def handler(request, context): # noinspection PyPep8Naming,PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_get") s3_resource = boto3.resource('s3', region_name=get('aws_region_name')) s3_client = boto3.client('s3', config=Config(signature_version='s3v4', region_name=get('aws_region_name'))) bucket_name = "media-%s" % get('aws_account_id') logger.info("before create bucket") s3_resource.create_bucket(ACL='private', Bucket=bucket_name) logger.info("before generate_presigned_url") key = str(uuid.uuid4()) # Generate the URL to get 'key-name' from 'bucket-name' url = s3_client.generate_presigned_url( ClientMethod='get_object', Params={ 'Bucket': bucket_name, 'Key': key }, HttpMethod="put" ) return {"url": url, "media_uuid": key} return handle_request(request, context, http_get=http_get)
def handler(request, context): # noinspection PyPep8Naming,PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict apigateway_client = boto3.client('apigateway') content_type = "json" if request_params is not None: if "format" in request_params: content_type = request_params['format'].lower() rest_api_id = None response = apigateway_client.get_rest_apis(limit=500) # https://console.aws.amazon.com/apigateway/home?region=us-east-1#/apis for item in response['items']: if item['name'].lower() == "API".lower(): rest_api_id = item['id'] # 'as2edhw8s7' logger.info("rest api id=%s" % rest_api_id) response = apigateway_client.get_export(restApiId=rest_api_id, stageName='v1', exportType='swagger', parameters={}, accepts='application/%s' % content_type) # https://gist.github.com/pgolding/9083a6f3590067e3ffe694c947ef90a3 swagger = response['body'].read().decode("utf-8") return swagger return handle_request(request, context, http_get=http_get)
def handler(request, context): cognito_idp_client = boto3.client('cognito-idp') # noinspection PyPep8Naming,PyUnusedLocal def http_post(request_params, request_body): # type: (dict, dict) -> dict logger.info('http_post username='******'username']) cognito_app_client_id = get_cognito_app_client_id( cognito_idp_client, cognito_user_pool_id=get('aws_user_pools_id')) # ############################################################################################################## # IF Cognito user pool was created by Amplify or Manually, it may not have an auth flow that works via python response = cognito_idp_client.describe_user_pool_client( UserPoolId=get('aws_user_pools_id'), ClientId=cognito_app_client_id) explicit_auth_flows = response['UserPoolClient']['ExplicitAuthFlows'] explicit_auth_flows_count = len(explicit_auth_flows) if 'USER_PASSWORD_AUTH' not in explicit_auth_flows: explicit_auth_flows.extend('USER_PASSWORD_AUTH') if 'ADMIN_NO_SRP_AUTH' not in explicit_auth_flows: explicit_auth_flows.extend('ADMIN_NO_SRP_AUTH') if explicit_auth_flows_count != len(explicit_auth_flows): # add new auth flows to cognito user pool response = cognito_idp_client.update_user_pool_client( UserPoolId=get('aws_user_pools_id'), ClientId=cognito_app_client_id, ExplicitAuthFlows=['ADMIN_NO_SRP_AUTH', 'USER_PASSWORD_AUTH']) # ############################################################################################################## auth_response = cognito_idp_client.initiate_auth( ClientId=cognito_app_client_id, AuthFlow='USER_PASSWORD_AUTH', AuthParameters={ 'USERNAME': request_body['username'], 'PASSWORD': request_body['password'] }) logger.info('Auth successful') if "ChallengeName" in auth_response and auth_response[ "ChallengeName"] == "NEW_PASSWORD_REQUIRED": raise Exception("NEW_PASSWORD_REQUIRED") cognito_refresh_token = auth_response['AuthenticationResult'][ 'RefreshToken'] logger.info('return result tokens') return { "user": {}, "access_token": auth_response['AuthenticationResult']['AccessToken'], "refresh_token": auth_response['AuthenticationResult']['RefreshToken'], "id_token": auth_response['AuthenticationResult']['IdToken'], "token_type": auth_response['AuthenticationResult']['TokenType'], "expires_in": auth_response['AuthenticationResult']['ExpiresIn'] } return handle_request(request, context, http_post=http_post)
def handler(request, context): # noinspection PyPep8Naming,PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict from api.rdb.model.table_database_migration import DatabaseMigration with DatabaseMigration.atomic(): database_migration = DatabaseMigration.select().limit(1) return {"health": 'OK'} return handle_request(request, context, http_get=http_get)
def handler(request, context): cognito_idp_client = boto3.client('cognito-idp') # noinspection PyPep8Naming, PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_get") response = cognito_idp_client.list_users( UserPoolId=get('aws_user_pools_id')) return response['Users'] return handle_request(request, context, http_get=http_get)
def handler(request, context): sns_client = boto3.client('sns') # noinspection PyPep8Naming, PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_get") return get_sns_attributes(sns_client, request_params['username']) # https://bradmontgomery.net/blog/sending-sms-messages-amazon-sns-and-python/ # phone <-- number who'll receive an SMS message in e.I64 format. https://www.twilio.com/docs/glossary/what-e164 # noinspection PyPep8Naming,PyUnusedLocal def http_put(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_put") username = request_body['username'] phone_number = request_body['phone_number'] # logger.info("username=%s" % username) try: topic_response = sns_client.create_topic(Name=username) subscribe_response = sns_client.subscribe( TopicArn=topic_response["TopicArn"], Protocol='sms', Endpoint= phone_number # <-- number who'll receive an SMS message. ) # HACK for race condition for when topic_arn returned is actually usable time.sleep(5) # noinspection PyProtectedMember return {'topic_arn': topic_response['TopicArn']} except Exception as ex: logger.warning(str(ex)) raise ex # noinspection PyPep8Naming,PyUnusedLocal def http_delete(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_delete") # noinspection PyUnresolvedReferences sns_client.delete_topic(TopicArn=request_params['topic_arn']) return {} return handle_request(request, context, http_get=http_get, http_put=http_put, http_delete=http_delete)
def handler(request, context): # noinspection PyPep8Naming,PyUnusedLocal def http_put(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_put") sns_client = boto3.client('sns') topic_attributes = get_sns_attributes(sns_client, request_body['to_username']) topic_arn = topic_attributes['TopicArn'] if "sns" in request_body and request_body["sns"]: logger.info("TopicArn=" + topic_arn) response = sns_client.publish(Message=request_body['message'], TopicArn=topic_arn) request_body['sns_message_id'] = response['MessageId'] logger.info("Create SMS Message=" + request_body['sns_message_id']) # noinspection PyProtectedMember return { 'message_id': response['MessageId'], 'topic_arn': topic_arn } return handle_request(request, context, http_put=http_put)
def handler(request, context): logger.info('entered:' + context.function_name) # noinspection PyPep8Naming,PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_get") s3_client = boto3.client('s3', config=Config( signature_version='s3v4', region_name=get('aws_region_name'))) bucket_name = "media-%s" % get('aws_account_id') s3_client.create_bucket(ACL='private', Bucket=bucket_name) url = s3_client.generate_presigned_url(ClientMethod='get_object', Params={ 'Bucket': bucket_name, 'Key': request_params['media_uuid'] }) logger.info(url) return {"url": url} return handle_request(request, context, http_get=http_get)
def handler(request, context): from api.rdb.model.table_sample import Sample # noinspection PyPep8Naming, PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> list # Note request_params, request_body can have values of None logger.info("http_get") index_key_example = request_params['index_key_example'] samples = [] for sample in Sample.select().where( Sample.index_key_example == index_key_example): samples += [sample.__data__] return samples # noinspection PyPep8Naming,PyUnusedLocal def http_put(request_params, request_body): # type: (dict, dict) -> dict # Note request_params, request_body can have values of None logger.info("http_put") with Sample.atomic(): sample = Sample.create(**request_body) # noinspection PyProtectedMember return sample.__data__ # noinspection PyPep8Naming,PyUnusedLocal def http_post(request_params, request_body): # type: (dict, dict) -> dict # Note request_params, request_body can have values of None logger.info("http_post") # noinspection PyShadowingBuiltins id = request_body['id'] # noinspection PyUnresolvedReferences sample = Sample.get(Sample.id == id) if "index_key_example" in request_body: sample.index_key_example = request_body["index_key_example"] if "integer_example" in request_body: sample.integer_example = request_body["integer_example"] if "datetime_example" in request_body: sample.datetime_example = request_body["datetime_example"] if "text_example" in request_body: sample.text_example = request_body["text_example"] if "decimal_example" in request_body: sample.decimal_example = request_body["decimal_example"] if "boolean_example" in request_body: sample.boolean_example = request_body["boolean_example"] # save updated fields with sample.atomic(): sample.save() return sample.__data__ # noinspection PyPep8Naming,PyUnusedLocal def http_delete(request_params, request_body): # type: (dict, dict) -> dict # Note request_params, request_body can have values of None logger.info("http_delete") with Sample.atomic(): # noinspection PyUnresolvedReferences Sample.delete().where(Sample.id == request_params["id"]).execute() return {} # noinspection PyPep8 return handle_request(request, context, http_get=http_get, http_put=http_put, http_post=http_post, http_delete=http_delete)
def handler(request, context): # noinspection PyPep8Naming,PyUnusedLocal,PyProtectedMember def http_get(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_get") media_uuid = request_params['media_uuid'] media = Media.get(Media.media_uuid == media_uuid) media.__data__['description'] = tsvectorfield2string( media.__data__['description']) return media.__data__ # noinspection PyPep8Naming,PyUnusedLocal def http_put(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_put") user_profile = User_profile.get( User_profile.username == request_body['username']) # noinspection PyUnresolvedReferences request_body['username'] = user_profile with Media.atomic(): media, created = Media.get_or_create( media_uuid=request_body["media_uuid"], defaults=request_body) if created: logger.info("Media created") # noinspection PyProtectedMember return media.__data__ # noinspection PyPep8Naming,PyUnusedLocal def http_post(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_post") media_uuid = request_body['media_uuid'] media = Media.get(Media.media_uuid == media_uuid) if "tags" in request_body: media.tags = request_body["tags"] if "likes" in request_body: media.likes = request_body["likes"] if "description" in request_body: media.description = request_body["description"] with media.atomic(): media.save() return media.__data__ # noinspection PyPep8Naming,PyUnusedLocal def http_delete(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_delete") try: with Media.atomic(): query = Media.delete().where( Media.media_uuid == request_params["media_uuid"]) response = query.execute() except Exception as ex: logger.error(str(ex)) s3_client = boto3.client('s3', config=Config( signature_version='s3v4', region_name=get('aws_region_name'))) bucket_name = "media-%s" % get('aws_account_id') s3_client.delete_object(Bucket=bucket_name, Key=request_params["media_uuid"]) return {} return handle_request(request, context, http_get=http_get, http_put=http_put, http_post=http_post, http_delete=http_delete)
def handler(request, context): global logger from api.rdb.model.table_user_blocked import User_blocked # noinspection PyPep8Naming, PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_get") cognito_idp_client = boto3.client('cognito-idp') recipient_user_profile = User_profile.get( User_profile.username == request_params['recipient_username']) blocked_user_profile = User_profile.get( User_profile.username == request_params['blocked_username']) try: # noinspection PyUnresolvedReferences result = User_blocked.get( User_blocked.recipient_username == recipient_user_profile.id, User_blocked.blocked_username == blocked_user_profile.id) # noinspection PyProtectedMember return {"blocked": True, "id": result.__data__['id']} except DoesNotExist as ex: return {"blocked": False} # noinspection PyPep8Naming,PyUnusedLocal def http_put(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_put") cognito_idp_client = boto3.client('cognito-idp') recipient_user_profile = User_profile.get( User_profile.username == request_body['recipient_username']) blocked_user_profile = User_profile.get( User_profile.username == request_body['blocked_username']) defaults = request_body with User_blocked.atomic(): defaults['recipient_username'] = recipient_user_profile defaults['blocked_username'] = blocked_user_profile # noinspection PyUnresolvedReferences user_blocked, created = User_blocked.get_or_create( recipient_username=recipient_user_profile.id, blocked_username=blocked_user_profile.id, defaults=defaults) if created: logger.info("Contact: %s blocked: %s" % (recipient_user_profile, blocked_user_profile)) data = user_blocked.__data__ # noinspection PyProtectedMember return user_blocked.__data__ # noinspection PyPep8Naming,PyUnusedLocal def http_delete(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_delete") # noinspection PyUnresolvedReferences with User_blocked.atomic(): # noinspection PyUnresolvedReferences User_blocked.delete().where( User_blocked.id == request_params["id"]).execute() return {} return handle_request(request, context, http_get=http_get, http_put=http_put, http_delete=http_delete)
def handler(request, context): cognito_idp_client = boto3.client('cognito-idp') # noinspection PyPep8Naming,PyUnusedLocal def http_put(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_put") # Don't Email when new user is provisioned in Cognito if is_test() message_action = 'SUPPRESS' if is_test() else 'RESEND' cognito_user = user_persist(cognito_idp_client, get('aws_user_pools_id'), request_body, True, ['EMAIL'], message_action) cognito_user = cognito_idp_client.admin_get_user(UserPoolId=get('aws_user_pools_id'), Username=cognito_user['Username']) return remove_cruft(cognito_user) # noinspection PyPep8Naming,PyUnusedLocal,PyBroadException def http_delete(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_delete") if request_params and 'force' in request_params: logger.info(request_params['force']) # if test, delete the user # if production, de-activate logger.info("http_delete in %s mode" % 'test' if is_test() else 'production') # disable user in Cognito if is_test() or "force" in request_params: try: cognito_idp_client.admin_disable_user(UserPoolId=get('aws_user_pools_id'), Username=request_params['username']) sleep(2) except cognito_idp_client.exceptions.UserNotFoundException as ex: return {} if is_test() or "force" in request_params: logger.info("Deleting user %s for real" % request_params['username']) cognito_idp_client.admin_delete_user(UserPoolId=get('aws_user_pools_id'), Username=request_params['username']) logger.info("Deleted user from Cognito") return {} # noinspection PyPep8Naming,PyUnusedLocal def http_get(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_get") cognito_user = cognito_idp_client.admin_get_user(UserPoolId=get('aws_user_pools_id'), Username=request_params['username']) return remove_cruft(cognito_user) # noinspection PyPep8Naming,PyUnusedLocal def http_post(request_params, request_body): # type: (dict, dict) -> dict logger.info("http_post") cognito_user = cognito_idp_client.admin_get_user(UserPoolId=get('aws_user_pools_id'), Username=request_body['username']) if "cognito_user_pool_app_client_id" in request_body: cognito_app_client_id = request_body['cognito_user_pool_app_client_id'] else: cognito_app_client_id = get_cognito_app_client_id(cognito_idp_client, cognito_user_pool_id=get('aws_user_pools_id')) # TODO: enable ADMIN_NO_SRP_AUTH and USER_PASSWORD_AUTH auth flows if 'newpassword' in request_body: # noinspection PyBroadException auth_response = cognito_idp_client.admin_initiate_auth( UserPoolId=get('aws_user_pools_id'), AuthFlow='ADMIN_NO_SRP_AUTH', AuthParameters={ 'USERNAME': cognito_user['Username'], 'PASSWORD': request_body['password'] }, ClientId=cognito_app_client_id ) # https://github.com/capless/warrant/issues/14 tokens = cognito_idp_client.respond_to_auth_challenge( ClientId=cognito_app_client_id, ChallengeName='NEW_PASSWORD_REQUIRED', Session=auth_response['Session'], # 'session_string_from_first_challenge_response', ChallengeResponses={ 'NEW_PASSWORD': request_body['newpassword'], 'USERNAME': request_body['username'] } ) logger.info('newpassword successful, return result tokens') cognito_user = remove_cruft(cognito_user) return cognito_user return handle_request(request, context, http_get=http_get, http_put=http_put, http_delete=http_delete, http_post=http_post)