Refactor code structure for improved readability and maintainability

Author: theLastOfCats

.github/dependabot.yml

@@ -5,7 +5,7 @@
 
 version: 2
 updates:
-  - package-ecosystem: "pip" # See documentation for possible values
+  - package-ecosystem: "uv" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
-      interval: "daily"
+      interval: "weekly"

.github/workflows/lint.yml

@@ -0,0 +1,30 @@
+name: Lint
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  workflow_dispatch:  # Allows manual triggering
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+
+    steps:
+    - uses: actions/checkout@main
+
+    - name: Install the latest version of uv
+      uses: astral-sh/setup-uv@v5
+      with:
+        enable-cache: true
+
+    - name: Lint with ruff
+      run: |
+        uvx --with cryptography ruff check
+
+    - name: Type check with mypy
+      run: |
+        uvx --with cryptography mypy httpx_pkcs12

.github/workflows/publish.yml

@@ -0,0 +1,95 @@
+name: Publish Python 🐍 distribution 📦 to PyPI and TestPyPI
+
+on: push
+
+jobs:
+  build:
+    name: Build distribution 📦
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        persist-credentials: false
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.x"
+    - name: Install pypa/build
+      run: >-
+        python3 -m
+        pip install
+        build
+        --user
+    - name: Build a binary wheel and a source tarball
+      run: python3 -m build
+    - name: Store the distribution packages
+      uses: actions/upload-artifact@v4
+      with:
+        name: python-package-distributions
+        path: dist/
+
+  publish-to-pypi:
+    name: >-
+      Publish Python 🐍 distribution 📦 to PyPI
+    if: startsWith(github.ref, 'refs/tags/')  # only publish to PyPI on tag pushes
+    needs:
+    - build
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/httpx-pkcs12
+    permissions:
+      id-token: write  # IMPORTANT: mandatory for trusted publishing
+
+    steps:
+    - name: Download all the dists
+      uses: actions/download-artifact@v4
+      with:
+        name: python-package-distributions
+        path: dist/
+    - name: Publish distribution 📦 to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
+
+  github-release:
+    name: >-
+      Sign the Python 🐍 distribution 📦 with Sigstore
+      and upload them to GitHub Release
+    needs:
+    - publish-to-pypi
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: write  # IMPORTANT: mandatory for making GitHub Releases
+      id-token: write  # IMPORTANT: mandatory for sigstore
+
+    steps:
+    - name: Download all the dists
+      uses: actions/download-artifact@v4
+      with:
+        name: python-package-distributions
+        path: dist/
+    - name: Sign the dists with Sigstore
+      uses: sigstore/gh-action-sigstore-python@v3.0.0
+      with:
+        inputs: >-
+          ./dist/*.tar.gz
+          ./dist/*.whl
+    - name: Create GitHub Release
+      env:
+        GITHUB_TOKEN: ${{ github.token }}
+      run: >-
+        gh release create
+        "$GITHUB_REF_NAME"
+        --repo "$GITHUB_REPOSITORY"
+        --notes ""
+    - name: Upload artifact signatures to GitHub Release
+      env:
+        GITHUB_TOKEN: ${{ github.token }}
+      # Upload to GitHub Release using the `gh` CLI.
+      # `dist/` contains the built packages, and the
+      # sigstore-produced signatures and certificates.
+      run: >-
+        gh release upload
+        "$GITHUB_REF_NAME" dist/**
+        --repo "$GITHUB_REPOSITORY"

.github/workflows/python-publish.yml

@@ -0,0 +1,39 @@
+name: Test
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  workflow_dispatch:  # Allows manual triggering
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.10", "3.11", "3.12"]
+
+    steps:
+    - uses: actions/checkout@main
+
+    - name: Install the latest version of uv
+      uses: astral-sh/setup-uv@v5
+      with:
+        enable-cache: true
+        python-version: ${{ matrix.python-version }}
+
+    - name: Install dependencies
+      run: |
+        uv sync --frozen --extra dev
+
+    - name: Test with pytest
+      run: |
+        uv run pytest --cov=httpx_pkcs12 --cov-report=xml
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v3
+      with:
+        file: ./coverage.xml
+        fail_ci_if_error: false

.github/workflows/test.yml

@@ -1,3 +1,16 @@
 .vscode
 .idea
-dist
+dist
+.venv
+__pycache__
+.pytest_cache
+.ruff_cache
+*.egg-info
+*.egg
+*.pdb
+*.log
+*.coverage
+*.cover
+*.hypothesis
+coverage*
+htmlcov

.gitignore

@@ -0,0 +1 @@
+3.12

.python-version

@@ -1,19 +1,119 @@
-## httpx-pkcs12
+# httpx-pkcs12
 
-Addon which activates PKCS12 certificates usage with HTTPX client.
+Enhanced PKCS12 (PFX/P12) certificate support for the HTTPX Python client. This package allows you to easily use PKCS12 certificates with HTTPX for client certificate authentication.
+
+## Features
+
+- Simple API for loading PKCS12 certificates
+- Support for certificate validation
+- Extract certificate information
+- Works with both file paths and certificate data
+- Accepts passwords as strings or bytes
+- Proper cleanup of temporary certificate files
+- Comprehensive type hints
+
+## Installation
+
+```bash
+pip install httpx-pkcs12
+```
+
+Or with uv:
+
+```bash
+uv add httpx-pkcs12
+```
 
 ## Usage
+
+### Basic Usage
+
 ```python
-with open('path/to/your/cert', 'rb') as f:
-    cert_contents = f.read()
-password = 'your-secret-password'
+import httpx
+from httpx_pkcs12 import create_ssl_context
 
-context = create_ssl_context(cert_contents, password)
+# Load certificate from file
+context = create_ssl_context(
+    'path/to/your/cert.p12',
+    password='your-secret-password'
+)
 
-# async version
+# With async client
 async with httpx.AsyncClient(verify=context) as client:
-    response = ...
+    response = await client.get('https://api.example.com')
+
+# With sync client
+with httpx.Client(verify=context) as client:
+    response = client.get('https://api.example.com')
+
+# Or for a one-off request
+response = httpx.get('https://api.example.com', verify=context)
+```
+
+### Advanced Usage
+
+```python
+from httpx_pkcs12 import create_ssl_context, get_certificate_info
+
+# Load certificate directly from bytes
+with open('path/to/cert.p12', 'rb') as f:
+    cert_data = f.read()
+
+# Create context without validation (for expired certs)
+context = create_ssl_context(
+    cert_data,
+    password='your-password',
+    validate=False
+)
+
+# Get certificate information
+not_before, not_after, common_name, alt_names = get_certificate_info(
+    'path/to/cert.p12',
+    password='your-password'
+)
+
+print(f"Certificate: {common_name}")
+print(f"Valid from: {not_before}")
+print(f"Valid until: {not_after}")
+print(f"Alternative names: {', '.join(alt_names)}")
+```
+
+## API Reference
+
+### `create_ssl_context(pkcs12_data, password=None, validate=True)`
+
+Creates an SSL context from PKCS12 data.
+
+- **pkcs12_data**: The PKCS12 certificate data as bytes or a path to the file
+- **password**: Password to decrypt the PKCS12 data (string or bytes)
+- **validate**: Whether to validate certificate expiration
+- **Returns**: An SSLContext object configured with the certificate
+
+### `load_pkcs12_from_file(certificate_path, password=None, validate=True)`
+
+Convenience function to create an SSL context from a PKCS12 certificate file.
+
+- **certificate_path**: Path to the PKCS12 certificate file
+- **password**: Password to decrypt the PKCS12 data
+- **validate**: Whether to validate certificate expiration
+- **Returns**: An SSLContext object configured with the certificate
+
+### `get_certificate_info(pkcs12_data, password=None)`
+
+Extracts and returns information about the certificate.
+
+- **pkcs12_data**: The PKCS12 certificate data or file path
+- **password**: Password to decrypt the PKCS12 data
+- **Returns**: Tuple with (not_valid_before, not_valid_after, common_name, alt_names)
+
+## Error Handling
+
+The package raises the following exceptions:
+
+- `CertificateError`: For certificate validation issues
+- `ValueError`: For invalid input data
+- `IOError`: For file operation failures
+
+## License
 
-# or sync version
-response = httpx.get(..., verify=context)
-```
+MIT