fix(platform): expose SecretValue on assets

Author: GabrielVasilescu04

packages/uipath-platform/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "uipath-platform"
-version = "0.1.64"
+version = "0.1.65"
 description = "HTTP client library for programmatic access to UiPath Platform"
 readme = { file = "README.md", content-type = "text/markdown" }
 requires-python = ">=3.11"

packages/uipath-platform/src/uipath/platform/orchestrator/_assets_service.py

@@ -283,6 +283,14 @@ async def retrieve_async(
         else:
             return Asset.model_validate(response.json()["value"][0])
 
+    def _ensure_robot_context(self) -> None:
+        try:
+            is_user = self._execution_context.robot_key is not None
+        except ValueError:
+            is_user = False
+        if not is_user:
+            raise ValueError("This method can only be used for robot assets.")
+
     @resource_override(resource_type="asset")
     @traced(
         name="assets_credential", run_type="uipath", hide_input=True, hide_output=True
@@ -294,11 +302,9 @@ def retrieve_credential(
         folder_key: Optional[str] = None,
         folder_path: Optional[str] = None,
     ) -> Optional[str]:
-        """Gets a specified Orchestrator credential.
-
-        The robot id is retrieved from the execution context (`UIPATH_ROBOT_KEY` environment variable)
+        """Get the decrypted password of a Credential asset.
 
-        Related Activity: [Get Credential](https://docs.uipath.com/activities/other/latest/workflow/get-robot-credential)
+        The robot id is retrieved from the execution context (`UIPATH_ROBOT_KEY` environment variable).
 
         Args:
             name (str): The name of the credential asset.
@@ -309,22 +315,10 @@ def retrieve_credential(
             Optional[str]: The decrypted credential password.
 
         Raises:
-            ValueError: If the method is called for a user asset.
+            ValueError: If called outside a robot context (no `UIPATH_ROBOT_KEY`).
         """
-        try:
-            is_user = self._execution_context.robot_key is not None
-        except ValueError:
-            is_user = False
-
-        if not is_user:
-            raise ValueError("This method can only be used for robot assets.")
-
-        spec = self._retrieve_spec(
-            name,
-            folder_key=folder_key,
-            folder_path=folder_path,
-        )
-
+        self._ensure_robot_context()
+        spec = self._retrieve_spec(name, folder_key=folder_key, folder_path=folder_path)
         response = self.request(
             spec.method,
             url=spec.endpoint,
@@ -333,10 +327,7 @@ def retrieve_credential(
             content=spec.content,
             headers=spec.headers,
         )
-
-        user_asset = UserAsset.model_validate(response.json())
-
-        return user_asset.credential_password
+        return UserAsset.model_validate(response.json()).credential_password
 
     @resource_override(resource_type="asset")
     @traced(
@@ -349,11 +340,9 @@ async def retrieve_credential_async(
         folder_key: Optional[str] = None,
         folder_path: Optional[str] = None,
     ) -> Optional[str]:
-        """Asynchronously gets a specified Orchestrator credential.
+        """Asynchronously get the decrypted password of a Credential asset.
 
-        The robot id is retrieved from the execution context (`UIPATH_ROBOT_KEY` environment variable)
-
-        Related Activity: [Get Credential](https://docs.uipath.com/activities/other/latest/workflow/get-robot-credential)
+        The robot id is retrieved from the execution context (`UIPATH_ROBOT_KEY` environment variable).
 
         Args:
             name (str): The name of the credential asset.
@@ -364,34 +353,91 @@ async def retrieve_credential_async(
             Optional[str]: The decrypted credential password.
 
         Raises:
-            ValueError: If the method is called for a user asset.
+            ValueError: If called outside a robot context (no `UIPATH_ROBOT_KEY`).
         """
-        try:
-            is_user = self._execution_context.robot_key is not None
-        except ValueError:
-            is_user = False
+        self._ensure_robot_context()
+        spec = self._retrieve_spec(name, folder_key=folder_key, folder_path=folder_path)
+        response = await self.request_async(
+            spec.method,
+            url=spec.endpoint,
+            params=spec.params,
+            json=spec.json,
+            content=spec.content,
+            headers=spec.headers,
+        )
+        return UserAsset.model_validate(response.json()).credential_password
 
-        if not is_user:
-            raise ValueError("This method can only be used for robot assets.")
+    @resource_override(resource_type="asset")
+    @traced(name="assets_secret", run_type="uipath", hide_input=True, hide_output=True)
+    def retrieve_secret(
+        self,
+        name: str,
+        *,
+        folder_key: Optional[str] = None,
+        folder_path: Optional[str] = None,
+    ) -> Optional[str]:
+        """Get the decrypted value of a Secret asset.
 
-        spec = self._retrieve_spec(
-            name,
-            folder_key=folder_key,
-            folder_path=folder_path,
-        )
+        The robot id is retrieved from the execution context (`UIPATH_ROBOT_KEY` environment variable).
 
-        response = await self.request_async(
+        Args:
+            name (str): The name of the secret asset.
+            folder_key (Optional[str]): The key of the folder to execute the process in. Override the default one set in the SDK config.
+            folder_path (Optional[str]): The path of the folder to execute the process in. Override the default one set in the SDK config.
+
+        Returns:
+            Optional[str]: The decrypted secret value.
+
+        Raises:
+            ValueError: If called outside a robot context (no `UIPATH_ROBOT_KEY`).
+        """
+        self._ensure_robot_context()
+        spec = self._retrieve_spec(name, folder_key=folder_key, folder_path=folder_path)
+        response = self.request(
             spec.method,
             url=spec.endpoint,
             params=spec.params,
             json=spec.json,
             content=spec.content,
             headers=spec.headers,
         )
+        return UserAsset.model_validate(response.json()).secret_value
 
-        user_asset = UserAsset.model_validate(response.json())
+    @resource_override(resource_type="asset")
+    @traced(name="assets_secret", run_type="uipath", hide_input=True, hide_output=True)
+    async def retrieve_secret_async(
+        self,
+        name: str,
+        *,
+        folder_key: Optional[str] = None,
+        folder_path: Optional[str] = None,
+    ) -> Optional[str]:
+        """Asynchronously get the decrypted value of a Secret asset.
+
+        The robot id is retrieved from the execution context (`UIPATH_ROBOT_KEY` environment variable).
+
+        Args:
+            name (str): The name of the secret asset.
+            folder_key (Optional[str]): The key of the folder to execute the process in. Override the default one set in the SDK config.
+            folder_path (Optional[str]): The path of the folder to execute the process in. Override the default one set in the SDK config.
+
+        Returns:
+            Optional[str]: The decrypted secret value.
 
-        return user_asset.credential_password
+        Raises:
+            ValueError: If called outside a robot context (no `UIPATH_ROBOT_KEY`).
+        """
+        self._ensure_robot_context()
+        spec = self._retrieve_spec(name, folder_key=folder_key, folder_path=folder_path)
+        response = await self.request_async(
+            spec.method,
+            url=spec.endpoint,
+            params=spec.params,
+            json=spec.json,
+            content=spec.content,
+            headers=spec.headers,
+        )
+        return UserAsset.model_validate(response.json()).secret_value
 
     @traced(name="assets_update", run_type="uipath", hide_input=True, hide_output=True)
     def update(

packages/uipath-platform/src/uipath/platform/orchestrator/assets.py

@@ -38,6 +38,7 @@ class UserAsset(BaseModel):
     int_value: Optional[int] = Field(default=None, alias="IntValue")
     credential_username: Optional[str] = Field(default=None, alias="CredentialUsername")
     credential_password: Optional[str] = Field(default=None, alias="CredentialPassword")
+    secret_value: Optional[str] = Field(default=None, alias="SecretValue")
     external_name: Optional[str] = Field(default=None, alias="ExternalName")
     credential_store_id: Optional[int] = Field(default=None, alias="CredentialStoreId")
     key_value_list: Optional[List[Dict[str, str]]] = Field(
@@ -69,5 +70,6 @@ class Asset(BaseModel):
     int_value: Optional[int] = Field(default=None, alias="IntValue")
     credential_username: Optional[str] = Field(default=None, alias="CredentialUsername")
     credential_password: Optional[str] = Field(default=None, alias="CredentialPassword")
+    secret_value: Optional[str] = Field(default=None, alias="SecretValue")
     external_name: Optional[str] = Field(default=None, alias="ExternalName")
     credential_store_id: Optional[int] = Field(default=None, alias="CredentialStoreId")

packages/uipath-platform/tests/services/test_assets_service.py

@@ -417,6 +417,106 @@ async def test_retrieve_credential_async(
             == f"UiPath.Python.Sdk/UiPath.Python.Sdk.Activities.AssetsService.retrieve_credential_async/{version}"
         )
 
+    def test_retrieve_secret(
+        self,
+        httpx_mock: HTTPXMock,
+        service: AssetsService,
+        base_url: str,
+        org: str,
+        tenant: str,
+    ) -> None:
+        """retrieve_secret returns SecretValue for Secret-type assets."""
+        httpx_mock.add_response(
+            url=f"{base_url}{org}{tenant}/orchestrator_/odata/Assets/UiPath.Server.Configuration.OData.GetRobotAssetByNameForRobotKey",
+            status_code=200,
+            json={
+                "Id": 1,
+                "Name": "Test Secret",
+                "ValueType": "Secret",
+                "SecretValue": "super-secret-value",
+            },
+        )
+
+        secret = service.retrieve_secret(name="Test Secret")
+
+        assert secret == "super-secret-value"
+
+    async def test_retrieve_secret_async(
+        self,
+        httpx_mock: HTTPXMock,
+        service: AssetsService,
+        base_url: str,
+        org: str,
+        tenant: str,
+    ) -> None:
+        """retrieve_secret_async returns SecretValue for Secret-type assets."""
+        httpx_mock.add_response(
+            url=f"{base_url}{org}{tenant}/orchestrator_/odata/Assets/UiPath.Server.Configuration.OData.GetRobotAssetByNameForRobotKey",
+            status_code=200,
+            json={
+                "Id": 1,
+                "Name": "Test Secret",
+                "ValueType": "Secret",
+                "SecretValue": "super-secret-value",
+            },
+        )
+
+        secret = await service.retrieve_secret_async(name="Test Secret")
+
+        assert secret == "super-secret-value"
+
+    def test_retrieve_robot_asset_exposes_secret_value(
+        self,
+        httpx_mock: HTTPXMock,
+        service: AssetsService,
+        base_url: str,
+        org: str,
+        tenant: str,
+    ) -> None:
+        """`retrieve` must expose SecretValue on UserAsset for Secret-type assets."""
+        httpx_mock.add_response(
+            url=f"{base_url}{org}{tenant}/orchestrator_/odata/Assets/UiPath.Server.Configuration.OData.GetRobotAssetByNameForRobotKey",
+            status_code=200,
+            json={
+                "Id": 1,
+                "Name": "Test Secret",
+                "ValueType": "Secret",
+                "SecretValue": "super-secret-value",
+            },
+        )
+
+        asset = service.retrieve(name="Test Secret")
+
+        assert isinstance(asset, UserAsset)
+        assert asset.value_type == "Secret"
+        assert asset.secret_value == "super-secret-value"
+
+    async def test_retrieve_async_robot_asset_exposes_secret_value(
+        self,
+        httpx_mock: HTTPXMock,
+        service: AssetsService,
+        base_url: str,
+        org: str,
+        tenant: str,
+    ) -> None:
+        """`retrieve_async` must expose SecretValue on UserAsset for Secret-type assets."""
+        httpx_mock.add_response(
+            url=f"{base_url}{org}{tenant}/orchestrator_/odata/Assets/UiPath.Server.Configuration.OData.GetRobotAssetByNameForRobotKey",
+            status_code=200,
+            json={
+                "Id": 1,
+                "Name": "Test Secret",
+                "ValueType": "Secret",
+                "SecretValue": "super-secret-value",
+            },
+        )
+
+        asset = await service.retrieve_async(name="Test Secret")
+
+        assert isinstance(asset, UserAsset)
+        assert asset.value_type == "Secret"
+        assert asset.secret_value == "super-secret-value"
+
     def test_update(
         self,
         httpx_mock: HTTPXMock,

packages/uipath-platform/uv.lock

@@ -1,6 +1,6 @@
 [project]
 name = "uipath"
-version = "2.10.82"
+version = "2.10.83"
 description = "Python SDK and CLI for UiPath Platform, enabling programmatic interaction with automation services, process management, and deployment tools."
 readme = { file = "README.md", content-type = "text/markdown" }
 requires-python = ">=3.11"