Announcing `pyonepassword` update for CLI 2.x

zcutlip
zcutlip
Community Member
in CLI

Hello,

I'm really excited to share the newly updated pyonepassword. It's a nearly complete rewrite for compatibility with the new (well...new when I started the rewrite) op 2.x.

You can view it on GitHub, and you can install it with pip:

$ pip3 install pyonepassword

During the rewrite I've given some thought to what pyonepassword should be. You can think of it has having two parts:

  1. Convenience Python classes for the various objects that the op command returns
  2. A full-fledged API for querying a 1Password account

Note: I've completely removed the item creation functionality that was present in the last version. I plan to rethink how this should work, and add it back before too long

If you already have a workflow to drive the op command, handle authentication, and so forth, but would benefit from an API that can ingest op's JSON and give you Python objects, you're in luck, number one might be just what you need.

On the other hand, if you're using op manually (maybe along side jq), or in shell scripts (or maybe not at all), and you'd like a full-service Python API rather than console commands, number two does that.

In just a few lines of Python, you turn op's JSON into proper Python objects:

from pyonepassword.api.object_types import OPLoginItem

login_item = OPLoginItem(login_item_json)


print(login_item.username)
print(login_item.password)
print(login_item.primary_url.href)

All the object types are fundmentally dictionaries, so you can do normal dictionary stuff:

# login_item is also a dictionary:
print(login_item["username"] == login_item.username)

On the other hand, if you want to fully automate connecting to and querying a 1Password account, you can use the OP class. It supports op's various authentication scenarios (biometric, password, reuse existing session, etc.), which I won't get into here. But in the simplest case, just instantiate your OP object with no arguments. Then use it to query your account:

from pyonepassword import OP
from pyonepassword.api.object_types import OPLoginItem

def do_signin():
    op = None
    if OP.uses_biometric():
        # no need to provide any authentication parameters if biometric is enabled
        op = OP()

    return op


def main():
    op = do_signin()
    if not op:
        print("uh oh, didn't sign in")
        exit(1)
    login: OPLoginItem = op.item_get("Example Login")
    print(login.password)

There's lots more in the README and in the examples. I hope it's useful! Please don't hesitate to contact me with questions, GitHub issues, or pull requests.

Cheers,
Zach

Comments

  • simon_1P
    simon_1P

    This is awesome! 💚 And thank you for sharing this here in the community!

  • simon_1P
    simon_1P

    @ebreton I know you're also using 1Password CLI from Python, so I thought you might appreciate a ping on this thread to learn about this library.

  • ebreton
    ebreton
    Community Member

    Hi @simon_1P ! Thanks a lot for the ping. Much appreciated :)

    @zcutlip , my company is using op from python as a configuration manager for a fleet of IoT devices. I will try to share what we have done with you through your github repo.

    Cheers,
    Emmanuel

  • zcutlip
    zcutlip
    Community Member

    @ebreton, yes please do!

    I wrote it mostly for my own use in personal projects, so I'm interested to know how/if it's useful for Serious Users™ (or if it's not!).

    cheers

This discussion has been closed.