que_media

Developer-friendly & type-safe Python SDK specifically catered to leverage que_media API.

Summary

Que API: Welcome to the Que Public HTTP API for C2PA (Content Authenticity Initiative) provenance management.

Our platform provides robust tools for working with digital asset provenance through C2PA manifests, enabling you to sign and verify digital assets to ensure their authenticity, origin, and processing history.

Key Features:

• Memory-Efficient Streaming: Assets are processed using streaming techniques to minimize memory usage, supporting large files efficiently
• Verify: Inspect and validate C2PA manifests embedded in assets with multiple detail levels
• Sign: Embed comprehensive C2PA manifests into your assets with server-side cryptographic signatures
• Trust Management: Retrieve and validate against current trust lists containing trusted certificate authorities and manufacturers
• Secure Uploads: Direct-to-S3 uploads via presigned URLs for large assets

Authentication: All endpoints (except for /healthz) are secured and require an API key to be passed in the x-api-key header.

Processing Architecture: Assets are streamed from S3 or URLs to temporary storage during processing to ensure O(chunk_size) memory usage instead of O(file_size), enabling efficient handling of large files on containerized platforms.

Usage of this API is tracked via Firehose for billing and monitoring purposes.

For more information about the API: Find more detailed documentation and tutorials here.

Table of Contents

• que_media
  • SDK Installation
  • IDE Support
  • SDK Example Usage
  • Authentication
  • Available Resources and Operations
  • Retries
  • Error Handling
  • Server Selection
  • Custom HTTP Client
  • Resource Management
  • Debugging
• Development
  • Maturity
  • Contributions

SDK Installation

Note

Python version upgrade policy

Once a Python version reaches its official end of life date, a 3-month grace period is provided for users to upgrade. Following this grace period, the minimum python version supported in the SDK will be updated.

The SDK can be installed with uv, pip, or poetry package managers.

uv

uv is a fast Python package installer and resolver, designed as a drop-in replacement for pip and pip-tools. It's recommended for its speed and modern Python tooling capabilities.

uv add que_media

PIP

PIP is the default package installer for Python, enabling easy installation and management of packages from PyPI via the command line.

pip install que_media

Poetry

Poetry is a modern tool that simplifies dependency management and package publishing by using a single pyproject.toml file to handle project metadata and dependencies.

poetry add que_media

Shell and script usage with uv

You can use this SDK in a Python shell with uv and the uvx command that comes with it like so:

uvx --from que_media python

It's also possible to write a standalone Python script without needing to set up a whole project like so:

#!/usr/bin/env -S uv run --script
# /// script
# requires-python = ">=3.9"
# dependencies = [
#     "que_media",
# ]
# ///

from que_media import Que

sdk = Que(
  # SDK arguments
)

# Rest of script here...

Once that is saved to a file, you can run it with uv run script.py where script.py can be replaced with the actual file name.

IDE Support

PyCharm

Generally, the SDK will work well with most IDEs out of the box. However, when using PyCharm, you can enjoy much better integration with Pydantic by installing an additional plugin.

• PyCharm Pydantic Plugin

SDK Example Usage

Example

# Synchronous Example
import os
from que_media import Que


with Que(
    api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
) as que:

    res = que.verify_asset(asset={
        "bucket": "que-assets-dev",
        "key": "uploads/photo.jpg",
    }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
        "max_asset_size_bytes": 104857600,
        "max_output_size_bytes": 104857600,
        "max_stream_copy_bytes": 104857600,
        "stream_timeout_ms": 30000,
    })

    # Handle response
    print(res)

The same SDK client can also be used to make asynchronous requests by importing asyncio.

# Asynchronous Example
import asyncio
import os
from que_media import Que

async def main():

    async with Que(
        api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
    ) as que:

        res = await que.verify_asset_async(asset={
            "bucket": "que-assets-dev",
            "key": "uploads/photo.jpg",
        }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
            "max_asset_size_bytes": 104857600,
            "max_output_size_bytes": 104857600,
            "max_stream_copy_bytes": 104857600,
            "stream_timeout_ms": 30000,
        })

        # Handle response
        print(res)

asyncio.run(main())

Authentication

Per-Client Security Schemes

This SDK supports the following security scheme globally:

Name	Type	Scheme	Environment Variable
api_key_auth	apiKey	API key	QUE_API_KEY_AUTH

To authenticate with the API the api_key_auth parameter must be set when initializing the SDK client instance. For example:

import os
from que_media import Que


with Que(
    api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
) as que:

    res = que.verify_asset(asset={
        "bucket": "que-assets-dev",
        "key": "uploads/photo.jpg",
    }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
        "max_asset_size_bytes": 104857600,
        "max_output_size_bytes": 104857600,
        "max_stream_copy_bytes": 104857600,
        "stream_timeout_ms": 30000,
    })

    # Handle response
    print(res)

Available Resources and Operations

Available methods

asset_management

• get_presigned_url - Get an S3 presigned URL for secure uploads

Que SDK

• verify_asset - Verify the C2PA manifest of an asset
• sign_asset - Sign an asset with a C2PA manifest

utility

• get_health_check - Service Health Check
• get_trust_list - Retrieve the current C2PA trust bundle

Retries

Some of the endpoints in this SDK support retries. If you use the SDK without any configuration, it will fall back to the default retry strategy provided by the API. However, the default retry strategy can be overridden on a per-operation basis, or across the entire SDK.

To change the default retry strategy for a single API call, simply provide a RetryConfig object to the call:

import os
from que_media import Que
from que_media.utils import BackoffStrategy, RetryConfig


with Que(
    api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
) as que:

    res = que.verify_asset(asset={
        "bucket": "que-assets-dev",
        "key": "uploads/photo.jpg",
    }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
        "max_asset_size_bytes": 104857600,
        "max_output_size_bytes": 104857600,
        "max_stream_copy_bytes": 104857600,
        "stream_timeout_ms": 30000,
    },
        RetryConfig("backoff", BackoffStrategy(1, 50, 1.1, 100), False))

    # Handle response
    print(res)

If you'd like to override the default retry strategy for all operations that support retries, you can use the retry_config optional parameter when initializing the SDK:

import os
from que_media import Que
from que_media.utils import BackoffStrategy, RetryConfig


with Que(
    retry_config=RetryConfig("backoff", BackoffStrategy(1, 50, 1.1, 100), False),
    api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
) as que:

    res = que.verify_asset(asset={
        "bucket": "que-assets-dev",
        "key": "uploads/photo.jpg",
    }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
        "max_asset_size_bytes": 104857600,
        "max_output_size_bytes": 104857600,
        "max_stream_copy_bytes": 104857600,
        "stream_timeout_ms": 30000,
    })

    # Handle response
    print(res)

Error Handling

QueError is the base class for all HTTP error responses. It has the following properties:

Property	Type	Description
err.message	str	Error message
err.status_code	int	HTTP response status code eg 404
err.headers	httpx.Headers	HTTP response headers
err.body	str	HTTP body. Can be empty string if no body is returned.
err.raw_response	httpx.Response	Raw HTTP response
err.data		Optional. Some errors may contain structured data. See Error Classes.

Example

import os
from que_media import Que, errors


with Que(
    api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
) as que:
    res = None
    try:

        res = que.verify_asset(asset={
            "bucket": "que-assets-dev",
            "key": "uploads/photo.jpg",
        }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
            "max_asset_size_bytes": 104857600,
            "max_output_size_bytes": 104857600,
            "max_stream_copy_bytes": 104857600,
            "stream_timeout_ms": 30000,
        })

        # Handle response
        print(res)


    except errors.QueError as e:
        # The base class for HTTP error responses
        print(e.message)
        print(e.status_code)
        print(e.body)
        print(e.headers)
        print(e.raw_response)

        # Depending on the method different errors may be thrown
        if isinstance(e, errors.ProblemResponseError):
            print(e.data.type)  # str
            print(e.data.title)  # str
            print(e.data.status)  # int
            print(e.data.code)  # str
            print(e.data.detail)  # OptionalNullable[str]

Error Classes

Primary errors:

• QueError: The base class for HTTP error responses.
  • ProblemResponseError: An RFC 7807 problem details response. *

Less common errors (5)

Network errors:

• httpx.RequestError: Base class for request errors.
  • httpx.ConnectError: HTTP client was unable to make a request to a server.
  • httpx.TimeoutException: HTTP request timed out.

Inherit from QueError:

• ResponseValidationError: Type mismatch between the response data and the expected Pydantic model. Provides access to the Pydantic validation error via the cause attribute.

* Check the method documentation to see if the error is applicable.

Server Selection

Server Variables

The default server https://{environment}.addque.org/ contains variables and is set to https://dev-api.addque.org/ by default. To override default values, the following parameters are available when initializing the SDK client instance:

Variable	Parameter	Default	Description
environment	environment: str	"dev-api"	The deployment environment.

Example

import os
from que_media import Que


with Que(
    environment="<value>"
    api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
) as que:

    res = que.verify_asset(asset={
        "bucket": "que-assets-dev",
        "key": "uploads/photo.jpg",
    }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
        "max_asset_size_bytes": 104857600,
        "max_output_size_bytes": 104857600,
        "max_stream_copy_bytes": 104857600,
        "stream_timeout_ms": 30000,
    })

    # Handle response
    print(res)

Override Server URL Per-Client

The default server can be overridden globally by passing a URL to the server_url: str optional parameter when initializing the SDK client instance. For example:

import os
from que_media import Que


with Que(
    server_url="https://dev-api.addque.org/",
    api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
) as que:

    res = que.verify_asset(asset={
        "bucket": "que-assets-dev",
        "key": "uploads/photo.jpg",
    }, mode="summary", allow_remote_manifests=False, allow_insecure_remote_http=False, include_certificates=True, limits={
        "max_asset_size_bytes": 104857600,
        "max_output_size_bytes": 104857600,
        "max_stream_copy_bytes": 104857600,
        "stream_timeout_ms": 30000,
    })

    # Handle response
    print(res)

Custom HTTP Client

The Python SDK makes API calls using the httpx HTTP library. In order to provide a convenient way to configure timeouts, cookies, proxies, custom headers, and other low-level configuration, you can initialize the SDK client with your own HTTP client instance. Depending on whether you are using the sync or async version of the SDK, you can pass an instance of HttpClient or AsyncHttpClient respectively, which are Protocol's ensuring that the client has the necessary methods to make API calls. This allows you to wrap the client with your own custom logic, such as adding custom headers, logging, or error handling, or you can just pass an instance of httpx.Client or httpx.AsyncClient directly.

For example, you could specify a header for every request that this sdk makes as follows:

from que_media import Que
import httpx

http_client = httpx.Client(headers={"x-custom-header": "someValue"})
s = Que(client=http_client)

or you could wrap the client with your own custom logic:

from que_media import Que
from que_media.httpclient import AsyncHttpClient
import httpx

class CustomClient(AsyncHttpClient):
    client: AsyncHttpClient

    def __init__(self, client: AsyncHttpClient):
        self.client = client

    async def send(
        self,
        request: httpx.Request,
        *,
        stream: bool = False,
        auth: Union[
            httpx._types.AuthTypes, httpx._client.UseClientDefault, None
        ] = httpx.USE_CLIENT_DEFAULT,
        follow_redirects: Union[
            bool, httpx._client.UseClientDefault
        ] = httpx.USE_CLIENT_DEFAULT,
    ) -> httpx.Response:
        request.headers["Client-Level-Header"] = "added by client"

        return await self.client.send(
            request, stream=stream, auth=auth, follow_redirects=follow_redirects
        )

    def build_request(
        self,
        method: str,
        url: httpx._types.URLTypes,
        *,
        content: Optional[httpx._types.RequestContent] = None,
        data: Optional[httpx._types.RequestData] = None,
        files: Optional[httpx._types.RequestFiles] = None,
        json: Optional[Any] = None,
        params: Optional[httpx._types.QueryParamTypes] = None,
        headers: Optional[httpx._types.HeaderTypes] = None,
        cookies: Optional[httpx._types.CookieTypes] = None,
        timeout: Union[
            httpx._types.TimeoutTypes, httpx._client.UseClientDefault
        ] = httpx.USE_CLIENT_DEFAULT,
        extensions: Optional[httpx._types.RequestExtensions] = None,
    ) -> httpx.Request:
        return self.client.build_request(
            method,
            url,
            content=content,
            data=data,
            files=files,
            json=json,
            params=params,
            headers=headers,
            cookies=cookies,
            timeout=timeout,
            extensions=extensions,
        )

s = Que(async_client=CustomClient(httpx.AsyncClient()))

Resource Management

The Que class implements the context manager protocol and registers a finalizer function to close the underlying sync and async HTTPX clients it uses under the hood. This will close HTTP connections, release memory and free up other resources held by the SDK. In short-lived Python programs and notebooks that make a few SDK method calls, resource management may not be a concern. However, in longer-lived programs, it is beneficial to create a single SDK instance via a context manager and reuse it across the application.

import os
from que_media import Que
def main():

    with Que(
        api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
    ) as que:
        # Rest of application here...


# Or when using async:
async def amain():

    async with Que(
        api_key_auth=os.getenv("QUE_API_KEY_AUTH", ""),
    ) as que:
        # Rest of application here...

Debugging

You can setup your SDK to emit debug logs for SDK requests and responses.

You can pass your own logger class directly into your SDK.

from que_media import Que
import logging

logging.basicConfig(level=logging.DEBUG)
s = Que(debug_logger=logging.getLogger("que_media"))

You can also enable a default debug logger by setting an environment variable QUE_DEBUG to true.

Development

Maturity

This SDK is in beta, and there may be breaking changes between versions without a major version update. Therefore, we recommend pinning usage to a specific package version. This way, you can install the same version each time without breaking changes unless you are intentionally looking for the latest version.

Contributions

While we value open-source contributions to this SDK, this library is generated programmatically. Any manual changes added to internal files will be overwritten on the next generation. We look forward to hearing your feedback. Feel free to open a PR or an issue with a proof of concept and we'll do our best to include it in a future release.

SDK Created by Speakeasy