -class AISearchOptionsRetrievalFiltersUnionMember1(TypedDict, total=False): - filters: Required[Iterable[AISearchOptionsRetrievalFiltersUnionMember1Filter]] - - type: Required[Literal["and", "or"]] - +class AISearchOptionsRetrieval(TypedDict, total=False): + context_expansion: int -AISearchOptionsRetrievalFilters: TypeAlias = Union[ - AISearchOptionsRetrievalFiltersUnionMember0, AISearchOptionsRetrievalFiltersUnionMember1 -] + filters: Dict[str, object] + fusion_method: Literal["max", "rrf"] -class AISearchOptionsRetrieval(TypedDict, total=False): - context_expansion: int + keyword_match_mode: Literal["exact_match", "fuzzy_match"] + """Controls how keyword search terms are matched. - filters: AISearchOptionsRetrievalFilters + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ match_threshold: float @@ -150,6 +132,8 @@ class AISearchOptionsRetrieval(TypedDict, total=False): retrieval_type: Literal["vector", "keyword", "hybrid"] + return_on_failure: bool + class AISearchOptions(TypedDict, total=False): query_rewrite: AISearchOptionsQueryRewrite diff --git a/src/cloudflare/types/aisearch/instance_chat_completions_response.py b/src/cloudflare/types/aisearch/instance_chat_completions_response.py index 6b8a7e4b614..76e503d1871 100644 --- a/src/cloudflare/types/aisearch/instance_chat_completions_response.py +++ b/src/cloudflare/types/aisearch/instance_chat_completions_response.py @@ -48,6 +48,8 @@ class ChunkScoringDetails(BaseModel): keyword_score: Optional[float] = None + reranking_score: Optional[float] = None + vector_rank: Optional[float] = None vector_score: Optional[float] = None diff --git a/src/cloudflare/types/aisearch/instance_create_params.py b/src/cloudflare/types/aisearch/instance_create_params.py index d88e808b521..19f94e53997 100644 --- a/src/cloudflare/types/aisearch/instance_create_params.py +++ b/src/cloudflare/types/aisearch/instance_create_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Dict, Iterable +from typing import Dict, Iterable, Optional from typing_extensions import Literal, Required, Annotated, TypedDict from ..._types import SequenceNotStr @@ -18,6 +18,7 @@ "PublicEndpointParamsMcp", "PublicEndpointParamsRateLimit", "PublicEndpointParamsSearchEndpoint", + "RetrievalOptions", "SourceParams", "SourceParamsWebCrawler", "SourceParamsWebCrawlerParseOptions", @@ -35,17 +36,19 @@ class InstanceCreateParams(TypedDict, total=False): type: Required[Literal["r2", "web-crawler"]] - ai_gateway_id: str + ai_gateway_id: Optional[str] aisearch_model: Annotated[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -88,6 +91,8 @@ class InstanceCreateParams(TypedDict, total=False): "", ] + fusion_method: Literal["max", "rrf"] + hybrid_search_enabled: bool max_num_results: int @@ -100,14 +105,18 @@ class InstanceCreateParams(TypedDict, total=False): reranking_model: Literal["@cf/baai/bge-reranker-base", ""] + retrieval_options: Optional[RetrievalOptions] + rewrite_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -133,7 +142,7 @@ class InstanceCreateParams(TypedDict, total=False): score_threshold: float - source_params: SourceParams + source_params: Optional[SourceParams] token_id: str @@ -156,6 +165,8 @@ class PublicEndpointParamsChatCompletionsEndpoint(TypedDict, total=False): class PublicEndpointParamsMcp(TypedDict, total=False): + description: str + disabled: bool """Disable MCP endpoint for this public endpoint""" @@ -187,6 +198,15 @@ class PublicEndpointParams(TypedDict, total=False): search_endpoint: PublicEndpointParamsSearchEndpoint +class RetrievalOptions(TypedDict, total=False): + keyword_match_mode: Literal["exact_match", "fuzzy_match"] + """Controls how keyword search terms are matched. + + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ + + class SourceParamsWebCrawlerParseOptions(TypedDict, total=False): include_headers: Dict[str, str] diff --git a/src/cloudflare/types/aisearch/instance_create_response.py b/src/cloudflare/types/aisearch/instance_create_response.py index 7e3f4709640..4a81cf1c492 100644 --- a/src/cloudflare/types/aisearch/instance_create_response.py +++ b/src/cloudflare/types/aisearch/instance_create_response.py @@ -18,6 +18,7 @@ "PublicEndpointParamsMcp", "PublicEndpointParamsRateLimit", "PublicEndpointParamsSearchEndpoint", + "RetrievalOptions", "SourceParams", "SourceParamsWebCrawler", "SourceParamsWebCrawlerParseOptions", @@ -43,6 +44,8 @@ class PublicEndpointParamsChatCompletionsEndpoint(BaseModel): class PublicEndpointParamsMcp(BaseModel): + description: Optional[str] = None + disabled: Optional[bool] = None """Disable MCP endpoint for this public endpoint""" @@ -74,6 +77,15 @@ class PublicEndpointParams(BaseModel): search_endpoint: Optional[PublicEndpointParamsSearchEndpoint] = None +class RetrievalOptions(BaseModel): + keyword_match_mode: Optional[Literal["exact_match", "fuzzy_match"]] = None + """Controls how keyword search terms are matched. + + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ + + class SourceParamsWebCrawlerParseOptions(BaseModel): include_headers: Optional[Dict[str, str]] = None @@ -131,14 +143,8 @@ class InstanceCreateResponse(BaseModel): id: str """Use your AI Search ID.""" - account_id: str - - account_tag: str - created_at: datetime - internal_id: str - modified_at: datetime source: str @@ -152,12 +158,14 @@ class InstanceCreateResponse(BaseModel): aisearch_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -184,8 +192,6 @@ class InstanceCreateResponse(BaseModel): cache_threshold: Optional[Literal["super_strict_match", "close_enough", "flexible_friend", "anything_goes"]] = None - chunk: Optional[bool] = None - chunk_overlap: Optional[int] = None chunk_size: Optional[int] = None @@ -209,7 +215,7 @@ class InstanceCreateResponse(BaseModel): enable: Optional[bool] = None - engine_version: Optional[float] = None + fusion_method: Optional[Literal["max", "rrf"]] = None hybrid_search_enabled: Optional[bool] = None @@ -231,15 +237,19 @@ class InstanceCreateResponse(BaseModel): reranking_model: Optional[Literal["@cf/baai/bge-reranker-base", ""]] = None + retrieval_options: Optional[RetrievalOptions] = None + rewrite_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -270,45 +280,4 @@ class InstanceCreateResponse(BaseModel): status: Optional[str] = None - summarization: Optional[bool] = None - - summarization_model: Optional[ - Literal[ - "@cf/meta/llama-3.3-70b-instruct-fp8-fast", - "@cf/meta/llama-3.1-8b-instruct-fast", - "@cf/meta/llama-3.1-8b-instruct-fp8", - "@cf/meta/llama-4-scout-17b-16e-instruct", - "@cf/qwen/qwen3-30b-a3b-fp8", - "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", - "@cf/moonshotai/kimi-k2-instruct", - "anthropic/claude-3-7-sonnet", - "anthropic/claude-sonnet-4", - "anthropic/claude-opus-4", - "anthropic/claude-3-5-haiku", - "cerebras/qwen-3-235b-a22b-instruct", - "cerebras/qwen-3-235b-a22b-thinking", - "cerebras/llama-3.3-70b", - "cerebras/llama-4-maverick-17b-128e-instruct", - "cerebras/llama-4-scout-17b-16e-instruct", - "cerebras/gpt-oss-120b", - "google-ai-studio/gemini-2.5-flash", - "google-ai-studio/gemini-2.5-pro", - "grok/grok-4", - "groq/llama-3.3-70b-versatile", - "groq/llama-3.1-8b-instant", - "openai/gpt-5", - "openai/gpt-5-mini", - "openai/gpt-5-nano", - "", - ] - ] = None - - system_prompt_aisearch: Optional[str] = FieldInfo(alias="system_prompt_ai_search", default=None) - - system_prompt_index_summarization: Optional[str] = None - - system_prompt_rewrite_query: Optional[str] = None - token_id: Optional[str] = None - - vectorize_active_namespace: Optional[str] = None diff --git a/src/cloudflare/types/aisearch/instance_delete_response.py b/src/cloudflare/types/aisearch/instance_delete_response.py index e5f966ee6b3..8c19423fa88 100644 --- a/src/cloudflare/types/aisearch/instance_delete_response.py +++ b/src/cloudflare/types/aisearch/instance_delete_response.py @@ -18,6 +18,7 @@ "PublicEndpointParamsMcp", "PublicEndpointParamsRateLimit", "PublicEndpointParamsSearchEndpoint", + "RetrievalOptions", "SourceParams", "SourceParamsWebCrawler", "SourceParamsWebCrawlerParseOptions", @@ -43,6 +44,8 @@ class PublicEndpointParamsChatCompletionsEndpoint(BaseModel): class PublicEndpointParamsMcp(BaseModel): + description: Optional[str] = None + disabled: Optional[bool] = None """Disable MCP endpoint for this public endpoint""" @@ -74,6 +77,15 @@ class PublicEndpointParams(BaseModel): search_endpoint: Optional[PublicEndpointParamsSearchEndpoint] = None +class RetrievalOptions(BaseModel): + keyword_match_mode: Optional[Literal["exact_match", "fuzzy_match"]] = None + """Controls how keyword search terms are matched. + + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ + + class SourceParamsWebCrawlerParseOptions(BaseModel): include_headers: Optional[Dict[str, str]] = None @@ -131,14 +143,8 @@ class InstanceDeleteResponse(BaseModel): id: str """Use your AI Search ID.""" - account_id: str - - account_tag: str - created_at: datetime - internal_id: str - modified_at: datetime source: str @@ -152,12 +158,14 @@ class InstanceDeleteResponse(BaseModel): aisearch_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -184,8 +192,6 @@ class InstanceDeleteResponse(BaseModel): cache_threshold: Optional[Literal["super_strict_match", "close_enough", "flexible_friend", "anything_goes"]] = None - chunk: Optional[bool] = None - chunk_overlap: Optional[int] = None chunk_size: Optional[int] = None @@ -209,7 +215,7 @@ class InstanceDeleteResponse(BaseModel): enable: Optional[bool] = None - engine_version: Optional[float] = None + fusion_method: Optional[Literal["max", "rrf"]] = None hybrid_search_enabled: Optional[bool] = None @@ -231,15 +237,19 @@ class InstanceDeleteResponse(BaseModel): reranking_model: Optional[Literal["@cf/baai/bge-reranker-base", ""]] = None + retrieval_options: Optional[RetrievalOptions] = None + rewrite_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -270,45 +280,4 @@ class InstanceDeleteResponse(BaseModel): status: Optional[str] = None - summarization: Optional[bool] = None - - summarization_model: Optional[ - Literal[ - "@cf/meta/llama-3.3-70b-instruct-fp8-fast", - "@cf/meta/llama-3.1-8b-instruct-fast", - "@cf/meta/llama-3.1-8b-instruct-fp8", - "@cf/meta/llama-4-scout-17b-16e-instruct", - "@cf/qwen/qwen3-30b-a3b-fp8", - "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", - "@cf/moonshotai/kimi-k2-instruct", - "anthropic/claude-3-7-sonnet", - "anthropic/claude-sonnet-4", - "anthropic/claude-opus-4", - "anthropic/claude-3-5-haiku", - "cerebras/qwen-3-235b-a22b-instruct", - "cerebras/qwen-3-235b-a22b-thinking", - "cerebras/llama-3.3-70b", - "cerebras/llama-4-maverick-17b-128e-instruct", - "cerebras/llama-4-scout-17b-16e-instruct", - "cerebras/gpt-oss-120b", - "google-ai-studio/gemini-2.5-flash", - "google-ai-studio/gemini-2.5-pro", - "grok/grok-4", - "groq/llama-3.3-70b-versatile", - "groq/llama-3.1-8b-instant", - "openai/gpt-5", - "openai/gpt-5-mini", - "openai/gpt-5-nano", - "", - ] - ] = None - - system_prompt_aisearch: Optional[str] = FieldInfo(alias="system_prompt_ai_search", default=None) - - system_prompt_index_summarization: Optional[str] = None - - system_prompt_rewrite_query: Optional[str] = None - token_id: Optional[str] = None - - vectorize_active_namespace: Optional[str] = None diff --git a/src/cloudflare/types/aisearch/instance_list_response.py b/src/cloudflare/types/aisearch/instance_list_response.py index 8488c61e58a..5a72892e3aa 100644 --- a/src/cloudflare/types/aisearch/instance_list_response.py +++ b/src/cloudflare/types/aisearch/instance_list_response.py @@ -18,6 +18,7 @@ "PublicEndpointParamsMcp", "PublicEndpointParamsRateLimit", "PublicEndpointParamsSearchEndpoint", + "RetrievalOptions", "SourceParams", "SourceParamsWebCrawler", "SourceParamsWebCrawlerParseOptions", @@ -43,6 +44,8 @@ class PublicEndpointParamsChatCompletionsEndpoint(BaseModel): class PublicEndpointParamsMcp(BaseModel): + description: Optional[str] = None + disabled: Optional[bool] = None """Disable MCP endpoint for this public endpoint""" @@ -74,6 +77,15 @@ class PublicEndpointParams(BaseModel): search_endpoint: Optional[PublicEndpointParamsSearchEndpoint] = None +class RetrievalOptions(BaseModel): + keyword_match_mode: Optional[Literal["exact_match", "fuzzy_match"]] = None + """Controls how keyword search terms are matched. + + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ + + class SourceParamsWebCrawlerParseOptions(BaseModel): include_headers: Optional[Dict[str, str]] = None @@ -131,14 +143,8 @@ class InstanceListResponse(BaseModel): id: str """Use your AI Search ID.""" - account_id: str - - account_tag: str - created_at: datetime - internal_id: str - modified_at: datetime source: str @@ -152,12 +158,14 @@ class InstanceListResponse(BaseModel): aisearch_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -184,8 +192,6 @@ class InstanceListResponse(BaseModel): cache_threshold: Optional[Literal["super_strict_match", "close_enough", "flexible_friend", "anything_goes"]] = None - chunk: Optional[bool] = None - chunk_overlap: Optional[int] = None chunk_size: Optional[int] = None @@ -209,7 +215,7 @@ class InstanceListResponse(BaseModel): enable: Optional[bool] = None - engine_version: Optional[float] = None + fusion_method: Optional[Literal["max", "rrf"]] = None hybrid_search_enabled: Optional[bool] = None @@ -231,15 +237,19 @@ class InstanceListResponse(BaseModel): reranking_model: Optional[Literal["@cf/baai/bge-reranker-base", ""]] = None + retrieval_options: Optional[RetrievalOptions] = None + rewrite_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -270,45 +280,4 @@ class InstanceListResponse(BaseModel): status: Optional[str] = None - summarization: Optional[bool] = None - - summarization_model: Optional[ - Literal[ - "@cf/meta/llama-3.3-70b-instruct-fp8-fast", - "@cf/meta/llama-3.1-8b-instruct-fast", - "@cf/meta/llama-3.1-8b-instruct-fp8", - "@cf/meta/llama-4-scout-17b-16e-instruct", - "@cf/qwen/qwen3-30b-a3b-fp8", - "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", - "@cf/moonshotai/kimi-k2-instruct", - "anthropic/claude-3-7-sonnet", - "anthropic/claude-sonnet-4", - "anthropic/claude-opus-4", - "anthropic/claude-3-5-haiku", - "cerebras/qwen-3-235b-a22b-instruct", - "cerebras/qwen-3-235b-a22b-thinking", - "cerebras/llama-3.3-70b", - "cerebras/llama-4-maverick-17b-128e-instruct", - "cerebras/llama-4-scout-17b-16e-instruct", - "cerebras/gpt-oss-120b", - "google-ai-studio/gemini-2.5-flash", - "google-ai-studio/gemini-2.5-pro", - "grok/grok-4", - "groq/llama-3.3-70b-versatile", - "groq/llama-3.1-8b-instant", - "openai/gpt-5", - "openai/gpt-5-mini", - "openai/gpt-5-nano", - "", - ] - ] = None - - system_prompt_aisearch: Optional[str] = FieldInfo(alias="system_prompt_ai_search", default=None) - - system_prompt_index_summarization: Optional[str] = None - - system_prompt_rewrite_query: Optional[str] = None - token_id: Optional[str] = None - - vectorize_active_namespace: Optional[str] = None diff --git a/src/cloudflare/types/aisearch/instance_read_response.py b/src/cloudflare/types/aisearch/instance_read_response.py index 0b3afdbe6a8..b0d3f5996d9 100644 --- a/src/cloudflare/types/aisearch/instance_read_response.py +++ b/src/cloudflare/types/aisearch/instance_read_response.py @@ -18,6 +18,7 @@ "PublicEndpointParamsMcp", "PublicEndpointParamsRateLimit", "PublicEndpointParamsSearchEndpoint", + "RetrievalOptions", "SourceParams", "SourceParamsWebCrawler", "SourceParamsWebCrawlerParseOptions", @@ -43,6 +44,8 @@ class PublicEndpointParamsChatCompletionsEndpoint(BaseModel): class PublicEndpointParamsMcp(BaseModel): + description: Optional[str] = None + disabled: Optional[bool] = None """Disable MCP endpoint for this public endpoint""" @@ -74,6 +77,15 @@ class PublicEndpointParams(BaseModel): search_endpoint: Optional[PublicEndpointParamsSearchEndpoint] = None +class RetrievalOptions(BaseModel): + keyword_match_mode: Optional[Literal["exact_match", "fuzzy_match"]] = None + """Controls how keyword search terms are matched. + + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ + + class SourceParamsWebCrawlerParseOptions(BaseModel): include_headers: Optional[Dict[str, str]] = None @@ -131,14 +143,8 @@ class InstanceReadResponse(BaseModel): id: str """Use your AI Search ID.""" - account_id: str - - account_tag: str - created_at: datetime - internal_id: str - modified_at: datetime source: str @@ -152,12 +158,14 @@ class InstanceReadResponse(BaseModel): aisearch_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -184,8 +192,6 @@ class InstanceReadResponse(BaseModel): cache_threshold: Optional[Literal["super_strict_match", "close_enough", "flexible_friend", "anything_goes"]] = None - chunk: Optional[bool] = None - chunk_overlap: Optional[int] = None chunk_size: Optional[int] = None @@ -209,7 +215,7 @@ class InstanceReadResponse(BaseModel): enable: Optional[bool] = None - engine_version: Optional[float] = None + fusion_method: Optional[Literal["max", "rrf"]] = None hybrid_search_enabled: Optional[bool] = None @@ -231,15 +237,19 @@ class InstanceReadResponse(BaseModel): reranking_model: Optional[Literal["@cf/baai/bge-reranker-base", ""]] = None + retrieval_options: Optional[RetrievalOptions] = None + rewrite_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -270,45 +280,4 @@ class InstanceReadResponse(BaseModel): status: Optional[str] = None - summarization: Optional[bool] = None - - summarization_model: Optional[ - Literal[ - "@cf/meta/llama-3.3-70b-instruct-fp8-fast", - "@cf/meta/llama-3.1-8b-instruct-fast", - "@cf/meta/llama-3.1-8b-instruct-fp8", - "@cf/meta/llama-4-scout-17b-16e-instruct", - "@cf/qwen/qwen3-30b-a3b-fp8", - "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", - "@cf/moonshotai/kimi-k2-instruct", - "anthropic/claude-3-7-sonnet", - "anthropic/claude-sonnet-4", - "anthropic/claude-opus-4", - "anthropic/claude-3-5-haiku", - "cerebras/qwen-3-235b-a22b-instruct", - "cerebras/qwen-3-235b-a22b-thinking", - "cerebras/llama-3.3-70b", - "cerebras/llama-4-maverick-17b-128e-instruct", - "cerebras/llama-4-scout-17b-16e-instruct", - "cerebras/gpt-oss-120b", - "google-ai-studio/gemini-2.5-flash", - "google-ai-studio/gemini-2.5-pro", - "grok/grok-4", - "groq/llama-3.3-70b-versatile", - "groq/llama-3.1-8b-instant", - "openai/gpt-5", - "openai/gpt-5-mini", - "openai/gpt-5-nano", - "", - ] - ] = None - - system_prompt_aisearch: Optional[str] = FieldInfo(alias="system_prompt_ai_search", default=None) - - system_prompt_index_summarization: Optional[str] = None - - system_prompt_rewrite_query: Optional[str] = None - token_id: Optional[str] = None - - vectorize_active_namespace: Optional[str] = None diff --git a/src/cloudflare/types/aisearch/instance_search_params.py b/src/cloudflare/types/aisearch/instance_search_params.py index 5be0494bf19..fba9dbe2f6a 100644 --- a/src/cloudflare/types/aisearch/instance_search_params.py +++ b/src/cloudflare/types/aisearch/instance_search_params.py @@ -14,10 +14,6 @@ "AISearchOptionsQueryRewrite", "AISearchOptionsReranking", "AISearchOptionsRetrieval", - "AISearchOptionsRetrievalFilters", - "AISearchOptionsRetrievalFiltersUnionMember0", - "AISearchOptionsRetrievalFiltersUnionMember1", - "AISearchOptionsRetrievalFiltersUnionMember1Filter", ] @@ -43,12 +39,14 @@ class AISearchOptionsQueryRewrite(TypedDict, total=False): model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -81,37 +79,19 @@ class AISearchOptionsReranking(TypedDict, total=False): model: Literal["@cf/baai/bge-reranker-base", ""] -class AISearchOptionsRetrievalFiltersUnionMember0(TypedDict, total=False): - key: Required[str] - - type: Required[Literal["eq", "ne", "gt", "gte", "lt", "lte"]] - - value: Required[Union[str, float, bool]] - - -class AISearchOptionsRetrievalFiltersUnionMember1Filter(TypedDict, total=False): - key: Required[str] - - type: Required[Literal["eq", "ne", "gt", "gte", "lt", "lte"]] - - value: Required[Union[str, float, bool]] - - -class AISearchOptionsRetrievalFiltersUnionMember1(TypedDict, total=False): - filters: Required[Iterable[AISearchOptionsRetrievalFiltersUnionMember1Filter]] - - type: Required[Literal["and", "or"]] - +class AISearchOptionsRetrieval(TypedDict, total=False): + context_expansion: int -AISearchOptionsRetrievalFilters: TypeAlias = Union[ - AISearchOptionsRetrievalFiltersUnionMember0, AISearchOptionsRetrievalFiltersUnionMember1 -] + filters: Dict[str, object] + fusion_method: Literal["max", "rrf"] -class AISearchOptionsRetrieval(TypedDict, total=False): - context_expansion: int + keyword_match_mode: Literal["exact_match", "fuzzy_match"] + """Controls how keyword search terms are matched. - filters: AISearchOptionsRetrievalFilters + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ match_threshold: float @@ -119,6 +99,8 @@ class AISearchOptionsRetrieval(TypedDict, total=False): retrieval_type: Literal["vector", "keyword", "hybrid"] + return_on_failure: bool + class AISearchOptions(TypedDict, total=False): query_rewrite: AISearchOptionsQueryRewrite diff --git a/src/cloudflare/types/aisearch/instance_search_response.py b/src/cloudflare/types/aisearch/instance_search_response.py index c55a1106067..cd404213edc 100644 --- a/src/cloudflare/types/aisearch/instance_search_response.py +++ b/src/cloudflare/types/aisearch/instance_search_response.py @@ -20,6 +20,8 @@ class ChunkScoringDetails(BaseModel): keyword_score: Optional[float] = None + reranking_score: Optional[float] = None + vector_rank: Optional[float] = None vector_score: Optional[float] = None diff --git a/src/cloudflare/types/aisearch/instance_update_params.py b/src/cloudflare/types/aisearch/instance_update_params.py index b39743c1fac..e1d481fb7ac 100644 --- a/src/cloudflare/types/aisearch/instance_update_params.py +++ b/src/cloudflare/types/aisearch/instance_update_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Dict, Iterable +from typing import Dict, Iterable, Optional from typing_extensions import Literal, Required, Annotated, TypedDict from ..._types import SequenceNotStr @@ -18,6 +18,7 @@ "PublicEndpointParamsMcp", "PublicEndpointParamsRateLimit", "PublicEndpointParamsSearchEndpoint", + "RetrievalOptions", "SourceParams", "SourceParamsWebCrawler", "SourceParamsWebCrawlerParseOptions", @@ -28,17 +29,19 @@ class InstanceUpdateParams(TypedDict, total=False): account_id: Required[str] - ai_gateway_id: str + ai_gateway_id: Optional[str] aisearch_model: Annotated[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -85,6 +88,8 @@ class InstanceUpdateParams(TypedDict, total=False): "", ] + fusion_method: Literal["max", "rrf"] + hybrid_search_enabled: bool max_num_results: int @@ -99,14 +104,18 @@ class InstanceUpdateParams(TypedDict, total=False): reranking_model: Literal["@cf/baai/bge-reranker-base", ""] + retrieval_options: Optional[RetrievalOptions] + rewrite_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -132,18 +141,20 @@ class InstanceUpdateParams(TypedDict, total=False): score_threshold: float - source_params: SourceParams + source_params: Optional[SourceParams] summarization: bool summarization_model: Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -165,11 +176,11 @@ class InstanceUpdateParams(TypedDict, total=False): "", ] - system_prompt_aisearch: Annotated[str, PropertyInfo(alias="system_prompt_ai_search")] + system_prompt_aisearch: Annotated[Optional[str], PropertyInfo(alias="system_prompt_ai_search")] - system_prompt_index_summarization: str + system_prompt_index_summarization: Optional[str] - system_prompt_rewrite_query: str + system_prompt_rewrite_query: Optional[str] token_id: str @@ -192,6 +203,8 @@ class PublicEndpointParamsChatCompletionsEndpoint(TypedDict, total=False): class PublicEndpointParamsMcp(TypedDict, total=False): + description: str + disabled: bool """Disable MCP endpoint for this public endpoint""" @@ -223,6 +236,15 @@ class PublicEndpointParams(TypedDict, total=False): search_endpoint: PublicEndpointParamsSearchEndpoint +class RetrievalOptions(TypedDict, total=False): + keyword_match_mode: Literal["exact_match", "fuzzy_match"] + """Controls how keyword search terms are matched. + + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ + + class SourceParamsWebCrawlerParseOptions(TypedDict, total=False): include_headers: Dict[str, str] diff --git a/src/cloudflare/types/aisearch/instance_update_response.py b/src/cloudflare/types/aisearch/instance_update_response.py index 76cecdbb792..712c2a7bc1e 100644 --- a/src/cloudflare/types/aisearch/instance_update_response.py +++ b/src/cloudflare/types/aisearch/instance_update_response.py @@ -18,6 +18,7 @@ "PublicEndpointParamsMcp", "PublicEndpointParamsRateLimit", "PublicEndpointParamsSearchEndpoint", + "RetrievalOptions", "SourceParams", "SourceParamsWebCrawler", "SourceParamsWebCrawlerParseOptions", @@ -43,6 +44,8 @@ class PublicEndpointParamsChatCompletionsEndpoint(BaseModel): class PublicEndpointParamsMcp(BaseModel): + description: Optional[str] = None + disabled: Optional[bool] = None """Disable MCP endpoint for this public endpoint""" @@ -74,6 +77,15 @@ class PublicEndpointParams(BaseModel): search_endpoint: Optional[PublicEndpointParamsSearchEndpoint] = None +class RetrievalOptions(BaseModel): + keyword_match_mode: Optional[Literal["exact_match", "fuzzy_match"]] = None + """Controls how keyword search terms are matched. + + exact_match requires all terms to appear (AND); fuzzy_match returns results + containing any term (OR). Defaults to exact_match. + """ + + class SourceParamsWebCrawlerParseOptions(BaseModel): include_headers: Optional[Dict[str, str]] = None @@ -131,14 +143,8 @@ class InstanceUpdateResponse(BaseModel): id: str """Use your AI Search ID.""" - account_id: str - - account_tag: str - created_at: datetime - internal_id: str - modified_at: datetime source: str @@ -152,12 +158,14 @@ class InstanceUpdateResponse(BaseModel): aisearch_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -184,8 +192,6 @@ class InstanceUpdateResponse(BaseModel): cache_threshold: Optional[Literal["super_strict_match", "close_enough", "flexible_friend", "anything_goes"]] = None - chunk: Optional[bool] = None - chunk_overlap: Optional[int] = None chunk_size: Optional[int] = None @@ -209,7 +215,7 @@ class InstanceUpdateResponse(BaseModel): enable: Optional[bool] = None - engine_version: Optional[float] = None + fusion_method: Optional[Literal["max", "rrf"]] = None hybrid_search_enabled: Optional[bool] = None @@ -231,15 +237,19 @@ class InstanceUpdateResponse(BaseModel): reranking_model: Optional[Literal["@cf/baai/bge-reranker-base", ""]] = None + retrieval_options: Optional[RetrievalOptions] = None + rewrite_model: Optional[ Literal[ "@cf/meta/llama-3.3-70b-instruct-fp8-fast", + "@cf/zai-org/glm-4.7-flash", "@cf/meta/llama-3.1-8b-instruct-fast", "@cf/meta/llama-3.1-8b-instruct-fp8", "@cf/meta/llama-4-scout-17b-16e-instruct", "@cf/qwen/qwen3-30b-a3b-fp8", "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", "@cf/moonshotai/kimi-k2-instruct", + "@cf/google/gemma-3-12b-it", "anthropic/claude-3-7-sonnet", "anthropic/claude-sonnet-4", "anthropic/claude-opus-4", @@ -270,45 +280,4 @@ class InstanceUpdateResponse(BaseModel): status: Optional[str] = None - summarization: Optional[bool] = None - - summarization_model: Optional[ - Literal[ - "@cf/meta/llama-3.3-70b-instruct-fp8-fast", - "@cf/meta/llama-3.1-8b-instruct-fast", - "@cf/meta/llama-3.1-8b-instruct-fp8", - "@cf/meta/llama-4-scout-17b-16e-instruct", - "@cf/qwen/qwen3-30b-a3b-fp8", - "@cf/deepseek-ai/deepseek-r1-distill-qwen-32b", - "@cf/moonshotai/kimi-k2-instruct", - "anthropic/claude-3-7-sonnet", - "anthropic/claude-sonnet-4", - "anthropic/claude-opus-4", - "anthropic/claude-3-5-haiku", - "cerebras/qwen-3-235b-a22b-instruct", - "cerebras/qwen-3-235b-a22b-thinking", - "cerebras/llama-3.3-70b", - "cerebras/llama-4-maverick-17b-128e-instruct", - "cerebras/llama-4-scout-17b-16e-instruct", - "cerebras/gpt-oss-120b", - "google-ai-studio/gemini-2.5-flash", - "google-ai-studio/gemini-2.5-pro", - "grok/grok-4", - "groq/llama-3.3-70b-versatile", - "groq/llama-3.1-8b-instant", - "openai/gpt-5", - "openai/gpt-5-mini", - "openai/gpt-5-nano", - "", - ] - ] = None - - system_prompt_aisearch: Optional[str] = FieldInfo(alias="system_prompt_ai_search", default=None) - - system_prompt_index_summarization: Optional[str] = None - - system_prompt_rewrite_query: Optional[str] = None - token_id: Optional[str] = None - - vectorize_active_namespace: Optional[str] = None diff --git a/src/cloudflare/types/aisearch/instances/item_get_response.py b/src/cloudflare/types/aisearch/instances/item_get_response.py index 4df3c0b94a8..50eaf709682 100644 --- a/src/cloudflare/types/aisearch/instances/item_get_response.py +++ b/src/cloudflare/types/aisearch/instances/item_get_response.py @@ -10,14 +10,26 @@ class ItemGetResponse(BaseModel): - id: str + id: float + + checksum: str + + chunks_count: Optional[int] = None + + created_at: datetime + + file_size: Optional[float] = None key: str + last_seen_at: datetime + + namespace: str + + next_action: Optional[Literal["INDEX", "DELETE"]] = None + status: Literal["queued", "running", "completed", "error", "skipped"] error: Optional[str] = None - last_seen_at: Optional[datetime] = None - - next_action: Optional[str] = None + public_id: Optional[str] = None diff --git a/src/cloudflare/types/aisearch/instances/item_list_response.py b/src/cloudflare/types/aisearch/instances/item_list_response.py index ff22e5ab677..5054e8ad74d 100644 --- a/src/cloudflare/types/aisearch/instances/item_list_response.py +++ b/src/cloudflare/types/aisearch/instances/item_list_response.py @@ -10,14 +10,26 @@ class ItemListResponse(BaseModel): - id: str + id: float + + checksum: str + + chunks_count: Optional[int] = None + + created_at: datetime + + file_size: Optional[float] = None key: str + last_seen_at: datetime + + namespace: str + + next_action: Optional[Literal["INDEX", "DELETE"]] = None + status: Literal["queued", "running", "completed", "error", "skipped"] error: Optional[str] = None - last_seen_at: Optional[datetime] = None - - next_action: Optional[str] = None + public_id: Optional[str] = None diff --git a/src/cloudflare/types/aisearch/token_create_response.py b/src/cloudflare/types/aisearch/token_create_response.py index c452115f380..890d6979da3 100644 --- a/src/cloudflare/types/aisearch/token_create_response.py +++ b/src/cloudflare/types/aisearch/token_create_response.py @@ -11,14 +11,8 @@ class TokenCreateResponse(BaseModel): id: str - account_id: str - - account_tag: str - cf_api_id: str - cf_api_key: str - created_at: datetime modified_at: datetime @@ -32,5 +26,3 @@ class TokenCreateResponse(BaseModel): legacy: Optional[bool] = None modified_by: Optional[str] = None - - synced_at: Optional[datetime] = None diff --git a/src/cloudflare/types/aisearch/token_delete_response.py b/src/cloudflare/types/aisearch/token_delete_response.py index 18c34a2b30a..80331067158 100644 --- a/src/cloudflare/types/aisearch/token_delete_response.py +++ b/src/cloudflare/types/aisearch/token_delete_response.py @@ -11,14 +11,8 @@ class TokenDeleteResponse(BaseModel): id: str - account_id: str - - account_tag: str - cf_api_id: str - cf_api_key: str - created_at: datetime modified_at: datetime @@ -32,5 +26,3 @@ class TokenDeleteResponse(BaseModel): legacy: Optional[bool] = None modified_by: Optional[str] = None - - synced_at: Optional[datetime] = None diff --git a/src/cloudflare/types/aisearch/token_list_response.py b/src/cloudflare/types/aisearch/token_list_response.py index 4f55e5e18d4..2e806edb65c 100644 --- a/src/cloudflare/types/aisearch/token_list_response.py +++ b/src/cloudflare/types/aisearch/token_list_response.py @@ -11,14 +11,8 @@ class TokenListResponse(BaseModel): id: str - account_id: str - - account_tag: str - cf_api_id: str - cf_api_key: str - created_at: datetime modified_at: datetime @@ -32,5 +26,3 @@ class TokenListResponse(BaseModel): legacy: Optional[bool] = None modified_by: Optional[str] = None - - synced_at: Optional[datetime] = None diff --git a/src/cloudflare/types/aisearch/token_read_response.py b/src/cloudflare/types/aisearch/token_read_response.py index 54e861afb99..ad2203011a4 100644 --- a/src/cloudflare/types/aisearch/token_read_response.py +++ b/src/cloudflare/types/aisearch/token_read_response.py @@ -11,14 +11,8 @@ class TokenReadResponse(BaseModel): id: str - account_id: str - - account_tag: str - cf_api_id: str - cf_api_key: str - created_at: datetime modified_at: datetime @@ -32,5 +26,3 @@ class TokenReadResponse(BaseModel): legacy: Optional[bool] = None modified_by: Optional[str] = None - - synced_at: Optional[datetime] = None diff --git a/src/cloudflare/types/aisearch/token_update_response.py b/src/cloudflare/types/aisearch/token_update_response.py index 5ce9eae30af..2a993a8b99b 100644 --- a/src/cloudflare/types/aisearch/token_update_response.py +++ b/src/cloudflare/types/aisearch/token_update_response.py @@ -11,14 +11,8 @@ class TokenUpdateResponse(BaseModel): id: str - account_id: str - - account_tag: str - cf_api_id: str - cf_api_key: str - created_at: datetime modified_at: datetime @@ -32,5 +26,3 @@ class TokenUpdateResponse(BaseModel): legacy: Optional[bool] = None modified_by: Optional[str] = None - - synced_at: Optional[datetime] = None diff --git a/src/cloudflare/types/cloudforce_one/__init__.py b/src/cloudflare/types/cloudforce_one/__init__.py index 89926d23c3f..052512d6227 100644 --- a/src/cloudflare/types/cloudforce_one/__init__.py +++ b/src/cloudflare/types/cloudforce_one/__init__.py @@ -20,7 +20,6 @@ from .threat_event_list_response import ThreatEventListResponse as ThreatEventListResponse from .binary_storage_create_params import BinaryStorageCreateParams as BinaryStorageCreateParams from .threat_event_create_response import ThreatEventCreateResponse as ThreatEventCreateResponse -from .threat_event_delete_response import ThreatEventDeleteResponse as ThreatEventDeleteResponse from .binary_storage_create_response import BinaryStorageCreateResponse as BinaryStorageCreateResponse from .threat_event_bulk_create_params import ThreatEventBulkCreateParams as ThreatEventBulkCreateParams from .threat_event_bulk_create_response import ThreatEventBulkCreateResponse as ThreatEventBulkCreateResponse diff --git a/src/cloudflare/types/cloudforce_one/threat_event_delete_response.py b/src/cloudflare/types/cloudforce_one/threat_event_delete_response.py deleted file mode 100644 index cf389ba658b..00000000000 --- a/src/cloudflare/types/cloudforce_one/threat_event_delete_response.py +++ /dev/null @@ -1,9 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from ..._models import BaseModel - -__all__ = ["ThreatEventDeleteResponse"] - - -class ThreatEventDeleteResponse(BaseModel): - uuid: str diff --git a/src/cloudflare/types/custom_certificates/custom_certificate.py b/src/cloudflare/types/custom_certificates/custom_certificate.py index e68d4a7d256..7e148bfd616 100644 --- a/src/cloudflare/types/custom_certificates/custom_certificate.py +++ b/src/cloudflare/types/custom_certificates/custom_certificate.py @@ -51,17 +51,16 @@ class CustomCertificate(BaseModel): modified_on: Optional[datetime] = None """When the certificate was last modified.""" - policy: Optional[str] = None - """ - Specify the policy that determines the region where your private key will be - held locally. HTTPS connections to any excluded data center will still be fully - encrypted, but will incur some latency while Keyless SSL is used to complete the - handshake with the nearest allowed data center. Any combination of countries, - specified by their two letter country code - (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) - can be chosen, such as 'country: IN', as well as 'region: EU' which refers to - the EU region. If there are too few data centers satisfying the policy, it will - be rejected. + policy_restrictions: Optional[str] = None + """The policy restrictions returned by the API. + + This field is returned in responses when a policy has been set. The API accepts + the "policy" field in requests but returns this field as "policy_restrictions" + in responses. + + Specifies the region(s) where your private key can be held locally for optimal + TLS performance. Format is a boolean expression, for example: "(country: US) or + (region: EU)" """ priority: Optional[float] = None diff --git a/src/cloudflare/types/custom_certificates/custom_certificate_create_params.py b/src/cloudflare/types/custom_certificates/custom_certificate_create_params.py index e136cd19a8d..a5de8bba80e 100644 --- a/src/cloudflare/types/custom_certificates/custom_certificate_create_params.py +++ b/src/cloudflare/types/custom_certificates/custom_certificate_create_params.py @@ -28,6 +28,9 @@ class CustomCertificateCreateParams(TypedDict, total=False): chain, but does not otherwise modify it. """ + deploy: Literal["staging", "production"] + """The environment to deploy the certificate to, defaults to production""" + geo_restrictions: GeoRestrictionsParam """ Specify the region where your private key can be held locally for optimal TLS @@ -49,7 +52,9 @@ class CustomCertificateCreateParams(TypedDict, total=False): (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will - be rejected. + be rejected. Note: The API accepts this field as either "policy" or + "policy_restrictions" in requests. Responses return this field as + "policy_restrictions". """ type: Literal["legacy_custom", "sni_custom"] diff --git a/src/cloudflare/types/custom_certificates/custom_certificate_edit_params.py b/src/cloudflare/types/custom_certificates/custom_certificate_edit_params.py index d2c6545582f..e94fb516789 100644 --- a/src/cloudflare/types/custom_certificates/custom_certificate_edit_params.py +++ b/src/cloudflare/types/custom_certificates/custom_certificate_edit_params.py @@ -2,16 +2,15 @@ from __future__ import annotations -from typing import Union -from typing_extensions import Required, TypeAlias, TypedDict +from typing_extensions import Literal, Required, TypedDict from .geo_restrictions_param import GeoRestrictionsParam from ..custom_hostnames.bundle_method import BundleMethod -__all__ = ["CustomCertificateEditParams", "Variant0", "Variant1"] +__all__ = ["CustomCertificateEditParams"] -class Variant0(TypedDict, total=False): +class CustomCertificateEditParams(TypedDict, total=False): zone_id: Required[str] """Identifier.""" @@ -23,24 +22,11 @@ class Variant0(TypedDict, total=False): chain, but does not otherwise modify it. """ - -class Variant1(TypedDict, total=False): - zone_id: Required[str] - """Identifier.""" - - certificate: Required[str] + certificate: str """The zone's SSL certificate or certificate and the intermediate(s).""" - private_key: Required[str] - """The zone's private key.""" - - bundle_method: BundleMethod - """ - A ubiquitous bundle has the highest probability of being verified everywhere, - even by clients using outdated or unusual trust stores. An optimal bundle uses - the shortest chain and newest intermediates. And the force bundle verifies the - chain, but does not otherwise modify it. - """ + deploy: Literal["staging", "production"] + """The environment to deploy the certificate to, defaults to production""" geo_restrictions: GeoRestrictionsParam """ @@ -63,8 +49,10 @@ class Variant1(TypedDict, total=False): (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will - be rejected. + be rejected. Note: The API accepts this field as either "policy" or + "policy_restrictions" in requests. Responses return this field as + "policy_restrictions". """ - -CustomCertificateEditParams: TypeAlias = Union[Variant0, Variant1] + private_key: str + """The zone's private key.""" diff --git a/src/cloudflare/types/custom_hostnames/certificate_pack/certificate_update_response.py b/src/cloudflare/types/custom_hostnames/certificate_pack/certificate_update_response.py index fd789d39a14..b185a8a5dd0 100644 --- a/src/cloudflare/types/custom_hostnames/certificate_pack/certificate_update_response.py +++ b/src/cloudflare/types/custom_hostnames/certificate_pack/certificate_update_response.py @@ -12,15 +12,82 @@ __all__ = [ "CertificateUpdateResponse", + "OwnershipVerification", + "OwnershipVerificationHTTP", "SSL", + "SsldcvDelegationRecord", "SSLSettings", "SSLValidationError", "SSLValidationRecord", - "OwnershipVerification", - "OwnershipVerificationHTTP", ] +class OwnershipVerification(BaseModel): + """This is a record which can be placed to activate a hostname.""" + + name: Optional[str] = None + """DNS Name for record.""" + + type: Optional[Literal["txt"]] = None + """DNS Record type.""" + + value: Optional[str] = None + """Content for the record.""" + + +class OwnershipVerificationHTTP(BaseModel): + """ + This presents the token to be served by the given http url to activate a hostname. + """ + + http_body: Optional[str] = None + """Token to be served.""" + + http_url: Optional[str] = None + """ + The HTTP URL that will be checked during custom hostname verification and where + the customer should host the token. + """ + + +class SsldcvDelegationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class SSLSettings(BaseModel): ciphers: Optional[List[str]] = None """An allowlist of ciphers for TLS termination. @@ -47,6 +114,12 @@ class SSLValidationError(BaseModel): class SSLValidationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -62,6 +135,9 @@ class SSLValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -99,6 +175,9 @@ class SSL(BaseModel): custom_key: Optional[str] = None """The key for a custom uploaded certificate.""" + dcv_delegation_records: Optional[List[SsldcvDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + expires_on: Optional[datetime] = None """The time the custom certificate expires on.""" @@ -167,34 +246,6 @@ class SSL(BaseModel): """Indicates whether the certificate covers a wildcard.""" -class OwnershipVerification(BaseModel): - """This is a record which can be placed to activate a hostname.""" - - name: Optional[str] = None - """DNS Name for record.""" - - type: Optional[Literal["txt"]] = None - """DNS Record type.""" - - value: Optional[str] = None - """Content for the record.""" - - -class OwnershipVerificationHTTP(BaseModel): - """ - This presents the token to be served by the given http url to activate a hostname. - """ - - http_body: Optional[str] = None - """Token to be served.""" - - http_url: Optional[str] = None - """ - The HTTP URL that will be checked during custom hostname verification and where - the customer should host the token. - """ - - class CertificateUpdateResponse(BaseModel): id: str """Identifier.""" @@ -202,8 +253,6 @@ class CertificateUpdateResponse(BaseModel): hostname: str """The custom hostname that will point to your hostname via CNAME.""" - ssl: SSL - created_at: Optional[datetime] = None """This is the time the hostname was created.""" @@ -237,6 +286,8 @@ class CertificateUpdateResponse(BaseModel): hostname. """ + ssl: Optional[SSL] = None + status: Optional[ Literal[ "active", diff --git a/src/cloudflare/types/custom_hostnames/custom_hostname_create_response.py b/src/cloudflare/types/custom_hostnames/custom_hostname_create_response.py index a12bffbcc24..b77d55fb549 100644 --- a/src/cloudflare/types/custom_hostnames/custom_hostname_create_response.py +++ b/src/cloudflare/types/custom_hostnames/custom_hostname_create_response.py @@ -12,15 +12,82 @@ __all__ = [ "CustomHostnameCreateResponse", + "OwnershipVerification", + "OwnershipVerificationHTTP", "SSL", + "SsldcvDelegationRecord", "SSLSettings", "SSLValidationError", "SSLValidationRecord", - "OwnershipVerification", - "OwnershipVerificationHTTP", ] +class OwnershipVerification(BaseModel): + """This is a record which can be placed to activate a hostname.""" + + name: Optional[str] = None + """DNS Name for record.""" + + type: Optional[Literal["txt"]] = None + """DNS Record type.""" + + value: Optional[str] = None + """Content for the record.""" + + +class OwnershipVerificationHTTP(BaseModel): + """ + This presents the token to be served by the given http url to activate a hostname. + """ + + http_body: Optional[str] = None + """Token to be served.""" + + http_url: Optional[str] = None + """ + The HTTP URL that will be checked during custom hostname verification and where + the customer should host the token. + """ + + +class SsldcvDelegationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class SSLSettings(BaseModel): ciphers: Optional[List[str]] = None """An allowlist of ciphers for TLS termination. @@ -47,6 +114,12 @@ class SSLValidationError(BaseModel): class SSLValidationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -62,6 +135,9 @@ class SSLValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -99,6 +175,9 @@ class SSL(BaseModel): custom_key: Optional[str] = None """The key for a custom uploaded certificate.""" + dcv_delegation_records: Optional[List[SsldcvDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + expires_on: Optional[datetime] = None """The time the custom certificate expires on.""" @@ -167,34 +246,6 @@ class SSL(BaseModel): """Indicates whether the certificate covers a wildcard.""" -class OwnershipVerification(BaseModel): - """This is a record which can be placed to activate a hostname.""" - - name: Optional[str] = None - """DNS Name for record.""" - - type: Optional[Literal["txt"]] = None - """DNS Record type.""" - - value: Optional[str] = None - """Content for the record.""" - - -class OwnershipVerificationHTTP(BaseModel): - """ - This presents the token to be served by the given http url to activate a hostname. - """ - - http_body: Optional[str] = None - """Token to be served.""" - - http_url: Optional[str] = None - """ - The HTTP URL that will be checked during custom hostname verification and where - the customer should host the token. - """ - - class CustomHostnameCreateResponse(BaseModel): id: str """Identifier.""" @@ -202,8 +253,6 @@ class CustomHostnameCreateResponse(BaseModel): hostname: str """The custom hostname that will point to your hostname via CNAME.""" - ssl: SSL - created_at: Optional[datetime] = None """This is the time the hostname was created.""" @@ -237,6 +286,8 @@ class CustomHostnameCreateResponse(BaseModel): hostname. """ + ssl: Optional[SSL] = None + status: Optional[ Literal[ "active", diff --git a/src/cloudflare/types/custom_hostnames/custom_hostname_edit_response.py b/src/cloudflare/types/custom_hostnames/custom_hostname_edit_response.py index 4fab5861d1f..70f6edab1ec 100644 --- a/src/cloudflare/types/custom_hostnames/custom_hostname_edit_response.py +++ b/src/cloudflare/types/custom_hostnames/custom_hostname_edit_response.py @@ -12,15 +12,82 @@ __all__ = [ "CustomHostnameEditResponse", + "OwnershipVerification", + "OwnershipVerificationHTTP", "SSL", + "SsldcvDelegationRecord", "SSLSettings", "SSLValidationError", "SSLValidationRecord", - "OwnershipVerification", - "OwnershipVerificationHTTP", ] +class OwnershipVerification(BaseModel): + """This is a record which can be placed to activate a hostname.""" + + name: Optional[str] = None + """DNS Name for record.""" + + type: Optional[Literal["txt"]] = None + """DNS Record type.""" + + value: Optional[str] = None + """Content for the record.""" + + +class OwnershipVerificationHTTP(BaseModel): + """ + This presents the token to be served by the given http url to activate a hostname. + """ + + http_body: Optional[str] = None + """Token to be served.""" + + http_url: Optional[str] = None + """ + The HTTP URL that will be checked during custom hostname verification and where + the customer should host the token. + """ + + +class SsldcvDelegationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class SSLSettings(BaseModel): ciphers: Optional[List[str]] = None """An allowlist of ciphers for TLS termination. @@ -47,6 +114,12 @@ class SSLValidationError(BaseModel): class SSLValidationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -62,6 +135,9 @@ class SSLValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -99,6 +175,9 @@ class SSL(BaseModel): custom_key: Optional[str] = None """The key for a custom uploaded certificate.""" + dcv_delegation_records: Optional[List[SsldcvDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + expires_on: Optional[datetime] = None """The time the custom certificate expires on.""" @@ -167,34 +246,6 @@ class SSL(BaseModel): """Indicates whether the certificate covers a wildcard.""" -class OwnershipVerification(BaseModel): - """This is a record which can be placed to activate a hostname.""" - - name: Optional[str] = None - """DNS Name for record.""" - - type: Optional[Literal["txt"]] = None - """DNS Record type.""" - - value: Optional[str] = None - """Content for the record.""" - - -class OwnershipVerificationHTTP(BaseModel): - """ - This presents the token to be served by the given http url to activate a hostname. - """ - - http_body: Optional[str] = None - """Token to be served.""" - - http_url: Optional[str] = None - """ - The HTTP URL that will be checked during custom hostname verification and where - the customer should host the token. - """ - - class CustomHostnameEditResponse(BaseModel): id: str """Identifier.""" @@ -202,8 +253,6 @@ class CustomHostnameEditResponse(BaseModel): hostname: str """The custom hostname that will point to your hostname via CNAME.""" - ssl: SSL - created_at: Optional[datetime] = None """This is the time the hostname was created.""" @@ -237,6 +286,8 @@ class CustomHostnameEditResponse(BaseModel): hostname. """ + ssl: Optional[SSL] = None + status: Optional[ Literal[ "active", diff --git a/src/cloudflare/types/custom_hostnames/custom_hostname_get_response.py b/src/cloudflare/types/custom_hostnames/custom_hostname_get_response.py index 53c6e8f704f..35dd449ebb4 100644 --- a/src/cloudflare/types/custom_hostnames/custom_hostname_get_response.py +++ b/src/cloudflare/types/custom_hostnames/custom_hostname_get_response.py @@ -12,15 +12,82 @@ __all__ = [ "CustomHostnameGetResponse", + "OwnershipVerification", + "OwnershipVerificationHTTP", "SSL", + "SsldcvDelegationRecord", "SSLSettings", "SSLValidationError", "SSLValidationRecord", - "OwnershipVerification", - "OwnershipVerificationHTTP", ] +class OwnershipVerification(BaseModel): + """This is a record which can be placed to activate a hostname.""" + + name: Optional[str] = None + """DNS Name for record.""" + + type: Optional[Literal["txt"]] = None + """DNS Record type.""" + + value: Optional[str] = None + """Content for the record.""" + + +class OwnershipVerificationHTTP(BaseModel): + """ + This presents the token to be served by the given http url to activate a hostname. + """ + + http_body: Optional[str] = None + """Token to be served.""" + + http_url: Optional[str] = None + """ + The HTTP URL that will be checked during custom hostname verification and where + the customer should host the token. + """ + + +class SsldcvDelegationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class SSLSettings(BaseModel): ciphers: Optional[List[str]] = None """An allowlist of ciphers for TLS termination. @@ -47,6 +114,12 @@ class SSLValidationError(BaseModel): class SSLValidationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -62,6 +135,9 @@ class SSLValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -99,6 +175,9 @@ class SSL(BaseModel): custom_key: Optional[str] = None """The key for a custom uploaded certificate.""" + dcv_delegation_records: Optional[List[SsldcvDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + expires_on: Optional[datetime] = None """The time the custom certificate expires on.""" @@ -167,34 +246,6 @@ class SSL(BaseModel): """Indicates whether the certificate covers a wildcard.""" -class OwnershipVerification(BaseModel): - """This is a record which can be placed to activate a hostname.""" - - name: Optional[str] = None - """DNS Name for record.""" - - type: Optional[Literal["txt"]] = None - """DNS Record type.""" - - value: Optional[str] = None - """Content for the record.""" - - -class OwnershipVerificationHTTP(BaseModel): - """ - This presents the token to be served by the given http url to activate a hostname. - """ - - http_body: Optional[str] = None - """Token to be served.""" - - http_url: Optional[str] = None - """ - The HTTP URL that will be checked during custom hostname verification and where - the customer should host the token. - """ - - class CustomHostnameGetResponse(BaseModel): id: str """Identifier.""" @@ -202,8 +253,6 @@ class CustomHostnameGetResponse(BaseModel): hostname: str """The custom hostname that will point to your hostname via CNAME.""" - ssl: SSL - created_at: Optional[datetime] = None """This is the time the hostname was created.""" @@ -237,6 +286,8 @@ class CustomHostnameGetResponse(BaseModel): hostname. """ + ssl: Optional[SSL] = None + status: Optional[ Literal[ "active", diff --git a/src/cloudflare/types/custom_hostnames/custom_hostname_list_response.py b/src/cloudflare/types/custom_hostnames/custom_hostname_list_response.py index aabb7ebf897..f6a27087477 100644 --- a/src/cloudflare/types/custom_hostnames/custom_hostname_list_response.py +++ b/src/cloudflare/types/custom_hostnames/custom_hostname_list_response.py @@ -12,15 +12,82 @@ __all__ = [ "CustomHostnameListResponse", + "OwnershipVerification", + "OwnershipVerificationHTTP", "SSL", + "SsldcvDelegationRecord", "SSLSettings", "SSLValidationError", "SSLValidationRecord", - "OwnershipVerification", - "OwnershipVerificationHTTP", ] +class OwnershipVerification(BaseModel): + """This is a record which can be placed to activate a hostname.""" + + name: Optional[str] = None + """DNS Name for record.""" + + type: Optional[Literal["txt"]] = None + """DNS Record type.""" + + value: Optional[str] = None + """Content for the record.""" + + +class OwnershipVerificationHTTP(BaseModel): + """ + This presents the token to be served by the given http url to activate a hostname. + """ + + http_body: Optional[str] = None + """Token to be served.""" + + http_url: Optional[str] = None + """ + The HTTP URL that will be checked during custom hostname verification and where + the customer should host the token. + """ + + +class SsldcvDelegationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class SSLSettings(BaseModel): ciphers: Optional[List[str]] = None """An allowlist of ciphers for TLS termination. @@ -47,6 +114,12 @@ class SSLValidationError(BaseModel): class SSLValidationRecord(BaseModel): + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -62,6 +135,9 @@ class SSLValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -99,6 +175,9 @@ class SSL(BaseModel): custom_key: Optional[str] = None """The key for a custom uploaded certificate.""" + dcv_delegation_records: Optional[List[SsldcvDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + expires_on: Optional[datetime] = None """The time the custom certificate expires on.""" @@ -167,34 +246,6 @@ class SSL(BaseModel): """Indicates whether the certificate covers a wildcard.""" -class OwnershipVerification(BaseModel): - """This is a record which can be placed to activate a hostname.""" - - name: Optional[str] = None - """DNS Name for record.""" - - type: Optional[Literal["txt"]] = None - """DNS Record type.""" - - value: Optional[str] = None - """Content for the record.""" - - -class OwnershipVerificationHTTP(BaseModel): - """ - This presents the token to be served by the given http url to activate a hostname. - """ - - http_body: Optional[str] = None - """Token to be served.""" - - http_url: Optional[str] = None - """ - The HTTP URL that will be checked during custom hostname verification and where - the customer should host the token. - """ - - class CustomHostnameListResponse(BaseModel): id: str """Identifier.""" @@ -202,8 +253,6 @@ class CustomHostnameListResponse(BaseModel): hostname: str """The custom hostname that will point to your hostname via CNAME.""" - ssl: SSL - created_at: Optional[datetime] = None """This is the time the hostname was created.""" @@ -237,6 +286,8 @@ class CustomHostnameListResponse(BaseModel): hostname. """ + ssl: Optional[SSL] = None + status: Optional[ Literal[ "active", diff --git a/src/cloudflare/types/email_security/investigate_list_params.py b/src/cloudflare/types/email_security/investigate_list_params.py index 8d1ee8bc1a6..9c5fa4e2ab5 100644 --- a/src/cloudflare/types/email_security/investigate_list_params.py +++ b/src/cloudflare/types/email_security/investigate_list_params.py @@ -29,7 +29,7 @@ class InvestigateListParams(TypedDict, total=False): """The sender domains the search filters by.""" end: Annotated[Union[str, datetime], PropertyInfo(format="iso8601")] - """The end of the search date range. Defaults to `now`.""" + """The end of the search date range. Defaults to `now` if not provided.""" final_disposition: Literal["MALICIOUS", "SUSPICIOUS", "SPOOF", "SPAM", "BULK", "NONE"] """The dispositions the search filters by.""" @@ -79,6 +79,9 @@ class InvestigateListParams(TypedDict, total=False): sender: str start: Annotated[Union[str, datetime], PropertyInfo(format="iso8601")] - """The beginning of the search date range. Defaults to `now - 30 days`.""" + """ + The beginning of the search date range. Defaults to `now - 30 days` if not + provided. + """ subject: str diff --git a/src/cloudflare/types/email_security/phishguard/__init__.py b/src/cloudflare/types/email_security/phishguard/__init__.py new file mode 100644 index 00000000000..884bcc397d5 --- /dev/null +++ b/src/cloudflare/types/email_security/phishguard/__init__.py @@ -0,0 +1,6 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from .report_list_params import ReportListParams as ReportListParams +from .report_list_response import ReportListResponse as ReportListResponse diff --git a/src/cloudflare/types/email_security/phishguard/report_list_params.py b/src/cloudflare/types/email_security/phishguard/report_list_params.py new file mode 100644 index 00000000000..d138ab6e96c --- /dev/null +++ b/src/cloudflare/types/email_security/phishguard/report_list_params.py @@ -0,0 +1,26 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Union +from datetime import date, datetime +from typing_extensions import Required, Annotated, TypedDict + +from ...._utils import PropertyInfo + +__all__ = ["ReportListParams"] + + +class ReportListParams(TypedDict, total=False): + account_id: Required[str] + """Account Identifier""" + + end: Annotated[Union[str, datetime], PropertyInfo(format="iso8601")] + """The end of the search date range (RFC3339 format).""" + + from_date: Annotated[Union[str, date], PropertyInfo(format="iso8601")] + + start: Annotated[Union[str, datetime], PropertyInfo(format="iso8601")] + """The beginning of the search date range (RFC3339 format).""" + + to_date: Annotated[Union[str, date], PropertyInfo(format="iso8601")] diff --git a/src/cloudflare/types/email_security/phishguard/report_list_response.py b/src/cloudflare/types/email_security/phishguard/report_list_response.py new file mode 100644 index 00000000000..2f8b6b21cf2 --- /dev/null +++ b/src/cloudflare/types/email_security/phishguard/report_list_response.py @@ -0,0 +1,51 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import List, Optional +from datetime import datetime +from typing_extensions import Literal + +from pydantic import Field as FieldInfo + +from ...._models import BaseModel + +__all__ = ["ReportListResponse", "Fields", "Tag"] + + +class Fields(BaseModel): + to: List[str] + + ts: datetime + + from_: Optional[str] = FieldInfo(alias="from", default=None) + + postfix_id: Optional[str] = None + + +class Tag(BaseModel): + category: str + + value: str + + +class ReportListResponse(BaseModel): + id: int + + content: str + + created_at: datetime + + disposition: Literal[ + "MALICIOUS", "MALICIOUS-BEC", "SUSPICIOUS", "SPOOF", "SPAM", "BULK", "ENCRYPTED", "EXTERNAL", "UNKNOWN", "NONE" + ] + + fields: Fields + + priority: str + + title: str + + ts: datetime + + updated_at: datetime + + tags: Optional[List[Tag]] = None diff --git a/src/cloudflare/types/email_security/submission_list_params.py b/src/cloudflare/types/email_security/submission_list_params.py index 2114d3c0e9d..de2f513a2fc 100644 --- a/src/cloudflare/types/email_security/submission_list_params.py +++ b/src/cloudflare/types/email_security/submission_list_params.py @@ -16,7 +16,7 @@ class SubmissionListParams(TypedDict, total=False): """Account Identifier""" end: Annotated[Union[str, datetime], PropertyInfo(format="iso8601")] - """The end of the search date range. Defaults to `now`.""" + """The end of the search date range. Defaults to `now` if not provided.""" original_disposition: Literal["MALICIOUS", "SUSPICIOUS", "SPOOF", "SPAM", "BULK", "NONE"] @@ -33,7 +33,10 @@ class SubmissionListParams(TypedDict, total=False): requested_disposition: Literal["MALICIOUS", "SUSPICIOUS", "SPOOF", "SPAM", "BULK", "NONE"] start: Annotated[Union[str, datetime], PropertyInfo(format="iso8601")] - """The beginning of the search date range. Defaults to `now - 30 days`.""" + """ + The beginning of the search date range. Defaults to `now - 30 days` if not + provided. + """ status: str diff --git a/src/cloudflare/types/hostnames/settings/setting.py b/src/cloudflare/types/hostnames/settings/setting.py index 78d63b0d6b4..87be1800470 100644 --- a/src/cloudflare/types/hostnames/settings/setting.py +++ b/src/cloudflare/types/hostnames/settings/setting.py @@ -23,4 +23,14 @@ class Setting(BaseModel): """This is the time the tls setting was updated.""" value: Optional[SettingValue] = None - """The tls setting value.""" + """The TLS setting value. + + The type depends on the `setting_id` used in the request path: + + - `ciphers`: an array of allowed cipher suite strings in BoringSSL format (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: a string indicating the minimum TLS version — one of + `"1.0"`, `"1.1"`, `"1.2"`, or `"1.3"` (e.g., `"1.2"`) + - `http2`: a string indicating whether HTTP/2 is enabled — `"on"` or `"off"` + (e.g., `"on"`) + """ diff --git a/src/cloudflare/types/hostnames/settings/setting_value.py b/src/cloudflare/types/hostnames/settings/setting_value.py index 51b9395ef3d..55e30c0bab5 100644 --- a/src/cloudflare/types/hostnames/settings/setting_value.py +++ b/src/cloudflare/types/hostnames/settings/setting_value.py @@ -1,8 +1,8 @@ # File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. from typing import List, Union -from typing_extensions import TypeAlias +from typing_extensions import Literal, TypeAlias __all__ = ["SettingValue"] -SettingValue: TypeAlias = Union[float, str, List[str]] +SettingValue: TypeAlias = Union[Literal["1.0", "1.1", "1.2", "1.3", "on", "off"], List[str]] diff --git a/src/cloudflare/types/hostnames/settings/setting_value_param.py b/src/cloudflare/types/hostnames/settings/setting_value_param.py index 38c0e9bb153..3be765e251b 100644 --- a/src/cloudflare/types/hostnames/settings/setting_value_param.py +++ b/src/cloudflare/types/hostnames/settings/setting_value_param.py @@ -3,10 +3,10 @@ from __future__ import annotations from typing import Union -from typing_extensions import TypeAlias +from typing_extensions import Literal, TypeAlias from ...._types import SequenceNotStr __all__ = ["SettingValueParam"] -SettingValueParam: TypeAlias = Union[float, str, SequenceNotStr[str]] +SettingValueParam: TypeAlias = Union[Literal["1.0", "1.1", "1.2", "1.3", "on", "off"], SequenceNotStr[str]] diff --git a/src/cloudflare/types/hostnames/settings/tls_delete_response.py b/src/cloudflare/types/hostnames/settings/tls_delete_response.py index 4d3fdff0d22..c50282f8ff6 100644 --- a/src/cloudflare/types/hostnames/settings/tls_delete_response.py +++ b/src/cloudflare/types/hostnames/settings/tls_delete_response.py @@ -23,4 +23,14 @@ class TLSDeleteResponse(BaseModel): """This is the time the tls setting was updated.""" value: Optional[SettingValue] = None - """The tls setting value.""" + """The TLS setting value. + + The type depends on the `setting_id` used in the request path: + + - `ciphers`: an array of allowed cipher suite strings in BoringSSL format (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: a string indicating the minimum TLS version — one of + `"1.0"`, `"1.1"`, `"1.2"`, or `"1.3"` (e.g., `"1.2"`) + - `http2`: a string indicating whether HTTP/2 is enabled — `"on"` or `"off"` + (e.g., `"on"`) + """ diff --git a/src/cloudflare/types/hostnames/settings/tls_get_response.py b/src/cloudflare/types/hostnames/settings/tls_get_response.py index 5afefb3f047..ae6589008ec 100644 --- a/src/cloudflare/types/hostnames/settings/tls_get_response.py +++ b/src/cloudflare/types/hostnames/settings/tls_get_response.py @@ -23,4 +23,14 @@ class TLSGetResponse(BaseModel): """This is the time the tls setting was updated.""" value: Optional[SettingValue] = None - """The tls setting value.""" + """The TLS setting value. + + The type depends on the `setting_id` used in the request path: + + - `ciphers`: an array of allowed cipher suite strings in BoringSSL format (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: a string indicating the minimum TLS version — one of + `"1.0"`, `"1.1"`, `"1.2"`, or `"1.3"` (e.g., `"1.2"`) + - `http2`: a string indicating whether HTTP/2 is enabled — `"on"` or `"off"` + (e.g., `"on"`) + """ diff --git a/src/cloudflare/types/hostnames/settings/tls_update_params.py b/src/cloudflare/types/hostnames/settings/tls_update_params.py index 1b398d22e23..90e8a461362 100644 --- a/src/cloudflare/types/hostnames/settings/tls_update_params.py +++ b/src/cloudflare/types/hostnames/settings/tls_update_params.py @@ -14,7 +14,24 @@ class TLSUpdateParams(TypedDict, total=False): """Identifier.""" setting_id: Required[Literal["ciphers", "min_tls_version", "http2"]] - """The TLS Setting name.""" + """The TLS Setting name. The value type depends on the setting: + + - `ciphers`: value is an array of cipher suite strings (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: value is a TLS version string (`"1.0"`, `"1.1"`, `"1.2"`, + or `"1.3"`) + - `http2`: value is `"on"` or `"off"` + """ value: Required[SettingValueParam] - """The tls setting value.""" + """The TLS setting value. + + The type depends on the `setting_id` used in the request path: + + - `ciphers`: an array of allowed cipher suite strings in BoringSSL format (e.g., + `["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"]`) + - `min_tls_version`: a string indicating the minimum TLS version — one of + `"1.0"`, `"1.1"`, `"1.2"`, or `"1.3"` (e.g., `"1.2"`) + - `http2`: a string indicating whether HTTP/2 is enabled — `"on"` or `"off"` + (e.g., `"on"`) + """ diff --git a/src/cloudflare/types/load_balancers/filter_options_param.py b/src/cloudflare/types/load_balancers/filter_options_param.py index 0a694803283..ac4812ac493 100644 --- a/src/cloudflare/types/load_balancers/filter_options_param.py +++ b/src/cloudflare/types/load_balancers/filter_options_param.py @@ -14,7 +14,7 @@ class FilterOptionsParam(TypedDict, total=False): Use null to reset. """ - disable: bool + disable: Optional[bool] """If set true, disable notifications for this type of resource (pool or origin).""" healthy: Optional[bool] diff --git a/src/cloudflare/types/magic_cloud_networking/on_ramp_create_params.py b/src/cloudflare/types/magic_cloud_networking/on_ramp_create_params.py index 7cf2f9b0df7..2893b07cfec 100644 --- a/src/cloudflare/types/magic_cloud_networking/on_ramp_create_params.py +++ b/src/cloudflare/types/magic_cloud_networking/on_ramp_create_params.py @@ -15,9 +15,10 @@ class OnRampCreateParams(TypedDict, total=False): cloud_type: Required[Literal["AWS", "AZURE", "GOOGLE"]] dynamic_routing: Required[bool] - """ - if set to true, install_routes_in_cloud and install_routes_in_magic_wan should - be set to false + """Enables BGP routing. + + When enabling this feature, set both install_routes_in_cloud and + install_routes_in_magic_wan to false. """ install_routes_in_cloud: Required[bool] @@ -35,9 +36,9 @@ class OnRampCreateParams(TypedDict, total=False): attached_vpcs: SequenceNotStr[str] cloud_asn: int - """the ASN to use on the cloud side. + """Sets the cloud-side ASN. - If unset or zero, the cloud's default will be used. + If unset or zero, the cloud's default ASN takes effect. """ description: str diff --git a/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate.py b/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate.py index 375c957ce50..788a05f9bbe 100644 --- a/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate.py +++ b/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate.py @@ -15,8 +15,14 @@ class OriginCACertificate(BaseModel): hostnames: List[str] """ - Array of hostnames or wildcard names (e.g., \\**.example.com) bound to the - certificate. + Array of hostnames or wildcard names bound to the certificate. Hostnames must be + fully qualified domain names (FQDNs) belonging to zones on your account (e.g., + `example.com` or `sub.example.com`). Wildcards are supported only as a `*.` + prefix for a single level (e.g., `*.example.com`). Double wildcards + (`*.*.example.com`) and interior wildcards (`foo.*.example.com`) are not + allowed. The wildcard suffix must be a multi-label domain (`*.example.com` is + valid, but `*.com` is not). Unicode/IDN hostnames are accepted and automatically + converted to punycode. """ request_type: CertificateRequestType diff --git a/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate_create_params.py b/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate_create_params.py index 47950cda0b6..7a7db0f40a6 100644 --- a/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate_create_params.py +++ b/src/cloudflare/types/origin_ca_certificates/origin_ca_certificate_create_params.py @@ -17,8 +17,14 @@ class OriginCACertificateCreateParams(TypedDict, total=False): hostnames: Required[SequenceNotStr[str]] """ - Array of hostnames or wildcard names (e.g., \\**.example.com) bound to the - certificate. + Array of hostnames or wildcard names bound to the certificate. Hostnames must be + fully qualified domain names (FQDNs) belonging to zones on your account (e.g., + `example.com` or `sub.example.com`). Wildcards are supported only as a `*.` + prefix for a single level (e.g., `*.example.com`). Double wildcards + (`*.*.example.com`) and interior wildcards (`foo.*.example.com`) are not + allowed. The wildcard suffix must be a multi-label domain (`*.example.com` is + valid, but `*.com` is not). Unicode/IDN hostnames are accepted and automatically + converted to punycode. """ request_type: Required[CertificateRequestType] diff --git a/src/cloudflare/types/origin_tls_client_auth/hostname_certificate_list_response.py b/src/cloudflare/types/origin_tls_client_auth/hostname_certificate_list_response.py index cda22f1e1b3..b3d937541ce 100644 --- a/src/cloudflare/types/origin_tls_client_auth/hostname_certificate_list_response.py +++ b/src/cloudflare/types/origin_tls_client_auth/hostname_certificate_list_response.py @@ -1,33 +1,45 @@ # File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. from typing import Optional +from datetime import datetime +from typing_extensions import Literal -from .authenticated_origin_pull import AuthenticatedOriginPull +from ..._models import BaseModel __all__ = ["HostnameCertificateListResponse"] -class HostnameCertificateListResponse(AuthenticatedOriginPull): +class HostnameCertificateListResponse(BaseModel): id: Optional[str] = None """Identifier.""" - cert_id: Optional[str] = None # type: ignore - """Identifier.""" - - certificate: Optional[str] = None # type: ignore + certificate: Optional[str] = None """The hostname certificate.""" - enabled: Optional[bool] = None # type: ignore - """Indicates whether hostname-level authenticated origin pulls is enabled. - - A null value voids the association. - """ - - hostname: Optional[str] = None # type: ignore - """ - The hostname on the origin for which the client certificate uploaded will be - used. - """ - - private_key: Optional[str] = None - """The hostname certificate's private key.""" + expires_on: Optional[datetime] = None + """The date when the certificate expires.""" + + issuer: Optional[str] = None + """The certificate authority that issued the certificate.""" + + serial_number: Optional[str] = None + """The serial number on the uploaded certificate.""" + + signature: Optional[str] = None + """The type of hash used for the certificate.""" + + status: Optional[ + Literal[ + "initializing", + "pending_deployment", + "pending_deletion", + "active", + "deleted", + "deployment_timed_out", + "deletion_timed_out", + ] + ] = None + """Status of the certificate or the association.""" + + uploaded_on: Optional[datetime] = None + """The time when the certificate was uploaded.""" diff --git a/src/cloudflare/types/page_shield/policy_create_params.py b/src/cloudflare/types/page_shield/policy_create_params.py index 6578a38230b..9ff8c1bd62f 100644 --- a/src/cloudflare/types/page_shield/policy_create_params.py +++ b/src/cloudflare/types/page_shield/policy_create_params.py @@ -11,7 +11,7 @@ class PolicyCreateParams(TypedDict, total=False): zone_id: Required[str] """Identifier""" - action: Required[Literal["allow", "log"]] + action: Required[Literal["allow", "log", "add_reporting_directives"]] """The action to take if the expression matches""" description: Required[str] diff --git a/src/cloudflare/types/page_shield/policy_create_response.py b/src/cloudflare/types/page_shield/policy_create_response.py index 483d2835764..52e77d3e7b4 100644 --- a/src/cloudflare/types/page_shield/policy_create_response.py +++ b/src/cloudflare/types/page_shield/policy_create_response.py @@ -11,7 +11,7 @@ class PolicyCreateResponse(BaseModel): id: str """Identifier""" - action: Literal["allow", "log"] + action: Literal["allow", "log", "add_reporting_directives"] """The action to take if the expression matches""" description: str diff --git a/src/cloudflare/types/page_shield/policy_get_response.py b/src/cloudflare/types/page_shield/policy_get_response.py index 3b28c295122..67367c59fbe 100644 --- a/src/cloudflare/types/page_shield/policy_get_response.py +++ b/src/cloudflare/types/page_shield/policy_get_response.py @@ -11,7 +11,7 @@ class PolicyGetResponse(BaseModel): id: str """Identifier""" - action: Literal["allow", "log"] + action: Literal["allow", "log", "add_reporting_directives"] """The action to take if the expression matches""" description: str diff --git a/src/cloudflare/types/page_shield/policy_list_response.py b/src/cloudflare/types/page_shield/policy_list_response.py index 5ce2180de2f..93122c22cdc 100644 --- a/src/cloudflare/types/page_shield/policy_list_response.py +++ b/src/cloudflare/types/page_shield/policy_list_response.py @@ -11,7 +11,7 @@ class PolicyListResponse(BaseModel): id: str """Identifier""" - action: Literal["allow", "log"] + action: Literal["allow", "log", "add_reporting_directives"] """The action to take if the expression matches""" description: str diff --git a/src/cloudflare/types/page_shield/policy_update_params.py b/src/cloudflare/types/page_shield/policy_update_params.py index 547f43a7a05..c0e6e0f9a2c 100644 --- a/src/cloudflare/types/page_shield/policy_update_params.py +++ b/src/cloudflare/types/page_shield/policy_update_params.py @@ -11,7 +11,7 @@ class PolicyUpdateParams(TypedDict, total=False): zone_id: Required[str] """Identifier""" - action: Literal["allow", "log"] + action: Literal["allow", "log", "add_reporting_directives"] """The action to take if the expression matches""" description: str diff --git a/src/cloudflare/types/page_shield/policy_update_response.py b/src/cloudflare/types/page_shield/policy_update_response.py index dcc40a8c6cb..4faf782b054 100644 --- a/src/cloudflare/types/page_shield/policy_update_response.py +++ b/src/cloudflare/types/page_shield/policy_update_response.py @@ -11,7 +11,7 @@ class PolicyUpdateResponse(BaseModel): id: str """Identifier""" - action: Literal["allow", "log"] + action: Literal["allow", "log", "add_reporting_directives"] """The action to take if the expression matches""" description: str diff --git a/src/cloudflare/types/queues/consumer.py b/src/cloudflare/types/queues/consumer.py index 9c0070c3734..53956c9c689 100644 --- a/src/cloudflare/types/queues/consumer.py +++ b/src/cloudflare/types/queues/consumer.py @@ -1,14 +1,22 @@ # File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. from typing import Union, Optional -from typing_extensions import Literal, TypeAlias +from datetime import datetime +from typing_extensions import Literal, Annotated, TypeAlias +from ..._utils import PropertyInfo from ..._models import BaseModel -__all__ = ["Consumer", "MqWorkerConsumer", "MqWorkerConsumerSettings", "MqHTTPConsumer", "MqHTTPConsumerSettings"] +__all__ = [ + "Consumer", + "MqWorkerConsumerResponse", + "MqWorkerConsumerResponseSettings", + "MqHTTPConsumerResponse", + "MqHTTPConsumerResponseSettings", +] -class MqWorkerConsumerSettings(BaseModel): +class MqWorkerConsumerResponseSettings(BaseModel): batch_size: Optional[float] = None """The maximum number of messages to include in a batch.""" @@ -34,24 +42,26 @@ class MqWorkerConsumerSettings(BaseModel): """ -class MqWorkerConsumer(BaseModel): +class MqWorkerConsumerResponse(BaseModel): consumer_id: Optional[str] = None """A Resource identifier.""" - created_on: Optional[str] = None + created_on: Optional[datetime] = None - queue_id: Optional[str] = None - """A Resource identifier.""" + dead_letter_queue: Optional[str] = None + """Name of the dead letter queue, or empty string if not configured""" + + queue_name: Optional[str] = None - script: Optional[str] = None + script_name: Optional[str] = None """Name of a Worker""" - settings: Optional[MqWorkerConsumerSettings] = None + settings: Optional[MqWorkerConsumerResponseSettings] = None type: Optional[Literal["worker"]] = None -class MqHTTPConsumerSettings(BaseModel): +class MqHTTPConsumerResponseSettings(BaseModel): batch_size: Optional[float] = None """The maximum number of messages to include in a batch.""" @@ -71,18 +81,22 @@ class MqHTTPConsumerSettings(BaseModel): """ -class MqHTTPConsumer(BaseModel): +class MqHTTPConsumerResponse(BaseModel): consumer_id: Optional[str] = None """A Resource identifier.""" - created_on: Optional[str] = None + created_on: Optional[datetime] = None - queue_id: Optional[str] = None - """A Resource identifier.""" + dead_letter_queue: Optional[str] = None + """Name of the dead letter queue, or empty string if not configured""" + + queue_name: Optional[str] = None - settings: Optional[MqHTTPConsumerSettings] = None + settings: Optional[MqHTTPConsumerResponseSettings] = None type: Optional[Literal["http_pull"]] = None -Consumer: TypeAlias = Union[MqWorkerConsumer, MqHTTPConsumer] +Consumer: TypeAlias = Annotated[ + Union[MqWorkerConsumerResponse, MqHTTPConsumerResponse], PropertyInfo(discriminator="type") +] diff --git a/src/cloudflare/types/queues/consumer_create_params.py b/src/cloudflare/types/queues/consumer_create_params.py index d3c2f29e14d..7aa340053a2 100644 --- a/src/cloudflare/types/queues/consumer_create_params.py +++ b/src/cloudflare/types/queues/consumer_create_params.py @@ -7,28 +7,28 @@ __all__ = [ "ConsumerCreateParams", - "MqWorkerConsumer", - "MqWorkerConsumerSettings", - "MqHTTPConsumer", - "MqHTTPConsumerSettings", + "MqWorkerConsumerRequest", + "MqWorkerConsumerRequestSettings", + "MqHTTPConsumerRequest", + "MqHTTPConsumerRequestSettings", ] -class MqWorkerConsumer(TypedDict, total=False): +class MqWorkerConsumerRequest(TypedDict, total=False): account_id: Required[str] """A Resource identifier.""" - dead_letter_queue: str - - script_name: str + script_name: Required[str] """Name of a Worker""" - settings: MqWorkerConsumerSettings + type: Required[Literal["worker"]] + + dead_letter_queue: str - type: Literal["worker"] + settings: MqWorkerConsumerRequestSettings -class MqWorkerConsumerSettings(TypedDict, total=False): +class MqWorkerConsumerRequestSettings(TypedDict, total=False): batch_size: float """The maximum number of messages to include in a batch.""" @@ -54,18 +54,18 @@ class MqWorkerConsumerSettings(TypedDict, total=False): """ -class MqHTTPConsumer(TypedDict, total=False): +class MqHTTPConsumerRequest(TypedDict, total=False): account_id: Required[str] """A Resource identifier.""" - dead_letter_queue: str + type: Required[Literal["http_pull"]] - settings: MqHTTPConsumerSettings + dead_letter_queue: str - type: Literal["http_pull"] + settings: MqHTTPConsumerRequestSettings -class MqHTTPConsumerSettings(TypedDict, total=False): +class MqHTTPConsumerRequestSettings(TypedDict, total=False): batch_size: float """The maximum number of messages to include in a batch.""" @@ -85,4 +85,4 @@ class MqHTTPConsumerSettings(TypedDict, total=False): """ -ConsumerCreateParams: TypeAlias = Union[MqWorkerConsumer, MqHTTPConsumer] +ConsumerCreateParams: TypeAlias = Union[MqWorkerConsumerRequest, MqHTTPConsumerRequest] diff --git a/src/cloudflare/types/queues/consumer_update_params.py b/src/cloudflare/types/queues/consumer_update_params.py index 1c75d7948f0..6be97557103 100644 --- a/src/cloudflare/types/queues/consumer_update_params.py +++ b/src/cloudflare/types/queues/consumer_update_params.py @@ -7,31 +7,31 @@ __all__ = [ "ConsumerUpdateParams", - "MqWorkerConsumer", - "MqWorkerConsumerSettings", - "MqHTTPConsumer", - "MqHTTPConsumerSettings", + "MqWorkerConsumerRequest", + "MqWorkerConsumerRequestSettings", + "MqHTTPConsumerRequest", + "MqHTTPConsumerRequestSettings", ] -class MqWorkerConsumer(TypedDict, total=False): +class MqWorkerConsumerRequest(TypedDict, total=False): account_id: Required[str] """A Resource identifier.""" queue_id: Required[str] """A Resource identifier.""" - dead_letter_queue: str - - script_name: str + script_name: Required[str] """Name of a Worker""" - settings: MqWorkerConsumerSettings + type: Required[Literal["worker"]] + + dead_letter_queue: str - type: Literal["worker"] + settings: MqWorkerConsumerRequestSettings -class MqWorkerConsumerSettings(TypedDict, total=False): +class MqWorkerConsumerRequestSettings(TypedDict, total=False): batch_size: float """The maximum number of messages to include in a batch.""" @@ -57,21 +57,21 @@ class MqWorkerConsumerSettings(TypedDict, total=False): """ -class MqHTTPConsumer(TypedDict, total=False): +class MqHTTPConsumerRequest(TypedDict, total=False): account_id: Required[str] """A Resource identifier.""" queue_id: Required[str] """A Resource identifier.""" - dead_letter_queue: str + type: Required[Literal["http_pull"]] - settings: MqHTTPConsumerSettings + dead_letter_queue: str - type: Literal["http_pull"] + settings: MqHTTPConsumerRequestSettings -class MqHTTPConsumerSettings(TypedDict, total=False): +class MqHTTPConsumerRequestSettings(TypedDict, total=False): batch_size: float """The maximum number of messages to include in a batch.""" @@ -91,4 +91,4 @@ class MqHTTPConsumerSettings(TypedDict, total=False): """ -ConsumerUpdateParams: TypeAlias = Union[MqWorkerConsumer, MqHTTPConsumer] +ConsumerUpdateParams: TypeAlias = Union[MqWorkerConsumerRequest, MqHTTPConsumerRequest] diff --git a/src/cloudflare/types/r2/super_slurper/connectivity_precheck_source_params.py b/src/cloudflare/types/r2/super_slurper/connectivity_precheck_source_params.py index 3164e57b396..20b4aef74f0 100644 --- a/src/cloudflare/types/r2/super_slurper/connectivity_precheck_source_params.py +++ b/src/cloudflare/types/r2/super_slurper/connectivity_precheck_source_params.py @@ -5,6 +5,7 @@ from typing import Union, Optional from typing_extensions import Literal, Required, Annotated, TypeAlias, TypedDict +from ...._types import SequenceNotStr from ...._utils import PropertyInfo from ..buckets.provider import Provider @@ -30,6 +31,8 @@ class R2SlurperS3SourceSchema(TypedDict, total=False): endpoint: Optional[str] + keys: Optional[SequenceNotStr[str]] + path_prefix: Annotated[Optional[str], PropertyInfo(alias="pathPrefix")] region: Optional[str] @@ -50,6 +53,8 @@ class R2SlurperGcsSourceSchema(TypedDict, total=False): vendor: Required[Literal["gcs"]] + keys: Optional[SequenceNotStr[str]] + path_prefix: Annotated[Optional[str], PropertyInfo(alias="pathPrefix")] @@ -70,6 +75,8 @@ class R2SlurperR2SourceSchema(TypedDict, total=False): jurisdiction: Literal["default", "eu", "fedramp"] + keys: Optional[SequenceNotStr[str]] + path_prefix: Annotated[Optional[str], PropertyInfo(alias="pathPrefix")] diff --git a/src/cloudflare/types/r2/super_slurper/job_create_params.py b/src/cloudflare/types/r2/super_slurper/job_create_params.py index 47b97470a39..7c1a4c133e6 100644 --- a/src/cloudflare/types/r2/super_slurper/job_create_params.py +++ b/src/cloudflare/types/r2/super_slurper/job_create_params.py @@ -5,6 +5,7 @@ from typing import Union, Optional from typing_extensions import Literal, Required, Annotated, TypeAlias, TypedDict +from ...._types import SequenceNotStr from ...._utils import PropertyInfo from ..buckets.provider import Provider @@ -47,6 +48,8 @@ class SourceR2SlurperS3SourceSchema(TypedDict, total=False): endpoint: Optional[str] + keys: Optional[SequenceNotStr[str]] + path_prefix: Annotated[Optional[str], PropertyInfo(alias="pathPrefix")] region: Optional[str] @@ -65,6 +68,8 @@ class SourceR2SlurperGcsSourceSchema(TypedDict, total=False): vendor: Required[Literal["gcs"]] + keys: Optional[SequenceNotStr[str]] + path_prefix: Annotated[Optional[str], PropertyInfo(alias="pathPrefix")] @@ -83,6 +88,8 @@ class SourceR2SlurperR2SourceSchema(TypedDict, total=False): jurisdiction: Literal["default", "eu", "fedramp"] + keys: Optional[SequenceNotStr[str]] + path_prefix: Annotated[Optional[str], PropertyInfo(alias="pathPrefix")] diff --git a/src/cloudflare/types/r2_data_catalog/maintenance_config_get_response.py b/src/cloudflare/types/r2_data_catalog/maintenance_config_get_response.py index 9ebe48d78ea..c432da1104a 100644 --- a/src/cloudflare/types/r2_data_catalog/maintenance_config_get_response.py +++ b/src/cloudflare/types/r2_data_catalog/maintenance_config_get_response.py @@ -20,7 +20,7 @@ class MaintenanceConfigCompaction(BaseModel): """Specifies the state of maintenance operations.""" target_size_mb: Literal["64", "128", "256", "512"] - """Sets the target file size for compaction in megabytes.""" + """Sets the target file size for compaction in megabytes. Defaults to "128".""" class MaintenanceConfigSnapshotExpiration(BaseModel): @@ -31,11 +31,11 @@ class MaintenanceConfigSnapshotExpiration(BaseModel): The system deletes snapshots older than this age. Format: where unit is d (days), h (hours), m (minutes), or s (seconds). Examples: "7d" (7 - days), "48h" (48 hours), "2880m" (2,880 minutes). + days), "48h" (48 hours), "2880m" (2,880 minutes). Defaults to "7d". """ min_snapshots_to_keep: int - """Specifies the minimum number of snapshots to retain.""" + """Specifies the minimum number of snapshots to retain. Defaults to 100.""" state: Literal["enabled", "disabled"] """Specifies the state of maintenance operations.""" diff --git a/src/cloudflare/types/r2_data_catalog/maintenance_config_update_response.py b/src/cloudflare/types/r2_data_catalog/maintenance_config_update_response.py index bdb91220498..31c1e36fe18 100644 --- a/src/cloudflare/types/r2_data_catalog/maintenance_config_update_response.py +++ b/src/cloudflare/types/r2_data_catalog/maintenance_config_update_response.py @@ -15,7 +15,7 @@ class Compaction(BaseModel): """Specifies the state of maintenance operations.""" target_size_mb: Literal["64", "128", "256", "512"] - """Sets the target file size for compaction in megabytes.""" + """Sets the target file size for compaction in megabytes. Defaults to "128".""" class SnapshotExpiration(BaseModel): @@ -26,11 +26,11 @@ class SnapshotExpiration(BaseModel): The system deletes snapshots older than this age. Format: where unit is d (days), h (hours), m (minutes), or s (seconds). Examples: "7d" (7 - days), "48h" (48 hours), "2880m" (2,880 minutes). + days), "48h" (48 hours), "2880m" (2,880 minutes). Defaults to "7d". """ min_snapshots_to_keep: int - """Specifies the minimum number of snapshots to retain.""" + """Specifies the minimum number of snapshots to retain. Defaults to 100.""" state: Literal["enabled", "disabled"] """Specifies the state of maintenance operations.""" diff --git a/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_get_response.py b/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_get_response.py index 89cb6fa5e7c..e637e1a7ade 100644 --- a/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_get_response.py +++ b/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_get_response.py @@ -20,7 +20,7 @@ class MaintenanceConfigCompaction(BaseModel): """Specifies the state of maintenance operations.""" target_size_mb: Literal["64", "128", "256", "512"] - """Sets the target file size for compaction in megabytes.""" + """Sets the target file size for compaction in megabytes. Defaults to "128".""" class MaintenanceConfigSnapshotExpiration(BaseModel): @@ -31,11 +31,11 @@ class MaintenanceConfigSnapshotExpiration(BaseModel): The system deletes snapshots older than this age. Format: where unit is d (days), h (hours), m (minutes), or s (seconds). Examples: "7d" (7 - days), "48h" (48 hours), "2880m" (2,880 minutes). + days), "48h" (48 hours), "2880m" (2,880 minutes). Defaults to "7d". """ min_snapshots_to_keep: int - """Specifies the minimum number of snapshots to retain.""" + """Specifies the minimum number of snapshots to retain. Defaults to 100.""" state: Literal["enabled", "disabled"] """Specifies the state of maintenance operations.""" diff --git a/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_update_response.py b/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_update_response.py index 776dbd6865f..fb164d53be7 100644 --- a/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_update_response.py +++ b/src/cloudflare/types/r2_data_catalog/namespaces/tables/maintenance_config_update_response.py @@ -15,7 +15,7 @@ class Compaction(BaseModel): """Specifies the state of maintenance operations.""" target_size_mb: Literal["64", "128", "256", "512"] - """Sets the target file size for compaction in megabytes.""" + """Sets the target file size for compaction in megabytes. Defaults to "128".""" class SnapshotExpiration(BaseModel): @@ -26,11 +26,11 @@ class SnapshotExpiration(BaseModel): The system deletes snapshots older than this age. Format: where unit is d (days), h (hours), m (minutes), or s (seconds). Examples: "7d" (7 - days), "48h" (48 hours), "2880m" (2,880 minutes). + days), "48h" (48 hours), "2880m" (2,880 minutes). Defaults to "7d". """ min_snapshots_to_keep: int - """Specifies the minimum number of snapshots to retain.""" + """Specifies the minimum number of snapshots to retain. Defaults to 100.""" state: Literal["enabled", "disabled"] """Specifies the state of maintenance operations.""" diff --git a/src/cloudflare/types/r2_data_catalog/r2_data_catalog_get_response.py b/src/cloudflare/types/r2_data_catalog/r2_data_catalog_get_response.py index ff9070993a4..e5e3bf0cad3 100644 --- a/src/cloudflare/types/r2_data_catalog/r2_data_catalog_get_response.py +++ b/src/cloudflare/types/r2_data_catalog/r2_data_catalog_get_response.py @@ -20,7 +20,7 @@ class MaintenanceConfigCompaction(BaseModel): """Specifies the state of maintenance operations.""" target_size_mb: Literal["64", "128", "256", "512"] - """Sets the target file size for compaction in megabytes.""" + """Sets the target file size for compaction in megabytes. Defaults to "128".""" class MaintenanceConfigSnapshotExpiration(BaseModel): @@ -31,11 +31,11 @@ class MaintenanceConfigSnapshotExpiration(BaseModel): The system deletes snapshots older than this age. Format: where unit is d (days), h (hours), m (minutes), or s (seconds). Examples: "7d" (7 - days), "48h" (48 hours), "2880m" (2,880 minutes). + days), "48h" (48 hours), "2880m" (2,880 minutes). Defaults to "7d". """ min_snapshots_to_keep: int - """Specifies the minimum number of snapshots to retain.""" + """Specifies the minimum number of snapshots to retain. Defaults to 100.""" state: Literal["enabled", "disabled"] """Specifies the state of maintenance operations.""" diff --git a/src/cloudflare/types/r2_data_catalog/r2_data_catalog_list_response.py b/src/cloudflare/types/r2_data_catalog/r2_data_catalog_list_response.py index 42451956047..4425a6794dc 100644 --- a/src/cloudflare/types/r2_data_catalog/r2_data_catalog_list_response.py +++ b/src/cloudflare/types/r2_data_catalog/r2_data_catalog_list_response.py @@ -21,7 +21,7 @@ class WarehouseMaintenanceConfigCompaction(BaseModel): """Specifies the state of maintenance operations.""" target_size_mb: Literal["64", "128", "256", "512"] - """Sets the target file size for compaction in megabytes.""" + """Sets the target file size for compaction in megabytes. Defaults to "128".""" class WarehouseMaintenanceConfigSnapshotExpiration(BaseModel): @@ -32,11 +32,11 @@ class WarehouseMaintenanceConfigSnapshotExpiration(BaseModel): The system deletes snapshots older than this age. Format: where unit is d (days), h (hours), m (minutes), or s (seconds). Examples: "7d" (7 - days), "48h" (48 hours), "2880m" (2,880 minutes). + days), "48h" (48 hours), "2880m" (2,880 minutes). Defaults to "7d". """ min_snapshots_to_keep: int - """Specifies the minimum number of snapshots to retain.""" + """Specifies the minimum number of snapshots to retain. Defaults to 100.""" state: Literal["enabled", "disabled"] """Specifies the state of maintenance operations.""" diff --git a/src/cloudflare/types/radar/ai/bot_summary_v2_params.py b/src/cloudflare/types/radar/ai/bot_summary_v2_params.py index 047f6066c73..0810ee2579b 100644 --- a/src/cloudflare/types/radar/ai/bot_summary_v2_params.py +++ b/src/cloudflare/types/radar/ai/bot_summary_v2_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Union +from typing import List, Union from datetime import datetime from typing_extensions import Literal, Annotated, TypedDict @@ -21,6 +21,31 @@ class BotSummaryV2Params(TypedDict, total=False): results from AS174, but includes results from AS3356. """ + content_type: Annotated[ + List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ], + PropertyInfo(alias="contentType"), + ] + """Filters results by content type category.""" + continent: SequenceNotStr[str] """Filters results by continent. @@ -70,5 +95,8 @@ class BotSummaryV2Params(TypedDict, total=False): name: SequenceNotStr[str] """Array of names used to label the series in the response.""" + user_agent: Annotated[SequenceNotStr[str], PropertyInfo(alias="userAgent")] + """Filters results by user agent.""" + vertical: SequenceNotStr[str] """Filters results by vertical.""" diff --git a/src/cloudflare/types/radar/ai/bot_timeseries_groups_params.py b/src/cloudflare/types/radar/ai/bot_timeseries_groups_params.py index f67b5eb5569..c686eb359eb 100644 --- a/src/cloudflare/types/radar/ai/bot_timeseries_groups_params.py +++ b/src/cloudflare/types/radar/ai/bot_timeseries_groups_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Union +from typing import List, Union from datetime import datetime from typing_extensions import Literal, Annotated, TypedDict @@ -28,6 +28,31 @@ class BotTimeseriesGroupsParams(TypedDict, total=False): results from AS174, but includes results from AS3356. """ + content_type: Annotated[ + List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ], + PropertyInfo(alias="contentType"), + ] + """Filters results by content type category.""" + continent: SequenceNotStr[str] """Filters results by continent. @@ -77,12 +102,15 @@ class BotTimeseriesGroupsParams(TypedDict, total=False): name: SequenceNotStr[str] """Array of names used to label the series in the response.""" - normalization: Literal["PERCENTAGE_CHANGE", "MIN0_MAX"] + normalization: Literal["PERCENTAGE", "MIN0_MAX"] """Normalization method applied to the results. Refer to [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). """ + user_agent: Annotated[SequenceNotStr[str], PropertyInfo(alias="userAgent")] + """Filters results by user agent.""" + vertical: SequenceNotStr[str] """Filters results by vertical.""" diff --git a/src/cloudflare/types/radar/ai/bot_timeseries_params.py b/src/cloudflare/types/radar/ai/bot_timeseries_params.py index 923174686fe..721c8ed81d6 100644 --- a/src/cloudflare/types/radar/ai/bot_timeseries_params.py +++ b/src/cloudflare/types/radar/ai/bot_timeseries_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Union +from typing import List, Union from datetime import datetime from typing_extensions import Literal, Annotated, TypedDict @@ -28,6 +28,31 @@ class BotTimeseriesParams(TypedDict, total=False): results from AS174, but includes results from AS3356. """ + content_type: Annotated[ + List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ], + PropertyInfo(alias="contentType"), + ] + """Filters results by content type category.""" + continent: SequenceNotStr[str] """Filters results by continent. diff --git a/src/cloudflare/types/radar/ai/timeseries_group_summary_params.py b/src/cloudflare/types/radar/ai/timeseries_group_summary_params.py index 3c9676e1319..75fdfde6aa1 100644 --- a/src/cloudflare/types/radar/ai/timeseries_group_summary_params.py +++ b/src/cloudflare/types/radar/ai/timeseries_group_summary_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Union +from typing import List, Union from datetime import datetime from typing_extensions import Literal, Annotated, TypedDict @@ -21,6 +21,31 @@ class TimeseriesGroupSummaryParams(TypedDict, total=False): results from AS174, but includes results from AS3356. """ + content_type: Annotated[ + List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ], + PropertyInfo(alias="contentType"), + ] + """Filters results by content type category.""" + continent: SequenceNotStr[str] """Filters results by continent. @@ -70,5 +95,8 @@ class TimeseriesGroupSummaryParams(TypedDict, total=False): name: SequenceNotStr[str] """Array of names used to label the series in the response.""" + user_agent: Annotated[SequenceNotStr[str], PropertyInfo(alias="userAgent")] + """Filters results by user agent.""" + vertical: SequenceNotStr[str] """Filters results by vertical.""" diff --git a/src/cloudflare/types/radar/ai/timeseries_group_timeseries_groups_params.py b/src/cloudflare/types/radar/ai/timeseries_group_timeseries_groups_params.py index c5d54b02a09..7dd1b964e90 100644 --- a/src/cloudflare/types/radar/ai/timeseries_group_timeseries_groups_params.py +++ b/src/cloudflare/types/radar/ai/timeseries_group_timeseries_groups_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Union +from typing import List, Union from datetime import datetime from typing_extensions import Literal, Annotated, TypedDict @@ -28,6 +28,31 @@ class TimeseriesGroupTimeseriesGroupsParams(TypedDict, total=False): results from AS174, but includes results from AS3356. """ + content_type: Annotated[ + List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ], + PropertyInfo(alias="contentType"), + ] + """Filters results by content type category.""" + continent: SequenceNotStr[str] """Filters results by continent. @@ -77,12 +102,15 @@ class TimeseriesGroupTimeseriesGroupsParams(TypedDict, total=False): name: SequenceNotStr[str] """Array of names used to label the series in the response.""" - normalization: Literal["PERCENTAGE_CHANGE", "MIN0_MAX"] + normalization: Literal["PERCENTAGE", "MIN0_MAX"] """Normalization method applied to the results. Refer to [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). """ + user_agent: Annotated[SequenceNotStr[str], PropertyInfo(alias="userAgent")] + """Filters results by user agent.""" + vertical: SequenceNotStr[str] """Filters results by vertical.""" diff --git a/src/cloudflare/types/radar/ai/timeseries_group_timeseries_params.py b/src/cloudflare/types/radar/ai/timeseries_group_timeseries_params.py index cc74a76e020..64048c095e5 100644 --- a/src/cloudflare/types/radar/ai/timeseries_group_timeseries_params.py +++ b/src/cloudflare/types/radar/ai/timeseries_group_timeseries_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Union +from typing import List, Union from datetime import datetime from typing_extensions import Literal, Annotated, TypedDict @@ -28,6 +28,31 @@ class TimeseriesGroupTimeseriesParams(TypedDict, total=False): results from AS174, but includes results from AS3356. """ + content_type: Annotated[ + List[ + Literal[ + "HTML", + "IMAGES", + "JSON", + "JAVASCRIPT", + "CSS", + "PLAIN_TEXT", + "FONTS", + "XML", + "YAML", + "VIDEO", + "AUDIO", + "MARKDOWN", + "DOCUMENTS", + "BINARY", + "SERIALIZATION", + "OTHER", + ] + ], + PropertyInfo(alias="contentType"), + ] + """Filters results by content type category.""" + continent: SequenceNotStr[str] """Filters results by continent. diff --git a/src/cloudflare/types/radar/entities/__init__.py b/src/cloudflare/types/radar/entities/__init__.py index 6c5003d8aab..24752ba6bf2 100644 --- a/src/cloudflare/types/radar/entities/__init__.py +++ b/src/cloudflare/types/radar/entities/__init__.py @@ -16,3 +16,5 @@ from .location_list_params import LocationListParams as LocationListParams from .location_get_response import LocationGetResponse as LocationGetResponse from .location_list_response import LocationListResponse as LocationListResponse +from .asn_botnet_threat_feed_params import ASNBotnetThreatFeedParams as ASNBotnetThreatFeedParams +from .asn_botnet_threat_feed_response import ASNBotnetThreatFeedResponse as ASNBotnetThreatFeedResponse diff --git a/src/cloudflare/types/radar/entities/asn_botnet_threat_feed_params.py b/src/cloudflare/types/radar/entities/asn_botnet_threat_feed_params.py new file mode 100644 index 00000000000..3fa0068d4a6 --- /dev/null +++ b/src/cloudflare/types/radar/entities/asn_botnet_threat_feed_params.py @@ -0,0 +1,52 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import datetime +from typing import Union +from typing_extensions import Literal, Annotated, TypedDict + +from ...._types import SequenceNotStr +from ...._utils import PropertyInfo + +__all__ = ["ASNBotnetThreatFeedParams"] + + +class ASNBotnetThreatFeedParams(TypedDict, total=False): + asn: SequenceNotStr[str] + """Filters results by Autonomous System. + + Specify one or more Autonomous System Numbers (ASNs) as a comma-separated list. + Prefix with `-` to exclude ASNs from results. For example, `-174, 3356` excludes + results from AS174, but includes results from AS3356. + """ + + compare_date_range: Annotated[str, PropertyInfo(alias="compareDateRange")] + """Relative date range for rank change comparison (e.g., "1d", "7d", "30d").""" + + date: Annotated[Union[str, datetime.date], PropertyInfo(format="iso8601")] + """The date to retrieve (YYYY-MM-DD format). + + If not specified, returns the most recent available data. Note: This is the date + the report was generated. The report is generated from information collected + from the previous day (e.g., the 2026-02-23 entry contains data from + 2026-02-22). + """ + + format: Literal["JSON", "CSV"] + """Format in which results will be returned.""" + + limit: int + """Limits the number of objects returned in the response.""" + + location: str + """Filters results by location. Specify an alpha-2 location code.""" + + metric: Literal["OFFENSE_COUNT", "NUMBER_OF_OFFENDING_IPS"] + """Metric to rank ASNs by.""" + + offset: int + """Skips the specified number of objects before fetching the results.""" + + sort_order: Annotated[Literal["ASC", "DESC"], PropertyInfo(alias="sortOrder")] + """Sort order.""" diff --git a/src/cloudflare/types/radar/entities/asn_botnet_threat_feed_response.py b/src/cloudflare/types/radar/entities/asn_botnet_threat_feed_response.py new file mode 100644 index 00000000000..55c12b616a9 --- /dev/null +++ b/src/cloudflare/types/radar/entities/asn_botnet_threat_feed_response.py @@ -0,0 +1,35 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import List, Optional + +from pydantic import Field as FieldInfo + +from ...._models import BaseModel + +__all__ = ["ASNBotnetThreatFeedResponse", "Ase", "Meta"] + + +class Ase(BaseModel): + asn: int + + country: str + + name: str + + rank: int + + rank_change: Optional[int] = FieldInfo(alias="rankChange", default=None) + + +class Meta(BaseModel): + date: str + + total: int + + compare_date: Optional[str] = FieldInfo(alias="compareDate", default=None) + + +class ASNBotnetThreatFeedResponse(BaseModel): + ases: List[Ase] + + meta: Meta diff --git a/src/cloudflare/types/radar/entities/location_get_response.py b/src/cloudflare/types/radar/entities/location_get_response.py index 0341e6df340..b93d87ec918 100644 --- a/src/cloudflare/types/radar/entities/location_get_response.py +++ b/src/cloudflare/types/radar/entities/location_get_response.py @@ -12,6 +12,8 @@ class Location(BaseModel): confidence_level: int = FieldInfo(alias="confidenceLevel") + continent: str + latitude: str """A numeric string.""" diff --git a/src/cloudflare/types/radar/entities/location_list_params.py b/src/cloudflare/types/radar/entities/location_list_params.py index b276685eb71..f448948d6c8 100644 --- a/src/cloudflare/types/radar/entities/location_list_params.py +++ b/src/cloudflare/types/radar/entities/location_list_params.py @@ -8,6 +8,9 @@ class LocationListParams(TypedDict, total=False): + continent: Literal["AF", "AS", "EU", "NA", "OC", "SA"] + """Filters results by continent code.""" + format: Literal["JSON", "CSV"] """Format in which results will be returned.""" @@ -22,3 +25,9 @@ class LocationListParams(TypedDict, total=False): offset: int """Skips the specified number of objects before fetching the results.""" + + region: str + """Filters results by region.""" + + subregion: str + """Filters results by subregion.""" diff --git a/src/cloudflare/types/radar/entities/location_list_response.py b/src/cloudflare/types/radar/entities/location_list_response.py index 11030b01b7a..e7fe1aab221 100644 --- a/src/cloudflare/types/radar/entities/location_list_response.py +++ b/src/cloudflare/types/radar/entities/location_list_response.py @@ -10,6 +10,8 @@ class Location(BaseModel): alpha2: str + continent: str + latitude: str """A numeric string.""" @@ -18,6 +20,10 @@ class Location(BaseModel): name: str + region: str + + subregion: str + class LocationListResponse(BaseModel): locations: List[Location] diff --git a/src/cloudflare/types/radar/post_quantum/__init__.py b/src/cloudflare/types/radar/post_quantum/__init__.py new file mode 100644 index 00000000000..c0a2df15901 --- /dev/null +++ b/src/cloudflare/types/radar/post_quantum/__init__.py @@ -0,0 +1,10 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from .tls_support_params import TLSSupportParams as TLSSupportParams +from .tls_support_response import TLSSupportResponse as TLSSupportResponse +from .origin_summary_params import OriginSummaryParams as OriginSummaryParams +from .origin_summary_response import OriginSummaryResponse as OriginSummaryResponse +from .origin_timeseries_groups_params import OriginTimeseriesGroupsParams as OriginTimeseriesGroupsParams +from .origin_timeseries_groups_response import OriginTimeseriesGroupsResponse as OriginTimeseriesGroupsResponse diff --git a/src/cloudflare/types/radar/post_quantum/origin_summary_params.py b/src/cloudflare/types/radar/post_quantum/origin_summary_params.py new file mode 100644 index 00000000000..b13676cd872 --- /dev/null +++ b/src/cloudflare/types/radar/post_quantum/origin_summary_params.py @@ -0,0 +1,34 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Union +from datetime import datetime +from typing_extensions import Literal, Annotated, TypedDict + +from ...._types import SequenceNotStr +from ...._utils import PropertyInfo + +__all__ = ["OriginSummaryParams"] + + +class OriginSummaryParams(TypedDict, total=False): + date_end: Annotated[SequenceNotStr[Union[str, datetime]], PropertyInfo(alias="dateEnd", format="iso8601")] + """End of the date range (inclusive).""" + + date_range: Annotated[SequenceNotStr[str], PropertyInfo(alias="dateRange")] + """Filters results by date range. + + For example, use `7d` and `7dcontrol` to compare this week with the previous + week. Use this parameter or set specific start and end dates (`dateStart` and + `dateEnd` parameters). + """ + + date_start: Annotated[SequenceNotStr[Union[str, datetime]], PropertyInfo(alias="dateStart", format="iso8601")] + """Start of the date range.""" + + format: Literal["JSON", "CSV"] + """Format in which results will be returned.""" + + name: SequenceNotStr[str] + """Array of names used to label the series in the response.""" diff --git a/src/cloudflare/types/radar/post_quantum/origin_summary_response.py b/src/cloudflare/types/radar/post_quantum/origin_summary_response.py new file mode 100644 index 00000000000..13c6f1e4089 --- /dev/null +++ b/src/cloudflare/types/radar/post_quantum/origin_summary_response.py @@ -0,0 +1,125 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Dict, List +from datetime import datetime +from typing_extensions import Literal + +from pydantic import Field as FieldInfo + +from ...._models import BaseModel + +__all__ = [ + "OriginSummaryResponse", + "Meta", + "MetaConfidenceInfo", + "MetaConfidenceInfoAnnotation", + "MetaDateRange", + "MetaUnit", +] + + +class MetaConfidenceInfoAnnotation(BaseModel): + """Annotation associated with the result (e.g. outage or other type of event).""" + + data_source: Literal[ + "ALL", + "AI_BOTS", + "AI_GATEWAY", + "BGP", + "BOTS", + "CONNECTION_ANOMALY", + "CT", + "DNS", + "DNS_MAGNITUDE", + "DNS_AS112", + "DOS", + "EMAIL_ROUTING", + "EMAIL_SECURITY", + "FW", + "FW_PG", + "HTTP", + "HTTP_CONTROL", + "HTTP_CRAWLER_REFERER", + "HTTP_ORIGINS", + "IQI", + "LEAKED_CREDENTIALS", + "NET", + "ROBOTS_TXT", + "SPEED", + "WORKERS_AI", + ] = FieldInfo(alias="dataSource") + """Data source for annotations.""" + + description: str + + end_date: datetime = FieldInfo(alias="endDate") + + event_type: Literal["EVENT", "GENERAL", "OUTAGE", "PARTIAL_PROJECTION", "PIPELINE", "TRAFFIC_ANOMALY"] = FieldInfo( + alias="eventType" + ) + """Event type for annotations.""" + + is_instantaneous: bool = FieldInfo(alias="isInstantaneous") + """Whether event is a single point in time or a time range.""" + + linked_url: str = FieldInfo(alias="linkedUrl") + + start_date: datetime = FieldInfo(alias="startDate") + + +class MetaConfidenceInfo(BaseModel): + annotations: List[MetaConfidenceInfoAnnotation] + + level: int + """Provides an indication of how much confidence Cloudflare has in the data.""" + + +class MetaDateRange(BaseModel): + end_time: datetime = FieldInfo(alias="endTime") + """Adjusted end of date range.""" + + start_time: datetime = FieldInfo(alias="startTime") + """Adjusted start of date range.""" + + +class MetaUnit(BaseModel): + name: str + + value: str + + +class Meta(BaseModel): + """Metadata for the results.""" + + confidence_info: MetaConfidenceInfo = FieldInfo(alias="confidenceInfo") + + date_range: List[MetaDateRange] = FieldInfo(alias="dateRange") + + last_updated: datetime = FieldInfo(alias="lastUpdated") + """Timestamp of the last dataset update.""" + + normalization: Literal[ + "PERCENTAGE", + "MIN0_MAX", + "MIN_MAX", + "RAW_VALUES", + "PERCENTAGE_CHANGE", + "ROLLING_AVERAGE", + "OVERLAPPED_PERCENTAGE", + "RATIO", + ] + """Normalization method applied to the results. + + Refer to + [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). + """ + + units: List[MetaUnit] + """Measurement units for the results.""" + + +class OriginSummaryResponse(BaseModel): + meta: Meta + """Metadata for the results.""" + + summary_0: Dict[str, str] diff --git a/src/cloudflare/types/radar/post_quantum/origin_timeseries_groups_params.py b/src/cloudflare/types/radar/post_quantum/origin_timeseries_groups_params.py new file mode 100644 index 00000000000..9abc011f5c0 --- /dev/null +++ b/src/cloudflare/types/radar/post_quantum/origin_timeseries_groups_params.py @@ -0,0 +1,34 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing import Union +from datetime import datetime +from typing_extensions import Literal, Annotated, TypedDict + +from ...._types import SequenceNotStr +from ...._utils import PropertyInfo + +__all__ = ["OriginTimeseriesGroupsParams"] + + +class OriginTimeseriesGroupsParams(TypedDict, total=False): + date_end: Annotated[SequenceNotStr[Union[str, datetime]], PropertyInfo(alias="dateEnd", format="iso8601")] + """End of the date range (inclusive).""" + + date_range: Annotated[SequenceNotStr[str], PropertyInfo(alias="dateRange")] + """Filters results by date range. + + For example, use `7d` and `7dcontrol` to compare this week with the previous + week. Use this parameter or set specific start and end dates (`dateStart` and + `dateEnd` parameters). + """ + + date_start: Annotated[SequenceNotStr[Union[str, datetime]], PropertyInfo(alias="dateStart", format="iso8601")] + """Start of the date range.""" + + format: Literal["JSON", "CSV"] + """Format in which results will be returned.""" + + name: SequenceNotStr[str] + """Array of names used to label the series in the response.""" diff --git a/src/cloudflare/types/radar/post_quantum/origin_timeseries_groups_response.py b/src/cloudflare/types/radar/post_quantum/origin_timeseries_groups_response.py new file mode 100644 index 00000000000..90d8e47485d --- /dev/null +++ b/src/cloudflare/types/radar/post_quantum/origin_timeseries_groups_response.py @@ -0,0 +1,151 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import TYPE_CHECKING, Dict, List +from datetime import datetime +from typing_extensions import Literal + +from pydantic import Field as FieldInfo + +from ...._models import BaseModel + +__all__ = [ + "OriginTimeseriesGroupsResponse", + "Meta", + "MetaConfidenceInfo", + "MetaConfidenceInfoAnnotation", + "MetaDateRange", + "MetaUnit", + "Serie0", +] + + +class MetaConfidenceInfoAnnotation(BaseModel): + """Annotation associated with the result (e.g. outage or other type of event).""" + + data_source: Literal[ + "ALL", + "AI_BOTS", + "AI_GATEWAY", + "BGP", + "BOTS", + "CONNECTION_ANOMALY", + "CT", + "DNS", + "DNS_MAGNITUDE", + "DNS_AS112", + "DOS", + "EMAIL_ROUTING", + "EMAIL_SECURITY", + "FW", + "FW_PG", + "HTTP", + "HTTP_CONTROL", + "HTTP_CRAWLER_REFERER", + "HTTP_ORIGINS", + "IQI", + "LEAKED_CREDENTIALS", + "NET", + "ROBOTS_TXT", + "SPEED", + "WORKERS_AI", + ] = FieldInfo(alias="dataSource") + """Data source for annotations.""" + + description: str + + end_date: datetime = FieldInfo(alias="endDate") + + event_type: Literal["EVENT", "GENERAL", "OUTAGE", "PARTIAL_PROJECTION", "PIPELINE", "TRAFFIC_ANOMALY"] = FieldInfo( + alias="eventType" + ) + """Event type for annotations.""" + + is_instantaneous: bool = FieldInfo(alias="isInstantaneous") + """Whether event is a single point in time or a time range.""" + + linked_url: str = FieldInfo(alias="linkedUrl") + + start_date: datetime = FieldInfo(alias="startDate") + + +class MetaConfidenceInfo(BaseModel): + annotations: List[MetaConfidenceInfoAnnotation] + + level: int + """Provides an indication of how much confidence Cloudflare has in the data.""" + + +class MetaDateRange(BaseModel): + end_time: datetime = FieldInfo(alias="endTime") + """Adjusted end of date range.""" + + start_time: datetime = FieldInfo(alias="startTime") + """Adjusted start of date range.""" + + +class MetaUnit(BaseModel): + name: str + + value: str + + +class Meta(BaseModel): + """Metadata for the results.""" + + agg_interval: Literal["FIFTEEN_MINUTES", "ONE_HOUR", "ONE_DAY", "ONE_WEEK", "ONE_MONTH"] = FieldInfo( + alias="aggInterval" + ) + """Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals). + + Refer to + [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/). + """ + + confidence_info: MetaConfidenceInfo = FieldInfo(alias="confidenceInfo") + + date_range: List[MetaDateRange] = FieldInfo(alias="dateRange") + + last_updated: datetime = FieldInfo(alias="lastUpdated") + """Timestamp of the last dataset update.""" + + normalization: Literal[ + "PERCENTAGE", + "MIN0_MAX", + "MIN_MAX", + "RAW_VALUES", + "PERCENTAGE_CHANGE", + "ROLLING_AVERAGE", + "OVERLAPPED_PERCENTAGE", + "RATIO", + ] + """Normalization method applied to the results. + + Refer to + [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/). + """ + + units: List[MetaUnit] + """Measurement units for the results.""" + + +class Serie0(BaseModel): + timestamps: List[datetime] + + if TYPE_CHECKING: + # Some versions of Pydantic <2.8.0 have a bug and don’t allow assigning a + # value to this field, so for compatibility we avoid doing it at runtime. + __pydantic_extra__: Dict[str, List[str]] = FieldInfo(init=False) # pyright: ignore[reportIncompatibleVariableOverride] + + # Stub to indicate that arbitrary properties are accepted. + # To access properties that are not valid identifiers you can use `getattr`, e.g. + # `getattr(obj, '$type')` + def __getattr__(self, attr: str) -> List[str]: ... + else: + __pydantic_extra__: Dict[str, List[str]] + + +class OriginTimeseriesGroupsResponse(BaseModel): + meta: Meta + """Metadata for the results.""" + + serie_0: Serie0 diff --git a/src/cloudflare/types/radar/post_quantum/tls_support_params.py b/src/cloudflare/types/radar/post_quantum/tls_support_params.py new file mode 100644 index 00000000000..9f0384ab7ed --- /dev/null +++ b/src/cloudflare/types/radar/post_quantum/tls_support_params.py @@ -0,0 +1,15 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["TLSSupportParams"] + + +class TLSSupportParams(TypedDict, total=False): + host: Required[str] + """ + Hostname or IP address to test for Post-Quantum TLS support, optionally with + port (defaults to 443). + """ diff --git a/src/cloudflare/types/radar/post_quantum/tls_support_response.py b/src/cloudflare/types/radar/post_quantum/tls_support_response.py new file mode 100644 index 00000000000..dc66cee82cf --- /dev/null +++ b/src/cloudflare/types/radar/post_quantum/tls_support_response.py @@ -0,0 +1,21 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from pydantic import Field as FieldInfo + +from ...._models import BaseModel + +__all__ = ["TLSSupportResponse"] + + +class TLSSupportResponse(BaseModel): + host: str + """The host that was tested""" + + kex: float + """TLS CurveID of the negotiated key exchange""" + + kex_name: str = FieldInfo(alias="kexName") + """Human-readable name of the key exchange algorithm""" + + pq: bool + """Whether the negotiated key exchange uses Post-Quantum cryptography""" diff --git a/src/cloudflare/types/rulesets/rule_create_params.py b/src/cloudflare/types/rulesets/rule_create_params.py index f563df717d4..a8435dbd1c2 100644 --- a/src/cloudflare/types/rulesets/rule_create_params.py +++ b/src/cloudflare/types/rulesets/rule_create_params.py @@ -3013,6 +3013,9 @@ class SetConfigurationRuleActionParameters(TypedDict, total=False): bic: bool """Whether to enable Browser Integrity Check (BIC).""" + content_converter: bool + """Whether to enable content conversion (e.g., HTML to Markdown).""" + disable_apps: Literal[True] """Whether to disable Cloudflare Apps.""" diff --git a/src/cloudflare/types/rulesets/rule_edit_params.py b/src/cloudflare/types/rulesets/rule_edit_params.py index 717b3e108cd..c3c46474390 100644 --- a/src/cloudflare/types/rulesets/rule_edit_params.py +++ b/src/cloudflare/types/rulesets/rule_edit_params.py @@ -3064,6 +3064,9 @@ class SetConfigurationRuleActionParameters(TypedDict, total=False): bic: bool """Whether to enable Browser Integrity Check (BIC).""" + content_converter: bool + """Whether to enable content conversion (e.g., HTML to Markdown).""" + disable_apps: Literal[True] """Whether to disable Cloudflare Apps.""" diff --git a/src/cloudflare/types/rulesets/set_config_rule.py b/src/cloudflare/types/rulesets/set_config_rule.py index b2f42a3957e..9aa19460bf5 100644 --- a/src/cloudflare/types/rulesets/set_config_rule.py +++ b/src/cloudflare/types/rulesets/set_config_rule.py @@ -35,6 +35,9 @@ class ActionParameters(BaseModel): bic: Optional[bool] = None """Whether to enable Browser Integrity Check (BIC).""" + content_converter: Optional[bool] = None + """Whether to enable content conversion (e.g., HTML to Markdown).""" + disable_apps: Optional[Literal[True]] = None """Whether to disable Cloudflare Apps.""" diff --git a/src/cloudflare/types/rulesets/set_config_rule_param.py b/src/cloudflare/types/rulesets/set_config_rule_param.py index b40b670d169..0bc012392d0 100644 --- a/src/cloudflare/types/rulesets/set_config_rule_param.py +++ b/src/cloudflare/types/rulesets/set_config_rule_param.py @@ -41,6 +41,9 @@ class ActionParameters(TypedDict, total=False): bic: bool """Whether to enable Browser Integrity Check (BIC).""" + content_converter: bool + """Whether to enable content conversion (e.g., HTML to Markdown).""" + disable_apps: Literal[True] """Whether to disable Cloudflare Apps.""" diff --git a/src/cloudflare/types/snippets/__init__.py b/src/cloudflare/types/snippets/__init__.py index 380f54adfbb..a88bcebd970 100644 --- a/src/cloudflare/types/snippets/__init__.py +++ b/src/cloudflare/types/snippets/__init__.py @@ -2,13 +2,9 @@ from __future__ import annotations -from .rule_list_response import RuleListResponse as RuleListResponse from .rule_update_params import RuleUpdateParams as RuleUpdateParams from .snippet_list_params import SnippetListParams as SnippetListParams -from .rule_delete_response import RuleDeleteResponse as RuleDeleteResponse -from .rule_update_response import RuleUpdateResponse as RuleUpdateResponse from .snippet_get_response import SnippetGetResponse as SnippetGetResponse from .snippet_list_response import SnippetListResponse as SnippetListResponse from .snippet_update_params import SnippetUpdateParams as SnippetUpdateParams -from .snippet_delete_response import SnippetDeleteResponse as SnippetDeleteResponse from .snippet_update_response import SnippetUpdateResponse as SnippetUpdateResponse diff --git a/src/cloudflare/types/snippets/rule_delete_response.py b/src/cloudflare/types/snippets/rule_delete_response.py deleted file mode 100644 index 82daad343b7..00000000000 --- a/src/cloudflare/types/snippets/rule_delete_response.py +++ /dev/null @@ -1,30 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import Optional -from datetime import datetime - -from ..._models import BaseModel - -__all__ = ["RuleDeleteResponse"] - - -class RuleDeleteResponse(BaseModel): - """A snippet rule.""" - - id: str - """The unique ID of the rule.""" - - expression: str - """The expression defining which traffic will match the rule.""" - - last_updated: datetime - """The timestamp of when the rule was last modified.""" - - snippet_name: str - """The identifying name of the snippet.""" - - description: Optional[str] = None - """An informative description of the rule.""" - - enabled: Optional[bool] = None - """Whether the rule should be executed.""" diff --git a/src/cloudflare/types/snippets/rule_list_response.py b/src/cloudflare/types/snippets/rule_list_response.py deleted file mode 100644 index 580009e8c7b..00000000000 --- a/src/cloudflare/types/snippets/rule_list_response.py +++ /dev/null @@ -1,30 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import Optional -from datetime import datetime - -from ..._models import BaseModel - -__all__ = ["RuleListResponse"] - - -class RuleListResponse(BaseModel): - """A snippet rule.""" - - id: str - """The unique ID of the rule.""" - - expression: str - """The expression defining which traffic will match the rule.""" - - last_updated: datetime - """The timestamp of when the rule was last modified.""" - - snippet_name: str - """The identifying name of the snippet.""" - - description: Optional[str] = None - """An informative description of the rule.""" - - enabled: Optional[bool] = None - """Whether the rule should be executed.""" diff --git a/src/cloudflare/types/snippets/rule_update_params.py b/src/cloudflare/types/snippets/rule_update_params.py index cb9b6928438..9511ef89cf8 100644 --- a/src/cloudflare/types/snippets/rule_update_params.py +++ b/src/cloudflare/types/snippets/rule_update_params.py @@ -10,23 +10,23 @@ class RuleUpdateParams(TypedDict, total=False): zone_id: Required[str] - """The unique ID of the zone.""" + """Use this field to specify the unique ID of the zone.""" rules: Required[Iterable[Rule]] - """A list of snippet rules.""" + """Lists snippet rules.""" class Rule(TypedDict, total=False): - """A snippet rule.""" + """Define a snippet rule.""" expression: Required[str] - """The expression defining which traffic will match the rule.""" + """Define the expression that determines which traffic matches the rule.""" snippet_name: Required[str] - """The identifying name of the snippet.""" + """Identify the snippet.""" description: str - """An informative description of the rule.""" + """Provide an informative description of the rule.""" enabled: bool - """Whether the rule should be executed.""" + """Indicate whether to execute the rule.""" diff --git a/src/cloudflare/types/snippets/rule_update_response.py b/src/cloudflare/types/snippets/rule_update_response.py deleted file mode 100644 index df082807a5b..00000000000 --- a/src/cloudflare/types/snippets/rule_update_response.py +++ /dev/null @@ -1,30 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import Optional -from datetime import datetime - -from ..._models import BaseModel - -__all__ = ["RuleUpdateResponse"] - - -class RuleUpdateResponse(BaseModel): - """A snippet rule.""" - - id: str - """The unique ID of the rule.""" - - expression: str - """The expression defining which traffic will match the rule.""" - - last_updated: datetime - """The timestamp of when the rule was last modified.""" - - snippet_name: str - """The identifying name of the snippet.""" - - description: Optional[str] = None - """An informative description of the rule.""" - - enabled: Optional[bool] = None - """Whether the rule should be executed.""" diff --git a/src/cloudflare/types/snippets/snippet_get_response.py b/src/cloudflare/types/snippets/snippet_get_response.py index bc87585db18..b47c3658811 100644 --- a/src/cloudflare/types/snippets/snippet_get_response.py +++ b/src/cloudflare/types/snippets/snippet_get_response.py @@ -9,13 +9,13 @@ class SnippetGetResponse(BaseModel): - """A result.""" + """Contain the response result.""" created_on: datetime - """The timestamp of when the snippet was created.""" + """Indicates when the snippet was created.""" snippet_name: str - """The identifying name of the snippet.""" + """Identify the snippet.""" modified_on: Optional[datetime] = None - """The timestamp of when the snippet was last modified.""" + """Indicates when the snippet was last modified.""" diff --git a/src/cloudflare/types/snippets/snippet_list_params.py b/src/cloudflare/types/snippets/snippet_list_params.py index 2415136e4e5..6a88fa28753 100644 --- a/src/cloudflare/types/snippets/snippet_list_params.py +++ b/src/cloudflare/types/snippets/snippet_list_params.py @@ -9,10 +9,10 @@ class SnippetListParams(TypedDict, total=False): zone_id: Required[str] - """The unique ID of the zone.""" + """Use this field to specify the unique ID of the zone.""" page: int - """The current page number.""" + """Specifies the current page number.""" per_page: int - """The number of results to return per page.""" + """Specifies how many results to return per page.""" diff --git a/src/cloudflare/types/snippets/snippet_list_response.py b/src/cloudflare/types/snippets/snippet_list_response.py index 5ef8813a826..91e3fb5f017 100644 --- a/src/cloudflare/types/snippets/snippet_list_response.py +++ b/src/cloudflare/types/snippets/snippet_list_response.py @@ -9,13 +9,13 @@ class SnippetListResponse(BaseModel): - """A snippet object.""" + """Define a snippet.""" created_on: datetime - """The timestamp of when the snippet was created.""" + """Indicates when the snippet was created.""" snippet_name: str - """The identifying name of the snippet.""" + """Identify the snippet.""" modified_on: Optional[datetime] = None - """The timestamp of when the snippet was last modified.""" + """Indicates when the snippet was last modified.""" diff --git a/src/cloudflare/types/snippets/snippet_update_params.py b/src/cloudflare/types/snippets/snippet_update_params.py index cf18ba62793..9018359d3cf 100644 --- a/src/cloudflare/types/snippets/snippet_update_params.py +++ b/src/cloudflare/types/snippets/snippet_update_params.py @@ -9,14 +9,14 @@ class SnippetUpdateParams(TypedDict, total=False): zone_id: Required[str] - """The unique ID of the zone.""" + """Use this field to specify the unique ID of the zone.""" metadata: Required[Metadata] - """Metadata about the snippet.""" + """Provide metadata about the snippet.""" class Metadata(TypedDict, total=False): - """Metadata about the snippet.""" + """Provide metadata about the snippet.""" main_module: Required[str] - """Name of the file that contains the main module of the snippet.""" + """Specify the name of the file that contains the main module of the snippet.""" diff --git a/src/cloudflare/types/snippets/snippet_update_response.py b/src/cloudflare/types/snippets/snippet_update_response.py index 1b9b6734aaf..a3466c92a0a 100644 --- a/src/cloudflare/types/snippets/snippet_update_response.py +++ b/src/cloudflare/types/snippets/snippet_update_response.py @@ -9,13 +9,13 @@ class SnippetUpdateResponse(BaseModel): - """A result.""" + """Contain the response result.""" created_on: datetime - """The timestamp of when the snippet was created.""" + """Indicates when the snippet was created.""" snippet_name: str - """The identifying name of the snippet.""" + """Identify the snippet.""" modified_on: Optional[datetime] = None - """The timestamp of when the snippet was last modified.""" + """Indicates when the snippet was last modified.""" diff --git a/src/cloudflare/types/ssl/certificate_pack_create_response.py b/src/cloudflare/types/ssl/certificate_pack_create_response.py index 7e8b4a2e3b4..6612f00e203 100644 --- a/src/cloudflare/types/ssl/certificate_pack_create_response.py +++ b/src/cloudflare/types/ssl/certificate_pack_create_response.py @@ -12,6 +12,7 @@ "CertificatePackCreateResponse", "Certificate", "CertificateGeoRestrictions", + "DCVDelegationRecord", "ValidationError", "ValidationRecord", ] @@ -63,6 +64,46 @@ class Certificate(BaseModel): """Identifier.""" +class DCVDelegationRecord(BaseModel): + """Certificate's required validation record.""" + + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class ValidationError(BaseModel): message: Optional[str] = None """A domain validation error.""" @@ -71,6 +112,12 @@ class ValidationError(BaseModel): class ValidationRecord(BaseModel): """Certificate's required validation record.""" + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -86,6 +133,9 @@ class ValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -137,6 +187,9 @@ class CertificatePackCreateResponse(BaseModel): true. """ + dcv_delegation_records: Optional[List[DCVDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + primary_certificate: Optional[str] = None """Identifier of the primary certificate in a pack.""" diff --git a/src/cloudflare/types/ssl/certificate_pack_edit_response.py b/src/cloudflare/types/ssl/certificate_pack_edit_response.py index bbfa664c5da..49b082dc034 100644 --- a/src/cloudflare/types/ssl/certificate_pack_edit_response.py +++ b/src/cloudflare/types/ssl/certificate_pack_edit_response.py @@ -12,6 +12,7 @@ "CertificatePackEditResponse", "Certificate", "CertificateGeoRestrictions", + "DCVDelegationRecord", "ValidationError", "ValidationRecord", ] @@ -63,6 +64,46 @@ class Certificate(BaseModel): """Identifier.""" +class DCVDelegationRecord(BaseModel): + """Certificate's required validation record.""" + + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class ValidationError(BaseModel): message: Optional[str] = None """A domain validation error.""" @@ -71,6 +112,12 @@ class ValidationError(BaseModel): class ValidationRecord(BaseModel): """Certificate's required validation record.""" + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -86,6 +133,9 @@ class ValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -137,6 +187,9 @@ class CertificatePackEditResponse(BaseModel): true. """ + dcv_delegation_records: Optional[List[DCVDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + primary_certificate: Optional[str] = None """Identifier of the primary certificate in a pack.""" diff --git a/src/cloudflare/types/ssl/certificate_pack_get_response.py b/src/cloudflare/types/ssl/certificate_pack_get_response.py index 126119249fc..5a3b5a9eed0 100644 --- a/src/cloudflare/types/ssl/certificate_pack_get_response.py +++ b/src/cloudflare/types/ssl/certificate_pack_get_response.py @@ -12,6 +12,7 @@ "CertificatePackGetResponse", "Certificate", "CertificateGeoRestrictions", + "DCVDelegationRecord", "ValidationError", "ValidationRecord", ] @@ -63,6 +64,46 @@ class Certificate(BaseModel): """Identifier.""" +class DCVDelegationRecord(BaseModel): + """Certificate's required validation record.""" + + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class ValidationError(BaseModel): message: Optional[str] = None """A domain validation error.""" @@ -71,6 +112,12 @@ class ValidationError(BaseModel): class ValidationRecord(BaseModel): """Certificate's required validation record.""" + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -86,6 +133,9 @@ class ValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -137,6 +187,9 @@ class CertificatePackGetResponse(BaseModel): true. """ + dcv_delegation_records: Optional[List[DCVDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + primary_certificate: Optional[str] = None """Identifier of the primary certificate in a pack.""" diff --git a/src/cloudflare/types/ssl/certificate_pack_list_params.py b/src/cloudflare/types/ssl/certificate_pack_list_params.py index 60e4ed1a7ec..b231888d073 100644 --- a/src/cloudflare/types/ssl/certificate_pack_list_params.py +++ b/src/cloudflare/types/ssl/certificate_pack_list_params.py @@ -11,5 +11,14 @@ class CertificatePackListParams(TypedDict, total=False): zone_id: Required[str] """Identifier.""" + deploy: Literal["staging", "production"] + """Specify the deployment environment for the certificate packs.""" + + page: float + """Page number of paginated results.""" + + per_page: float + """Number of certificate packs per page.""" + status: Literal["all"] """Include Certificate Packs of all statuses, not just active ones.""" diff --git a/src/cloudflare/types/ssl/certificate_pack_list_response.py b/src/cloudflare/types/ssl/certificate_pack_list_response.py index f189cc048b0..1255a10c5f4 100644 --- a/src/cloudflare/types/ssl/certificate_pack_list_response.py +++ b/src/cloudflare/types/ssl/certificate_pack_list_response.py @@ -12,6 +12,7 @@ "CertificatePackListResponse", "Certificate", "CertificateGeoRestrictions", + "DCVDelegationRecord", "ValidationError", "ValidationRecord", ] @@ -63,6 +64,46 @@ class Certificate(BaseModel): """Identifier.""" +class DCVDelegationRecord(BaseModel): + """Certificate's required validation record.""" + + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + + emails: Optional[List[str]] = None + """ + The set of email addresses that the certificate authority (CA) will use to + complete domain validation. + """ + + http_body: Optional[str] = None + """ + The content that the certificate authority (CA) will expect to find at the + http_url during the domain validation. + """ + + http_url: Optional[str] = None + """The url that will be checked during domain validation.""" + + status: Optional[str] = None + """Status of the validation record.""" + + txt_name: Optional[str] = None + """ + The hostname that the certificate authority (CA) will check for a TXT record + during domain validation . + """ + + txt_value: Optional[str] = None + """ + The TXT record that the certificate authority (CA) will check during domain + validation. + """ + + class ValidationError(BaseModel): message: Optional[str] = None """A domain validation error.""" @@ -71,6 +112,12 @@ class ValidationError(BaseModel): class ValidationRecord(BaseModel): """Certificate's required validation record.""" + cname: Optional[str] = None + """The CNAME record hostname for DCV delegation.""" + + cname_target: Optional[str] = None + """The CNAME record target value for DCV delegation.""" + emails: Optional[List[str]] = None """ The set of email addresses that the certificate authority (CA) will use to @@ -86,6 +133,9 @@ class ValidationRecord(BaseModel): http_url: Optional[str] = None """The url that will be checked during domain validation.""" + status: Optional[str] = None + """Status of the validation record.""" + txt_name: Optional[str] = None """ The hostname that the certificate authority (CA) will check for a TXT record @@ -137,6 +187,9 @@ class CertificatePackListResponse(BaseModel): true. """ + dcv_delegation_records: Optional[List[DCVDelegationRecord]] = None + """DCV Delegation records for domain validation.""" + primary_certificate: Optional[str] = None """Identifier of the primary certificate in a pack.""" diff --git a/src/cloudflare/types/stream/live_input.py b/src/cloudflare/types/stream/live_input.py index 34cac4b8421..22f2545e09d 100644 --- a/src/cloudflare/types/stream/live_input.py +++ b/src/cloudflare/types/stream/live_input.py @@ -128,6 +128,9 @@ class LiveInput(BaseModel): scheduled deletion. """ + enabled: Optional[bool] = None + """Indicates whether the live input is enabled and can accept streams.""" + meta: Optional[object] = None """ A user modifiable key-value store used to reference other systems of record for diff --git a/src/cloudflare/types/stream/live_input_create_params.py b/src/cloudflare/types/stream/live_input_create_params.py index 8605ec007cf..63f6f095320 100644 --- a/src/cloudflare/types/stream/live_input_create_params.py +++ b/src/cloudflare/types/stream/live_input_create_params.py @@ -26,6 +26,9 @@ class LiveInputCreateParams(TypedDict, total=False): scheduled deletion. """ + enabled: bool + """Indicates whether the live input is enabled and can accept streams.""" + meta: object """ A user modifiable key-value store used to reference other systems of record for diff --git a/src/cloudflare/types/stream/live_input_list_response.py b/src/cloudflare/types/stream/live_input_list_response.py index 89345d5d01a..8fc70105545 100644 --- a/src/cloudflare/types/stream/live_input_list_response.py +++ b/src/cloudflare/types/stream/live_input_list_response.py @@ -23,6 +23,9 @@ class LiveInput(BaseModel): scheduled deletion. """ + enabled: Optional[bool] = None + """Indicates whether the live input is enabled and can accept streams.""" + meta: Optional[object] = None """ A user modifiable key-value store used to reference other systems of record for diff --git a/src/cloudflare/types/stream/live_input_update_params.py b/src/cloudflare/types/stream/live_input_update_params.py index c75146f9fbb..248048df5af 100644 --- a/src/cloudflare/types/stream/live_input_update_params.py +++ b/src/cloudflare/types/stream/live_input_update_params.py @@ -26,6 +26,9 @@ class LiveInputUpdateParams(TypedDict, total=False): scheduled deletion. """ + enabled: bool + """Indicates whether the live input is enabled and can accept streams.""" + meta: object """ A user modifiable key-value store used to reference other systems of record for diff --git a/src/cloudflare/types/url_scanner/scan_get_response.py b/src/cloudflare/types/url_scanner/scan_get_response.py index c2acc8e9ffa..bc7dcb7525a 100644 --- a/src/cloudflare/types/url_scanner/scan_get_response.py +++ b/src/cloudflare/types/url_scanner/scan_get_response.py @@ -47,6 +47,11 @@ "MetaProcessorsWappaData", "MetaProcessorsWappaDataCategory", "MetaProcessorsWappaDataConfidence", + "MetaProcessorsRobotsTXT", + "MetaProcessorsRobotsTXTData", + "MetaProcessorsRobotsTXTDataRules", + "MetaProcessorsRobotsTXTDataRulesapi_empty", + "MetaProcessorsRobotsTXTDataRulesapi_emptyContentSignal", "MetaProcessorsURLCategories", "MetaProcessorsURLCategoriesData", "MetaProcessorsURLCategoriesDataContent", @@ -498,6 +503,42 @@ class MetaProcessorsWappa(BaseModel): data: List[MetaProcessorsWappaData] +class MetaProcessorsRobotsTXTDataRulesapi_emptyContentSignal(BaseModel): + ai_input: Optional[str] = FieldInfo(alias="ai-input", default=None) + + ai_train: Optional[str] = FieldInfo(alias="ai-train", default=None) + + search: Optional[str] = None + + +class MetaProcessorsRobotsTXTDataRulesapi_empty(BaseModel): + allow: List[str] + + disallow: List[str] + + content_signal: Optional[MetaProcessorsRobotsTXTDataRulesapi_emptyContentSignal] = FieldInfo( + alias="contentSignal", default=None + ) + + crawl_delay: Optional[float] = FieldInfo(alias="crawlDelay", default=None) + + +class MetaProcessorsRobotsTXTDataRules(BaseModel): + api_empty: MetaProcessorsRobotsTXTDataRulesapi_empty = FieldInfo(alias="*") + + +class MetaProcessorsRobotsTXTData(BaseModel): + rules: MetaProcessorsRobotsTXTDataRules + + sitemaps: List[str] + + hash: Optional[str] = None + + +class MetaProcessorsRobotsTXT(BaseModel): + data: List[MetaProcessorsRobotsTXTData] + + class MetaProcessorsURLCategoriesDataContent(BaseModel): id: float @@ -567,6 +608,8 @@ class MetaProcessors(BaseModel): wappa: MetaProcessorsWappa + robots_txt: Optional[MetaProcessorsRobotsTXT] = FieldInfo(alias="robotsTxt", default=None) + url_categories: Optional[MetaProcessorsURLCategories] = FieldInfo(alias="urlCategories", default=None) diff --git a/src/cloudflare/types/workers/beta/workers/version.py b/src/cloudflare/types/workers/beta/workers/version.py index f8b606eff70..26a16505ff2 100644 --- a/src/cloudflare/types/workers/beta/workers/version.py +++ b/src/cloudflare/types/workers/beta/workers/version.py @@ -24,6 +24,7 @@ "BindingWorkersBindingKindDataBlob", "BindingWorkersBindingKindDispatchNamespace", "BindingWorkersBindingKindDispatchNamespaceOutbound", + "BindingWorkersBindingKindDispatchNamespaceOutboundParam", "BindingWorkersBindingKindDispatchNamespaceOutboundWorker", "BindingWorkersBindingKindDurableObjectNamespace", "BindingWorkersBindingKindHyperdrive", @@ -179,9 +180,17 @@ class BindingWorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class BindingWorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -192,7 +201,7 @@ class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): class BindingWorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[BindingWorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -281,7 +290,7 @@ class BindingWorkersBindingKindImages(BaseModel): class BindingWorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workers/beta/workers/version_create_params.py b/src/cloudflare/types/workers/beta/workers/version_create_params.py index 0bf4f7ed8bd..1adf686d88e 100644 --- a/src/cloudflare/types/workers/beta/workers/version_create_params.py +++ b/src/cloudflare/types/workers/beta/workers/version_create_params.py @@ -25,6 +25,7 @@ "BindingWorkersBindingKindDataBlob", "BindingWorkersBindingKindDispatchNamespace", "BindingWorkersBindingKindDispatchNamespaceOutbound", + "BindingWorkersBindingKindDispatchNamespaceOutboundParam", "BindingWorkersBindingKindDispatchNamespaceOutboundWorker", "BindingWorkersBindingKindDurableObjectNamespace", "BindingWorkersBindingKindHyperdrive", @@ -258,9 +259,17 @@ class BindingWorkersBindingKindDataBlob(TypedDict, total=False): """The kind of resource that the binding provides.""" +class BindingWorkersBindingKindDispatchNamespaceOutboundParam(TypedDict, total=False): + name: Required[str] + """Name of the parameter.""" + + class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict, total=False): """Outbound worker.""" + entrypoint: str + """Entrypoint to invoke on the outbound worker.""" + environment: str """Environment of the outbound worker.""" @@ -271,7 +280,7 @@ class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict, total= class BindingWorkersBindingKindDispatchNamespaceOutbound(TypedDict, total=False): """Outbound worker.""" - params: SequenceNotStr[str] + params: Iterable[BindingWorkersBindingKindDispatchNamespaceOutboundParam] """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -360,7 +369,7 @@ class BindingWorkersBindingKindImages(TypedDict, total=False): class BindingWorkersBindingKindJson(TypedDict, total=False): - json: Required[str] + json: Required[object] """JSON data to use.""" name: Required[str] diff --git a/src/cloudflare/types/workers/script_search_response.py b/src/cloudflare/types/workers/script_search_response.py index 465f360a0d3..583a623c667 100644 --- a/src/cloudflare/types/workers/script_search_response.py +++ b/src/cloudflare/types/workers/script_search_response.py @@ -10,6 +10,9 @@ class ScriptSearchResponseItem(BaseModel): + id: str + """Identifier.""" + created_on: datetime """When the script was created.""" @@ -19,9 +22,6 @@ class ScriptSearchResponseItem(BaseModel): script_name: str """Name of the script, used in URLs and route configuration.""" - script_tag: str - """Identifier.""" - environment_is_default: Optional[bool] = None """Whether the environment is the default environment.""" diff --git a/src/cloudflare/types/workers/script_update_params.py b/src/cloudflare/types/workers/script_update_params.py index 82434e03ee1..88b7317ca68 100644 --- a/src/cloudflare/types/workers/script_update_params.py +++ b/src/cloudflare/types/workers/script_update_params.py @@ -3,9 +3,10 @@ from __future__ import annotations from typing import List, Union, Iterable, Optional -from typing_extensions import Literal, Required, TypeAlias, TypedDict +from typing_extensions import Literal, Required, Annotated, TypeAlias, TypedDict from ..._types import FileTypes, SequenceNotStr +from ..._utils import PropertyInfo from .migration_step_param import MigrationStepParam from .single_step_migration_param import SingleStepMigrationParam from .scripts.consumer_script_param import ConsumerScriptParam @@ -13,6 +14,7 @@ __all__ = [ "ScriptUpdateParams", "Metadata", + "MetadataAnnotations", "MetadataAssets", "MetadataAssetsConfig", "MetadataBinding", @@ -24,6 +26,7 @@ "MetadataBindingWorkersBindingKindDataBlob", "MetadataBindingWorkersBindingKindDispatchNamespace", "MetadataBindingWorkersBindingKindDispatchNamespaceOutbound", + "MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam", "MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker", "MetadataBindingWorkersBindingKindDurableObjectNamespace", "MetadataBindingWorkersBindingKindHyperdrive", @@ -76,6 +79,13 @@ class ScriptUpdateParams(TypedDict, total=False): metadata: Required[Metadata] """JSON-encoded metadata about the uploaded parts and Worker configuration.""" + bindings_inherit: Literal["strict"] + """ + When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the Worker. Without this, + unresolvable inherit bindings are silently dropped. + """ + files: SequenceNotStr[FileTypes] """An array of modules (often JavaScript files) comprising a Worker script. @@ -88,6 +98,16 @@ class ScriptUpdateParams(TypedDict, total=False): """ +class MetadataAnnotations(TypedDict, total=False): + """Annotations for the version created by this upload.""" + + workers_message: Annotated[str, PropertyInfo(alias="workers/message")] + """Human-readable message about the version.""" + + workers_tag: Annotated[str, PropertyInfo(alias="workers/tag")] + """User-provided identifier for the version.""" + + class MetadataAssetsConfig(TypedDict, total=False): """Configuration for assets within a Worker.""" @@ -198,9 +218,17 @@ class MetadataBindingWorkersBindingKindDataBlob(TypedDict, total=False): """The kind of resource that the binding provides.""" +class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam(TypedDict, total=False): + name: Required[str] + """Name of the parameter.""" + + class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict, total=False): """Outbound worker.""" + entrypoint: str + """Entrypoint to invoke on the outbound worker.""" + environment: str """Environment of the outbound worker.""" @@ -211,7 +239,7 @@ class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict class MetadataBindingWorkersBindingKindDispatchNamespaceOutbound(TypedDict, total=False): """Outbound worker.""" - params: SequenceNotStr[str] + params: Iterable[MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam] """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -300,7 +328,7 @@ class MetadataBindingWorkersBindingKindImages(TypedDict, total=False): class MetadataBindingWorkersBindingKindJson(TypedDict, total=False): - json: Required[str] + json: Required[object] """JSON data to use.""" name: Required[str] @@ -759,6 +787,9 @@ class MetadataPlacementUnionMember7(TypedDict, total=False): class Metadata(TypedDict, total=False): """JSON-encoded metadata about the uploaded parts and Worker configuration.""" + annotations: MetadataAnnotations + """Annotations for the version created by this upload.""" + assets: MetadataAssets """Configuration for assets within a Worker.""" diff --git a/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_params.py b/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_params.py index 0f547f8a0ff..4e32a071f64 100644 --- a/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_params.py +++ b/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_params.py @@ -22,6 +22,7 @@ "SettingsBindingWorkersBindingKindDataBlob", "SettingsBindingWorkersBindingKindDispatchNamespace", "SettingsBindingWorkersBindingKindDispatchNamespaceOutbound", + "SettingsBindingWorkersBindingKindDispatchNamespaceOutboundParam", "SettingsBindingWorkersBindingKindDispatchNamespaceOutboundWorker", "SettingsBindingWorkersBindingKindDurableObjectNamespace", "SettingsBindingWorkersBindingKindHyperdrive", @@ -134,9 +135,17 @@ class SettingsBindingWorkersBindingKindDataBlob(TypedDict, total=False): """The kind of resource that the binding provides.""" +class SettingsBindingWorkersBindingKindDispatchNamespaceOutboundParam(TypedDict, total=False): + name: Required[str] + """Name of the parameter.""" + + class SettingsBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict, total=False): """Outbound worker.""" + entrypoint: str + """Entrypoint to invoke on the outbound worker.""" + environment: str """Environment of the outbound worker.""" @@ -147,7 +156,7 @@ class SettingsBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict class SettingsBindingWorkersBindingKindDispatchNamespaceOutbound(TypedDict, total=False): """Outbound worker.""" - params: SequenceNotStr[str] + params: Iterable[SettingsBindingWorkersBindingKindDispatchNamespaceOutboundParam] """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -236,7 +245,7 @@ class SettingsBindingWorkersBindingKindImages(TypedDict, total=False): class SettingsBindingWorkersBindingKindJson(TypedDict, total=False): - json: Required[str] + json: Required[object] """JSON data to use.""" name: Required[str] diff --git a/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_response.py b/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_response.py index b0ef793ee26..474b8062273 100644 --- a/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_response.py +++ b/src/cloudflare/types/workers/scripts/script_and_version_setting_edit_response.py @@ -21,6 +21,7 @@ "BindingWorkersBindingKindDataBlob", "BindingWorkersBindingKindDispatchNamespace", "BindingWorkersBindingKindDispatchNamespaceOutbound", + "BindingWorkersBindingKindDispatchNamespaceOutboundParam", "BindingWorkersBindingKindDispatchNamespaceOutboundWorker", "BindingWorkersBindingKindDurableObjectNamespace", "BindingWorkersBindingKindHyperdrive", @@ -126,9 +127,17 @@ class BindingWorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class BindingWorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -139,7 +148,7 @@ class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): class BindingWorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[BindingWorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -228,7 +237,7 @@ class BindingWorkersBindingKindImages(BaseModel): class BindingWorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workers/scripts/script_and_version_setting_get_response.py b/src/cloudflare/types/workers/scripts/script_and_version_setting_get_response.py index f869dcb6f3c..d46d7ba022e 100644 --- a/src/cloudflare/types/workers/scripts/script_and_version_setting_get_response.py +++ b/src/cloudflare/types/workers/scripts/script_and_version_setting_get_response.py @@ -21,6 +21,7 @@ "BindingWorkersBindingKindDataBlob", "BindingWorkersBindingKindDispatchNamespace", "BindingWorkersBindingKindDispatchNamespaceOutbound", + "BindingWorkersBindingKindDispatchNamespaceOutboundParam", "BindingWorkersBindingKindDispatchNamespaceOutboundWorker", "BindingWorkersBindingKindDurableObjectNamespace", "BindingWorkersBindingKindHyperdrive", @@ -126,9 +127,17 @@ class BindingWorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class BindingWorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -139,7 +148,7 @@ class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): class BindingWorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[BindingWorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -228,7 +237,7 @@ class BindingWorkersBindingKindImages(BaseModel): class BindingWorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workers/scripts/version_create_params.py b/src/cloudflare/types/workers/scripts/version_create_params.py index 32e676a20bc..2699aed3f2d 100644 --- a/src/cloudflare/types/workers/scripts/version_create_params.py +++ b/src/cloudflare/types/workers/scripts/version_create_params.py @@ -21,6 +21,7 @@ "MetadataBindingWorkersBindingKindDataBlob", "MetadataBindingWorkersBindingKindDispatchNamespace", "MetadataBindingWorkersBindingKindDispatchNamespaceOutbound", + "MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam", "MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker", "MetadataBindingWorkersBindingKindDurableObjectNamespace", "MetadataBindingWorkersBindingKindHyperdrive", @@ -55,6 +56,13 @@ class VersionCreateParams(TypedDict, total=False): metadata: Required[Metadata] """JSON-encoded metadata about the uploaded parts and Worker configuration.""" + bindings_inherit: Literal["strict"] + """ + When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the Worker. Without this, + unresolvable inherit bindings are silently dropped. + """ + files: SequenceNotStr[FileTypes] """An array of modules (often JavaScript files) comprising a Worker script. @@ -138,9 +146,17 @@ class MetadataBindingWorkersBindingKindDataBlob(TypedDict, total=False): """The kind of resource that the binding provides.""" +class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam(TypedDict, total=False): + name: Required[str] + """Name of the parameter.""" + + class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict, total=False): """Outbound worker.""" + entrypoint: str + """Entrypoint to invoke on the outbound worker.""" + environment: str """Environment of the outbound worker.""" @@ -151,7 +167,7 @@ class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict class MetadataBindingWorkersBindingKindDispatchNamespaceOutbound(TypedDict, total=False): """Outbound worker.""" - params: SequenceNotStr[str] + params: Iterable[MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam] """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -240,7 +256,7 @@ class MetadataBindingWorkersBindingKindImages(TypedDict, total=False): class MetadataBindingWorkersBindingKindJson(TypedDict, total=False): - json: Required[str] + json: Required[object] """JSON data to use.""" name: Required[str] diff --git a/src/cloudflare/types/workers/scripts/version_create_response.py b/src/cloudflare/types/workers/scripts/version_create_response.py index 69a14dd8aa7..f71f14a2e21 100644 --- a/src/cloudflare/types/workers/scripts/version_create_response.py +++ b/src/cloudflare/types/workers/scripts/version_create_response.py @@ -20,6 +20,7 @@ "ResourcesBindingWorkersBindingKindDataBlob", "ResourcesBindingWorkersBindingKindDispatchNamespace", "ResourcesBindingWorkersBindingKindDispatchNamespaceOutbound", + "ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundParam", "ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundWorker", "ResourcesBindingWorkersBindingKindDurableObjectNamespace", "ResourcesBindingWorkersBindingKindHyperdrive", @@ -112,9 +113,17 @@ class ResourcesBindingWorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -125,7 +134,7 @@ class ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseMode class ResourcesBindingWorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -214,7 +223,7 @@ class ResourcesBindingWorkersBindingKindImages(BaseModel): class ResourcesBindingWorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workers/scripts/version_get_response.py b/src/cloudflare/types/workers/scripts/version_get_response.py index f84756c8d41..29b55aa6a3d 100644 --- a/src/cloudflare/types/workers/scripts/version_get_response.py +++ b/src/cloudflare/types/workers/scripts/version_get_response.py @@ -20,6 +20,7 @@ "ResourcesBindingWorkersBindingKindDataBlob", "ResourcesBindingWorkersBindingKindDispatchNamespace", "ResourcesBindingWorkersBindingKindDispatchNamespaceOutbound", + "ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundParam", "ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundWorker", "ResourcesBindingWorkersBindingKindDurableObjectNamespace", "ResourcesBindingWorkersBindingKindHyperdrive", @@ -112,9 +113,17 @@ class ResourcesBindingWorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -125,7 +134,7 @@ class ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseMode class ResourcesBindingWorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[ResourcesBindingWorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -214,7 +223,7 @@ class ResourcesBindingWorkersBindingKindImages(BaseModel): class ResourcesBindingWorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/script_update_params.py b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/script_update_params.py index 59cd806ed41..fec52d30d9b 100644 --- a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/script_update_params.py +++ b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/script_update_params.py @@ -24,6 +24,7 @@ "MetadataBindingWorkersBindingKindDataBlob", "MetadataBindingWorkersBindingKindDispatchNamespace", "MetadataBindingWorkersBindingKindDispatchNamespaceOutbound", + "MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam", "MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker", "MetadataBindingWorkersBindingKindDurableObjectNamespace", "MetadataBindingWorkersBindingKindHyperdrive", @@ -79,6 +80,13 @@ class ScriptUpdateParams(TypedDict, total=False): metadata: Required[Metadata] """JSON-encoded metadata about the uploaded parts and Worker configuration.""" + bindings_inherit: Literal["strict"] + """ + When set to "strict", the upload will fail if any `inherit` type bindings cannot + be resolved against the previous version of the script. Without this, + unresolvable inherit bindings are silently dropped. + """ + files: SequenceNotStr[FileTypes] """An array of modules (often JavaScript files) comprising a Worker script. @@ -201,9 +209,17 @@ class MetadataBindingWorkersBindingKindDataBlob(TypedDict, total=False): """The kind of resource that the binding provides.""" +class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam(TypedDict, total=False): + name: Required[str] + """Name of the parameter.""" + + class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict, total=False): """Outbound worker.""" + entrypoint: str + """Entrypoint to invoke on the outbound worker.""" + environment: str """Environment of the outbound worker.""" @@ -214,7 +230,7 @@ class MetadataBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict class MetadataBindingWorkersBindingKindDispatchNamespaceOutbound(TypedDict, total=False): """Outbound worker.""" - params: SequenceNotStr[str] + params: Iterable[MetadataBindingWorkersBindingKindDispatchNamespaceOutboundParam] """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -303,7 +319,7 @@ class MetadataBindingWorkersBindingKindImages(TypedDict, total=False): class MetadataBindingWorkersBindingKindJson(TypedDict, total=False): - json: Required[str] + json: Required[object] """JSON data to use.""" name: Required[str] diff --git a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/binding_get_response.py b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/binding_get_response.py index f718e803a1f..3aa0ba5e4f7 100644 --- a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/binding_get_response.py +++ b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/binding_get_response.py @@ -18,6 +18,7 @@ "WorkersBindingKindDataBlob", "WorkersBindingKindDispatchNamespace", "WorkersBindingKindDispatchNamespaceOutbound", + "WorkersBindingKindDispatchNamespaceOutboundParam", "WorkersBindingKindDispatchNamespaceOutboundWorker", "WorkersBindingKindDurableObjectNamespace", "WorkersBindingKindHyperdrive", @@ -105,9 +106,17 @@ class WorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class WorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class WorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -118,7 +127,7 @@ class WorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): class WorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[WorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -207,7 +216,7 @@ class WorkersBindingKindImages(BaseModel): class WorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_params.py b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_params.py index 09373ffb1c6..54136c13b2a 100644 --- a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_params.py +++ b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_params.py @@ -22,6 +22,7 @@ "SettingsBindingWorkersBindingKindDataBlob", "SettingsBindingWorkersBindingKindDispatchNamespace", "SettingsBindingWorkersBindingKindDispatchNamespaceOutbound", + "SettingsBindingWorkersBindingKindDispatchNamespaceOutboundParam", "SettingsBindingWorkersBindingKindDispatchNamespaceOutboundWorker", "SettingsBindingWorkersBindingKindDurableObjectNamespace", "SettingsBindingWorkersBindingKindHyperdrive", @@ -137,9 +138,17 @@ class SettingsBindingWorkersBindingKindDataBlob(TypedDict, total=False): """The kind of resource that the binding provides.""" +class SettingsBindingWorkersBindingKindDispatchNamespaceOutboundParam(TypedDict, total=False): + name: Required[str] + """Name of the parameter.""" + + class SettingsBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict, total=False): """Outbound worker.""" + entrypoint: str + """Entrypoint to invoke on the outbound worker.""" + environment: str """Environment of the outbound worker.""" @@ -150,7 +159,7 @@ class SettingsBindingWorkersBindingKindDispatchNamespaceOutboundWorker(TypedDict class SettingsBindingWorkersBindingKindDispatchNamespaceOutbound(TypedDict, total=False): """Outbound worker.""" - params: SequenceNotStr[str] + params: Iterable[SettingsBindingWorkersBindingKindDispatchNamespaceOutboundParam] """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -239,7 +248,7 @@ class SettingsBindingWorkersBindingKindImages(TypedDict, total=False): class SettingsBindingWorkersBindingKindJson(TypedDict, total=False): - json: Required[str] + json: Required[object] """JSON data to use.""" name: Required[str] diff --git a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_response.py b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_response.py index 27fe9432dbe..0b34a93f024 100644 --- a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_response.py +++ b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_edit_response.py @@ -21,6 +21,7 @@ "BindingWorkersBindingKindDataBlob", "BindingWorkersBindingKindDispatchNamespace", "BindingWorkersBindingKindDispatchNamespaceOutbound", + "BindingWorkersBindingKindDispatchNamespaceOutboundParam", "BindingWorkersBindingKindDispatchNamespaceOutboundWorker", "BindingWorkersBindingKindDurableObjectNamespace", "BindingWorkersBindingKindHyperdrive", @@ -126,9 +127,17 @@ class BindingWorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class BindingWorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -139,7 +148,7 @@ class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): class BindingWorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[BindingWorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -228,7 +237,7 @@ class BindingWorkersBindingKindImages(BaseModel): class BindingWorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_get_response.py b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_get_response.py index 9a2aefb205a..25727f31b5d 100644 --- a/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_get_response.py +++ b/src/cloudflare/types/workers_for_platforms/dispatch/namespaces/scripts/setting_get_response.py @@ -21,6 +21,7 @@ "BindingWorkersBindingKindDataBlob", "BindingWorkersBindingKindDispatchNamespace", "BindingWorkersBindingKindDispatchNamespaceOutbound", + "BindingWorkersBindingKindDispatchNamespaceOutboundParam", "BindingWorkersBindingKindDispatchNamespaceOutboundWorker", "BindingWorkersBindingKindDurableObjectNamespace", "BindingWorkersBindingKindHyperdrive", @@ -126,9 +127,17 @@ class BindingWorkersBindingKindDataBlob(BaseModel): """The kind of resource that the binding provides.""" +class BindingWorkersBindingKindDispatchNamespaceOutboundParam(BaseModel): + name: str + """Name of the parameter.""" + + class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): """Outbound worker.""" + entrypoint: Optional[str] = None + """Entrypoint to invoke on the outbound worker.""" + environment: Optional[str] = None """Environment of the outbound worker.""" @@ -139,7 +148,7 @@ class BindingWorkersBindingKindDispatchNamespaceOutboundWorker(BaseModel): class BindingWorkersBindingKindDispatchNamespaceOutbound(BaseModel): """Outbound worker.""" - params: Optional[List[str]] = None + params: Optional[List[BindingWorkersBindingKindDispatchNamespaceOutboundParam]] = None """ Pass information from the Dispatch Worker to the Outbound Worker through the parameters. @@ -228,7 +237,7 @@ class BindingWorkersBindingKindImages(BaseModel): class BindingWorkersBindingKindJson(BaseModel): - json_: str = FieldInfo(alias="json") + json_: object = FieldInfo(alias="json") """JSON data to use.""" name: str diff --git a/src/cloudflare/types/workflows/version_get_response.py b/src/cloudflare/types/workflows/version_get_response.py index e0c679c5704..51c1879072f 100644 --- a/src/cloudflare/types/workflows/version_get_response.py +++ b/src/cloudflare/types/workflows/version_get_response.py @@ -14,6 +14,8 @@ class VersionGetResponse(BaseModel): created_on: datetime + has_dag: bool + modified_on: datetime workflow_id: str diff --git a/src/cloudflare/types/workflows/version_list_response.py b/src/cloudflare/types/workflows/version_list_response.py index 573299922a3..03a9a24feef 100644 --- a/src/cloudflare/types/workflows/version_list_response.py +++ b/src/cloudflare/types/workflows/version_list_response.py @@ -14,6 +14,8 @@ class VersionListResponse(BaseModel): created_on: datetime + has_dag: bool + modified_on: datetime workflow_id: str diff --git a/src/cloudflare/types/zero_trust/access/__init__.py b/src/cloudflare/types/zero_trust/access/__init__.py index beac853e2ff..2f5c7f04df1 100644 --- a/src/cloudflare/types/zero_trust/access/__init__.py +++ b/src/cloudflare/types/zero_trust/access/__init__.py @@ -27,10 +27,13 @@ from .key_update_params import KeyUpdateParams as KeyUpdateParams from .tag_create_params import TagCreateParams as TagCreateParams from .tag_update_params import TagUpdateParams as TagUpdateParams +from .user_get_response import UserGetResponse as UserGetResponse from .cors_headers_param import CORSHeadersParam as CORSHeadersParam from .group_get_response import GroupGetResponse as GroupGetResponse from .policy_list_params import PolicyListParams as PolicyListParams +from .user_create_params import UserCreateParams as UserCreateParams from .user_list_response import UserListResponse as UserListResponse +from .user_update_params import UserUpdateParams as UserUpdateParams from .group_create_params import GroupCreateParams as GroupCreateParams from .group_list_response import GroupListResponse as GroupListResponse from .group_update_params import GroupUpdateParams as GroupUpdateParams @@ -47,6 +50,8 @@ from .policy_create_params import PolicyCreateParams as PolicyCreateParams from .policy_list_response import PolicyListResponse as PolicyListResponse from .policy_update_params import PolicyUpdateParams as PolicyUpdateParams +from .user_create_response import UserCreateResponse as UserCreateResponse +from .user_update_response import UserUpdateResponse as UserUpdateResponse from .group_create_response import GroupCreateResponse as GroupCreateResponse from .group_delete_response import GroupDeleteResponse as GroupDeleteResponse from .group_update_response import GroupUpdateResponse as GroupUpdateResponse diff --git a/src/cloudflare/types/zero_trust/access/application_create_params.py b/src/cloudflare/types/zero_trust/access/application_create_params.py index 499a81de9f2..c1c5b442226 100644 --- a/src/cloudflare/types/zero_trust/access/application_create_params.py +++ b/src/cloudflare/types/zero_trust/access/application_create_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Dict, Union, Iterable +from typing import Dict, List, Union, Iterable from typing_extensions import Literal, Required, TypeAlias, TypedDict from .decision import Decision @@ -27,9 +27,16 @@ "SelfHostedApplicationDestinationPublicDestination", "SelfHostedApplicationDestinationPrivateDestination", "SelfHostedApplicationDestinationViaMcpServerPortalDestination", + "SelfHostedApplicationMfaConfig", + "SelfHostedApplicationOAuthConfiguration", + "SelfHostedApplicationOAuthConfigurationDynamicClientRegistration", + "SelfHostedApplicationOAuthConfigurationGrant", "SelfHostedApplicationPolicy", "SelfHostedApplicationPolicyAccessAppPolicyLink", "SelfHostedApplicationPolicyUnionMember2", + "SelfHostedApplicationPolicyUnionMember2ConnectionRules", + "SelfHostedApplicationPolicyUnionMember2ConnectionRulesRDP", + "SelfHostedApplicationPolicyUnionMember2MfaConfig", "SelfHostedApplicationSCIMConfig", "SelfHostedApplicationSCIMConfigAuthentication", "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -39,6 +46,9 @@ "SaaSApplicationPolicy", "SaaSApplicationPolicyAccessAppPolicyLink", "SaaSApplicationPolicyUnionMember2", + "SaaSApplicationPolicyUnionMember2ConnectionRules", + "SaaSApplicationPolicyUnionMember2ConnectionRulesRDP", + "SaaSApplicationPolicyUnionMember2MfaConfig", "SaaSApplicationSaaSApp", "SaaSApplicationSCIMConfig", "SaaSApplicationSCIMConfigAuthentication", @@ -50,9 +60,16 @@ "BrowserSSHApplicationDestinationPublicDestination", "BrowserSSHApplicationDestinationPrivateDestination", "BrowserSSHApplicationDestinationViaMcpServerPortalDestination", + "BrowserSSHApplicationMfaConfig", + "BrowserSSHApplicationOAuthConfiguration", + "BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserSSHApplicationOAuthConfigurationGrant", "BrowserSSHApplicationPolicy", "BrowserSSHApplicationPolicyAccessAppPolicyLink", "BrowserSSHApplicationPolicyUnionMember2", + "BrowserSSHApplicationPolicyUnionMember2ConnectionRules", + "BrowserSSHApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserSSHApplicationPolicyUnionMember2MfaConfig", "BrowserSSHApplicationSCIMConfig", "BrowserSSHApplicationSCIMConfigAuthentication", "BrowserSSHApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -63,9 +80,16 @@ "BrowserVNCApplicationDestinationPublicDestination", "BrowserVNCApplicationDestinationPrivateDestination", "BrowserVNCApplicationDestinationViaMcpServerPortalDestination", + "BrowserVNCApplicationMfaConfig", + "BrowserVNCApplicationOAuthConfiguration", + "BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserVNCApplicationOAuthConfigurationGrant", "BrowserVNCApplicationPolicy", "BrowserVNCApplicationPolicyAccessAppPolicyLink", "BrowserVNCApplicationPolicyUnionMember2", + "BrowserVNCApplicationPolicyUnionMember2ConnectionRules", + "BrowserVNCApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserVNCApplicationPolicyUnionMember2MfaConfig", "BrowserVNCApplicationSCIMConfig", "BrowserVNCApplicationSCIMConfigAuthentication", "BrowserVNCApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -77,41 +101,101 @@ "AppLauncherApplicationPolicy", "AppLauncherApplicationPolicyAccessAppPolicyLink", "AppLauncherApplicationPolicyUnionMember2", + "AppLauncherApplicationPolicyUnionMember2ConnectionRules", + "AppLauncherApplicationPolicyUnionMember2ConnectionRulesRDP", + "AppLauncherApplicationPolicyUnionMember2MfaConfig", "DeviceEnrollmentPermissionsApplication", "DeviceEnrollmentPermissionsApplicationPolicy", "DeviceEnrollmentPermissionsApplicationPolicyAccessAppPolicyLink", "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2", + "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRules", + "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP", + "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2MfaConfig", "BrowserIsolationPermissionsApplication", "BrowserIsolationPermissionsApplicationPolicy", "BrowserIsolationPermissionsApplicationPolicyAccessAppPolicyLink", "BrowserIsolationPermissionsApplicationPolicyUnionMember2", + "BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRules", + "BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserIsolationPermissionsApplicationPolicyUnionMember2MfaConfig", "GatewayIdentityProxyEndpointApplication", "GatewayIdentityProxyEndpointApplicationPolicy", "GatewayIdentityProxyEndpointApplicationPolicyAccessAppPolicyLink", "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2", + "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRules", + "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRulesRDP", + "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2MfaConfig", "BookmarkApplication", "BookmarkApplicationPolicy", "BookmarkApplicationPolicyAccessAppPolicyLink", "BookmarkApplicationPolicyUnionMember2", + "BookmarkApplicationPolicyUnionMember2ConnectionRules", + "BookmarkApplicationPolicyUnionMember2ConnectionRulesRDP", + "BookmarkApplicationPolicyUnionMember2MfaConfig", "InfrastructureApplication", "InfrastructureApplicationTargetCriterion", "InfrastructureApplicationPolicy", "InfrastructureApplicationPolicyConnectionRules", "InfrastructureApplicationPolicyConnectionRulesSSH", - "BrowserRdpApplication", - "BrowserRdpApplicationTargetCriterion", - "BrowserRdpApplicationDestination", - "BrowserRdpApplicationDestinationPublicDestination", - "BrowserRdpApplicationDestinationPrivateDestination", - "BrowserRdpApplicationDestinationViaMcpServerPortalDestination", - "BrowserRdpApplicationPolicy", - "BrowserRdpApplicationPolicyAccessAppPolicyLink", - "BrowserRdpApplicationPolicyUnionMember2", - "BrowserRdpApplicationSCIMConfig", - "BrowserRdpApplicationSCIMConfigAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplication", + "BrowserRDPApplicationTargetCriterion", + "BrowserRDPApplicationDestination", + "BrowserRDPApplicationDestinationPublicDestination", + "BrowserRDPApplicationDestinationPrivateDestination", + "BrowserRDPApplicationDestinationViaMcpServerPortalDestination", + "BrowserRDPApplicationMfaConfig", + "BrowserRDPApplicationOAuthConfiguration", + "BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserRDPApplicationOAuthConfigurationGrant", + "BrowserRDPApplicationPolicy", + "BrowserRDPApplicationPolicyAccessAppPolicyLink", + "BrowserRDPApplicationPolicyUnionMember2", + "BrowserRDPApplicationPolicyUnionMember2ConnectionRules", + "BrowserRDPApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserRDPApplicationPolicyUnionMember2MfaConfig", + "BrowserRDPApplicationSCIMConfig", + "BrowserRDPApplicationSCIMConfigAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplication", + "McpServerApplicationDestination", + "McpServerApplicationDestinationPublicDestination", + "McpServerApplicationDestinationPrivateDestination", + "McpServerApplicationDestinationViaMcpServerPortalDestination", + "McpServerApplicationOAuthConfiguration", + "McpServerApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerApplicationOAuthConfigurationGrant", + "McpServerApplicationPolicy", + "McpServerApplicationPolicyAccessAppPolicyLink", + "McpServerApplicationPolicyUnionMember2", + "McpServerApplicationPolicyUnionMember2ConnectionRules", + "McpServerApplicationPolicyUnionMember2ConnectionRulesRDP", + "McpServerApplicationPolicyUnionMember2MfaConfig", + "McpServerApplicationSCIMConfig", + "McpServerApplicationSCIMConfigAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplication", + "McpServerPortalApplicationDestination", + "McpServerPortalApplicationDestinationPublicDestination", + "McpServerPortalApplicationDestinationPrivateDestination", + "McpServerPortalApplicationDestinationViaMcpServerPortalDestination", + "McpServerPortalApplicationOAuthConfiguration", + "McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerPortalApplicationOAuthConfigurationGrant", + "McpServerPortalApplicationPolicy", + "McpServerPortalApplicationPolicyAccessAppPolicyLink", + "McpServerPortalApplicationPolicyUnionMember2", + "McpServerPortalApplicationPolicyUnionMember2ConnectionRules", + "McpServerPortalApplicationPolicyUnionMember2ConnectionRulesRDP", + "McpServerPortalApplicationPolicyUnionMember2MfaConfig", + "McpServerPortalApplicationSCIMConfig", + "McpServerPortalApplicationSCIMConfigAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", ] @@ -205,9 +289,21 @@ class SelfHostedApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: SelfHostedApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: SelfHostedApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -346,6 +442,82 @@ class SelfHostedApplicationDestinationViaMcpServerPortalDestination(TypedDict, t ] +class SelfHostedApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class SelfHostedApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class SelfHostedApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class SelfHostedApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: SelfHostedApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: SelfHostedApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + class SelfHostedApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" @@ -359,6 +531,49 @@ class SelfHostedApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class SelfHostedApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SelfHostedApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: SelfHostedApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SelfHostedApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SelfHostedApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -372,6 +587,12 @@ class SelfHostedApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: SelfHostedApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -379,6 +600,9 @@ class SelfHostedApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: SelfHostedApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -575,6 +799,49 @@ class SaaSApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class SaaSApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SaaSApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: SaaSApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SaaSApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SaaSApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -588,6 +855,12 @@ class SaaSApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: SaaSApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -595,6 +868,9 @@ class SaaSApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: SaaSApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -827,9 +1103,21 @@ class BrowserSSHApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: BrowserSSHApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: BrowserSSHApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -968,6 +1256,82 @@ class BrowserSSHApplicationDestinationViaMcpServerPortalDestination(TypedDict, t ] +class BrowserSSHApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class BrowserSSHApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserSSHApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: BrowserSSHApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + class BrowserSSHApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" @@ -981,6 +1345,49 @@ class BrowserSSHApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class BrowserSSHApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserSSHApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserSSHApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserSSHApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserSSHApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -994,6 +1401,12 @@ class BrowserSSHApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BrowserSSHApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1001,6 +1414,9 @@ class BrowserSSHApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BrowserSSHApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1233,9 +1649,21 @@ class BrowserVNCApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: BrowserVNCApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: BrowserVNCApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -1374,6 +1802,82 @@ class BrowserVNCApplicationDestinationViaMcpServerPortalDestination(TypedDict, t ] +class BrowserVNCApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class BrowserVNCApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserVNCApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: BrowserVNCApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + class BrowserVNCApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" @@ -1387,6 +1891,49 @@ class BrowserVNCApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class BrowserVNCApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserVNCApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserVNCApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserVNCApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserVNCApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -1400,6 +1947,12 @@ class BrowserVNCApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BrowserVNCApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1407,6 +1960,9 @@ class BrowserVNCApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BrowserVNCApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1661,26 +2217,78 @@ class AppLauncherApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ -class AppLauncherApplicationPolicyUnionMember2(TypedDict, total=False): - id: str - """The UUID of the policy""" +class AppLauncherApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" - approval_groups: Iterable[ApprovalGroupParam] - """Administrators who can approve a temporary authentication request.""" + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ - approval_required: bool + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] """ - Requires the user to request access from an administrator at the start of each - session. + Clipboard formats allowed when copying from remote RDP session to local machine. """ - isolation_required: bool + +class AppLauncherApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: AppLauncherApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class AppLauncherApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class AppLauncherApplicationPolicyUnionMember2(TypedDict, total=False): + id: str + """The UUID of the policy""" + + approval_groups: Iterable[ApprovalGroupParam] + """Administrators who can approve a temporary authentication request.""" + + approval_required: bool + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: AppLauncherApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + + isolation_required: bool """ Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature. """ + mfa_config: AppLauncherApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1773,6 +2381,49 @@ class DeviceEnrollmentPermissionsApplicationPolicyAccessAppPolicyLink(TypedDict, """ +class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -1786,6 +2437,12 @@ class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2(TypedDict, total= session. """ + connection_rules: DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1793,6 +2450,9 @@ class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2(TypedDict, total= this feature. """ + mfa_config: DeviceEnrollmentPermissionsApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1887,6 +2547,49 @@ class BrowserIsolationPermissionsApplicationPolicyAccessAppPolicyLink(TypedDict, """ +class BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserIsolationPermissionsApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserIsolationPermissionsApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -1900,6 +2603,12 @@ class BrowserIsolationPermissionsApplicationPolicyUnionMember2(TypedDict, total= session. """ + connection_rules: BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1907,6 +2616,9 @@ class BrowserIsolationPermissionsApplicationPolicyUnionMember2(TypedDict, total= this feature. """ + mfa_config: BrowserIsolationPermissionsApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2010,6 +2722,49 @@ class GatewayIdentityProxyEndpointApplicationPolicyAccessAppPolicyLink(TypedDict """ +class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -2023,6 +2778,12 @@ class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2(TypedDict, total session. """ + connection_rules: GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -2030,6 +2791,9 @@ class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2(TypedDict, total this feature. """ + mfa_config: GatewayIdentityProxyEndpointApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2106,6 +2870,49 @@ class BookmarkApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class BookmarkApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BookmarkApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BookmarkApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BookmarkApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BookmarkApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -2119,6 +2926,12 @@ class BookmarkApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BookmarkApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -2126,6 +2939,9 @@ class BookmarkApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BookmarkApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2243,14 +3059,14 @@ class InfrastructureApplicationPolicy(TypedDict, total=False): """ -class BrowserRdpApplication(TypedDict, total=False): +class BrowserRDPApplication(TypedDict, total=False): domain: Required[str] """The primary hostname and path secured by Access. This domain will be displayed if the app is visible in the App Launcher. """ - target_criteria: Required[Iterable[BrowserRdpApplicationTargetCriterion]] + target_criteria: Required[Iterable[BrowserRDPApplicationTargetCriterion]] type: Required[ApplicationType] """The application type.""" @@ -2312,7 +3128,7 @@ class BrowserRdpApplication(TypedDict, total=False): custom_pages: SequenceNotStr[str] """The custom pages that will be displayed when applicable for this application""" - destinations: Iterable[BrowserRdpApplicationDestination] + destinations: Iterable[BrowserRDPApplicationDestination] """List of destinations secured by Access. This supersedes `self_hosted_domains` to allow for more flexibility in defining @@ -2335,9 +3151,21 @@ class BrowserRdpApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: BrowserRDPApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: BrowserRDPApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -2350,7 +3178,7 @@ class BrowserRdpApplication(TypedDict, total=False): If disabled, the JWT will scope to the hostname by default """ - policies: SequenceNotStr[BrowserRdpApplicationPolicy] + policies: SequenceNotStr[BrowserRDPApplicationPolicy] """ The policies that Access applies to the application, in ascending order of precedence. Items can reference existing policies or create new policies @@ -2374,7 +3202,7 @@ class BrowserRdpApplication(TypedDict, total=False): attacks. """ - scim_config: BrowserRdpApplicationSCIMConfig + scim_config: BrowserRDPApplicationSCIMConfig """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2416,7 +3244,7 @@ class BrowserRdpApplication(TypedDict, total=False): """ -class BrowserRdpApplicationTargetCriterion(TypedDict, total=False): +class BrowserRDPApplicationTargetCriterion(TypedDict, total=False): port: Required[int] """The port that the targets use for the chosen communication protocol. @@ -2430,7 +3258,7 @@ class BrowserRdpApplicationTargetCriterion(TypedDict, total=False): """Contains a map of target attribute keys to target attribute values.""" -class BrowserRdpApplicationDestinationPublicDestination(TypedDict, total=False): +class BrowserRDPApplicationDestinationPublicDestination(TypedDict, total=False): """A public hostname that Access will secure. Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. @@ -2446,7 +3274,7 @@ class BrowserRdpApplicationDestinationPublicDestination(TypedDict, total=False): """ -class BrowserRdpApplicationDestinationPrivateDestination(TypedDict, total=False): +class BrowserRDPApplicationDestinationPrivateDestination(TypedDict, total=False): cidr: str """The CIDR range of the destination. Single IPs will be computed as /32.""" @@ -2471,7 +3299,7 @@ class BrowserRdpApplicationDestinationPrivateDestination(TypedDict, total=False) """The VNET ID to match the destination. When omitted, all VNETs will match.""" -class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): +class BrowserRDPApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): """A MCP server id configured in ai-controls. Access will secure the MCP server if accessed through a MCP portal. @@ -2483,14 +3311,90 @@ class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(TypedDict, t type: Literal["via_mcp_server_portal"] -BrowserRdpApplicationDestination: TypeAlias = Union[ - BrowserRdpApplicationDestinationPublicDestination, - BrowserRdpApplicationDestinationPrivateDestination, - BrowserRdpApplicationDestinationViaMcpServerPortalDestination, +BrowserRDPApplicationDestination: TypeAlias = Union[ + BrowserRDPApplicationDestinationPublicDestination, + BrowserRDPApplicationDestinationPrivateDestination, + BrowserRDPApplicationDestinationViaMcpServerPortalDestination, ] -class BrowserRdpApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): +class BrowserRDPApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class BrowserRDPApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserRDPApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: BrowserRDPApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + +class BrowserRDPApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" id: str @@ -2503,7 +3407,50 @@ class BrowserRdpApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ -class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): +class BrowserRDPApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserRDPApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserRDPApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserRDPApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -2516,6 +3463,12 @@ class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BrowserRDPApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -2523,6 +3476,909 @@ class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BrowserRDPApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: str + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: bool + """Require users to enter a justification when they log in to the application.""" + + session_duration: str + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + +BrowserRDPApplicationPolicy: TypeAlias = Union[ + BrowserRDPApplicationPolicyAccessAppPolicyLink, str, BrowserRDPApplicationPolicyUnionMember2 +] + + +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +BrowserRDPApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + Iterable[BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class BrowserRDPApplicationSCIMConfig(TypedDict, total=False): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: Required[str] + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: Required[str] + """The base URI for the application's SCIM-compatible API.""" + + authentication: BrowserRDPApplicationSCIMConfigAuthentication + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: bool + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: bool + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Iterable[SCIMConfigMappingParam] + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerApplication(TypedDict, total=False): + type: Required[ApplicationType] + """The application type.""" + + account_id: str + """The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.""" + + zone_id: str + """The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.""" + + allow_authenticate_via_warp: bool + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: SequenceNotStr[AllowedIdPs] + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + auto_redirect_to_identity: bool + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: str + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: SequenceNotStr[str] + """The custom pages that will be displayed when applicable for this application""" + + destinations: Iterable[McpServerApplicationDestination] + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + http_only_cookie_attribute: bool + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: str + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: str + """The name of the application.""" + + oauth_configuration: McpServerApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: bool + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: SequenceNotStr[McpServerApplicationPolicy] + """ + The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + """ + + same_site_cookie_attribute: str + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: McpServerApplicationSCIMConfig + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: str + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: SequenceNotStr[str] + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerApplicationDestinationPublicDestination(TypedDict, total=False): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Literal["public"] + + uri: str + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerApplicationDestinationPrivateDestination(TypedDict, total=False): + cidr: str + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: str + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Literal["tcp", "udp"] + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: str + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Literal["private"] + + vnet_id: str + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: str + """The MCP server id configured in ai-controls.""" + + type: Literal["via_mcp_server_portal"] + + +McpServerApplicationDestination: TypeAlias = Union[ + McpServerApplicationDestinationPublicDestination, + McpServerApplicationDestinationPrivateDestination, + McpServerApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class McpServerApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: McpServerApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: McpServerApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + +class McpServerApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): + """A JSON that links a reusable policy to an application.""" + + id: str + """The UUID of the policy""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + +class McpServerApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: McpServerApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerApplicationPolicyUnionMember2(TypedDict, total=False): + id: str + """The UUID of the policy""" + + approval_groups: Iterable[ApprovalGroupParam] + """Administrators who can approve a temporary authentication request.""" + + approval_required: bool + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: McpServerApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + + isolation_required: bool + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: McpServerApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: str + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: bool + """Require users to enter a justification when they log in to the application.""" + + session_duration: str + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + +McpServerApplicationPolicy: TypeAlias = Union[ + McpServerApplicationPolicyAccessAppPolicyLink, str, McpServerApplicationPolicyUnionMember2 +] + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + Iterable[McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerApplicationSCIMConfig(TypedDict, total=False): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: Required[str] + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: Required[str] + """The base URI for the application's SCIM-compatible API.""" + + authentication: McpServerApplicationSCIMConfigAuthentication + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: bool + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: bool + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Iterable[SCIMConfigMappingParam] + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerPortalApplication(TypedDict, total=False): + type: Required[ApplicationType] + """The application type.""" + + account_id: str + """The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.""" + + zone_id: str + """The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.""" + + allow_authenticate_via_warp: bool + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: SequenceNotStr[AllowedIdPs] + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + auto_redirect_to_identity: bool + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: str + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: SequenceNotStr[str] + """The custom pages that will be displayed when applicable for this application""" + + destinations: Iterable[McpServerPortalApplicationDestination] + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + domain: str + """The primary hostname and path secured by Access. + + This domain will be displayed if the app is visible in the App Launcher. + """ + + http_only_cookie_attribute: bool + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: str + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: str + """The name of the application.""" + + oauth_configuration: McpServerPortalApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: bool + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: SequenceNotStr[McpServerPortalApplicationPolicy] + """ + The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + """ + + same_site_cookie_attribute: str + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: McpServerPortalApplicationSCIMConfig + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: str + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: SequenceNotStr[str] + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerPortalApplicationDestinationPublicDestination(TypedDict, total=False): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Literal["public"] + + uri: str + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerPortalApplicationDestinationPrivateDestination(TypedDict, total=False): + cidr: str + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: str + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Literal["tcp", "udp"] + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: str + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Literal["private"] + + vnet_id: str + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerPortalApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: str + """The MCP server id configured in ai-controls.""" + + type: Literal["via_mcp_server_portal"] + + +McpServerPortalApplicationDestination: TypeAlias = Union[ + McpServerPortalApplicationDestinationPublicDestination, + McpServerPortalApplicationDestinationPrivateDestination, + McpServerPortalApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class McpServerPortalApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerPortalApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: McpServerPortalApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + +class McpServerPortalApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): + """A JSON that links a reusable policy to an application.""" + + id: str + """The UUID of the policy""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + +class McpServerPortalApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerPortalApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: McpServerPortalApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerPortalApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerPortalApplicationPolicyUnionMember2(TypedDict, total=False): + id: str + """The UUID of the policy""" + + approval_groups: Iterable[ApprovalGroupParam] + """Administrators who can approve a temporary authentication request.""" + + approval_required: bool + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: McpServerPortalApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + + isolation_required: bool + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: McpServerPortalApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2543,12 +4399,12 @@ class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): """ -BrowserRdpApplicationPolicy: TypeAlias = Union[ - BrowserRdpApplicationPolicyAccessAppPolicyLink, str, BrowserRdpApplicationPolicyUnionMember2 +McpServerPortalApplicationPolicy: TypeAlias = Union[ + McpServerPortalApplicationPolicyAccessAppPolicyLink, str, McpServerPortalApplicationPolicyUnionMember2 ] -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( TypedDict, total=False ): """ @@ -2571,7 +4427,7 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticatio """The authentication scheme to use when making SCIM requests to this application.""" -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( TypedDict, total=False ): """ @@ -2594,23 +4450,23 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenti """The authentication scheme to use when making SCIM requests to this application.""" -BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ +McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasicParam, SCIMConfigAuthenticationOAuthBearerTokenParam, SCIMConfigAuthenticationOauth2Param, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, ] -BrowserRdpApplicationSCIMConfigAuthentication: TypeAlias = Union[ +McpServerPortalApplicationSCIMConfigAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasicParam, SCIMConfigAuthenticationOAuthBearerTokenParam, SCIMConfigAuthenticationOauth2Param, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, - Iterable[BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + Iterable[McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], ] -class BrowserRdpApplicationSCIMConfig(TypedDict, total=False): +class McpServerPortalApplicationSCIMConfig(TypedDict, total=False): """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2625,7 +4481,7 @@ class BrowserRdpApplicationSCIMConfig(TypedDict, total=False): remote_uri: Required[str] """The base URI for the application's SCIM-compatible API.""" - authentication: BrowserRdpApplicationSCIMConfigAuthentication + authentication: McpServerPortalApplicationSCIMConfigAuthentication """ Attributes for configuring HTTP Basic authentication scheme for SCIM provisioning to an application. @@ -2659,5 +4515,7 @@ class BrowserRdpApplicationSCIMConfig(TypedDict, total=False): GatewayIdentityProxyEndpointApplication, BookmarkApplication, InfrastructureApplication, - BrowserRdpApplication, + BrowserRDPApplication, + McpServerApplication, + McpServerPortalApplication, ] diff --git a/src/cloudflare/types/zero_trust/access/application_create_response.py b/src/cloudflare/types/zero_trust/access/application_create_response.py index 6b51726834d..55500554b08 100644 --- a/src/cloudflare/types/zero_trust/access/application_create_response.py +++ b/src/cloudflare/types/zero_trust/access/application_create_response.py @@ -26,7 +26,14 @@ "SelfHostedApplicationDestinationPublicDestination", "SelfHostedApplicationDestinationPrivateDestination", "SelfHostedApplicationDestinationViaMcpServerPortalDestination", + "SelfHostedApplicationMfaConfig", + "SelfHostedApplicationOAuthConfiguration", + "SelfHostedApplicationOAuthConfigurationDynamicClientRegistration", + "SelfHostedApplicationOAuthConfigurationGrant", "SelfHostedApplicationPolicy", + "SelfHostedApplicationPolicyConnectionRules", + "SelfHostedApplicationPolicyConnectionRulesRDP", + "SelfHostedApplicationPolicyMfaConfig", "SelfHostedApplicationSCIMConfig", "SelfHostedApplicationSCIMConfigAuthentication", "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -34,6 +41,9 @@ "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", "SaaSApplication", "SaaSApplicationPolicy", + "SaaSApplicationPolicyConnectionRules", + "SaaSApplicationPolicyConnectionRulesRDP", + "SaaSApplicationPolicyMfaConfig", "SaaSApplicationSaaSApp", "SaaSApplicationSCIMConfig", "SaaSApplicationSCIMConfigAuthentication", @@ -45,7 +55,14 @@ "BrowserSSHApplicationDestinationPublicDestination", "BrowserSSHApplicationDestinationPrivateDestination", "BrowserSSHApplicationDestinationViaMcpServerPortalDestination", + "BrowserSSHApplicationMfaConfig", + "BrowserSSHApplicationOAuthConfiguration", + "BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserSSHApplicationOAuthConfigurationGrant", "BrowserSSHApplicationPolicy", + "BrowserSSHApplicationPolicyConnectionRules", + "BrowserSSHApplicationPolicyConnectionRulesRDP", + "BrowserSSHApplicationPolicyMfaConfig", "BrowserSSHApplicationSCIMConfig", "BrowserSSHApplicationSCIMConfigAuthentication", "BrowserSSHApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -56,7 +73,14 @@ "BrowserVNCApplicationDestinationPublicDestination", "BrowserVNCApplicationDestinationPrivateDestination", "BrowserVNCApplicationDestinationViaMcpServerPortalDestination", + "BrowserVNCApplicationMfaConfig", + "BrowserVNCApplicationOAuthConfiguration", + "BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserVNCApplicationOAuthConfigurationGrant", "BrowserVNCApplicationPolicy", + "BrowserVNCApplicationPolicyConnectionRules", + "BrowserVNCApplicationPolicyConnectionRulesRDP", + "BrowserVNCApplicationPolicyMfaConfig", "BrowserVNCApplicationSCIMConfig", "BrowserVNCApplicationSCIMConfigAuthentication", "BrowserVNCApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -66,31 +90,87 @@ "AppLauncherApplicationFooterLink", "AppLauncherApplicationLandingPageDesign", "AppLauncherApplicationPolicy", + "AppLauncherApplicationPolicyConnectionRules", + "AppLauncherApplicationPolicyConnectionRulesRDP", + "AppLauncherApplicationPolicyMfaConfig", "DeviceEnrollmentPermissionsApplication", "DeviceEnrollmentPermissionsApplicationPolicy", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRules", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP", + "DeviceEnrollmentPermissionsApplicationPolicyMfaConfig", "BrowserIsolationPermissionsApplication", "BrowserIsolationPermissionsApplicationPolicy", + "BrowserIsolationPermissionsApplicationPolicyConnectionRules", + "BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP", + "BrowserIsolationPermissionsApplicationPolicyMfaConfig", "GatewayIdentityProxyEndpointApplication", "GatewayIdentityProxyEndpointApplicationPolicy", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRules", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP", + "GatewayIdentityProxyEndpointApplicationPolicyMfaConfig", "BookmarkApplication", "BookmarkApplicationPolicy", + "BookmarkApplicationPolicyConnectionRules", + "BookmarkApplicationPolicyConnectionRulesRDP", + "BookmarkApplicationPolicyMfaConfig", "InfrastructureApplication", "InfrastructureApplicationTargetCriterion", "InfrastructureApplicationPolicy", "InfrastructureApplicationPolicyConnectionRules", "InfrastructureApplicationPolicyConnectionRulesSSH", - "BrowserRdpApplication", - "BrowserRdpApplicationTargetCriterion", - "BrowserRdpApplicationDestination", - "BrowserRdpApplicationDestinationPublicDestination", - "BrowserRdpApplicationDestinationPrivateDestination", - "BrowserRdpApplicationDestinationViaMcpServerPortalDestination", - "BrowserRdpApplicationPolicy", - "BrowserRdpApplicationSCIMConfig", - "BrowserRdpApplicationSCIMConfigAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplication", + "BrowserRDPApplicationTargetCriterion", + "BrowserRDPApplicationDestination", + "BrowserRDPApplicationDestinationPublicDestination", + "BrowserRDPApplicationDestinationPrivateDestination", + "BrowserRDPApplicationDestinationViaMcpServerPortalDestination", + "BrowserRDPApplicationMfaConfig", + "BrowserRDPApplicationOAuthConfiguration", + "BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserRDPApplicationOAuthConfigurationGrant", + "BrowserRDPApplicationPolicy", + "BrowserRDPApplicationPolicyConnectionRules", + "BrowserRDPApplicationPolicyConnectionRulesRDP", + "BrowserRDPApplicationPolicyMfaConfig", + "BrowserRDPApplicationSCIMConfig", + "BrowserRDPApplicationSCIMConfigAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplication", + "McpServerApplicationDestination", + "McpServerApplicationDestinationPublicDestination", + "McpServerApplicationDestinationPrivateDestination", + "McpServerApplicationDestinationViaMcpServerPortalDestination", + "McpServerApplicationOAuthConfiguration", + "McpServerApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerApplicationOAuthConfigurationGrant", + "McpServerApplicationPolicy", + "McpServerApplicationPolicyConnectionRules", + "McpServerApplicationPolicyConnectionRulesRDP", + "McpServerApplicationPolicyMfaConfig", + "McpServerApplicationSCIMConfig", + "McpServerApplicationSCIMConfigAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplication", + "McpServerPortalApplicationDestination", + "McpServerPortalApplicationDestinationPublicDestination", + "McpServerPortalApplicationDestinationPrivateDestination", + "McpServerPortalApplicationDestinationViaMcpServerPortalDestination", + "McpServerPortalApplicationOAuthConfiguration", + "McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerPortalApplicationOAuthConfigurationGrant", + "McpServerPortalApplicationPolicy", + "McpServerPortalApplicationPolicyConnectionRules", + "McpServerPortalApplicationPolicyConnectionRulesRDP", + "McpServerPortalApplicationPolicyMfaConfig", + "McpServerPortalApplicationSCIMConfig", + "McpServerPortalApplicationSCIMConfigAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", ] @@ -154,6 +234,125 @@ class SelfHostedApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class SelfHostedApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class SelfHostedApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class SelfHostedApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class SelfHostedApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[SelfHostedApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[SelfHostedApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class SelfHostedApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SelfHostedApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SelfHostedApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SelfHostedApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SelfHostedApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -167,6 +366,12 @@ class SelfHostedApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SelfHostedApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -194,6 +399,9 @@ class SelfHostedApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SelfHostedApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -413,9 +621,21 @@ class SelfHostedApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[SelfHostedApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[SelfHostedApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -489,6 +709,49 @@ class SelfHostedApplication(BaseModel): """ +class SaaSApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SaaSApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SaaSApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SaaSApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SaaSApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -502,6 +765,12 @@ class SaaSApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SaaSApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -529,6 +798,9 @@ class SaaSApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SaaSApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -774,6 +1046,125 @@ class BrowserSSHApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserSSHApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserSSHApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserSSHApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserSSHApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserSSHApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserSSHApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserSSHApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserSSHApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserSSHApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -787,6 +1178,12 @@ class BrowserSSHApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserSSHApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -814,6 +1211,9 @@ class BrowserSSHApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserSSHApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1048,9 +1448,21 @@ class BrowserSSHApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserSSHApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserSSHApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1184,6 +1596,125 @@ class BrowserVNCApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserVNCApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserVNCApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserVNCApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserVNCApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserVNCApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserVNCApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserVNCApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserVNCApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserVNCApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1197,6 +1728,12 @@ class BrowserVNCApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserVNCApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1224,6 +1761,9 @@ class BrowserVNCApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserVNCApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1458,9 +1998,21 @@ class BrowserVNCApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserVNCApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserVNCApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1561,22 +2113,71 @@ class AppLauncherApplicationLandingPageDesign(BaseModel): """The title shown on the landing page.""" -class AppLauncherApplicationPolicy(BaseModel): - id: Optional[str] = None - """The UUID of the policy""" +class AppLauncherApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" - approval_groups: Optional[List[ApprovalGroup]] = None - """Administrators who can approve a temporary authentication request.""" + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ - approval_required: Optional[bool] = None + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None """ - Requires the user to request access from an administrator at the start of each - session. + Clipboard formats allowed when copying from remote RDP session to local machine. """ - created_at: Optional[datetime] = None - decision: Optional[Decision] = None +class AppLauncherApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[AppLauncherApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class AppLauncherApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class AppLauncherApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[AppLauncherApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None """The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. @@ -1601,6 +2202,9 @@ class AppLauncherApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[AppLauncherApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1723,6 +2327,49 @@ class AppLauncherApplication(BaseModel): """Determines when to skip the App Launcher landing page.""" +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class DeviceEnrollmentPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1736,6 +2383,12 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1763,6 +2416,9 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[DeviceEnrollmentPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1852,6 +2508,49 @@ class DeviceEnrollmentPermissionsApplication(BaseModel): """ +class BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserIsolationPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserIsolationPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserIsolationPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1865,6 +2564,12 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1892,6 +2597,9 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserIsolationPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1981,6 +2689,49 @@ class BrowserIsolationPermissionsApplication(BaseModel): """ +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class GatewayIdentityProxyEndpointApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1994,6 +2745,12 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2021,6 +2778,9 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[GatewayIdentityProxyEndpointApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2110,6 +2870,49 @@ class GatewayIdentityProxyEndpointApplication(BaseModel): """ +class BookmarkApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BookmarkApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BookmarkApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BookmarkApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BookmarkApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2123,6 +2926,12 @@ class BookmarkApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BookmarkApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2150,6 +2959,9 @@ class BookmarkApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BookmarkApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2310,7 +3122,7 @@ class InfrastructureApplication(BaseModel): policies: Optional[List[InfrastructureApplicationPolicy]] = None -class BrowserRdpApplicationTargetCriterion(BaseModel): +class BrowserRDPApplicationTargetCriterion(BaseModel): port: int """The port that the targets use for the chosen communication protocol. @@ -2324,7 +3136,7 @@ class BrowserRdpApplicationTargetCriterion(BaseModel): """Contains a map of target attribute keys to target attribute values.""" -class BrowserRdpApplicationDestinationPublicDestination(BaseModel): +class BrowserRDPApplicationDestinationPublicDestination(BaseModel): """A public hostname that Access will secure. Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. @@ -2340,7 +3152,7 @@ class BrowserRdpApplicationDestinationPublicDestination(BaseModel): """ -class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): +class BrowserRDPApplicationDestinationPrivateDestination(BaseModel): cidr: Optional[str] = None """The CIDR range of the destination. Single IPs will be computed as /32.""" @@ -2365,7 +3177,7 @@ class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): """The VNET ID to match the destination. When omitted, all VNETs will match.""" -class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): +class BrowserRDPApplicationDestinationViaMcpServerPortalDestination(BaseModel): """A MCP server id configured in ai-controls. Access will secure the MCP server if accessed through a MCP portal. @@ -2377,14 +3189,133 @@ class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): type: Optional[Literal["via_mcp_server_portal"]] = None -BrowserRdpApplicationDestination: TypeAlias = Union[ - BrowserRdpApplicationDestinationPublicDestination, - BrowserRdpApplicationDestinationPrivateDestination, - BrowserRdpApplicationDestinationViaMcpServerPortalDestination, +BrowserRDPApplicationDestination: TypeAlias = Union[ + BrowserRDPApplicationDestinationPublicDestination, + BrowserRDPApplicationDestinationPrivateDestination, + BrowserRDPApplicationDestinationViaMcpServerPortalDestination, ] -class BrowserRdpApplicationPolicy(BaseModel): +class BrowserRDPApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserRDPApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserRDPApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserRDPApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserRDPApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserRDPApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserRDPApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserRDPApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2397,6 +3328,12 @@ class BrowserRdpApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserRDPApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2424,6 +3361,9 @@ class BrowserRdpApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserRDPApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2455,7 +3395,7 @@ class BrowserRdpApplicationPolicy(BaseModel): updated_at: Optional[datetime] = None -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): """ Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. """ @@ -2476,7 +3416,7 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticatio """The authentication scheme to use when making SCIM requests to this application.""" -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( BaseModel ): """ @@ -2499,23 +3439,23 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenti """The authentication scheme to use when making SCIM requests to this application.""" -BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, ] -BrowserRdpApplicationSCIMConfigAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, - List[BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], ] -class BrowserRdpApplicationSCIMConfig(BaseModel): +class BrowserRDPApplicationSCIMConfig(BaseModel): """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2530,7 +3470,7 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): remote_uri: str """The base URI for the application's SCIM-compatible API.""" - authentication: Optional[BrowserRdpApplicationSCIMConfigAuthentication] = None + authentication: Optional[BrowserRDPApplicationSCIMConfigAuthentication] = None """ Attributes for configuring HTTP Basic authentication scheme for SCIM provisioning to an application. @@ -2553,14 +3493,14 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): """ -class BrowserRdpApplication(BaseModel): +class BrowserRDPApplication(BaseModel): domain: str """The primary hostname and path secured by Access. This domain will be displayed if the app is visible in the App Launcher. """ - target_criteria: List[BrowserRdpApplicationTargetCriterion] + target_criteria: List[BrowserRDPApplicationTargetCriterion] type: ApplicationType """The application type.""" @@ -2622,7 +3562,7 @@ class BrowserRdpApplication(BaseModel): custom_pages: Optional[List[str]] = None """The custom pages that will be displayed when applicable for this application""" - destinations: Optional[List[BrowserRdpApplicationDestination]] = None + destinations: Optional[List[BrowserRDPApplicationDestination]] = None """List of destinations secured by Access. This supersedes `self_hosted_domains` to allow for more flexibility in defining @@ -2645,9 +3585,21 @@ class BrowserRdpApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserRDPApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserRDPApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -2660,7 +3612,7 @@ class BrowserRdpApplication(BaseModel): If disabled, the JWT will scope to the hostname by default """ - policies: Optional[List[BrowserRdpApplicationPolicy]] = None + policies: Optional[List[BrowserRDPApplicationPolicy]] = None read_service_tokens_from_header: Optional[str] = None """ @@ -2679,7 +3631,7 @@ class BrowserRdpApplication(BaseModel): attacks. """ - scim_config: Optional[BrowserRdpApplicationSCIMConfig] = None + scim_config: Optional[BrowserRDPApplicationSCIMConfig] = None """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2721,6 +3673,918 @@ class BrowserRdpApplication(BaseModel): """ +class McpServerApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerApplicationDestination: TypeAlias = Union[ + McpServerApplicationDestinationPublicDestination, + McpServerApplicationDestinationPrivateDestination, + McpServerApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerPortalApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerPortalApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerPortalApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerPortalApplicationDestination: TypeAlias = Union[ + McpServerPortalApplicationDestinationPublicDestination, + McpServerPortalApplicationDestinationPrivateDestination, + McpServerPortalApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerPortalApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerPortalApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerPortalApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerPortalApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerPortalApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerPortalApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerPortalApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerPortalApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerPortalApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerPortalApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerPortalApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerPortalApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerPortalApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerPortalApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerPortalApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + domain: Optional[str] = None + """The primary hostname and path secured by Access. + + This domain will be displayed if the app is visible in the App Launcher. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerPortalApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerPortalApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerPortalApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + ApplicationCreateResponse: TypeAlias = Union[ SelfHostedApplication, SaaSApplication, @@ -2732,5 +4596,7 @@ class BrowserRdpApplication(BaseModel): GatewayIdentityProxyEndpointApplication, BookmarkApplication, InfrastructureApplication, - BrowserRdpApplication, + BrowserRDPApplication, + McpServerApplication, + McpServerPortalApplication, ] diff --git a/src/cloudflare/types/zero_trust/access/application_get_response.py b/src/cloudflare/types/zero_trust/access/application_get_response.py index b4e1ccce576..18fe3f2a3d6 100644 --- a/src/cloudflare/types/zero_trust/access/application_get_response.py +++ b/src/cloudflare/types/zero_trust/access/application_get_response.py @@ -26,7 +26,14 @@ "SelfHostedApplicationDestinationPublicDestination", "SelfHostedApplicationDestinationPrivateDestination", "SelfHostedApplicationDestinationViaMcpServerPortalDestination", + "SelfHostedApplicationMfaConfig", + "SelfHostedApplicationOAuthConfiguration", + "SelfHostedApplicationOAuthConfigurationDynamicClientRegistration", + "SelfHostedApplicationOAuthConfigurationGrant", "SelfHostedApplicationPolicy", + "SelfHostedApplicationPolicyConnectionRules", + "SelfHostedApplicationPolicyConnectionRulesRDP", + "SelfHostedApplicationPolicyMfaConfig", "SelfHostedApplicationSCIMConfig", "SelfHostedApplicationSCIMConfigAuthentication", "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -34,6 +41,9 @@ "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", "SaaSApplication", "SaaSApplicationPolicy", + "SaaSApplicationPolicyConnectionRules", + "SaaSApplicationPolicyConnectionRulesRDP", + "SaaSApplicationPolicyMfaConfig", "SaaSApplicationSaaSApp", "SaaSApplicationSCIMConfig", "SaaSApplicationSCIMConfigAuthentication", @@ -45,7 +55,14 @@ "BrowserSSHApplicationDestinationPublicDestination", "BrowserSSHApplicationDestinationPrivateDestination", "BrowserSSHApplicationDestinationViaMcpServerPortalDestination", + "BrowserSSHApplicationMfaConfig", + "BrowserSSHApplicationOAuthConfiguration", + "BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserSSHApplicationOAuthConfigurationGrant", "BrowserSSHApplicationPolicy", + "BrowserSSHApplicationPolicyConnectionRules", + "BrowserSSHApplicationPolicyConnectionRulesRDP", + "BrowserSSHApplicationPolicyMfaConfig", "BrowserSSHApplicationSCIMConfig", "BrowserSSHApplicationSCIMConfigAuthentication", "BrowserSSHApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -56,7 +73,14 @@ "BrowserVNCApplicationDestinationPublicDestination", "BrowserVNCApplicationDestinationPrivateDestination", "BrowserVNCApplicationDestinationViaMcpServerPortalDestination", + "BrowserVNCApplicationMfaConfig", + "BrowserVNCApplicationOAuthConfiguration", + "BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserVNCApplicationOAuthConfigurationGrant", "BrowserVNCApplicationPolicy", + "BrowserVNCApplicationPolicyConnectionRules", + "BrowserVNCApplicationPolicyConnectionRulesRDP", + "BrowserVNCApplicationPolicyMfaConfig", "BrowserVNCApplicationSCIMConfig", "BrowserVNCApplicationSCIMConfigAuthentication", "BrowserVNCApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -66,31 +90,87 @@ "AppLauncherApplicationFooterLink", "AppLauncherApplicationLandingPageDesign", "AppLauncherApplicationPolicy", + "AppLauncherApplicationPolicyConnectionRules", + "AppLauncherApplicationPolicyConnectionRulesRDP", + "AppLauncherApplicationPolicyMfaConfig", "DeviceEnrollmentPermissionsApplication", "DeviceEnrollmentPermissionsApplicationPolicy", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRules", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP", + "DeviceEnrollmentPermissionsApplicationPolicyMfaConfig", "BrowserIsolationPermissionsApplication", "BrowserIsolationPermissionsApplicationPolicy", + "BrowserIsolationPermissionsApplicationPolicyConnectionRules", + "BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP", + "BrowserIsolationPermissionsApplicationPolicyMfaConfig", "GatewayIdentityProxyEndpointApplication", "GatewayIdentityProxyEndpointApplicationPolicy", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRules", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP", + "GatewayIdentityProxyEndpointApplicationPolicyMfaConfig", "BookmarkApplication", "BookmarkApplicationPolicy", + "BookmarkApplicationPolicyConnectionRules", + "BookmarkApplicationPolicyConnectionRulesRDP", + "BookmarkApplicationPolicyMfaConfig", "InfrastructureApplication", "InfrastructureApplicationTargetCriterion", "InfrastructureApplicationPolicy", "InfrastructureApplicationPolicyConnectionRules", "InfrastructureApplicationPolicyConnectionRulesSSH", - "BrowserRdpApplication", - "BrowserRdpApplicationTargetCriterion", - "BrowserRdpApplicationDestination", - "BrowserRdpApplicationDestinationPublicDestination", - "BrowserRdpApplicationDestinationPrivateDestination", - "BrowserRdpApplicationDestinationViaMcpServerPortalDestination", - "BrowserRdpApplicationPolicy", - "BrowserRdpApplicationSCIMConfig", - "BrowserRdpApplicationSCIMConfigAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplication", + "BrowserRDPApplicationTargetCriterion", + "BrowserRDPApplicationDestination", + "BrowserRDPApplicationDestinationPublicDestination", + "BrowserRDPApplicationDestinationPrivateDestination", + "BrowserRDPApplicationDestinationViaMcpServerPortalDestination", + "BrowserRDPApplicationMfaConfig", + "BrowserRDPApplicationOAuthConfiguration", + "BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserRDPApplicationOAuthConfigurationGrant", + "BrowserRDPApplicationPolicy", + "BrowserRDPApplicationPolicyConnectionRules", + "BrowserRDPApplicationPolicyConnectionRulesRDP", + "BrowserRDPApplicationPolicyMfaConfig", + "BrowserRDPApplicationSCIMConfig", + "BrowserRDPApplicationSCIMConfigAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplication", + "McpServerApplicationDestination", + "McpServerApplicationDestinationPublicDestination", + "McpServerApplicationDestinationPrivateDestination", + "McpServerApplicationDestinationViaMcpServerPortalDestination", + "McpServerApplicationOAuthConfiguration", + "McpServerApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerApplicationOAuthConfigurationGrant", + "McpServerApplicationPolicy", + "McpServerApplicationPolicyConnectionRules", + "McpServerApplicationPolicyConnectionRulesRDP", + "McpServerApplicationPolicyMfaConfig", + "McpServerApplicationSCIMConfig", + "McpServerApplicationSCIMConfigAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplication", + "McpServerPortalApplicationDestination", + "McpServerPortalApplicationDestinationPublicDestination", + "McpServerPortalApplicationDestinationPrivateDestination", + "McpServerPortalApplicationDestinationViaMcpServerPortalDestination", + "McpServerPortalApplicationOAuthConfiguration", + "McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerPortalApplicationOAuthConfigurationGrant", + "McpServerPortalApplicationPolicy", + "McpServerPortalApplicationPolicyConnectionRules", + "McpServerPortalApplicationPolicyConnectionRulesRDP", + "McpServerPortalApplicationPolicyMfaConfig", + "McpServerPortalApplicationSCIMConfig", + "McpServerPortalApplicationSCIMConfigAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", ] @@ -154,6 +234,125 @@ class SelfHostedApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class SelfHostedApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class SelfHostedApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class SelfHostedApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class SelfHostedApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[SelfHostedApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[SelfHostedApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class SelfHostedApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SelfHostedApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SelfHostedApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SelfHostedApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SelfHostedApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -167,6 +366,12 @@ class SelfHostedApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SelfHostedApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -194,6 +399,9 @@ class SelfHostedApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SelfHostedApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -413,9 +621,21 @@ class SelfHostedApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[SelfHostedApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[SelfHostedApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -489,6 +709,49 @@ class SelfHostedApplication(BaseModel): """ +class SaaSApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SaaSApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SaaSApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SaaSApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SaaSApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -502,6 +765,12 @@ class SaaSApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SaaSApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -529,6 +798,9 @@ class SaaSApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SaaSApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -774,6 +1046,125 @@ class BrowserSSHApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserSSHApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserSSHApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserSSHApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserSSHApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserSSHApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserSSHApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserSSHApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserSSHApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserSSHApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -787,6 +1178,12 @@ class BrowserSSHApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserSSHApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -814,6 +1211,9 @@ class BrowserSSHApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserSSHApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1048,9 +1448,21 @@ class BrowserSSHApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserSSHApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserSSHApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1184,6 +1596,125 @@ class BrowserVNCApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserVNCApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserVNCApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserVNCApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserVNCApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserVNCApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserVNCApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserVNCApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserVNCApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserVNCApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1197,6 +1728,12 @@ class BrowserVNCApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserVNCApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1224,6 +1761,9 @@ class BrowserVNCApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserVNCApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1458,9 +1998,21 @@ class BrowserVNCApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserVNCApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserVNCApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1561,22 +2113,71 @@ class AppLauncherApplicationLandingPageDesign(BaseModel): """The title shown on the landing page.""" -class AppLauncherApplicationPolicy(BaseModel): - id: Optional[str] = None - """The UUID of the policy""" +class AppLauncherApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" - approval_groups: Optional[List[ApprovalGroup]] = None - """Administrators who can approve a temporary authentication request.""" + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ - approval_required: Optional[bool] = None + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None """ - Requires the user to request access from an administrator at the start of each - session. + Clipboard formats allowed when copying from remote RDP session to local machine. """ - created_at: Optional[datetime] = None - decision: Optional[Decision] = None +class AppLauncherApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[AppLauncherApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class AppLauncherApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class AppLauncherApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[AppLauncherApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None """The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. @@ -1601,6 +2202,9 @@ class AppLauncherApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[AppLauncherApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1723,6 +2327,49 @@ class AppLauncherApplication(BaseModel): """Determines when to skip the App Launcher landing page.""" +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class DeviceEnrollmentPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1736,6 +2383,12 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1763,6 +2416,9 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[DeviceEnrollmentPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1852,6 +2508,49 @@ class DeviceEnrollmentPermissionsApplication(BaseModel): """ +class BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserIsolationPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserIsolationPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserIsolationPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1865,6 +2564,12 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1892,6 +2597,9 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserIsolationPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1981,6 +2689,49 @@ class BrowserIsolationPermissionsApplication(BaseModel): """ +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class GatewayIdentityProxyEndpointApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1994,6 +2745,12 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2021,6 +2778,9 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[GatewayIdentityProxyEndpointApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2110,6 +2870,49 @@ class GatewayIdentityProxyEndpointApplication(BaseModel): """ +class BookmarkApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BookmarkApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BookmarkApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BookmarkApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BookmarkApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2123,6 +2926,12 @@ class BookmarkApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BookmarkApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2150,6 +2959,9 @@ class BookmarkApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BookmarkApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2310,7 +3122,7 @@ class InfrastructureApplication(BaseModel): policies: Optional[List[InfrastructureApplicationPolicy]] = None -class BrowserRdpApplicationTargetCriterion(BaseModel): +class BrowserRDPApplicationTargetCriterion(BaseModel): port: int """The port that the targets use for the chosen communication protocol. @@ -2324,7 +3136,7 @@ class BrowserRdpApplicationTargetCriterion(BaseModel): """Contains a map of target attribute keys to target attribute values.""" -class BrowserRdpApplicationDestinationPublicDestination(BaseModel): +class BrowserRDPApplicationDestinationPublicDestination(BaseModel): """A public hostname that Access will secure. Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. @@ -2340,7 +3152,7 @@ class BrowserRdpApplicationDestinationPublicDestination(BaseModel): """ -class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): +class BrowserRDPApplicationDestinationPrivateDestination(BaseModel): cidr: Optional[str] = None """The CIDR range of the destination. Single IPs will be computed as /32.""" @@ -2365,7 +3177,7 @@ class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): """The VNET ID to match the destination. When omitted, all VNETs will match.""" -class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): +class BrowserRDPApplicationDestinationViaMcpServerPortalDestination(BaseModel): """A MCP server id configured in ai-controls. Access will secure the MCP server if accessed through a MCP portal. @@ -2377,14 +3189,133 @@ class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): type: Optional[Literal["via_mcp_server_portal"]] = None -BrowserRdpApplicationDestination: TypeAlias = Union[ - BrowserRdpApplicationDestinationPublicDestination, - BrowserRdpApplicationDestinationPrivateDestination, - BrowserRdpApplicationDestinationViaMcpServerPortalDestination, +BrowserRDPApplicationDestination: TypeAlias = Union[ + BrowserRDPApplicationDestinationPublicDestination, + BrowserRDPApplicationDestinationPrivateDestination, + BrowserRDPApplicationDestinationViaMcpServerPortalDestination, ] -class BrowserRdpApplicationPolicy(BaseModel): +class BrowserRDPApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserRDPApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserRDPApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserRDPApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserRDPApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserRDPApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserRDPApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserRDPApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2397,6 +3328,12 @@ class BrowserRdpApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserRDPApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2424,6 +3361,9 @@ class BrowserRdpApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserRDPApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2455,7 +3395,7 @@ class BrowserRdpApplicationPolicy(BaseModel): updated_at: Optional[datetime] = None -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): """ Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. """ @@ -2476,7 +3416,7 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticatio """The authentication scheme to use when making SCIM requests to this application.""" -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( BaseModel ): """ @@ -2499,23 +3439,23 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenti """The authentication scheme to use when making SCIM requests to this application.""" -BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, ] -BrowserRdpApplicationSCIMConfigAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, - List[BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], ] -class BrowserRdpApplicationSCIMConfig(BaseModel): +class BrowserRDPApplicationSCIMConfig(BaseModel): """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2530,7 +3470,7 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): remote_uri: str """The base URI for the application's SCIM-compatible API.""" - authentication: Optional[BrowserRdpApplicationSCIMConfigAuthentication] = None + authentication: Optional[BrowserRDPApplicationSCIMConfigAuthentication] = None """ Attributes for configuring HTTP Basic authentication scheme for SCIM provisioning to an application. @@ -2553,14 +3493,14 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): """ -class BrowserRdpApplication(BaseModel): +class BrowserRDPApplication(BaseModel): domain: str """The primary hostname and path secured by Access. This domain will be displayed if the app is visible in the App Launcher. """ - target_criteria: List[BrowserRdpApplicationTargetCriterion] + target_criteria: List[BrowserRDPApplicationTargetCriterion] type: ApplicationType """The application type.""" @@ -2622,7 +3562,7 @@ class BrowserRdpApplication(BaseModel): custom_pages: Optional[List[str]] = None """The custom pages that will be displayed when applicable for this application""" - destinations: Optional[List[BrowserRdpApplicationDestination]] = None + destinations: Optional[List[BrowserRDPApplicationDestination]] = None """List of destinations secured by Access. This supersedes `self_hosted_domains` to allow for more flexibility in defining @@ -2645,9 +3585,21 @@ class BrowserRdpApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserRDPApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserRDPApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -2660,7 +3612,7 @@ class BrowserRdpApplication(BaseModel): If disabled, the JWT will scope to the hostname by default """ - policies: Optional[List[BrowserRdpApplicationPolicy]] = None + policies: Optional[List[BrowserRDPApplicationPolicy]] = None read_service_tokens_from_header: Optional[str] = None """ @@ -2679,7 +3631,7 @@ class BrowserRdpApplication(BaseModel): attacks. """ - scim_config: Optional[BrowserRdpApplicationSCIMConfig] = None + scim_config: Optional[BrowserRDPApplicationSCIMConfig] = None """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2721,6 +3673,918 @@ class BrowserRdpApplication(BaseModel): """ +class McpServerApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerApplicationDestination: TypeAlias = Union[ + McpServerApplicationDestinationPublicDestination, + McpServerApplicationDestinationPrivateDestination, + McpServerApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerPortalApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerPortalApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerPortalApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerPortalApplicationDestination: TypeAlias = Union[ + McpServerPortalApplicationDestinationPublicDestination, + McpServerPortalApplicationDestinationPrivateDestination, + McpServerPortalApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerPortalApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerPortalApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerPortalApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerPortalApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerPortalApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerPortalApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerPortalApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerPortalApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerPortalApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerPortalApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerPortalApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerPortalApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerPortalApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerPortalApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerPortalApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + domain: Optional[str] = None + """The primary hostname and path secured by Access. + + This domain will be displayed if the app is visible in the App Launcher. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerPortalApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerPortalApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerPortalApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + ApplicationGetResponse: TypeAlias = Union[ SelfHostedApplication, SaaSApplication, @@ -2732,5 +4596,7 @@ class BrowserRdpApplication(BaseModel): GatewayIdentityProxyEndpointApplication, BookmarkApplication, InfrastructureApplication, - BrowserRdpApplication, + BrowserRDPApplication, + McpServerApplication, + McpServerPortalApplication, ] diff --git a/src/cloudflare/types/zero_trust/access/application_list_response.py b/src/cloudflare/types/zero_trust/access/application_list_response.py index 7878a02cfd8..4b779844b2b 100644 --- a/src/cloudflare/types/zero_trust/access/application_list_response.py +++ b/src/cloudflare/types/zero_trust/access/application_list_response.py @@ -26,7 +26,14 @@ "SelfHostedApplicationDestinationPublicDestination", "SelfHostedApplicationDestinationPrivateDestination", "SelfHostedApplicationDestinationViaMcpServerPortalDestination", + "SelfHostedApplicationMfaConfig", + "SelfHostedApplicationOAuthConfiguration", + "SelfHostedApplicationOAuthConfigurationDynamicClientRegistration", + "SelfHostedApplicationOAuthConfigurationGrant", "SelfHostedApplicationPolicy", + "SelfHostedApplicationPolicyConnectionRules", + "SelfHostedApplicationPolicyConnectionRulesRDP", + "SelfHostedApplicationPolicyMfaConfig", "SelfHostedApplicationSCIMConfig", "SelfHostedApplicationSCIMConfigAuthentication", "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -34,6 +41,9 @@ "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", "SaaSApplication", "SaaSApplicationPolicy", + "SaaSApplicationPolicyConnectionRules", + "SaaSApplicationPolicyConnectionRulesRDP", + "SaaSApplicationPolicyMfaConfig", "SaaSApplicationSaaSApp", "SaaSApplicationSCIMConfig", "SaaSApplicationSCIMConfigAuthentication", @@ -45,7 +55,14 @@ "BrowserSSHApplicationDestinationPublicDestination", "BrowserSSHApplicationDestinationPrivateDestination", "BrowserSSHApplicationDestinationViaMcpServerPortalDestination", + "BrowserSSHApplicationMfaConfig", + "BrowserSSHApplicationOAuthConfiguration", + "BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserSSHApplicationOAuthConfigurationGrant", "BrowserSSHApplicationPolicy", + "BrowserSSHApplicationPolicyConnectionRules", + "BrowserSSHApplicationPolicyConnectionRulesRDP", + "BrowserSSHApplicationPolicyMfaConfig", "BrowserSSHApplicationSCIMConfig", "BrowserSSHApplicationSCIMConfigAuthentication", "BrowserSSHApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -56,7 +73,14 @@ "BrowserVNCApplicationDestinationPublicDestination", "BrowserVNCApplicationDestinationPrivateDestination", "BrowserVNCApplicationDestinationViaMcpServerPortalDestination", + "BrowserVNCApplicationMfaConfig", + "BrowserVNCApplicationOAuthConfiguration", + "BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserVNCApplicationOAuthConfigurationGrant", "BrowserVNCApplicationPolicy", + "BrowserVNCApplicationPolicyConnectionRules", + "BrowserVNCApplicationPolicyConnectionRulesRDP", + "BrowserVNCApplicationPolicyMfaConfig", "BrowserVNCApplicationSCIMConfig", "BrowserVNCApplicationSCIMConfigAuthentication", "BrowserVNCApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -66,31 +90,87 @@ "AppLauncherApplicationFooterLink", "AppLauncherApplicationLandingPageDesign", "AppLauncherApplicationPolicy", + "AppLauncherApplicationPolicyConnectionRules", + "AppLauncherApplicationPolicyConnectionRulesRDP", + "AppLauncherApplicationPolicyMfaConfig", "DeviceEnrollmentPermissionsApplication", "DeviceEnrollmentPermissionsApplicationPolicy", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRules", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP", + "DeviceEnrollmentPermissionsApplicationPolicyMfaConfig", "BrowserIsolationPermissionsApplication", "BrowserIsolationPermissionsApplicationPolicy", + "BrowserIsolationPermissionsApplicationPolicyConnectionRules", + "BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP", + "BrowserIsolationPermissionsApplicationPolicyMfaConfig", "GatewayIdentityProxyEndpointApplication", "GatewayIdentityProxyEndpointApplicationPolicy", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRules", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP", + "GatewayIdentityProxyEndpointApplicationPolicyMfaConfig", "BookmarkApplication", "BookmarkApplicationPolicy", + "BookmarkApplicationPolicyConnectionRules", + "BookmarkApplicationPolicyConnectionRulesRDP", + "BookmarkApplicationPolicyMfaConfig", "InfrastructureApplication", "InfrastructureApplicationTargetCriterion", "InfrastructureApplicationPolicy", "InfrastructureApplicationPolicyConnectionRules", "InfrastructureApplicationPolicyConnectionRulesSSH", - "BrowserRdpApplication", - "BrowserRdpApplicationTargetCriterion", - "BrowserRdpApplicationDestination", - "BrowserRdpApplicationDestinationPublicDestination", - "BrowserRdpApplicationDestinationPrivateDestination", - "BrowserRdpApplicationDestinationViaMcpServerPortalDestination", - "BrowserRdpApplicationPolicy", - "BrowserRdpApplicationSCIMConfig", - "BrowserRdpApplicationSCIMConfigAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplication", + "BrowserRDPApplicationTargetCriterion", + "BrowserRDPApplicationDestination", + "BrowserRDPApplicationDestinationPublicDestination", + "BrowserRDPApplicationDestinationPrivateDestination", + "BrowserRDPApplicationDestinationViaMcpServerPortalDestination", + "BrowserRDPApplicationMfaConfig", + "BrowserRDPApplicationOAuthConfiguration", + "BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserRDPApplicationOAuthConfigurationGrant", + "BrowserRDPApplicationPolicy", + "BrowserRDPApplicationPolicyConnectionRules", + "BrowserRDPApplicationPolicyConnectionRulesRDP", + "BrowserRDPApplicationPolicyMfaConfig", + "BrowserRDPApplicationSCIMConfig", + "BrowserRDPApplicationSCIMConfigAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplication", + "McpServerApplicationDestination", + "McpServerApplicationDestinationPublicDestination", + "McpServerApplicationDestinationPrivateDestination", + "McpServerApplicationDestinationViaMcpServerPortalDestination", + "McpServerApplicationOAuthConfiguration", + "McpServerApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerApplicationOAuthConfigurationGrant", + "McpServerApplicationPolicy", + "McpServerApplicationPolicyConnectionRules", + "McpServerApplicationPolicyConnectionRulesRDP", + "McpServerApplicationPolicyMfaConfig", + "McpServerApplicationSCIMConfig", + "McpServerApplicationSCIMConfigAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplication", + "McpServerPortalApplicationDestination", + "McpServerPortalApplicationDestinationPublicDestination", + "McpServerPortalApplicationDestinationPrivateDestination", + "McpServerPortalApplicationDestinationViaMcpServerPortalDestination", + "McpServerPortalApplicationOAuthConfiguration", + "McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerPortalApplicationOAuthConfigurationGrant", + "McpServerPortalApplicationPolicy", + "McpServerPortalApplicationPolicyConnectionRules", + "McpServerPortalApplicationPolicyConnectionRulesRDP", + "McpServerPortalApplicationPolicyMfaConfig", + "McpServerPortalApplicationSCIMConfig", + "McpServerPortalApplicationSCIMConfigAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", ] @@ -154,6 +234,125 @@ class SelfHostedApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class SelfHostedApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class SelfHostedApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class SelfHostedApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class SelfHostedApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[SelfHostedApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[SelfHostedApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class SelfHostedApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SelfHostedApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SelfHostedApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SelfHostedApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SelfHostedApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -167,6 +366,12 @@ class SelfHostedApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SelfHostedApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -194,6 +399,9 @@ class SelfHostedApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SelfHostedApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -413,9 +621,21 @@ class SelfHostedApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[SelfHostedApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[SelfHostedApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -489,6 +709,49 @@ class SelfHostedApplication(BaseModel): """ +class SaaSApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SaaSApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SaaSApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SaaSApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SaaSApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -502,6 +765,12 @@ class SaaSApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SaaSApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -529,6 +798,9 @@ class SaaSApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SaaSApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -774,6 +1046,125 @@ class BrowserSSHApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserSSHApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserSSHApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserSSHApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserSSHApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserSSHApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserSSHApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserSSHApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserSSHApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserSSHApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -787,6 +1178,12 @@ class BrowserSSHApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserSSHApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -814,6 +1211,9 @@ class BrowserSSHApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserSSHApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1048,9 +1448,21 @@ class BrowserSSHApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserSSHApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserSSHApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1184,6 +1596,125 @@ class BrowserVNCApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserVNCApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserVNCApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserVNCApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserVNCApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserVNCApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserVNCApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserVNCApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserVNCApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserVNCApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1197,6 +1728,12 @@ class BrowserVNCApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserVNCApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1224,6 +1761,9 @@ class BrowserVNCApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserVNCApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1458,9 +1998,21 @@ class BrowserVNCApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserVNCApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserVNCApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1561,22 +2113,71 @@ class AppLauncherApplicationLandingPageDesign(BaseModel): """The title shown on the landing page.""" -class AppLauncherApplicationPolicy(BaseModel): - id: Optional[str] = None - """The UUID of the policy""" +class AppLauncherApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" - approval_groups: Optional[List[ApprovalGroup]] = None - """Administrators who can approve a temporary authentication request.""" + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ - approval_required: Optional[bool] = None + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None """ - Requires the user to request access from an administrator at the start of each - session. + Clipboard formats allowed when copying from remote RDP session to local machine. """ - created_at: Optional[datetime] = None - decision: Optional[Decision] = None +class AppLauncherApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[AppLauncherApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class AppLauncherApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class AppLauncherApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[AppLauncherApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None """The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. @@ -1601,6 +2202,9 @@ class AppLauncherApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[AppLauncherApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1723,6 +2327,49 @@ class AppLauncherApplication(BaseModel): """Determines when to skip the App Launcher landing page.""" +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class DeviceEnrollmentPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1736,6 +2383,12 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1763,6 +2416,9 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[DeviceEnrollmentPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1852,6 +2508,49 @@ class DeviceEnrollmentPermissionsApplication(BaseModel): """ +class BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserIsolationPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserIsolationPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserIsolationPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1865,6 +2564,12 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1892,6 +2597,9 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserIsolationPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1981,6 +2689,49 @@ class BrowserIsolationPermissionsApplication(BaseModel): """ +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class GatewayIdentityProxyEndpointApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1994,6 +2745,12 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2021,6 +2778,9 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[GatewayIdentityProxyEndpointApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2110,6 +2870,49 @@ class GatewayIdentityProxyEndpointApplication(BaseModel): """ +class BookmarkApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BookmarkApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BookmarkApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BookmarkApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BookmarkApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2123,6 +2926,12 @@ class BookmarkApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BookmarkApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2150,6 +2959,9 @@ class BookmarkApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BookmarkApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2310,7 +3122,7 @@ class InfrastructureApplication(BaseModel): policies: Optional[List[InfrastructureApplicationPolicy]] = None -class BrowserRdpApplicationTargetCriterion(BaseModel): +class BrowserRDPApplicationTargetCriterion(BaseModel): port: int """The port that the targets use for the chosen communication protocol. @@ -2324,7 +3136,7 @@ class BrowserRdpApplicationTargetCriterion(BaseModel): """Contains a map of target attribute keys to target attribute values.""" -class BrowserRdpApplicationDestinationPublicDestination(BaseModel): +class BrowserRDPApplicationDestinationPublicDestination(BaseModel): """A public hostname that Access will secure. Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. @@ -2340,7 +3152,7 @@ class BrowserRdpApplicationDestinationPublicDestination(BaseModel): """ -class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): +class BrowserRDPApplicationDestinationPrivateDestination(BaseModel): cidr: Optional[str] = None """The CIDR range of the destination. Single IPs will be computed as /32.""" @@ -2365,7 +3177,7 @@ class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): """The VNET ID to match the destination. When omitted, all VNETs will match.""" -class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): +class BrowserRDPApplicationDestinationViaMcpServerPortalDestination(BaseModel): """A MCP server id configured in ai-controls. Access will secure the MCP server if accessed through a MCP portal. @@ -2377,14 +3189,133 @@ class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): type: Optional[Literal["via_mcp_server_portal"]] = None -BrowserRdpApplicationDestination: TypeAlias = Union[ - BrowserRdpApplicationDestinationPublicDestination, - BrowserRdpApplicationDestinationPrivateDestination, - BrowserRdpApplicationDestinationViaMcpServerPortalDestination, +BrowserRDPApplicationDestination: TypeAlias = Union[ + BrowserRDPApplicationDestinationPublicDestination, + BrowserRDPApplicationDestinationPrivateDestination, + BrowserRDPApplicationDestinationViaMcpServerPortalDestination, ] -class BrowserRdpApplicationPolicy(BaseModel): +class BrowserRDPApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserRDPApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserRDPApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserRDPApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserRDPApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserRDPApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserRDPApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserRDPApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2397,6 +3328,12 @@ class BrowserRdpApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserRDPApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2424,6 +3361,9 @@ class BrowserRdpApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserRDPApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2455,7 +3395,7 @@ class BrowserRdpApplicationPolicy(BaseModel): updated_at: Optional[datetime] = None -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): """ Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. """ @@ -2476,7 +3416,7 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticatio """The authentication scheme to use when making SCIM requests to this application.""" -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( BaseModel ): """ @@ -2499,23 +3439,23 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenti """The authentication scheme to use when making SCIM requests to this application.""" -BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, ] -BrowserRdpApplicationSCIMConfigAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, - List[BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], ] -class BrowserRdpApplicationSCIMConfig(BaseModel): +class BrowserRDPApplicationSCIMConfig(BaseModel): """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2530,7 +3470,7 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): remote_uri: str """The base URI for the application's SCIM-compatible API.""" - authentication: Optional[BrowserRdpApplicationSCIMConfigAuthentication] = None + authentication: Optional[BrowserRDPApplicationSCIMConfigAuthentication] = None """ Attributes for configuring HTTP Basic authentication scheme for SCIM provisioning to an application. @@ -2553,14 +3493,14 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): """ -class BrowserRdpApplication(BaseModel): +class BrowserRDPApplication(BaseModel): domain: str """The primary hostname and path secured by Access. This domain will be displayed if the app is visible in the App Launcher. """ - target_criteria: List[BrowserRdpApplicationTargetCriterion] + target_criteria: List[BrowserRDPApplicationTargetCriterion] type: ApplicationType """The application type.""" @@ -2622,7 +3562,7 @@ class BrowserRdpApplication(BaseModel): custom_pages: Optional[List[str]] = None """The custom pages that will be displayed when applicable for this application""" - destinations: Optional[List[BrowserRdpApplicationDestination]] = None + destinations: Optional[List[BrowserRDPApplicationDestination]] = None """List of destinations secured by Access. This supersedes `self_hosted_domains` to allow for more flexibility in defining @@ -2645,9 +3585,21 @@ class BrowserRdpApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserRDPApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserRDPApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -2660,7 +3612,7 @@ class BrowserRdpApplication(BaseModel): If disabled, the JWT will scope to the hostname by default """ - policies: Optional[List[BrowserRdpApplicationPolicy]] = None + policies: Optional[List[BrowserRDPApplicationPolicy]] = None read_service_tokens_from_header: Optional[str] = None """ @@ -2679,7 +3631,7 @@ class BrowserRdpApplication(BaseModel): attacks. """ - scim_config: Optional[BrowserRdpApplicationSCIMConfig] = None + scim_config: Optional[BrowserRDPApplicationSCIMConfig] = None """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2721,6 +3673,918 @@ class BrowserRdpApplication(BaseModel): """ +class McpServerApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerApplicationDestination: TypeAlias = Union[ + McpServerApplicationDestinationPublicDestination, + McpServerApplicationDestinationPrivateDestination, + McpServerApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerPortalApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerPortalApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerPortalApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerPortalApplicationDestination: TypeAlias = Union[ + McpServerPortalApplicationDestinationPublicDestination, + McpServerPortalApplicationDestinationPrivateDestination, + McpServerPortalApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerPortalApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerPortalApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerPortalApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerPortalApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerPortalApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerPortalApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerPortalApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerPortalApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerPortalApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerPortalApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerPortalApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerPortalApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerPortalApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerPortalApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerPortalApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + domain: Optional[str] = None + """The primary hostname and path secured by Access. + + This domain will be displayed if the app is visible in the App Launcher. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerPortalApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerPortalApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerPortalApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + ApplicationListResponse: TypeAlias = Union[ SelfHostedApplication, SaaSApplication, @@ -2732,5 +4596,7 @@ class BrowserRdpApplication(BaseModel): GatewayIdentityProxyEndpointApplication, BookmarkApplication, InfrastructureApplication, - BrowserRdpApplication, + BrowserRDPApplication, + McpServerApplication, + McpServerPortalApplication, ] diff --git a/src/cloudflare/types/zero_trust/access/application_update_params.py b/src/cloudflare/types/zero_trust/access/application_update_params.py index 3c113e23f22..03c6de94cb4 100644 --- a/src/cloudflare/types/zero_trust/access/application_update_params.py +++ b/src/cloudflare/types/zero_trust/access/application_update_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Dict, Union, Iterable +from typing import Dict, List, Union, Iterable from typing_extensions import Literal, Required, TypeAlias, TypedDict from .decision import Decision @@ -27,9 +27,16 @@ "SelfHostedApplicationDestinationPublicDestination", "SelfHostedApplicationDestinationPrivateDestination", "SelfHostedApplicationDestinationViaMcpServerPortalDestination", + "SelfHostedApplicationMfaConfig", + "SelfHostedApplicationOAuthConfiguration", + "SelfHostedApplicationOAuthConfigurationDynamicClientRegistration", + "SelfHostedApplicationOAuthConfigurationGrant", "SelfHostedApplicationPolicy", "SelfHostedApplicationPolicyAccessAppPolicyLink", "SelfHostedApplicationPolicyUnionMember2", + "SelfHostedApplicationPolicyUnionMember2ConnectionRules", + "SelfHostedApplicationPolicyUnionMember2ConnectionRulesRDP", + "SelfHostedApplicationPolicyUnionMember2MfaConfig", "SelfHostedApplicationSCIMConfig", "SelfHostedApplicationSCIMConfigAuthentication", "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -39,6 +46,9 @@ "SaaSApplicationPolicy", "SaaSApplicationPolicyAccessAppPolicyLink", "SaaSApplicationPolicyUnionMember2", + "SaaSApplicationPolicyUnionMember2ConnectionRules", + "SaaSApplicationPolicyUnionMember2ConnectionRulesRDP", + "SaaSApplicationPolicyUnionMember2MfaConfig", "SaaSApplicationSaaSApp", "SaaSApplicationSCIMConfig", "SaaSApplicationSCIMConfigAuthentication", @@ -50,9 +60,16 @@ "BrowserSSHApplicationDestinationPublicDestination", "BrowserSSHApplicationDestinationPrivateDestination", "BrowserSSHApplicationDestinationViaMcpServerPortalDestination", + "BrowserSSHApplicationMfaConfig", + "BrowserSSHApplicationOAuthConfiguration", + "BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserSSHApplicationOAuthConfigurationGrant", "BrowserSSHApplicationPolicy", "BrowserSSHApplicationPolicyAccessAppPolicyLink", "BrowserSSHApplicationPolicyUnionMember2", + "BrowserSSHApplicationPolicyUnionMember2ConnectionRules", + "BrowserSSHApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserSSHApplicationPolicyUnionMember2MfaConfig", "BrowserSSHApplicationSCIMConfig", "BrowserSSHApplicationSCIMConfigAuthentication", "BrowserSSHApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -63,9 +80,16 @@ "BrowserVNCApplicationDestinationPublicDestination", "BrowserVNCApplicationDestinationPrivateDestination", "BrowserVNCApplicationDestinationViaMcpServerPortalDestination", + "BrowserVNCApplicationMfaConfig", + "BrowserVNCApplicationOAuthConfiguration", + "BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserVNCApplicationOAuthConfigurationGrant", "BrowserVNCApplicationPolicy", "BrowserVNCApplicationPolicyAccessAppPolicyLink", "BrowserVNCApplicationPolicyUnionMember2", + "BrowserVNCApplicationPolicyUnionMember2ConnectionRules", + "BrowserVNCApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserVNCApplicationPolicyUnionMember2MfaConfig", "BrowserVNCApplicationSCIMConfig", "BrowserVNCApplicationSCIMConfigAuthentication", "BrowserVNCApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -77,41 +101,101 @@ "AppLauncherApplicationPolicy", "AppLauncherApplicationPolicyAccessAppPolicyLink", "AppLauncherApplicationPolicyUnionMember2", + "AppLauncherApplicationPolicyUnionMember2ConnectionRules", + "AppLauncherApplicationPolicyUnionMember2ConnectionRulesRDP", + "AppLauncherApplicationPolicyUnionMember2MfaConfig", "DeviceEnrollmentPermissionsApplication", "DeviceEnrollmentPermissionsApplicationPolicy", "DeviceEnrollmentPermissionsApplicationPolicyAccessAppPolicyLink", "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2", + "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRules", + "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP", + "DeviceEnrollmentPermissionsApplicationPolicyUnionMember2MfaConfig", "BrowserIsolationPermissionsApplication", "BrowserIsolationPermissionsApplicationPolicy", "BrowserIsolationPermissionsApplicationPolicyAccessAppPolicyLink", "BrowserIsolationPermissionsApplicationPolicyUnionMember2", + "BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRules", + "BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserIsolationPermissionsApplicationPolicyUnionMember2MfaConfig", "GatewayIdentityProxyEndpointApplication", "GatewayIdentityProxyEndpointApplicationPolicy", "GatewayIdentityProxyEndpointApplicationPolicyAccessAppPolicyLink", "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2", + "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRules", + "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRulesRDP", + "GatewayIdentityProxyEndpointApplicationPolicyUnionMember2MfaConfig", "BookmarkApplication", "BookmarkApplicationPolicy", "BookmarkApplicationPolicyAccessAppPolicyLink", "BookmarkApplicationPolicyUnionMember2", + "BookmarkApplicationPolicyUnionMember2ConnectionRules", + "BookmarkApplicationPolicyUnionMember2ConnectionRulesRDP", + "BookmarkApplicationPolicyUnionMember2MfaConfig", "InfrastructureApplication", "InfrastructureApplicationTargetCriterion", "InfrastructureApplicationPolicy", "InfrastructureApplicationPolicyConnectionRules", "InfrastructureApplicationPolicyConnectionRulesSSH", - "BrowserRdpApplication", - "BrowserRdpApplicationTargetCriterion", - "BrowserRdpApplicationDestination", - "BrowserRdpApplicationDestinationPublicDestination", - "BrowserRdpApplicationDestinationPrivateDestination", - "BrowserRdpApplicationDestinationViaMcpServerPortalDestination", - "BrowserRdpApplicationPolicy", - "BrowserRdpApplicationPolicyAccessAppPolicyLink", - "BrowserRdpApplicationPolicyUnionMember2", - "BrowserRdpApplicationSCIMConfig", - "BrowserRdpApplicationSCIMConfigAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplication", + "BrowserRDPApplicationTargetCriterion", + "BrowserRDPApplicationDestination", + "BrowserRDPApplicationDestinationPublicDestination", + "BrowserRDPApplicationDestinationPrivateDestination", + "BrowserRDPApplicationDestinationViaMcpServerPortalDestination", + "BrowserRDPApplicationMfaConfig", + "BrowserRDPApplicationOAuthConfiguration", + "BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserRDPApplicationOAuthConfigurationGrant", + "BrowserRDPApplicationPolicy", + "BrowserRDPApplicationPolicyAccessAppPolicyLink", + "BrowserRDPApplicationPolicyUnionMember2", + "BrowserRDPApplicationPolicyUnionMember2ConnectionRules", + "BrowserRDPApplicationPolicyUnionMember2ConnectionRulesRDP", + "BrowserRDPApplicationPolicyUnionMember2MfaConfig", + "BrowserRDPApplicationSCIMConfig", + "BrowserRDPApplicationSCIMConfigAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplication", + "McpServerApplicationDestination", + "McpServerApplicationDestinationPublicDestination", + "McpServerApplicationDestinationPrivateDestination", + "McpServerApplicationDestinationViaMcpServerPortalDestination", + "McpServerApplicationOAuthConfiguration", + "McpServerApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerApplicationOAuthConfigurationGrant", + "McpServerApplicationPolicy", + "McpServerApplicationPolicyAccessAppPolicyLink", + "McpServerApplicationPolicyUnionMember2", + "McpServerApplicationPolicyUnionMember2ConnectionRules", + "McpServerApplicationPolicyUnionMember2ConnectionRulesRDP", + "McpServerApplicationPolicyUnionMember2MfaConfig", + "McpServerApplicationSCIMConfig", + "McpServerApplicationSCIMConfigAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplication", + "McpServerPortalApplicationDestination", + "McpServerPortalApplicationDestinationPublicDestination", + "McpServerPortalApplicationDestinationPrivateDestination", + "McpServerPortalApplicationDestinationViaMcpServerPortalDestination", + "McpServerPortalApplicationOAuthConfiguration", + "McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerPortalApplicationOAuthConfigurationGrant", + "McpServerPortalApplicationPolicy", + "McpServerPortalApplicationPolicyAccessAppPolicyLink", + "McpServerPortalApplicationPolicyUnionMember2", + "McpServerPortalApplicationPolicyUnionMember2ConnectionRules", + "McpServerPortalApplicationPolicyUnionMember2ConnectionRulesRDP", + "McpServerPortalApplicationPolicyUnionMember2MfaConfig", + "McpServerPortalApplicationSCIMConfig", + "McpServerPortalApplicationSCIMConfigAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", ] @@ -205,9 +289,21 @@ class SelfHostedApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: SelfHostedApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: SelfHostedApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -346,6 +442,82 @@ class SelfHostedApplicationDestinationViaMcpServerPortalDestination(TypedDict, t ] +class SelfHostedApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class SelfHostedApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class SelfHostedApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class SelfHostedApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: SelfHostedApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: SelfHostedApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + class SelfHostedApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" @@ -359,6 +531,49 @@ class SelfHostedApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class SelfHostedApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SelfHostedApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: SelfHostedApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SelfHostedApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SelfHostedApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -372,6 +587,12 @@ class SelfHostedApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: SelfHostedApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -379,6 +600,9 @@ class SelfHostedApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: SelfHostedApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -575,6 +799,49 @@ class SaaSApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class SaaSApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SaaSApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: SaaSApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SaaSApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SaaSApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -588,6 +855,12 @@ class SaaSApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: SaaSApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -595,6 +868,9 @@ class SaaSApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: SaaSApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -827,9 +1103,21 @@ class BrowserSSHApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: BrowserSSHApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: BrowserSSHApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -968,6 +1256,82 @@ class BrowserSSHApplicationDestinationViaMcpServerPortalDestination(TypedDict, t ] +class BrowserSSHApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class BrowserSSHApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserSSHApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: BrowserSSHApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + class BrowserSSHApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" @@ -981,6 +1345,49 @@ class BrowserSSHApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class BrowserSSHApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserSSHApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserSSHApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserSSHApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserSSHApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -994,6 +1401,12 @@ class BrowserSSHApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BrowserSSHApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1001,6 +1414,9 @@ class BrowserSSHApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BrowserSSHApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1233,9 +1649,21 @@ class BrowserVNCApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: BrowserVNCApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: BrowserVNCApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -1374,6 +1802,82 @@ class BrowserVNCApplicationDestinationViaMcpServerPortalDestination(TypedDict, t ] +class BrowserVNCApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class BrowserVNCApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserVNCApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: BrowserVNCApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + class BrowserVNCApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" @@ -1387,6 +1891,49 @@ class BrowserVNCApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class BrowserVNCApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserVNCApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserVNCApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserVNCApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserVNCApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -1400,6 +1947,12 @@ class BrowserVNCApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BrowserVNCApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1407,6 +1960,9 @@ class BrowserVNCApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BrowserVNCApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1661,26 +2217,78 @@ class AppLauncherApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ -class AppLauncherApplicationPolicyUnionMember2(TypedDict, total=False): - id: str - """The UUID of the policy""" +class AppLauncherApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" - approval_groups: Iterable[ApprovalGroupParam] - """Administrators who can approve a temporary authentication request.""" + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ - approval_required: bool + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] """ - Requires the user to request access from an administrator at the start of each - session. + Clipboard formats allowed when copying from remote RDP session to local machine. """ - isolation_required: bool + +class AppLauncherApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: AppLauncherApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class AppLauncherApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class AppLauncherApplicationPolicyUnionMember2(TypedDict, total=False): + id: str + """The UUID of the policy""" + + approval_groups: Iterable[ApprovalGroupParam] + """Administrators who can approve a temporary authentication request.""" + + approval_required: bool + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: AppLauncherApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + + isolation_required: bool """ Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature. """ + mfa_config: AppLauncherApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1773,6 +2381,49 @@ class DeviceEnrollmentPermissionsApplicationPolicyAccessAppPolicyLink(TypedDict, """ +class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -1786,6 +2437,12 @@ class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2(TypedDict, total= session. """ + connection_rules: DeviceEnrollmentPermissionsApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1793,6 +2450,9 @@ class DeviceEnrollmentPermissionsApplicationPolicyUnionMember2(TypedDict, total= this feature. """ + mfa_config: DeviceEnrollmentPermissionsApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -1887,6 +2547,49 @@ class BrowserIsolationPermissionsApplicationPolicyAccessAppPolicyLink(TypedDict, """ +class BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserIsolationPermissionsApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserIsolationPermissionsApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -1900,6 +2603,12 @@ class BrowserIsolationPermissionsApplicationPolicyUnionMember2(TypedDict, total= session. """ + connection_rules: BrowserIsolationPermissionsApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -1907,6 +2616,9 @@ class BrowserIsolationPermissionsApplicationPolicyUnionMember2(TypedDict, total= this feature. """ + mfa_config: BrowserIsolationPermissionsApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2010,6 +2722,49 @@ class GatewayIdentityProxyEndpointApplicationPolicyAccessAppPolicyLink(TypedDict """ +class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -2023,6 +2778,12 @@ class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2(TypedDict, total session. """ + connection_rules: GatewayIdentityProxyEndpointApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -2030,6 +2791,9 @@ class GatewayIdentityProxyEndpointApplicationPolicyUnionMember2(TypedDict, total this feature. """ + mfa_config: GatewayIdentityProxyEndpointApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2106,6 +2870,49 @@ class BookmarkApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ +class BookmarkApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BookmarkApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BookmarkApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BookmarkApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BookmarkApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -2119,6 +2926,12 @@ class BookmarkApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BookmarkApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -2126,6 +2939,9 @@ class BookmarkApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BookmarkApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2243,14 +3059,14 @@ class InfrastructureApplicationPolicy(TypedDict, total=False): """ -class BrowserRdpApplication(TypedDict, total=False): +class BrowserRDPApplication(TypedDict, total=False): domain: Required[str] """The primary hostname and path secured by Access. This domain will be displayed if the app is visible in the App Launcher. """ - target_criteria: Required[Iterable[BrowserRdpApplicationTargetCriterion]] + target_criteria: Required[Iterable[BrowserRDPApplicationTargetCriterion]] type: Required[ApplicationType] """The application type.""" @@ -2312,7 +3128,7 @@ class BrowserRdpApplication(TypedDict, total=False): custom_pages: SequenceNotStr[str] """The custom pages that will be displayed when applicable for this application""" - destinations: Iterable[BrowserRdpApplicationDestination] + destinations: Iterable[BrowserRDPApplicationDestination] """List of destinations secured by Access. This supersedes `self_hosted_domains` to allow for more flexibility in defining @@ -2335,9 +3151,21 @@ class BrowserRdpApplication(TypedDict, total=False): logo_url: str """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: BrowserRDPApplicationMfaConfig + """Configures multi-factor authentication (MFA) settings.""" + name: str """The name of the application.""" + oauth_configuration: BrowserRDPApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: bool """ Allows options preflight requests to bypass Access authentication and go @@ -2350,7 +3178,7 @@ class BrowserRdpApplication(TypedDict, total=False): If disabled, the JWT will scope to the hostname by default """ - policies: SequenceNotStr[BrowserRdpApplicationPolicy] + policies: SequenceNotStr[BrowserRDPApplicationPolicy] """ The policies that Access applies to the application, in ascending order of precedence. Items can reference existing policies or create new policies @@ -2374,7 +3202,7 @@ class BrowserRdpApplication(TypedDict, total=False): attacks. """ - scim_config: BrowserRdpApplicationSCIMConfig + scim_config: BrowserRDPApplicationSCIMConfig """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2416,7 +3244,7 @@ class BrowserRdpApplication(TypedDict, total=False): """ -class BrowserRdpApplicationTargetCriterion(TypedDict, total=False): +class BrowserRDPApplicationTargetCriterion(TypedDict, total=False): port: Required[int] """The port that the targets use for the chosen communication protocol. @@ -2430,7 +3258,7 @@ class BrowserRdpApplicationTargetCriterion(TypedDict, total=False): """Contains a map of target attribute keys to target attribute values.""" -class BrowserRdpApplicationDestinationPublicDestination(TypedDict, total=False): +class BrowserRDPApplicationDestinationPublicDestination(TypedDict, total=False): """A public hostname that Access will secure. Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. @@ -2446,7 +3274,7 @@ class BrowserRdpApplicationDestinationPublicDestination(TypedDict, total=False): """ -class BrowserRdpApplicationDestinationPrivateDestination(TypedDict, total=False): +class BrowserRDPApplicationDestinationPrivateDestination(TypedDict, total=False): cidr: str """The CIDR range of the destination. Single IPs will be computed as /32.""" @@ -2471,7 +3299,7 @@ class BrowserRdpApplicationDestinationPrivateDestination(TypedDict, total=False) """The VNET ID to match the destination. When omitted, all VNETs will match.""" -class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): +class BrowserRDPApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): """A MCP server id configured in ai-controls. Access will secure the MCP server if accessed through a MCP portal. @@ -2483,14 +3311,90 @@ class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(TypedDict, t type: Literal["via_mcp_server_portal"] -BrowserRdpApplicationDestination: TypeAlias = Union[ - BrowserRdpApplicationDestinationPublicDestination, - BrowserRdpApplicationDestinationPrivateDestination, - BrowserRdpApplicationDestinationViaMcpServerPortalDestination, +BrowserRDPApplicationDestination: TypeAlias = Union[ + BrowserRDPApplicationDestinationPublicDestination, + BrowserRDPApplicationDestinationPrivateDestination, + BrowserRDPApplicationDestinationViaMcpServerPortalDestination, ] -class BrowserRdpApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): +class BrowserRDPApplicationMfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class BrowserRDPApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserRDPApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: BrowserRDPApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + +class BrowserRDPApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """A JSON that links a reusable policy to an application.""" id: str @@ -2503,7 +3407,50 @@ class BrowserRdpApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): """ -class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): +class BrowserRDPApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserRDPApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: BrowserRDPApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserRDPApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationPolicyUnionMember2(TypedDict, total=False): id: str """The UUID of the policy""" @@ -2516,6 +3463,12 @@ class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): session. """ + connection_rules: BrowserRDPApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -2523,6 +3476,909 @@ class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): this feature. """ + mfa_config: BrowserRDPApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: str + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: bool + """Require users to enter a justification when they log in to the application.""" + + session_duration: str + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + +BrowserRDPApplicationPolicy: TypeAlias = Union[ + BrowserRDPApplicationPolicyAccessAppPolicyLink, str, BrowserRDPApplicationPolicyUnionMember2 +] + + +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +BrowserRDPApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + Iterable[BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class BrowserRDPApplicationSCIMConfig(TypedDict, total=False): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: Required[str] + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: Required[str] + """The base URI for the application's SCIM-compatible API.""" + + authentication: BrowserRDPApplicationSCIMConfigAuthentication + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: bool + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: bool + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Iterable[SCIMConfigMappingParam] + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerApplication(TypedDict, total=False): + type: Required[ApplicationType] + """The application type.""" + + account_id: str + """The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.""" + + zone_id: str + """The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.""" + + allow_authenticate_via_warp: bool + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: SequenceNotStr[AllowedIdPs] + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + auto_redirect_to_identity: bool + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: str + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: SequenceNotStr[str] + """The custom pages that will be displayed when applicable for this application""" + + destinations: Iterable[McpServerApplicationDestination] + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + http_only_cookie_attribute: bool + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: str + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: str + """The name of the application.""" + + oauth_configuration: McpServerApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: bool + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: SequenceNotStr[McpServerApplicationPolicy] + """ + The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + """ + + same_site_cookie_attribute: str + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: McpServerApplicationSCIMConfig + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: str + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: SequenceNotStr[str] + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerApplicationDestinationPublicDestination(TypedDict, total=False): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Literal["public"] + + uri: str + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerApplicationDestinationPrivateDestination(TypedDict, total=False): + cidr: str + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: str + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Literal["tcp", "udp"] + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: str + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Literal["private"] + + vnet_id: str + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: str + """The MCP server id configured in ai-controls.""" + + type: Literal["via_mcp_server_portal"] + + +McpServerApplicationDestination: TypeAlias = Union[ + McpServerApplicationDestinationPublicDestination, + McpServerApplicationDestinationPrivateDestination, + McpServerApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class McpServerApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: McpServerApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: McpServerApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + +class McpServerApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): + """A JSON that links a reusable policy to an application.""" + + id: str + """The UUID of the policy""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + +class McpServerApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: McpServerApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerApplicationPolicyUnionMember2(TypedDict, total=False): + id: str + """The UUID of the policy""" + + approval_groups: Iterable[ApprovalGroupParam] + """Administrators who can approve a temporary authentication request.""" + + approval_required: bool + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: McpServerApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + + isolation_required: bool + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: McpServerApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: str + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: bool + """Require users to enter a justification when they log in to the application.""" + + session_duration: str + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + +McpServerApplicationPolicy: TypeAlias = Union[ + McpServerApplicationPolicyAccessAppPolicyLink, str, McpServerApplicationPolicyUnionMember2 +] + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + TypedDict, total=False +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: Required[str] + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: Required[str] + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Required[Literal["access_service_token"]] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasicParam, + SCIMConfigAuthenticationOAuthBearerTokenParam, + SCIMConfigAuthenticationOauth2Param, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + Iterable[McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerApplicationSCIMConfig(TypedDict, total=False): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: Required[str] + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: Required[str] + """The base URI for the application's SCIM-compatible API.""" + + authentication: McpServerApplicationSCIMConfigAuthentication + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: bool + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: bool + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Iterable[SCIMConfigMappingParam] + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerPortalApplication(TypedDict, total=False): + type: Required[ApplicationType] + """The application type.""" + + account_id: str + """The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.""" + + zone_id: str + """The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.""" + + allow_authenticate_via_warp: bool + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: SequenceNotStr[AllowedIdPs] + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + auto_redirect_to_identity: bool + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: str + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: str + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: SequenceNotStr[str] + """The custom pages that will be displayed when applicable for this application""" + + destinations: Iterable[McpServerPortalApplicationDestination] + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + domain: str + """The primary hostname and path secured by Access. + + This domain will be displayed if the app is visible in the App Launcher. + """ + + http_only_cookie_attribute: bool + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: str + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: str + """The name of the application.""" + + oauth_configuration: McpServerPortalApplicationOAuthConfiguration + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: bool + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: SequenceNotStr[McpServerPortalApplicationPolicy] + """ + The policies that Access applies to the application, in ascending order of + precedence. Items can reference existing policies or create new policies + exclusive to the application. + """ + + same_site_cookie_attribute: str + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: McpServerPortalApplicationSCIMConfig + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: str + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: SequenceNotStr[str] + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerPortalApplicationDestinationPublicDestination(TypedDict, total=False): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Literal["public"] + + uri: str + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerPortalApplicationDestinationPrivateDestination(TypedDict, total=False): + cidr: str + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: str + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Literal["tcp", "udp"] + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: str + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Literal["private"] + + vnet_id: str + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerPortalApplicationDestinationViaMcpServerPortalDestination(TypedDict, total=False): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: str + """The MCP server id configured in ai-controls.""" + + type: Literal["via_mcp_server_portal"] + + +McpServerPortalApplicationDestination: TypeAlias = Union[ + McpServerPortalApplicationDestinationPublicDestination, + McpServerPortalApplicationDestinationPrivateDestination, + McpServerPortalApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration(TypedDict, total=False): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: bool + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: bool + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: SequenceNotStr[str] + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: bool + """Whether dynamic client registration is enabled.""" + + +class McpServerPortalApplicationOAuthConfigurationGrant(TypedDict, total=False): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: str + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: str + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerPortalApplicationOAuthConfiguration(TypedDict, total=False): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration + """Settings for OAuth dynamic client registration.""" + + enabled: bool + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: McpServerPortalApplicationOAuthConfigurationGrant + """Settings for OAuth grant behavior.""" + + +class McpServerPortalApplicationPolicyAccessAppPolicyLink(TypedDict, total=False): + """A JSON that links a reusable policy to an application.""" + + id: str + """The UUID of the policy""" + + precedence: int + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + +class McpServerPortalApplicationPolicyUnionMember2ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerPortalApplicationPolicyUnionMember2ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: McpServerPortalApplicationPolicyUnionMember2ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerPortalApplicationPolicyUnionMember2MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerPortalApplicationPolicyUnionMember2(TypedDict, total=False): + id: str + """The UUID of the policy""" + + approval_groups: Iterable[ApprovalGroupParam] + """Administrators who can approve a temporary authentication request.""" + + approval_required: bool + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: McpServerPortalApplicationPolicyUnionMember2ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + + isolation_required: bool + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: McpServerPortalApplicationPolicyUnionMember2MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -2543,12 +4399,12 @@ class BrowserRdpApplicationPolicyUnionMember2(TypedDict, total=False): """ -BrowserRdpApplicationPolicy: TypeAlias = Union[ - BrowserRdpApplicationPolicyAccessAppPolicyLink, str, BrowserRdpApplicationPolicyUnionMember2 +McpServerPortalApplicationPolicy: TypeAlias = Union[ + McpServerPortalApplicationPolicyAccessAppPolicyLink, str, McpServerPortalApplicationPolicyUnionMember2 ] -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( TypedDict, total=False ): """ @@ -2571,7 +4427,7 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticatio """The authentication scheme to use when making SCIM requests to this application.""" -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( TypedDict, total=False ): """ @@ -2594,23 +4450,23 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenti """The authentication scheme to use when making SCIM requests to this application.""" -BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ +McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasicParam, SCIMConfigAuthenticationOAuthBearerTokenParam, SCIMConfigAuthenticationOauth2Param, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, ] -BrowserRdpApplicationSCIMConfigAuthentication: TypeAlias = Union[ +McpServerPortalApplicationSCIMConfigAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasicParam, SCIMConfigAuthenticationOAuthBearerTokenParam, SCIMConfigAuthenticationOauth2Param, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, - Iterable[BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + Iterable[McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], ] -class BrowserRdpApplicationSCIMConfig(TypedDict, total=False): +class McpServerPortalApplicationSCIMConfig(TypedDict, total=False): """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2625,7 +4481,7 @@ class BrowserRdpApplicationSCIMConfig(TypedDict, total=False): remote_uri: Required[str] """The base URI for the application's SCIM-compatible API.""" - authentication: BrowserRdpApplicationSCIMConfigAuthentication + authentication: McpServerPortalApplicationSCIMConfigAuthentication """ Attributes for configuring HTTP Basic authentication scheme for SCIM provisioning to an application. @@ -2659,5 +4515,7 @@ class BrowserRdpApplicationSCIMConfig(TypedDict, total=False): GatewayIdentityProxyEndpointApplication, BookmarkApplication, InfrastructureApplication, - BrowserRdpApplication, + BrowserRDPApplication, + McpServerApplication, + McpServerPortalApplication, ] diff --git a/src/cloudflare/types/zero_trust/access/application_update_response.py b/src/cloudflare/types/zero_trust/access/application_update_response.py index f5fed2c82a5..fb3ebf8f7bf 100644 --- a/src/cloudflare/types/zero_trust/access/application_update_response.py +++ b/src/cloudflare/types/zero_trust/access/application_update_response.py @@ -26,7 +26,14 @@ "SelfHostedApplicationDestinationPublicDestination", "SelfHostedApplicationDestinationPrivateDestination", "SelfHostedApplicationDestinationViaMcpServerPortalDestination", + "SelfHostedApplicationMfaConfig", + "SelfHostedApplicationOAuthConfiguration", + "SelfHostedApplicationOAuthConfigurationDynamicClientRegistration", + "SelfHostedApplicationOAuthConfigurationGrant", "SelfHostedApplicationPolicy", + "SelfHostedApplicationPolicyConnectionRules", + "SelfHostedApplicationPolicyConnectionRulesRDP", + "SelfHostedApplicationPolicyMfaConfig", "SelfHostedApplicationSCIMConfig", "SelfHostedApplicationSCIMConfigAuthentication", "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -34,6 +41,9 @@ "SelfHostedApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", "SaaSApplication", "SaaSApplicationPolicy", + "SaaSApplicationPolicyConnectionRules", + "SaaSApplicationPolicyConnectionRulesRDP", + "SaaSApplicationPolicyMfaConfig", "SaaSApplicationSaaSApp", "SaaSApplicationSCIMConfig", "SaaSApplicationSCIMConfigAuthentication", @@ -45,7 +55,14 @@ "BrowserSSHApplicationDestinationPublicDestination", "BrowserSSHApplicationDestinationPrivateDestination", "BrowserSSHApplicationDestinationViaMcpServerPortalDestination", + "BrowserSSHApplicationMfaConfig", + "BrowserSSHApplicationOAuthConfiguration", + "BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserSSHApplicationOAuthConfigurationGrant", "BrowserSSHApplicationPolicy", + "BrowserSSHApplicationPolicyConnectionRules", + "BrowserSSHApplicationPolicyConnectionRulesRDP", + "BrowserSSHApplicationPolicyMfaConfig", "BrowserSSHApplicationSCIMConfig", "BrowserSSHApplicationSCIMConfigAuthentication", "BrowserSSHApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -56,7 +73,14 @@ "BrowserVNCApplicationDestinationPublicDestination", "BrowserVNCApplicationDestinationPrivateDestination", "BrowserVNCApplicationDestinationViaMcpServerPortalDestination", + "BrowserVNCApplicationMfaConfig", + "BrowserVNCApplicationOAuthConfiguration", + "BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserVNCApplicationOAuthConfigurationGrant", "BrowserVNCApplicationPolicy", + "BrowserVNCApplicationPolicyConnectionRules", + "BrowserVNCApplicationPolicyConnectionRulesRDP", + "BrowserVNCApplicationPolicyMfaConfig", "BrowserVNCApplicationSCIMConfig", "BrowserVNCApplicationSCIMConfigAuthentication", "BrowserVNCApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", @@ -66,31 +90,87 @@ "AppLauncherApplicationFooterLink", "AppLauncherApplicationLandingPageDesign", "AppLauncherApplicationPolicy", + "AppLauncherApplicationPolicyConnectionRules", + "AppLauncherApplicationPolicyConnectionRulesRDP", + "AppLauncherApplicationPolicyMfaConfig", "DeviceEnrollmentPermissionsApplication", "DeviceEnrollmentPermissionsApplicationPolicy", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRules", + "DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP", + "DeviceEnrollmentPermissionsApplicationPolicyMfaConfig", "BrowserIsolationPermissionsApplication", "BrowserIsolationPermissionsApplicationPolicy", + "BrowserIsolationPermissionsApplicationPolicyConnectionRules", + "BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP", + "BrowserIsolationPermissionsApplicationPolicyMfaConfig", "GatewayIdentityProxyEndpointApplication", "GatewayIdentityProxyEndpointApplicationPolicy", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRules", + "GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP", + "GatewayIdentityProxyEndpointApplicationPolicyMfaConfig", "BookmarkApplication", "BookmarkApplicationPolicy", + "BookmarkApplicationPolicyConnectionRules", + "BookmarkApplicationPolicyConnectionRulesRDP", + "BookmarkApplicationPolicyMfaConfig", "InfrastructureApplication", "InfrastructureApplicationTargetCriterion", "InfrastructureApplicationPolicy", "InfrastructureApplicationPolicyConnectionRules", "InfrastructureApplicationPolicyConnectionRulesSSH", - "BrowserRdpApplication", - "BrowserRdpApplicationTargetCriterion", - "BrowserRdpApplicationDestination", - "BrowserRdpApplicationDestinationPublicDestination", - "BrowserRdpApplicationDestinationPrivateDestination", - "BrowserRdpApplicationDestinationViaMcpServerPortalDestination", - "BrowserRdpApplicationPolicy", - "BrowserRdpApplicationSCIMConfig", - "BrowserRdpApplicationSCIMConfigAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", - "BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplication", + "BrowserRDPApplicationTargetCriterion", + "BrowserRDPApplicationDestination", + "BrowserRDPApplicationDestinationPublicDestination", + "BrowserRDPApplicationDestinationPrivateDestination", + "BrowserRDPApplicationDestinationViaMcpServerPortalDestination", + "BrowserRDPApplicationMfaConfig", + "BrowserRDPApplicationOAuthConfiguration", + "BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration", + "BrowserRDPApplicationOAuthConfigurationGrant", + "BrowserRDPApplicationPolicy", + "BrowserRDPApplicationPolicyConnectionRules", + "BrowserRDPApplicationPolicyConnectionRulesRDP", + "BrowserRDPApplicationPolicyMfaConfig", + "BrowserRDPApplicationSCIMConfig", + "BrowserRDPApplicationSCIMConfigAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplication", + "McpServerApplicationDestination", + "McpServerApplicationDestinationPublicDestination", + "McpServerApplicationDestinationPrivateDestination", + "McpServerApplicationDestinationViaMcpServerPortalDestination", + "McpServerApplicationOAuthConfiguration", + "McpServerApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerApplicationOAuthConfigurationGrant", + "McpServerApplicationPolicy", + "McpServerApplicationPolicyConnectionRules", + "McpServerApplicationPolicyConnectionRulesRDP", + "McpServerApplicationPolicyMfaConfig", + "McpServerApplicationSCIMConfig", + "McpServerApplicationSCIMConfigAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplication", + "McpServerPortalApplicationDestination", + "McpServerPortalApplicationDestinationPublicDestination", + "McpServerPortalApplicationDestinationPrivateDestination", + "McpServerPortalApplicationDestinationViaMcpServerPortalDestination", + "McpServerPortalApplicationOAuthConfiguration", + "McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration", + "McpServerPortalApplicationOAuthConfigurationGrant", + "McpServerPortalApplicationPolicy", + "McpServerPortalApplicationPolicyConnectionRules", + "McpServerPortalApplicationPolicyConnectionRulesRDP", + "McpServerPortalApplicationPolicyMfaConfig", + "McpServerPortalApplicationSCIMConfig", + "McpServerPortalApplicationSCIMConfigAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication", + "McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken", ] @@ -154,6 +234,125 @@ class SelfHostedApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class SelfHostedApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class SelfHostedApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class SelfHostedApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class SelfHostedApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[SelfHostedApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[SelfHostedApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class SelfHostedApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SelfHostedApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SelfHostedApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SelfHostedApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SelfHostedApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -167,6 +366,12 @@ class SelfHostedApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SelfHostedApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -194,6 +399,9 @@ class SelfHostedApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SelfHostedApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -413,9 +621,21 @@ class SelfHostedApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[SelfHostedApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[SelfHostedApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -489,6 +709,49 @@ class SelfHostedApplication(BaseModel): """ +class SaaSApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class SaaSApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[SaaSApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class SaaSApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class SaaSApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -502,6 +765,12 @@ class SaaSApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[SaaSApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -529,6 +798,9 @@ class SaaSApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[SaaSApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -774,6 +1046,125 @@ class BrowserSSHApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserSSHApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserSSHApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserSSHApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserSSHApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserSSHApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserSSHApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserSSHApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserSSHApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserSSHApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserSSHApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -787,6 +1178,12 @@ class BrowserSSHApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserSSHApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -814,6 +1211,9 @@ class BrowserSSHApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserSSHApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1048,9 +1448,21 @@ class BrowserSSHApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserSSHApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserSSHApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1184,6 +1596,125 @@ class BrowserVNCApplicationDestinationViaMcpServerPortalDestination(BaseModel): ] +class BrowserVNCApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserVNCApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserVNCApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserVNCApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserVNCApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserVNCApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserVNCApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserVNCApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserVNCApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserVNCApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1197,6 +1728,12 @@ class BrowserVNCApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserVNCApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1224,6 +1761,9 @@ class BrowserVNCApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserVNCApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1458,9 +1998,21 @@ class BrowserVNCApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserVNCApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserVNCApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -1561,22 +2113,71 @@ class AppLauncherApplicationLandingPageDesign(BaseModel): """The title shown on the landing page.""" -class AppLauncherApplicationPolicy(BaseModel): - id: Optional[str] = None - """The UUID of the policy""" +class AppLauncherApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" - approval_groups: Optional[List[ApprovalGroup]] = None - """Administrators who can approve a temporary authentication request.""" + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ - approval_required: Optional[bool] = None + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None """ - Requires the user to request access from an administrator at the start of each - session. + Clipboard formats allowed when copying from remote RDP session to local machine. """ - created_at: Optional[datetime] = None - decision: Optional[Decision] = None +class AppLauncherApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[AppLauncherApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class AppLauncherApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class AppLauncherApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[AppLauncherApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None """The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. @@ -1601,6 +2202,9 @@ class AppLauncherApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[AppLauncherApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1723,6 +2327,49 @@ class AppLauncherApplication(BaseModel): """Determines when to skip the App Launcher landing page.""" +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class DeviceEnrollmentPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class DeviceEnrollmentPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1736,6 +2383,12 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[DeviceEnrollmentPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1763,6 +2416,9 @@ class DeviceEnrollmentPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[DeviceEnrollmentPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1852,6 +2508,49 @@ class DeviceEnrollmentPermissionsApplication(BaseModel): """ +class BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserIsolationPermissionsApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserIsolationPermissionsApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BrowserIsolationPermissionsApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1865,6 +2564,12 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserIsolationPermissionsApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -1892,6 +2597,9 @@ class BrowserIsolationPermissionsApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserIsolationPermissionsApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -1981,6 +2689,49 @@ class BrowserIsolationPermissionsApplication(BaseModel): """ +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class GatewayIdentityProxyEndpointApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class GatewayIdentityProxyEndpointApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -1994,6 +2745,12 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[GatewayIdentityProxyEndpointApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2021,6 +2778,9 @@ class GatewayIdentityProxyEndpointApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[GatewayIdentityProxyEndpointApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2110,6 +2870,49 @@ class GatewayIdentityProxyEndpointApplication(BaseModel): """ +class BookmarkApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BookmarkApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BookmarkApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BookmarkApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class BookmarkApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2123,6 +2926,12 @@ class BookmarkApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BookmarkApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2150,6 +2959,9 @@ class BookmarkApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BookmarkApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2310,7 +3122,7 @@ class InfrastructureApplication(BaseModel): policies: Optional[List[InfrastructureApplicationPolicy]] = None -class BrowserRdpApplicationTargetCriterion(BaseModel): +class BrowserRDPApplicationTargetCriterion(BaseModel): port: int """The port that the targets use for the chosen communication protocol. @@ -2324,7 +3136,7 @@ class BrowserRdpApplicationTargetCriterion(BaseModel): """Contains a map of target attribute keys to target attribute values.""" -class BrowserRdpApplicationDestinationPublicDestination(BaseModel): +class BrowserRDPApplicationDestinationPublicDestination(BaseModel): """A public hostname that Access will secure. Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. @@ -2340,7 +3152,7 @@ class BrowserRdpApplicationDestinationPublicDestination(BaseModel): """ -class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): +class BrowserRDPApplicationDestinationPrivateDestination(BaseModel): cidr: Optional[str] = None """The CIDR range of the destination. Single IPs will be computed as /32.""" @@ -2365,7 +3177,7 @@ class BrowserRdpApplicationDestinationPrivateDestination(BaseModel): """The VNET ID to match the destination. When omitted, all VNETs will match.""" -class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): +class BrowserRDPApplicationDestinationViaMcpServerPortalDestination(BaseModel): """A MCP server id configured in ai-controls. Access will secure the MCP server if accessed through a MCP portal. @@ -2377,14 +3189,133 @@ class BrowserRdpApplicationDestinationViaMcpServerPortalDestination(BaseModel): type: Optional[Literal["via_mcp_server_portal"]] = None -BrowserRdpApplicationDestination: TypeAlias = Union[ - BrowserRdpApplicationDestinationPublicDestination, - BrowserRdpApplicationDestinationPrivateDestination, - BrowserRdpApplicationDestinationViaMcpServerPortalDestination, +BrowserRDPApplicationDestination: TypeAlias = Union[ + BrowserRDPApplicationDestinationPublicDestination, + BrowserRDPApplicationDestinationPrivateDestination, + BrowserRDPApplicationDestinationViaMcpServerPortalDestination, ] -class BrowserRdpApplicationPolicy(BaseModel): +class BrowserRDPApplicationMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class BrowserRDPApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class BrowserRDPApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[BrowserRDPApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[BrowserRDPApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class BrowserRDPApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class BrowserRDPApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[BrowserRDPApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class BrowserRDPApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class BrowserRDPApplicationPolicy(BaseModel): id: Optional[str] = None """The UUID of the policy""" @@ -2397,6 +3328,12 @@ class BrowserRdpApplicationPolicy(BaseModel): session. """ + connection_rules: Optional[BrowserRDPApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -2424,6 +3361,9 @@ class BrowserRdpApplicationPolicy(BaseModel): this feature. """ + mfa_config: Optional[BrowserRDPApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" @@ -2455,7 +3395,7 @@ class BrowserRdpApplicationPolicy(BaseModel): updated_at: Optional[datetime] = None -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): """ Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. """ @@ -2476,7 +3416,7 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticatio """The authentication scheme to use when making SCIM requests to this application.""" -class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( +class BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( BaseModel ): """ @@ -2499,23 +3439,23 @@ class BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenti """The authentication scheme to use when making SCIM requests to this application.""" -BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, ] -BrowserRdpApplicationSCIMConfigAuthentication: TypeAlias = Union[ +BrowserRDPApplicationSCIMConfigAuthentication: TypeAlias = Union[ SCIMConfigAuthenticationHTTPBasic, SCIMConfigAuthenticationOAuthBearerToken, SCIMConfigAuthenticationOauth2, - BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, - List[BrowserRdpApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], + BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[BrowserRDPApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], ] -class BrowserRdpApplicationSCIMConfig(BaseModel): +class BrowserRDPApplicationSCIMConfig(BaseModel): """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2530,7 +3470,7 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): remote_uri: str """The base URI for the application's SCIM-compatible API.""" - authentication: Optional[BrowserRdpApplicationSCIMConfigAuthentication] = None + authentication: Optional[BrowserRDPApplicationSCIMConfigAuthentication] = None """ Attributes for configuring HTTP Basic authentication scheme for SCIM provisioning to an application. @@ -2553,14 +3493,14 @@ class BrowserRdpApplicationSCIMConfig(BaseModel): """ -class BrowserRdpApplication(BaseModel): +class BrowserRDPApplication(BaseModel): domain: str """The primary hostname and path secured by Access. This domain will be displayed if the app is visible in the App Launcher. """ - target_criteria: List[BrowserRdpApplicationTargetCriterion] + target_criteria: List[BrowserRDPApplicationTargetCriterion] type: ApplicationType """The application type.""" @@ -2622,7 +3562,7 @@ class BrowserRdpApplication(BaseModel): custom_pages: Optional[List[str]] = None """The custom pages that will be displayed when applicable for this application""" - destinations: Optional[List[BrowserRdpApplicationDestination]] = None + destinations: Optional[List[BrowserRDPApplicationDestination]] = None """List of destinations secured by Access. This supersedes `self_hosted_domains` to allow for more flexibility in defining @@ -2645,9 +3585,21 @@ class BrowserRdpApplication(BaseModel): logo_url: Optional[str] = None """The image URL for the logo shown in the App Launcher dashboard.""" + mfa_config: Optional[BrowserRDPApplicationMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the application.""" + oauth_configuration: Optional[BrowserRDPApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + options_preflight_bypass: Optional[bool] = None """ Allows options preflight requests to bypass Access authentication and go @@ -2660,7 +3612,7 @@ class BrowserRdpApplication(BaseModel): If disabled, the JWT will scope to the hostname by default """ - policies: Optional[List[BrowserRdpApplicationPolicy]] = None + policies: Optional[List[BrowserRDPApplicationPolicy]] = None read_service_tokens_from_header: Optional[str] = None """ @@ -2679,7 +3631,7 @@ class BrowserRdpApplication(BaseModel): attacks. """ - scim_config: Optional[BrowserRdpApplicationSCIMConfig] = None + scim_config: Optional[BrowserRDPApplicationSCIMConfig] = None """Configuration for provisioning to this application via SCIM. This is currently in closed beta. @@ -2721,6 +3673,918 @@ class BrowserRdpApplication(BaseModel): """ +class McpServerApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerApplicationDestination: TypeAlias = Union[ + McpServerApplicationDestinationPublicDestination, + McpServerApplicationDestinationPrivateDestination, + McpServerApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + +class McpServerPortalApplicationDestinationPublicDestination(BaseModel): + """A public hostname that Access will secure. + + Public destinations support sub-domain and path. Wildcard '*' can be used in the definition. + """ + + type: Optional[Literal["public"]] = None + + uri: Optional[str] = None + """The URI of the destination. + + Public destinations' URIs can include a domain and path with + [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/). + """ + + +class McpServerPortalApplicationDestinationPrivateDestination(BaseModel): + cidr: Optional[str] = None + """The CIDR range of the destination. Single IPs will be computed as /32.""" + + hostname: Optional[str] = None + """The hostname of the destination. Matches a valid SNI served by an HTTPS origin.""" + + l4_protocol: Optional[Literal["tcp", "udp"]] = None + """The L4 protocol of the destination. + + When omitted, both UDP and TCP traffic will match. + """ + + port_range: Optional[str] = None + """The port range of the destination. + + Can be a single port or a range of ports. When omitted, all ports will match. + """ + + type: Optional[Literal["private"]] = None + + vnet_id: Optional[str] = None + """The VNET ID to match the destination. When omitted, all VNETs will match.""" + + +class McpServerPortalApplicationDestinationViaMcpServerPortalDestination(BaseModel): + """A MCP server id configured in ai-controls. + + Access will secure the MCP server if accessed through a MCP portal. + """ + + mcp_server_id: Optional[str] = None + """The MCP server id configured in ai-controls.""" + + type: Optional[Literal["via_mcp_server_portal"]] = None + + +McpServerPortalApplicationDestination: TypeAlias = Union[ + McpServerPortalApplicationDestinationPublicDestination, + McpServerPortalApplicationDestinationPrivateDestination, + McpServerPortalApplicationDestinationViaMcpServerPortalDestination, +] + + +class McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration(BaseModel): + """Settings for OAuth dynamic client registration.""" + + allow_any_on_localhost: Optional[bool] = None + """Allows any client with redirect URIs on localhost.""" + + allow_any_on_loopback: Optional[bool] = None + """Allows any client with redirect URIs on 127.0.0.1.""" + + allowed_uris: Optional[List[str]] = None + """The URIs that are allowed as redirect URIs for dynamically registered clients. + + Must use the `https` protocol. Paths may end in `/*` to match all sub-paths. + """ + + enabled: Optional[bool] = None + """Whether dynamic client registration is enabled.""" + + +class McpServerPortalApplicationOAuthConfigurationGrant(BaseModel): + """Settings for OAuth grant behavior.""" + + access_token_lifetime: Optional[str] = None + """The lifetime of the access token. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + session_duration: Optional[str] = None + """The duration of the OAuth session. + + Must be in the format `300ms` or `2h45m`. Valid time units are ns, us (or µs), + ms, s, m, h. + """ + + +class McpServerPortalApplicationOAuthConfiguration(BaseModel): + """ + **Beta:** Optional configuration for managing an OAuth authorization flow controlled by Access. When set, Access will act as the OAuth authorization server for this application. Only compatible with OAuth clients that support [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators for OAuth 2.0). This feature is currently in beta. + """ + + dynamic_client_registration: Optional[McpServerPortalApplicationOAuthConfigurationDynamicClientRegistration] = None + """Settings for OAuth dynamic client registration.""" + + enabled: Optional[bool] = None + """Whether the OAuth configuration is enabled for this application. + + When set to `false`, Access will not handle OAuth for this application. Defaults + to `true` if omitted. + """ + + grant: Optional[McpServerPortalApplicationOAuthConfigurationGrant] = None + """Settings for OAuth grant behavior.""" + + +class McpServerPortalApplicationPolicyConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class McpServerPortalApplicationPolicyConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[McpServerPortalApplicationPolicyConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class McpServerPortalApplicationPolicyMfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + +class McpServerPortalApplicationPolicy(BaseModel): + id: Optional[str] = None + """The UUID of the policy""" + + approval_groups: Optional[List[ApprovalGroup]] = None + """Administrators who can approve a temporary authentication request.""" + + approval_required: Optional[bool] = None + """ + Requires the user to request access from an administrator at the start of each + session. + """ + + connection_rules: Optional[McpServerPortalApplicationPolicyConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + + created_at: Optional[datetime] = None + + decision: Optional[Decision] = None + """The action Access will take if a user matches this policy. + + Infrastructure application policies can only use the Allow action. + """ + + exclude: Optional[List[AccessRule]] = None + """Rules evaluated with a NOT logical operator. + + To match the policy, a user cannot meet any of the Exclude rules. + """ + + include: Optional[List[AccessRule]] = None + """Rules evaluated with an OR logical operator. + + A user needs to meet only one of the Include rules. + """ + + isolation_required: Optional[bool] = None + """ + Require this application to be served in an isolated browser for users matching + this policy. 'Client Web Isolation' must be on for the account in order to use + this feature. + """ + + mfa_config: Optional[McpServerPortalApplicationPolicyMfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + + name: Optional[str] = None + """The name of the Access policy.""" + + precedence: Optional[int] = None + """The order of execution for this policy. + + Must be unique for each policy within an app. + """ + + purpose_justification_prompt: Optional[str] = None + """A custom message that will appear on the purpose justification screen.""" + + purpose_justification_required: Optional[bool] = None + """Require users to enter a justification when they log in to the application.""" + + require: Optional[List[AccessRule]] = None + """Rules evaluated with an AND logical operator. + + To match the policy, a user must meet all of the Require rules. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for the application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. + """ + + updated_at: Optional[datetime] = None + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken(BaseModel): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +class McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken( + BaseModel +): + """ + Attributes for configuring Access Service Token authentication scheme for SCIM provisioning to an application. + """ + + client_id: str + """ + Client ID of the Access service token used to authenticate with the remote + service. + """ + + client_secret: str + """ + Client secret of the Access service token used to authenticate with the remote + service. + """ + + scheme: Literal["access_service_token"] + """The authentication scheme to use when making SCIM requests to this application.""" + + +McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, +] + +McpServerPortalApplicationSCIMConfigAuthentication: TypeAlias = Union[ + SCIMConfigAuthenticationHTTPBasic, + SCIMConfigAuthenticationOAuthBearerToken, + SCIMConfigAuthenticationOauth2, + McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigAuthenticationAccessServiceToken, + List[McpServerPortalApplicationSCIMConfigAuthenticationAccessSCIMConfigMultiAuthentication], +] + + +class McpServerPortalApplicationSCIMConfig(BaseModel): + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + idp_uid: str + """ + The UID of the IdP to use as the source for SCIM resources to provision to this + application. + """ + + remote_uri: str + """The base URI for the application's SCIM-compatible API.""" + + authentication: Optional[McpServerPortalApplicationSCIMConfigAuthentication] = None + """ + Attributes for configuring HTTP Basic authentication scheme for SCIM + provisioning to an application. + """ + + deactivate_on_delete: Optional[bool] = None + """ + If false, propagates DELETE requests to the target application for SCIM + resources. If true, sets 'active' to false on the SCIM resource. Note: Some + targets do not support DELETE operations. + """ + + enabled: Optional[bool] = None + """Whether SCIM provisioning is turned on for this application.""" + + mappings: Optional[List[SCIMConfigMapping]] = None + """ + A list of mappings to apply to SCIM resources before provisioning them in this + application. These can transform or filter the resources to be provisioned. + """ + + +class McpServerPortalApplication(BaseModel): + type: ApplicationType + """The application type.""" + + id: Optional[str] = None + """UUID.""" + + allow_authenticate_via_warp: Optional[bool] = None + """ + When set to true, users can authenticate to this application using their WARP + session. When set to false this application will always require direct IdP + authentication. This setting always overrides the organization setting for WARP + authentication. + """ + + allowed_idps: Optional[List[AllowedIdPs]] = None + """The identity providers your users can select when connecting to this + application. + + Defaults to all IdPs configured in your account. + """ + + aud: Optional[str] = None + """Audience tag.""" + + auto_redirect_to_identity: Optional[bool] = None + """When set to `true`, users skip the identity provider selection step during + login. + + You must specify only one identity provider in allowed_idps. + """ + + custom_deny_message: Optional[str] = None + """ + The custom error message shown to a user when they are denied access to the + application. + """ + + custom_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing identity-based rules. + """ + + custom_non_identity_deny_url: Optional[str] = None + """ + The custom URL a user is redirected to when they are denied access to the + application when failing non-identity rules. + """ + + custom_pages: Optional[List[str]] = None + """The custom pages that will be displayed when applicable for this application""" + + destinations: Optional[List[McpServerPortalApplicationDestination]] = None + """List of destinations secured by Access. + + This supersedes `self_hosted_domains` to allow for more flexibility in defining + different types of domains. If `destinations` are provided, then + `self_hosted_domains` will be ignored. + """ + + domain: Optional[str] = None + """The primary hostname and path secured by Access. + + This domain will be displayed if the app is visible in the App Launcher. + """ + + http_only_cookie_attribute: Optional[bool] = None + """ + Enables the HttpOnly cookie attribute, which increases security against XSS + attacks. + """ + + logo_url: Optional[str] = None + """The image URL for the logo shown in the App Launcher dashboard.""" + + name: Optional[str] = None + """The name of the application.""" + + oauth_configuration: Optional[McpServerPortalApplicationOAuthConfiguration] = None + """ + **Beta:** Optional configuration for managing an OAuth authorization flow + controlled by Access. When set, Access will act as the OAuth authorization + server for this application. Only compatible with OAuth clients that support + [RFC 8707](https://datatracker.ietf.org/doc/html/rfc8707) (Resource Indicators + for OAuth 2.0). This feature is currently in beta. + """ + + options_preflight_bypass: Optional[bool] = None + """ + Allows options preflight requests to bypass Access authentication and go + directly to the origin. Cannot turn on if cors_headers is set. + """ + + policies: Optional[List[McpServerPortalApplicationPolicy]] = None + + same_site_cookie_attribute: Optional[str] = None + """ + Sets the SameSite cookie setting, which provides increased security against CSRF + attacks. + """ + + scim_config: Optional[McpServerPortalApplicationSCIMConfig] = None + """Configuration for provisioning to this application via SCIM. + + This is currently in closed beta. + """ + + session_duration: Optional[str] = None + """The amount of time that tokens issued for this application will be valid. + + Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), + ms, s, m, h. Note: unsupported for infrastructure type applications. + """ + + tags: Optional[List[str]] = None + """The tags you want assigned to an application. + + Tags are used to filter applications in the App Launcher dashboard. + """ + + ApplicationUpdateResponse: TypeAlias = Union[ SelfHostedApplication, SaaSApplication, @@ -2732,5 +4596,7 @@ class BrowserRdpApplication(BaseModel): GatewayIdentityProxyEndpointApplication, BookmarkApplication, InfrastructureApplication, - BrowserRdpApplication, + BrowserRDPApplication, + McpServerApplication, + McpServerPortalApplication, ] diff --git a/src/cloudflare/types/zero_trust/access/applications/policy_create_params.py b/src/cloudflare/types/zero_trust/access/applications/policy_create_params.py index cce9bcc3c24..9dd797afa07 100644 --- a/src/cloudflare/types/zero_trust/access/applications/policy_create_params.py +++ b/src/cloudflare/types/zero_trust/access/applications/policy_create_params.py @@ -2,12 +2,12 @@ from __future__ import annotations -from typing import Iterable -from typing_extensions import TypedDict +from typing import List, Iterable +from typing_extensions import Literal, TypedDict from ..approval_group_param import ApprovalGroupParam -__all__ = ["PolicyCreateParams"] +__all__ = ["PolicyCreateParams", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] class PolicyCreateParams(TypedDict, total=False): @@ -26,6 +26,12 @@ class PolicyCreateParams(TypedDict, total=False): session. """ + connection_rules: ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -33,6 +39,9 @@ class PolicyCreateParams(TypedDict, total=False): this feature. """ + mfa_config: MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -51,3 +60,46 @@ class PolicyCreateParams(TypedDict, total=False): Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s, m, h. """ + + +class ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ diff --git a/src/cloudflare/types/zero_trust/access/applications/policy_create_response.py b/src/cloudflare/types/zero_trust/access/applications/policy_create_response.py index d96df3960f3..05d87c5ee24 100644 --- a/src/cloudflare/types/zero_trust/access/applications/policy_create_response.py +++ b/src/cloudflare/types/zero_trust/access/applications/policy_create_response.py @@ -2,13 +2,57 @@ from typing import List, Optional from datetime import datetime +from typing_extensions import Literal from ..decision import Decision from ....._models import BaseModel from .access_rule import AccessRule from ..approval_group import ApprovalGroup -__all__ = ["PolicyCreateResponse"] +__all__ = ["PolicyCreateResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyCreateResponse(BaseModel): @@ -24,6 +68,12 @@ class PolicyCreateResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -51,6 +101,9 @@ class PolicyCreateResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/applications/policy_get_response.py b/src/cloudflare/types/zero_trust/access/applications/policy_get_response.py index 7b27ed567d0..4bc53c6fe31 100644 --- a/src/cloudflare/types/zero_trust/access/applications/policy_get_response.py +++ b/src/cloudflare/types/zero_trust/access/applications/policy_get_response.py @@ -2,13 +2,57 @@ from typing import List, Optional from datetime import datetime +from typing_extensions import Literal from ..decision import Decision from ....._models import BaseModel from .access_rule import AccessRule from ..approval_group import ApprovalGroup -__all__ = ["PolicyGetResponse"] +__all__ = ["PolicyGetResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyGetResponse(BaseModel): @@ -24,6 +68,12 @@ class PolicyGetResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -51,6 +101,9 @@ class PolicyGetResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/applications/policy_list_response.py b/src/cloudflare/types/zero_trust/access/applications/policy_list_response.py index 1ff32096707..2ab9487d994 100644 --- a/src/cloudflare/types/zero_trust/access/applications/policy_list_response.py +++ b/src/cloudflare/types/zero_trust/access/applications/policy_list_response.py @@ -2,13 +2,57 @@ from typing import List, Optional from datetime import datetime +from typing_extensions import Literal from ..decision import Decision from ....._models import BaseModel from .access_rule import AccessRule from ..approval_group import ApprovalGroup -__all__ = ["PolicyListResponse"] +__all__ = ["PolicyListResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyListResponse(BaseModel): @@ -24,6 +68,12 @@ class PolicyListResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -51,6 +101,9 @@ class PolicyListResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/applications/policy_test_create_params.py b/src/cloudflare/types/zero_trust/access/applications/policy_test_create_params.py index 48bcd3e185d..26bb9d12cda 100755 --- a/src/cloudflare/types/zero_trust/access/applications/policy_test_create_params.py +++ b/src/cloudflare/types/zero_trust/access/applications/policy_test_create_params.py @@ -2,15 +2,22 @@ from __future__ import annotations -from typing import Union, Iterable -from typing_extensions import Required, TypeAlias, TypedDict +from typing import List, Union, Iterable +from typing_extensions import Literal, Required, TypeAlias, TypedDict from ..decision import Decision from ....._types import SequenceNotStr from .access_rule_param import AccessRuleParam from ..approval_group_param import ApprovalGroupParam -__all__ = ["PolicyTestCreateParams", "Policy", "PolicyUnionMember0"] +__all__ = [ + "PolicyTestCreateParams", + "Policy", + "PolicyUnionMember0", + "PolicyUnionMember0ConnectionRules", + "PolicyUnionMember0ConnectionRulesRDP", + "PolicyUnionMember0MfaConfig", +] class PolicyTestCreateParams(TypedDict, total=False): @@ -20,6 +27,49 @@ class PolicyTestCreateParams(TypedDict, total=False): policies: SequenceNotStr[Policy] +class PolicyUnionMember0ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class PolicyUnionMember0ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: PolicyUnionMember0ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class PolicyUnionMember0MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class PolicyUnionMember0(TypedDict, total=False): decision: Required[Decision] """The action Access will take if a user matches this policy. @@ -45,6 +95,12 @@ class PolicyUnionMember0(TypedDict, total=False): session. """ + connection_rules: PolicyUnionMember0ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + exclude: Iterable[AccessRuleParam] """Rules evaluated with a NOT logical operator. @@ -58,6 +114,9 @@ class PolicyUnionMember0(TypedDict, total=False): this feature. """ + mfa_config: PolicyUnionMember0MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + purpose_justification_prompt: str """A custom message that will appear on the purpose justification screen.""" diff --git a/src/cloudflare/types/zero_trust/access/applications/policy_update_params.py b/src/cloudflare/types/zero_trust/access/applications/policy_update_params.py index 20e48498060..c659d26c501 100644 --- a/src/cloudflare/types/zero_trust/access/applications/policy_update_params.py +++ b/src/cloudflare/types/zero_trust/access/applications/policy_update_params.py @@ -2,12 +2,12 @@ from __future__ import annotations -from typing import Iterable -from typing_extensions import Required, TypedDict +from typing import List, Iterable +from typing_extensions import Literal, Required, TypedDict from ..approval_group_param import ApprovalGroupParam -__all__ = ["PolicyUpdateParams"] +__all__ = ["PolicyUpdateParams", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] class PolicyUpdateParams(TypedDict, total=False): @@ -29,6 +29,12 @@ class PolicyUpdateParams(TypedDict, total=False): session. """ + connection_rules: ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + isolation_required: bool """ Require this application to be served in an isolated browser for users matching @@ -36,6 +42,9 @@ class PolicyUpdateParams(TypedDict, total=False): this feature. """ + mfa_config: MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + precedence: int """The order of execution for this policy. @@ -54,3 +63,46 @@ class PolicyUpdateParams(TypedDict, total=False): Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s, m, h. """ + + +class ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ diff --git a/src/cloudflare/types/zero_trust/access/applications/policy_update_response.py b/src/cloudflare/types/zero_trust/access/applications/policy_update_response.py index 1956319b54e..00c9ac9a19a 100644 --- a/src/cloudflare/types/zero_trust/access/applications/policy_update_response.py +++ b/src/cloudflare/types/zero_trust/access/applications/policy_update_response.py @@ -2,13 +2,57 @@ from typing import List, Optional from datetime import datetime +from typing_extensions import Literal from ..decision import Decision from ....._models import BaseModel from .access_rule import AccessRule from ..approval_group import ApprovalGroup -__all__ = ["PolicyUpdateResponse"] +__all__ = ["PolicyUpdateResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyUpdateResponse(BaseModel): @@ -24,6 +68,12 @@ class PolicyUpdateResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -51,6 +101,9 @@ class PolicyUpdateResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/policy_create_params.py b/src/cloudflare/types/zero_trust/access/policy_create_params.py index abeceb70ae1..a9c3015f40a 100644 --- a/src/cloudflare/types/zero_trust/access/policy_create_params.py +++ b/src/cloudflare/types/zero_trust/access/policy_create_params.py @@ -2,14 +2,14 @@ from __future__ import annotations -from typing import Iterable -from typing_extensions import Required, TypedDict +from typing import List, Iterable +from typing_extensions import Literal, Required, TypedDict from .decision import Decision from .approval_group_param import ApprovalGroupParam from .applications.access_rule_param import AccessRuleParam -__all__ = ["PolicyCreateParams"] +__all__ = ["PolicyCreateParams", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] class PolicyCreateParams(TypedDict, total=False): @@ -40,6 +40,12 @@ class PolicyCreateParams(TypedDict, total=False): session. """ + connection_rules: ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + exclude: Iterable[AccessRuleParam] """Rules evaluated with a NOT logical operator. @@ -53,6 +59,9 @@ class PolicyCreateParams(TypedDict, total=False): this feature. """ + mfa_config: MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + purpose_justification_prompt: str """A custom message that will appear on the purpose justification screen.""" @@ -71,3 +80,46 @@ class PolicyCreateParams(TypedDict, total=False): Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s, m, h. """ + + +class ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ diff --git a/src/cloudflare/types/zero_trust/access/policy_create_response.py b/src/cloudflare/types/zero_trust/access/policy_create_response.py index 0b3aed6220d..aec26906ba5 100644 --- a/src/cloudflare/types/zero_trust/access/policy_create_response.py +++ b/src/cloudflare/types/zero_trust/access/policy_create_response.py @@ -9,7 +9,50 @@ from .approval_group import ApprovalGroup from .applications.access_rule import AccessRule -__all__ = ["PolicyCreateResponse"] +__all__ = ["PolicyCreateResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyCreateResponse(BaseModel): @@ -28,6 +71,12 @@ class PolicyCreateResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -55,6 +104,9 @@ class PolicyCreateResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/policy_get_response.py b/src/cloudflare/types/zero_trust/access/policy_get_response.py index 0c51e5cca00..966a199fbe6 100644 --- a/src/cloudflare/types/zero_trust/access/policy_get_response.py +++ b/src/cloudflare/types/zero_trust/access/policy_get_response.py @@ -9,7 +9,50 @@ from .approval_group import ApprovalGroup from .applications.access_rule import AccessRule -__all__ = ["PolicyGetResponse"] +__all__ = ["PolicyGetResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyGetResponse(BaseModel): @@ -28,6 +71,12 @@ class PolicyGetResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -55,6 +104,9 @@ class PolicyGetResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/policy_list_response.py b/src/cloudflare/types/zero_trust/access/policy_list_response.py index af20dea0f36..39477e671db 100644 --- a/src/cloudflare/types/zero_trust/access/policy_list_response.py +++ b/src/cloudflare/types/zero_trust/access/policy_list_response.py @@ -9,7 +9,50 @@ from .approval_group import ApprovalGroup from .applications.access_rule import AccessRule -__all__ = ["PolicyListResponse"] +__all__ = ["PolicyListResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyListResponse(BaseModel): @@ -28,6 +71,12 @@ class PolicyListResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -55,6 +104,9 @@ class PolicyListResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/policy_update_params.py b/src/cloudflare/types/zero_trust/access/policy_update_params.py index 0d21a28107b..6ac7aea58d4 100644 --- a/src/cloudflare/types/zero_trust/access/policy_update_params.py +++ b/src/cloudflare/types/zero_trust/access/policy_update_params.py @@ -2,14 +2,14 @@ from __future__ import annotations -from typing import Iterable -from typing_extensions import Required, TypedDict +from typing import List, Iterable +from typing_extensions import Literal, Required, TypedDict from .decision import Decision from .approval_group_param import ApprovalGroupParam from .applications.access_rule_param import AccessRuleParam -__all__ = ["PolicyUpdateParams"] +__all__ = ["PolicyUpdateParams", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] class PolicyUpdateParams(TypedDict, total=False): @@ -40,6 +40,12 @@ class PolicyUpdateParams(TypedDict, total=False): session. """ + connection_rules: ConnectionRules + """ + The rules that define how users may connect to targets secured by your + application. + """ + exclude: Iterable[AccessRuleParam] """Rules evaluated with a NOT logical operator. @@ -53,6 +59,9 @@ class PolicyUpdateParams(TypedDict, total=False): this feature. """ + mfa_config: MfaConfig + """Configures multi-factor authentication (MFA) settings.""" + purpose_justification_prompt: str """A custom message that will appear on the purpose justification screen.""" @@ -71,3 +80,46 @@ class PolicyUpdateParams(TypedDict, total=False): Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s, m, h. """ + + +class ConnectionRulesRDP(TypedDict, total=False): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: List[Literal["text"]] + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(TypedDict, total=False): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: ConnectionRulesRDP + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: bool + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ diff --git a/src/cloudflare/types/zero_trust/access/policy_update_response.py b/src/cloudflare/types/zero_trust/access/policy_update_response.py index bbd9d8cb480..9da2c852379 100644 --- a/src/cloudflare/types/zero_trust/access/policy_update_response.py +++ b/src/cloudflare/types/zero_trust/access/policy_update_response.py @@ -9,7 +9,50 @@ from .approval_group import ApprovalGroup from .applications.access_rule import AccessRule -__all__ = ["PolicyUpdateResponse"] +__all__ = ["PolicyUpdateResponse", "ConnectionRules", "ConnectionRulesRDP", "MfaConfig"] + + +class ConnectionRulesRDP(BaseModel): + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + allowed_clipboard_local_to_remote_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from local machine to remote RDP session. + """ + + allowed_clipboard_remote_to_local_formats: Optional[List[Literal["text"]]] = None + """ + Clipboard formats allowed when copying from remote RDP session to local machine. + """ + + +class ConnectionRules(BaseModel): + """ + The rules that define how users may connect to targets secured by your application. + """ + + rdp: Optional[ConnectionRulesRDP] = None + """The RDP-specific rules that define clipboard behavior for RDP connections.""" + + +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + mfa_bypass: Optional[bool] = None + """Indicates whether to bypass MFA for this resource. + + This option is available at the application and policy level. + """ + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ class PolicyUpdateResponse(BaseModel): @@ -28,6 +71,12 @@ class PolicyUpdateResponse(BaseModel): session. """ + connection_rules: Optional[ConnectionRules] = None + """ + The rules that define how users may connect to targets secured by your + application. + """ + created_at: Optional[datetime] = None decision: Optional[Decision] = None @@ -55,6 +104,9 @@ class PolicyUpdateResponse(BaseModel): this feature. """ + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings.""" + name: Optional[str] = None """The name of the Access policy.""" diff --git a/src/cloudflare/types/zero_trust/access/user_create_params.py b/src/cloudflare/types/zero_trust/access/user_create_params.py new file mode 100644 index 00000000000..dcbedcff9d8 --- /dev/null +++ b/src/cloudflare/types/zero_trust/access/user_create_params.py @@ -0,0 +1,18 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["UserCreateParams"] + + +class UserCreateParams(TypedDict, total=False): + account_id: Required[str] + """Identifier.""" + + email: Required[str] + """The email of the user.""" + + name: str + """The name of the user.""" diff --git a/src/cloudflare/types/zero_trust/access/user_create_response.py b/src/cloudflare/types/zero_trust/access/user_create_response.py new file mode 100644 index 00000000000..c9f6cde0e5a --- /dev/null +++ b/src/cloudflare/types/zero_trust/access/user_create_response.py @@ -0,0 +1,41 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime + +from ...._models import BaseModel + +__all__ = ["UserCreateResponse"] + + +class UserCreateResponse(BaseModel): + id: Optional[str] = None + """UUID.""" + + access_seat: Optional[bool] = None + """True if the user has authenticated with Cloudflare Access.""" + + active_device_count: Optional[float] = None + """The number of active devices registered to the user.""" + + created_at: Optional[datetime] = None + + email: Optional[str] = None + """The email of the user.""" + + gateway_seat: Optional[bool] = None + """True if the user has logged into the WARP client.""" + + last_successful_login: Optional[datetime] = None + """The time at which the user last successfully logged in.""" + + name: Optional[str] = None + """The name of the user.""" + + seat_uid: Optional[str] = None + """The unique API identifier for the Zero Trust seat.""" + + uid: Optional[str] = None + """The unique API identifier for the user.""" + + updated_at: Optional[datetime] = None diff --git a/src/cloudflare/types/zero_trust/access/user_get_response.py b/src/cloudflare/types/zero_trust/access/user_get_response.py new file mode 100644 index 00000000000..9422adac87f --- /dev/null +++ b/src/cloudflare/types/zero_trust/access/user_get_response.py @@ -0,0 +1,41 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime + +from ...._models import BaseModel + +__all__ = ["UserGetResponse"] + + +class UserGetResponse(BaseModel): + id: Optional[str] = None + """UUID.""" + + access_seat: Optional[bool] = None + """True if the user has authenticated with Cloudflare Access.""" + + active_device_count: Optional[float] = None + """The number of active devices registered to the user.""" + + created_at: Optional[datetime] = None + + email: Optional[str] = None + """The email of the user.""" + + gateway_seat: Optional[bool] = None + """True if the user has logged into the WARP client.""" + + last_successful_login: Optional[datetime] = None + """The time at which the user last successfully logged in.""" + + name: Optional[str] = None + """The name of the user.""" + + seat_uid: Optional[str] = None + """The unique API identifier for the Zero Trust seat.""" + + uid: Optional[str] = None + """The unique API identifier for the user.""" + + updated_at: Optional[datetime] = None diff --git a/src/cloudflare/types/zero_trust/access/user_update_params.py b/src/cloudflare/types/zero_trust/access/user_update_params.py new file mode 100644 index 00000000000..8501df104cc --- /dev/null +++ b/src/cloudflare/types/zero_trust/access/user_update_params.py @@ -0,0 +1,18 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["UserUpdateParams"] + + +class UserUpdateParams(TypedDict, total=False): + account_id: Required[str] + """Identifier.""" + + email: Required[str] + """The email of the user.""" + + name: Required[str] + """The name of the user.""" diff --git a/src/cloudflare/types/zero_trust/access/user_update_response.py b/src/cloudflare/types/zero_trust/access/user_update_response.py new file mode 100644 index 00000000000..cf26f9b54ad --- /dev/null +++ b/src/cloudflare/types/zero_trust/access/user_update_response.py @@ -0,0 +1,41 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime + +from ...._models import BaseModel + +__all__ = ["UserUpdateResponse"] + + +class UserUpdateResponse(BaseModel): + id: Optional[str] = None + """UUID.""" + + access_seat: Optional[bool] = None + """True if the user has authenticated with Cloudflare Access.""" + + active_device_count: Optional[float] = None + """The number of active devices registered to the user.""" + + created_at: Optional[datetime] = None + + email: Optional[str] = None + """The email of the user.""" + + gateway_seat: Optional[bool] = None + """True if the user has logged into the WARP client.""" + + last_successful_login: Optional[datetime] = None + """The time at which the user last successfully logged in.""" + + name: Optional[str] = None + """The name of the user.""" + + seat_uid: Optional[str] = None + """The unique API identifier for the Zero Trust seat.""" + + uid: Optional[str] = None + """The unique API identifier for the user.""" + + updated_at: Optional[datetime] = None diff --git a/src/cloudflare/types/zero_trust/dex/__init__.py b/src/cloudflare/types/zero_trust/dex/__init__.py index 674d2cb7a06..5fd5e308eb2 100644 --- a/src/cloudflare/types/zero_trust/dex/__init__.py +++ b/src/cloudflare/types/zero_trust/dex/__init__.py @@ -7,10 +7,18 @@ from .traceroute import Traceroute as Traceroute from .http_details import HTTPDetails as HTTPDetails from .colo_list_params import ColoListParams as ColoListParams +from .rule_list_params import RuleListParams as RuleListParams from .test_list_params import TestListParams as TestListParams +from .rule_get_response import RuleGetResponse as RuleGetResponse from .colo_list_response import ColoListResponse as ColoListResponse +from .rule_create_params import RuleCreateParams as RuleCreateParams +from .rule_list_response import RuleListResponse as RuleListResponse +from .rule_update_params import RuleUpdateParams as RuleUpdateParams from .command_list_params import CommandListParams as CommandListParams from .http_test_get_params import HTTPTestGetParams as HTTPTestGetParams +from .rule_create_response import RuleCreateResponse as RuleCreateResponse +from .rule_delete_response import RuleDeleteResponse as RuleDeleteResponse +from .rule_update_response import RuleUpdateResponse as RuleUpdateResponse from .aggregate_time_period import AggregateTimePeriod as AggregateTimePeriod from .command_create_params import CommandCreateParams as CommandCreateParams from .command_list_response import CommandListResponse as CommandListResponse diff --git a/src/cloudflare/types/zero_trust/dex/rule_create_params.py b/src/cloudflare/types/zero_trust/dex/rule_create_params.py new file mode 100644 index 00000000000..db10c6a7be7 --- /dev/null +++ b/src/cloudflare/types/zero_trust/dex/rule_create_params.py @@ -0,0 +1,19 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["RuleCreateParams"] + + +class RuleCreateParams(TypedDict, total=False): + account_id: Required[str] + + match: Required[str] + """The wirefilter expression to match.""" + + name: Required[str] + """The name of the Rule.""" + + description: str diff --git a/src/cloudflare/types/zero_trust/dex/rule_create_response.py b/src/cloudflare/types/zero_trust/dex/rule_create_response.py new file mode 100644 index 00000000000..eecc3ba5510 --- /dev/null +++ b/src/cloudflare/types/zero_trust/dex/rule_create_response.py @@ -0,0 +1,54 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import List, Optional +from typing_extensions import Literal + +from ...._models import BaseModel + +__all__ = ["RuleCreateResponse", "TargetedTest", "TargetedTestData"] + + +class TargetedTestData(BaseModel): + """ + The configuration object which contains the details for the WARP client to conduct the test. + """ + + host: str + """The desired endpoint to test.""" + + kind: Literal["http", "traceroute"] + """The type of test.""" + + method: Optional[Literal["GET"]] = None + """The HTTP request method type.""" + + +class TargetedTest(BaseModel): + data: TargetedTestData + """ + The configuration object which contains the details for the WARP client to + conduct the test. + """ + + enabled: bool + + name: str + + test_id: str + + +class RuleCreateResponse(BaseModel): + id: str + """API Resource UUID tag.""" + + created_at: str + + match: str + + name: str + + description: Optional[str] = None + + targeted_tests: Optional[List[TargetedTest]] = None + + updated_at: Optional[str] = None diff --git a/src/cloudflare/types/snippets/snippet_delete_response.py b/src/cloudflare/types/zero_trust/dex/rule_delete_response.py similarity index 64% rename from src/cloudflare/types/snippets/snippet_delete_response.py rename to src/cloudflare/types/zero_trust/dex/rule_delete_response.py index df12b7993ea..eda04e28a4f 100644 --- a/src/cloudflare/types/snippets/snippet_delete_response.py +++ b/src/cloudflare/types/zero_trust/dex/rule_delete_response.py @@ -3,6 +3,6 @@ from typing import Optional from typing_extensions import TypeAlias -__all__ = ["SnippetDeleteResponse"] +__all__ = ["RuleDeleteResponse"] -SnippetDeleteResponse: TypeAlias = Optional[str] +RuleDeleteResponse: TypeAlias = Optional[bool] diff --git a/src/cloudflare/types/zero_trust/dex/rule_get_response.py b/src/cloudflare/types/zero_trust/dex/rule_get_response.py new file mode 100644 index 00000000000..e353ed85a78 --- /dev/null +++ b/src/cloudflare/types/zero_trust/dex/rule_get_response.py @@ -0,0 +1,54 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import List, Optional +from typing_extensions import Literal + +from ...._models import BaseModel + +__all__ = ["RuleGetResponse", "TargetedTest", "TargetedTestData"] + + +class TargetedTestData(BaseModel): + """ + The configuration object which contains the details for the WARP client to conduct the test. + """ + + host: str + """The desired endpoint to test.""" + + kind: Literal["http", "traceroute"] + """The type of test.""" + + method: Optional[Literal["GET"]] = None + """The HTTP request method type.""" + + +class TargetedTest(BaseModel): + data: TargetedTestData + """ + The configuration object which contains the details for the WARP client to + conduct the test. + """ + + enabled: bool + + name: str + + test_id: str + + +class RuleGetResponse(BaseModel): + id: str + """API Resource UUID tag.""" + + created_at: str + + match: str + + name: str + + description: Optional[str] = None + + targeted_tests: Optional[List[TargetedTest]] = None + + updated_at: Optional[str] = None diff --git a/src/cloudflare/types/zero_trust/dex/rule_list_params.py b/src/cloudflare/types/zero_trust/dex/rule_list_params.py new file mode 100644 index 00000000000..f7a59482cd0 --- /dev/null +++ b/src/cloudflare/types/zero_trust/dex/rule_list_params.py @@ -0,0 +1,26 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Literal, Required, TypedDict + +__all__ = ["RuleListParams"] + + +class RuleListParams(TypedDict, total=False): + account_id: Required[str] + + page: Required[float] + """Page number of paginated results""" + + per_page: Required[float] + """Number of items per page""" + + name: str + """Filter results by rule name""" + + sort_by: Literal["name", "created_at", "updated_at"] + """Which property to sort results by""" + + sort_order: Literal["ASC", "DESC"] + """Sort direction for sort_by property""" diff --git a/src/cloudflare/types/zero_trust/dex/rule_list_response.py b/src/cloudflare/types/zero_trust/dex/rule_list_response.py new file mode 100644 index 00000000000..c9c6c7f54c3 --- /dev/null +++ b/src/cloudflare/types/zero_trust/dex/rule_list_response.py @@ -0,0 +1,58 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import List, Optional +from typing_extensions import Literal + +from ...._models import BaseModel + +__all__ = ["RuleListResponse", "Rule", "RuleTargetedTest", "RuleTargetedTestData"] + + +class RuleTargetedTestData(BaseModel): + """ + The configuration object which contains the details for the WARP client to conduct the test. + """ + + host: str + """The desired endpoint to test.""" + + kind: Literal["http", "traceroute"] + """The type of test.""" + + method: Optional[Literal["GET"]] = None + """The HTTP request method type.""" + + +class RuleTargetedTest(BaseModel): + data: RuleTargetedTestData + """ + The configuration object which contains the details for the WARP client to + conduct the test. + """ + + enabled: bool + + name: str + + test_id: str + + +class Rule(BaseModel): + id: str + """API Resource UUID tag.""" + + created_at: str + + match: str + + name: str + + description: Optional[str] = None + + targeted_tests: Optional[List[RuleTargetedTest]] = None + + updated_at: Optional[str] = None + + +class RuleListResponse(BaseModel): + rules: Optional[List[Rule]] = None diff --git a/src/cloudflare/types/zero_trust/dex/rule_update_params.py b/src/cloudflare/types/zero_trust/dex/rule_update_params.py new file mode 100644 index 00000000000..4bafbd979b1 --- /dev/null +++ b/src/cloudflare/types/zero_trust/dex/rule_update_params.py @@ -0,0 +1,19 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["RuleUpdateParams"] + + +class RuleUpdateParams(TypedDict, total=False): + account_id: Required[str] + + description: str + + match: str + """The wirefilter expression to match.""" + + name: str + """The name of the Rule.""" diff --git a/src/cloudflare/types/zero_trust/dex/rule_update_response.py b/src/cloudflare/types/zero_trust/dex/rule_update_response.py new file mode 100644 index 00000000000..530c76ff2ad --- /dev/null +++ b/src/cloudflare/types/zero_trust/dex/rule_update_response.py @@ -0,0 +1,54 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import List, Optional +from typing_extensions import Literal + +from ...._models import BaseModel + +__all__ = ["RuleUpdateResponse", "TargetedTest", "TargetedTestData"] + + +class TargetedTestData(BaseModel): + """ + The configuration object which contains the details for the WARP client to conduct the test. + """ + + host: str + """The desired endpoint to test.""" + + kind: Literal["http", "traceroute"] + """The type of test.""" + + method: Optional[Literal["GET"]] = None + """The HTTP request method type.""" + + +class TargetedTest(BaseModel): + data: TargetedTestData + """ + The configuration object which contains the details for the WARP client to + conduct the test. + """ + + enabled: bool + + name: str + + test_id: str + + +class RuleUpdateResponse(BaseModel): + id: str + """API Resource UUID tag.""" + + created_at: str + + match: str + + name: str + + description: Optional[str] = None + + targeted_tests: Optional[List[TargetedTest]] = None + + updated_at: Optional[str] = None diff --git a/src/cloudflare/types/zero_trust/dlp/__init__.py b/src/cloudflare/types/zero_trust/dlp/__init__.py index 1967c3f7f17..fa6d87dbb47 100644 --- a/src/cloudflare/types/zero_trust/dlp/__init__.py +++ b/src/cloudflare/types/zero_trust/dlp/__init__.py @@ -4,6 +4,8 @@ from .dataset import Dataset as Dataset from .profile import Profile as Profile +from .dataset_array import DatasetArray as DatasetArray +from .dataset_creation import DatasetCreation as DatasetCreation from .context_awareness import ContextAwareness as ContextAwareness from .entry_get_response import EntryGetResponse as EntryGetResponse from .skip_configuration import SkipConfiguration as SkipConfiguration @@ -12,15 +14,11 @@ from .entry_update_params import EntryUpdateParams as EntryUpdateParams from .limit_list_response import LimitListResponse as LimitListResponse from .profile_list_params import ProfileListParams as ProfileListParams -from .dataset_get_response import DatasetGetResponse as DatasetGetResponse -from .profile_get_response import ProfileGetResponse as ProfileGetResponse from .dataset_create_params import DatasetCreateParams as DatasetCreateParams from .dataset_update_params import DatasetUpdateParams as DatasetUpdateParams from .entry_create_response import EntryCreateResponse as EntryCreateResponse from .entry_update_response import EntryUpdateResponse as EntryUpdateResponse from .context_awareness_param import ContextAwarenessParam as ContextAwarenessParam -from .dataset_create_response import DatasetCreateResponse as DatasetCreateResponse -from .dataset_update_response import DatasetUpdateResponse as DatasetUpdateResponse from .pattern_validate_params import PatternValidateParams as PatternValidateParams from .payload_log_get_response import PayloadLogGetResponse as PayloadLogGetResponse from .skip_configuration_param import SkipConfigurationParam as SkipConfigurationParam diff --git a/src/cloudflare/types/zero_trust/dlp/dataset_array.py b/src/cloudflare/types/zero_trust/dlp/dataset_array.py new file mode 100644 index 00000000000..92e05fadd7a --- /dev/null +++ b/src/cloudflare/types/zero_trust/dlp/dataset_array.py @@ -0,0 +1,10 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import List +from typing_extensions import TypeAlias + +from .dataset import Dataset + +__all__ = ["DatasetArray"] + +DatasetArray: TypeAlias = List[Dataset] diff --git a/src/cloudflare/types/zero_trust/dlp/dataset_create_response.py b/src/cloudflare/types/zero_trust/dlp/dataset_creation.py similarity index 87% rename from src/cloudflare/types/zero_trust/dlp/dataset_create_response.py rename to src/cloudflare/types/zero_trust/dlp/dataset_creation.py index 41c574f0e2d..072c00e83ee 100644 --- a/src/cloudflare/types/zero_trust/dlp/dataset_create_response.py +++ b/src/cloudflare/types/zero_trust/dlp/dataset_creation.py @@ -5,10 +5,10 @@ from .dataset import Dataset from ...._models import BaseModel -__all__ = ["DatasetCreateResponse"] +__all__ = ["DatasetCreation"] -class DatasetCreateResponse(BaseModel): +class DatasetCreation(BaseModel): dataset: Dataset encoding_version: int diff --git a/src/cloudflare/types/zero_trust/dlp/dataset_get_response.py b/src/cloudflare/types/zero_trust/dlp/dataset_get_response.py deleted file mode 100644 index 3d05e3ef4a3..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/dataset_get_response.py +++ /dev/null @@ -1,58 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Optional -from datetime import datetime -from typing_extensions import Literal - -from ...._models import BaseModel - -__all__ = ["DatasetGetResponse", "Column", "Upload"] - - -class Column(BaseModel): - entry_id: str - - header_name: str - - num_cells: int - - upload_status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - -class Upload(BaseModel): - num_cells: int - - status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - version: int - - -class DatasetGetResponse(BaseModel): - id: str - - columns: List[Column] - - created_at: datetime - - encoding_version: int - - name: str - - num_cells: int - - secret: bool - - status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - updated_at: datetime - """Stores when the dataset was last updated. - - This includes name or description changes as well as uploads. - """ - - uploads: List[Upload] - - case_sensitive: Optional[bool] = None - - description: Optional[str] = None - """The description of the dataset.""" diff --git a/src/cloudflare/types/zero_trust/dlp/dataset_update_response.py b/src/cloudflare/types/zero_trust/dlp/dataset_update_response.py deleted file mode 100644 index 04816f455dd..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/dataset_update_response.py +++ /dev/null @@ -1,58 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Optional -from datetime import datetime -from typing_extensions import Literal - -from ...._models import BaseModel - -__all__ = ["DatasetUpdateResponse", "Column", "Upload"] - - -class Column(BaseModel): - entry_id: str - - header_name: str - - num_cells: int - - upload_status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - -class Upload(BaseModel): - num_cells: int - - status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - version: int - - -class DatasetUpdateResponse(BaseModel): - id: str - - columns: List[Column] - - created_at: datetime - - encoding_version: int - - name: str - - num_cells: int - - secret: bool - - status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - updated_at: datetime - """Stores when the dataset was last updated. - - This includes name or description changes as well as uploads. - """ - - uploads: List[Upload] - - case_sensitive: Optional[bool] = None - - description: Optional[str] = None - """The description of the dataset.""" diff --git a/src/cloudflare/types/zero_trust/dlp/datasets/__init__.py b/src/cloudflare/types/zero_trust/dlp/datasets/__init__.py index bc1e3874a3a..bfb205bbab6 100644 --- a/src/cloudflare/types/zero_trust/dlp/datasets/__init__.py +++ b/src/cloudflare/types/zero_trust/dlp/datasets/__init__.py @@ -2,8 +2,7 @@ from __future__ import annotations +from .new_version import NewVersion as NewVersion from .upload_edit_params import UploadEditParams as UploadEditParams -from .upload_edit_response import UploadEditResponse as UploadEditResponse from .version_create_params import VersionCreateParams as VersionCreateParams -from .upload_create_response import UploadCreateResponse as UploadCreateResponse from .version_create_response import VersionCreateResponse as VersionCreateResponse diff --git a/src/cloudflare/types/zero_trust/dlp/datasets/upload_create_response.py b/src/cloudflare/types/zero_trust/dlp/datasets/new_version.py similarity index 87% rename from src/cloudflare/types/zero_trust/dlp/datasets/upload_create_response.py rename to src/cloudflare/types/zero_trust/dlp/datasets/new_version.py index 18728ec12d8..2e10d4c3770 100644 --- a/src/cloudflare/types/zero_trust/dlp/datasets/upload_create_response.py +++ b/src/cloudflare/types/zero_trust/dlp/datasets/new_version.py @@ -5,7 +5,7 @@ from ....._models import BaseModel -__all__ = ["UploadCreateResponse", "Column"] +__all__ = ["NewVersion", "Column"] class Column(BaseModel): @@ -18,7 +18,7 @@ class Column(BaseModel): upload_status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] -class UploadCreateResponse(BaseModel): +class NewVersion(BaseModel): encoding_version: int max_cells: int diff --git a/src/cloudflare/types/zero_trust/dlp/datasets/upload_edit_response.py b/src/cloudflare/types/zero_trust/dlp/datasets/upload_edit_response.py deleted file mode 100644 index d61fc6dc4ac..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/datasets/upload_edit_response.py +++ /dev/null @@ -1,58 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Optional -from datetime import datetime -from typing_extensions import Literal - -from ....._models import BaseModel - -__all__ = ["UploadEditResponse", "Column", "Upload"] - - -class Column(BaseModel): - entry_id: str - - header_name: str - - num_cells: int - - upload_status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - -class Upload(BaseModel): - num_cells: int - - status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - version: int - - -class UploadEditResponse(BaseModel): - id: str - - columns: List[Column] - - created_at: datetime - - encoding_version: int - - name: str - - num_cells: int - - secret: bool - - status: Literal["empty", "uploading", "pending", "processing", "failed", "complete"] - - updated_at: datetime - """Stores when the dataset was last updated. - - This includes name or description changes as well as uploads. - """ - - uploads: List[Upload] - - case_sensitive: Optional[bool] = None - - description: Optional[str] = None - """The description of the dataset.""" diff --git a/src/cloudflare/types/zero_trust/dlp/entries/custom_create_params.py b/src/cloudflare/types/zero_trust/dlp/entries/custom_create_params.py index c96b0eaf370..8700d3d8469 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/custom_create_params.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/custom_create_params.py @@ -2,6 +2,7 @@ from __future__ import annotations +from typing import Optional from typing_extensions import Required, TypedDict from ..profiles.pattern_param import PatternParam @@ -18,4 +19,6 @@ class CustomCreateParams(TypedDict, total=False): pattern: Required[PatternParam] + description: Optional[str] + profile_id: str diff --git a/src/cloudflare/types/zero_trust/dlp/entries/custom_create_response.py b/src/cloudflare/types/zero_trust/dlp/entries/custom_create_response.py index 5a695cc08f1..8b6cbc94fbf 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/custom_create_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/custom_create_response.py @@ -22,4 +22,6 @@ class CustomCreateResponse(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None diff --git a/src/cloudflare/types/zero_trust/dlp/entries/custom_get_response.py b/src/cloudflare/types/zero_trust/dlp/entries/custom_get_response.py index d7357683446..0643a73c554 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/custom_get_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/custom_get_response.py @@ -49,6 +49,8 @@ class UnionMember0(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None profiles: Optional[List[UnionMember0Profile]] = None diff --git a/src/cloudflare/types/zero_trust/dlp/entries/custom_list_response.py b/src/cloudflare/types/zero_trust/dlp/entries/custom_list_response.py index 47f4b0a4d6d..af4e3334fbc 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/custom_list_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/custom_list_response.py @@ -9,18 +9,18 @@ __all__ = [ "CustomListResponse", - "CustomEntry", - "PredefinedEntry", - "PredefinedEntryConfidence", - "PredefinedEntryVariant", - "IntegrationEntry", - "ExactDataEntry", - "DocumentFingerprintEntry", - "WordListEntry", + "UnionMember0", + "UnionMember1", + "UnionMember1Confidence", + "UnionMember1Variant", + "UnionMember2", + "UnionMember3", + "UnionMember4", + "UnionMember5", ] -class CustomEntry(BaseModel): +class UnionMember0(BaseModel): id: str created_at: datetime @@ -35,12 +35,14 @@ class CustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class PredefinedEntryConfidence(BaseModel): +class UnionMember1Confidence(BaseModel): ai_context_available: bool """Indicates whether this entry has AI remote service validation.""" @@ -51,7 +53,7 @@ class PredefinedEntryConfidence(BaseModel): """ -class PredefinedEntryVariant(BaseModel): +class UnionMember1Variant(BaseModel): topic_type: Literal["Intent", "Content"] type: Literal["PromptTopic"] @@ -59,10 +61,10 @@ class PredefinedEntryVariant(BaseModel): description: Optional[str] = None -class PredefinedEntry(BaseModel): +class UnionMember1(BaseModel): id: str - confidence: PredefinedEntryConfidence + confidence: UnionMember1Confidence enabled: bool @@ -74,10 +76,10 @@ class PredefinedEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None - variant: Optional[PredefinedEntryVariant] = None + variant: Optional[UnionMember1Variant] = None -class IntegrationEntry(BaseModel): +class UnionMember2(BaseModel): id: str created_at: datetime @@ -95,7 +97,7 @@ class IntegrationEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class ExactDataEntry(BaseModel): +class UnionMember3(BaseModel): id: str case_sensitive: bool @@ -119,7 +121,7 @@ class ExactDataEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class DocumentFingerprintEntry(BaseModel): +class UnionMember4(BaseModel): id: str created_at: datetime @@ -135,7 +137,7 @@ class DocumentFingerprintEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class WordListEntry(BaseModel): +class UnionMember5(BaseModel): id: str created_at: datetime @@ -156,5 +158,5 @@ class WordListEntry(BaseModel): CustomListResponse: TypeAlias = Union[ - CustomEntry, PredefinedEntry, IntegrationEntry, ExactDataEntry, DocumentFingerprintEntry, WordListEntry + UnionMember0, UnionMember1, UnionMember2, UnionMember3, UnionMember4, UnionMember5 ] diff --git a/src/cloudflare/types/zero_trust/dlp/entries/custom_update_params.py b/src/cloudflare/types/zero_trust/dlp/entries/custom_update_params.py index c773958695b..c6e957d80d3 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/custom_update_params.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/custom_update_params.py @@ -2,6 +2,7 @@ from __future__ import annotations +from typing import Optional from typing_extensions import Required, TypedDict from ..profiles.pattern_param import PatternParam @@ -17,3 +18,5 @@ class CustomUpdateParams(TypedDict, total=False): name: Required[str] pattern: Required[PatternParam] + + description: Optional[str] diff --git a/src/cloudflare/types/zero_trust/dlp/entries/custom_update_response.py b/src/cloudflare/types/zero_trust/dlp/entries/custom_update_response.py index 6aa076e2a4e..1f77d4b9b31 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/custom_update_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/custom_update_response.py @@ -22,4 +22,6 @@ class CustomUpdateResponse(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None diff --git a/src/cloudflare/types/zero_trust/dlp/entries/integration_get_response.py b/src/cloudflare/types/zero_trust/dlp/entries/integration_get_response.py index 2448e69c5d3..da9028d38d6 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/integration_get_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/integration_get_response.py @@ -49,6 +49,8 @@ class UnionMember0(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None profiles: Optional[List[UnionMember0Profile]] = None diff --git a/src/cloudflare/types/zero_trust/dlp/entries/integration_list_response.py b/src/cloudflare/types/zero_trust/dlp/entries/integration_list_response.py index ec1f81c4592..ea7214a2153 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/integration_list_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/integration_list_response.py @@ -9,18 +9,18 @@ __all__ = [ "IntegrationListResponse", - "CustomEntry", - "PredefinedEntry", - "PredefinedEntryConfidence", - "PredefinedEntryVariant", - "IntegrationEntry", - "ExactDataEntry", - "DocumentFingerprintEntry", - "WordListEntry", + "UnionMember0", + "UnionMember1", + "UnionMember1Confidence", + "UnionMember1Variant", + "UnionMember2", + "UnionMember3", + "UnionMember4", + "UnionMember5", ] -class CustomEntry(BaseModel): +class UnionMember0(BaseModel): id: str created_at: datetime @@ -35,12 +35,14 @@ class CustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class PredefinedEntryConfidence(BaseModel): +class UnionMember1Confidence(BaseModel): ai_context_available: bool """Indicates whether this entry has AI remote service validation.""" @@ -51,7 +53,7 @@ class PredefinedEntryConfidence(BaseModel): """ -class PredefinedEntryVariant(BaseModel): +class UnionMember1Variant(BaseModel): topic_type: Literal["Intent", "Content"] type: Literal["PromptTopic"] @@ -59,10 +61,10 @@ class PredefinedEntryVariant(BaseModel): description: Optional[str] = None -class PredefinedEntry(BaseModel): +class UnionMember1(BaseModel): id: str - confidence: PredefinedEntryConfidence + confidence: UnionMember1Confidence enabled: bool @@ -74,10 +76,10 @@ class PredefinedEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None - variant: Optional[PredefinedEntryVariant] = None + variant: Optional[UnionMember1Variant] = None -class IntegrationEntry(BaseModel): +class UnionMember2(BaseModel): id: str created_at: datetime @@ -95,7 +97,7 @@ class IntegrationEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class ExactDataEntry(BaseModel): +class UnionMember3(BaseModel): id: str case_sensitive: bool @@ -119,7 +121,7 @@ class ExactDataEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class DocumentFingerprintEntry(BaseModel): +class UnionMember4(BaseModel): id: str created_at: datetime @@ -135,7 +137,7 @@ class DocumentFingerprintEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class WordListEntry(BaseModel): +class UnionMember5(BaseModel): id: str created_at: datetime @@ -156,5 +158,5 @@ class WordListEntry(BaseModel): IntegrationListResponse: TypeAlias = Union[ - CustomEntry, PredefinedEntry, IntegrationEntry, ExactDataEntry, DocumentFingerprintEntry, WordListEntry + UnionMember0, UnionMember1, UnionMember2, UnionMember3, UnionMember4, UnionMember5 ] diff --git a/src/cloudflare/types/zero_trust/dlp/entries/predefined_get_response.py b/src/cloudflare/types/zero_trust/dlp/entries/predefined_get_response.py index 7ea062b0886..975c433ccf9 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/predefined_get_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/predefined_get_response.py @@ -49,6 +49,8 @@ class UnionMember0(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None profiles: Optional[List[UnionMember0Profile]] = None diff --git a/src/cloudflare/types/zero_trust/dlp/entries/predefined_list_response.py b/src/cloudflare/types/zero_trust/dlp/entries/predefined_list_response.py index e8bd1dd0e62..2dcfabd8dc1 100644 --- a/src/cloudflare/types/zero_trust/dlp/entries/predefined_list_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entries/predefined_list_response.py @@ -9,18 +9,18 @@ __all__ = [ "PredefinedListResponse", - "CustomEntry", - "PredefinedEntry", - "PredefinedEntryConfidence", - "PredefinedEntryVariant", - "IntegrationEntry", - "ExactDataEntry", - "DocumentFingerprintEntry", - "WordListEntry", + "UnionMember0", + "UnionMember1", + "UnionMember1Confidence", + "UnionMember1Variant", + "UnionMember2", + "UnionMember3", + "UnionMember4", + "UnionMember5", ] -class CustomEntry(BaseModel): +class UnionMember0(BaseModel): id: str created_at: datetime @@ -35,12 +35,14 @@ class CustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class PredefinedEntryConfidence(BaseModel): +class UnionMember1Confidence(BaseModel): ai_context_available: bool """Indicates whether this entry has AI remote service validation.""" @@ -51,7 +53,7 @@ class PredefinedEntryConfidence(BaseModel): """ -class PredefinedEntryVariant(BaseModel): +class UnionMember1Variant(BaseModel): topic_type: Literal["Intent", "Content"] type: Literal["PromptTopic"] @@ -59,10 +61,10 @@ class PredefinedEntryVariant(BaseModel): description: Optional[str] = None -class PredefinedEntry(BaseModel): +class UnionMember1(BaseModel): id: str - confidence: PredefinedEntryConfidence + confidence: UnionMember1Confidence enabled: bool @@ -74,10 +76,10 @@ class PredefinedEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None - variant: Optional[PredefinedEntryVariant] = None + variant: Optional[UnionMember1Variant] = None -class IntegrationEntry(BaseModel): +class UnionMember2(BaseModel): id: str created_at: datetime @@ -95,7 +97,7 @@ class IntegrationEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class ExactDataEntry(BaseModel): +class UnionMember3(BaseModel): id: str case_sensitive: bool @@ -119,7 +121,7 @@ class ExactDataEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class DocumentFingerprintEntry(BaseModel): +class UnionMember4(BaseModel): id: str created_at: datetime @@ -135,7 +137,7 @@ class DocumentFingerprintEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class WordListEntry(BaseModel): +class UnionMember5(BaseModel): id: str created_at: datetime @@ -156,5 +158,5 @@ class WordListEntry(BaseModel): PredefinedListResponse: TypeAlias = Union[ - CustomEntry, PredefinedEntry, IntegrationEntry, ExactDataEntry, DocumentFingerprintEntry, WordListEntry + UnionMember0, UnionMember1, UnionMember2, UnionMember3, UnionMember4, UnionMember5 ] diff --git a/src/cloudflare/types/zero_trust/dlp/entry_create_params.py b/src/cloudflare/types/zero_trust/dlp/entry_create_params.py index 8aaaa65ea7f..6b6c3364021 100644 --- a/src/cloudflare/types/zero_trust/dlp/entry_create_params.py +++ b/src/cloudflare/types/zero_trust/dlp/entry_create_params.py @@ -2,6 +2,7 @@ from __future__ import annotations +from typing import Optional from typing_extensions import Required, TypedDict from .profiles.pattern_param import PatternParam @@ -18,4 +19,6 @@ class EntryCreateParams(TypedDict, total=False): pattern: Required[PatternParam] + description: Optional[str] + profile_id: str diff --git a/src/cloudflare/types/zero_trust/dlp/entry_create_response.py b/src/cloudflare/types/zero_trust/dlp/entry_create_response.py index a21a44fe06e..cd3cd80dea5 100644 --- a/src/cloudflare/types/zero_trust/dlp/entry_create_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entry_create_response.py @@ -22,4 +22,6 @@ class EntryCreateResponse(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None diff --git a/src/cloudflare/types/zero_trust/dlp/entry_get_response.py b/src/cloudflare/types/zero_trust/dlp/entry_get_response.py index 0276d9da7b3..b14a69946d9 100644 --- a/src/cloudflare/types/zero_trust/dlp/entry_get_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entry_get_response.py @@ -49,6 +49,8 @@ class UnionMember0(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None profiles: Optional[List[UnionMember0Profile]] = None diff --git a/src/cloudflare/types/zero_trust/dlp/entry_list_response.py b/src/cloudflare/types/zero_trust/dlp/entry_list_response.py index 95f6c9de362..c0e6b250d00 100644 --- a/src/cloudflare/types/zero_trust/dlp/entry_list_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entry_list_response.py @@ -9,18 +9,18 @@ __all__ = [ "EntryListResponse", - "CustomEntry", - "PredefinedEntry", - "PredefinedEntryConfidence", - "PredefinedEntryVariant", - "IntegrationEntry", - "ExactDataEntry", - "DocumentFingerprintEntry", - "WordListEntry", + "UnionMember0", + "UnionMember1", + "UnionMember1Confidence", + "UnionMember1Variant", + "UnionMember2", + "UnionMember3", + "UnionMember4", + "UnionMember5", ] -class CustomEntry(BaseModel): +class UnionMember0(BaseModel): id: str created_at: datetime @@ -35,12 +35,14 @@ class CustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class PredefinedEntryConfidence(BaseModel): +class UnionMember1Confidence(BaseModel): ai_context_available: bool """Indicates whether this entry has AI remote service validation.""" @@ -51,7 +53,7 @@ class PredefinedEntryConfidence(BaseModel): """ -class PredefinedEntryVariant(BaseModel): +class UnionMember1Variant(BaseModel): topic_type: Literal["Intent", "Content"] type: Literal["PromptTopic"] @@ -59,10 +61,10 @@ class PredefinedEntryVariant(BaseModel): description: Optional[str] = None -class PredefinedEntry(BaseModel): +class UnionMember1(BaseModel): id: str - confidence: PredefinedEntryConfidence + confidence: UnionMember1Confidence enabled: bool @@ -74,10 +76,10 @@ class PredefinedEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None - variant: Optional[PredefinedEntryVariant] = None + variant: Optional[UnionMember1Variant] = None -class IntegrationEntry(BaseModel): +class UnionMember2(BaseModel): id: str created_at: datetime @@ -95,7 +97,7 @@ class IntegrationEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class ExactDataEntry(BaseModel): +class UnionMember3(BaseModel): id: str case_sensitive: bool @@ -119,7 +121,7 @@ class ExactDataEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class DocumentFingerprintEntry(BaseModel): +class UnionMember4(BaseModel): id: str created_at: datetime @@ -135,7 +137,7 @@ class DocumentFingerprintEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -class WordListEntry(BaseModel): +class UnionMember5(BaseModel): id: str created_at: datetime @@ -155,6 +157,4 @@ class WordListEntry(BaseModel): upload_status: Optional[Literal["empty", "uploading", "pending", "processing", "failed", "complete"]] = None -EntryListResponse: TypeAlias = Union[ - CustomEntry, PredefinedEntry, IntegrationEntry, ExactDataEntry, DocumentFingerprintEntry, WordListEntry -] +EntryListResponse: TypeAlias = Union[UnionMember0, UnionMember1, UnionMember2, UnionMember3, UnionMember4, UnionMember5] diff --git a/src/cloudflare/types/zero_trust/dlp/entry_update_params.py b/src/cloudflare/types/zero_trust/dlp/entry_update_params.py index 7fc8706ca1e..04a45767afe 100644 --- a/src/cloudflare/types/zero_trust/dlp/entry_update_params.py +++ b/src/cloudflare/types/zero_trust/dlp/entry_update_params.py @@ -2,7 +2,7 @@ from __future__ import annotations -from typing import Union +from typing import Union, Optional from typing_extensions import Literal, Required, TypeAlias, TypedDict from .profiles.pattern_param import PatternParam @@ -19,6 +19,8 @@ class Variant0(TypedDict, total=False): type: Required[Literal["custom"]] + description: Optional[str] + enabled: bool diff --git a/src/cloudflare/types/zero_trust/dlp/entry_update_response.py b/src/cloudflare/types/zero_trust/dlp/entry_update_response.py index ced93632cfb..0e256a22386 100644 --- a/src/cloudflare/types/zero_trust/dlp/entry_update_response.py +++ b/src/cloudflare/types/zero_trust/dlp/entry_update_response.py @@ -2,26 +2,25 @@ from typing import Union, Optional from datetime import datetime -from typing_extensions import Literal, Annotated, TypeAlias +from typing_extensions import Literal, TypeAlias -from ...._utils import PropertyInfo from ...._models import BaseModel from .profiles.pattern import Pattern __all__ = [ "EntryUpdateResponse", - "Custom", - "Predefined", - "PredefinedConfidence", - "PredefinedVariant", - "Integration", - "ExactData", - "DocumentFingerprint", - "WordList", + "CustomEntry", + "PredefinedEntry", + "PredefinedEntryConfidence", + "PredefinedEntryVariant", + "IntegrationEntry", + "ExactDataEntry", + "DocumentFingerprintEntry", + "WordListEntry", ] -class Custom(BaseModel): +class CustomEntry(BaseModel): id: str created_at: datetime @@ -36,10 +35,12 @@ class Custom(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None -class PredefinedConfidence(BaseModel): +class PredefinedEntryConfidence(BaseModel): ai_context_available: bool """Indicates whether this entry has AI remote service validation.""" @@ -50,7 +51,7 @@ class PredefinedConfidence(BaseModel): """ -class PredefinedVariant(BaseModel): +class PredefinedEntryVariant(BaseModel): topic_type: Literal["Intent", "Content"] type: Literal["PromptTopic"] @@ -58,10 +59,10 @@ class PredefinedVariant(BaseModel): description: Optional[str] = None -class Predefined(BaseModel): +class PredefinedEntry(BaseModel): id: str - confidence: PredefinedConfidence + confidence: PredefinedEntryConfidence enabled: bool @@ -71,10 +72,10 @@ class Predefined(BaseModel): profile_id: Optional[str] = None - variant: Optional[PredefinedVariant] = None + variant: Optional[PredefinedEntryVariant] = None -class Integration(BaseModel): +class IntegrationEntry(BaseModel): id: str created_at: datetime @@ -90,7 +91,7 @@ class Integration(BaseModel): profile_id: Optional[str] = None -class ExactData(BaseModel): +class ExactDataEntry(BaseModel): id: str case_sensitive: bool @@ -112,7 +113,7 @@ class ExactData(BaseModel): updated_at: datetime -class DocumentFingerprint(BaseModel): +class DocumentFingerprintEntry(BaseModel): id: str created_at: datetime @@ -126,7 +127,7 @@ class DocumentFingerprint(BaseModel): updated_at: datetime -class WordList(BaseModel): +class WordListEntry(BaseModel): id: str created_at: datetime @@ -144,6 +145,6 @@ class WordList(BaseModel): profile_id: Optional[str] = None -EntryUpdateResponse: TypeAlias = Annotated[ - Union[Custom, Predefined, Integration, ExactData, DocumentFingerprint, WordList], PropertyInfo(discriminator="type") +EntryUpdateResponse: TypeAlias = Union[ + CustomEntry, PredefinedEntry, IntegrationEntry, ExactDataEntry, DocumentFingerprintEntry, WordListEntry ] diff --git a/src/cloudflare/types/zero_trust/dlp/payload_log_get_response.py b/src/cloudflare/types/zero_trust/dlp/payload_log_get_response.py index 648ba73dcb7..14a5fe92d59 100644 --- a/src/cloudflare/types/zero_trust/dlp/payload_log_get_response.py +++ b/src/cloudflare/types/zero_trust/dlp/payload_log_get_response.py @@ -2,6 +2,7 @@ from typing import Optional from datetime import datetime +from typing_extensions import Literal from ...._models import BaseModel @@ -9,6 +10,19 @@ class PayloadLogGetResponse(BaseModel): + masking_level: Literal["full", "partial", "clear", "default"] + """Masking level for payload logs. + + - `full`: The entire payload is masked. + - `partial`: Only partial payload content is masked. + - `clear`: No masking is applied to the payload content. + - `default`: DLP uses its default masking behavior. + """ + updated_at: datetime public_key: Optional[str] = None + """Base64-encoded public key for encrypting payload logs. + + Null when payload logging is disabled. + """ diff --git a/src/cloudflare/types/zero_trust/dlp/payload_log_update_params.py b/src/cloudflare/types/zero_trust/dlp/payload_log_update_params.py index 00ba11328ae..03c7029235e 100644 --- a/src/cloudflare/types/zero_trust/dlp/payload_log_update_params.py +++ b/src/cloudflare/types/zero_trust/dlp/payload_log_update_params.py @@ -3,7 +3,7 @@ from __future__ import annotations from typing import Optional -from typing_extensions import Required, TypedDict +from typing_extensions import Literal, Required, TypedDict __all__ = ["PayloadLogUpdateParams"] @@ -11,4 +11,27 @@ class PayloadLogUpdateParams(TypedDict, total=False): account_id: Required[str] + masking_level: Literal["full", "partial", "clear", "default"] + """Masking level for payload logs. + + - `full`: The entire payload is masked. + - `partial`: Only partial payload content is masked. + - `clear`: No masking is applied to the payload content. + - `default`: DLP uses its default masking behavior. + """ + public_key: Optional[str] + """Base64-encoded public key for encrypting payload logs. + + - Set to null or empty string to disable payload logging. + - Set to a non-empty base64 string to enable payload logging with the given key. + + For customers with configurable payload masking feature rolled out: + + - If the field is missing, the existing setting will be kept. Note that this is + different from setting to null or empty string. + + For all other customers: + + - If the field is missing, the existing setting will be cleared. + """ diff --git a/src/cloudflare/types/zero_trust/dlp/payload_log_update_response.py b/src/cloudflare/types/zero_trust/dlp/payload_log_update_response.py index 1a4e55436e3..20e305721e7 100644 --- a/src/cloudflare/types/zero_trust/dlp/payload_log_update_response.py +++ b/src/cloudflare/types/zero_trust/dlp/payload_log_update_response.py @@ -2,6 +2,7 @@ from typing import Optional from datetime import datetime +from typing_extensions import Literal from ...._models import BaseModel @@ -9,6 +10,19 @@ class PayloadLogUpdateResponse(BaseModel): + masking_level: Literal["full", "partial", "clear", "default"] + """Masking level for payload logs. + + - `full`: The entire payload is masked. + - `partial`: Only partial payload content is masked. + - `clear`: No masking is applied to the payload content. + - `default`: DLP uses its default masking behavior. + """ + updated_at: datetime public_key: Optional[str] = None + """Base64-encoded public key for encrypting payload logs. + + Null when payload logging is disabled. + """ diff --git a/src/cloudflare/types/zero_trust/dlp/profile.py b/src/cloudflare/types/zero_trust/dlp/profile.py index e5b0b8f8ed1..3e204f1c0fa 100644 --- a/src/cloudflare/types/zero_trust/dlp/profile.py +++ b/src/cloudflare/types/zero_trust/dlp/profile.py @@ -23,6 +23,15 @@ "CustomProfileEntryExactDataEntry", "CustomProfileEntryDocumentFingerprintEntry", "CustomProfileEntryWordListEntry", + "CustomProfileSharedEntry", + "CustomProfileSharedEntryCustomEntry", + "CustomProfileSharedEntryPredefinedEntry", + "CustomProfileSharedEntryPredefinedEntryConfidence", + "CustomProfileSharedEntryPredefinedEntryVariant", + "CustomProfileSharedEntryIntegrationEntry", + "CustomProfileSharedEntryExactDataEntry", + "CustomProfileSharedEntryDocumentFingerprintEntry", + "CustomProfileSharedEntryWordListEntry", "PredefinedProfile", "PredefinedProfileEntry", "PredefinedProfileEntryCustomEntry", @@ -43,6 +52,15 @@ "IntegrationProfileEntryExactDataEntry", "IntegrationProfileEntryDocumentFingerprintEntry", "IntegrationProfileEntryWordListEntry", + "IntegrationProfileSharedEntry", + "IntegrationProfileSharedEntryCustomEntry", + "IntegrationProfileSharedEntryPredefinedEntry", + "IntegrationProfileSharedEntryPredefinedEntryConfidence", + "IntegrationProfileSharedEntryPredefinedEntryVariant", + "IntegrationProfileSharedEntryIntegrationEntry", + "IntegrationProfileSharedEntryExactDataEntry", + "IntegrationProfileSharedEntryDocumentFingerprintEntry", + "IntegrationProfileSharedEntryWordListEntry", ] @@ -61,6 +79,8 @@ class CustomProfileEntryCustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None @@ -179,6 +199,141 @@ class CustomProfileEntryWordListEntry(BaseModel): ] +class CustomProfileSharedEntryCustomEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + pattern: Pattern + + type: Literal["custom"] + + updated_at: datetime + + description: Optional[str] = None + + profile_id: Optional[str] = None + + +class CustomProfileSharedEntryPredefinedEntryConfidence(BaseModel): + ai_context_available: bool + """Indicates whether this entry has AI remote service validation.""" + + available: bool + """ + Indicates whether this entry has any form of validation that is not an AI remote + service. + """ + + +class CustomProfileSharedEntryPredefinedEntryVariant(BaseModel): + topic_type: Literal["Intent", "Content"] + + type: Literal["PromptTopic"] + + description: Optional[str] = None + + +class CustomProfileSharedEntryPredefinedEntry(BaseModel): + id: str + + confidence: CustomProfileSharedEntryPredefinedEntryConfidence + + enabled: bool + + name: str + + type: Literal["predefined"] + + profile_id: Optional[str] = None + + variant: Optional[CustomProfileSharedEntryPredefinedEntryVariant] = None + + +class CustomProfileSharedEntryIntegrationEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + type: Literal["integration"] + + updated_at: datetime + + profile_id: Optional[str] = None + + +class CustomProfileSharedEntryExactDataEntry(BaseModel): + id: str + + case_sensitive: bool + """ + Only applies to custom word lists. Determines if the words should be matched in + a case-sensitive manner Cannot be set to false if secret is true + """ + + created_at: datetime + + enabled: bool + + name: str + + secret: bool + + type: Literal["exact_data"] + + updated_at: datetime + + +class CustomProfileSharedEntryDocumentFingerprintEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + type: Literal["document_fingerprint"] + + updated_at: datetime + + +class CustomProfileSharedEntryWordListEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + type: Literal["word_list"] + + updated_at: datetime + + word_list: object + + profile_id: Optional[str] = None + + +CustomProfileSharedEntry: TypeAlias = Union[ + CustomProfileSharedEntryCustomEntry, + CustomProfileSharedEntryPredefinedEntry, + CustomProfileSharedEntryIntegrationEntry, + CustomProfileSharedEntryExactDataEntry, + CustomProfileSharedEntryDocumentFingerprintEntry, + CustomProfileSharedEntryWordListEntry, +] + + class CustomProfile(BaseModel): id: str """The id of the profile (uuid).""" @@ -214,6 +369,8 @@ class CustomProfile(BaseModel): entries: Optional[List[CustomProfileEntry]] = None + shared_entries: Optional[List[CustomProfileSharedEntry]] = None + class PredefinedProfileEntryCustomEntry(BaseModel): id: str @@ -230,6 +387,8 @@ class PredefinedProfileEntryCustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None @@ -392,6 +551,8 @@ class IntegrationProfileEntryCustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None @@ -510,6 +671,141 @@ class IntegrationProfileEntryWordListEntry(BaseModel): ] +class IntegrationProfileSharedEntryCustomEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + pattern: Pattern + + type: Literal["custom"] + + updated_at: datetime + + description: Optional[str] = None + + profile_id: Optional[str] = None + + +class IntegrationProfileSharedEntryPredefinedEntryConfidence(BaseModel): + ai_context_available: bool + """Indicates whether this entry has AI remote service validation.""" + + available: bool + """ + Indicates whether this entry has any form of validation that is not an AI remote + service. + """ + + +class IntegrationProfileSharedEntryPredefinedEntryVariant(BaseModel): + topic_type: Literal["Intent", "Content"] + + type: Literal["PromptTopic"] + + description: Optional[str] = None + + +class IntegrationProfileSharedEntryPredefinedEntry(BaseModel): + id: str + + confidence: IntegrationProfileSharedEntryPredefinedEntryConfidence + + enabled: bool + + name: str + + type: Literal["predefined"] + + profile_id: Optional[str] = None + + variant: Optional[IntegrationProfileSharedEntryPredefinedEntryVariant] = None + + +class IntegrationProfileSharedEntryIntegrationEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + type: Literal["integration"] + + updated_at: datetime + + profile_id: Optional[str] = None + + +class IntegrationProfileSharedEntryExactDataEntry(BaseModel): + id: str + + case_sensitive: bool + """ + Only applies to custom word lists. Determines if the words should be matched in + a case-sensitive manner Cannot be set to false if secret is true + """ + + created_at: datetime + + enabled: bool + + name: str + + secret: bool + + type: Literal["exact_data"] + + updated_at: datetime + + +class IntegrationProfileSharedEntryDocumentFingerprintEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + type: Literal["document_fingerprint"] + + updated_at: datetime + + +class IntegrationProfileSharedEntryWordListEntry(BaseModel): + id: str + + created_at: datetime + + enabled: bool + + name: str + + type: Literal["word_list"] + + updated_at: datetime + + word_list: object + + profile_id: Optional[str] = None + + +IntegrationProfileSharedEntry: TypeAlias = Union[ + IntegrationProfileSharedEntryCustomEntry, + IntegrationProfileSharedEntryPredefinedEntry, + IntegrationProfileSharedEntryIntegrationEntry, + IntegrationProfileSharedEntryExactDataEntry, + IntegrationProfileSharedEntryDocumentFingerprintEntry, + IntegrationProfileSharedEntryWordListEntry, +] + + class IntegrationProfile(BaseModel): id: str @@ -519,6 +815,8 @@ class IntegrationProfile(BaseModel): name: str + shared_entries: List[IntegrationProfileSharedEntry] + type: Literal["integration"] updated_at: datetime diff --git a/src/cloudflare/types/zero_trust/dlp/profile_get_response.py b/src/cloudflare/types/zero_trust/dlp/profile_get_response.py deleted file mode 100644 index 1732d21bee9..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/profile_get_response.py +++ /dev/null @@ -1,528 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Union, Optional -from datetime import datetime -from typing_extensions import Literal, Annotated, TypeAlias - -from ...._utils import PropertyInfo -from ...._models import BaseModel -from .profiles.pattern import Pattern -from .context_awareness import ContextAwareness - -__all__ = [ - "ProfileGetResponse", - "Custom", - "CustomEntry", - "CustomEntryCustomEntry", - "CustomEntryPredefinedEntry", - "CustomEntryPredefinedEntryConfidence", - "CustomEntryPredefinedEntryVariant", - "CustomEntryIntegrationEntry", - "CustomEntryExactDataEntry", - "CustomEntryDocumentFingerprintEntry", - "CustomEntryWordListEntry", - "Predefined", - "PredefinedEntry", - "PredefinedEntryCustomEntry", - "PredefinedEntryPredefinedEntry", - "PredefinedEntryPredefinedEntryConfidence", - "PredefinedEntryPredefinedEntryVariant", - "PredefinedEntryIntegrationEntry", - "PredefinedEntryExactDataEntry", - "PredefinedEntryDocumentFingerprintEntry", - "PredefinedEntryWordListEntry", - "Integration", - "IntegrationEntry", - "IntegrationEntryCustomEntry", - "IntegrationEntryPredefinedEntry", - "IntegrationEntryPredefinedEntryConfidence", - "IntegrationEntryPredefinedEntryVariant", - "IntegrationEntryIntegrationEntry", - "IntegrationEntryExactDataEntry", - "IntegrationEntryDocumentFingerprintEntry", - "IntegrationEntryWordListEntry", -] - - -class CustomEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class CustomEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class CustomEntryPredefinedEntry(BaseModel): - id: str - - confidence: CustomEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[CustomEntryPredefinedEntryVariant] = None - - -class CustomEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class CustomEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class CustomEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -CustomEntry: TypeAlias = Union[ - CustomEntryCustomEntry, - CustomEntryPredefinedEntry, - CustomEntryIntegrationEntry, - CustomEntryExactDataEntry, - CustomEntryDocumentFingerprintEntry, - CustomEntryWordListEntry, -] - - -class Custom(BaseModel): - id: str - """The id of the profile (uuid).""" - - allowed_match_count: int - """Related DLP policies will trigger when the match count exceeds the number set.""" - - created_at: datetime - """When the profile was created.""" - - name: str - """The name of the profile.""" - - ocr_enabled: bool - - type: Literal["custom"] - - updated_at: datetime - """When the profile was lasted updated.""" - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - description: Optional[str] = None - """The description of the profile.""" - - entries: Optional[List[CustomEntry]] = None - - -class PredefinedEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class PredefinedEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class PredefinedEntryPredefinedEntry(BaseModel): - id: str - - confidence: PredefinedEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[PredefinedEntryPredefinedEntryVariant] = None - - -class PredefinedEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class PredefinedEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class PredefinedEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -PredefinedEntry: TypeAlias = Union[ - PredefinedEntryCustomEntry, - PredefinedEntryPredefinedEntry, - PredefinedEntryIntegrationEntry, - PredefinedEntryExactDataEntry, - PredefinedEntryDocumentFingerprintEntry, - PredefinedEntryWordListEntry, -] - - -class Predefined(BaseModel): - id: str - """The id of the predefined profile (uuid).""" - - allowed_match_count: int - - entries: List[PredefinedEntry] - - name: str - """The name of the predefined profile.""" - - type: Literal["predefined"] - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - ocr_enabled: Optional[bool] = None - - open_access: Optional[bool] = None - """Whether this profile can be accessed by anyone.""" - - -class IntegrationEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class IntegrationEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class IntegrationEntryPredefinedEntry(BaseModel): - id: str - - confidence: IntegrationEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[IntegrationEntryPredefinedEntryVariant] = None - - -class IntegrationEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class IntegrationEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class IntegrationEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -IntegrationEntry: TypeAlias = Union[ - IntegrationEntryCustomEntry, - IntegrationEntryPredefinedEntry, - IntegrationEntryIntegrationEntry, - IntegrationEntryExactDataEntry, - IntegrationEntryDocumentFingerprintEntry, - IntegrationEntryWordListEntry, -] - - -class Integration(BaseModel): - id: str - - created_at: datetime - - entries: List[IntegrationEntry] - - name: str - - type: Literal["integration"] - - updated_at: datetime - - description: Optional[str] = None - """The description of the profile.""" - - -ProfileGetResponse: TypeAlias = Annotated[Union[Custom, Predefined, Integration], PropertyInfo(discriminator="type")] diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/__init__.py b/src/cloudflare/types/zero_trust/dlp/profiles/__init__.py index 79e08403dc0..b5a089b62b7 100644 --- a/src/cloudflare/types/zero_trust/dlp/profiles/__init__.py +++ b/src/cloudflare/types/zero_trust/dlp/profiles/__init__.py @@ -4,11 +4,7 @@ from .pattern import Pattern as Pattern from .pattern_param import PatternParam as PatternParam -from .custom_get_response import CustomGetResponse as CustomGetResponse +from .predefined_profile import PredefinedProfile as PredefinedProfile from .custom_create_params import CustomCreateParams as CustomCreateParams from .custom_update_params import CustomUpdateParams as CustomUpdateParams -from .custom_create_response import CustomCreateResponse as CustomCreateResponse -from .custom_update_response import CustomUpdateResponse as CustomUpdateResponse -from .predefined_get_response import PredefinedGetResponse as PredefinedGetResponse from .predefined_update_params import PredefinedUpdateParams as PredefinedUpdateParams -from .predefined_update_response import PredefinedUpdateResponse as PredefinedUpdateResponse diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/custom_create_params.py b/src/cloudflare/types/zero_trust/dlp/profiles/custom_create_params.py index 42b151cc13d..fa44d5c365f 100644 --- a/src/cloudflare/types/zero_trust/dlp/profiles/custom_create_params.py +++ b/src/cloudflare/types/zero_trust/dlp/profiles/custom_create_params.py @@ -52,6 +52,8 @@ class EntryDLPNewCustomEntry(TypedDict, total=False): pattern: Required[PatternParam] + description: Optional[str] + class EntryDLPNewWordListEntry(TypedDict, total=False): enabled: Required[bool] diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/custom_create_response.py b/src/cloudflare/types/zero_trust/dlp/profiles/custom_create_response.py deleted file mode 100644 index 5e9f63ca298..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/profiles/custom_create_response.py +++ /dev/null @@ -1,528 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Union, Optional -from datetime import datetime -from typing_extensions import Literal, Annotated, TypeAlias - -from .pattern import Pattern -from ....._utils import PropertyInfo -from ....._models import BaseModel -from ..context_awareness import ContextAwareness - -__all__ = [ - "CustomCreateResponse", - "Custom", - "CustomEntry", - "CustomEntryCustomEntry", - "CustomEntryPredefinedEntry", - "CustomEntryPredefinedEntryConfidence", - "CustomEntryPredefinedEntryVariant", - "CustomEntryIntegrationEntry", - "CustomEntryExactDataEntry", - "CustomEntryDocumentFingerprintEntry", - "CustomEntryWordListEntry", - "Predefined", - "PredefinedEntry", - "PredefinedEntryCustomEntry", - "PredefinedEntryPredefinedEntry", - "PredefinedEntryPredefinedEntryConfidence", - "PredefinedEntryPredefinedEntryVariant", - "PredefinedEntryIntegrationEntry", - "PredefinedEntryExactDataEntry", - "PredefinedEntryDocumentFingerprintEntry", - "PredefinedEntryWordListEntry", - "Integration", - "IntegrationEntry", - "IntegrationEntryCustomEntry", - "IntegrationEntryPredefinedEntry", - "IntegrationEntryPredefinedEntryConfidence", - "IntegrationEntryPredefinedEntryVariant", - "IntegrationEntryIntegrationEntry", - "IntegrationEntryExactDataEntry", - "IntegrationEntryDocumentFingerprintEntry", - "IntegrationEntryWordListEntry", -] - - -class CustomEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class CustomEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class CustomEntryPredefinedEntry(BaseModel): - id: str - - confidence: CustomEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[CustomEntryPredefinedEntryVariant] = None - - -class CustomEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class CustomEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class CustomEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -CustomEntry: TypeAlias = Union[ - CustomEntryCustomEntry, - CustomEntryPredefinedEntry, - CustomEntryIntegrationEntry, - CustomEntryExactDataEntry, - CustomEntryDocumentFingerprintEntry, - CustomEntryWordListEntry, -] - - -class Custom(BaseModel): - id: str - """The id of the profile (uuid).""" - - allowed_match_count: int - """Related DLP policies will trigger when the match count exceeds the number set.""" - - created_at: datetime - """When the profile was created.""" - - name: str - """The name of the profile.""" - - ocr_enabled: bool - - type: Literal["custom"] - - updated_at: datetime - """When the profile was lasted updated.""" - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - description: Optional[str] = None - """The description of the profile.""" - - entries: Optional[List[CustomEntry]] = None - - -class PredefinedEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class PredefinedEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class PredefinedEntryPredefinedEntry(BaseModel): - id: str - - confidence: PredefinedEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[PredefinedEntryPredefinedEntryVariant] = None - - -class PredefinedEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class PredefinedEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class PredefinedEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -PredefinedEntry: TypeAlias = Union[ - PredefinedEntryCustomEntry, - PredefinedEntryPredefinedEntry, - PredefinedEntryIntegrationEntry, - PredefinedEntryExactDataEntry, - PredefinedEntryDocumentFingerprintEntry, - PredefinedEntryWordListEntry, -] - - -class Predefined(BaseModel): - id: str - """The id of the predefined profile (uuid).""" - - allowed_match_count: int - - entries: List[PredefinedEntry] - - name: str - """The name of the predefined profile.""" - - type: Literal["predefined"] - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - ocr_enabled: Optional[bool] = None - - open_access: Optional[bool] = None - """Whether this profile can be accessed by anyone.""" - - -class IntegrationEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class IntegrationEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class IntegrationEntryPredefinedEntry(BaseModel): - id: str - - confidence: IntegrationEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[IntegrationEntryPredefinedEntryVariant] = None - - -class IntegrationEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class IntegrationEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class IntegrationEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -IntegrationEntry: TypeAlias = Union[ - IntegrationEntryCustomEntry, - IntegrationEntryPredefinedEntry, - IntegrationEntryIntegrationEntry, - IntegrationEntryExactDataEntry, - IntegrationEntryDocumentFingerprintEntry, - IntegrationEntryWordListEntry, -] - - -class Integration(BaseModel): - id: str - - created_at: datetime - - entries: List[IntegrationEntry] - - name: str - - type: Literal["integration"] - - updated_at: datetime - - description: Optional[str] = None - """The description of the profile.""" - - -CustomCreateResponse: TypeAlias = Annotated[Union[Custom, Predefined, Integration], PropertyInfo(discriminator="type")] diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/custom_get_response.py b/src/cloudflare/types/zero_trust/dlp/profiles/custom_get_response.py deleted file mode 100644 index 05c7b9010cf..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/profiles/custom_get_response.py +++ /dev/null @@ -1,528 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Union, Optional -from datetime import datetime -from typing_extensions import Literal, Annotated, TypeAlias - -from .pattern import Pattern -from ....._utils import PropertyInfo -from ....._models import BaseModel -from ..context_awareness import ContextAwareness - -__all__ = [ - "CustomGetResponse", - "Custom", - "CustomEntry", - "CustomEntryCustomEntry", - "CustomEntryPredefinedEntry", - "CustomEntryPredefinedEntryConfidence", - "CustomEntryPredefinedEntryVariant", - "CustomEntryIntegrationEntry", - "CustomEntryExactDataEntry", - "CustomEntryDocumentFingerprintEntry", - "CustomEntryWordListEntry", - "Predefined", - "PredefinedEntry", - "PredefinedEntryCustomEntry", - "PredefinedEntryPredefinedEntry", - "PredefinedEntryPredefinedEntryConfidence", - "PredefinedEntryPredefinedEntryVariant", - "PredefinedEntryIntegrationEntry", - "PredefinedEntryExactDataEntry", - "PredefinedEntryDocumentFingerprintEntry", - "PredefinedEntryWordListEntry", - "Integration", - "IntegrationEntry", - "IntegrationEntryCustomEntry", - "IntegrationEntryPredefinedEntry", - "IntegrationEntryPredefinedEntryConfidence", - "IntegrationEntryPredefinedEntryVariant", - "IntegrationEntryIntegrationEntry", - "IntegrationEntryExactDataEntry", - "IntegrationEntryDocumentFingerprintEntry", - "IntegrationEntryWordListEntry", -] - - -class CustomEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class CustomEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class CustomEntryPredefinedEntry(BaseModel): - id: str - - confidence: CustomEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[CustomEntryPredefinedEntryVariant] = None - - -class CustomEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class CustomEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class CustomEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -CustomEntry: TypeAlias = Union[ - CustomEntryCustomEntry, - CustomEntryPredefinedEntry, - CustomEntryIntegrationEntry, - CustomEntryExactDataEntry, - CustomEntryDocumentFingerprintEntry, - CustomEntryWordListEntry, -] - - -class Custom(BaseModel): - id: str - """The id of the profile (uuid).""" - - allowed_match_count: int - """Related DLP policies will trigger when the match count exceeds the number set.""" - - created_at: datetime - """When the profile was created.""" - - name: str - """The name of the profile.""" - - ocr_enabled: bool - - type: Literal["custom"] - - updated_at: datetime - """When the profile was lasted updated.""" - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - description: Optional[str] = None - """The description of the profile.""" - - entries: Optional[List[CustomEntry]] = None - - -class PredefinedEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class PredefinedEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class PredefinedEntryPredefinedEntry(BaseModel): - id: str - - confidence: PredefinedEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[PredefinedEntryPredefinedEntryVariant] = None - - -class PredefinedEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class PredefinedEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class PredefinedEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -PredefinedEntry: TypeAlias = Union[ - PredefinedEntryCustomEntry, - PredefinedEntryPredefinedEntry, - PredefinedEntryIntegrationEntry, - PredefinedEntryExactDataEntry, - PredefinedEntryDocumentFingerprintEntry, - PredefinedEntryWordListEntry, -] - - -class Predefined(BaseModel): - id: str - """The id of the predefined profile (uuid).""" - - allowed_match_count: int - - entries: List[PredefinedEntry] - - name: str - """The name of the predefined profile.""" - - type: Literal["predefined"] - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - ocr_enabled: Optional[bool] = None - - open_access: Optional[bool] = None - """Whether this profile can be accessed by anyone.""" - - -class IntegrationEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class IntegrationEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class IntegrationEntryPredefinedEntry(BaseModel): - id: str - - confidence: IntegrationEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[IntegrationEntryPredefinedEntryVariant] = None - - -class IntegrationEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class IntegrationEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class IntegrationEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -IntegrationEntry: TypeAlias = Union[ - IntegrationEntryCustomEntry, - IntegrationEntryPredefinedEntry, - IntegrationEntryIntegrationEntry, - IntegrationEntryExactDataEntry, - IntegrationEntryDocumentFingerprintEntry, - IntegrationEntryWordListEntry, -] - - -class Integration(BaseModel): - id: str - - created_at: datetime - - entries: List[IntegrationEntry] - - name: str - - type: Literal["integration"] - - updated_at: datetime - - description: Optional[str] = None - """The description of the profile.""" - - -CustomGetResponse: TypeAlias = Annotated[Union[Custom, Predefined, Integration], PropertyInfo(discriminator="type")] diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/custom_update_params.py b/src/cloudflare/types/zero_trust/dlp/profiles/custom_update_params.py index 30d00081f93..b6b46d1059d 100644 --- a/src/cloudflare/types/zero_trust/dlp/profiles/custom_update_params.py +++ b/src/cloudflare/types/zero_trust/dlp/profiles/custom_update_params.py @@ -52,6 +52,8 @@ class EntryDLPNewCustomEntryWithID(TypedDict, total=False): pattern: Required[PatternParam] + description: Optional[str] + class EntryDLPNewCustomEntry(TypedDict, total=False): enabled: Required[bool] @@ -60,6 +62,8 @@ class EntryDLPNewCustomEntry(TypedDict, total=False): pattern: Required[PatternParam] + description: Optional[str] + Entry: TypeAlias = Union[EntryDLPNewCustomEntryWithID, EntryDLPNewCustomEntry] diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/custom_update_response.py b/src/cloudflare/types/zero_trust/dlp/profiles/custom_update_response.py deleted file mode 100644 index 47443582e9c..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/profiles/custom_update_response.py +++ /dev/null @@ -1,528 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Union, Optional -from datetime import datetime -from typing_extensions import Literal, Annotated, TypeAlias - -from .pattern import Pattern -from ....._utils import PropertyInfo -from ....._models import BaseModel -from ..context_awareness import ContextAwareness - -__all__ = [ - "CustomUpdateResponse", - "Custom", - "CustomEntry", - "CustomEntryCustomEntry", - "CustomEntryPredefinedEntry", - "CustomEntryPredefinedEntryConfidence", - "CustomEntryPredefinedEntryVariant", - "CustomEntryIntegrationEntry", - "CustomEntryExactDataEntry", - "CustomEntryDocumentFingerprintEntry", - "CustomEntryWordListEntry", - "Predefined", - "PredefinedEntry", - "PredefinedEntryCustomEntry", - "PredefinedEntryPredefinedEntry", - "PredefinedEntryPredefinedEntryConfidence", - "PredefinedEntryPredefinedEntryVariant", - "PredefinedEntryIntegrationEntry", - "PredefinedEntryExactDataEntry", - "PredefinedEntryDocumentFingerprintEntry", - "PredefinedEntryWordListEntry", - "Integration", - "IntegrationEntry", - "IntegrationEntryCustomEntry", - "IntegrationEntryPredefinedEntry", - "IntegrationEntryPredefinedEntryConfidence", - "IntegrationEntryPredefinedEntryVariant", - "IntegrationEntryIntegrationEntry", - "IntegrationEntryExactDataEntry", - "IntegrationEntryDocumentFingerprintEntry", - "IntegrationEntryWordListEntry", -] - - -class CustomEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class CustomEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class CustomEntryPredefinedEntry(BaseModel): - id: str - - confidence: CustomEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[CustomEntryPredefinedEntryVariant] = None - - -class CustomEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class CustomEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class CustomEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class CustomEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -CustomEntry: TypeAlias = Union[ - CustomEntryCustomEntry, - CustomEntryPredefinedEntry, - CustomEntryIntegrationEntry, - CustomEntryExactDataEntry, - CustomEntryDocumentFingerprintEntry, - CustomEntryWordListEntry, -] - - -class Custom(BaseModel): - id: str - """The id of the profile (uuid).""" - - allowed_match_count: int - """Related DLP policies will trigger when the match count exceeds the number set.""" - - created_at: datetime - """When the profile was created.""" - - name: str - """The name of the profile.""" - - ocr_enabled: bool - - type: Literal["custom"] - - updated_at: datetime - """When the profile was lasted updated.""" - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - description: Optional[str] = None - """The description of the profile.""" - - entries: Optional[List[CustomEntry]] = None - - -class PredefinedEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class PredefinedEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class PredefinedEntryPredefinedEntry(BaseModel): - id: str - - confidence: PredefinedEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[PredefinedEntryPredefinedEntryVariant] = None - - -class PredefinedEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class PredefinedEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class PredefinedEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class PredefinedEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -PredefinedEntry: TypeAlias = Union[ - PredefinedEntryCustomEntry, - PredefinedEntryPredefinedEntry, - PredefinedEntryIntegrationEntry, - PredefinedEntryExactDataEntry, - PredefinedEntryDocumentFingerprintEntry, - PredefinedEntryWordListEntry, -] - - -class Predefined(BaseModel): - id: str - """The id of the predefined profile (uuid).""" - - allowed_match_count: int - - entries: List[PredefinedEntry] - - name: str - """The name of the predefined profile.""" - - type: Literal["predefined"] - - ai_context_enabled: Optional[bool] = None - - confidence_threshold: Optional[Literal["low", "medium", "high", "very_high"]] = None - - context_awareness: Optional[ContextAwareness] = None - """ - Scan the context of predefined entries to only return matches surrounded by - keywords. - """ - - ocr_enabled: Optional[bool] = None - - open_access: Optional[bool] = None - """Whether this profile can be accessed by anyone.""" - - -class IntegrationEntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class IntegrationEntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class IntegrationEntryPredefinedEntry(BaseModel): - id: str - - confidence: IntegrationEntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[IntegrationEntryPredefinedEntryVariant] = None - - -class IntegrationEntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class IntegrationEntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class IntegrationEntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class IntegrationEntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -IntegrationEntry: TypeAlias = Union[ - IntegrationEntryCustomEntry, - IntegrationEntryPredefinedEntry, - IntegrationEntryIntegrationEntry, - IntegrationEntryExactDataEntry, - IntegrationEntryDocumentFingerprintEntry, - IntegrationEntryWordListEntry, -] - - -class Integration(BaseModel): - id: str - - created_at: datetime - - entries: List[IntegrationEntry] - - name: str - - type: Literal["integration"] - - updated_at: datetime - - description: Optional[str] = None - """The description of the profile.""" - - -CustomUpdateResponse: TypeAlias = Annotated[Union[Custom, Predefined, Integration], PropertyInfo(discriminator="type")] diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/predefined_get_response.py b/src/cloudflare/types/zero_trust/dlp/profiles/predefined_profile.py similarity index 97% rename from src/cloudflare/types/zero_trust/dlp/profiles/predefined_get_response.py rename to src/cloudflare/types/zero_trust/dlp/profiles/predefined_profile.py index e58ce4e7c97..b3c97b85ffc 100644 --- a/src/cloudflare/types/zero_trust/dlp/profiles/predefined_get_response.py +++ b/src/cloudflare/types/zero_trust/dlp/profiles/predefined_profile.py @@ -8,7 +8,7 @@ from ....._models import BaseModel __all__ = [ - "PredefinedGetResponse", + "PredefinedProfile", "Entry", "EntryCustomEntry", "EntryPredefinedEntry", @@ -36,6 +36,8 @@ class EntryCustomEntry(BaseModel): updated_at: datetime + description: Optional[str] = None + profile_id: Optional[str] = None @@ -154,7 +156,7 @@ class EntryWordListEntry(BaseModel): ] -class PredefinedGetResponse(BaseModel): +class PredefinedProfile(BaseModel): id: str """The id of the predefined profile (uuid).""" diff --git a/src/cloudflare/types/zero_trust/dlp/profiles/predefined_update_response.py b/src/cloudflare/types/zero_trust/dlp/profiles/predefined_update_response.py deleted file mode 100644 index 4f11f1de79d..00000000000 --- a/src/cloudflare/types/zero_trust/dlp/profiles/predefined_update_response.py +++ /dev/null @@ -1,182 +0,0 @@ -# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -from typing import List, Union, Optional -from datetime import datetime -from typing_extensions import Literal, TypeAlias - -from .pattern import Pattern -from ....._models import BaseModel - -__all__ = [ - "PredefinedUpdateResponse", - "Entry", - "EntryCustomEntry", - "EntryPredefinedEntry", - "EntryPredefinedEntryConfidence", - "EntryPredefinedEntryVariant", - "EntryIntegrationEntry", - "EntryExactDataEntry", - "EntryDocumentFingerprintEntry", - "EntryWordListEntry", -] - - -class EntryCustomEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - pattern: Pattern - - type: Literal["custom"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class EntryPredefinedEntryConfidence(BaseModel): - ai_context_available: bool - """Indicates whether this entry has AI remote service validation.""" - - available: bool - """ - Indicates whether this entry has any form of validation that is not an AI remote - service. - """ - - -class EntryPredefinedEntryVariant(BaseModel): - topic_type: Literal["Intent", "Content"] - - type: Literal["PromptTopic"] - - description: Optional[str] = None - - -class EntryPredefinedEntry(BaseModel): - id: str - - confidence: EntryPredefinedEntryConfidence - - enabled: bool - - name: str - - type: Literal["predefined"] - - profile_id: Optional[str] = None - - variant: Optional[EntryPredefinedEntryVariant] = None - - -class EntryIntegrationEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["integration"] - - updated_at: datetime - - profile_id: Optional[str] = None - - -class EntryExactDataEntry(BaseModel): - id: str - - case_sensitive: bool - """ - Only applies to custom word lists. Determines if the words should be matched in - a case-sensitive manner Cannot be set to false if secret is true - """ - - created_at: datetime - - enabled: bool - - name: str - - secret: bool - - type: Literal["exact_data"] - - updated_at: datetime - - -class EntryDocumentFingerprintEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["document_fingerprint"] - - updated_at: datetime - - -class EntryWordListEntry(BaseModel): - id: str - - created_at: datetime - - enabled: bool - - name: str - - type: Literal["word_list"] - - updated_at: datetime - - word_list: object - - profile_id: Optional[str] = None - - -Entry: TypeAlias = Union[ - EntryCustomEntry, - EntryPredefinedEntry, - EntryIntegrationEntry, - EntryExactDataEntry, - EntryDocumentFingerprintEntry, - EntryWordListEntry, -] - - -class PredefinedUpdateResponse(BaseModel): - id: str - """The id of the predefined profile (uuid).""" - - allowed_match_count: int - - confidence_threshold: Optional[str] = None - - enabled_entries: List[str] - """Entries to enable for this predefined profile. - - Any entries not provided will be disabled. - """ - - entries: List[Entry] - """This field has been deprecated for `enabled_entries`.""" - - name: str - """The name of the predefined profile.""" - - ai_context_enabled: Optional[bool] = None - - ocr_enabled: Optional[bool] = None - - open_access: Optional[bool] = None - """Whether this profile can be accessed by anyone.""" diff --git a/src/cloudflare/types/zero_trust/gateway/__init__.py b/src/cloudflare/types/zero_trust/gateway/__init__.py index 17c93d1d9b4..f275cbda762 100644 --- a/src/cloudflare/types/zero_trust/gateway/__init__.py +++ b/src/cloudflare/types/zero_trust/gateway/__init__.py @@ -45,13 +45,19 @@ from .ipv4_endpoint_param import IPV4EndpointParam as IPV4EndpointParam from .ipv6_endpoint_param import IPV6EndpointParam as IPV6EndpointParam from .list_create_response import ListCreateResponse as ListCreateResponse +from .pacfile_get_response import PacfileGetResponse as PacfileGetResponse from .activity_log_settings import ActivityLogSettings as ActivityLogSettings from .logging_update_params import LoggingUpdateParams as LoggingUpdateParams from .notification_settings import NotificationSettings as NotificationSettings +from .pacfile_create_params import PacfileCreateParams as PacfileCreateParams +from .pacfile_list_response import PacfileListResponse as PacfileListResponse +from .pacfile_update_params import PacfileUpdateParams as PacfileUpdateParams from .body_scanning_settings import BodyScanningSettings as BodyScanningSettings from .location_create_params import LocationCreateParams as LocationCreateParams from .location_update_params import LocationUpdateParams as LocationUpdateParams from .extended_email_matching import ExtendedEmailMatching as ExtendedEmailMatching +from .pacfile_create_response import PacfileCreateResponse as PacfileCreateResponse +from .pacfile_update_response import PacfileUpdateResponse as PacfileUpdateResponse from .certificate_get_response import CertificateGetResponse as CertificateGetResponse from .dns_resolver_settings_v4 import DNSResolverSettingsV4 as DNSResolverSettingsV4 from .dns_resolver_settings_v6 import DNSResolverSettingsV6 as DNSResolverSettingsV6 diff --git a/src/cloudflare/types/zero_trust/gateway/pacfile_create_params.py b/src/cloudflare/types/zero_trust/gateway/pacfile_create_params.py new file mode 100644 index 00000000000..e37e43b96b1 --- /dev/null +++ b/src/cloudflare/types/zero_trust/gateway/pacfile_create_params.py @@ -0,0 +1,26 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["PacfileCreateParams"] + + +class PacfileCreateParams(TypedDict, total=False): + account_id: Required[str] + + contents: Required[str] + """Actual contents of the PAC file""" + + name: Required[str] + """Name of the PAC file.""" + + description: str + """Detailed description of the PAC file.""" + + slug: str + """URL-friendly version of the PAC file name. + + If not provided, it will be auto-generated + """ diff --git a/src/cloudflare/types/zero_trust/gateway/pacfile_create_response.py b/src/cloudflare/types/zero_trust/gateway/pacfile_create_response.py new file mode 100644 index 00000000000..29cb1790a79 --- /dev/null +++ b/src/cloudflare/types/zero_trust/gateway/pacfile_create_response.py @@ -0,0 +1,31 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime + +from ...._models import BaseModel + +__all__ = ["PacfileCreateResponse"] + + +class PacfileCreateResponse(BaseModel): + id: Optional[str] = None + + contents: Optional[str] = None + """Actual contents of the PAC file""" + + created_at: Optional[datetime] = None + + description: Optional[str] = None + """Detailed description of the PAC file.""" + + name: Optional[str] = None + """Name of the PAC file.""" + + slug: Optional[str] = None + """URL-friendly version of the PAC file name.""" + + updated_at: Optional[datetime] = None + + url: Optional[str] = None + """Unique URL to download the PAC file.""" diff --git a/src/cloudflare/types/zero_trust/gateway/pacfile_get_response.py b/src/cloudflare/types/zero_trust/gateway/pacfile_get_response.py new file mode 100644 index 00000000000..05d40ed6c8b --- /dev/null +++ b/src/cloudflare/types/zero_trust/gateway/pacfile_get_response.py @@ -0,0 +1,31 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime + +from ...._models import BaseModel + +__all__ = ["PacfileGetResponse"] + + +class PacfileGetResponse(BaseModel): + id: Optional[str] = None + + contents: Optional[str] = None + """Actual contents of the PAC file""" + + created_at: Optional[datetime] = None + + description: Optional[str] = None + """Detailed description of the PAC file.""" + + name: Optional[str] = None + """Name of the PAC file.""" + + slug: Optional[str] = None + """URL-friendly version of the PAC file name.""" + + updated_at: Optional[datetime] = None + + url: Optional[str] = None + """Unique URL to download the PAC file.""" diff --git a/src/cloudflare/types/zero_trust/gateway/pacfile_list_response.py b/src/cloudflare/types/zero_trust/gateway/pacfile_list_response.py new file mode 100644 index 00000000000..c871d0dcee4 --- /dev/null +++ b/src/cloudflare/types/zero_trust/gateway/pacfile_list_response.py @@ -0,0 +1,28 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime + +from ...._models import BaseModel + +__all__ = ["PacfileListResponse"] + + +class PacfileListResponse(BaseModel): + id: Optional[str] = None + + created_at: Optional[datetime] = None + + description: Optional[str] = None + """Detailed description of the PAC file.""" + + name: Optional[str] = None + """Name of the PAC file.""" + + slug: Optional[str] = None + """URL-friendly version of the PAC file name.""" + + updated_at: Optional[datetime] = None + + url: Optional[str] = None + """Unique URL to download the PAC file.""" diff --git a/src/cloudflare/types/zero_trust/gateway/pacfile_update_params.py b/src/cloudflare/types/zero_trust/gateway/pacfile_update_params.py new file mode 100644 index 00000000000..60f44fe4a85 --- /dev/null +++ b/src/cloudflare/types/zero_trust/gateway/pacfile_update_params.py @@ -0,0 +1,20 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["PacfileUpdateParams"] + + +class PacfileUpdateParams(TypedDict, total=False): + account_id: Required[str] + + contents: Required[str] + """Actual contents of the PAC file""" + + description: Required[str] + """Detailed description of the PAC file.""" + + name: Required[str] + """Name of the PAC file.""" diff --git a/src/cloudflare/types/zero_trust/gateway/pacfile_update_response.py b/src/cloudflare/types/zero_trust/gateway/pacfile_update_response.py new file mode 100644 index 00000000000..f2ce8573aa9 --- /dev/null +++ b/src/cloudflare/types/zero_trust/gateway/pacfile_update_response.py @@ -0,0 +1,31 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime + +from ...._models import BaseModel + +__all__ = ["PacfileUpdateResponse"] + + +class PacfileUpdateResponse(BaseModel): + id: Optional[str] = None + + contents: Optional[str] = None + """Actual contents of the PAC file""" + + created_at: Optional[datetime] = None + + description: Optional[str] = None + """Detailed description of the PAC file.""" + + name: Optional[str] = None + """Name of the PAC file.""" + + slug: Optional[str] = None + """URL-friendly version of the PAC file name.""" + + updated_at: Optional[datetime] = None + + url: Optional[str] = None + """Unique URL to download the PAC file.""" diff --git a/src/cloudflare/types/zero_trust/networks/subnet_list_response.py b/src/cloudflare/types/zero_trust/networks/subnet_list_response.py index c6218a22a82..4ecca401e28 100644 --- a/src/cloudflare/types/zero_trust/networks/subnet_list_response.py +++ b/src/cloudflare/types/zero_trust/networks/subnet_list_response.py @@ -37,5 +37,5 @@ class SubnetListResponse(BaseModel): network: Optional[str] = None """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" - subnet_type: Optional[Literal["cloudflare_source"]] = None + subnet_type: Optional[Literal["cloudflare_source", "warp"]] = None """The type of subnet.""" diff --git a/src/cloudflare/types/zero_trust/networks/subnets/__init__.py b/src/cloudflare/types/zero_trust/networks/subnets/__init__.py index afa04bcaada..5c47375b355 100644 --- a/src/cloudflare/types/zero_trust/networks/subnets/__init__.py +++ b/src/cloudflare/types/zero_trust/networks/subnets/__init__.py @@ -2,5 +2,11 @@ from __future__ import annotations +from .warp_edit_params import WARPEditParams as WARPEditParams +from .warp_get_response import WARPGetResponse as WARPGetResponse +from .warp_create_params import WARPCreateParams as WARPCreateParams +from .warp_edit_response import WARPEditResponse as WARPEditResponse +from .warp_create_response import WARPCreateResponse as WARPCreateResponse +from .warp_delete_response import WARPDeleteResponse as WARPDeleteResponse from .cloudflare_source_update_params import CloudflareSourceUpdateParams as CloudflareSourceUpdateParams from .cloudflare_source_update_response import CloudflareSourceUpdateResponse as CloudflareSourceUpdateResponse diff --git a/src/cloudflare/types/zero_trust/networks/subnets/cloudflare_source_update_response.py b/src/cloudflare/types/zero_trust/networks/subnets/cloudflare_source_update_response.py index 7630e9fe39a..37f881d9a97 100644 --- a/src/cloudflare/types/zero_trust/networks/subnets/cloudflare_source_update_response.py +++ b/src/cloudflare/types/zero_trust/networks/subnets/cloudflare_source_update_response.py @@ -37,5 +37,5 @@ class CloudflareSourceUpdateResponse(BaseModel): network: Optional[str] = None """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" - subnet_type: Optional[Literal["cloudflare_source"]] = None + subnet_type: Optional[Literal["cloudflare_source", "warp"]] = None """The type of subnet.""" diff --git a/src/cloudflare/types/zero_trust/networks/subnets/warp_create_params.py b/src/cloudflare/types/zero_trust/networks/subnets/warp_create_params.py new file mode 100644 index 00000000000..e9ea45f0951 --- /dev/null +++ b/src/cloudflare/types/zero_trust/networks/subnets/warp_create_params.py @@ -0,0 +1,27 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["WARPCreateParams"] + + +class WARPCreateParams(TypedDict, total=False): + account_id: Required[str] + """Cloudflare account ID""" + + name: Required[str] + """A user-friendly name for the subnet.""" + + network: Required[str] + """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" + + comment: str + """An optional description of the subnet.""" + + is_default_network: bool + """If `true`, this is the default subnet for the account. + + There can only be one default subnet per account. + """ diff --git a/src/cloudflare/types/zero_trust/networks/subnets/warp_create_response.py b/src/cloudflare/types/zero_trust/networks/subnets/warp_create_response.py new file mode 100644 index 00000000000..c4ae8abfb42 --- /dev/null +++ b/src/cloudflare/types/zero_trust/networks/subnets/warp_create_response.py @@ -0,0 +1,41 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime +from typing_extensions import Literal + +from ....._models import BaseModel + +__all__ = ["WARPCreateResponse"] + + +class WARPCreateResponse(BaseModel): + id: Optional[str] = None + """The UUID of the subnet.""" + + comment: Optional[str] = None + """An optional description of the subnet.""" + + created_at: Optional[datetime] = None + """Timestamp of when the resource was created.""" + + deleted_at: Optional[datetime] = None + """Timestamp of when the resource was deleted. + + If `null`, the resource has not been deleted. + """ + + is_default_network: Optional[bool] = None + """If `true`, this is the default subnet for the account. + + There can only be one default subnet per account. + """ + + name: Optional[str] = None + """A user-friendly name for the subnet.""" + + network: Optional[str] = None + """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" + + subnet_type: Optional[Literal["cloudflare_source", "warp"]] = None + """The type of subnet.""" diff --git a/src/cloudflare/types/zero_trust/networks/subnets/warp_delete_response.py b/src/cloudflare/types/zero_trust/networks/subnets/warp_delete_response.py new file mode 100644 index 00000000000..675377f381c --- /dev/null +++ b/src/cloudflare/types/zero_trust/networks/subnets/warp_delete_response.py @@ -0,0 +1,41 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime +from typing_extensions import Literal + +from ....._models import BaseModel + +__all__ = ["WARPDeleteResponse"] + + +class WARPDeleteResponse(BaseModel): + id: Optional[str] = None + """The UUID of the subnet.""" + + comment: Optional[str] = None + """An optional description of the subnet.""" + + created_at: Optional[datetime] = None + """Timestamp of when the resource was created.""" + + deleted_at: Optional[datetime] = None + """Timestamp of when the resource was deleted. + + If `null`, the resource has not been deleted. + """ + + is_default_network: Optional[bool] = None + """If `true`, this is the default subnet for the account. + + There can only be one default subnet per account. + """ + + name: Optional[str] = None + """A user-friendly name for the subnet.""" + + network: Optional[str] = None + """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" + + subnet_type: Optional[Literal["cloudflare_source", "warp"]] = None + """The type of subnet.""" diff --git a/src/cloudflare/types/zero_trust/networks/subnets/warp_edit_params.py b/src/cloudflare/types/zero_trust/networks/subnets/warp_edit_params.py new file mode 100644 index 00000000000..d38b538fda5 --- /dev/null +++ b/src/cloudflare/types/zero_trust/networks/subnets/warp_edit_params.py @@ -0,0 +1,27 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +from typing_extensions import Required, TypedDict + +__all__ = ["WARPEditParams"] + + +class WARPEditParams(TypedDict, total=False): + account_id: Required[str] + """Cloudflare account ID""" + + comment: str + """An optional description of the subnet.""" + + is_default_network: bool + """If `true`, this is the default subnet for the account. + + There can only be one default subnet per account. + """ + + name: str + """A user-friendly name for the subnet.""" + + network: str + """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" diff --git a/src/cloudflare/types/zero_trust/networks/subnets/warp_edit_response.py b/src/cloudflare/types/zero_trust/networks/subnets/warp_edit_response.py new file mode 100644 index 00000000000..b976b41f832 --- /dev/null +++ b/src/cloudflare/types/zero_trust/networks/subnets/warp_edit_response.py @@ -0,0 +1,41 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime +from typing_extensions import Literal + +from ....._models import BaseModel + +__all__ = ["WARPEditResponse"] + + +class WARPEditResponse(BaseModel): + id: Optional[str] = None + """The UUID of the subnet.""" + + comment: Optional[str] = None + """An optional description of the subnet.""" + + created_at: Optional[datetime] = None + """Timestamp of when the resource was created.""" + + deleted_at: Optional[datetime] = None + """Timestamp of when the resource was deleted. + + If `null`, the resource has not been deleted. + """ + + is_default_network: Optional[bool] = None + """If `true`, this is the default subnet for the account. + + There can only be one default subnet per account. + """ + + name: Optional[str] = None + """A user-friendly name for the subnet.""" + + network: Optional[str] = None + """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" + + subnet_type: Optional[Literal["cloudflare_source", "warp"]] = None + """The type of subnet.""" diff --git a/src/cloudflare/types/zero_trust/networks/subnets/warp_get_response.py b/src/cloudflare/types/zero_trust/networks/subnets/warp_get_response.py new file mode 100644 index 00000000000..efaafd465a5 --- /dev/null +++ b/src/cloudflare/types/zero_trust/networks/subnets/warp_get_response.py @@ -0,0 +1,41 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from typing import Optional +from datetime import datetime +from typing_extensions import Literal + +from ....._models import BaseModel + +__all__ = ["WARPGetResponse"] + + +class WARPGetResponse(BaseModel): + id: Optional[str] = None + """The UUID of the subnet.""" + + comment: Optional[str] = None + """An optional description of the subnet.""" + + created_at: Optional[datetime] = None + """Timestamp of when the resource was created.""" + + deleted_at: Optional[datetime] = None + """Timestamp of when the resource was deleted. + + If `null`, the resource has not been deleted. + """ + + is_default_network: Optional[bool] = None + """If `true`, this is the default subnet for the account. + + There can only be one default subnet per account. + """ + + name: Optional[str] = None + """A user-friendly name for the subnet.""" + + network: Optional[str] = None + """The private IPv4 or IPv6 range defining the subnet, in CIDR notation.""" + + subnet_type: Optional[Literal["cloudflare_source", "warp"]] = None + """The type of subnet.""" diff --git a/src/cloudflare/types/zero_trust/organization.py b/src/cloudflare/types/zero_trust/organization.py index 84943c2821b..7eb81796fec 100644 --- a/src/cloudflare/types/zero_trust/organization.py +++ b/src/cloudflare/types/zero_trust/organization.py @@ -1,11 +1,12 @@ # File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. from typing import List, Optional +from typing_extensions import Literal from ..._models import BaseModel from .login_design import LoginDesign -__all__ = ["Organization", "CustomPages"] +__all__ = ["Organization", "CustomPages", "MfaConfig"] class CustomPages(BaseModel): @@ -19,6 +20,20 @@ class CustomPages(BaseModel): """The uid of the custom page to use when a user is denied access.""" +class MfaConfig(BaseModel): + """Configures multi-factor authentication (MFA) settings for an organization.""" + + allowed_authenticators: Optional[List[Literal["totp", "biometrics", "security_key"]]] = None + """Lists the MFA methods that users can authenticate with.""" + + session_duration: Optional[str] = None + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ + + class Organization(BaseModel): allow_authenticate_via_warp: Optional[bool] = None """ @@ -62,6 +77,22 @@ class Organization(BaseModel): login_design: Optional[LoginDesign] = None + mfa_config: Optional[MfaConfig] = None + """Configures multi-factor authentication (MFA) settings for an organization.""" + + mfa_configuration_allowed: Optional[bool] = None + """ + Indicates if this organization can enforce multi-factor authentication (MFA) + requirements at the application and policy level. + """ + + mfa_required_for_all_apps: Optional[bool] = None + """Determines whether global MFA settings apply to applications by default. + + The organization must have MFA enabled with at least one authentication method + and a session duration configured. + """ + name: Optional[str] = None """The name of your Zero Trust organization.""" diff --git a/src/cloudflare/types/zero_trust/organization_create_params.py b/src/cloudflare/types/zero_trust/organization_create_params.py index 6c445ec5a98..e01bbfb4c42 100644 --- a/src/cloudflare/types/zero_trust/organization_create_params.py +++ b/src/cloudflare/types/zero_trust/organization_create_params.py @@ -2,12 +2,13 @@ from __future__ import annotations -from typing_extensions import Required, TypedDict +from typing import List +from typing_extensions import Literal, Required, TypedDict from ..._types import SequenceNotStr from .login_design_param import LoginDesignParam -__all__ = ["OrganizationCreateParams"] +__all__ = ["OrganizationCreateParams", "MfaConfig"] class OrganizationCreateParams(TypedDict, total=False): @@ -60,6 +61,22 @@ class OrganizationCreateParams(TypedDict, total=False): login_design: LoginDesignParam + mfa_config: MfaConfig + """Configures multi-factor authentication (MFA) settings for an organization.""" + + mfa_configuration_allowed: bool + """ + Indicates if this organization can enforce multi-factor authentication (MFA) + requirements at the application and policy level. + """ + + mfa_required_for_all_apps: bool + """Determines whether global MFA settings apply to applications by default. + + The organization must have MFA enabled with at least one authentication method + and a session duration configured. + """ + session_duration: str """The amount of time that tokens issued for applications will be valid. @@ -84,3 +101,17 @@ class OrganizationCreateParams(TypedDict, total=False): Must be in the format `30m` or `2h45m`. Valid time units are: m, h. """ + + +class MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings for an organization.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ diff --git a/src/cloudflare/types/zero_trust/organization_update_params.py b/src/cloudflare/types/zero_trust/organization_update_params.py index 21cebff40bf..6654c9d2882 100644 --- a/src/cloudflare/types/zero_trust/organization_update_params.py +++ b/src/cloudflare/types/zero_trust/organization_update_params.py @@ -2,12 +2,13 @@ from __future__ import annotations -from typing_extensions import TypedDict +from typing import List +from typing_extensions import Literal, TypedDict from ..._types import SequenceNotStr from .login_design_param import LoginDesignParam -__all__ = ["OrganizationUpdateParams", "CustomPages"] +__all__ = ["OrganizationUpdateParams", "CustomPages", "MfaConfig"] class OrganizationUpdateParams(TypedDict, total=False): @@ -59,6 +60,22 @@ class OrganizationUpdateParams(TypedDict, total=False): login_design: LoginDesignParam + mfa_config: MfaConfig + """Configures multi-factor authentication (MFA) settings for an organization.""" + + mfa_configuration_allowed: bool + """ + Indicates if this organization can enforce multi-factor authentication (MFA) + requirements at the application and policy level. + """ + + mfa_required_for_all_apps: bool + """Determines whether global MFA settings apply to applications by default. + + The organization must have MFA enabled with at least one authentication method + and a session duration configured. + """ + name: str """The name of your Zero Trust organization.""" @@ -97,3 +114,17 @@ class CustomPages(TypedDict, total=False): identity_denied: str """The uid of the custom page to use when a user is denied access.""" + + +class MfaConfig(TypedDict, total=False): + """Configures multi-factor authentication (MFA) settings for an organization.""" + + allowed_authenticators: List[Literal["totp", "biometrics", "security_key"]] + """Lists the MFA methods that users can authenticate with.""" + + session_duration: str + """Defines the duration of an MFA session. + + Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). + Examples:`5m` or `24h`. + """ diff --git a/src/cloudflare/types/zones/zone.py b/src/cloudflare/types/zones/zone.py index 4a8b41762e6..ffc9b1a8633 100644 --- a/src/cloudflare/types/zones/zone.py +++ b/src/cloudflare/types/zones/zone.py @@ -139,7 +139,12 @@ class Zone(BaseModel): """When the zone was last modified.""" name: str - """The domain name.""" + """The domain name. + + Per [RFC 1035](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.4) the + overall zone name can be up to 253 characters, with each segment ("label") not + exceeding 63 characters. + """ name_servers: List[str] """The name servers Cloudflare assigns to a zone.""" diff --git a/src/cloudflare/types/zones/zone_create_params.py b/src/cloudflare/types/zones/zone_create_params.py index 209f8e0d0a5..b3ad70c9b90 100644 --- a/src/cloudflare/types/zones/zone_create_params.py +++ b/src/cloudflare/types/zones/zone_create_params.py @@ -13,7 +13,12 @@ class ZoneCreateParams(TypedDict, total=False): account: Required[Account] name: Required[str] - """The domain name.""" + """The domain name. + + Per [RFC 1035](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.4) the + overall zone name can be up to 253 characters, with each segment ("label") not + exceeding 63 characters. + """ type: Type """A full zone implies that DNS is hosted with Cloudflare. diff --git a/tests/api_resources/acm/test_custom_trust_store.py b/tests/api_resources/acm/test_custom_trust_store.py new file mode 100644 index 00000000000..bfa9608db77 --- /dev/null +++ b/tests/api_resources/acm/test_custom_trust_store.py @@ -0,0 +1,410 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import os +from typing import Any, Optional, cast + +import pytest + +from cloudflare import Cloudflare, AsyncCloudflare +from tests.utils import assert_matches_type +from cloudflare.types.acm import ( + CustomTrustStore, + CustomTrustStoreDeleteResponse, +) +from cloudflare.pagination import SyncV4PagePaginationArray, AsyncV4PagePaginationArray + +base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") + + +class TestCustomTrustStore: + parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + + @parametrize + def test_method_create(self, client: Cloudflare) -> None: + custom_trust_store = client.acm.custom_trust_store.create( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + def test_raw_response_create(self, client: Cloudflare) -> None: + response = client.acm.custom_trust_store.with_raw_response.create( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + def test_streaming_response_create(self, client: Cloudflare) -> None: + with client.acm.custom_trust_store.with_streaming_response.create( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_create(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + client.acm.custom_trust_store.with_raw_response.create( + zone_id="", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) + + @parametrize + def test_method_list(self, client: Cloudflare) -> None: + custom_trust_store = client.acm.custom_trust_store.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(SyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + def test_method_list_with_all_params(self, client: Cloudflare) -> None: + custom_trust_store = client.acm.custom_trust_store.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + limit=10, + offset=10, + page=1, + per_page=5, + ) + assert_matches_type(SyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + def test_raw_response_list(self, client: Cloudflare) -> None: + response = client.acm.custom_trust_store.with_raw_response.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = response.parse() + assert_matches_type(SyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + def test_streaming_response_list(self, client: Cloudflare) -> None: + with client.acm.custom_trust_store.with_streaming_response.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = response.parse() + assert_matches_type(SyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_list(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + client.acm.custom_trust_store.with_raw_response.list( + zone_id="", + ) + + @parametrize + def test_method_delete(self, client: Cloudflare) -> None: + custom_trust_store = client.acm.custom_trust_store.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(Optional[CustomTrustStoreDeleteResponse], custom_trust_store, path=["response"]) + + @parametrize + def test_raw_response_delete(self, client: Cloudflare) -> None: + response = client.acm.custom_trust_store.with_raw_response.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = response.parse() + assert_matches_type(Optional[CustomTrustStoreDeleteResponse], custom_trust_store, path=["response"]) + + @parametrize + def test_streaming_response_delete(self, client: Cloudflare) -> None: + with client.acm.custom_trust_store.with_streaming_response.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = response.parse() + assert_matches_type(Optional[CustomTrustStoreDeleteResponse], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_delete(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + client.acm.custom_trust_store.with_raw_response.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="", + ) + + with pytest.raises( + ValueError, match=r"Expected a non-empty value for `custom_origin_trust_store_id` but received ''" + ): + client.acm.custom_trust_store.with_raw_response.delete( + custom_origin_trust_store_id="", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + @parametrize + def test_method_get(self, client: Cloudflare) -> None: + custom_trust_store = client.acm.custom_trust_store.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + def test_raw_response_get(self, client: Cloudflare) -> None: + response = client.acm.custom_trust_store.with_raw_response.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + def test_streaming_response_get(self, client: Cloudflare) -> None: + with client.acm.custom_trust_store.with_streaming_response.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_get(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + client.acm.custom_trust_store.with_raw_response.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="", + ) + + with pytest.raises( + ValueError, match=r"Expected a non-empty value for `custom_origin_trust_store_id` but received ''" + ): + client.acm.custom_trust_store.with_raw_response.get( + custom_origin_trust_store_id="", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + +class TestAsyncCustomTrustStore: + parametrize = pytest.mark.parametrize( + "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] + ) + + @parametrize + async def test_method_create(self, async_client: AsyncCloudflare) -> None: + custom_trust_store = await async_client.acm.custom_trust_store.create( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: + response = await async_client.acm.custom_trust_store.with_raw_response.create( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = await response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: + async with async_client.acm.custom_trust_store.with_streaming_response.create( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = await response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + await async_client.acm.custom_trust_store.with_raw_response.create( + zone_id="", + certificate="-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", + ) + + @parametrize + async def test_method_list(self, async_client: AsyncCloudflare) -> None: + custom_trust_store = await async_client.acm.custom_trust_store.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(AsyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + async def test_method_list_with_all_params(self, async_client: AsyncCloudflare) -> None: + custom_trust_store = await async_client.acm.custom_trust_store.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + limit=10, + offset=10, + page=1, + per_page=5, + ) + assert_matches_type(AsyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: + response = await async_client.acm.custom_trust_store.with_raw_response.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = await response.parse() + assert_matches_type(AsyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> None: + async with async_client.acm.custom_trust_store.with_streaming_response.list( + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = await response.parse() + assert_matches_type(AsyncV4PagePaginationArray[CustomTrustStore], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_list(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + await async_client.acm.custom_trust_store.with_raw_response.list( + zone_id="", + ) + + @parametrize + async def test_method_delete(self, async_client: AsyncCloudflare) -> None: + custom_trust_store = await async_client.acm.custom_trust_store.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(Optional[CustomTrustStoreDeleteResponse], custom_trust_store, path=["response"]) + + @parametrize + async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: + response = await async_client.acm.custom_trust_store.with_raw_response.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = await response.parse() + assert_matches_type(Optional[CustomTrustStoreDeleteResponse], custom_trust_store, path=["response"]) + + @parametrize + async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> None: + async with async_client.acm.custom_trust_store.with_streaming_response.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = await response.parse() + assert_matches_type(Optional[CustomTrustStoreDeleteResponse], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_delete(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + await async_client.acm.custom_trust_store.with_raw_response.delete( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="", + ) + + with pytest.raises( + ValueError, match=r"Expected a non-empty value for `custom_origin_trust_store_id` but received ''" + ): + await async_client.acm.custom_trust_store.with_raw_response.delete( + custom_origin_trust_store_id="", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + @parametrize + async def test_method_get(self, async_client: AsyncCloudflare) -> None: + custom_trust_store = await async_client.acm.custom_trust_store.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: + response = await async_client.acm.custom_trust_store.with_raw_response.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + custom_trust_store = await response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + @parametrize + async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: + async with async_client.acm.custom_trust_store.with_streaming_response.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + custom_trust_store = await response.parse() + assert_matches_type(Optional[CustomTrustStore], custom_trust_store, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_get(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): + await async_client.acm.custom_trust_store.with_raw_response.get( + custom_origin_trust_store_id="023e105f4ecef8ad9ca31a8372d0c353", + zone_id="", + ) + + with pytest.raises( + ValueError, match=r"Expected a non-empty value for `custom_origin_trust_store_id` but received ''" + ): + await async_client.acm.custom_trust_store.with_raw_response.get( + custom_origin_trust_store_id="", + zone_id="023e105f4ecef8ad9ca31a8372d0c353", + ) diff --git a/tests/api_resources/ai/models/test_schema.py b/tests/api_resources/ai/models/test_schema.py index ff54c76b027..faf6ba59452 100644 --- a/tests/api_resources/ai/models/test_schema.py +++ b/tests/api_resources/ai/models/test_schema.py @@ -9,6 +9,7 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type +from cloudflare.types.ai.models import SchemaGetResponse base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -22,7 +23,7 @@ def test_method_get(self, client: Cloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", model="model", ) - assert_matches_type(object, schema, path=["response"]) + assert_matches_type(SchemaGetResponse, schema, path=["response"]) @parametrize def test_raw_response_get(self, client: Cloudflare) -> None: @@ -34,7 +35,7 @@ def test_raw_response_get(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" schema = response.parse() - assert_matches_type(object, schema, path=["response"]) + assert_matches_type(SchemaGetResponse, schema, path=["response"]) @parametrize def test_streaming_response_get(self, client: Cloudflare) -> None: @@ -46,7 +47,7 @@ def test_streaming_response_get(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" schema = response.parse() - assert_matches_type(object, schema, path=["response"]) + assert_matches_type(SchemaGetResponse, schema, path=["response"]) assert cast(Any, response.is_closed) is True @@ -70,7 +71,7 @@ async def test_method_get(self, async_client: AsyncCloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", model="model", ) - assert_matches_type(object, schema, path=["response"]) + assert_matches_type(SchemaGetResponse, schema, path=["response"]) @parametrize async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: @@ -82,7 +83,7 @@ async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" schema = await response.parse() - assert_matches_type(object, schema, path=["response"]) + assert_matches_type(SchemaGetResponse, schema, path=["response"]) @parametrize async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: @@ -94,7 +95,7 @@ async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> No assert response.http_request.headers.get("X-Stainless-Lang") == "python" schema = await response.parse() - assert_matches_type(object, schema, path=["response"]) + assert_matches_type(SchemaGetResponse, schema, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/aisearch/test_instances.py b/tests/api_resources/aisearch/test_instances.py index dfd32d9d6e8..e65fdf05082 100644 --- a/tests/api_resources/aisearch/test_instances.py +++ b/tests/api_resources/aisearch/test_instances.py @@ -56,6 +56,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: } ], embedding_model="@cf/qwen/qwen3-embedding-0.6b", + fusion_method="max", hybrid_search_enabled=True, max_num_results=1, metadata={ @@ -66,7 +67,10 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: "authorized_hosts": ["string"], "chat_completions_endpoint": {"disabled": True}, "enabled": True, - "mcp": {"disabled": True}, + "mcp": { + "description": "description", + "disabled": True, + }, "rate_limit": { "period_ms": 60000, "requests": 1, @@ -76,6 +80,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: }, reranking=True, reranking_model="@cf/baai/bge-reranker-base", + retrieval_options={"keyword_match_mode": "exact_match"}, rewrite_model="@cf/meta/llama-3.3-70b-instruct-fp8-fast", rewrite_query=True, score_threshold=0, @@ -173,6 +178,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: } ], embedding_model="@cf/qwen/qwen3-embedding-0.6b", + fusion_method="max", hybrid_search_enabled=True, max_num_results=1, metadata={ @@ -184,7 +190,10 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: "authorized_hosts": ["string"], "chat_completions_endpoint": {"disabled": True}, "enabled": True, - "mcp": {"disabled": True}, + "mcp": { + "description": "description", + "disabled": True, + }, "rate_limit": { "period_ms": 60000, "requests": 1, @@ -194,6 +203,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: }, reranking=True, reranking_model="@cf/baai/bge-reranker-base", + retrieval_options={"keyword_match_mode": "exact_match"}, rewrite_model="@cf/meta/llama-3.3-70b-instruct-fp8-fast", rewrite_query=True, score_threshold=0, @@ -403,14 +413,13 @@ def test_method_chat_completions_with_all_params(self, client: Cloudflare) -> No }, "retrieval": { "context_expansion": 0, - "filters": { - "key": "key", - "type": "eq", - "value": "string", - }, + "filters": {"foo": "bar"}, + "fusion_method": "max", + "keyword_match_mode": "exact_match", "match_threshold": 0, "max_num_results": 1, "retrieval_type": "vector", + "return_on_failure": True, }, }, model="@cf/meta/llama-3.3-70b-instruct-fp8-fast", @@ -568,14 +577,13 @@ def test_method_search_with_all_params(self, client: Cloudflare) -> None: }, "retrieval": { "context_expansion": 0, - "filters": { - "key": "key", - "type": "eq", - "value": "string", - }, + "filters": {"foo": "bar"}, + "fusion_method": "max", + "keyword_match_mode": "exact_match", "match_threshold": 0, "max_num_results": 1, "retrieval_type": "vector", + "return_on_failure": True, }, }, ) @@ -728,6 +736,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare } ], embedding_model="@cf/qwen/qwen3-embedding-0.6b", + fusion_method="max", hybrid_search_enabled=True, max_num_results=1, metadata={ @@ -738,7 +747,10 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare "authorized_hosts": ["string"], "chat_completions_endpoint": {"disabled": True}, "enabled": True, - "mcp": {"disabled": True}, + "mcp": { + "description": "description", + "disabled": True, + }, "rate_limit": { "period_ms": 60000, "requests": 1, @@ -748,6 +760,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare }, reranking=True, reranking_model="@cf/baai/bge-reranker-base", + retrieval_options={"keyword_match_mode": "exact_match"}, rewrite_model="@cf/meta/llama-3.3-70b-instruct-fp8-fast", rewrite_query=True, score_threshold=0, @@ -845,6 +858,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare } ], embedding_model="@cf/qwen/qwen3-embedding-0.6b", + fusion_method="max", hybrid_search_enabled=True, max_num_results=1, metadata={ @@ -856,7 +870,10 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare "authorized_hosts": ["string"], "chat_completions_endpoint": {"disabled": True}, "enabled": True, - "mcp": {"disabled": True}, + "mcp": { + "description": "description", + "disabled": True, + }, "rate_limit": { "period_ms": 60000, "requests": 1, @@ -866,6 +883,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare }, reranking=True, reranking_model="@cf/baai/bge-reranker-base", + retrieval_options={"keyword_match_mode": "exact_match"}, rewrite_model="@cf/meta/llama-3.3-70b-instruct-fp8-fast", rewrite_query=True, score_threshold=0, @@ -1075,14 +1093,13 @@ async def test_method_chat_completions_with_all_params(self, async_client: Async }, "retrieval": { "context_expansion": 0, - "filters": { - "key": "key", - "type": "eq", - "value": "string", - }, + "filters": {"foo": "bar"}, + "fusion_method": "max", + "keyword_match_mode": "exact_match", "match_threshold": 0, "max_num_results": 1, "retrieval_type": "vector", + "return_on_failure": True, }, }, model="@cf/meta/llama-3.3-70b-instruct-fp8-fast", @@ -1240,14 +1257,13 @@ async def test_method_search_with_all_params(self, async_client: AsyncCloudflare }, "retrieval": { "context_expansion": 0, - "filters": { - "key": "key", - "type": "eq", - "value": "string", - }, + "filters": {"foo": "bar"}, + "fusion_method": "max", + "keyword_match_mode": "exact_match", "match_threshold": 0, "max_num_results": 1, "retrieval_type": "vector", + "return_on_failure": True, }, }, ) diff --git a/tests/api_resources/cloudforce_one/test_threat_events.py b/tests/api_resources/cloudforce_one/test_threat_events.py index 7353757e437..cfaffb229ed 100644 --- a/tests/api_resources/cloudforce_one/test_threat_events.py +++ b/tests/api_resources/cloudforce_one/test_threat_events.py @@ -15,7 +15,6 @@ ThreatEventEditResponse, ThreatEventListResponse, ThreatEventCreateResponse, - ThreatEventDeleteResponse, ThreatEventBulkCreateResponse, ) @@ -187,58 +186,6 @@ def test_path_params_list(self, client: Cloudflare) -> None: account_id="", ) - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - def test_method_delete(self, client: Cloudflare) -> None: - threat_event = client.cloudforce_one.threat_events.delete( - event_id="event_id", - account_id="account_id", - ) - assert_matches_type(ThreatEventDeleteResponse, threat_event, path=["response"]) - - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - def test_raw_response_delete(self, client: Cloudflare) -> None: - response = client.cloudforce_one.threat_events.with_raw_response.delete( - event_id="event_id", - account_id="account_id", - ) - - assert response.is_closed is True - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - threat_event = response.parse() - assert_matches_type(ThreatEventDeleteResponse, threat_event, path=["response"]) - - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - def test_streaming_response_delete(self, client: Cloudflare) -> None: - with client.cloudforce_one.threat_events.with_streaming_response.delete( - event_id="event_id", - account_id="account_id", - ) as response: - assert not response.is_closed - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - - threat_event = response.parse() - assert_matches_type(ThreatEventDeleteResponse, threat_event, path=["response"]) - - assert cast(Any, response.is_closed) is True - - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - def test_path_params_delete(self, client: Cloudflare) -> None: - with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): - client.cloudforce_one.threat_events.with_raw_response.delete( - event_id="event_id", - account_id="", - ) - - with pytest.raises(ValueError, match=r"Expected a non-empty value for `event_id` but received ''"): - client.cloudforce_one.threat_events.with_raw_response.delete( - event_id="", - account_id="account_id", - ) - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") @parametrize def test_method_bulk_create(self, client: Cloudflare) -> None: @@ -662,58 +609,6 @@ async def test_path_params_list(self, async_client: AsyncCloudflare) -> None: account_id="", ) - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - async def test_method_delete(self, async_client: AsyncCloudflare) -> None: - threat_event = await async_client.cloudforce_one.threat_events.delete( - event_id="event_id", - account_id="account_id", - ) - assert_matches_type(ThreatEventDeleteResponse, threat_event, path=["response"]) - - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: - response = await async_client.cloudforce_one.threat_events.with_raw_response.delete( - event_id="event_id", - account_id="account_id", - ) - - assert response.is_closed is True - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - threat_event = await response.parse() - assert_matches_type(ThreatEventDeleteResponse, threat_event, path=["response"]) - - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> None: - async with async_client.cloudforce_one.threat_events.with_streaming_response.delete( - event_id="event_id", - account_id="account_id", - ) as response: - assert not response.is_closed - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - - threat_event = await response.parse() - assert_matches_type(ThreatEventDeleteResponse, threat_event, path=["response"]) - - assert cast(Any, response.is_closed) is True - - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") - @parametrize - async def test_path_params_delete(self, async_client: AsyncCloudflare) -> None: - with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): - await async_client.cloudforce_one.threat_events.with_raw_response.delete( - event_id="event_id", - account_id="", - ) - - with pytest.raises(ValueError, match=r"Expected a non-empty value for `event_id` but received ''"): - await async_client.cloudforce_one.threat_events.with_raw_response.delete( - event_id="", - account_id="account_id", - ) - @pytest.mark.skip(reason="TODO: HTTP 401 from prism") @parametrize async def test_method_bulk_create(self, async_client: AsyncCloudflare) -> None: diff --git a/tests/api_resources/email_security/phishguard/__init__.py b/tests/api_resources/email_security/phishguard/__init__.py new file mode 100644 index 00000000000..fd8019a9a1a --- /dev/null +++ b/tests/api_resources/email_security/phishguard/__init__.py @@ -0,0 +1 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. diff --git a/tests/api_resources/email_security/phishguard/test_reports.py b/tests/api_resources/email_security/phishguard/test_reports.py new file mode 100644 index 00000000000..da4c9544f3a --- /dev/null +++ b/tests/api_resources/email_security/phishguard/test_reports.py @@ -0,0 +1,124 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import os +from typing import Any, cast + +import pytest + +from cloudflare import Cloudflare, AsyncCloudflare +from tests.utils import assert_matches_type +from cloudflare._utils import parse_date, parse_datetime +from cloudflare.pagination import SyncSinglePage, AsyncSinglePage +from cloudflare.types.email_security.phishguard import ReportListResponse + +base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") + + +class TestReports: + parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + + @parametrize + def test_method_list(self, client: Cloudflare) -> None: + report = client.email_security.phishguard.reports.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(SyncSinglePage[ReportListResponse], report, path=["response"]) + + @parametrize + def test_method_list_with_all_params(self, client: Cloudflare) -> None: + report = client.email_security.phishguard.reports.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + end=parse_datetime("2019-12-27T18:11:19.117Z"), + from_date=parse_date("2019-12-27"), + start=parse_datetime("2019-12-27T18:11:19.117Z"), + to_date=parse_date("2019-12-27"), + ) + assert_matches_type(SyncSinglePage[ReportListResponse], report, path=["response"]) + + @parametrize + def test_raw_response_list(self, client: Cloudflare) -> None: + response = client.email_security.phishguard.reports.with_raw_response.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + report = response.parse() + assert_matches_type(SyncSinglePage[ReportListResponse], report, path=["response"]) + + @parametrize + def test_streaming_response_list(self, client: Cloudflare) -> None: + with client.email_security.phishguard.reports.with_streaming_response.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + report = response.parse() + assert_matches_type(SyncSinglePage[ReportListResponse], report, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_list(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.email_security.phishguard.reports.with_raw_response.list( + account_id="", + ) + + +class TestAsyncReports: + parametrize = pytest.mark.parametrize( + "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] + ) + + @parametrize + async def test_method_list(self, async_client: AsyncCloudflare) -> None: + report = await async_client.email_security.phishguard.reports.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(AsyncSinglePage[ReportListResponse], report, path=["response"]) + + @parametrize + async def test_method_list_with_all_params(self, async_client: AsyncCloudflare) -> None: + report = await async_client.email_security.phishguard.reports.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + end=parse_datetime("2019-12-27T18:11:19.117Z"), + from_date=parse_date("2019-12-27"), + start=parse_datetime("2019-12-27T18:11:19.117Z"), + to_date=parse_date("2019-12-27"), + ) + assert_matches_type(AsyncSinglePage[ReportListResponse], report, path=["response"]) + + @parametrize + async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: + response = await async_client.email_security.phishguard.reports.with_raw_response.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + report = await response.parse() + assert_matches_type(AsyncSinglePage[ReportListResponse], report, path=["response"]) + + @parametrize + async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> None: + async with async_client.email_security.phishguard.reports.with_streaming_response.list( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + report = await response.parse() + assert_matches_type(AsyncSinglePage[ReportListResponse], report, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_list(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.email_security.phishguard.reports.with_raw_response.list( + account_id="", + ) diff --git a/tests/api_resources/hostnames/settings/test_tls.py b/tests/api_resources/hostnames/settings/test_tls.py index 09b8b27b4f8..a9849e27c15 100644 --- a/tests/api_resources/hostnames/settings/test_tls.py +++ b/tests/api_resources/hostnames/settings/test_tls.py @@ -28,7 +28,7 @@ def test_method_update(self, client: Cloudflare) -> None: hostname="app.example.com", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) assert_matches_type(Optional[Setting], tls, path=["response"]) @@ -38,7 +38,7 @@ def test_raw_response_update(self, client: Cloudflare) -> None: hostname="app.example.com", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) assert response.is_closed is True @@ -52,7 +52,7 @@ def test_streaming_response_update(self, client: Cloudflare) -> None: hostname="app.example.com", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -69,7 +69,7 @@ def test_path_params_update(self, client: Cloudflare) -> None: hostname="app.example.com", zone_id="", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `hostname` but received ''"): @@ -77,7 +77,7 @@ def test_path_params_update(self, client: Cloudflare) -> None: hostname="", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) @parametrize @@ -187,7 +187,7 @@ async def test_method_update(self, async_client: AsyncCloudflare) -> None: hostname="app.example.com", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) assert_matches_type(Optional[Setting], tls, path=["response"]) @@ -197,7 +197,7 @@ async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: hostname="app.example.com", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) assert response.is_closed is True @@ -211,7 +211,7 @@ async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> hostname="app.example.com", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -228,7 +228,7 @@ async def test_path_params_update(self, async_client: AsyncCloudflare) -> None: hostname="app.example.com", zone_id="", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `hostname` but received ''"): @@ -236,7 +236,7 @@ async def test_path_params_update(self, async_client: AsyncCloudflare) -> None: hostname="", zone_id="023e105f4ecef8ad9ca31a8372d0c353", setting_id="ciphers", - value=["ECDHE-RSA-AES128-GCM-SHA256", "AES128-GCM-SHA256"], + value="1.0", ) @parametrize diff --git a/tests/api_resources/queues/test_consumers.py b/tests/api_resources/queues/test_consumers.py index f6d8f1a374d..b6ed048000d 100644 --- a/tests/api_resources/queues/test_consumers.py +++ b/tests/api_resources/queues/test_consumers.py @@ -18,21 +18,26 @@ class TestConsumers: parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_create_overload_1(self, client: Cloudflare) -> None: consumer = client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_create_with_all_params_overload_1(self, client: Cloudflare) -> None: consumer = client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", - dead_letter_queue="example-queue", script_name="my-consumer-worker", + type="worker", + dead_letter_queue="example-queue", settings={ "batch_size": 50, "max_concurrency": 10, @@ -40,15 +45,17 @@ def test_method_create_with_all_params_overload_1(self, client: Cloudflare) -> N "max_wait_time_ms": 5000, "retry_delay": 10, }, - type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_raw_response_create_overload_1(self, client: Cloudflare) -> None: response = client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert response.is_closed is True @@ -56,11 +63,14 @@ def test_raw_response_create_overload_1(self, client: Cloudflare) -> None: consumer = response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_streaming_response_create_overload_1(self, client: Cloudflare) -> None: with client.queues.consumers.with_streaming_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -70,33 +80,42 @@ def test_streaming_response_create_overload_1(self, client: Cloudflare) -> None: assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_path_params_create_overload_1(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", + script_name="my-consumer-worker", + type="worker", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): client.queues.consumers.with_raw_response.create( queue_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_create_overload_2(self, client: Cloudflare) -> None: consumer = client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_create_with_all_params_overload_2(self, client: Cloudflare) -> None: consumer = client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", dead_letter_queue="example-queue", settings={ "batch_size": 50, @@ -104,15 +123,16 @@ def test_method_create_with_all_params_overload_2(self, client: Cloudflare) -> N "retry_delay": 10, "visibility_timeout_ms": 6000, }, - type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_raw_response_create_overload_2(self, client: Cloudflare) -> None: response = client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert response.is_closed is True @@ -120,11 +140,13 @@ def test_raw_response_create_overload_2(self, client: Cloudflare) -> None: consumer = response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_streaming_response_create_overload_2(self, client: Cloudflare) -> None: with client.queues.consumers.with_streaming_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -134,37 +156,45 @@ def test_streaming_response_create_overload_2(self, client: Cloudflare) -> None: assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_path_params_create_overload_2(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", + type="http_pull", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): client.queues.consumers.with_raw_response.create( queue_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_update_overload_1(self, client: Cloudflare) -> None: consumer = client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_update_with_all_params_overload_1(self, client: Cloudflare) -> None: consumer = client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", - dead_letter_queue="example-queue", script_name="my-consumer-worker", + type="worker", + dead_letter_queue="example-queue", settings={ "batch_size": 50, "max_concurrency": 10, @@ -172,16 +202,18 @@ def test_method_update_with_all_params_overload_1(self, client: Cloudflare) -> N "max_wait_time_ms": 5000, "retry_delay": 10, }, - type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_raw_response_update_overload_1(self, client: Cloudflare) -> None: response = client.queues.consumers.with_raw_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert response.is_closed is True @@ -189,12 +221,15 @@ def test_raw_response_update_overload_1(self, client: Cloudflare) -> None: consumer = response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_streaming_response_update_overload_1(self, client: Cloudflare) -> None: with client.queues.consumers.with_streaming_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -204,6 +239,7 @@ def test_streaming_response_update_overload_1(self, client: Cloudflare) -> None: assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_path_params_update_overload_1(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): @@ -211,6 +247,8 @@ def test_path_params_update_overload_1(self, client: Cloudflare) -> None: consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): @@ -218,6 +256,8 @@ def test_path_params_update_overload_1(self, client: Cloudflare) -> None: consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="", + script_name="my-consumer-worker", + type="worker", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `consumer_id` but received ''"): @@ -225,23 +265,29 @@ def test_path_params_update_overload_1(self, client: Cloudflare) -> None: consumer_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_update_overload_2(self, client: Cloudflare) -> None: consumer = client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_method_update_with_all_params_overload_2(self, client: Cloudflare) -> None: consumer = client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", dead_letter_queue="example-queue", settings={ "batch_size": 50, @@ -249,16 +295,17 @@ def test_method_update_with_all_params_overload_2(self, client: Cloudflare) -> N "retry_delay": 10, "visibility_timeout_ms": 6000, }, - type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_raw_response_update_overload_2(self, client: Cloudflare) -> None: response = client.queues.consumers.with_raw_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert response.is_closed is True @@ -266,12 +313,14 @@ def test_raw_response_update_overload_2(self, client: Cloudflare) -> None: consumer = response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_streaming_response_update_overload_2(self, client: Cloudflare) -> None: with client.queues.consumers.with_streaming_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -281,6 +330,7 @@ def test_streaming_response_update_overload_2(self, client: Cloudflare) -> None: assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize def test_path_params_update_overload_2(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): @@ -288,6 +338,7 @@ def test_path_params_update_overload_2(self, client: Cloudflare) -> None: consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): @@ -295,6 +346,7 @@ def test_path_params_update_overload_2(self, client: Cloudflare) -> None: consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="", + type="http_pull", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `consumer_id` but received ''"): @@ -302,6 +354,7 @@ def test_path_params_update_overload_2(self, client: Cloudflare) -> None: consumer_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) @parametrize @@ -478,21 +531,26 @@ class TestAsyncConsumers: "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] ) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_create_overload_1(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_create_with_all_params_overload_1(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", - dead_letter_queue="example-queue", script_name="my-consumer-worker", + type="worker", + dead_letter_queue="example-queue", settings={ "batch_size": 50, "max_concurrency": 10, @@ -500,15 +558,17 @@ async def test_method_create_with_all_params_overload_1(self, async_client: Asyn "max_wait_time_ms": 5000, "retry_delay": 10, }, - type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_raw_response_create_overload_1(self, async_client: AsyncCloudflare) -> None: response = await async_client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert response.is_closed is True @@ -516,11 +576,14 @@ async def test_raw_response_create_overload_1(self, async_client: AsyncCloudflar consumer = await response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_streaming_response_create_overload_1(self, async_client: AsyncCloudflare) -> None: async with async_client.queues.consumers.with_streaming_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -530,33 +593,42 @@ async def test_streaming_response_create_overload_1(self, async_client: AsyncClo assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_path_params_create_overload_1(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): await async_client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", + script_name="my-consumer-worker", + type="worker", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): await async_client.queues.consumers.with_raw_response.create( queue_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_create_overload_2(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_create_with_all_params_overload_2(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", dead_letter_queue="example-queue", settings={ "batch_size": 50, @@ -564,15 +636,16 @@ async def test_method_create_with_all_params_overload_2(self, async_client: Asyn "retry_delay": 10, "visibility_timeout_ms": 6000, }, - type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_raw_response_create_overload_2(self, async_client: AsyncCloudflare) -> None: response = await async_client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert response.is_closed is True @@ -580,11 +653,13 @@ async def test_raw_response_create_overload_2(self, async_client: AsyncCloudflar consumer = await response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_streaming_response_create_overload_2(self, async_client: AsyncCloudflare) -> None: async with async_client.queues.consumers.with_streaming_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -594,37 +669,45 @@ async def test_streaming_response_create_overload_2(self, async_client: AsyncClo assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_path_params_create_overload_2(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): await async_client.queues.consumers.with_raw_response.create( queue_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", + type="http_pull", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): await async_client.queues.consumers.with_raw_response.create( queue_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_update_overload_1(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_update_with_all_params_overload_1(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", - dead_letter_queue="example-queue", script_name="my-consumer-worker", + type="worker", + dead_letter_queue="example-queue", settings={ "batch_size": 50, "max_concurrency": 10, @@ -632,16 +715,18 @@ async def test_method_update_with_all_params_overload_1(self, async_client: Asyn "max_wait_time_ms": 5000, "retry_delay": 10, }, - type="worker", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_raw_response_update_overload_1(self, async_client: AsyncCloudflare) -> None: response = await async_client.queues.consumers.with_raw_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) assert response.is_closed is True @@ -649,12 +734,15 @@ async def test_raw_response_update_overload_1(self, async_client: AsyncCloudflar consumer = await response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_streaming_response_update_overload_1(self, async_client: AsyncCloudflare) -> None: async with async_client.queues.consumers.with_streaming_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -664,6 +752,7 @@ async def test_streaming_response_update_overload_1(self, async_client: AsyncClo assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_path_params_update_overload_1(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): @@ -671,6 +760,8 @@ async def test_path_params_update_overload_1(self, async_client: AsyncCloudflare consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): @@ -678,6 +769,8 @@ async def test_path_params_update_overload_1(self, async_client: AsyncCloudflare consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="", + script_name="my-consumer-worker", + type="worker", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `consumer_id` but received ''"): @@ -685,23 +778,29 @@ async def test_path_params_update_overload_1(self, async_client: AsyncCloudflare consumer_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + script_name="my-consumer-worker", + type="worker", ) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_update_overload_2(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_method_update_with_all_params_overload_2(self, async_client: AsyncCloudflare) -> None: consumer = await async_client.queues.consumers.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", dead_letter_queue="example-queue", settings={ "batch_size": 50, @@ -709,16 +808,17 @@ async def test_method_update_with_all_params_overload_2(self, async_client: Asyn "retry_delay": 10, "visibility_timeout_ms": 6000, }, - type="http_pull", ) assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_raw_response_update_overload_2(self, async_client: AsyncCloudflare) -> None: response = await async_client.queues.consumers.with_raw_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) assert response.is_closed is True @@ -726,12 +826,14 @@ async def test_raw_response_update_overload_2(self, async_client: AsyncCloudflar consumer = await response.parse() assert_matches_type(Optional[Consumer], consumer, path=["response"]) + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_streaming_response_update_overload_2(self, async_client: AsyncCloudflare) -> None: async with async_client.queues.consumers.with_streaming_response.update( consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -741,6 +843,7 @@ async def test_streaming_response_update_overload_2(self, async_client: AsyncClo assert cast(Any, response.is_closed) is True + @pytest.mark.skip(reason="422 status codes in prism tests") @parametrize async def test_path_params_update_overload_2(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): @@ -748,6 +851,7 @@ async def test_path_params_update_overload_2(self, async_client: AsyncCloudflare consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `queue_id` but received ''"): @@ -755,6 +859,7 @@ async def test_path_params_update_overload_2(self, async_client: AsyncCloudflare consumer_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="", + type="http_pull", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `consumer_id` but received ''"): @@ -762,6 +867,7 @@ async def test_path_params_update_overload_2(self, async_client: AsyncCloudflare consumer_id="", account_id="023e105f4ecef8ad9ca31a8372d0c353", queue_id="023e105f4ecef8ad9ca31a8372d0c353", + type="http_pull", ) @parametrize diff --git a/tests/api_resources/r2/super_slurper/test_connectivity_precheck.py b/tests/api_resources/r2/super_slurper/test_connectivity_precheck.py index 3d6e68149af..36b777342f4 100644 --- a/tests/api_resources/r2/super_slurper/test_connectivity_precheck.py +++ b/tests/api_resources/r2/super_slurper/test_connectivity_precheck.py @@ -44,6 +44,7 @@ def test_method_source_with_all_params_overload_1(self, client: Cloudflare) -> N }, vendor="s3", endpoint="endpoint", + keys=["string"], path_prefix="pathPrefix", region="region", ) @@ -121,6 +122,7 @@ def test_method_source_with_all_params_overload_2(self, client: Cloudflare) -> N "private_key": "privateKey", }, vendor="gcs", + keys=["string"], path_prefix="pathPrefix", ) assert_matches_type(Optional[ConnectivityPrecheckSourceResponse], connectivity_precheck, path=["response"]) @@ -198,6 +200,7 @@ def test_method_source_with_all_params_overload_3(self, client: Cloudflare) -> N }, vendor="r2", jurisdiction="default", + keys=["string"], path_prefix="pathPrefix", ) assert_matches_type(Optional[ConnectivityPrecheckSourceResponse], connectivity_precheck, path=["response"]) @@ -357,6 +360,7 @@ async def test_method_source_with_all_params_overload_1(self, async_client: Asyn }, vendor="s3", endpoint="endpoint", + keys=["string"], path_prefix="pathPrefix", region="region", ) @@ -434,6 +438,7 @@ async def test_method_source_with_all_params_overload_2(self, async_client: Asyn "private_key": "privateKey", }, vendor="gcs", + keys=["string"], path_prefix="pathPrefix", ) assert_matches_type(Optional[ConnectivityPrecheckSourceResponse], connectivity_precheck, path=["response"]) @@ -511,6 +516,7 @@ async def test_method_source_with_all_params_overload_3(self, async_client: Asyn }, vendor="r2", jurisdiction="default", + keys=["string"], path_prefix="pathPrefix", ) assert_matches_type(Optional[ConnectivityPrecheckSourceResponse], connectivity_precheck, path=["response"]) diff --git a/tests/api_resources/r2/super_slurper/test_jobs.py b/tests/api_resources/r2/super_slurper/test_jobs.py index e99c08891a1..48150de5eb3 100644 --- a/tests/api_resources/r2/super_slurper/test_jobs.py +++ b/tests/api_resources/r2/super_slurper/test_jobs.py @@ -43,6 +43,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: }, "vendor": "s3", "endpoint": "endpoint", + "keys": ["string"], "path_prefix": "pathPrefix", "region": "region", }, @@ -440,6 +441,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare }, "vendor": "s3", "endpoint": "endpoint", + "keys": ["string"], "path_prefix": "pathPrefix", "region": "region", }, diff --git a/tests/api_resources/radar/ai/test_bots.py b/tests/api_resources/radar/ai/test_bots.py index 80a6276974e..c80b17f24a7 100644 --- a/tests/api_resources/radar/ai/test_bots.py +++ b/tests/api_resources/radar/ai/test_bots.py @@ -34,6 +34,7 @@ def test_method_summary_v2_with_all_params(self, client: Cloudflare) -> None: bot = client.radar.ai.bots.summary_v2( dimension="USER_AGENT", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -44,6 +45,7 @@ def test_method_summary_v2_with_all_params(self, client: Cloudflare) -> None: limit_per_group=10, location=["string"], name=["main_series"], + user_agent=["string"], vertical=["string"], ) assert_matches_type(BotSummaryV2Response, bot, path=["response"]) @@ -82,6 +84,7 @@ def test_method_timeseries_with_all_params(self, client: Cloudflare) -> None: bot = client.radar.ai.bots.timeseries( agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -130,6 +133,7 @@ def test_method_timeseries_groups_with_all_params(self, client: Cloudflare) -> N dimension="USER_AGENT", agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -140,7 +144,8 @@ def test_method_timeseries_groups_with_all_params(self, client: Cloudflare) -> N limit_per_group=10, location=["string"], name=["main_series"], - normalization="MIN0_MAX", + normalization="PERCENTAGE", + user_agent=["string"], vertical=["string"], ) assert_matches_type(BotTimeseriesGroupsResponse, bot, path=["response"]) @@ -187,6 +192,7 @@ async def test_method_summary_v2_with_all_params(self, async_client: AsyncCloudf bot = await async_client.radar.ai.bots.summary_v2( dimension="USER_AGENT", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -197,6 +203,7 @@ async def test_method_summary_v2_with_all_params(self, async_client: AsyncCloudf limit_per_group=10, location=["string"], name=["main_series"], + user_agent=["string"], vertical=["string"], ) assert_matches_type(BotSummaryV2Response, bot, path=["response"]) @@ -235,6 +242,7 @@ async def test_method_timeseries_with_all_params(self, async_client: AsyncCloudf bot = await async_client.radar.ai.bots.timeseries( agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -283,6 +291,7 @@ async def test_method_timeseries_groups_with_all_params(self, async_client: Asyn dimension="USER_AGENT", agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -293,7 +302,8 @@ async def test_method_timeseries_groups_with_all_params(self, async_client: Asyn limit_per_group=10, location=["string"], name=["main_series"], - normalization="MIN0_MAX", + normalization="PERCENTAGE", + user_agent=["string"], vertical=["string"], ) assert_matches_type(BotTimeseriesGroupsResponse, bot, path=["response"]) diff --git a/tests/api_resources/radar/ai/test_timeseries_groups.py b/tests/api_resources/radar/ai/test_timeseries_groups.py index 4d12d4f250f..281a8f652f7 100644 --- a/tests/api_resources/radar/ai/test_timeseries_groups.py +++ b/tests/api_resources/radar/ai/test_timeseries_groups.py @@ -40,6 +40,7 @@ def test_method_summary_with_all_params(self, client: Cloudflare) -> None: timeseries_group = client.radar.ai.timeseries_groups.summary( dimension="USER_AGENT", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -50,6 +51,7 @@ def test_method_summary_with_all_params(self, client: Cloudflare) -> None: limit_per_group=10, location=["string"], name=["main_series"], + user_agent=["string"], vertical=["string"], ) @@ -94,6 +96,7 @@ def test_method_timeseries_with_all_params(self, client: Cloudflare) -> None: timeseries_group = client.radar.ai.timeseries_groups.timeseries( agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -148,6 +151,7 @@ def test_method_timeseries_groups_with_all_params(self, client: Cloudflare) -> N dimension="USER_AGENT", agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -158,7 +162,8 @@ def test_method_timeseries_groups_with_all_params(self, client: Cloudflare) -> N limit_per_group=10, location=["string"], name=["main_series"], - normalization="MIN0_MAX", + normalization="PERCENTAGE", + user_agent=["string"], vertical=["string"], ) @@ -258,6 +263,7 @@ async def test_method_summary_with_all_params(self, async_client: AsyncCloudflar timeseries_group = await async_client.radar.ai.timeseries_groups.summary( dimension="USER_AGENT", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -268,6 +274,7 @@ async def test_method_summary_with_all_params(self, async_client: AsyncCloudflar limit_per_group=10, location=["string"], name=["main_series"], + user_agent=["string"], vertical=["string"], ) @@ -312,6 +319,7 @@ async def test_method_timeseries_with_all_params(self, async_client: AsyncCloudf timeseries_group = await async_client.radar.ai.timeseries_groups.timeseries( agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -366,6 +374,7 @@ async def test_method_timeseries_groups_with_all_params(self, async_client: Asyn dimension="USER_AGENT", agg_interval="1h", asn=["string"], + content_type=["HTML"], continent=["string"], crawl_purpose=["string"], date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], @@ -376,7 +385,8 @@ async def test_method_timeseries_groups_with_all_params(self, async_client: Asyn limit_per_group=10, location=["string"], name=["main_series"], - normalization="MIN0_MAX", + normalization="PERCENTAGE", + user_agent=["string"], vertical=["string"], ) diff --git a/tests/api_resources/radar/entities/test_asns.py b/tests/api_resources/radar/entities/test_asns.py index f5e50b1cce8..993d4320fc1 100644 --- a/tests/api_resources/radar/entities/test_asns.py +++ b/tests/api_resources/radar/entities/test_asns.py @@ -9,12 +9,14 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type +from cloudflare._utils import parse_date from cloudflare.types.radar.entities import ( ASNIPResponse, ASNGetResponse, ASNRelResponse, ASNListResponse, ASNAsSetResponse, + ASNBotnetThreatFeedResponse, ) base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -99,6 +101,46 @@ def test_streaming_response_as_set(self, client: Cloudflare) -> None: assert cast(Any, response.is_closed) is True + @parametrize + def test_method_botnet_threat_feed(self, client: Cloudflare) -> None: + asn = client.radar.entities.asns.botnet_threat_feed() + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + @parametrize + def test_method_botnet_threat_feed_with_all_params(self, client: Cloudflare) -> None: + asn = client.radar.entities.asns.botnet_threat_feed( + asn=["string"], + compare_date_range="7d", + date=parse_date("2026-02-04"), + format="JSON", + limit=1, + location="US", + metric="OFFENSE_COUNT", + offset=0, + sort_order="ASC", + ) + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + @parametrize + def test_raw_response_botnet_threat_feed(self, client: Cloudflare) -> None: + response = client.radar.entities.asns.with_raw_response.botnet_threat_feed() + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + asn = response.parse() + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + @parametrize + def test_streaming_response_botnet_threat_feed(self, client: Cloudflare) -> None: + with client.radar.entities.asns.with_streaming_response.botnet_threat_feed() as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + asn = response.parse() + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + assert cast(Any, response.is_closed) is True + @parametrize def test_method_get(self, client: Cloudflare) -> None: asn = client.radar.entities.asns.get( @@ -299,6 +341,46 @@ async def test_streaming_response_as_set(self, async_client: AsyncCloudflare) -> assert cast(Any, response.is_closed) is True + @parametrize + async def test_method_botnet_threat_feed(self, async_client: AsyncCloudflare) -> None: + asn = await async_client.radar.entities.asns.botnet_threat_feed() + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + @parametrize + async def test_method_botnet_threat_feed_with_all_params(self, async_client: AsyncCloudflare) -> None: + asn = await async_client.radar.entities.asns.botnet_threat_feed( + asn=["string"], + compare_date_range="7d", + date=parse_date("2026-02-04"), + format="JSON", + limit=1, + location="US", + metric="OFFENSE_COUNT", + offset=0, + sort_order="ASC", + ) + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + @parametrize + async def test_raw_response_botnet_threat_feed(self, async_client: AsyncCloudflare) -> None: + response = await async_client.radar.entities.asns.with_raw_response.botnet_threat_feed() + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + asn = await response.parse() + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + @parametrize + async def test_streaming_response_botnet_threat_feed(self, async_client: AsyncCloudflare) -> None: + async with async_client.radar.entities.asns.with_streaming_response.botnet_threat_feed() as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + asn = await response.parse() + assert_matches_type(ASNBotnetThreatFeedResponse, asn, path=["response"]) + + assert cast(Any, response.is_closed) is True + @parametrize async def test_method_get(self, async_client: AsyncCloudflare) -> None: asn = await async_client.radar.entities.asns.get( diff --git a/tests/api_resources/radar/entities/test_locations.py b/tests/api_resources/radar/entities/test_locations.py index 0cf9c0fc608..0e974220e63 100644 --- a/tests/api_resources/radar/entities/test_locations.py +++ b/tests/api_resources/radar/entities/test_locations.py @@ -28,10 +28,13 @@ def test_method_list(self, client: Cloudflare) -> None: @parametrize def test_method_list_with_all_params(self, client: Cloudflare) -> None: location = client.radar.entities.locations.list( + continent="EU", format="JSON", limit=1, location="US,CA", offset=0, + region="Middle East", + subregion="Southern Europe", ) assert_matches_type(LocationListResponse, location, path=["response"]) @@ -115,10 +118,13 @@ async def test_method_list(self, async_client: AsyncCloudflare) -> None: @parametrize async def test_method_list_with_all_params(self, async_client: AsyncCloudflare) -> None: location = await async_client.radar.entities.locations.list( + continent="EU", format="JSON", limit=1, location="US,CA", offset=0, + region="Middle East", + subregion="Southern Europe", ) assert_matches_type(LocationListResponse, location, path=["response"]) diff --git a/tests/api_resources/radar/post_quantum/__init__.py b/tests/api_resources/radar/post_quantum/__init__.py new file mode 100644 index 00000000000..fd8019a9a1a --- /dev/null +++ b/tests/api_resources/radar/post_quantum/__init__.py @@ -0,0 +1 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. diff --git a/tests/api_resources/radar/post_quantum/test_origin.py b/tests/api_resources/radar/post_quantum/test_origin.py new file mode 100644 index 00000000000..fb008d46924 --- /dev/null +++ b/tests/api_resources/radar/post_quantum/test_origin.py @@ -0,0 +1,200 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import os +from typing import Any, cast + +import pytest + +from cloudflare import Cloudflare, AsyncCloudflare +from tests.utils import assert_matches_type +from cloudflare._utils import parse_datetime +from cloudflare.types.radar.post_quantum import ( + OriginSummaryResponse, + OriginTimeseriesGroupsResponse, +) + +base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") + + +class TestOrigin: + parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + + @parametrize + def test_method_summary(self, client: Cloudflare) -> None: + origin = client.radar.post_quantum.origin.summary( + dimension="KEY_AGREEMENT", + ) + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + @parametrize + def test_method_summary_with_all_params(self, client: Cloudflare) -> None: + origin = client.radar.post_quantum.origin.summary( + dimension="KEY_AGREEMENT", + date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], + date_range=["7d"], + date_start=[parse_datetime("2019-12-27T18:11:19.117Z")], + format="JSON", + name=["main_series"], + ) + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + @parametrize + def test_raw_response_summary(self, client: Cloudflare) -> None: + response = client.radar.post_quantum.origin.with_raw_response.summary( + dimension="KEY_AGREEMENT", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + origin = response.parse() + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + @parametrize + def test_streaming_response_summary(self, client: Cloudflare) -> None: + with client.radar.post_quantum.origin.with_streaming_response.summary( + dimension="KEY_AGREEMENT", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + origin = response.parse() + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_method_timeseries_groups(self, client: Cloudflare) -> None: + origin = client.radar.post_quantum.origin.timeseries_groups( + dimension="KEY_AGREEMENT", + ) + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + @parametrize + def test_method_timeseries_groups_with_all_params(self, client: Cloudflare) -> None: + origin = client.radar.post_quantum.origin.timeseries_groups( + dimension="KEY_AGREEMENT", + date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], + date_range=["7d"], + date_start=[parse_datetime("2019-12-27T18:11:19.117Z")], + format="JSON", + name=["main_series"], + ) + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + @parametrize + def test_raw_response_timeseries_groups(self, client: Cloudflare) -> None: + response = client.radar.post_quantum.origin.with_raw_response.timeseries_groups( + dimension="KEY_AGREEMENT", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + origin = response.parse() + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + @parametrize + def test_streaming_response_timeseries_groups(self, client: Cloudflare) -> None: + with client.radar.post_quantum.origin.with_streaming_response.timeseries_groups( + dimension="KEY_AGREEMENT", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + origin = response.parse() + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + assert cast(Any, response.is_closed) is True + + +class TestAsyncOrigin: + parametrize = pytest.mark.parametrize( + "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] + ) + + @parametrize + async def test_method_summary(self, async_client: AsyncCloudflare) -> None: + origin = await async_client.radar.post_quantum.origin.summary( + dimension="KEY_AGREEMENT", + ) + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + @parametrize + async def test_method_summary_with_all_params(self, async_client: AsyncCloudflare) -> None: + origin = await async_client.radar.post_quantum.origin.summary( + dimension="KEY_AGREEMENT", + date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], + date_range=["7d"], + date_start=[parse_datetime("2019-12-27T18:11:19.117Z")], + format="JSON", + name=["main_series"], + ) + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + @parametrize + async def test_raw_response_summary(self, async_client: AsyncCloudflare) -> None: + response = await async_client.radar.post_quantum.origin.with_raw_response.summary( + dimension="KEY_AGREEMENT", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + origin = await response.parse() + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + @parametrize + async def test_streaming_response_summary(self, async_client: AsyncCloudflare) -> None: + async with async_client.radar.post_quantum.origin.with_streaming_response.summary( + dimension="KEY_AGREEMENT", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + origin = await response.parse() + assert_matches_type(OriginSummaryResponse, origin, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_method_timeseries_groups(self, async_client: AsyncCloudflare) -> None: + origin = await async_client.radar.post_quantum.origin.timeseries_groups( + dimension="KEY_AGREEMENT", + ) + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + @parametrize + async def test_method_timeseries_groups_with_all_params(self, async_client: AsyncCloudflare) -> None: + origin = await async_client.radar.post_quantum.origin.timeseries_groups( + dimension="KEY_AGREEMENT", + date_end=[parse_datetime("2019-12-27T18:11:19.117Z")], + date_range=["7d"], + date_start=[parse_datetime("2019-12-27T18:11:19.117Z")], + format="JSON", + name=["main_series"], + ) + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + @parametrize + async def test_raw_response_timeseries_groups(self, async_client: AsyncCloudflare) -> None: + response = await async_client.radar.post_quantum.origin.with_raw_response.timeseries_groups( + dimension="KEY_AGREEMENT", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + origin = await response.parse() + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + @parametrize + async def test_streaming_response_timeseries_groups(self, async_client: AsyncCloudflare) -> None: + async with async_client.radar.post_quantum.origin.with_streaming_response.timeseries_groups( + dimension="KEY_AGREEMENT", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + origin = await response.parse() + assert_matches_type(OriginTimeseriesGroupsResponse, origin, path=["response"]) + + assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/radar/post_quantum/test_tls.py b/tests/api_resources/radar/post_quantum/test_tls.py new file mode 100644 index 00000000000..6b5a79f2552 --- /dev/null +++ b/tests/api_resources/radar/post_quantum/test_tls.py @@ -0,0 +1,86 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import os +from typing import Any, cast + +import pytest + +from cloudflare import Cloudflare, AsyncCloudflare +from tests.utils import assert_matches_type +from cloudflare.types.radar.post_quantum import TLSSupportResponse + +base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") + + +class TestTLS: + parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + + @parametrize + def test_method_support(self, client: Cloudflare) -> None: + tls = client.radar.post_quantum.tls.support( + host="cloudflare.com", + ) + assert_matches_type(TLSSupportResponse, tls, path=["response"]) + + @parametrize + def test_raw_response_support(self, client: Cloudflare) -> None: + response = client.radar.post_quantum.tls.with_raw_response.support( + host="cloudflare.com", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + tls = response.parse() + assert_matches_type(TLSSupportResponse, tls, path=["response"]) + + @parametrize + def test_streaming_response_support(self, client: Cloudflare) -> None: + with client.radar.post_quantum.tls.with_streaming_response.support( + host="cloudflare.com", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + tls = response.parse() + assert_matches_type(TLSSupportResponse, tls, path=["response"]) + + assert cast(Any, response.is_closed) is True + + +class TestAsyncTLS: + parametrize = pytest.mark.parametrize( + "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] + ) + + @parametrize + async def test_method_support(self, async_client: AsyncCloudflare) -> None: + tls = await async_client.radar.post_quantum.tls.support( + host="cloudflare.com", + ) + assert_matches_type(TLSSupportResponse, tls, path=["response"]) + + @parametrize + async def test_raw_response_support(self, async_client: AsyncCloudflare) -> None: + response = await async_client.radar.post_quantum.tls.with_raw_response.support( + host="cloudflare.com", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + tls = await response.parse() + assert_matches_type(TLSSupportResponse, tls, path=["response"]) + + @parametrize + async def test_streaming_response_support(self, async_client: AsyncCloudflare) -> None: + async with async_client.radar.post_quantum.tls.with_streaming_response.support( + host="cloudflare.com", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + tls = await response.parse() + assert_matches_type(TLSSupportResponse, tls, path=["response"]) + + assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/rulesets/test_rules.py b/tests/api_resources/rulesets/test_rules.py index d19c85a55ee..a15cd560be1 100644 --- a/tests/api_resources/rulesets/test_rules.py +++ b/tests/api_resources/rulesets/test_rules.py @@ -1633,6 +1633,7 @@ def test_method_create_with_all_params_overload_17(self, client: Cloudflare) -> "js": True, }, "bic": True, + "content_converter": True, "disable_apps": True, "disable_pay_per_crawl": True, "disable_rum": True, @@ -3739,6 +3740,7 @@ def test_method_edit_with_all_params_overload_17(self, client: Cloudflare) -> No "js": True, }, "bic": True, + "content_converter": True, "disable_apps": True, "disable_pay_per_crawl": True, "disable_rum": True, @@ -5570,6 +5572,7 @@ async def test_method_create_with_all_params_overload_17(self, async_client: Asy "js": True, }, "bic": True, + "content_converter": True, "disable_apps": True, "disable_pay_per_crawl": True, "disable_rum": True, @@ -7676,6 +7679,7 @@ async def test_method_edit_with_all_params_overload_17(self, async_client: Async "js": True, }, "bic": True, + "content_converter": True, "disable_apps": True, "disable_pay_per_crawl": True, "disable_rum": True, diff --git a/tests/api_resources/snippets/test_rules.py b/tests/api_resources/snippets/test_rules.py index 53da364b377..862ce32bb8a 100644 --- a/tests/api_resources/snippets/test_rules.py +++ b/tests/api_resources/snippets/test_rules.py @@ -9,8 +9,6 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type -from cloudflare.pagination import SyncSinglePage, AsyncSinglePage -from cloudflare.types.snippets import RuleListResponse, RuleDeleteResponse, RuleUpdateResponse base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -29,7 +27,7 @@ def test_method_update(self, client: Cloudflare) -> None: } ], ) - assert_matches_type(SyncSinglePage[RuleUpdateResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize def test_raw_response_update(self, client: Cloudflare) -> None: @@ -46,7 +44,7 @@ def test_raw_response_update(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = response.parse() - assert_matches_type(SyncSinglePage[RuleUpdateResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize def test_streaming_response_update(self, client: Cloudflare) -> None: @@ -63,7 +61,7 @@ def test_streaming_response_update(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = response.parse() - assert_matches_type(SyncSinglePage[RuleUpdateResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) assert cast(Any, response.is_closed) is True @@ -85,7 +83,7 @@ def test_method_list(self, client: Cloudflare) -> None: rule = client.snippets.rules.list( zone_id="9f1839b6152d298aca64c4e906b6d074", ) - assert_matches_type(SyncSinglePage[RuleListResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize def test_raw_response_list(self, client: Cloudflare) -> None: @@ -96,7 +94,7 @@ def test_raw_response_list(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = response.parse() - assert_matches_type(SyncSinglePage[RuleListResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize def test_streaming_response_list(self, client: Cloudflare) -> None: @@ -107,7 +105,7 @@ def test_streaming_response_list(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = response.parse() - assert_matches_type(SyncSinglePage[RuleListResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) assert cast(Any, response.is_closed) is True @@ -123,7 +121,7 @@ def test_method_delete(self, client: Cloudflare) -> None: rule = client.snippets.rules.delete( zone_id="9f1839b6152d298aca64c4e906b6d074", ) - assert_matches_type(SyncSinglePage[RuleDeleteResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize def test_raw_response_delete(self, client: Cloudflare) -> None: @@ -134,7 +132,7 @@ def test_raw_response_delete(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = response.parse() - assert_matches_type(SyncSinglePage[RuleDeleteResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize def test_streaming_response_delete(self, client: Cloudflare) -> None: @@ -145,7 +143,7 @@ def test_streaming_response_delete(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = response.parse() - assert_matches_type(SyncSinglePage[RuleDeleteResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) assert cast(Any, response.is_closed) is True @@ -173,7 +171,7 @@ async def test_method_update(self, async_client: AsyncCloudflare) -> None: } ], ) - assert_matches_type(AsyncSinglePage[RuleUpdateResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: @@ -190,7 +188,7 @@ async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = await response.parse() - assert_matches_type(AsyncSinglePage[RuleUpdateResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> None: @@ -207,7 +205,7 @@ async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = await response.parse() - assert_matches_type(AsyncSinglePage[RuleUpdateResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) assert cast(Any, response.is_closed) is True @@ -229,7 +227,7 @@ async def test_method_list(self, async_client: AsyncCloudflare) -> None: rule = await async_client.snippets.rules.list( zone_id="9f1839b6152d298aca64c4e906b6d074", ) - assert_matches_type(AsyncSinglePage[RuleListResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: @@ -240,7 +238,7 @@ async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = await response.parse() - assert_matches_type(AsyncSinglePage[RuleListResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> None: @@ -251,7 +249,7 @@ async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> N assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = await response.parse() - assert_matches_type(AsyncSinglePage[RuleListResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) assert cast(Any, response.is_closed) is True @@ -267,7 +265,7 @@ async def test_method_delete(self, async_client: AsyncCloudflare) -> None: rule = await async_client.snippets.rules.delete( zone_id="9f1839b6152d298aca64c4e906b6d074", ) - assert_matches_type(AsyncSinglePage[RuleDeleteResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: @@ -278,7 +276,7 @@ async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = await response.parse() - assert_matches_type(AsyncSinglePage[RuleDeleteResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) @parametrize async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> None: @@ -289,7 +287,7 @@ async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" rule = await response.parse() - assert_matches_type(AsyncSinglePage[RuleDeleteResponse], rule, path=["response"]) + assert_matches_type(object, rule, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/ssl/test_certificate_packs.py b/tests/api_resources/ssl/test_certificate_packs.py index f2ace2cbb53..dc0fbee435e 100644 --- a/tests/api_resources/ssl/test_certificate_packs.py +++ b/tests/api_resources/ssl/test_certificate_packs.py @@ -16,7 +16,7 @@ CertificatePackCreateResponse, CertificatePackDeleteResponse, ) -from cloudflare.pagination import SyncSinglePage, AsyncSinglePage +from cloudflare.pagination import SyncV4PagePaginationArray, AsyncV4PagePaginationArray base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -100,15 +100,18 @@ def test_method_list(self, client: Cloudflare) -> None: certificate_pack = client.ssl.certificate_packs.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) - assert_matches_type(SyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type(SyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"]) @parametrize def test_method_list_with_all_params(self, client: Cloudflare) -> None: certificate_pack = client.ssl.certificate_packs.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", + deploy="staging", + page=1, + per_page=5, status="all", ) - assert_matches_type(SyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type(SyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"]) @parametrize def test_raw_response_list(self, client: Cloudflare) -> None: @@ -119,7 +122,7 @@ def test_raw_response_list(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" certificate_pack = response.parse() - assert_matches_type(SyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type(SyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"]) @parametrize def test_streaming_response_list(self, client: Cloudflare) -> None: @@ -130,7 +133,9 @@ def test_streaming_response_list(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" certificate_pack = response.parse() - assert_matches_type(SyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type( + SyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"] + ) assert cast(Any, response.is_closed) is True @@ -376,15 +381,22 @@ async def test_method_list(self, async_client: AsyncCloudflare) -> None: certificate_pack = await async_client.ssl.certificate_packs.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) - assert_matches_type(AsyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type( + AsyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"] + ) @parametrize async def test_method_list_with_all_params(self, async_client: AsyncCloudflare) -> None: certificate_pack = await async_client.ssl.certificate_packs.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", + deploy="staging", + page=1, + per_page=5, status="all", ) - assert_matches_type(AsyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type( + AsyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"] + ) @parametrize async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: @@ -395,7 +407,9 @@ async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" certificate_pack = await response.parse() - assert_matches_type(AsyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type( + AsyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"] + ) @parametrize async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> None: @@ -406,7 +420,9 @@ async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> N assert response.http_request.headers.get("X-Stainless-Lang") == "python" certificate_pack = await response.parse() - assert_matches_type(AsyncSinglePage[CertificatePackListResponse], certificate_pack, path=["response"]) + assert_matches_type( + AsyncV4PagePaginationArray[CertificatePackListResponse], certificate_pack, path=["response"] + ) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/stream/test_live_inputs.py b/tests/api_resources/stream/test_live_inputs.py index 8c637eb3141..337baada0c7 100644 --- a/tests/api_resources/stream/test_live_inputs.py +++ b/tests/api_resources/stream/test_live_inputs.py @@ -33,6 +33,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", default_creator="defaultCreator", delete_recording_after_days=45, + enabled=True, meta={"name": "test stream 1"}, recording={ "allowed_origins": ["example.com"], @@ -90,6 +91,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", default_creator="defaultCreator", delete_recording_after_days=45, + enabled=True, meta={"name": "test stream 1"}, recording={ "allowed_origins": ["example.com"], @@ -302,6 +304,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare account_id="023e105f4ecef8ad9ca31a8372d0c353", default_creator="defaultCreator", delete_recording_after_days=45, + enabled=True, meta={"name": "test stream 1"}, recording={ "allowed_origins": ["example.com"], @@ -359,6 +362,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare account_id="023e105f4ecef8ad9ca31a8372d0c353", default_creator="defaultCreator", delete_recording_after_days=45, + enabled=True, meta={"name": "test stream 1"}, recording={ "allowed_origins": ["example.com"], diff --git a/tests/api_resources/test_ai.py b/tests/api_resources/test_ai.py index aa2f3717bc0..2d8fb346f07 100644 --- a/tests/api_resources/test_ai.py +++ b/tests/api_resources/test_ai.py @@ -516,7 +516,7 @@ def test_method_run_overload_9(self, client: Cloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -530,7 +530,7 @@ def test_method_run_with_all_params_overload_9(self, client: Cloudflare) -> None account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -580,7 +580,7 @@ def test_raw_response_run_overload_9(self, client: Cloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -598,7 +598,7 @@ def test_streaming_response_run_overload_9(self, client: Cloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -619,7 +619,7 @@ def test_path_params_run_overload_9(self, client: Cloudflare) -> None: account_id="", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -631,7 +631,7 @@ def test_path_params_run_overload_9(self, client: Cloudflare) -> None: account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -926,7 +926,7 @@ def test_method_run_overload_14(self, client: Cloudflare) -> None: image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -941,7 +941,7 @@ def test_method_run_with_all_params_overload_14(self, client: Cloudflare) -> Non image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -965,7 +965,7 @@ def test_raw_response_run_overload_14(self, client: Cloudflare) -> None: image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -984,7 +984,7 @@ def test_streaming_response_run_overload_14(self, client: Cloudflare) -> None: image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1006,7 +1006,7 @@ def test_path_params_run_overload_14(self, client: Cloudflare) -> None: image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1019,7 +1019,7 @@ def test_path_params_run_overload_14(self, client: Cloudflare) -> None: image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1588,7 +1588,7 @@ async def test_method_run_overload_9(self, async_client: AsyncCloudflare) -> Non account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1602,7 +1602,7 @@ async def test_method_run_with_all_params_overload_9(self, async_client: AsyncCl account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1652,7 +1652,7 @@ async def test_raw_response_run_overload_9(self, async_client: AsyncCloudflare) account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1670,7 +1670,7 @@ async def test_streaming_response_run_overload_9(self, async_client: AsyncCloudf account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1691,7 +1691,7 @@ async def test_path_params_run_overload_9(self, async_client: AsyncCloudflare) - account_id="", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1703,7 +1703,7 @@ async def test_path_params_run_overload_9(self, async_client: AsyncCloudflare) - account_id="023e105f4ecef8ad9ca31a8372d0c353", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -1998,7 +1998,7 @@ async def test_method_run_overload_14(self, async_client: AsyncCloudflare) -> No image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -2013,7 +2013,7 @@ async def test_method_run_with_all_params_overload_14(self, async_client: AsyncC image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -2037,7 +2037,7 @@ async def test_raw_response_run_overload_14(self, async_client: AsyncCloudflare) image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -2056,7 +2056,7 @@ async def test_streaming_response_run_overload_14(self, async_client: AsyncCloud image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -2078,7 +2078,7 @@ async def test_path_params_run_overload_14(self, async_client: AsyncCloudflare) image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], @@ -2091,7 +2091,7 @@ async def test_path_params_run_overload_14(self, async_client: AsyncCloudflare) image="image", messages=[ { - "content": "content", + "content": "string", "role": "role", } ], diff --git a/tests/api_resources/test_client_certificates.py b/tests/api_resources/test_client_certificates.py index 60092807cba..b64546a093a 100644 --- a/tests/api_resources/test_client_certificates.py +++ b/tests/api_resources/test_client_certificates.py @@ -24,7 +24,7 @@ class TestClientCertificates: def test_method_create(self, client: Cloudflare) -> None: client_certificate = client.client_certificates.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) assert_matches_type(Optional[ClientCertificate], client_certificate, path=["response"]) @@ -33,7 +33,7 @@ def test_method_create(self, client: Cloudflare) -> None: def test_raw_response_create(self, client: Cloudflare) -> None: response = client.client_certificates.with_raw_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) @@ -46,7 +46,7 @@ def test_raw_response_create(self, client: Cloudflare) -> None: def test_streaming_response_create(self, client: Cloudflare) -> None: with client.client_certificates.with_streaming_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) as response: assert not response.is_closed @@ -62,7 +62,7 @@ def test_path_params_create(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): client.client_certificates.with_raw_response.create( zone_id="", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) @@ -279,7 +279,7 @@ class TestAsyncClientCertificates: async def test_method_create(self, async_client: AsyncCloudflare) -> None: client_certificate = await async_client.client_certificates.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) assert_matches_type(Optional[ClientCertificate], client_certificate, path=["response"]) @@ -288,7 +288,7 @@ async def test_method_create(self, async_client: AsyncCloudflare) -> None: async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: response = await async_client.client_certificates.with_raw_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) @@ -301,7 +301,7 @@ async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: async with async_client.client_certificates.with_streaming_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) as response: assert not response.is_closed @@ -317,7 +317,7 @@ async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): await async_client.client_certificates.with_raw_response.create( zone_id="", - csr="-----BEGIN CERTIFICATE REQUEST-----\\nMIICY....\\n-----END CERTIFICATE REQUEST-----\\n", + csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----", validity_days=3650, ) diff --git a/tests/api_resources/test_custom_certificates.py b/tests/api_resources/test_custom_certificates.py index 5632863289f..3109f005ac6 100644 --- a/tests/api_resources/test_custom_certificates.py +++ b/tests/api_resources/test_custom_certificates.py @@ -37,6 +37,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", bundle_method="ubiquitous", + deploy="staging", geo_restrictions={"label": "us"}, policy="(country: US) or (region: EU)", type="sni_custom", @@ -179,7 +180,7 @@ def test_path_params_delete(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") @parametrize - def test_method_edit_overload_1(self, client: Cloudflare) -> None: + def test_method_edit(self, client: Cloudflare) -> None: custom_certificate = client.custom_certificates.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", @@ -187,86 +188,25 @@ def test_method_edit_overload_1(self, client: Cloudflare) -> None: assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) @parametrize - def test_method_edit_with_all_params_overload_1(self, client: Cloudflare) -> None: + def test_method_edit_with_all_params(self, client: Cloudflare) -> None: custom_certificate = client.custom_certificates.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", bundle_method="ubiquitous", - ) - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") - @parametrize - def test_raw_response_edit_overload_1(self, client: Cloudflare) -> None: - response = client.custom_certificates.with_raw_response.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - ) - - assert response.is_closed is True - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - custom_certificate = response.parse() - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") - @parametrize - def test_streaming_response_edit_overload_1(self, client: Cloudflare) -> None: - with client.custom_certificates.with_streaming_response.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - ) as response: - assert not response.is_closed - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - - custom_certificate = response.parse() - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - assert cast(Any, response.is_closed) is True - - @parametrize - def test_path_params_edit_overload_1(self, client: Cloudflare) -> None: - with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): - client.custom_certificates.with_raw_response.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="", - ) - - with pytest.raises(ValueError, match=r"Expected a non-empty value for `custom_certificate_id` but received ''"): - client.custom_certificates.with_raw_response.edit( - custom_certificate_id="", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - ) - - @parametrize - def test_method_edit_overload_2(self, client: Cloudflare) -> None: - custom_certificate = client.custom_certificates.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", - ) - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - @parametrize - def test_method_edit_with_all_params_overload_2(self, client: Cloudflare) -> None: - custom_certificate = client.custom_certificates.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", - bundle_method="ubiquitous", + deploy="staging", geo_restrictions={"label": "us"}, policy="(country: US) or (region: EU)", + private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) + @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") @parametrize - def test_raw_response_edit_overload_2(self, client: Cloudflare) -> None: + def test_raw_response_edit(self, client: Cloudflare) -> None: response = client.custom_certificates.with_raw_response.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) assert response.is_closed is True @@ -274,13 +214,12 @@ def test_raw_response_edit_overload_2(self, client: Cloudflare) -> None: custom_certificate = response.parse() assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) + @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") @parametrize - def test_streaming_response_edit_overload_2(self, client: Cloudflare) -> None: + def test_streaming_response_edit(self, client: Cloudflare) -> None: with client.custom_certificates.with_streaming_response.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -291,21 +230,17 @@ def test_streaming_response_edit_overload_2(self, client: Cloudflare) -> None: assert cast(Any, response.is_closed) is True @parametrize - def test_path_params_edit_overload_2(self, client: Cloudflare) -> None: + def test_path_params_edit(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): client.custom_certificates.with_raw_response.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `custom_certificate_id` but received ''"): client.custom_certificates.with_raw_response.edit( custom_certificate_id="", zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) @parametrize @@ -378,6 +313,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", bundle_method="ubiquitous", + deploy="staging", geo_restrictions={"label": "us"}, policy="(country: US) or (region: EU)", type="sni_custom", @@ -520,7 +456,7 @@ async def test_path_params_delete(self, async_client: AsyncCloudflare) -> None: @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") @parametrize - async def test_method_edit_overload_1(self, async_client: AsyncCloudflare) -> None: + async def test_method_edit(self, async_client: AsyncCloudflare) -> None: custom_certificate = await async_client.custom_certificates.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", @@ -528,86 +464,25 @@ async def test_method_edit_overload_1(self, async_client: AsyncCloudflare) -> No assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) @parametrize - async def test_method_edit_with_all_params_overload_1(self, async_client: AsyncCloudflare) -> None: + async def test_method_edit_with_all_params(self, async_client: AsyncCloudflare) -> None: custom_certificate = await async_client.custom_certificates.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", bundle_method="ubiquitous", - ) - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") - @parametrize - async def test_raw_response_edit_overload_1(self, async_client: AsyncCloudflare) -> None: - response = await async_client.custom_certificates.with_raw_response.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - ) - - assert response.is_closed is True - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - custom_certificate = await response.parse() - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") - @parametrize - async def test_streaming_response_edit_overload_1(self, async_client: AsyncCloudflare) -> None: - async with async_client.custom_certificates.with_streaming_response.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - ) as response: - assert not response.is_closed - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - - custom_certificate = await response.parse() - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - assert cast(Any, response.is_closed) is True - - @parametrize - async def test_path_params_edit_overload_1(self, async_client: AsyncCloudflare) -> None: - with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): - await async_client.custom_certificates.with_raw_response.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="", - ) - - with pytest.raises(ValueError, match=r"Expected a non-empty value for `custom_certificate_id` but received ''"): - await async_client.custom_certificates.with_raw_response.edit( - custom_certificate_id="", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - ) - - @parametrize - async def test_method_edit_overload_2(self, async_client: AsyncCloudflare) -> None: - custom_certificate = await async_client.custom_certificates.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", - ) - assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) - - @parametrize - async def test_method_edit_with_all_params_overload_2(self, async_client: AsyncCloudflare) -> None: - custom_certificate = await async_client.custom_certificates.edit( - custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", - zone_id="023e105f4ecef8ad9ca31a8372d0c353", certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", - bundle_method="ubiquitous", + deploy="staging", geo_restrictions={"label": "us"}, policy="(country: US) or (region: EU)", + private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) + @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") @parametrize - async def test_raw_response_edit_overload_2(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_edit(self, async_client: AsyncCloudflare) -> None: response = await async_client.custom_certificates.with_raw_response.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) assert response.is_closed is True @@ -615,13 +490,12 @@ async def test_raw_response_edit_overload_2(self, async_client: AsyncCloudflare) custom_certificate = await response.parse() assert_matches_type(Optional[CustomCertificate], custom_certificate, path=["response"]) + @pytest.mark.skip(reason="Test missing required parameters: certificate and private_key (Issue #4)") @parametrize - async def test_streaming_response_edit_overload_2(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_edit(self, async_client: AsyncCloudflare) -> None: async with async_client.custom_certificates.with_streaming_response.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -632,21 +506,17 @@ async def test_streaming_response_edit_overload_2(self, async_client: AsyncCloud assert cast(Any, response.is_closed) is True @parametrize - async def test_path_params_edit_overload_2(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_edit(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): await async_client.custom_certificates.with_raw_response.edit( custom_certificate_id="023e105f4ecef8ad9ca31a8372d0c353", zone_id="", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) with pytest.raises(ValueError, match=r"Expected a non-empty value for `custom_certificate_id` but received ''"): await async_client.custom_certificates.with_raw_response.edit( custom_certificate_id="", zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\nBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF\nMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1\nCGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB\nKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5\n0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI\ndZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2\nizNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4\n9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI\nGKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2\n2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP\nMlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG\nSvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq\n2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw\nYbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=\n-----END CERTIFICATE-----\n", - private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", ) @parametrize diff --git a/tests/api_resources/test_custom_hostnames.py b/tests/api_resources/test_custom_hostnames.py index 9d96b2f0dd6..0e8797357e1 100644 --- a/tests/api_resources/test_custom_hostnames.py +++ b/tests/api_resources/test_custom_hostnames.py @@ -48,7 +48,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: "custom_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/SCB5...\n-----END PRIVATE KEY-----\n", } ], - "custom_certificate": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n", + "custom_certificate": "-----BEGIN CERTIFICATE-----\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\n-----END CERTIFICATE-----\n", "custom_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", "method": "http", "settings": { @@ -226,7 +226,7 @@ def test_method_edit_with_all_params(self, client: Cloudflare) -> None: "custom_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/SCB5...\n-----END PRIVATE KEY-----\n", } ], - "custom_certificate": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n", + "custom_certificate": "-----BEGIN CERTIFICATE-----\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\n-----END CERTIFICATE-----\n", "custom_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", "method": "http", "settings": { @@ -360,7 +360,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare "custom_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/SCB5...\n-----END PRIVATE KEY-----\n", } ], - "custom_certificate": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n", + "custom_certificate": "-----BEGIN CERTIFICATE-----\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\n-----END CERTIFICATE-----\n", "custom_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", "method": "http", "settings": { @@ -538,7 +538,7 @@ async def test_method_edit_with_all_params(self, async_client: AsyncCloudflare) "custom_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/SCB5...\n-----END PRIVATE KEY-----\n", } ], - "custom_certificate": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n", + "custom_certificate": "-----BEGIN CERTIFICATE-----\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\n-----END CERTIFICATE-----\n", "custom_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", "method": "http", "settings": { diff --git a/tests/api_resources/test_keyless_certificates.py b/tests/api_resources/test_keyless_certificates.py index ea17c20d1b1..52085ebc74e 100644 --- a/tests/api_resources/test_keyless_certificates.py +++ b/tests/api_resources/test_keyless_certificates.py @@ -25,7 +25,7 @@ class TestKeylessCertificates: def test_method_create(self, client: Cloudflare) -> None: keyless_certificate = client.keyless_certificates.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) @@ -35,7 +35,7 @@ def test_method_create(self, client: Cloudflare) -> None: def test_method_create_with_all_params(self, client: Cloudflare) -> None: keyless_certificate = client.keyless_certificates.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, bundle_method="ubiquitous", @@ -51,7 +51,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: def test_raw_response_create(self, client: Cloudflare) -> None: response = client.keyless_certificates.with_raw_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) @@ -65,7 +65,7 @@ def test_raw_response_create(self, client: Cloudflare) -> None: def test_streaming_response_create(self, client: Cloudflare) -> None: with client.keyless_certificates.with_streaming_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) as response: @@ -82,7 +82,7 @@ def test_path_params_create(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): client.keyless_certificates.with_raw_response.create( zone_id="", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) @@ -301,7 +301,7 @@ class TestAsyncKeylessCertificates: async def test_method_create(self, async_client: AsyncCloudflare) -> None: keyless_certificate = await async_client.keyless_certificates.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) @@ -311,7 +311,7 @@ async def test_method_create(self, async_client: AsyncCloudflare) -> None: async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: keyless_certificate = await async_client.keyless_certificates.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, bundle_method="ubiquitous", @@ -327,7 +327,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: response = await async_client.keyless_certificates.with_raw_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) @@ -341,7 +341,7 @@ async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: async with async_client.keyless_certificates.with_streaming_response.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) as response: @@ -358,7 +358,7 @@ async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `zone_id` but received ''"): await async_client.keyless_certificates.with_raw_response.create( zone_id="", - certificate="-----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF MQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ LIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N nTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO fSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8 5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ qI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+ sWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV RKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4 UEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt vTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8 uXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs ESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8 /cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw= -----END CERTIFICATE-----", + certificate="-----BEGIN CERTIFICATE-----\nMIIDtTCCAp2gAwIBAgIJAM15n7fdxhRtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX\naWRnaXRzIFB0eSBMdGQwHhcNMTQwMzExMTkyMTU5WhcNMTQwNDEwMTkyMTU5WjBF\nMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50\nZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvq3sKsHpeduJHimOK+fvQdKsI8z8A05MZyyLp2/R/GE8FjNv+hkVY1WQ\nLIyTNNQH7CJecE1nbTfo8Y56S7x/rhxC6/DJ8MIulapFPnorq46KU6yRxiM0MQ3N\nnTJHlHA2ozZta6YBBfVfhHWl1F0IfNbXCLKvGwWWMbCx43OfW6KTkbRnE6gFWKuO\nfSO5h2u5TaWVuSIzBvYs7Vza6m+gtYAvKAJV2nSZ+eSEFPDo29corOy8+huEOUL8\n5FAw4BFPsr1TlrlGPFitduQUHGrSL7skk1ESGza0to3bOtrodKei2s9bk5MXm7lZ\nqI+WZJX4Zu9+mzZhc9pCVi8r/qlXuQIDAQABo4GnMIGkMB0GA1UdDgQWBBRvavf+\nsWM4IwKiH9X9w1vl6nUVRDB1BgNVHSMEbjBsgBRvavf+sWM4IwKiH9X9w1vl6nUV\nRKFJpEcwRTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV\nBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAM15n7fdxhRtMAwGA1UdEwQF\nMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABY2ZzBaW0dMsAAT7tPJzrVWVzQx6KU4\nUEBLudIlWPlkAwTnINCWR/8eNjCCmGA4heUdHmazdpPa8RzwOmc0NT1NQqzSyktt\nvTqb4iHD7+8f9MqJ9/FssCfTtqr/Qst/hGH4Wmdf1EJ/6FqYAAb5iRlPgshFZxU8\nuXtA8hWn6fK6eISD9HBdcAFToUvKNZ1BIDPvh9f95Ine8ar6yGd56TUNrHR8eHBs\nESxz5ddVR/oWRysNJ+aGAyYqHS8S/ttmC7r4XCAHqXptkHPCGRqkAhsterYhd4I8\n/cBzejUobNCjjHFbtkAL/SjxZOLW+pNkZwfeYdM8iPkD54Uua1v2tdw=\n-----END CERTIFICATE-----", host="example.com", port=24008, ) diff --git a/tests/api_resources/test_mtls_certificates.py b/tests/api_resources/test_mtls_certificates.py index e5ad0553d13..2635fb2c31d 100644 --- a/tests/api_resources/test_mtls_certificates.py +++ b/tests/api_resources/test_mtls_certificates.py @@ -26,7 +26,7 @@ def test_method_create(self, client: Cloudflare) -> None: mtls_certificate = client.mtls_certificates.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) assert_matches_type(Optional[MTLSCertificateCreateResponse], mtls_certificate, path=["response"]) @@ -35,9 +35,9 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: mtls_certificate = client.mtls_certificates.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", name="example_ca_cert", - private_key="-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEXDkcICRU3XBv9hiiPnBWIjgTQyowmVFxDr11mONgZB/cMYjE/OvQjvnpwNcOaSK16MOpAjNbELKRx2lZiVJaLRDCccqCxXwP/CrdRChcqGzo7mbNksMlcidrErb0LlEBKLFC2QjRmRKqB+YOs4TD8WsZu2S667A2fZmjRlaqOxFi1h62ee0P+TLU628UC/nl41JifSt5Evt7hMDHakemdwZblNYr2p6T3NQjdhjYXTtP4UmOGJBhJ7i7Kicg3d3CIgdTMbggSeGWqjndr4ldVnD96FN3cVT5uDFsn2CJXTFgdeBWoUnMS4VnUZzPWGf4vSBXC8qV7Ls+w46yT7T1AgMBAAECggEAQZnp/oqCeNPOR6l5S2L+1tfx0gWjZ78hJVteUpZ0iHSK7F6kKeOxyOird7vUXV0kmo+cJq+0hp0Ke4eam640FCpwKfYoSQ4/R3vgujGWJnaihCN5tv5sMet0XeJPuz5qE7ALoKCvwI6aXLHs20aAeZIDTQJ9QbGSGnJVzOWn+JDTidIgZpN57RpXfSAwnJPTQK/PN8i5z108hsaDOdEgGmxYZ7kYqMqzX20KXmth58LDfPixs5JGtS60iiKC/wOcGzkB2/AdTSojR76oEU77cANP/3zO25NG//whUdYlW0t0d7PgXxIeJe+xgYnamDQJx3qonVyt4H77ha0ObRAj9QKBgQDicZr+VTwFMnELP3a+FXGnjehRiuS1i7MXGKxNweCD+dFlML0FplSQS8Ro2n+d8lu8BBXGx0qm6VXu8Rhn7TAUL6q+PCgfarzxfIhacb/TZCqfieIHsMlVBfhV5HCXnk+kis0tuC/PRArcWTwDHJUJXkBhvkUsNswvQzavDPI7KwKBgQDd/WgLkj7A3X5fgIHZH/GbDSBiXwzKb+rF4ZCT2XFgG/OAW7vapfcX/w+v+5lBLyrocmOAS3PGGAhM5T3HLnUCQfnK4qgps1Lqibkc9Tmnsn60LanUjuUMsYv/zSw70tozbzhJ0pioEpWfRxRZBztO2Rr8Ntm7h6Fk701EXGNAXwKBgQCD1xsjy2J3sCerIdcz0u5qXLAPkeuZW+34m4/ucdwTWwc0gEz9lhsULFj9p4G351zLuiEnq+7mAWLcDJlmIO3mQt6JhiLiL9Y0T4pgBmxmWqKKYtAsJB0EmMY+1BNN44mBRqMxZFTJu1cLdhT/xstrOeoIPqytknYNanfTMZlzIwKBgHrLXe5oq0XMP8dcMneEcAUwsaU4pr6kQd3L9EmUkl5zl7J9C+DaxWAEuwzBw/iGutlxzRB+rD/7szu14wJ29EqXbDGKRzMp+se5/yfBjm7xEZ1hVPw7PwBShfqt57X/4Ktq7lwHnmH6RcGhc+P7WBc5iO/S94YAdIp8xOT3pf9JAoGAE0QkqJUY+5Mgr+fBO0VNV72ZoPveGpW+De59uhKAOnu1zljQCUtk59m6+DXfm0tNYKtawa5n8iN71Zh+s62xXSt3pYi1Y5CCCmv8Y4BhwIcPwXKk3zEvLgSHVTpC0bayA9aSO4bbZgVXa5w+Z0w/vvfp9DWo1IS3EnQRrz6WMYA=\n-----END PRIVATE KEY-----", + private_key="-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEXDkcICRU3XBv\n9hiiPnBWIjgTQyowmVFxDr11mONgZB/cMYjE/OvQjvnpwNcOaSK16MOpAjNbELKR\nx2lZiVJaLRDCccqCxXwP/CrdRChcqGzo7mbNksMlcidrErb0LlEBKLFC2QjRmRKq\nB+YOs4TD8WsZu2S667A2fZmjRlaqOxFi1h62ee0P+TLU628UC/nl41JifSt5Evt7\nhMDHakemdwZblNYr2p6T3NQjdhjYXTtP4UmOGJBhJ7i7Kicg3d3CIgdTMbggSeGW\nqjndr4ldVnD96FN3cVT5uDFsn2CJXTFgdeBWoUnMS4VnUZzPWGf4vSBXC8qV7Ls+\nw46yT7T1AgMBAAECggEAQZnp/oqCeNPOR6l5S2L+1tfx0gWjZ78hJVteUpZ0iHSK\n7F6kKeOxyOird7vUXV0kmo+cJq+0hp0Ke4eam640FCpwKfYoSQ4/R3vgujGWJnai\nhCN5tv5sMet0XeJPuz5qE7ALoKCvwI6aXLHs20aAeZIDTQJ9QbGSGnJVzOWn+JDT\nidIgZpN57RpXfSAwnJPTQK/PN8i5z108hsaDOdEgGmxYZ7kYqMqzX20KXmth58LD\nfPixs5JGtS60iiKC/wOcGzkB2/AdTSojR76oEU77cANP/3zO25NG//whUdYlW0t0\nd7PgXxIeJe+xgYnamDQJx3qonVyt4H77ha0ObRAj9QKBgQDicZr+VTwFMnELP3a+\nFXGnjehRiuS1i7MXGKxNweCD+dFlML0FplSQS8Ro2n+d8lu8BBXGx0qm6VXu8Rhn\n7TAUL6q+PCgfarzxfIhacb/TZCqfieIHsMlVBfhV5HCXnk+kis0tuC/PRArcWTwD\nHJUJXkBhvkUsNswvQzavDPI7KwKBgQDd/WgLkj7A3X5fgIHZH/GbDSBiXwzKb+rF\n4ZCT2XFgG/OAW7vapfcX/w+v+5lBLyrocmOAS3PGGAhM5T3HLnUCQfnK4qgps1Lq\nibkc9Tmnsn60LanUjuUMsYv/zSw70tozbzhJ0pioEpWfRxRZBztO2Rr8Ntm7h6Fk\n701EXGNAXwKBgQCD1xsjy2J3sCerIdcz0u5qXLAPkeuZW+34m4/ucdwTWwc0gEz9\nlhsULFj9p4G351zLuiEnq+7mAWLcDJlmIO3mQt6JhiLiL9Y0T4pgBmxmWqKKYtAs\nJB0EmMY+1BNN44mBRqMxZFTJu1cLdhT/xstrOeoIPqytknYNanfTMZlzIwKBgHrL\nXe5oq0XMP8dcMneEcAUwsaU4pr6kQd3L9EmUkl5zl7J9C+DaxWAEuwzBw/iGutlx\nzRB+rD/7szu14wJ29EqXbDGKRzMp+se5/yfBjm7xEZ1hVPw7PwBShfqt57X/4Ktq\n7lwHnmH6RcGhc+P7WBc5iO/S94YAdIp8xOT3pf9JAoGAE0QkqJUY+5Mgr+fBO0VN\nV72ZoPveGpW+De59uhKAOnu1zljQCUtk59m6+DXfm0tNYKtawa5n8iN71Zh+s62x\nXSt3pYi1Y5CCCmv8Y4BhwIcPwXKk3zEvLgSHVTpC0bayA9aSO4bbZgVXa5w+Z0w/\nvvfp9DWo1IS3EnQRrz6WMYA=\n-----END PRIVATE KEY-----", ) assert_matches_type(Optional[MTLSCertificateCreateResponse], mtls_certificate, path=["response"]) @@ -46,7 +46,7 @@ def test_raw_response_create(self, client: Cloudflare) -> None: response = client.mtls_certificates.with_raw_response.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) assert response.is_closed is True @@ -59,7 +59,7 @@ def test_streaming_response_create(self, client: Cloudflare) -> None: with client.mtls_certificates.with_streaming_response.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -75,7 +75,7 @@ def test_path_params_create(self, client: Cloudflare) -> None: client.mtls_certificates.with_raw_response.create( account_id="", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) @parametrize @@ -223,7 +223,7 @@ async def test_method_create(self, async_client: AsyncCloudflare) -> None: mtls_certificate = await async_client.mtls_certificates.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) assert_matches_type(Optional[MTLSCertificateCreateResponse], mtls_certificate, path=["response"]) @@ -232,9 +232,9 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare mtls_certificate = await async_client.mtls_certificates.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", name="example_ca_cert", - private_key="-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEXDkcICRU3XBv9hiiPnBWIjgTQyowmVFxDr11mONgZB/cMYjE/OvQjvnpwNcOaSK16MOpAjNbELKRx2lZiVJaLRDCccqCxXwP/CrdRChcqGzo7mbNksMlcidrErb0LlEBKLFC2QjRmRKqB+YOs4TD8WsZu2S667A2fZmjRlaqOxFi1h62ee0P+TLU628UC/nl41JifSt5Evt7hMDHakemdwZblNYr2p6T3NQjdhjYXTtP4UmOGJBhJ7i7Kicg3d3CIgdTMbggSeGWqjndr4ldVnD96FN3cVT5uDFsn2CJXTFgdeBWoUnMS4VnUZzPWGf4vSBXC8qV7Ls+w46yT7T1AgMBAAECggEAQZnp/oqCeNPOR6l5S2L+1tfx0gWjZ78hJVteUpZ0iHSK7F6kKeOxyOird7vUXV0kmo+cJq+0hp0Ke4eam640FCpwKfYoSQ4/R3vgujGWJnaihCN5tv5sMet0XeJPuz5qE7ALoKCvwI6aXLHs20aAeZIDTQJ9QbGSGnJVzOWn+JDTidIgZpN57RpXfSAwnJPTQK/PN8i5z108hsaDOdEgGmxYZ7kYqMqzX20KXmth58LDfPixs5JGtS60iiKC/wOcGzkB2/AdTSojR76oEU77cANP/3zO25NG//whUdYlW0t0d7PgXxIeJe+xgYnamDQJx3qonVyt4H77ha0ObRAj9QKBgQDicZr+VTwFMnELP3a+FXGnjehRiuS1i7MXGKxNweCD+dFlML0FplSQS8Ro2n+d8lu8BBXGx0qm6VXu8Rhn7TAUL6q+PCgfarzxfIhacb/TZCqfieIHsMlVBfhV5HCXnk+kis0tuC/PRArcWTwDHJUJXkBhvkUsNswvQzavDPI7KwKBgQDd/WgLkj7A3X5fgIHZH/GbDSBiXwzKb+rF4ZCT2XFgG/OAW7vapfcX/w+v+5lBLyrocmOAS3PGGAhM5T3HLnUCQfnK4qgps1Lqibkc9Tmnsn60LanUjuUMsYv/zSw70tozbzhJ0pioEpWfRxRZBztO2Rr8Ntm7h6Fk701EXGNAXwKBgQCD1xsjy2J3sCerIdcz0u5qXLAPkeuZW+34m4/ucdwTWwc0gEz9lhsULFj9p4G351zLuiEnq+7mAWLcDJlmIO3mQt6JhiLiL9Y0T4pgBmxmWqKKYtAsJB0EmMY+1BNN44mBRqMxZFTJu1cLdhT/xstrOeoIPqytknYNanfTMZlzIwKBgHrLXe5oq0XMP8dcMneEcAUwsaU4pr6kQd3L9EmUkl5zl7J9C+DaxWAEuwzBw/iGutlxzRB+rD/7szu14wJ29EqXbDGKRzMp+se5/yfBjm7xEZ1hVPw7PwBShfqt57X/4Ktq7lwHnmH6RcGhc+P7WBc5iO/S94YAdIp8xOT3pf9JAoGAE0QkqJUY+5Mgr+fBO0VNV72ZoPveGpW+De59uhKAOnu1zljQCUtk59m6+DXfm0tNYKtawa5n8iN71Zh+s62xXSt3pYi1Y5CCCmv8Y4BhwIcPwXKk3zEvLgSHVTpC0bayA9aSO4bbZgVXa5w+Z0w/vvfp9DWo1IS3EnQRrz6WMYA=\n-----END PRIVATE KEY-----", + private_key="-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEXDkcICRU3XBv\n9hiiPnBWIjgTQyowmVFxDr11mONgZB/cMYjE/OvQjvnpwNcOaSK16MOpAjNbELKR\nx2lZiVJaLRDCccqCxXwP/CrdRChcqGzo7mbNksMlcidrErb0LlEBKLFC2QjRmRKq\nB+YOs4TD8WsZu2S667A2fZmjRlaqOxFi1h62ee0P+TLU628UC/nl41JifSt5Evt7\nhMDHakemdwZblNYr2p6T3NQjdhjYXTtP4UmOGJBhJ7i7Kicg3d3CIgdTMbggSeGW\nqjndr4ldVnD96FN3cVT5uDFsn2CJXTFgdeBWoUnMS4VnUZzPWGf4vSBXC8qV7Ls+\nw46yT7T1AgMBAAECggEAQZnp/oqCeNPOR6l5S2L+1tfx0gWjZ78hJVteUpZ0iHSK\n7F6kKeOxyOird7vUXV0kmo+cJq+0hp0Ke4eam640FCpwKfYoSQ4/R3vgujGWJnai\nhCN5tv5sMet0XeJPuz5qE7ALoKCvwI6aXLHs20aAeZIDTQJ9QbGSGnJVzOWn+JDT\nidIgZpN57RpXfSAwnJPTQK/PN8i5z108hsaDOdEgGmxYZ7kYqMqzX20KXmth58LD\nfPixs5JGtS60iiKC/wOcGzkB2/AdTSojR76oEU77cANP/3zO25NG//whUdYlW0t0\nd7PgXxIeJe+xgYnamDQJx3qonVyt4H77ha0ObRAj9QKBgQDicZr+VTwFMnELP3a+\nFXGnjehRiuS1i7MXGKxNweCD+dFlML0FplSQS8Ro2n+d8lu8BBXGx0qm6VXu8Rhn\n7TAUL6q+PCgfarzxfIhacb/TZCqfieIHsMlVBfhV5HCXnk+kis0tuC/PRArcWTwD\nHJUJXkBhvkUsNswvQzavDPI7KwKBgQDd/WgLkj7A3X5fgIHZH/GbDSBiXwzKb+rF\n4ZCT2XFgG/OAW7vapfcX/w+v+5lBLyrocmOAS3PGGAhM5T3HLnUCQfnK4qgps1Lq\nibkc9Tmnsn60LanUjuUMsYv/zSw70tozbzhJ0pioEpWfRxRZBztO2Rr8Ntm7h6Fk\n701EXGNAXwKBgQCD1xsjy2J3sCerIdcz0u5qXLAPkeuZW+34m4/ucdwTWwc0gEz9\nlhsULFj9p4G351zLuiEnq+7mAWLcDJlmIO3mQt6JhiLiL9Y0T4pgBmxmWqKKYtAs\nJB0EmMY+1BNN44mBRqMxZFTJu1cLdhT/xstrOeoIPqytknYNanfTMZlzIwKBgHrL\nXe5oq0XMP8dcMneEcAUwsaU4pr6kQd3L9EmUkl5zl7J9C+DaxWAEuwzBw/iGutlx\nzRB+rD/7szu14wJ29EqXbDGKRzMp+se5/yfBjm7xEZ1hVPw7PwBShfqt57X/4Ktq\n7lwHnmH6RcGhc+P7WBc5iO/S94YAdIp8xOT3pf9JAoGAE0QkqJUY+5Mgr+fBO0VN\nV72ZoPveGpW+De59uhKAOnu1zljQCUtk59m6+DXfm0tNYKtawa5n8iN71Zh+s62x\nXSt3pYi1Y5CCCmv8Y4BhwIcPwXKk3zEvLgSHVTpC0bayA9aSO4bbZgVXa5w+Z0w/\nvvfp9DWo1IS3EnQRrz6WMYA=\n-----END PRIVATE KEY-----", ) assert_matches_type(Optional[MTLSCertificateCreateResponse], mtls_certificate, path=["response"]) @@ -243,7 +243,7 @@ async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: response = await async_client.mtls_certificates.with_raw_response.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) assert response.is_closed is True @@ -256,7 +256,7 @@ async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> async with async_client.mtls_certificates.with_streaming_response.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" @@ -272,7 +272,7 @@ async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: await async_client.mtls_certificates.with_raw_response.create( account_id="", ca=True, - certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIxNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwgJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kCM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9K3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1MxuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcLypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7z2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7NDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ7111Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTii7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomoShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4JhqeoTewsxndhDDE\n-----END CERTIFICATE-----", + certificates="-----BEGIN CERTIFICATE-----\nMIIDmDCCAoCgAwIBAgIUKTOAZNjcXVZRj4oQt0SHsl1c1vMwDQYJKoZIhvcNAQEL\nBQAwUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBGcmFuY2lzY28xEzARBgNV\nBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4YW1wbGUgSW5jLjAgFw0yMjExMjIx\nNjU5NDdaGA8yMTIyMTAyOTE2NTk0N1owUTELMAkGA1UEBhMCVVMxFjAUBgNVBAgM\nDVNhbiBGcmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExFTATBgNVBAoMDEV4\nYW1wbGUgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRcORwg\nJFTdcG/2GKI+cFYiOBNDKjCZUXEOvXWY42BkH9wxiMT869CO+enA1w5pIrXow6kC\nM1sQspHHaVmJUlotEMJxyoLFfA/8Kt1EKFyobOjuZs2SwyVyJ2sStvQuUQEosULZ\nCNGZEqoH5g6zhMPxaxm7ZLrrsDZ9maNGVqo7EWLWHrZ57Q/5MtTrbxQL+eXjUmJ9\nK3kS+3uEwMdqR6Z3BluU1ivanpPc1CN2GNhdO0/hSY4YkGEnuLsqJyDd3cIiB1Mx\nuCBJ4ZaqOd2viV1WcP3oU3dxVPm4MWyfYIldMWB14FahScxLhWdRnM9YZ/i9IFcL\nypXsuz7DjrJPtPUCAwEAAaNmMGQwHQYDVR0OBBYEFP5JzLUawNF+c3AXsYTEWHh7\nz2czMB8GA1UdIwQYMBaAFP5JzLUawNF+c3AXsYTEWHh7z2czMA4GA1UdDwEB/wQE\nAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQBc+Be7\nNDhpE09y7hLPZGRPl1cSKBw4RI0XIv6rlbSTFs5EebpTGjhx/whNxwEZhB9HZ711\n1Oa1YlT8xkI9DshB78mjAHCKBAJ76moK8tkG0aqdYpJ4ZcJTVBB7l98Rvgc7zfTi\ni7WemTy72deBbSeiEtXavm4EF0mWjHhQ5Nxpnp00Bqn5g1x8CyTDypgmugnep+xG\n+iFzNmTdsz7WI9T/7kDMXqB7M/FPWBORyS98OJqNDswCLF8bIZYwUBEe+bRHFomo\nShMzaC3tvim7WCb16noDkSTMlfKO4pnvKhpcVdSgwcruATV7y+W+Lvmz2OT/Gui4\nJhqeoTewsxndhDDE\n-----END CERTIFICATE-----", ) @parametrize diff --git a/tests/api_resources/test_origin_ca_certificates.py b/tests/api_resources/test_origin_ca_certificates.py index c882116fa32..2e391553fa6 100644 --- a/tests/api_resources/test_origin_ca_certificates.py +++ b/tests/api_resources/test_origin_ca_certificates.py @@ -26,7 +26,7 @@ class TestOriginCACertificates: def test_method_create(self, client: Cloudflare) -> None: origin_ca_certificate = client.origin_ca_certificates.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", ) assert_matches_type(Optional[OriginCACertificate], origin_ca_certificate, path=["response"]) @@ -36,7 +36,7 @@ def test_method_create(self, client: Cloudflare) -> None: def test_method_create_with_all_params(self, client: Cloudflare) -> None: origin_ca_certificate = client.origin_ca_certificates.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", requested_validity=5475, ) @@ -47,7 +47,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: def test_raw_response_create(self, client: Cloudflare) -> None: response = client.origin_ca_certificates.with_raw_response.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", ) @@ -61,7 +61,7 @@ def test_raw_response_create(self, client: Cloudflare) -> None: def test_streaming_response_create(self, client: Cloudflare) -> None: with client.origin_ca_certificates.with_streaming_response.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", ) as response: assert not response.is_closed @@ -215,7 +215,7 @@ class TestAsyncOriginCACertificates: async def test_method_create(self, async_client: AsyncCloudflare) -> None: origin_ca_certificate = await async_client.origin_ca_certificates.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", ) assert_matches_type(Optional[OriginCACertificate], origin_ca_certificate, path=["response"]) @@ -225,7 +225,7 @@ async def test_method_create(self, async_client: AsyncCloudflare) -> None: async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: origin_ca_certificate = await async_client.origin_ca_certificates.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", requested_validity=5475, ) @@ -236,7 +236,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: response = await async_client.origin_ca_certificates.with_raw_response.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", ) @@ -250,7 +250,7 @@ async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: async with async_client.origin_ca_certificates.with_streaming_response.create( csr="-----BEGIN CERTIFICATE REQUEST-----\nMIICxzCCAa8CAQAwSDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lz\nY28xCzAJBgNVBAcTAkNBMRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALxejtu4b+jPdFeFi6OUsye8TYJQBm3WfCvL\nHu5EvijMO/4Z2TImwASbwUF7Ir8OLgH+mGlQZeqyNvGoSOMEaZVXcYfpR1hlVak8\n4GGVr+04IGfOCqaBokaBFIwzclGZbzKmLGwIQioNxGfqFm6RGYGA3be2Je2iseBc\nN8GV1wYmvYE0RR+yWweJCTJ157exyRzu7sVxaEW9F87zBQLyOnwXc64rflXslRqi\ng7F7w5IaQYOl8yvmk/jEPCAha7fkiUfEpj4N12+oPRiMvleJF98chxjD4MH39c5I\nuOslULhrWunfh7GB1jwWNA9y44H0snrf+xvoy2TcHmxvma9Eln8CAwEAAaA6MDgG\nCSqGSIb3DQEJDjErMCkwJwYDVR0RBCAwHoILZXhhbXBsZS5uZXSCD3d3dy5leGFt\ncGxlLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcBaX6dOnI8ncARrI9ZSF2AJX+8mx\npTHY2+Y2C0VvrVDGMtbBRH8R9yMbqWtlxeeNGf//LeMkSKSFa4kbpdx226lfui8/\nauRDBTJGx2R1ccUxmLZXx4my0W5iIMxunu+kez+BDlu7bTT2io0uXMRHue4i6quH\nyc5ibxvbJMjR7dqbcanVE10/34oprzXQsJ/VmSuZNXtjbtSKDlmcpw6To/eeAJ+J\nhXykcUihvHyG4A1m2R6qpANBjnA0pHexfwM/SgfzvpbvUg0T1ubmer8BgTwCKIWs\ndcWYTthM51JIqRBfNqy4QcBnX+GY05yltEEswQI55wdiS3CjTTA67sdbcQ==\n-----END CERTIFICATE REQUEST-----", - hostnames=["example.com", "*.example.com"], + hostnames=["example.com", "*.example.com", "sub.example.com"], request_type="origin-rsa", ) as response: assert not response.is_closed diff --git a/tests/api_resources/test_snippets.py b/tests/api_resources/test_snippets.py index 5f6fb492862..1d68951047f 100644 --- a/tests/api_resources/test_snippets.py +++ b/tests/api_resources/test_snippets.py @@ -133,7 +133,7 @@ def test_method_delete(self, client: Cloudflare) -> None: snippet_name="my_snippet", zone_id="9f1839b6152d298aca64c4e906b6d074", ) - assert_matches_type(str, snippet, path=["response"]) + assert_matches_type(object, snippet, path=["response"]) @pytest.mark.skip(reason="API returns None instead of str for delete operation (Issue #3)") @parametrize @@ -146,7 +146,7 @@ def test_raw_response_delete(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" snippet = response.parse() - assert_matches_type(str, snippet, path=["response"]) + assert_matches_type(object, snippet, path=["response"]) @pytest.mark.skip(reason="API returns None instead of str for delete operation (Issue #3)") @parametrize @@ -159,7 +159,7 @@ def test_streaming_response_delete(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" snippet = response.parse() - assert_matches_type(str, snippet, path=["response"]) + assert_matches_type(object, snippet, path=["response"]) assert cast(Any, response.is_closed) is True @@ -342,7 +342,7 @@ async def test_method_delete(self, async_client: AsyncCloudflare) -> None: snippet_name="my_snippet", zone_id="9f1839b6152d298aca64c4e906b6d074", ) - assert_matches_type(str, snippet, path=["response"]) + assert_matches_type(object, snippet, path=["response"]) @pytest.mark.skip(reason="API returns None instead of str for delete operation (Issue #3)") @parametrize @@ -355,7 +355,7 @@ async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" snippet = await response.parse() - assert_matches_type(str, snippet, path=["response"]) + assert_matches_type(object, snippet, path=["response"]) @pytest.mark.skip(reason="API returns None instead of str for delete operation (Issue #3)") @parametrize @@ -368,7 +368,7 @@ async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" snippet = await response.parse() - assert_matches_type(str, snippet, path=["response"]) + assert_matches_type(object, snippet, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/workers/scripts/test_versions.py b/tests/api_resources/workers/scripts/test_versions.py index fc58f6530c4..5c75f7d38cf 100644 --- a/tests/api_resources/workers/scripts/test_versions.py +++ b/tests/api_resources/workers/scripts/test_versions.py @@ -57,6 +57,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: "keep_bindings": ["string"], "usage_model": "standard", }, + bindings_inherit="strict", files=[b"raw file contents"], ) assert_matches_type(VersionCreateResponse, version, path=["response"]) @@ -268,6 +269,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare "keep_bindings": ["string"], "usage_model": "standard", }, + bindings_inherit="strict", files=[b"raw file contents"], ) assert_matches_type(VersionCreateResponse, version, path=["response"]) diff --git a/tests/api_resources/workers/test_scripts.py b/tests/api_resources/workers/test_scripts.py index 167c82bc966..040d7f2a6f5 100644 --- a/tests/api_resources/workers/test_scripts.py +++ b/tests/api_resources/workers/test_scripts.py @@ -39,6 +39,10 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: script_name="this-is_my_script-01", account_id="023e105f4ecef8ad9ca31a8372d0c353", metadata={ + "annotations": { + "workers_message": "Fixed bug.", + "workers_tag": "v1.0.1", + }, "assets": { "config": { "_headers": "/dashboard/*\nX-Frame-Options: DENY\n\n/static/*\nAccess-Control-Allow-Origin: *", @@ -107,6 +111,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: ], "usage_model": "standard", }, + bindings_inherit="strict", files=[b"raw file contents"], ) assert_matches_type(ScriptUpdateResponse, script, path=["response"]) @@ -386,6 +391,10 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare script_name="this-is_my_script-01", account_id="023e105f4ecef8ad9ca31a8372d0c353", metadata={ + "annotations": { + "workers_message": "Fixed bug.", + "workers_tag": "v1.0.1", + }, "assets": { "config": { "_headers": "/dashboard/*\nX-Frame-Options: DENY\n\n/static/*\nAccess-Control-Allow-Origin: *", @@ -454,6 +463,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare ], "usage_model": "standard", }, + bindings_inherit="strict", files=[b"raw file contents"], ) assert_matches_type(ScriptUpdateResponse, script, path=["response"]) diff --git a/tests/api_resources/workers_for_platforms/dispatch/namespaces/test_scripts.py b/tests/api_resources/workers_for_platforms/dispatch/namespaces/test_scripts.py index a2c8aea6fa7..9c271540255 100644 --- a/tests/api_resources/workers_for_platforms/dispatch/namespaces/test_scripts.py +++ b/tests/api_resources/workers_for_platforms/dispatch/namespaces/test_scripts.py @@ -107,6 +107,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: ], "usage_model": "standard", }, + bindings_inherit="strict", files=[b"raw file contents"], ) assert_matches_type(ScriptUpdateResponse, script, path=["response"]) @@ -393,6 +394,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare ], "usage_model": "standard", }, + bindings_inherit="strict", files=[b"raw file contents"], ) assert_matches_type(ScriptUpdateResponse, script, path=["response"]) diff --git a/tests/api_resources/zero_trust/access/applications/test_policies.py b/tests/api_resources/zero_trust/access/applications/test_policies.py index c855bb52247..52266e52dda 100644 --- a/tests/api_resources/zero_trust/access/applications/test_policies.py +++ b/tests/api_resources/zero_trust/access/applications/test_policies.py @@ -52,7 +52,18 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, precedence=0, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, @@ -139,7 +150,18 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, precedence=0, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, @@ -473,7 +495,18 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, precedence=0, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, @@ -560,7 +593,18 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, precedence=0, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, diff --git a/tests/api_resources/zero_trust/access/applications/test_policy_tests.py b/tests/api_resources/zero_trust/access/applications/test_policy_tests.py index d4517ef3e31..5cd0138cda0 100755 --- a/tests/api_resources/zero_trust/access/applications/test_policy_tests.py +++ b/tests/api_resources/zero_trust/access/applications/test_policy_tests.py @@ -49,8 +49,19 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: }, ], "approval_required": True, + "connection_rules": { + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], "isolation_required": False, + "mfa_config": { + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, "purpose_justification_prompt": "Please enter a justification for entering this protected domain.", "purpose_justification_required": True, "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], @@ -174,8 +185,19 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare }, ], "approval_required": True, + "connection_rules": { + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], "isolation_required": False, + "mfa_config": { + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, "purpose_justification_prompt": "Please enter a justification for entering this protected domain.", "purpose_justification_required": True, "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], diff --git a/tests/api_resources/zero_trust/access/test_applications.py b/tests/api_resources/zero_trust/access/test_applications.py index fc4136feece..89e7f8a31ce 100644 --- a/tests/api_resources/zero_trust/access/test_applications.py +++ b/tests/api_resources/zero_trust/access/test_applications.py @@ -101,7 +101,25 @@ def test_method_create_with_all_params_overload_1(self, client: Cloudflare) -> N enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -393,7 +411,25 @@ def test_method_create_with_all_params_overload_3(self, client: Cloudflare) -> N enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -562,7 +598,25 @@ def test_method_create_with_all_params_overload_4(self, client: Cloudflare) -> N enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -1242,7 +1296,25 @@ def test_method_create_with_all_params_overload_11(self, client: Cloudflare) -> enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -1364,38 +1436,22 @@ def test_path_params_create_overload_11(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_1(self, client: Cloudflare) -> None: - application = client.zero_trust.access.applications.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", + def test_method_create_overload_12(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.create( + type="mcp", account_id="account_id", ) - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_1(self, client: Cloudflare) -> None: - application = client.zero_trust.access.applications.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", + def test_method_create_with_all_params_overload_12(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.create( + type="mcp", account_id="account_id", allow_authenticate_via_warp=True, - allow_iframe=True, allowed_idps=["699d98642c564d2e855e9661899b7252"], - app_launcher_visible=True, auto_redirect_to_identity=True, - cors_headers={ - "allow_all_headers": True, - "allow_all_methods": True, - "allow_all_origins": True, - "allow_credentials": True, - "allowed_headers": ["string"], - "allowed_methods": ["GET"], - "allowed_origins": ["https://example.com"], - "max_age": -1, - }, custom_deny_message="custom_deny_message", custom_deny_url="custom_deny_url", custom_non_identity_deny_url="custom_non_identity_deny_url", @@ -1438,19 +1494,29 @@ def test_method_update_with_all_params_overload_1(self, client: Cloudflare) -> N "type": "via_mcp_server_portal", }, ], - enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, - path_cookie_attribute=True, policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], - read_service_tokens_from_header="Authorization", same_site_cookie_attribute="strict", scim_config={ "idp_uid": "idp_uid", @@ -1477,130 +1543,139 @@ def test_method_update_with_all_params_overload_1(self, client: Cloudflare) -> N } ], }, - self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], - service_auth_401_redirect=True, session_duration="24h", - skip_interstitial=True, tags=["engineers"], - use_clientless_isolation_app_launcher_url=False, ) - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_1(self, client: Cloudflare) -> None: - response = client.zero_trust.access.applications.with_raw_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", + def test_raw_response_create_overload_12(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.create( + type="mcp", account_id="account_id", ) assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" application = response.parse() - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_1(self, client: Cloudflare) -> None: - with client.zero_trust.access.applications.with_streaming_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", + def test_streaming_response_create_overload_12(self, client: Cloudflare) -> None: + with client.zero_trust.access.applications.with_streaming_response.create( + type="mcp", account_id="account_id", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" application = response.parse() - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) assert cast(Any, response.is_closed) is True @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_1(self, client: Cloudflare) -> None: - with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): - client.zero_trust.access.applications.with_raw_response.update( - app_id="", - domain="test.example.com/admin", - type="self_hosted", - account_id="account_id", - ) - + def test_path_params_create_overload_12(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): - client.zero_trust.access.applications.with_raw_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", + client.zero_trust.access.applications.with_raw_response.create( + type="mcp", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): - client.zero_trust.access.applications.with_raw_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", + client.zero_trust.access.applications.with_raw_response.create( + type="mcp", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_2(self, client: Cloudflare) -> None: - application = client.zero_trust.access.applications.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", + def test_method_create_overload_13(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.create( + type="mcp_portal", account_id="account_id", ) - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_2(self, client: Cloudflare) -> None: - application = client.zero_trust.access.applications.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", + def test_method_create_with_all_params_overload_13(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.create( + type="mcp_portal", account_id="account_id", + allow_authenticate_via_warp=True, allowed_idps=["699d98642c564d2e855e9661899b7252"], - app_launcher_visible=True, auto_redirect_to_identity=True, + custom_deny_message="custom_deny_message", + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", custom_pages=["699d98642c564d2e855e9661899b7252"], + destinations=[ + { + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, + ], + domain="test.example.com/admin", + http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], - saas_app={ - "auth_type": "saml", - "consumer_service_url": "https://example.com", - "custom_attributes": [ - { - "friendly_name": "Last Name", - "name": "family_name", - "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", - "required": True, - "source": { - "name": "last_name", - "name_by_idp": [ - { - "idp_id": "exampleIdPID1", - "source_name": "AttributeName1", - } - ], - }, - } - ], - "default_relay_state": "https://example.com", - "idp_entity_id": "https://example.cloudflareaccess.com", - "name_id_format": "id", - "name_id_transform_jsonata": "$substringBefore(email, '@') & '+sandbox@' & $substringAfter(email, '@')", - "public_key": "example unique name", - "saml_attribute_transform_jsonata": "$ ~>| groups | {'group_name': name} |", - "sp_entity_id": "example unique name", - "sso_endpoint": "https://example.cloudflareaccess.com/cdn-cgi/access/sso/saml/b3f58a2b414e0b51d45c8c2af26fccca0e27c63763c426fa52f98dcf0b3b3bfd", - }, + same_site_cookie_attribute="strict", scim_config={ "idp_uid": "idp_uid", "remote_uri": "remote_uri", @@ -1626,63 +1701,57 @@ def test_method_update_with_all_params_overload_2(self, client: Cloudflare) -> N } ], }, + session_duration="24h", tags=["engineers"], - type="saas", ) - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_2(self, client: Cloudflare) -> None: - response = client.zero_trust.access.applications.with_raw_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", + def test_raw_response_create_overload_13(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.create( + type="mcp_portal", account_id="account_id", ) assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" application = response.parse() - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_2(self, client: Cloudflare) -> None: - with client.zero_trust.access.applications.with_streaming_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", + def test_streaming_response_create_overload_13(self, client: Cloudflare) -> None: + with client.zero_trust.access.applications.with_streaming_response.create( + type="mcp_portal", account_id="account_id", ) as response: assert not response.is_closed assert response.http_request.headers.get("X-Stainless-Lang") == "python" application = response.parse() - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) assert cast(Any, response.is_closed) is True @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_2(self, client: Cloudflare) -> None: - with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): - client.zero_trust.access.applications.with_raw_response.update( - app_id="", - account_id="account_id", - ) - + def test_path_params_create_overload_13(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): - client.zero_trust.access.applications.with_raw_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", + client.zero_trust.access.applications.with_raw_response.create( + type="mcp_portal", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): - client.zero_trust.access.applications.with_raw_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", + client.zero_trust.access.applications.with_raw_response.create( + type="mcp_portal", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_3(self, client: Cloudflare) -> None: + def test_method_update_overload_1(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", domain="test.example.com/admin", @@ -1693,7 +1762,7 @@ def test_method_update_overload_3(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_3(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_1(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", domain="test.example.com/admin", @@ -1759,7 +1828,25 @@ def test_method_update_with_all_params_overload_3(self, client: Cloudflare) -> N enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -1806,7 +1893,7 @@ def test_method_update_with_all_params_overload_3(self, client: Cloudflare) -> N @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_3(self, client: Cloudflare) -> None: + def test_raw_response_update_overload_1(self, client: Cloudflare) -> None: response = client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", domain="test.example.com/admin", @@ -1821,7 +1908,7 @@ def test_raw_response_update_overload_3(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_3(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_1(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", domain="test.example.com/admin", @@ -1838,7 +1925,7 @@ def test_streaming_response_update_overload_3(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_3(self, client: Cloudflare) -> None: + def test_path_params_update_overload_1(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", @@ -1865,94 +1952,60 @@ def test_path_params_update_overload_3(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_4(self, client: Cloudflare) -> None: + def test_method_update_overload_2(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", account_id="account_id", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_4(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_2(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", account_id="account_id", - allow_authenticate_via_warp=True, - allow_iframe=True, allowed_idps=["699d98642c564d2e855e9661899b7252"], app_launcher_visible=True, auto_redirect_to_identity=True, - cors_headers={ - "allow_all_headers": True, - "allow_all_methods": True, - "allow_all_origins": True, - "allow_credentials": True, - "allowed_headers": ["string"], - "allowed_methods": ["GET"], - "allowed_origins": ["https://example.com"], - "max_age": -1, - }, - custom_deny_message="custom_deny_message", - custom_deny_url="custom_deny_url", - custom_non_identity_deny_url="custom_non_identity_deny_url", custom_pages=["699d98642c564d2e855e9661899b7252"], - destinations=[ - { - "type": "public", - "uri": "test.example.com/admin", - }, - { - "type": "public", - "uri": "test.anotherexample.com/staff", - }, - { - "cidr": "10.5.0.0/24", - "hostname": "hostname", - "l4_protocol": "tcp", - "port_range": "80-90", - "type": "private", - "vnet_id": "vnet_id", - }, - { - "cidr": "10.5.0.3/32", - "hostname": "hostname", - "l4_protocol": "tcp", - "port_range": "80", - "type": "private", - "vnet_id": "vnet_id", - }, - { - "cidr": "cidr", - "hostname": "private-sni.example.com", - "l4_protocol": "tcp", - "port_range": "port_range", - "type": "private", - "vnet_id": "vnet_id", - }, - { - "mcp_server_id": "mcp-server-1", - "type": "via_mcp_server_portal", - }, - ], - enable_binding_cookie=True, - http_only_cookie_attribute=True, - logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", - name="Admin Site", - options_preflight_bypass=True, - path_cookie_attribute=True, - policies=[ + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + name="Admin Site", + policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], - read_service_tokens_from_header="Authorization", - same_site_cookie_attribute="strict", + saas_app={ + "auth_type": "saml", + "consumer_service_url": "https://example.com", + "custom_attributes": [ + { + "friendly_name": "Last Name", + "name": "family_name", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", + "required": True, + "source": { + "name": "last_name", + "name_by_idp": [ + { + "idp_id": "exampleIdPID1", + "source_name": "AttributeName1", + } + ], + }, + } + ], + "default_relay_state": "https://example.com", + "idp_entity_id": "https://example.cloudflareaccess.com", + "name_id_format": "id", + "name_id_transform_jsonata": "$substringBefore(email, '@') & '+sandbox@' & $substringAfter(email, '@')", + "public_key": "example unique name", + "saml_attribute_transform_jsonata": "$ ~>| groups | {'group_name': name} |", + "sp_entity_id": "example unique name", + "sso_endpoint": "https://example.cloudflareaccess.com/cdn-cgi/access/sso/saml/b3f58a2b414e0b51d45c8c2af26fccca0e27c63763c426fa52f98dcf0b3b3bfd", + }, scim_config={ "idp_uid": "idp_uid", "remote_uri": "remote_uri", @@ -1978,22 +2031,16 @@ def test_method_update_with_all_params_overload_4(self, client: Cloudflare) -> N } ], }, - self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], - service_auth_401_redirect=True, - session_duration="24h", - skip_interstitial=True, tags=["engineers"], - use_clientless_isolation_app_launcher_url=False, + type="saas", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_4(self, client: Cloudflare) -> None: + def test_raw_response_update_overload_2(self, client: Cloudflare) -> None: response = client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", account_id="account_id", ) @@ -2004,11 +2051,9 @@ def test_raw_response_update_overload_4(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_4(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_2(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", account_id="account_id", ) as response: assert not response.is_closed @@ -2021,36 +2066,31 @@ def test_streaming_response_update_overload_4(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_4(self, client: Cloudflare) -> None: + def test_path_params_update_overload_2(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", - domain="test.example.com/admin", - type="self_hosted", account_id="account_id", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - type="self_hosted", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_5(self, client: Cloudflare) -> None: + def test_method_update_overload_3(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) @@ -2058,48 +2098,141 @@ def test_method_update_overload_5(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_5(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_3(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", + allow_authenticate_via_warp=True, + allow_iframe=True, allowed_idps=["699d98642c564d2e855e9661899b7252"], - app_launcher_logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + app_launcher_visible=True, auto_redirect_to_identity=True, - bg_color="#ff0000", + cors_headers={ + "allow_all_headers": True, + "allow_all_methods": True, + "allow_all_origins": True, + "allow_credentials": True, + "allowed_headers": ["string"], + "allowed_methods": ["GET"], + "allowed_origins": ["https://example.com"], + "max_age": -1, + }, + custom_deny_message="custom_deny_message", custom_deny_url="custom_deny_url", custom_non_identity_deny_url="custom_non_identity_deny_url", custom_pages=["699d98642c564d2e855e9661899b7252"], - footer_links=[ + destinations=[ { - "name": "Cloudflare's Privacy Policy", - "url": "https://www.cloudflare.com/privacypolicy/", - } + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, ], - header_bg_color="#ff0000", - landing_page_design={ - "button_color": "#ff0000", - "button_text_color": "#ff0000", - "image_url": "https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", - "message": "Log in below to reach your applications behind Access.", - "title": "Welcome back!", + enable_binding_cookie=True, + http_only_cookie_attribute=True, + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", }, + name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, + path_cookie_attribute=True, policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], + read_service_tokens_from_header="Authorization", + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], + service_auth_401_redirect=True, session_duration="24h", - skip_app_launcher_login_page=True, + skip_interstitial=True, + tags=["engineers"], + use_clientless_isolation_app_launcher_url=False, ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_5(self, client: Cloudflare) -> None: + def test_raw_response_update_overload_3(self, client: Cloudflare) -> None: response = client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) @@ -2111,9 +2244,10 @@ def test_raw_response_update_overload_5(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_5(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_3(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) as response: @@ -2127,10 +2261,11 @@ def test_streaming_response_update_overload_5(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_5(self, client: Cloudflare) -> None: + def test_path_params_update_overload_3(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) @@ -2138,6 +2273,7 @@ def test_path_params_update_overload_5(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="", ) @@ -2145,15 +2281,17 @@ def test_path_params_update_overload_5(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_6(self, client: Cloudflare) -> None: + def test_method_update_overload_4(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) @@ -2161,33 +2299,143 @@ def test_method_update_overload_6(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_6(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_4(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", + allow_authenticate_via_warp=True, + allow_iframe=True, allowed_idps=["699d98642c564d2e855e9661899b7252"], + app_launcher_visible=True, auto_redirect_to_identity=True, + cors_headers={ + "allow_all_headers": True, + "allow_all_methods": True, + "allow_all_origins": True, + "allow_credentials": True, + "allowed_headers": ["string"], + "allowed_methods": ["GET"], + "allowed_origins": ["https://example.com"], + "max_age": -1, + }, + custom_deny_message="custom_deny_message", custom_deny_url="custom_deny_url", custom_non_identity_deny_url="custom_non_identity_deny_url", custom_pages=["699d98642c564d2e855e9661899b7252"], - policies=[ + destinations=[ { - "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", - "precedence": 0, - } - ], - session_duration="24h", - ) - assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) - - @pytest.mark.skip(reason="TODO: investigate broken test") - @parametrize - def test_raw_response_update_overload_6(self, client: Cloudflare) -> None: - response = client.zero_trust.access.applications.with_raw_response.update( - app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", - account_id="account_id", + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, + ], + enable_binding_cookie=True, + http_only_cookie_attribute=True, + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, + name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, + path_cookie_attribute=True, + policies=[ + { + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, + } + ], + read_service_tokens_from_header="Authorization", + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], + service_auth_401_redirect=True, + session_duration="24h", + skip_interstitial=True, + tags=["engineers"], + use_clientless_isolation_app_launcher_url=False, + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_raw_response_update_overload_4(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", + type="self_hosted", + account_id="account_id", ) assert response.is_closed is True @@ -2197,9 +2445,10 @@ def test_raw_response_update_overload_6(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_6(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_4(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) as response: @@ -2213,10 +2462,11 @@ def test_streaming_response_update_overload_6(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_6(self, client: Cloudflare) -> None: + def test_path_params_update_overload_4(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) @@ -2224,6 +2474,7 @@ def test_path_params_update_overload_6(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="", ) @@ -2231,13 +2482,14 @@ def test_path_params_update_overload_6(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", type="self_hosted", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_7(self, client: Cloudflare) -> None: + def test_method_update_overload_5(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", @@ -2247,16 +2499,32 @@ def test_method_update_overload_7(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_7(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_5(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", account_id="account_id", allowed_idps=["699d98642c564d2e855e9661899b7252"], + app_launcher_logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", auto_redirect_to_identity=True, + bg_color="#ff0000", custom_deny_url="custom_deny_url", custom_non_identity_deny_url="custom_non_identity_deny_url", custom_pages=["699d98642c564d2e855e9661899b7252"], + footer_links=[ + { + "name": "Cloudflare's Privacy Policy", + "url": "https://www.cloudflare.com/privacypolicy/", + } + ], + header_bg_color="#ff0000", + landing_page_design={ + "button_color": "#ff0000", + "button_text_color": "#ff0000", + "image_url": "https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + "message": "Log in below to reach your applications behind Access.", + "title": "Welcome back!", + }, policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", @@ -2264,12 +2532,13 @@ def test_method_update_with_all_params_overload_7(self, client: Cloudflare) -> N } ], session_duration="24h", + skip_app_launcher_login_page=True, ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_7(self, client: Cloudflare) -> None: + def test_raw_response_update_overload_5(self, client: Cloudflare) -> None: response = client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", @@ -2283,7 +2552,7 @@ def test_raw_response_update_overload_7(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_7(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_5(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", @@ -2299,7 +2568,7 @@ def test_streaming_response_update_overload_7(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_7(self, client: Cloudflare) -> None: + def test_path_params_update_overload_5(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", @@ -2323,7 +2592,7 @@ def test_path_params_update_overload_7(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_8(self, client: Cloudflare) -> None: + def test_method_update_overload_6(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", @@ -2333,7 +2602,7 @@ def test_method_update_overload_8(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_8(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_6(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", @@ -2343,8 +2612,6 @@ def test_method_update_with_all_params_overload_8(self, client: Cloudflare) -> N custom_deny_url="custom_deny_url", custom_non_identity_deny_url="custom_non_identity_deny_url", custom_pages=["699d98642c564d2e855e9661899b7252"], - domain="abcd123456.proxy.cloudflare-gateway.com", - name="Gateway Proxy", policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", @@ -2357,7 +2624,7 @@ def test_method_update_with_all_params_overload_8(self, client: Cloudflare) -> N @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_8(self, client: Cloudflare) -> None: + def test_raw_response_update_overload_6(self, client: Cloudflare) -> None: response = client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", @@ -2371,7 +2638,7 @@ def test_raw_response_update_overload_8(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_8(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_6(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", type="self_hosted", @@ -2387,7 +2654,7 @@ def test_streaming_response_update_overload_8(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_8(self, client: Cloudflare) -> None: + def test_path_params_update_overload_6(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", @@ -2411,39 +2678,42 @@ def test_path_params_update_overload_8(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_9(self, client: Cloudflare) -> None: + def test_method_update_overload_7(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", account_id="account_id", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_9(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_7(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", account_id="account_id", - app_launcher_visible=True, - domain="https://mybookmark.com", - logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", - name="Admin Site", + allowed_idps=["699d98642c564d2e855e9661899b7252"], + auto_redirect_to_identity=True, + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], - tags=["engineers"], - type="bookmark", + session_duration="24h", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_9(self, client: Cloudflare) -> None: + def test_raw_response_update_overload_7(self, client: Cloudflare) -> None: response = client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", account_id="account_id", ) @@ -2454,9 +2724,10 @@ def test_raw_response_update_overload_9(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_9(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_7(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", account_id="account_id", ) as response: assert not response.is_closed @@ -2469,88 +2740,68 @@ def test_streaming_response_update_overload_9(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_9(self, client: Cloudflare) -> None: + def test_path_params_update_overload_7(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", + type="self_hosted", account_id="account_id", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_overload_10(self, client: Cloudflare) -> None: + def test_method_update_overload_8(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="self_hosted", account_id="account_id", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_update_with_all_params_overload_10(self, client: Cloudflare) -> None: + def test_method_update_with_all_params_overload_8(self, client: Cloudflare) -> None: application = client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="self_hosted", account_id="account_id", - name="Admin Site", + allowed_idps=["699d98642c564d2e855e9661899b7252"], + auto_redirect_to_identity=True, + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + domain="abcd123456.proxy.cloudflare-gateway.com", + name="Gateway Proxy", policies=[ { - "decision": "allow", - "include": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], - "name": "Allow devs", - "connection_rules": { - "ssh": { - "usernames": ["root", "ubuntu"], - "allow_email_alias": True, - } - }, - "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], - "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, } ], + session_duration="24h", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_raw_response_update_overload_10(self, client: Cloudflare) -> None: + def test_raw_response_update_overload_8(self, client: Cloudflare) -> None: response = client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="self_hosted", account_id="account_id", ) @@ -2561,17 +2812,10 @@ def test_raw_response_update_overload_10(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_update_overload_10(self, client: Cloudflare) -> None: + def test_streaming_response_update_overload_8(self, client: Cloudflare) -> None: with client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="self_hosted", account_id="account_id", ) as response: assert not response.is_closed @@ -2584,30 +2828,227 @@ def test_streaming_response_update_overload_10(self, client: Cloudflare) -> None @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_path_params_update_overload_10(self, client: Cloudflare) -> None: + def test_path_params_update_overload_8(self, client: Cloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): client.zero_trust.access.applications.with_raw_response.update( app_id="", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="self_hosted", account_id="account_id", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } + type="self_hosted", + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_update_overload_9(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_update_with_all_params_overload_9(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + app_launcher_visible=True, + domain="https://mybookmark.com", + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + name="Admin Site", + policies=[ + { + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, + } + ], + tags=["engineers"], + type="bookmark", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_raw_response_update_overload_9(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_streaming_response_update_overload_9(self, client: Cloudflare) -> None: + with client.zero_trust.access.applications.with_streaming_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_path_params_update_overload_9(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="", + account_id="account_id", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_update_overload_10(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_update_with_all_params_overload_10(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + name="Admin Site", + policies=[ + { + "decision": "allow", + "include": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "name": "Allow devs", + "connection_rules": { + "ssh": { + "usernames": ["root", "ubuntu"], + "allow_email_alias": True, + } + }, + "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + } + ], + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_raw_response_update_overload_10(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_streaming_response_update_overload_10(self, client: Cloudflare) -> None: + with client.zero_trust.access.applications.with_streaming_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_path_params_update_overload_10(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } ], type="infrastructure", account_id="", @@ -2720,7 +3161,25 @@ def test_method_update_with_all_params_overload_11(self, client: Cloudflare) -> enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -2861,48 +3320,389 @@ def test_path_params_update_overload_11(self, client: Cloudflare) -> None: @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_method_list(self, client: Cloudflare) -> None: - application = client.zero_trust.access.applications.list( - account_id="account_id", - ) - assert_matches_type(SyncV4PagePaginationArray[ApplicationListResponse], application, path=["response"]) - - @pytest.mark.skip(reason="TODO: investigate broken test") - @parametrize - def test_method_list_with_all_params(self, client: Cloudflare) -> None: - application = client.zero_trust.access.applications.list( - account_id="account_id", - aud="aud", - domain="domain", - exact=True, - name="name", - page=0, - per_page=0, - search="search", - target_attributes="target_attributes", - ) - assert_matches_type(SyncV4PagePaginationArray[ApplicationListResponse], application, path=["response"]) - - @pytest.mark.skip(reason="TODO: investigate broken test") - @parametrize - def test_raw_response_list(self, client: Cloudflare) -> None: - response = client.zero_trust.access.applications.with_raw_response.list( + def test_method_update_overload_12(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp", account_id="account_id", ) - - assert response.is_closed is True - assert response.http_request.headers.get("X-Stainless-Lang") == "python" - application = response.parse() - assert_matches_type(SyncV4PagePaginationArray[ApplicationListResponse], application, path=["response"]) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - def test_streaming_response_list(self, client: Cloudflare) -> None: - with client.zero_trust.access.applications.with_streaming_response.list( + def test_method_update_with_all_params_overload_12(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp", account_id="account_id", - ) as response: - assert not response.is_closed - assert response.http_request.headers.get("X-Stainless-Lang") == "python" + allow_authenticate_via_warp=True, + allowed_idps=["699d98642c564d2e855e9661899b7252"], + auto_redirect_to_identity=True, + custom_deny_message="custom_deny_message", + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + destinations=[ + { + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, + ], + http_only_cookie_attribute=True, + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, + policies=[ + { + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, + } + ], + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + session_duration="24h", + tags=["engineers"], + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_raw_response_update_overload_12(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp", + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_streaming_response_update_overload_12(self, client: Cloudflare) -> None: + with client.zero_trust.access.applications.with_streaming_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp", + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_path_params_update_overload_12(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="", + type="mcp", + account_id="account_id", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp", + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp", + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_update_overload_13(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp_portal", + account_id="account_id", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_update_with_all_params_overload_13(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp_portal", + account_id="account_id", + allow_authenticate_via_warp=True, + allowed_idps=["699d98642c564d2e855e9661899b7252"], + auto_redirect_to_identity=True, + custom_deny_message="custom_deny_message", + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + destinations=[ + { + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, + ], + domain="test.example.com/admin", + http_only_cookie_attribute=True, + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, + policies=[ + { + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, + } + ], + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + session_duration="24h", + tags=["engineers"], + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_raw_response_update_overload_13(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp_portal", + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_streaming_response_update_overload_13(self, client: Cloudflare) -> None: + with client.zero_trust.access.applications.with_streaming_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp_portal", + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_path_params_update_overload_13(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="", + type="mcp_portal", + account_id="account_id", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp_portal", + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="mcp_portal", + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_list(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.list( + account_id="account_id", + ) + assert_matches_type(SyncV4PagePaginationArray[ApplicationListResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_method_list_with_all_params(self, client: Cloudflare) -> None: + application = client.zero_trust.access.applications.list( + account_id="account_id", + aud="aud", + domain="domain", + exact=True, + name="name", + page=0, + per_page=0, + search="search", + target_attributes="target_attributes", + ) + assert_matches_type(SyncV4PagePaginationArray[ApplicationListResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_raw_response_list(self, client: Cloudflare) -> None: + response = client.zero_trust.access.applications.with_raw_response.list( + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = response.parse() + assert_matches_type(SyncV4PagePaginationArray[ApplicationListResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + def test_streaming_response_list(self, client: Cloudflare) -> None: + with client.zero_trust.access.applications.with_streaming_response.list( + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" application = response.parse() assert_matches_type(SyncV4PagePaginationArray[ApplicationListResponse], application, path=["response"]) @@ -3206,7 +4006,25 @@ async def test_method_create_with_all_params_overload_1(self, async_client: Asyn enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -3498,7 +4316,25 @@ async def test_method_create_with_all_params_overload_3(self, async_client: Asyn enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -3667,7 +4503,25 @@ async def test_method_create_with_all_params_overload_4(self, async_client: Asyn enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -4094,14 +4948,335 @@ async def test_method_create_with_all_params_overload_9(self, async_client: Asyn } ], tags=["engineers"], - type="bookmark", + type="bookmark", + ) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_raw_response_create_overload_9(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.applications.with_raw_response.create( + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = await response.parse() + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_streaming_response_create_overload_9(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.applications.with_streaming_response.create( + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = await response.parse() + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_path_params_create_overload_9(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.create( + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.create( + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_create_overload_10(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.create( + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_create_with_all_params_overload_10(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.create( + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + name="Admin Site", + policies=[ + { + "decision": "allow", + "include": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "name": "Allow devs", + "connection_rules": { + "ssh": { + "usernames": ["root", "ubuntu"], + "allow_email_alias": True, + } + }, + "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + } + ], + ) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_raw_response_create_overload_10(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.applications.with_raw_response.create( + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = await response.parse() + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_streaming_response_create_overload_10(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.applications.with_streaming_response.create( + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = await response.parse() + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_path_params_create_overload_10(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.create( + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.create( + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_create_overload_11(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.create( + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", + account_id="account_id", + ) + assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_create_with_all_params_overload_11(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.create( + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", + account_id="account_id", + allow_authenticate_via_warp=True, + allow_iframe=True, + allowed_idps=["699d98642c564d2e855e9661899b7252"], + app_launcher_visible=True, + auto_redirect_to_identity=True, + cors_headers={ + "allow_all_headers": True, + "allow_all_methods": True, + "allow_all_origins": True, + "allow_credentials": True, + "allowed_headers": ["string"], + "allowed_methods": ["GET"], + "allowed_origins": ["https://example.com"], + "max_age": -1, + }, + custom_deny_message="custom_deny_message", + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + destinations=[ + { + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, + ], + enable_binding_cookie=True, + http_only_cookie_attribute=True, + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, + name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, + path_cookie_attribute=True, + policies=[ + { + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, + } + ], + read_service_tokens_from_header="Authorization", + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], + service_auth_401_redirect=True, + session_duration="24h", + skip_interstitial=True, + tags=["engineers"], + use_clientless_isolation_app_launcher_url=False, ) assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_raw_response_create_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_create_overload_11(self, async_client: AsyncCloudflare) -> None: response = await async_client.zero_trust.access.applications.with_raw_response.create( + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) @@ -4112,8 +5287,17 @@ async def test_raw_response_create_overload_9(self, async_client: AsyncCloudflar @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_streaming_response_create_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_create_overload_11(self, async_client: AsyncCloudflare) -> None: async with async_client.zero_trust.access.applications.with_streaming_response.create( + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) as response: assert not response.is_closed @@ -4126,77 +5310,154 @@ async def test_streaming_response_create_overload_9(self, async_client: AsyncClo @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_path_params_create_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_create_overload_11(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.create( + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.create( + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_create_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_method_create_overload_12(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.create( - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_create_with_all_params_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_method_create_with_all_params_overload_12(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.create( - target_criteria=[ + type="mcp", + account_id="account_id", + allow_authenticate_via_warp=True, + allowed_idps=["699d98642c564d2e855e9661899b7252"], + auto_redirect_to_identity=True, + custom_deny_message="custom_deny_message", + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + destinations=[ { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, ], - type="infrastructure", - account_id="account_id", + http_only_cookie_attribute=True, + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, policies=[ { - "decision": "allow", - "include": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], - "name": "Allow devs", - "connection_rules": { - "ssh": { - "usernames": ["root", "ubuntu"], - "allow_email_alias": True, - } - }, - "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], - "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, } ], + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + session_duration="24h", + tags=["engineers"], ) assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_raw_response_create_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_create_overload_12(self, async_client: AsyncCloudflare) -> None: response = await async_client.zero_trust.access.applications.with_raw_response.create( - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) @@ -4207,16 +5468,9 @@ async def test_raw_response_create_overload_10(self, async_client: AsyncCloudfla @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_streaming_response_create_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_create_overload_12(self, async_client: AsyncCloudflare) -> None: async with async_client.zero_trust.access.applications.with_streaming_response.create( - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) as response: assert not response.is_closed @@ -4229,79 +5483,37 @@ async def test_streaming_response_create_overload_10(self, async_client: AsyncCl @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_path_params_create_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_create_overload_12(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.create( - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.create( - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_create_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_method_create_overload_13(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.create( - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_create_with_all_params_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_method_create_with_all_params_overload_13(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.create( - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", allow_authenticate_via_warp=True, - allow_iframe=True, allowed_idps=["699d98642c564d2e855e9661899b7252"], - app_launcher_visible=True, auto_redirect_to_identity=True, - cors_headers={ - "allow_all_headers": True, - "allow_all_methods": True, - "allow_all_origins": True, - "allow_credentials": True, - "allowed_headers": ["string"], - "allowed_methods": ["GET"], - "allowed_origins": ["https://example.com"], - "max_age": -1, - }, custom_deny_message="custom_deny_message", custom_deny_url="custom_deny_url", custom_non_identity_deny_url="custom_non_identity_deny_url", @@ -4344,19 +5556,30 @@ async def test_method_create_with_all_params_overload_11(self, async_client: Asy "type": "via_mcp_server_portal", }, ], - enable_binding_cookie=True, + domain="test.example.com/admin", http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, - path_cookie_attribute=True, policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], - read_service_tokens_from_header="Authorization", same_site_cookie_attribute="strict", scim_config={ "idp_uid": "idp_uid", @@ -4383,28 +5606,16 @@ async def test_method_create_with_all_params_overload_11(self, async_client: Asy } ], }, - self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], - service_auth_401_redirect=True, session_duration="24h", - skip_interstitial=True, tags=["engineers"], - use_clientless_isolation_app_launcher_url=False, ) assert_matches_type(Optional[ApplicationCreateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_raw_response_create_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_create_overload_13(self, async_client: AsyncCloudflare) -> None: response = await async_client.zero_trust.access.applications.with_raw_response.create( - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) @@ -4415,17 +5626,9 @@ async def test_raw_response_create_overload_11(self, async_client: AsyncCloudfla @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_streaming_response_create_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_create_overload_13(self, async_client: AsyncCloudflare) -> None: async with async_client.zero_trust.access.applications.with_streaming_response.create( - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) as response: assert not response.is_closed @@ -4438,32 +5641,16 @@ async def test_streaming_response_create_overload_11(self, async_client: AsyncCl @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_path_params_create_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_create_overload_13(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.create( - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.create( - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) @@ -4546,7 +5733,25 @@ async def test_method_update_with_all_params_overload_1(self, async_client: Asyn enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -4864,7 +6069,25 @@ async def test_method_update_with_all_params_overload_3(self, async_client: Asyn enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -5047,7 +6270,25 @@ async def test_method_update_with_all_params_overload_4(self, async_client: Asyn enable_binding_cookie=True, http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, path_cookie_attribute=True, policies=[ @@ -5422,50 +6663,240 @@ async def test_path_params_update_overload_7(self, async_client: AsyncCloudflare with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", + type="self_hosted", + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_update_overload_8(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", + account_id="account_id", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_update_with_all_params_overload_8(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", + account_id="account_id", + allowed_idps=["699d98642c564d2e855e9661899b7252"], + auto_redirect_to_identity=True, + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + domain="abcd123456.proxy.cloudflare-gateway.com", + name="Gateway Proxy", + policies=[ + { + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, + } + ], + session_duration="24h", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_raw_response_update_overload_8(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = await response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_streaming_response_update_overload_8(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.applications.with_streaming_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = await response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_path_params_update_overload_8(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): + await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="", + type="self_hosted", + account_id="account_id", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + type="self_hosted", + account_id="account_id", + ) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_update_overload_9(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_method_update_with_all_params_overload_9(self, async_client: AsyncCloudflare) -> None: + application = await async_client.zero_trust.access.applications.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + app_launcher_visible=True, + domain="https://mybookmark.com", + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + name="Admin Site", + policies=[ + { + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, + } + ], + tags=["engineers"], + type="bookmark", + ) + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_raw_response_update_overload_9(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + application = await response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_streaming_response_update_overload_9(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.applications.with_streaming_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="account_id", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + application = await response.parse() + assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @pytest.mark.skip(reason="TODO: investigate broken test") + @parametrize + async def test_path_params_update_overload_9(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): + await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="", + account_id="account_id", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", + account_id="", + ) + + with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): + await async_client.zero_trust.access.applications.with_raw_response.update( + app_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_overload_8(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_overload_10(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", account_id="account_id", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_with_all_params_overload_8(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_with_all_params_overload_10(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", account_id="account_id", - allowed_idps=["699d98642c564d2e855e9661899b7252"], - auto_redirect_to_identity=True, - custom_deny_url="custom_deny_url", - custom_non_identity_deny_url="custom_non_identity_deny_url", - custom_pages=["699d98642c564d2e855e9661899b7252"], - domain="abcd123456.proxy.cloudflare-gateway.com", - name="Gateway Proxy", + name="Admin Site", policies=[ { - "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", - "precedence": 0, + "decision": "allow", + "include": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "name": "Allow devs", + "connection_rules": { + "ssh": { + "usernames": ["root", "ubuntu"], + "allow_email_alias": True, + } + }, + "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], } ], - session_duration="24h", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_raw_response_update_overload_8(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_update_overload_10(self, async_client: AsyncCloudflare) -> None: response = await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", account_id="account_id", ) @@ -5476,10 +6907,17 @@ async def test_raw_response_update_overload_8(self, async_client: AsyncCloudflar @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_streaming_response_update_overload_8(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_update_overload_10(self, async_client: AsyncCloudflare) -> None: async with async_client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", account_id="account_id", ) as response: assert not response.is_closed @@ -5492,63 +6930,219 @@ async def test_streaming_response_update_overload_8(self, async_client: AsyncClo @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_path_params_update_overload_8(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_update_overload_10(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="", - type="self_hosted", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", account_id="account_id", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - type="self_hosted", + target_criteria=[ + { + "port": 22, + "protocol": "SSH", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="infrastructure", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_overload_11(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_with_all_params_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_with_all_params_overload_11(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", + allow_authenticate_via_warp=True, + allow_iframe=True, + allowed_idps=["699d98642c564d2e855e9661899b7252"], app_launcher_visible=True, - domain="https://mybookmark.com", + auto_redirect_to_identity=True, + cors_headers={ + "allow_all_headers": True, + "allow_all_methods": True, + "allow_all_origins": True, + "allow_credentials": True, + "allowed_headers": ["string"], + "allowed_methods": ["GET"], + "allowed_origins": ["https://example.com"], + "max_age": -1, + }, + custom_deny_message="custom_deny_message", + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + destinations=[ + { + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, + ], + enable_binding_cookie=True, + http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, + path_cookie_attribute=True, policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], + read_service_tokens_from_header="Authorization", + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], + service_auth_401_redirect=True, + session_duration="24h", + skip_interstitial=True, tags=["engineers"], - type="bookmark", + use_clientless_isolation_app_launcher_url=False, ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_raw_response_update_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_update_overload_11(self, async_client: AsyncCloudflare) -> None: response = await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) @@ -5559,9 +7153,18 @@ async def test_raw_response_update_overload_9(self, async_client: AsyncCloudflar @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_streaming_response_update_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_update_overload_11(self, async_client: AsyncCloudflare) -> None: async with async_client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) as response: assert not response.is_closed @@ -5574,88 +7177,174 @@ async def test_streaming_response_update_overload_9(self, async_client: AsyncClo @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_path_params_update_overload_9(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_update_overload_11(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="", + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", + domain="test.example.com/admin", + target_criteria=[ + { + "port": 22, + "protocol": "RDP", + "target_attributes": {"hostname": ["test-server", "production-server"]}, + } + ], + type="self_hosted", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_overload_12(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_with_all_params_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_with_all_params_overload_12(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ + type="mcp", + account_id="account_id", + allow_authenticate_via_warp=True, + allowed_idps=["699d98642c564d2e855e9661899b7252"], + auto_redirect_to_identity=True, + custom_deny_message="custom_deny_message", + custom_deny_url="custom_deny_url", + custom_non_identity_deny_url="custom_non_identity_deny_url", + custom_pages=["699d98642c564d2e855e9661899b7252"], + destinations=[ { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } + "type": "public", + "uri": "test.example.com/admin", + }, + { + "type": "public", + "uri": "test.anotherexample.com/staff", + }, + { + "cidr": "10.5.0.0/24", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80-90", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "10.5.0.3/32", + "hostname": "hostname", + "l4_protocol": "tcp", + "port_range": "80", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "cidr": "cidr", + "hostname": "private-sni.example.com", + "l4_protocol": "tcp", + "port_range": "port_range", + "type": "private", + "vnet_id": "vnet_id", + }, + { + "mcp_server_id": "mcp-server-1", + "type": "via_mcp_server_portal", + }, ], - type="infrastructure", - account_id="account_id", + http_only_cookie_attribute=True, + logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, + options_preflight_bypass=True, policies=[ { - "decision": "allow", - "include": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], - "name": "Allow devs", - "connection_rules": { - "ssh": { - "usernames": ["root", "ubuntu"], - "allow_email_alias": True, - } - }, - "exclude": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], - "require": [{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], + "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + "precedence": 0, } ], + same_site_cookie_attribute="strict", + scim_config={ + "idp_uid": "idp_uid", + "remote_uri": "remote_uri", + "authentication": { + "password": "password", + "scheme": "httpbasic", + "user": "user", + }, + "deactivate_on_delete": True, + "enabled": True, + "mappings": [ + { + "schema": "urn:ietf:params:scim:schemas:core:2.0:User", + "enabled": True, + "filter": 'title pr or userType eq "Intern"', + "operations": { + "create": True, + "delete": True, + "update": True, + }, + "strictness": "strict", + "transform_jsonata": "$merge([$, {'userName': $substringBefore($.userName, '@') & '+test@' & $substringAfter($.userName, '@')}])", + } + ], + }, + session_duration="24h", + tags=["engineers"], ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_raw_response_update_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_update_overload_12(self, async_client: AsyncCloudflare) -> None: response = await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) @@ -5666,17 +7355,10 @@ async def test_raw_response_update_overload_10(self, async_client: AsyncCloudfla @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_streaming_response_update_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_update_overload_12(self, async_client: AsyncCloudflare) -> None: async with async_client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) as response: assert not response.is_closed @@ -5689,97 +7371,48 @@ async def test_streaming_response_update_overload_10(self, async_client: AsyncCl @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_path_params_update_overload_10(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_update_overload_12(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - target_criteria=[ - { - "port": 22, - "protocol": "SSH", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="infrastructure", + type="mcp", account_id="account_id", ) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_overload_13(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_method_update_with_all_params_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_method_update_with_all_params_overload_13(self, async_client: AsyncCloudflare) -> None: application = await async_client.zero_trust.access.applications.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", allow_authenticate_via_warp=True, - allow_iframe=True, allowed_idps=["699d98642c564d2e855e9661899b7252"], - app_launcher_visible=True, auto_redirect_to_identity=True, - cors_headers={ - "allow_all_headers": True, - "allow_all_methods": True, - "allow_all_origins": True, - "allow_credentials": True, - "allowed_headers": ["string"], - "allowed_methods": ["GET"], - "allowed_origins": ["https://example.com"], - "max_age": -1, - }, custom_deny_message="custom_deny_message", custom_deny_url="custom_deny_url", custom_non_identity_deny_url="custom_non_identity_deny_url", @@ -5822,19 +7455,30 @@ async def test_method_update_with_all_params_overload_11(self, async_client: Asy "type": "via_mcp_server_portal", }, ], - enable_binding_cookie=True, + domain="test.example.com/admin", http_only_cookie_attribute=True, logo_url="https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg", name="Admin Site", + oauth_configuration={ + "dynamic_client_registration": { + "allow_any_on_localhost": True, + "allow_any_on_loopback": True, + "allowed_uris": ["https://example.com/callback"], + "enabled": True, + }, + "enabled": True, + "grant": { + "access_token_lifetime": "5m", + "session_duration": "24h", + }, + }, options_preflight_bypass=True, - path_cookie_attribute=True, policies=[ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "precedence": 0, } ], - read_service_tokens_from_header="Authorization", same_site_cookie_attribute="strict", scim_config={ "idp_uid": "idp_uid", @@ -5861,29 +7505,17 @@ async def test_method_update_with_all_params_overload_11(self, async_client: Asy } ], }, - self_hosted_domains=["test.example.com/admin", "test.anotherexample.com/staff"], - service_auth_401_redirect=True, session_duration="24h", - skip_interstitial=True, tags=["engineers"], - use_clientless_isolation_app_launcher_url=False, ) assert_matches_type(Optional[ApplicationUpdateResponse], application, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_raw_response_update_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_raw_response_update_overload_13(self, async_client: AsyncCloudflare) -> None: response = await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) @@ -5894,18 +7526,10 @@ async def test_raw_response_update_overload_11(self, async_client: AsyncCloudfla @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_streaming_response_update_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_streaming_response_update_overload_13(self, async_client: AsyncCloudflare) -> None: async with async_client.zero_trust.access.applications.with_streaming_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) as response: assert not response.is_closed @@ -5918,49 +7542,25 @@ async def test_streaming_response_update_overload_11(self, async_client: AsyncCl @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize - async def test_path_params_update_overload_11(self, async_client: AsyncCloudflare) -> None: + async def test_path_params_update_overload_13(self, async_client: AsyncCloudflare) -> None: with pytest.raises(ValueError, match=r"Expected a non-empty value for `app_id` but received ''"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="", - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="", ) with pytest.raises(ValueError, match=r"You must provide either account_id or zone_id"): await async_client.zero_trust.access.applications.with_raw_response.update( app_id="023e105f4ecef8ad9ca31a8372d0c353", - domain="test.example.com/admin", - target_criteria=[ - { - "port": 22, - "protocol": "RDP", - "target_attributes": {"hostname": ["test-server", "production-server"]}, - } - ], - type="self_hosted", + type="mcp_portal", account_id="account_id", ) diff --git a/tests/api_resources/zero_trust/access/test_policies.py b/tests/api_resources/zero_trust/access/test_policies.py index d03deaa1b48..5f4a60a6752 100644 --- a/tests/api_resources/zero_trust/access/test_policies.py +++ b/tests/api_resources/zero_trust/access/test_policies.py @@ -54,8 +54,19 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, exclude=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, require=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], @@ -135,8 +146,19 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, exclude=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, require=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], @@ -375,8 +397,19 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, exclude=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, require=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], @@ -456,8 +489,19 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare }, ], approval_required=True, + connection_rules={ + "rdp": { + "allowed_clipboard_local_to_remote_formats": ["text"], + "allowed_clipboard_remote_to_local_formats": ["text"], + } + }, exclude=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], isolation_required=False, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "mfa_bypass": False, + "session_duration": "24h", + }, purpose_justification_prompt="Please enter a justification for entering this protected domain.", purpose_justification_required=True, require=[{"group": {"id": "aa0a4aab-672b-4bdb-bc33-a59f1130a11f"}}], diff --git a/tests/api_resources/zero_trust/access/test_users.py b/tests/api_resources/zero_trust/access/test_users.py index f71989026d0..2c1028d7c92 100644 --- a/tests/api_resources/zero_trust/access/test_users.py +++ b/tests/api_resources/zero_trust/access/test_users.py @@ -3,14 +3,19 @@ from __future__ import annotations import os -from typing import Any, cast +from typing import Any, Optional, cast import pytest from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type from cloudflare.pagination import SyncV4PagePaginationArray, AsyncV4PagePaginationArray -from cloudflare.types.zero_trust.access import UserListResponse +from cloudflare.types.zero_trust.access import ( + UserGetResponse, + UserListResponse, + UserCreateResponse, + UserUpdateResponse, +) base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -18,6 +23,115 @@ class TestUsers: parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + @parametrize + def test_method_create(self, client: Cloudflare) -> None: + user = client.zero_trust.access.users.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + ) + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + @parametrize + def test_method_create_with_all_params(self, client: Cloudflare) -> None: + user = client.zero_trust.access.users.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + @parametrize + def test_raw_response_create(self, client: Cloudflare) -> None: + response = client.zero_trust.access.users.with_raw_response.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = response.parse() + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + @parametrize + def test_streaming_response_create(self, client: Cloudflare) -> None: + with client.zero_trust.access.users.with_streaming_response.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = response.parse() + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_create(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.access.users.with_raw_response.create( + account_id="", + email="jdoe@example.com", + ) + + @parametrize + def test_method_update(self, client: Cloudflare) -> None: + user = client.zero_trust.access.users.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + assert_matches_type(Optional[UserUpdateResponse], user, path=["response"]) + + @parametrize + def test_raw_response_update(self, client: Cloudflare) -> None: + response = client.zero_trust.access.users.with_raw_response.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = response.parse() + assert_matches_type(Optional[UserUpdateResponse], user, path=["response"]) + + @parametrize + def test_streaming_response_update(self, client: Cloudflare) -> None: + with client.zero_trust.access.users.with_streaming_response.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = response.parse() + assert_matches_type(Optional[UserUpdateResponse], user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_update(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.access.users.with_raw_response.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + email="jdoe@example.com", + name="Jane Doe", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `user_id` but received ''"): + client.zero_trust.access.users.with_raw_response.update( + user_id="", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + @parametrize def test_method_list(self, client: Cloudflare) -> None: user = client.zero_trust.access.users.list( @@ -68,12 +182,217 @@ def test_path_params_list(self, client: Cloudflare) -> None: account_id="", ) + @parametrize + def test_method_delete(self, client: Cloudflare) -> None: + user = client.zero_trust.access.users.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(object, user, path=["response"]) + + @parametrize + def test_raw_response_delete(self, client: Cloudflare) -> None: + response = client.zero_trust.access.users.with_raw_response.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = response.parse() + assert_matches_type(object, user, path=["response"]) + + @parametrize + def test_streaming_response_delete(self, client: Cloudflare) -> None: + with client.zero_trust.access.users.with_streaming_response.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = response.parse() + assert_matches_type(object, user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_delete(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.access.users.with_raw_response.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `user_id` but received ''"): + client.zero_trust.access.users.with_raw_response.delete( + user_id="", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + @parametrize + def test_method_get(self, client: Cloudflare) -> None: + user = client.zero_trust.access.users.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(Optional[UserGetResponse], user, path=["response"]) + + @parametrize + def test_raw_response_get(self, client: Cloudflare) -> None: + response = client.zero_trust.access.users.with_raw_response.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = response.parse() + assert_matches_type(Optional[UserGetResponse], user, path=["response"]) + + @parametrize + def test_streaming_response_get(self, client: Cloudflare) -> None: + with client.zero_trust.access.users.with_streaming_response.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = response.parse() + assert_matches_type(Optional[UserGetResponse], user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_get(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.access.users.with_raw_response.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `user_id` but received ''"): + client.zero_trust.access.users.with_raw_response.get( + user_id="", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + class TestAsyncUsers: parametrize = pytest.mark.parametrize( "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] ) + @parametrize + async def test_method_create(self, async_client: AsyncCloudflare) -> None: + user = await async_client.zero_trust.access.users.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + ) + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + @parametrize + async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: + user = await async_client.zero_trust.access.users.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + @parametrize + async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.users.with_raw_response.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = await response.parse() + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + @parametrize + async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.users.with_streaming_response.create( + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = await response.parse() + assert_matches_type(Optional[UserCreateResponse], user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.access.users.with_raw_response.create( + account_id="", + email="jdoe@example.com", + ) + + @parametrize + async def test_method_update(self, async_client: AsyncCloudflare) -> None: + user = await async_client.zero_trust.access.users.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + assert_matches_type(Optional[UserUpdateResponse], user, path=["response"]) + + @parametrize + async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.users.with_raw_response.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = await response.parse() + assert_matches_type(Optional[UserUpdateResponse], user, path=["response"]) + + @parametrize + async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.users.with_streaming_response.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = await response.parse() + assert_matches_type(Optional[UserUpdateResponse], user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_update(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.access.users.with_raw_response.update( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + email="jdoe@example.com", + name="Jane Doe", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `user_id` but received ''"): + await async_client.zero_trust.access.users.with_raw_response.update( + user_id="", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + email="jdoe@example.com", + name="Jane Doe", + ) + @parametrize async def test_method_list(self, async_client: AsyncCloudflare) -> None: user = await async_client.zero_trust.access.users.list( @@ -123,3 +442,99 @@ async def test_path_params_list(self, async_client: AsyncCloudflare) -> None: await async_client.zero_trust.access.users.with_raw_response.list( account_id="", ) + + @parametrize + async def test_method_delete(self, async_client: AsyncCloudflare) -> None: + user = await async_client.zero_trust.access.users.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(object, user, path=["response"]) + + @parametrize + async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.users.with_raw_response.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = await response.parse() + assert_matches_type(object, user, path=["response"]) + + @parametrize + async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.users.with_streaming_response.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = await response.parse() + assert_matches_type(object, user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_delete(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.access.users.with_raw_response.delete( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `user_id` but received ''"): + await async_client.zero_trust.access.users.with_raw_response.delete( + user_id="", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + @parametrize + async def test_method_get(self, async_client: AsyncCloudflare) -> None: + user = await async_client.zero_trust.access.users.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + assert_matches_type(Optional[UserGetResponse], user, path=["response"]) + + @parametrize + async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.access.users.with_raw_response.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + user = await response.parse() + assert_matches_type(Optional[UserGetResponse], user, path=["response"]) + + @parametrize + async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.access.users.with_streaming_response.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + user = await response.parse() + assert_matches_type(Optional[UserGetResponse], user, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_get(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.access.users.with_raw_response.get( + user_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `user_id` but received ''"): + await async_client.zero_trust.access.users.with_raw_response.get( + user_id="", + account_id="023e105f4ecef8ad9ca31a8372d0c353", + ) diff --git a/tests/api_resources/zero_trust/dex/test_rules.py b/tests/api_resources/zero_trust/dex/test_rules.py new file mode 100644 index 00000000000..c4f5cd1242d --- /dev/null +++ b/tests/api_resources/zero_trust/dex/test_rules.py @@ -0,0 +1,569 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import os +from typing import Any, Optional, cast + +import pytest + +from cloudflare import Cloudflare, AsyncCloudflare +from tests.utils import assert_matches_type +from cloudflare.pagination import SyncV4PagePagination, AsyncV4PagePagination +from cloudflare.types.zero_trust.dex import ( + RuleGetResponse, + RuleListResponse, + RuleCreateResponse, + RuleDeleteResponse, + RuleUpdateResponse, +) + +base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") + + +class TestRules: + parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + + @parametrize + def test_method_create(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + ) + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + @parametrize + def test_method_create_with_all_params(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + description="description", + ) + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + @parametrize + def test_raw_response_create(self, client: Cloudflare) -> None: + response = client.zero_trust.dex.rules.with_raw_response.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = response.parse() + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + @parametrize + def test_streaming_response_create(self, client: Cloudflare) -> None: + with client.zero_trust.dex.rules.with_streaming_response.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = response.parse() + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_create(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.create( + account_id="", + match="match", + name="name", + ) + + @parametrize + def test_method_update(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + @parametrize + def test_method_update_with_all_params(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + description="description", + match="match", + name="name", + ) + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + @parametrize + def test_raw_response_update(self, client: Cloudflare) -> None: + response = client.zero_trust.dex.rules.with_raw_response.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = response.parse() + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + @parametrize + def test_streaming_response_update(self, client: Cloudflare) -> None: + with client.zero_trust.dex.rules.with_streaming_response.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = response.parse() + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_update(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `rule_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.update( + rule_id="", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + @parametrize + def test_method_list(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + ) + assert_matches_type(SyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + @parametrize + def test_method_list_with_all_params(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + name="name", + sort_by="name", + sort_order="ASC", + ) + assert_matches_type(SyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + @parametrize + def test_raw_response_list(self, client: Cloudflare) -> None: + response = client.zero_trust.dex.rules.with_raw_response.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = response.parse() + assert_matches_type(SyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + @parametrize + def test_streaming_response_list(self, client: Cloudflare) -> None: + with client.zero_trust.dex.rules.with_streaming_response.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = response.parse() + assert_matches_type(SyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_list(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.list( + account_id="", + page=1, + per_page=1, + ) + + @parametrize + def test_method_delete(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + assert_matches_type(Optional[RuleDeleteResponse], rule, path=["response"]) + + @parametrize + def test_raw_response_delete(self, client: Cloudflare) -> None: + response = client.zero_trust.dex.rules.with_raw_response.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = response.parse() + assert_matches_type(Optional[RuleDeleteResponse], rule, path=["response"]) + + @parametrize + def test_streaming_response_delete(self, client: Cloudflare) -> None: + with client.zero_trust.dex.rules.with_streaming_response.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = response.parse() + assert_matches_type(Optional[RuleDeleteResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_delete(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `rule_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.delete( + rule_id="", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + @parametrize + def test_method_get(self, client: Cloudflare) -> None: + rule = client.zero_trust.dex.rules.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + assert_matches_type(Optional[RuleGetResponse], rule, path=["response"]) + + @parametrize + def test_raw_response_get(self, client: Cloudflare) -> None: + response = client.zero_trust.dex.rules.with_raw_response.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = response.parse() + assert_matches_type(Optional[RuleGetResponse], rule, path=["response"]) + + @parametrize + def test_streaming_response_get(self, client: Cloudflare) -> None: + with client.zero_trust.dex.rules.with_streaming_response.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = response.parse() + assert_matches_type(Optional[RuleGetResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_get(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `rule_id` but received ''"): + client.zero_trust.dex.rules.with_raw_response.get( + rule_id="", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + +class TestAsyncRules: + parametrize = pytest.mark.parametrize( + "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] + ) + + @parametrize + async def test_method_create(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + ) + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + @parametrize + async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + description="description", + ) + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + @parametrize + async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.dex.rules.with_raw_response.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = await response.parse() + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + @parametrize + async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.dex.rules.with_streaming_response.create( + account_id="01a7362d577a6c3019a474fd6f485823", + match="match", + name="name", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = await response.parse() + assert_matches_type(Optional[RuleCreateResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.create( + account_id="", + match="match", + name="name", + ) + + @parametrize + async def test_method_update(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + @parametrize + async def test_method_update_with_all_params(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + description="description", + match="match", + name="name", + ) + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + @parametrize + async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.dex.rules.with_raw_response.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = await response.parse() + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + @parametrize + async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.dex.rules.with_streaming_response.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = await response.parse() + assert_matches_type(Optional[RuleUpdateResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_update(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.update( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `rule_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.update( + rule_id="", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + @parametrize + async def test_method_list(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + ) + assert_matches_type(AsyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + @parametrize + async def test_method_list_with_all_params(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + name="name", + sort_by="name", + sort_order="ASC", + ) + assert_matches_type(AsyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + @parametrize + async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.dex.rules.with_raw_response.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = await response.parse() + assert_matches_type(AsyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + @parametrize + async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.dex.rules.with_streaming_response.list( + account_id="01a7362d577a6c3019a474fd6f485823", + page=1, + per_page=1, + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = await response.parse() + assert_matches_type(AsyncV4PagePagination[Optional[RuleListResponse]], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_list(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.list( + account_id="", + page=1, + per_page=1, + ) + + @parametrize + async def test_method_delete(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + assert_matches_type(Optional[RuleDeleteResponse], rule, path=["response"]) + + @parametrize + async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.dex.rules.with_raw_response.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = await response.parse() + assert_matches_type(Optional[RuleDeleteResponse], rule, path=["response"]) + + @parametrize + async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.dex.rules.with_streaming_response.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = await response.parse() + assert_matches_type(Optional[RuleDeleteResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_delete(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.delete( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `rule_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.delete( + rule_id="", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + @parametrize + async def test_method_get(self, async_client: AsyncCloudflare) -> None: + rule = await async_client.zero_trust.dex.rules.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + assert_matches_type(Optional[RuleGetResponse], rule, path=["response"]) + + @parametrize + async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.dex.rules.with_raw_response.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + rule = await response.parse() + assert_matches_type(Optional[RuleGetResponse], rule, path=["response"]) + + @parametrize + async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.dex.rules.with_streaming_response.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="01a7362d577a6c3019a474fd6f485823", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + rule = await response.parse() + assert_matches_type(Optional[RuleGetResponse], rule, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_get(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.get( + rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `rule_id` but received ''"): + await async_client.zero_trust.dex.rules.with_raw_response.get( + rule_id="", + account_id="01a7362d577a6c3019a474fd6f485823", + ) diff --git a/tests/api_resources/zero_trust/dlp/datasets/test_upload.py b/tests/api_resources/zero_trust/dlp/datasets/test_upload.py index 2fb28f81f23..8402e87a1fa 100644 --- a/tests/api_resources/zero_trust/dlp/datasets/test_upload.py +++ b/tests/api_resources/zero_trust/dlp/datasets/test_upload.py @@ -9,7 +9,8 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type -from cloudflare.types.zero_trust.dlp.datasets import UploadEditResponse, UploadCreateResponse +from cloudflare.types.zero_trust.dlp import Dataset +from cloudflare.types.zero_trust.dlp.datasets import NewVersion base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -23,7 +24,7 @@ def test_method_create(self, client: Cloudflare) -> None: dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[UploadCreateResponse], upload, path=["response"]) + assert_matches_type(Optional[NewVersion], upload, path=["response"]) @parametrize def test_raw_response_create(self, client: Cloudflare) -> None: @@ -35,7 +36,7 @@ def test_raw_response_create(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = response.parse() - assert_matches_type(Optional[UploadCreateResponse], upload, path=["response"]) + assert_matches_type(Optional[NewVersion], upload, path=["response"]) @parametrize def test_streaming_response_create(self, client: Cloudflare) -> None: @@ -47,7 +48,7 @@ def test_streaming_response_create(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = response.parse() - assert_matches_type(Optional[UploadCreateResponse], upload, path=["response"]) + assert_matches_type(Optional[NewVersion], upload, path=["response"]) assert cast(Any, response.is_closed) is True @@ -74,7 +75,7 @@ def test_method_edit(self, client: Cloudflare) -> None: account_id="account_id", dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", ) - assert_matches_type(Optional[UploadEditResponse], upload, path=["response"]) + assert_matches_type(Optional[Dataset], upload, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize @@ -89,7 +90,7 @@ def test_raw_response_edit(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = response.parse() - assert_matches_type(Optional[UploadEditResponse], upload, path=["response"]) + assert_matches_type(Optional[Dataset], upload, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize @@ -104,7 +105,7 @@ def test_streaming_response_edit(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = response.parse() - assert_matches_type(Optional[UploadEditResponse], upload, path=["response"]) + assert_matches_type(Optional[Dataset], upload, path=["response"]) assert cast(Any, response.is_closed) is True @@ -139,7 +140,7 @@ async def test_method_create(self, async_client: AsyncCloudflare) -> None: dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[UploadCreateResponse], upload, path=["response"]) + assert_matches_type(Optional[NewVersion], upload, path=["response"]) @parametrize async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: @@ -151,7 +152,7 @@ async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = await response.parse() - assert_matches_type(Optional[UploadCreateResponse], upload, path=["response"]) + assert_matches_type(Optional[NewVersion], upload, path=["response"]) @parametrize async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: @@ -163,7 +164,7 @@ async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = await response.parse() - assert_matches_type(Optional[UploadCreateResponse], upload, path=["response"]) + assert_matches_type(Optional[NewVersion], upload, path=["response"]) assert cast(Any, response.is_closed) is True @@ -190,7 +191,7 @@ async def test_method_edit(self, async_client: AsyncCloudflare) -> None: account_id="account_id", dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", ) - assert_matches_type(Optional[UploadEditResponse], upload, path=["response"]) + assert_matches_type(Optional[Dataset], upload, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize @@ -205,7 +206,7 @@ async def test_raw_response_edit(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = await response.parse() - assert_matches_type(Optional[UploadEditResponse], upload, path=["response"]) + assert_matches_type(Optional[Dataset], upload, path=["response"]) @pytest.mark.skip(reason="TODO: investigate broken test") @parametrize @@ -220,7 +221,7 @@ async def test_streaming_response_edit(self, async_client: AsyncCloudflare) -> N assert response.http_request.headers.get("X-Stainless-Lang") == "python" upload = await response.parse() - assert_matches_type(Optional[UploadEditResponse], upload, path=["response"]) + assert_matches_type(Optional[Dataset], upload, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/zero_trust/dlp/entries/test_custom.py b/tests/api_resources/zero_trust/dlp/entries/test_custom.py index 29cf1357284..203e9acb871 100644 --- a/tests/api_resources/zero_trust/dlp/entries/test_custom.py +++ b/tests/api_resources/zero_trust/dlp/entries/test_custom.py @@ -43,6 +43,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: "regex": "regex", "validation": "luhn", }, + description="description", profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", ) assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) @@ -111,6 +112,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: "regex": "regex", "validation": "luhn", }, + description="description", ) assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) @@ -329,6 +331,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare "regex": "regex", "validation": "luhn", }, + description="description", profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", ) assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) @@ -397,6 +400,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare "regex": "regex", "validation": "luhn", }, + description="description", ) assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) diff --git a/tests/api_resources/zero_trust/dlp/profiles/test_custom.py b/tests/api_resources/zero_trust/dlp/profiles/test_custom.py index 7ec4a09e699..f26540bad38 100644 --- a/tests/api_resources/zero_trust/dlp/profiles/test_custom.py +++ b/tests/api_resources/zero_trust/dlp/profiles/test_custom.py @@ -9,11 +9,7 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type -from cloudflare.types.zero_trust.dlp.profiles import ( - CustomGetResponse, - CustomCreateResponse, - CustomUpdateResponse, -) +from cloudflare.types.zero_trust.dlp import Profile base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -27,7 +23,7 @@ def test_method_create(self, client: Cloudflare) -> None: account_id="account_id", name="name", ) - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_method_create_with_all_params(self, client: Cloudflare) -> None: @@ -50,6 +46,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: "regex": "regex", "validation": "luhn", }, + "description": "description", } ], ocr_enabled=True, @@ -60,7 +57,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: } ], ) - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_raw_response_create(self, client: Cloudflare) -> None: @@ -72,7 +69,7 @@ def test_raw_response_create(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = response.parse() - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_streaming_response_create(self, client: Cloudflare) -> None: @@ -84,7 +81,7 @@ def test_streaming_response_create(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = response.parse() - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) assert cast(Any, response.is_closed) is True @@ -103,7 +100,7 @@ def test_method_update(self, client: Cloudflare) -> None: account_id="account_id", name="name", ) - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_method_update_with_all_params(self, client: Cloudflare) -> None: @@ -128,6 +125,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: "regex": "regex", "validation": "luhn", }, + "description": "description", } ], ocr_enabled=True, @@ -138,7 +136,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: } ], ) - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_raw_response_update(self, client: Cloudflare) -> None: @@ -151,7 +149,7 @@ def test_raw_response_update(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = response.parse() - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_streaming_response_update(self, client: Cloudflare) -> None: @@ -164,7 +162,7 @@ def test_streaming_response_update(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = response.parse() - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) assert cast(Any, response.is_closed) is True @@ -238,7 +236,7 @@ def test_method_get(self, client: Cloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[CustomGetResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_raw_response_get(self, client: Cloudflare) -> None: @@ -250,7 +248,7 @@ def test_raw_response_get(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = response.parse() - assert_matches_type(Optional[CustomGetResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize def test_streaming_response_get(self, client: Cloudflare) -> None: @@ -262,7 +260,7 @@ def test_streaming_response_get(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = response.parse() - assert_matches_type(Optional[CustomGetResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) assert cast(Any, response.is_closed) is True @@ -292,7 +290,7 @@ async def test_method_create(self, async_client: AsyncCloudflare) -> None: account_id="account_id", name="name", ) - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: @@ -315,6 +313,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare "regex": "regex", "validation": "luhn", }, + "description": "description", } ], ocr_enabled=True, @@ -325,7 +324,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare } ], ) - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: @@ -337,7 +336,7 @@ async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = await response.parse() - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: @@ -349,7 +348,7 @@ async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = await response.parse() - assert_matches_type(Optional[CustomCreateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) assert cast(Any, response.is_closed) is True @@ -368,7 +367,7 @@ async def test_method_update(self, async_client: AsyncCloudflare) -> None: account_id="account_id", name="name", ) - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_method_update_with_all_params(self, async_client: AsyncCloudflare) -> None: @@ -393,6 +392,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare "regex": "regex", "validation": "luhn", }, + "description": "description", } ], ocr_enabled=True, @@ -403,7 +403,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare } ], ) - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: @@ -416,7 +416,7 @@ async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = await response.parse() - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> None: @@ -429,7 +429,7 @@ async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = await response.parse() - assert_matches_type(Optional[CustomUpdateResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) assert cast(Any, response.is_closed) is True @@ -503,7 +503,7 @@ async def test_method_get(self, async_client: AsyncCloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[CustomGetResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: @@ -515,7 +515,7 @@ async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = await response.parse() - assert_matches_type(Optional[CustomGetResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) @parametrize async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: @@ -527,7 +527,7 @@ async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> No assert response.http_request.headers.get("X-Stainless-Lang") == "python" custom = await response.parse() - assert_matches_type(Optional[CustomGetResponse], custom, path=["response"]) + assert_matches_type(Optional[Profile], custom, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/zero_trust/dlp/profiles/test_predefined.py b/tests/api_resources/zero_trust/dlp/profiles/test_predefined.py index eedab1cb0a2..07e58ff339c 100644 --- a/tests/api_resources/zero_trust/dlp/profiles/test_predefined.py +++ b/tests/api_resources/zero_trust/dlp/profiles/test_predefined.py @@ -9,10 +9,7 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type -from cloudflare.types.zero_trust.dlp.profiles import ( - PredefinedGetResponse, - PredefinedUpdateResponse, -) +from cloudflare.types.zero_trust.dlp.profiles import PredefinedProfile base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -26,7 +23,7 @@ def test_method_update(self, client: Cloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize def test_method_update_with_all_params(self, client: Cloudflare) -> None: @@ -45,7 +42,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: ], ocr_enabled=True, ) - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize def test_raw_response_update(self, client: Cloudflare) -> None: @@ -57,7 +54,7 @@ def test_raw_response_update(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = response.parse() - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize def test_streaming_response_update(self, client: Cloudflare) -> None: @@ -69,7 +66,7 @@ def test_streaming_response_update(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = response.parse() - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) assert cast(Any, response.is_closed) is True @@ -141,7 +138,7 @@ def test_method_get(self, client: Cloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[PredefinedGetResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize def test_raw_response_get(self, client: Cloudflare) -> None: @@ -153,7 +150,7 @@ def test_raw_response_get(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = response.parse() - assert_matches_type(Optional[PredefinedGetResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize def test_streaming_response_get(self, client: Cloudflare) -> None: @@ -165,7 +162,7 @@ def test_streaming_response_get(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = response.parse() - assert_matches_type(Optional[PredefinedGetResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) assert cast(Any, response.is_closed) is True @@ -195,7 +192,7 @@ async def test_method_update(self, async_client: AsyncCloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize async def test_method_update_with_all_params(self, async_client: AsyncCloudflare) -> None: @@ -214,7 +211,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare ], ocr_enabled=True, ) - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: @@ -226,7 +223,7 @@ async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = await response.parse() - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> None: @@ -238,7 +235,7 @@ async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = await response.parse() - assert_matches_type(Optional[PredefinedUpdateResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) assert cast(Any, response.is_closed) is True @@ -310,7 +307,7 @@ async def test_method_get(self, async_client: AsyncCloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[PredefinedGetResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: @@ -322,7 +319,7 @@ async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = await response.parse() - assert_matches_type(Optional[PredefinedGetResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) @parametrize async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: @@ -334,7 +331,7 @@ async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> No assert response.http_request.headers.get("X-Stainless-Lang") == "python" predefined = await response.parse() - assert_matches_type(Optional[PredefinedGetResponse], predefined, path=["response"]) + assert_matches_type(Optional[PredefinedProfile], predefined, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/zero_trust/dlp/test_datasets.py b/tests/api_resources/zero_trust/dlp/test_datasets.py index dd38cd45612..6c5abd035ac 100644 --- a/tests/api_resources/zero_trust/dlp/test_datasets.py +++ b/tests/api_resources/zero_trust/dlp/test_datasets.py @@ -10,12 +10,7 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type from cloudflare.pagination import SyncSinglePage, AsyncSinglePage -from cloudflare.types.zero_trust.dlp import ( - Dataset, - DatasetGetResponse, - DatasetCreateResponse, - DatasetUpdateResponse, -) +from cloudflare.types.zero_trust.dlp import Dataset, DatasetCreation base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -29,7 +24,7 @@ def test_method_create(self, client: Cloudflare) -> None: account_id="account_id", name="name", ) - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) @parametrize def test_method_create_with_all_params(self, client: Cloudflare) -> None: @@ -41,7 +36,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: encoding_version=0, secret=True, ) - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) @parametrize def test_raw_response_create(self, client: Cloudflare) -> None: @@ -53,7 +48,7 @@ def test_raw_response_create(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = response.parse() - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) @parametrize def test_streaming_response_create(self, client: Cloudflare) -> None: @@ -65,7 +60,7 @@ def test_streaming_response_create(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = response.parse() - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) assert cast(Any, response.is_closed) is True @@ -83,7 +78,7 @@ def test_method_update(self, client: Cloudflare) -> None: dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize def test_method_update_with_all_params(self, client: Cloudflare) -> None: @@ -94,7 +89,7 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: description="description", name="name", ) - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize def test_raw_response_update(self, client: Cloudflare) -> None: @@ -106,7 +101,7 @@ def test_raw_response_update(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = response.parse() - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize def test_streaming_response_update(self, client: Cloudflare) -> None: @@ -118,7 +113,7 @@ def test_streaming_response_update(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = response.parse() - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) assert cast(Any, response.is_closed) is True @@ -228,7 +223,7 @@ def test_method_get(self, client: Cloudflare) -> None: dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[DatasetGetResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize def test_raw_response_get(self, client: Cloudflare) -> None: @@ -240,7 +235,7 @@ def test_raw_response_get(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = response.parse() - assert_matches_type(Optional[DatasetGetResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize def test_streaming_response_get(self, client: Cloudflare) -> None: @@ -252,7 +247,7 @@ def test_streaming_response_get(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = response.parse() - assert_matches_type(Optional[DatasetGetResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) assert cast(Any, response.is_closed) is True @@ -282,7 +277,7 @@ async def test_method_create(self, async_client: AsyncCloudflare) -> None: account_id="account_id", name="name", ) - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) @parametrize async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: @@ -294,7 +289,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare encoding_version=0, secret=True, ) - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) @parametrize async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: @@ -306,7 +301,7 @@ async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = await response.parse() - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) @parametrize async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: @@ -318,7 +313,7 @@ async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = await response.parse() - assert_matches_type(Optional[DatasetCreateResponse], dataset, path=["response"]) + assert_matches_type(Optional[DatasetCreation], dataset, path=["response"]) assert cast(Any, response.is_closed) is True @@ -336,7 +331,7 @@ async def test_method_update(self, async_client: AsyncCloudflare) -> None: dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize async def test_method_update_with_all_params(self, async_client: AsyncCloudflare) -> None: @@ -347,7 +342,7 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare description="description", name="name", ) - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: @@ -359,7 +354,7 @@ async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = await response.parse() - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> None: @@ -371,7 +366,7 @@ async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = await response.parse() - assert_matches_type(Optional[DatasetUpdateResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) assert cast(Any, response.is_closed) is True @@ -481,7 +476,7 @@ async def test_method_get(self, async_client: AsyncCloudflare) -> None: dataset_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[DatasetGetResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: @@ -493,7 +488,7 @@ async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = await response.parse() - assert_matches_type(Optional[DatasetGetResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) @parametrize async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: @@ -505,7 +500,7 @@ async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> No assert response.http_request.headers.get("X-Stainless-Lang") == "python" dataset = await response.parse() - assert_matches_type(Optional[DatasetGetResponse], dataset, path=["response"]) + assert_matches_type(Optional[Dataset], dataset, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/zero_trust/dlp/test_entries.py b/tests/api_resources/zero_trust/dlp/test_entries.py index 0f64b4372c7..55ef6364827 100644 --- a/tests/api_resources/zero_trust/dlp/test_entries.py +++ b/tests/api_resources/zero_trust/dlp/test_entries.py @@ -43,6 +43,7 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: "regex": "regex", "validation": "luhn", }, + description="description", profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", ) assert_matches_type(Optional[EntryCreateResponse], entry, path=["response"]) @@ -111,6 +112,7 @@ def test_method_update_with_all_params_overload_1(self, client: Cloudflare) -> N "validation": "luhn", }, type="custom", + description="description", enabled=True, ) assert_matches_type(Optional[EntryUpdateResponse], entry, path=["response"]) @@ -466,6 +468,7 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare "regex": "regex", "validation": "luhn", }, + description="description", profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", ) assert_matches_type(Optional[EntryCreateResponse], entry, path=["response"]) @@ -534,6 +537,7 @@ async def test_method_update_with_all_params_overload_1(self, async_client: Asyn "validation": "luhn", }, type="custom", + description="description", enabled=True, ) assert_matches_type(Optional[EntryUpdateResponse], entry, path=["response"]) diff --git a/tests/api_resources/zero_trust/dlp/test_payload_logs.py b/tests/api_resources/zero_trust/dlp/test_payload_logs.py index b868687bae1..a28ee8a4d18 100644 --- a/tests/api_resources/zero_trust/dlp/test_payload_logs.py +++ b/tests/api_resources/zero_trust/dlp/test_payload_logs.py @@ -28,6 +28,7 @@ def test_method_update(self, client: Cloudflare) -> None: def test_method_update_with_all_params(self, client: Cloudflare) -> None: payload_log = client.zero_trust.dlp.payload_logs.update( account_id="account_id", + masking_level="full", public_key="public_key", ) assert_matches_type(Optional[PayloadLogUpdateResponse], payload_log, path=["response"]) @@ -118,6 +119,7 @@ async def test_method_update(self, async_client: AsyncCloudflare) -> None: async def test_method_update_with_all_params(self, async_client: AsyncCloudflare) -> None: payload_log = await async_client.zero_trust.dlp.payload_logs.update( account_id="account_id", + masking_level="full", public_key="public_key", ) assert_matches_type(Optional[PayloadLogUpdateResponse], payload_log, path=["response"]) diff --git a/tests/api_resources/zero_trust/dlp/test_profiles.py b/tests/api_resources/zero_trust/dlp/test_profiles.py index b18ba097e90..33177649778 100644 --- a/tests/api_resources/zero_trust/dlp/test_profiles.py +++ b/tests/api_resources/zero_trust/dlp/test_profiles.py @@ -10,7 +10,7 @@ from cloudflare import Cloudflare, AsyncCloudflare from tests.utils import assert_matches_type from cloudflare.pagination import SyncSinglePage, AsyncSinglePage -from cloudflare.types.zero_trust.dlp import Profile, ProfileGetResponse +from cloudflare.types.zero_trust.dlp import Profile base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") @@ -70,7 +70,7 @@ def test_method_get(self, client: Cloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[ProfileGetResponse], profile, path=["response"]) + assert_matches_type(Optional[Profile], profile, path=["response"]) @parametrize def test_raw_response_get(self, client: Cloudflare) -> None: @@ -82,7 +82,7 @@ def test_raw_response_get(self, client: Cloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" profile = response.parse() - assert_matches_type(Optional[ProfileGetResponse], profile, path=["response"]) + assert_matches_type(Optional[Profile], profile, path=["response"]) @parametrize def test_streaming_response_get(self, client: Cloudflare) -> None: @@ -94,7 +94,7 @@ def test_streaming_response_get(self, client: Cloudflare) -> None: assert response.http_request.headers.get("X-Stainless-Lang") == "python" profile = response.parse() - assert_matches_type(Optional[ProfileGetResponse], profile, path=["response"]) + assert_matches_type(Optional[Profile], profile, path=["response"]) assert cast(Any, response.is_closed) is True @@ -170,7 +170,7 @@ async def test_method_get(self, async_client: AsyncCloudflare) -> None: profile_id="182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", account_id="account_id", ) - assert_matches_type(Optional[ProfileGetResponse], profile, path=["response"]) + assert_matches_type(Optional[Profile], profile, path=["response"]) @parametrize async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: @@ -182,7 +182,7 @@ async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: assert response.is_closed is True assert response.http_request.headers.get("X-Stainless-Lang") == "python" profile = await response.parse() - assert_matches_type(Optional[ProfileGetResponse], profile, path=["response"]) + assert_matches_type(Optional[Profile], profile, path=["response"]) @parametrize async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: @@ -194,7 +194,7 @@ async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> No assert response.http_request.headers.get("X-Stainless-Lang") == "python" profile = await response.parse() - assert_matches_type(Optional[ProfileGetResponse], profile, path=["response"]) + assert_matches_type(Optional[Profile], profile, path=["response"]) assert cast(Any, response.is_closed) is True diff --git a/tests/api_resources/zero_trust/gateway/test_pacfiles.py b/tests/api_resources/zero_trust/gateway/test_pacfiles.py new file mode 100644 index 00000000000..a90f20fdca2 --- /dev/null +++ b/tests/api_resources/zero_trust/gateway/test_pacfiles.py @@ -0,0 +1,538 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import os +from typing import Any, Optional, cast + +import pytest + +from cloudflare import Cloudflare, AsyncCloudflare +from tests.utils import assert_matches_type +from cloudflare.pagination import SyncSinglePage, AsyncSinglePage +from cloudflare.types.zero_trust.gateway import ( + PacfileGetResponse, + PacfileListResponse, + PacfileCreateResponse, + PacfileUpdateResponse, +) + +base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") + + +class TestPacfiles: + parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + + @parametrize + def test_method_create(self, client: Cloudflare) -> None: + pacfile = client.zero_trust.gateway.pacfiles.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + @parametrize + def test_method_create_with_all_params(self, client: Cloudflare) -> None: + pacfile = client.zero_trust.gateway.pacfiles.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + description="PAC file for Devops team", + slug="pac_devops", + ) + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + @parametrize + def test_raw_response_create(self, client: Cloudflare) -> None: + response = client.zero_trust.gateway.pacfiles.with_raw_response.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = response.parse() + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + @parametrize + def test_streaming_response_create(self, client: Cloudflare) -> None: + with client.zero_trust.gateway.pacfiles.with_streaming_response.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = response.parse() + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_create(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.create( + account_id="", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) + + @parametrize + def test_method_update(self, client: Cloudflare) -> None: + pacfile = client.zero_trust.gateway.pacfiles.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + assert_matches_type(Optional[PacfileUpdateResponse], pacfile, path=["response"]) + + @parametrize + def test_raw_response_update(self, client: Cloudflare) -> None: + response = client.zero_trust.gateway.pacfiles.with_raw_response.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = response.parse() + assert_matches_type(Optional[PacfileUpdateResponse], pacfile, path=["response"]) + + @parametrize + def test_streaming_response_update(self, client: Cloudflare) -> None: + with client.zero_trust.gateway.pacfiles.with_streaming_response.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = response.parse() + assert_matches_type(Optional[PacfileUpdateResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_update(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `pacfile_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.update( + pacfile_id="", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + + @parametrize + def test_method_list(self, client: Cloudflare) -> None: + pacfile = client.zero_trust.gateway.pacfiles.list( + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(SyncSinglePage[PacfileListResponse], pacfile, path=["response"]) + + @parametrize + def test_raw_response_list(self, client: Cloudflare) -> None: + response = client.zero_trust.gateway.pacfiles.with_raw_response.list( + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = response.parse() + assert_matches_type(SyncSinglePage[PacfileListResponse], pacfile, path=["response"]) + + @parametrize + def test_streaming_response_list(self, client: Cloudflare) -> None: + with client.zero_trust.gateway.pacfiles.with_streaming_response.list( + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = response.parse() + assert_matches_type(SyncSinglePage[PacfileListResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_list(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.list( + account_id="", + ) + + @parametrize + def test_method_delete(self, client: Cloudflare) -> None: + pacfile = client.zero_trust.gateway.pacfiles.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(object, pacfile, path=["response"]) + + @parametrize + def test_raw_response_delete(self, client: Cloudflare) -> None: + response = client.zero_trust.gateway.pacfiles.with_raw_response.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = response.parse() + assert_matches_type(object, pacfile, path=["response"]) + + @parametrize + def test_streaming_response_delete(self, client: Cloudflare) -> None: + with client.zero_trust.gateway.pacfiles.with_streaming_response.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = response.parse() + assert_matches_type(object, pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_delete(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `pacfile_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.delete( + pacfile_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + @parametrize + def test_method_get(self, client: Cloudflare) -> None: + pacfile = client.zero_trust.gateway.pacfiles.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(Optional[PacfileGetResponse], pacfile, path=["response"]) + + @parametrize + def test_raw_response_get(self, client: Cloudflare) -> None: + response = client.zero_trust.gateway.pacfiles.with_raw_response.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = response.parse() + assert_matches_type(Optional[PacfileGetResponse], pacfile, path=["response"]) + + @parametrize + def test_streaming_response_get(self, client: Cloudflare) -> None: + with client.zero_trust.gateway.pacfiles.with_streaming_response.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = response.parse() + assert_matches_type(Optional[PacfileGetResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_get(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `pacfile_id` but received ''"): + client.zero_trust.gateway.pacfiles.with_raw_response.get( + pacfile_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + +class TestAsyncPacfiles: + parametrize = pytest.mark.parametrize( + "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] + ) + + @parametrize + async def test_method_create(self, async_client: AsyncCloudflare) -> None: + pacfile = await async_client.zero_trust.gateway.pacfiles.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + @parametrize + async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: + pacfile = await async_client.zero_trust.gateway.pacfiles.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + description="PAC file for Devops team", + slug="pac_devops", + ) + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + @parametrize + async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.gateway.pacfiles.with_raw_response.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = await response.parse() + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + @parametrize + async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.gateway.pacfiles.with_streaming_response.create( + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = await response.parse() + assert_matches_type(Optional[PacfileCreateResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.create( + account_id="", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + name="Devops team", + ) + + @parametrize + async def test_method_update(self, async_client: AsyncCloudflare) -> None: + pacfile = await async_client.zero_trust.gateway.pacfiles.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + assert_matches_type(Optional[PacfileUpdateResponse], pacfile, path=["response"]) + + @parametrize + async def test_raw_response_update(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.gateway.pacfiles.with_raw_response.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = await response.parse() + assert_matches_type(Optional[PacfileUpdateResponse], pacfile, path=["response"]) + + @parametrize + async def test_streaming_response_update(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.gateway.pacfiles.with_streaming_response.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = await response.parse() + assert_matches_type(Optional[PacfileUpdateResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_update(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.update( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `pacfile_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.update( + pacfile_id="", + account_id="699d98642c564d2e855e9661899b7252", + contents='function FindProxyForURL(url, host) { return "DIRECT"; }', + description="PAC file for Devops team", + name="Devops team", + ) + + @parametrize + async def test_method_list(self, async_client: AsyncCloudflare) -> None: + pacfile = await async_client.zero_trust.gateway.pacfiles.list( + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(AsyncSinglePage[PacfileListResponse], pacfile, path=["response"]) + + @parametrize + async def test_raw_response_list(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.gateway.pacfiles.with_raw_response.list( + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = await response.parse() + assert_matches_type(AsyncSinglePage[PacfileListResponse], pacfile, path=["response"]) + + @parametrize + async def test_streaming_response_list(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.gateway.pacfiles.with_streaming_response.list( + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = await response.parse() + assert_matches_type(AsyncSinglePage[PacfileListResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_list(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.list( + account_id="", + ) + + @parametrize + async def test_method_delete(self, async_client: AsyncCloudflare) -> None: + pacfile = await async_client.zero_trust.gateway.pacfiles.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(object, pacfile, path=["response"]) + + @parametrize + async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.gateway.pacfiles.with_raw_response.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = await response.parse() + assert_matches_type(object, pacfile, path=["response"]) + + @parametrize + async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.gateway.pacfiles.with_streaming_response.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = await response.parse() + assert_matches_type(object, pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_delete(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.delete( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `pacfile_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.delete( + pacfile_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + @parametrize + async def test_method_get(self, async_client: AsyncCloudflare) -> None: + pacfile = await async_client.zero_trust.gateway.pacfiles.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(Optional[PacfileGetResponse], pacfile, path=["response"]) + + @parametrize + async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.gateway.pacfiles.with_raw_response.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + pacfile = await response.parse() + assert_matches_type(Optional[PacfileGetResponse], pacfile, path=["response"]) + + @parametrize + async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.gateway.pacfiles.with_streaming_response.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + pacfile = await response.parse() + assert_matches_type(Optional[PacfileGetResponse], pacfile, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_get(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.get( + pacfile_id="ed35569b41ce4d1facfe683550f54086", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `pacfile_id` but received ''"): + await async_client.zero_trust.gateway.pacfiles.with_raw_response.get( + pacfile_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) diff --git a/tests/api_resources/zero_trust/networks/subnets/test_warp.py b/tests/api_resources/zero_trust/networks/subnets/test_warp.py new file mode 100644 index 00000000000..b016142f108 --- /dev/null +++ b/tests/api_resources/zero_trust/networks/subnets/test_warp.py @@ -0,0 +1,455 @@ +# File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. + +from __future__ import annotations + +import os +from typing import Any, Optional, cast + +import pytest + +from cloudflare import Cloudflare, AsyncCloudflare +from tests.utils import assert_matches_type +from cloudflare.types.zero_trust.networks.subnets import ( + WARPGetResponse, + WARPEditResponse, + WARPCreateResponse, + WARPDeleteResponse, +) + +base_url = os.environ.get("TEST_API_BASE_URL", "http://127.0.0.1:4010") + + +class TestWARP: + parametrize = pytest.mark.parametrize("client", [False, True], indirect=True, ids=["loose", "strict"]) + + @parametrize + def test_method_create(self, client: Cloudflare) -> None: + warp = client.zero_trust.networks.subnets.warp.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + @parametrize + def test_method_create_with_all_params(self, client: Cloudflare) -> None: + warp = client.zero_trust.networks.subnets.warp.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + comment="example comment", + is_default_network=True, + ) + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + @parametrize + def test_raw_response_create(self, client: Cloudflare) -> None: + response = client.zero_trust.networks.subnets.warp.with_raw_response.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = response.parse() + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + @parametrize + def test_streaming_response_create(self, client: Cloudflare) -> None: + with client.zero_trust.networks.subnets.warp.with_streaming_response.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = response.parse() + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_create(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.networks.subnets.warp.with_raw_response.create( + account_id="", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + + @parametrize + def test_method_delete(self, client: Cloudflare) -> None: + warp = client.zero_trust.networks.subnets.warp.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(Optional[WARPDeleteResponse], warp, path=["response"]) + + @parametrize + def test_raw_response_delete(self, client: Cloudflare) -> None: + response = client.zero_trust.networks.subnets.warp.with_raw_response.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = response.parse() + assert_matches_type(Optional[WARPDeleteResponse], warp, path=["response"]) + + @parametrize + def test_streaming_response_delete(self, client: Cloudflare) -> None: + with client.zero_trust.networks.subnets.warp.with_streaming_response.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = response.parse() + assert_matches_type(Optional[WARPDeleteResponse], warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_delete(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.networks.subnets.warp.with_raw_response.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `subnet_id` but received ''"): + client.zero_trust.networks.subnets.warp.with_raw_response.delete( + subnet_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + @parametrize + def test_method_edit(self, client: Cloudflare) -> None: + warp = client.zero_trust.networks.subnets.warp.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + @parametrize + def test_method_edit_with_all_params(self, client: Cloudflare) -> None: + warp = client.zero_trust.networks.subnets.warp.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + comment="example comment", + is_default_network=True, + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + @parametrize + def test_raw_response_edit(self, client: Cloudflare) -> None: + response = client.zero_trust.networks.subnets.warp.with_raw_response.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = response.parse() + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + @parametrize + def test_streaming_response_edit(self, client: Cloudflare) -> None: + with client.zero_trust.networks.subnets.warp.with_streaming_response.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = response.parse() + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_edit(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.networks.subnets.warp.with_raw_response.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `subnet_id` but received ''"): + client.zero_trust.networks.subnets.warp.with_raw_response.edit( + subnet_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + @parametrize + def test_method_get(self, client: Cloudflare) -> None: + warp = client.zero_trust.networks.subnets.warp.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(WARPGetResponse, warp, path=["response"]) + + @parametrize + def test_raw_response_get(self, client: Cloudflare) -> None: + response = client.zero_trust.networks.subnets.warp.with_raw_response.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = response.parse() + assert_matches_type(WARPGetResponse, warp, path=["response"]) + + @parametrize + def test_streaming_response_get(self, client: Cloudflare) -> None: + with client.zero_trust.networks.subnets.warp.with_streaming_response.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = response.parse() + assert_matches_type(WARPGetResponse, warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + def test_path_params_get(self, client: Cloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + client.zero_trust.networks.subnets.warp.with_raw_response.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `subnet_id` but received ''"): + client.zero_trust.networks.subnets.warp.with_raw_response.get( + subnet_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + +class TestAsyncWARP: + parametrize = pytest.mark.parametrize( + "async_client", [False, True, {"http_client": "aiohttp"}], indirect=True, ids=["loose", "strict", "aiohttp"] + ) + + @parametrize + async def test_method_create(self, async_client: AsyncCloudflare) -> None: + warp = await async_client.zero_trust.networks.subnets.warp.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + @parametrize + async def test_method_create_with_all_params(self, async_client: AsyncCloudflare) -> None: + warp = await async_client.zero_trust.networks.subnets.warp.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + comment="example comment", + is_default_network=True, + ) + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + @parametrize + async def test_raw_response_create(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.networks.subnets.warp.with_raw_response.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = await response.parse() + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + @parametrize + async def test_streaming_response_create(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.networks.subnets.warp.with_streaming_response.create( + account_id="699d98642c564d2e855e9661899b7252", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = await response.parse() + assert_matches_type(WARPCreateResponse, warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_create(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.networks.subnets.warp.with_raw_response.create( + account_id="", + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + + @parametrize + async def test_method_delete(self, async_client: AsyncCloudflare) -> None: + warp = await async_client.zero_trust.networks.subnets.warp.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(Optional[WARPDeleteResponse], warp, path=["response"]) + + @parametrize + async def test_raw_response_delete(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.networks.subnets.warp.with_raw_response.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = await response.parse() + assert_matches_type(Optional[WARPDeleteResponse], warp, path=["response"]) + + @parametrize + async def test_streaming_response_delete(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.networks.subnets.warp.with_streaming_response.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = await response.parse() + assert_matches_type(Optional[WARPDeleteResponse], warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_delete(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.networks.subnets.warp.with_raw_response.delete( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `subnet_id` but received ''"): + await async_client.zero_trust.networks.subnets.warp.with_raw_response.delete( + subnet_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + @parametrize + async def test_method_edit(self, async_client: AsyncCloudflare) -> None: + warp = await async_client.zero_trust.networks.subnets.warp.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + @parametrize + async def test_method_edit_with_all_params(self, async_client: AsyncCloudflare) -> None: + warp = await async_client.zero_trust.networks.subnets.warp.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + comment="example comment", + is_default_network=True, + name="IPv4 Cloudflare Source IPs", + network="100.64.0.0/12", + ) + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + @parametrize + async def test_raw_response_edit(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.networks.subnets.warp.with_raw_response.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = await response.parse() + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + @parametrize + async def test_streaming_response_edit(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.networks.subnets.warp.with_streaming_response.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = await response.parse() + assert_matches_type(WARPEditResponse, warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_edit(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.networks.subnets.warp.with_raw_response.edit( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `subnet_id` but received ''"): + await async_client.zero_trust.networks.subnets.warp.with_raw_response.edit( + subnet_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) + + @parametrize + async def test_method_get(self, async_client: AsyncCloudflare) -> None: + warp = await async_client.zero_trust.networks.subnets.warp.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + assert_matches_type(WARPGetResponse, warp, path=["response"]) + + @parametrize + async def test_raw_response_get(self, async_client: AsyncCloudflare) -> None: + response = await async_client.zero_trust.networks.subnets.warp.with_raw_response.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) + + assert response.is_closed is True + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + warp = await response.parse() + assert_matches_type(WARPGetResponse, warp, path=["response"]) + + @parametrize + async def test_streaming_response_get(self, async_client: AsyncCloudflare) -> None: + async with async_client.zero_trust.networks.subnets.warp.with_streaming_response.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="699d98642c564d2e855e9661899b7252", + ) as response: + assert not response.is_closed + assert response.http_request.headers.get("X-Stainless-Lang") == "python" + + warp = await response.parse() + assert_matches_type(WARPGetResponse, warp, path=["response"]) + + assert cast(Any, response.is_closed) is True + + @parametrize + async def test_path_params_get(self, async_client: AsyncCloudflare) -> None: + with pytest.raises(ValueError, match=r"Expected a non-empty value for `account_id` but received ''"): + await async_client.zero_trust.networks.subnets.warp.with_raw_response.get( + subnet_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + account_id="", + ) + + with pytest.raises(ValueError, match=r"Expected a non-empty value for `subnet_id` but received ''"): + await async_client.zero_trust.networks.subnets.warp.with_raw_response.get( + subnet_id="", + account_id="699d98642c564d2e855e9661899b7252", + ) diff --git a/tests/api_resources/zero_trust/test_organizations.py b/tests/api_resources/zero_trust/test_organizations.py index 655886e4e5c..b8030ef3754 100644 --- a/tests/api_resources/zero_trust/test_organizations.py +++ b/tests/api_resources/zero_trust/test_organizations.py @@ -49,6 +49,12 @@ def test_method_create_with_all_params(self, client: Cloudflare) -> None: "logo_path": "https://example.com/logo.png", "text_color": "#c5ed1b", }, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "session_duration": "24h", + }, + mfa_configuration_allowed=True, + mfa_required_for_all_apps=False, session_duration="24h", ui_read_only_toggle_reason="Temporarily turn off the UI read only lock to make a change via the UI", user_seat_expiration_inactive_time="730h", @@ -133,6 +139,12 @@ def test_method_update_with_all_params(self, client: Cloudflare) -> None: "logo_path": "https://example.com/logo.png", "text_color": "#c5ed1b", }, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "session_duration": "24h", + }, + mfa_configuration_allowed=True, + mfa_required_for_all_apps=False, name="Widget Corps Internal Applications", session_duration="24h", ui_read_only_toggle_reason="Temporarily turn off the UI read only lock to make a change via the UI", @@ -335,6 +347,12 @@ async def test_method_create_with_all_params(self, async_client: AsyncCloudflare "logo_path": "https://example.com/logo.png", "text_color": "#c5ed1b", }, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "session_duration": "24h", + }, + mfa_configuration_allowed=True, + mfa_required_for_all_apps=False, session_duration="24h", ui_read_only_toggle_reason="Temporarily turn off the UI read only lock to make a change via the UI", user_seat_expiration_inactive_time="730h", @@ -419,6 +437,12 @@ async def test_method_update_with_all_params(self, async_client: AsyncCloudflare "logo_path": "https://example.com/logo.png", "text_color": "#c5ed1b", }, + mfa_config={ + "allowed_authenticators": ["totp", "biometrics", "security_key"], + "session_duration": "24h", + }, + mfa_configuration_allowed=True, + mfa_required_for_all_apps=False, name="Widget Corps Internal Applications", session_duration="24h", ui_read_only_toggle_reason="Temporarily turn off the UI read only lock to make a change via the UI",