cuenca-mx
diff --git a/‎cuenca/http/client.py‎
Lines changed: 63 additions & 15 deletions b/‎cuenca/http/client.py‎
Lines changed: 63 additions & 15 deletions
diff --git a/‎cuenca/resources/__init__.py‎
Lines changed: 3 additions & 0 deletions b/‎cuenca/resources/__init__.py‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎cuenca/resources/base.py‎
Lines changed: 12 additions & 2 deletions b/‎cuenca/resources/base.py‎
Lines changed: 12 additions & 2 deletions
diff --git a/‎cuenca/resources/cards.py‎
Lines changed: 70 additions & 0 deletions b/‎cuenca/resources/cards.py‎
Lines changed: 70 additions & 0 deletions
diff --git a/‎requirements.txt‎
Lines changed: 2 additions & 1 deletion b/‎requirements.txt‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎setup.cfg‎
Lines changed: 3 additions & 0 deletions b/‎setup.cfg‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎setup.py‎
Lines changed: 3 additions & 2 deletions b/‎setup.py‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎tests/http/conftest.py‎
Lines changed: 14 additions & 0 deletions b/‎tests/http/conftest.py‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎tests/http/test_client.py‎
Lines changed: 44 additions & 0 deletions b/‎tests/http/test_client.py‎
Lines changed: 44 additions & 0 deletions
@@ -1,8 +1,9 @@
 import os
-from typing import Optional, Tuple
+from typing import Optional, Tuple, Union
 from urllib.parse import urljoin
 
 import requests
+from aws_requests_auth.aws_auth import AWSRequestsAuth
 from cuenca_validations.typing import (
     ClientRequestParams,
     DictStrAny,
@@ -13,15 +14,17 @@
 from ..exc import CuencaResponseException
 from ..version import API_VERSION, CLIENT_VERSION
 
-API_URL = 'https://api.cuenca.com'
-SANDBOX_URL = 'https://sandbox.cuenca.com'
+API_HOST = 'api.cuenca.com'
+SANDBOX_HOST = 'sandbox.cuenca.com'
+AWS_DEFAULT_REGION = 'us-east-1'
+AWS_SERVICE = 'execute-api'
 
 
 class Session:
 
-    base_url: str
-    auth: Tuple[str, str]
-    webhook_secret: Optional[str]
+    host: str = API_HOST
+    basic_auth: Tuple[str, str]
+    iam_auth: Optional[AWSRequestsAuth] = None
     session: requests.Session
 
     def __init__(self):
@@ -32,30 +35,72 @@ def __init__(self):
                 'User-Agent': f'cuenca-python/{CLIENT_VERSION}',
             }
         )
-        self.base_url = API_URL
+
+        # basic auth
         api_key = os.getenv('CUENCA_API_KEY', '')
         api_secret = os.getenv('CUENCA_API_SECRET', '')
-        self.webhook_secret = os.getenv('CUENCA_WEBHOOK_SECRET')
-        self.auth = (api_key, api_secret)
+        self.basic_auth = (api_key, api_secret)
+
+        # IAM auth
+        aws_access_key = os.getenv('AWS_ACCESS_KEY_ID', '')
+        aws_secret_access_key = os.getenv('AWS_SECRET_ACCESS_KEY', '')
+        aws_region = os.getenv('AWS_DEFAULT_REGION', AWS_DEFAULT_REGION)
+        if aws_access_key and aws_secret_access_key:
+            self.iam_auth = AWSRequestsAuth(
+                aws_access_key=aws_access_key,
+                aws_secret_access_key=aws_secret_access_key,
+                aws_host=self.host,
+                aws_region=aws_region,
+                aws_service=AWS_SERVICE,
+            )
+
+    @property
+    def auth(self) -> Union[AWSRequestsAuth, Tuple[str, str]]:
+        # preference to basic auth
+        return self.basic_auth if all(self.basic_auth) else self.iam_auth
 
     def configure(
         self,
         api_key: Optional[str] = None,
         api_secret: Optional[str] = None,
-        webhook_secret: Optional[str] = None,
+        aws_access_key: Optional[str] = None,
+        aws_secret_access_key: Optional[str] = None,
+        aws_region: str = AWS_DEFAULT_REGION,
         sandbox: Optional[bool] = None,
     ):
         """
         This allows us to instantiate the http client when importing the
         client library and configure it later. It's also useful when rolling
         the api key
         """
-        self.auth = (api_key or self.auth[0], api_secret or self.auth[1])
-        self.webhook_secret = webhook_secret or self.webhook_secret
         if sandbox is False:
-            self.base_url = API_URL
+            self.host = API_HOST
         elif sandbox is True:
-            self.base_url = SANDBOX_URL
+            self.host = SANDBOX_HOST
+
+        # basic auth
+        self.basic_auth = (
+            api_key or self.basic_auth[0],
+            api_secret or self.basic_auth[1],
+        )
+
+        # IAM auth
+        if self.iam_auth is not None:
+            self.iam_auth.aws_access_key = (
+                aws_access_key or self.iam_auth.aws_access_key
+            )
+            self.iam_auth.aws_secret_access_key = (
+                aws_secret_access_key or self.iam_auth.aws_secret_access_key
+            )
+            self.iam_auth.aws_region = aws_region or self.iam_auth.aws_region
+        elif aws_access_key and aws_secret_access_key:
+            self.iam_auth = AWSRequestsAuth(
+                aws_access_key=aws_access_key,
+                aws_secret_access_key=aws_secret_access_key,
+                aws_host=self.host,
+                aws_region=aws_region,
+                aws_service=AWS_SERVICE,
+            )
 
     def get(
         self, endpoint: str, params: ClientRequestParams = None,
@@ -65,6 +110,9 @@ def get(
     def post(self, endpoint: str, data: DictStrAny) -> DictStrAny:
         return self.request('post', endpoint, data=data)
 
+    def patch(self, endpoint: str, data: DictStrAny) -> DictStrAny:
+        return self.request('patch', endpoint, data=data)
+
     def delete(self, endpoint: str, data: OptionalDict = None) -> DictStrAny:
         return self.request('delete', endpoint, data=data)
 
@@ -78,7 +126,7 @@ def request(
     ) -> DictStrAny:
         resp = self.session.request(
             method=method,
-            url=self.base_url + urljoin('/', endpoint),
+            url='https://' + self.host + urljoin('/', endpoint),
             auth=self.auth,
             json=data,
             params=params,
 
@@ -2,6 +2,7 @@
     'ApiKey',
     'Account',
     'BalanceEntry',
+    'Card',
     'Commission',
     'Deposit',
     'Transfer',
@@ -11,6 +12,7 @@
 from .accounts import Account
 from .api_keys import ApiKey
 from .balance_entries import BalanceEntry
+from .cards import Card
 from .commissions import Commission
 from .deposits import Deposit
 from .resources import RESOURCES
@@ -22,6 +24,7 @@
     ApiKey,
     Account,
     BalanceEntry,
+    Card,
     Commission,
     Deposit,
     Transfer,
 
@@ -6,8 +6,8 @@
 from cuenca_validations.types import (
     QueryParams,
     SantizedDict,
-    Status,
     TransactionQuery,
+    TransactionStatus,
 )
 
 from ..exc import MultipleResultsFound, NoResultFound
@@ -63,6 +63,16 @@ def _create(cls, **data) -> Resource:
         return cls._from_dict(resp)
 
 
+@dataclass
+class Updateable(Resource):
+    updated_at: dt.datetime
+
+    @classmethod
+    def _update(cls, id: str, **data) -> Resource:
+        resp = session.patch(f'/{cls._resource}/{id}', data)
+        return cls._from_dict(resp)
+
+
 @dataclass
 class Queryable(Resource):
     _query_params: ClassVar = QueryParams
@@ -114,5 +124,5 @@ class Transaction(Retrievable, Queryable):
     _query_params: ClassVar = TransactionQuery
 
     amount: int  # in centavos
-    status: Status
+    status: TransactionStatus
     descriptor: str  # how it appears for the customer
@@ -0,0 +1,70 @@
+from typing import ClassVar, Optional, cast
+
+from cuenca_validations.types import CardStatus, CardType
+from cuenca_validations.types.queries import CardQuery
+from cuenca_validations.types.requests import CardRequest, CardUpdateRequest
+from pydantic.dataclasses import dataclass
+
+from cuenca.resources.base import Creatable, Queryable, Retrievable, Updateable
+
+from ..http import session
+
+
+@dataclass
+class Card(Retrievable, Queryable, Creatable, Updateable):
+    _resource: ClassVar = 'cards'
+    _query_params: ClassVar = CardQuery
+
+    user_id: str
+    ledger_account_id: str
+    number: str
+    exp_month: int
+    exp_year: int
+    cvv2: str
+    type: CardType
+    status: CardStatus
+
+    @classmethod
+    def create(cls, ledger_account_id: str, user_id: str) -> 'Card':
+        """
+        Assigns user_id and ledger_account_id to a existing card
+
+        :param ledger_account_id: associated ledger account id
+        :param user_id: associated user id
+        :return: New assigned card
+        """
+        req = CardRequest(ledger_account_id=ledger_account_id, user_id=user_id)
+        return cast('Card', cls._create(**req.dict()))
+
+    @classmethod
+    def update(
+        cls,
+        card_id: str,
+        user_id: Optional[str] = None,
+        ledger_account_id: Optional[str] = None,
+        status: Optional[CardStatus] = None,
+    ):
+        """
+        Updates card properties that are not sensitive or fixed data. It allows
+        reconfigure properties like status, and manufacturer.
+
+        :param card_id: existing card_id
+        :param user_id: owner user id
+        :param ledger_account_id: owner ledger account
+        :param status:
+        :return: Updated card object
+        """
+        req = CardUpdateRequest(
+            user_id=user_id, ledger_account_id=ledger_account_id, status=status
+        )
+        resp = cls._update(card_id, **req.dict(exclude_none=True))
+        return cast('Card', resp)
+
+    @classmethod
+    def deactivate(cls, card_id: str) -> 'Card':
+        """
+        Deactivates a card
+        """
+        url = f'{cls._resource}/{card_id}'
+        resp = session.delete(url)
+        return cast('Card', cls._from_dict(resp))
@@ -1,3 +1,4 @@
 requests==2.24.0
-cuenca-validations==0.4.3
+cuenca-validations==0.5.0
 dataclasses>=0.7;python_version<"3.7"
+aws-requests-auth==0.4.3
@@ -16,3 +16,6 @@ combine_as_imports=True
 
 [mypy-pytest]
 ignore_missing_imports = True
+
+[mypy-aws_requests_auth.*]
+ignore_missing_imports = True
@@ -11,7 +11,7 @@
 
 setup(
     name='cuenca',
-    version=version.CLIENT_VERSION,
+    version=version.__version__,
     author='Cuenca',
     author_email='dev@cuenca.com',
     description='Cuenca API Client',
@@ -23,8 +23,9 @@
     package_data=dict(cuenca=['py.typed']),
     python_requires='>=3.6',
     install_requires=[
+        'aws-requests-auth==0.4.3',
         'requests>=2.24,<2.25',
-        'cuenca-validations>=0.4,<0.5',
+        'cuenca-validations>=0.5.0,<0.6.0',
         'dataclasses>=0.7;python_version<"3.7"',
     ],
     classifiers=[
 
@@ -0,0 +1,14 @@
+import pytest
+
+
+@pytest.fixture
+def cuenca_creds(monkeypatch) -> None:
+    monkeypatch.setenv('CUENCA_API_KEY', 'api_key')
+    monkeypatch.setenv('CUENCA_API_SECRET', 'secret')
+
+
+@pytest.fixture
+def aws_creds(monkeypatch) -> None:
+    monkeypatch.setenv('AWS_ACCESS_KEY_ID', 'aws_key')
+    monkeypatch.setenv('AWS_SECRET_ACCESS_KEY', 'aws_secret')
+    monkeypatch.setenv('AWS_DEFAULT_REGION', 'us-east-1')
@@ -12,3 +12,47 @@ def test_invalid_auth():
         session.post('/api_keys', dict())
     assert e.value.status_code == 401
     assert str(e.value)
+
+
+@pytest.mark.usefixtures('cuenca_creds')
+def test_basic_auth_configuration():
+    session = Session()
+    assert session.auth == session.basic_auth
+    assert session.auth == ('api_key', 'secret')
+    assert not session.iam_auth
+
+
+@pytest.mark.usefixtures('cuenca_creds', 'aws_creds')
+def test_gives_preference_to_basic_auth_configuration():
+    session = Session()
+    assert session.auth == session.basic_auth
+    assert session.iam_auth
+
+
+@pytest.mark.usefixtures('aws_creds')
+def test_aws_iam_auth_configuration():
+    session = Session()
+    assert session.auth == session.iam_auth
+
+
+def test_configures_new_aws_creds():
+    session = Session()
+    session.configure(
+        aws_access_key='new_aws_key', aws_secret_access_key='new_aws_secret'
+    )
+    assert session.auth.aws_secret_access_key == 'new_aws_secret'
+    assert session.auth.aws_access_key == 'new_aws_key'
+    assert session.auth.aws_region == 'us-east-1'
+
+
+@pytest.mark.usefixtures('aws_creds')
+def test_overrides_aws_creds():
+    session = Session()
+    session.configure(
+        aws_access_key='new_aws_key',
+        aws_secret_access_key='new_aws_secret',
+        aws_region='us-east-2',
+    )
+    assert session.auth.aws_secret_access_key == 'new_aws_secret'
+    assert session.auth.aws_access_key == 'new_aws_key'
+    assert session.auth.aws_region == 'us-east-2'