dwollav2
Advanced tools
This repository contains the source code for Dwolla's Python-based SDK, which allows developers to interact with Dwolla's server-side API via a Python API. Any action that can be performed via an HTTP request can be made using this SDK when executed within a server-side environment.
To begin using this SDK, you will first need to download it to your machine. We use PyPi to distribute this package from where you can automagically download it via pip.
$ pip install dwollav2
Before any API requests can be made, you must first determine which environment you will be using, as well as fetch the application key and secret. To fetch your application key and secret, please visit one of the following links:
Finally, you can create an instance of Client with key and secret replaced with the application key and secret that you fetched from one of the aforementioned links, respectively.
client = dwollav2.Client(
key = os.environ['DWOLLA_APP_KEY'],
secret = os.environ['DWOLLA_APP_SECRET'],
environment = 'sandbox', # defaults to 'production'
requests = {'timeout': 0.001}
)
on_grant callback (optional)An on_grant callback is useful for storing new tokens when they are granted. The on_grant
callback is called with the Token that was just granted by the server.
client = dwollav2.Client(
key = os.environ['DWOLLA_APP_KEY'],
secret = os.environ['DWOLLA_APP_SECRET'],
on_grant = lambda t: save(t)
)
It is highly recommended that you encrypt any token data you store.
Application access tokens are used to authenticate against the API on behalf of an application. Application tokens can be used to access resources in the API that either belong to the application itself (webhooks, events, webhook-subscriptions) or the Dwolla Account that owns the application (accounts, customers, funding-sources, etc.). Application tokens are obtained by using the client_credentials OAuth grant type:
application_token = client.Auth.client()
Application access tokens are short-lived: 1 hour. They do not include a refresh_token. When it expires, generate a new one using client.Auth.client().
The Dwolla Sandbox Dashboard allows you to generate tokens for your application. A Token can be initialized with the following attributes:
client.Token(access_token = '...',
expires_in = 123)
Once you've created a Token, currently, you can make low-level HTTP requests.
To make low-level HTTP requests, you can use the get(), post(), and delete() methods. These methods will return a Response object.
GET# GET api.dwolla.com/resource?foo=bar
token.get('resource', foo = 'bar')
# GET requests can also use objects as parameters
# GET api.dwolla.com/resource?foo=bar
token.get('resource', {'foo' = 'bar', 'baz' = 'foo'})
POST# POST api.dwolla.com/resource {"foo":"bar"}
token.post('resource', foo = 'bar')
# POST api.dwolla.com/resource multipart/form-data foo=...
token.post('resource', foo = ('mclovin.jpg', open('mclovin.jpg', 'rb'), 'image/jpeg'))
DELETE# DELETE api.dwolla.com/resource
token.delete('resource')
To set additional headers on a request you can pass a dict of headers as the 3rd argument.
For example:
token.post('customers', { 'firstName': 'John', 'lastName': 'Doe', 'email': 'jd@doe.com' },
{ 'Idempotency-Key': 'a52fcf63-0730-41c3-96e8-7147b5d1fb01' })
The following snippets demonstrate successful and errored responses from the Dwolla API.
An errored response is returned when Dwolla's servers respond with a status code that is greater than or equal to 400, whereas a successful response is when Dwolla's servers respond with a 200-level status code.
res = token.get('/')
res.status
# => 200
res.headers
# => {'server'=>'cloudflare-nginx', 'date'=>'Mon, 28 Mar 2016 15:30:23 GMT', 'content-type'=>'application/vnd.dwolla.v1.hal+json; charset=UTF-8', 'content-length'=>'150', 'connection'=>'close', 'set-cookie'=>'__cfduid=d9dcd0f586c166d36cbd45b992bdaa11b1459179023; expires=Tue, 28-Mar-17 15:30:23 GMT; path=/; domain=.dwolla.com; HttpOnly', 'x-request-id'=>'69a4e612-5dae-4c52-a6a0-2f921e34a88a', 'cf-ray'=>'28ac1f81875941e3-MSP'}
res.body['_links']['events']['href']
# => 'https://api-sandbox.dwolla.com/events'
If the server returns an error, a dwollav2.Error (or one of its subclasses) will be raised.
dwollav2.Errors are similar to Responses.
try:
token.get('/not-found')
except dwollav2.NotFoundError as e:
e.status
# => 404
e.headers
# => {"server"=>"cloudflare-nginx", "date"=>"Mon, 28 Mar 2016 15:35:32 GMT", "content-type"=>"application/vnd.dwolla.v1.hal+json; profile=\"http://nocarrier.co.uk/profiles/vnd.error/\"; charset=UTF-8", "content-length"=>"69", "connection"=>"close", "set-cookie"=>"__cfduid=da1478bfdf3e56275cd8a6a741866ccce1459179332; expires=Tue, 28-Mar-17 15:35:32 GMT; path=/; domain=.dwolla.com; HttpOnly", "access-control-allow-origin"=>"*", "x-request-id"=>"667fca74-b53d-43db-bddd-50426a011881", "cf-ray"=>"28ac270abca64207-MSP"}
e.body.code
# => "NotFound"
except dwollav2.Error:
# ...
dwollav2.Error subclasses:See https://developers.dwolla.com/api-reference#errors for more info.
dwollav2.AccessDeniedErrordwollav2.InvalidCredentialsErrordwollav2.NotFoundErrordwollav2.BadRequestErrordwollav2.InvalidGrantErrordwollav2.RequestTimeoutErrordwollav2.ExpiredAccessTokenErrordwollav2.InvalidRequestErrordwollav2.ServerErrordwollav2.ForbiddenErrordwollav2.InvalidResourceStateErrordwollav2.TemporarilyUnavailableErrordwollav2.InvalidAccessTokenErrordwollav2.InvalidScopeErrordwollav2.UnauthorizedClientErrordwollav2.InvalidAccountStatusErrordwollav2.InvalidScopesErrordwollav2.UnsupportedGrantTypeErrordwollav2.InvalidApplicationStatusErrordwollav2.InvalidVersionErrordwollav2.UnsupportedResponseTypeErrordwollav2.InvalidClientErrordwollav2.MethodNotAllowedErrordwollav2.ValidationErrordwollav2.TooManyRequestsErrordwollav2.ConflictErrorTake a look at the
Sample Application for examples
on how to use this SDK to call the Dwolla API. Before you can begin using the app, however,
you will need to specify a DWOLLA_APP_KEY and DWOLLA_APP_SECRET environment variable.
simplejson. Replace conditional simplejson import with explicit DecimalEncoder using standard library json module for consistent cross-environment behavior. Fixes #55. (#56 - Thanks @robotadam!)unittest2 to standard library unittest for modern Python compatibility. (#54 - Thanks @robotadam!)future dependency for cleaner dependency management. Fixes #52. (#53 Thanks @robotadam!)UpdateCredentialsError class for handling credential update scenarios in Open Banking integrations. Developers can now catch specific UpdateCredentialsError exceptions instead of generic Error when exchange sessions need re-authentication. Fixes #50simplejson so datatypes like Decimal still
serialize like they did pre 2.0.0requests.session() across instances of dwollav2.Clientdwolla.post. This ensures the
Idempotency-Key header will work as intended without additional effort by developers.1.6.0 will not match the
request body of the same request made in 2.0.0. This will nullify the effect of the
Idempotency-Key header when upgrading, so please take this into account.
If you have any questions please reach out to us!
There are no other changes since 1.6.0.requests options on dwollav2.Client.get, post, and delete methods to underlying requests methods.verified_account and dwolla_landing auth flagsTooManyRequestsError and ConflictErrorpip install -r requirements.txt to install dependencies. Then, run python setup.py test to run the tests.run pip install -e ..If you prefer to use Docker to run dwolla-v2-python locally, a Dockerfile is included at the root directory. Follow these instructions from Docker's website to create a Docker image from the Dockerfile, and run it.
To learn more about Dwolla and how to integrate our product with your application, please consider visiting the following resources and becoming a member of our community!
FAQs
Official Dwolla V2 API client
We found that dwollav2 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
minimatch patched three high-severity ReDoS vulnerabilities that can stall the Node.js event loop, and Socket has released free certified patches.
Research
/Security News
Socket uncovered 26 malicious npm packages tied to North Korea's Contagious Interview campaign, retrieving a live 9-module infostealer and RAT from the adversary's C2.
Research
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.