moneymade-connect-oauth-python-sdk
Readme
This package contains helpers which should be useful for integration with moneymade.io oauth feature.
pip install moneymade-connect-oauth-python-sdk
Firstly, receive public and private key from moneymade.io side. You are able to get it from console dashboard. (Contact moneymade devs team to add you to your project team)
from moneymade_connect_python_sdk import moneymade_connect
sdk = moneymade_connect.MoneyMadeConnect(private_key='private key',
public_key='public key',
env='development'
)
Oauth page receives signature and payload according to oauth page design.
Data interchage is protected by signature. Payload is base64 encoded string contains userId. (The userId is a link to external user who is going to share your provider data with moneymade.io)
Use base64_to_dict sdk method to transform payload to dict:
request_payload = sdk.base64_to_dict(payload)
Use sdk generate_signature method to generate signature for request validation:
generated_signature = sdk.generate_signature(payload_dict)
Full example how to validate request:
# this is a query string value which is received by your oauth page
received_qs = 'payload=eyJ1c2VySWQiOiJhYm&signature=fa595194c0'
query_params = sdk.query_string_to_dict(received_qs)
payload = query_params['payload']
signature = query_params['signature']
request_payload = sdk.base64_to_dict(payload)
if signature == sdk.generate_signature(request_payload):
# handle success oauth validation
else
# handle oauth error
After success request validation and handling userId linking you should to finish oauth request. See docs for more info.
Finish oauth payload depends on chosen data interchage stategy.
Payload for pushing strategy contains userId and user accounts data to be shared with moneymade.io. Accounts payload schema is agnostic. (Contact moneymade.io devs team to set up it for your accounts schema sample)
Typicall payload for pushing strategy looks like:
payload = {
"userId": 'id your read from oauth payload',
"accounts": [{
"id": 'some-account-id",
"balance": 1000,
"name": 'Checking account 1'
}]
}
Payload for pushing strategy contains userId and accessToken which is used to pull your endpoint for user info. (Contact moneymade.io devs team to set up API url to fetch user data and other's security points)
Payload for pushing strategy isn't agnostic and should look like:
payload = {
"userId": 'id your read from oauth payload',
"accessToken": 'access-token-to-pull-your-api'
}
If you chose pushing strategy, you should push moneymade.io API with user data to refresh it. You may use sdk push_accounts method to send us user's account data.
This payload schema is agnostic. (Contact moneymade.io devs team to set up it for your accounts schema sample)
Typically this payload looks like:
payload = {
"userId": "id your read from oauth payload before",
"accounts": [{
"id": 'some-account-id",
"balance": 1000,
"name": 'Checking account 1'
}]
}
We're working on it. Cooming soon :)
Use version = v2 to initialize sdk:
from moneymade_connect_python_sdk import moneymade_connect
sdk = moneymade_connect.MoneyMadeConnect(private_key='private key',
public_key='public key',
env='development',
version='v2'
)
SDK switches all logic for V2 version under the hood, you don't need to change anything on backend side. However, frontend should redirect page to callback url after handling oauth request. Use get_finish_oauth_redirect_url to get this url for received oauth-signature:
sdk.get_finish_oauth_redirect_url(oauth_signature)
This section contains hints for sdk developers to make development easier.
python -m pip install --upgrade buildpython -m buildpython -m twine upload --repository testpypi --skip-existing dist/*python -m pip install --index-url https://test.pypi.org/simple --upgrade moneymade-connect-oauth-python-sdkFAQs
Packages which makes simplier integration with MoneyMade OAuth feature
We found that moneymade-connect-oauth-python-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.
Security News
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.