Extract CredentialVaultService (#3669)

2025-10-09 11:39:01 -06:00
parent e5e812ff67
commit 1421bc10c6
6 changed files with 208 additions and 128 deletions
--- a/skyvern/forge/sdk/routes/credentials.py
+++ b/skyvern/forge/sdk/routes/credentials.py
@@ -155,37 +155,12 @@ async def create_credential(
    ),
    current_org: Organization = Depends(org_auth_service.get_current_org),
 ) -> CredentialResponse:
-    org_collection = await app.DATABASE.get_organization_bitwarden_collection(current_org.organization_id)
-
-    if not org_collection:
-        LOG.info(
-            "There is no collection for the organization. Creating new collection.",
-            organization_id=current_org.organization_id,
-        )
-        collection_id = await BitwardenService.create_collection(
-            name=current_org.organization_id,
-        )
-        org_collection = await app.DATABASE.create_organization_bitwarden_collection(
-            current_org.organization_id,
-            collection_id,
-        )
-
-    item_id = await BitwardenService.create_credential_item(
-        collection_id=org_collection.collection_id,
-        name=data.name,
-        credential=data.credential,
-    )
-
-    credential = await app.DATABASE.create_credential(
-        organization_id=current_org.organization_id,
-        item_id=item_id,
-        name=data.name,
-        credential_type=data.credential_type,
-        totp_type=data.credential.totp_type if hasattr(data.credential, "totp_type") else "none",
+    credential = await app.CREDENTIAL_VAULT_SERVICE.create_credential(
+        organization_id=current_org.organization_id, data=data
    )

    # Early resyncing the Bitwarden vault
-    background_tasks.add_task(fetch_credential_item_background, item_id)
+    background_tasks.add_task(fetch_credential_item_background, credential.item_id)

    if data.credential_type == CredentialType.PASSWORD:
        credential_response = PasswordCredentialResponse(
@@ -209,6 +184,8 @@ async def create_credential(
            credential_type=data.credential_type,
            name=data.name,
        )
+    else:
+        raise HTTPException(status_code=400, detail=f"Unsupported credential type: {data.credential_type}")


@legacy_base_router.delete("/credentials/{credential_id}")
@@ -238,20 +215,13 @@ async def delete_credential(
    ),
    current_org: Organization = Depends(org_auth_service.get_current_org),
 ) -> None:
-    organization_bitwarden_collection = await app.DATABASE.get_organization_bitwarden_collection(
-        current_org.organization_id
-    )
-    if not organization_bitwarden_collection:
-        raise HTTPException(status_code=404, detail="Credential account not found. It might have been deleted.")
-
    credential = await app.DATABASE.get_credential(
        credential_id=credential_id, organization_id=current_org.organization_id
    )
    if not credential:
        raise HTTPException(status_code=404, detail=f"Credential not found, credential_id={credential_id}")

-    await app.DATABASE.delete_credential(credential.credential_id, current_org.organization_id)
-    await BitwardenService.delete_credential_item(credential.item_id)
+    await app.CREDENTIAL_VAULT_SERVICE.delete_credential(credential)

    return None

@@ -283,45 +253,7 @@ async def get_credential(
    ),
    current_org: Organization = Depends(org_auth_service.get_current_org),
 ) -> CredentialResponse:
-    organization_bitwarden_collection = await app.DATABASE.get_organization_bitwarden_collection(
-        current_org.organization_id
-    )
-    if not organization_bitwarden_collection:
-        raise HTTPException(status_code=404, detail="Credential account not found. It might have been deleted.")
-
-    credential = await app.DATABASE.get_credential(
-        credential_id=credential_id, organization_id=current_org.organization_id
-    )
-    if not credential:
-        raise HTTPException(status_code=404, detail="Credential not found")
-
-    credential_item = await BitwardenService.get_credential_item(credential.item_id)
-    if not credential_item:
-        raise HTTPException(status_code=404, detail="Credential not found")
-
-    if credential_item.credential_type == CredentialType.PASSWORD:
-        credential_response = PasswordCredentialResponse(
-            username=credential_item.credential.username,
-            totp_type=credential.totp_type,
-        )
-        return CredentialResponse(
-            credential=credential_response,
-            credential_id=credential.credential_id,
-            credential_type=credential_item.credential_type,
-            name=credential_item.name,
-        )
-    if credential_item.credential_type == CredentialType.CREDIT_CARD:
-        credential_response = CreditCardCredentialResponse(
-            last_four=credential_item.credential.card_number[-4:],
-            brand=credential_item.credential.card_brand,
-        )
-        return CredentialResponse(
-            credential=credential_response,
-            credential_id=credential.credential_id,
-            credential_type=credential_item.credential_type,
-            name=credential_item.name,
-        )
-    raise HTTPException(status_code=400, detail="Invalid credential type")
+    return await app.CREDENTIAL_VAULT_SERVICE.get_credential(current_org.organization_id, credential_id)


@legacy_base_router.get("/credentials")
@@ -359,47 +291,7 @@ async def get_credentials(
        openapi_extra={"x-fern-sdk-parameter-name": "page_size"},
    ),
 ) -> list[CredentialResponse]:
-    organization_bitwarden_collection = await app.DATABASE.get_organization_bitwarden_collection(
-        current_org.organization_id
-    )
-    if not organization_bitwarden_collection:
-        return []
-
-    credentials = await app.DATABASE.get_credentials(current_org.organization_id, page=page, page_size=page_size)
-    items = await BitwardenService.get_collection_items(organization_bitwarden_collection.collection_id)
-
-    response_items = []
-    for credential in credentials:
-        item = next((item for item in items if item.item_id == credential.item_id), None)
-        if not item:
-            continue
-        if item.credential_type == CredentialType.PASSWORD:
-            credential_response = PasswordCredentialResponse(
-                username=item.credential.username,
-                totp_type=credential.totp_type,
-            )
-            response_items.append(
-                CredentialResponse(
-                    credential=credential_response,
-                    credential_id=credential.credential_id,
-                    credential_type=item.credential_type,
-                    name=item.name,
-                )
-            )
-        elif item.credential_type == CredentialType.CREDIT_CARD:
-            credential_response = CreditCardCredentialResponse(
-                last_four=item.credential.card_number[-4:],
-                brand=item.credential.card_brand,
-            )
-            response_items.append(
-                CredentialResponse(
-                    credential=credential_response,
-                    credential_id=credential.credential_id,
-                    credential_type=item.credential_type,
-                    name=item.name,
-                )
-            )
-    return response_items
+    return await app.CREDENTIAL_VAULT_SERVICE.get_credentials(current_org.organization_id, page, page_size)


@base_router.get(