diff --git a/enrollments-events/app/config.py b/enrollments-events/app/config.py
index 3b36fc7..6a5cd24 100644
--- a/enrollments-events/app/config.py
+++ b/enrollments-events/app/config.py
@@ -8,8 +8,10 @@ COURSE_TABLE: str = os.getenv('COURSE_TABLE') # type: ignore
BUCKET_NAME: str = os.getenv('BUCKET_NAME') # type: ignore
EMAIL_SENDER = ('EDUSEG®', 'noreply@eduseg.com.br')
+
PAPERFORGE_API = 'https://paperforge.saladeaula.digital'
-SIGNATURE_URI = 's3://saladeaula.digital/signatures/ecnpj_2025.pfx'
+CERT_REPORTING_URI = 's3://saladeaula.digital/certs/reporting.html'
+ESIGN_URI = 's3://saladeaula.digital/esigns/ecnpj_2025.pfx'
DBNAME: str = os.getenv('POSTGRES_DB') # type: ignore
diff --git a/enrollments-events/app/enrollment.py b/enrollments-events/app/enrollment.py
index 07b90f0..9a9c016 100644
--- a/enrollments-events/app/enrollment.py
+++ b/enrollments-events/app/enrollment.py
@@ -64,14 +64,6 @@ def enroll(
# Post-migration: uncomment the following line
# | ({'org_id': org['org_id']} if org else {}),
)
- transact.put(
- item={
- 'id': enrollment.id,
- 'sk': 'METADATA#COURSE',
- 'created_at': now_,
- **course.model_dump(include={'cert', 'access_period'}),
- }
- )
# Relationships between this enrollment and its related entities
for parent_entity in linked_entities:
diff --git a/enrollments-events/app/events/allocate_slots.py b/enrollments-events/app/events/allocate_slots.py
index 6ad26ed..b17b88e 100644
--- a/enrollments-events/app/events/allocate_slots.py
+++ b/enrollments-events/app/events/allocate_slots.py
@@ -34,6 +34,7 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
order = order_layer.collection.get_items(
TransactKey(order_id) + SortKey('0') + SortKey('items', path_spec='items'),
)
+ # Post-migration: rename `tenant_id` to `org_id`
org_id = order['tenant_id']
items = {
item['id']: int(item['quantity'])
diff --git a/enrollments-events/app/events/cert_reporting/__init__.py b/enrollments-events/app/events/cert_reporting/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/enrollments-events/app/events/cert_reporting/append_issued_cert.py b/enrollments-events/app/events/cert_reporting/append_issued_cert.py
new file mode 100644
index 0000000..a27f74a
--- /dev/null
+++ b/enrollments-events/app/events/cert_reporting/append_issued_cert.py
@@ -0,0 +1,79 @@
+import os
+from datetime import datetime, timedelta
+
+import pytz
+from aws_lambda_powertools import Logger
+from aws_lambda_powertools.utilities.data_classes import (
+ EventBridgeEvent,
+ event_source,
+)
+from aws_lambda_powertools.utilities.typing import LambdaContext
+from glom import glom
+from layercake.dateutils import fromisoformat, now, ttl
+from layercake.dynamodb import DynamoDBPersistenceLayer
+from layercake.funcs import pick
+
+from boto3clients import dynamodb_client
+from config import ENROLLMENT_TABLE
+
+logger = Logger(__name__)
+dyn = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client)
+tz = os.getenv('TZ', 'UTC')
+
+
+@event_source(data_class=EventBridgeEvent)
+@logger.inject_lambda_context
+def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool | None:
+ new_image = event.detail['new_image']
+ expires_at = glom(new_image, 'cert.expires_at', default=None)
+
+ if not expires_at:
+ return None
+
+ enrollment_id = new_image['id']
+ org_id = new_image['org_id']
+ expires_at: datetime = fromisoformat(expires_at).replace(tzinfo=pytz.timezone(tz)) # type: ignore
+ # The reporting month is the month before the certificate expires
+ month_start = (expires_at.replace(day=1) - timedelta(days=1)).replace(day=1)
+ now_ = now()
+ pk = f'CERT#REPORTING#ORG#{org_id}'
+ sk = 'MONTH#{}'.format(expires_at.strftime('%Y-%m'))
+
+ if now_ > expires_at:
+ return None
+
+ try:
+ with dyn.transact_writer() as transact:
+ transact.put(
+ item={
+ 'id': pk,
+ 'sk': 'MONTH#{}#SCHEDULE#SEND_REPORT_EMAIL'.format(
+ month_start.strftime('%Y-%m')
+ ),
+ 'target_month': expires_at.strftime('%Y-%m'),
+ 'ttl': ttl(start_dt=month_start),
+ }
+ )
+
+ transact.put(
+ item={
+ 'id': pk,
+ 'sk': f'{sk}#ENROLLMENT#{enrollment_id}',
+ 'enrollment_id': new_image['id'],
+ 'user': pick(('id', 'name'), new_image['user']),
+ 'course': pick(('id', 'name'), new_image['course']),
+ 'enrolled_at': new_image['created_at'],
+ 'expires_at': expires_at, # type: ignore
+ 'completed_at': new_image['completed_at'],
+ 'created_at': now_,
+ },
+ cond_expr='attribute_not_exists(sk)',
+ exc_cls=EnrollmentConflictError,
+ )
+ except EnrollmentConflictError:
+ return False
+
+ return True
+
+
+class EnrollmentConflictError(Exception): ...
diff --git a/enrollments-events/app/events/cert_reporting/send_report_email.py b/enrollments-events/app/events/cert_reporting/send_report_email.py
new file mode 100644
index 0000000..c2d1bce
--- /dev/null
+++ b/enrollments-events/app/events/cert_reporting/send_report_email.py
@@ -0,0 +1,146 @@
+import json
+from datetime import date, datetime
+from email.mime.application import MIMEApplication
+
+import requests
+from aws_lambda_powertools import Logger
+from aws_lambda_powertools.shared.json_encoder import Encoder
+from aws_lambda_powertools.utilities.data_classes import (
+ EventBridgeEvent,
+ event_source,
+)
+from aws_lambda_powertools.utilities.typing import LambdaContext
+from layercake.dateutils import now
+from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair
+from layercake.email_ import Message
+
+from boto3clients import dynamodb_client, sesv2_client
+from config import (
+ CERT_REPORTING_URI,
+ EMAIL_SENDER,
+ ENROLLMENT_TABLE,
+ PAPERFORGE_API,
+ USER_TABLE,
+)
+
+SUBJECT = 'Certificados que vencerão em {month} na EDUSEG®'
+REPLY_TO = ('Carolina Brand', 'carolina@somosbeta.com.br')
+BCC = [
+ 'sergio@somosbeta.com.br',
+ 'carolina@somosbeta.com.br',
+ 'tiago@somosbeta.com.br',
+]
+MESSAGE = """
+Oi, tudo bem?
+
+Em anexo você encontra os certificados que vencerão em {month}.
+
+
+Qualquer dúvida, estamos à disposição.
+"""
+
+
+logger = Logger(__name__)
+enrollment_layer = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client)
+user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
+
+
+@event_source(data_class=EventBridgeEvent)
+@logger.inject_lambda_context
+def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
+ old_image = event.detail['old_image']
+ # Key pattern `CERT#REPORTING#ORG#{org_id}`
+ *_, org_id = old_image['id'].split('#')
+ event_name = old_image['sk']
+ target_month = datetime.strptime(old_image['target_month'], '%Y-%m').date()
+ month = _monthfmt(target_month)
+ now_ = now()
+
+ result = enrollment_layer.collection.query(
+ KeyPair(
+ pk=old_image['id'],
+ sk='MONTH#{}#ENROLLMENT'.format(target_month.strftime('%Y-%m')),
+ ),
+ limit=150,
+ )
+
+ json_data = json.dumps(
+ {
+ 'template_uri': CERT_REPORTING_URI,
+ 'args': {
+ 'month': month,
+ 'items': result['items'],
+ },
+ },
+ cls=Encoder,
+ )
+ # Send template URI and data to Paperforge API to generate a PDF
+ r = requests.post(PAPERFORGE_API, data=json_data)
+ r.raise_for_status()
+
+ emailmsg = Message(
+ from_=EMAIL_SENDER,
+ to=_get_admin_emails(org_id),
+ subject=SUBJECT.format(month=month),
+ )
+ emailmsg.add_alternative(MESSAGE.format(month=month))
+ attachment = MIMEApplication(r.content)
+ attachment.add_header(
+ 'Content-Disposition',
+ 'attachment',
+ filename='{}.pdf'.format(target_month.strftime('%Y-%m')),
+ )
+ emailmsg.attach(attachment)
+
+ try:
+ sesv2_client.send_email(
+ Content={
+ 'Raw': {
+ 'Data': emailmsg.as_bytes(),
+ },
+ }
+ )
+ enrollment_layer.put_item(
+ item={
+ 'id': old_image['id'],
+ 'sk': f'{event_name}#EXECUTED',
+ 'created_at': now_,
+ }
+ )
+ logger.info('Email sent')
+ except Exception as exc:
+ logger.exception(exc)
+ enrollment_layer.put_item(
+ item={
+ 'id': old_image['id'],
+ 'sk': f'{event_name}#FAILED',
+ 'created_at': now_,
+ }
+ )
+ return False
+ else:
+ return True
+
+
+def _get_admin_emails(org_id: str) -> list[tuple[str, str]]:
+ # Post-migration: rename `admins` to `ADMIN`
+ r = user_layer.collection.query(KeyPair(org_id, 'admins'))
+ return [(x['name'], x['email']) for x in r['items']]
+
+
+def _monthfmt(dt: date) -> str:
+ months = [
+ 'Janeiro',
+ 'Fevereiro',
+ 'Março',
+ 'Abril',
+ 'Maio',
+ 'Junho',
+ 'Julho',
+ 'Agosto',
+ 'Setembro',
+ 'Outubro',
+ 'Novembro',
+ 'Dezembro',
+ ]
+ return f'{months[dt.month - 1]} de {dt.year}'
diff --git a/enrollments-events/app/events/issue_cert.py b/enrollments-events/app/events/issue_cert.py
index bf8c871..3955c95 100644
--- a/enrollments-events/app/events/issue_cert.py
+++ b/enrollments-events/app/events/issue_cert.py
@@ -16,8 +16,8 @@ from config import (
BUCKET_NAME,
COURSE_TABLE,
ENROLLMENT_TABLE,
+ ESIGN_URI,
PAPERFORGE_API,
- SIGNATURE_URI,
)
logger = Logger(__name__)
@@ -38,12 +38,12 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
sk=SortKey('0', path_spec='cert', rename_key='cert'),
),
raise_on_error=False,
- default=False,
+ default=None,
)
if not cert:
logger.debug('Certificate not found')
- # There is no certificate to issue from metadata
+ # There is no certificate to issue from course
return False
started_at: datetime = fromisoformat(new_image['started_at']) # type: ignore
@@ -62,7 +62,7 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
data=json.dumps(
{
'template_uri': cert['s3_uri'],
- 'sign_uri': SIGNATURE_URI,
+ 'sign_uri': ESIGN_URI,
'args': {
'name': new_image['user']['name'],
'cpf': _cpffmt(new_image['user']['cpf']),
@@ -106,10 +106,10 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
pk=enrollment_id,
sk='0',
),
- update_expr='SET issued_cert = :issued_cert, updated_at = :now',
+ update_expr='SET cert = :cert, updated_at = :now',
expr_attr_values={
':now': now_,
- ':issued_cert': {
+ ':cert': {
'issued_at': now_,
}
| ({'expires_at': cert_expires_at} if cert_expires_at else {})
diff --git a/enrollments-events/app/events/set_cert_expired.py b/enrollments-events/app/events/set_cert_expired.py
index 02d1a73..09bd280 100644
--- a/enrollments-events/app/events/set_cert_expired.py
+++ b/enrollments-events/app/events/set_cert_expired.py
@@ -21,10 +21,10 @@ dyn = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client)
def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
old_image = event.detail['old_image']
now_ = now()
- issued_cert = dyn.collection.get_item(
+ cert = dyn.collection.get_item(
KeyPair(
pk=old_image['id'],
- sk=SortKey('0', path_spec='issued_cert'),
+ sk=SortKey('0', path_spec='cert'),
),
raise_on_error=False,
default={},
@@ -37,12 +37,11 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
pk=old_image['id'],
sk='0',
),
- update_expr='SET issued_cert = :issued_cert, \
- updated_at = :now',
+ update_expr='SET cert = :cert, updated_at = :now',
cond_expr='#status = :completed',
expr_attr_names={'#status': 'status'},
expr_attr_values={
- ':issued_cert': issued_cert | {'expired': True},
+ ':cert': cert | {'expired': True},
':completed': 'COMPLETED',
':now': now_,
},
diff --git a/enrollments-events/template.yaml b/enrollments-events/template.yaml
index 02cfd03..794f031 100644
--- a/enrollments-events/template.yaml
+++ b/enrollments-events/template.yaml
@@ -26,7 +26,7 @@ Globals:
Architectures:
- x86_64
Layers:
- - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:97
+ - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:98
Environment:
Variables:
TZ: America/Sao_Paulo
@@ -140,7 +140,7 @@ Resources:
Type: EventBridgeRule
Properties:
Pattern:
- resources: [betaeducacao-prod-orders]
+ resources: [!Ref OrderTable]
detail-type: [INSERT]
detail:
new_image:
@@ -331,3 +331,64 @@ Resources:
status: [COMPLETED]
old_image:
status: [IN_PROGRESS]
+
+ EventCertReportingAppendIssuedCertFunction:
+ Type: AWS::Serverless::Function
+ Properties:
+ Handler: events.cert_reporting.append_issued_cert.lambda_handler
+ LoggingConfig:
+ LogGroup: !Ref EventLog
+ Policies:
+ - DynamoDBCrudPolicy:
+ TableName: !Ref EnrollmentTable
+ Events:
+ DynamoDBEvent:
+ Type: EventBridgeRule
+ Properties:
+ Pattern:
+ resources: [!Ref EnrollmentTable]
+ detail:
+ keys:
+ sk: ["0"]
+ new_image:
+ status: [COMPLETED]
+ cert:
+ exists: true
+ org_id:
+ exists: true
+ old_image:
+ cert:
+ exists: false
+
+ EventCertReportingSendReportEmailFunction:
+ Type: AWS::Serverless::Function
+ Properties:
+ Handler: events.cert_reporting.send_report_email.lambda_handler
+ LoggingConfig:
+ LogGroup: !Ref EventLog
+ Policies:
+ - DynamoDBReadPolicy:
+ TableName: !Ref EnrollmentTable
+ - DynamoDBReadPolicy:
+ TableName: !Ref UserTable
+ - Version: 2012-10-17
+ Statement:
+ - Effect: Allow
+ Action:
+ - ses:SendRawEmail
+ Resource:
+ - !Sub arn:aws:ses:${AWS::Region}:${AWS::AccountId}:identity/eduseg.com.br
+ - !Sub arn:aws:ses:${AWS::Region}:${AWS::AccountId}:configuration-set/tracking
+ Events:
+ DynamoDBEvent:
+ Type: EventBridgeRule
+ Properties:
+ Pattern:
+ resources: [!Ref EnrollmentTable]
+ detail-type: [EXPIRE]
+ detail:
+ keys:
+ id:
+ - prefix: CERT#REPORTING#ORG
+ sk:
+ - suffix: SCHEDULE#SEND_REPORT_EMAIL
diff --git a/enrollments-events/tests/events/cert_reporting/test_append_issued_cert.py b/enrollments-events/tests/events/cert_reporting/test_append_issued_cert.py
new file mode 100644
index 0000000..1eb3f14
--- /dev/null
+++ b/enrollments-events/tests/events/cert_reporting/test_append_issued_cert.py
@@ -0,0 +1,66 @@
+from datetime import timedelta
+
+import app.events.cert_reporting.append_issued_cert as app
+from aws_lambda_powertools.utilities.typing import LambdaContext
+from layercake.dateutils import now
+from layercake.dynamodb import (
+ DynamoDBPersistenceLayer,
+ SortKey,
+ TransactKey,
+)
+
+
+def test_append_issued_cert(
+ seeds,
+ dynamodb_persistence_layer: DynamoDBPersistenceLayer,
+ lambda_context: LambdaContext,
+):
+ expires_at = now() + timedelta(days=360)
+ event = {
+ 'detail': {
+ 'new_image': {
+ 'id': 'e45019d8-be7a-4a82-9b37-12a01f0127bb',
+ 'sk': '0',
+ 'course': {
+ 'id': '431',
+ 'name': 'How to Sing Better',
+ },
+ 'cert': {
+ # 'expires_at': '2026-02-10T20:14:42.880991',
+ 'expires_at': expires_at.isoformat(),
+ },
+ 'user': {
+ 'id': '1234',
+ 'name': 'Tobias Summit',
+ },
+ 'org_id': '1e2eaf0e-e319-49eb-ab33-1ddec156dc94',
+ 'created_at': '2025-01-01T00:00:00-03:06',
+ 'completed_at': '2025-01-10T00:00:00-03:06',
+ }
+ }
+ }
+ assert app.lambda_handler(event, lambda_context) # type: ignore
+
+ # The reporting month is the month before the certificate expires
+ month_start = (expires_at.replace(day=1) - timedelta(days=1)).replace(day=1)
+ report_sk = 'MONTH#{}#SCHEDULE#SEND_REPORT_EMAIL'.format(
+ month_start.strftime('%Y-%m')
+ )
+
+ r = dynamodb_persistence_layer.collection.get_items(
+ TransactKey('CERT#REPORTING#ORG#1e2eaf0e-e319-49eb-ab33-1ddec156dc94')
+ + SortKey(
+ sk=report_sk,
+ rename_key='report_email',
+ )
+ + SortKey(
+ sk='MONTH#{}#ENROLLMENT#e45019d8-be7a-4a82-9b37-12a01f0127bb'.format(
+ expires_at.strftime('%Y-%m')
+ ),
+ rename_key='enrollment',
+ ),
+ flatten_top=False,
+ )
+
+ assert 'course' in r['enrollment']
+ assert 'ttl' in r['report_email']
diff --git a/enrollments-events/tests/events/cert_reporting/test_send_report_email.py b/enrollments-events/tests/events/cert_reporting/test_send_report_email.py
new file mode 100644
index 0000000..3e37b47
--- /dev/null
+++ b/enrollments-events/tests/events/cert_reporting/test_send_report_email.py
@@ -0,0 +1,25 @@
+import app.events.cert_reporting.send_report_email as app
+from aws_lambda_powertools.utilities.typing import LambdaContext
+from layercake.dynamodb import (
+ DynamoDBPersistenceLayer,
+)
+
+
+def test_send_report_email(
+ monkeypatch,
+ seeds,
+ dynamodb_persistence_layer: DynamoDBPersistenceLayer,
+ lambda_context: LambdaContext,
+):
+ event = {
+ 'detail': {
+ 'old_image': {
+ 'id': 'CERT#REPORTING#ORG#00237409-9384-4692-9be5-b4443a41e1c4',
+ 'sk': 'MONTH#2025-06#SCHEDULE#SEND_REPORT_EMAIL',
+ 'target_month': '2025-07',
+ },
+ }
+ }
+ monkeypatch.setattr(app.sesv2_client, 'send_email', lambda *args, **kwargs: ...)
+
+ assert app.lambda_handler(event, lambda_context) # type: ignore
diff --git a/enrollments-events/tests/events/test_issue_cert.py b/enrollments-events/tests/events/test_issue_cert.py
index 62711fe..7336d5a 100644
--- a/enrollments-events/tests/events/test_issue_cert.py
+++ b/enrollments-events/tests/events/test_issue_cert.py
@@ -35,4 +35,4 @@ def test_issue_cert(
key=KeyPair('1ee108ae-67d4-4545-bf6d-4e641cdaa4e0', '0')
)
- assert 'issued_cert' in r
+ assert 'cert' in r
diff --git a/enrollments-events/tests/events/test_set_cert_expired.py b/enrollments-events/tests/events/test_set_cert_expired.py
index 79f1dc8..ea58bd4 100644
--- a/enrollments-events/tests/events/test_set_cert_expired.py
+++ b/enrollments-events/tests/events/test_set_cert_expired.py
@@ -29,7 +29,7 @@ def test_set_cert_expired(
)
assert r['status'] == 'COMPLETED'
assert 'executed' in r
- assert 'issued_cert' in r
+ assert 'cert' in r
def test_existing_issued_cert(
@@ -50,4 +50,4 @@ def test_existing_issued_cert(
r = dynamodb_persistence_layer.collection.get_items(
TransactKey('1ee108ae-67d4-4545-bf6d-4e641cdaa4e0') + SortKey('0')
)
- assert 's3_uri' in r['issued_cert']
+ assert 's3_uri' in r['cert']
diff --git a/enrollments-events/tests/seeds.jsonl b/enrollments-events/tests/seeds.jsonl
index b7a1927..e50a5f1 100644
--- a/enrollments-events/tests/seeds.jsonl
+++ b/enrollments-events/tests/seeds.jsonl
@@ -27,7 +27,7 @@
{"id": "6437a282-6fe8-4e4d-9eb0-da1007238007", "sk": "0", "status": "IN_PROGRESS", "progress": 10}
{"id": "845fe390-e3c3-4514-97f8-c42de0566cf0", "sk": "0", "status": "COMPLETED", "progress": 100}
-{"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "0", "status": "COMPLETED", "score": 100, "course": {"id": "123", "name": "CIPA Grau de Risco 1"}, "user": {"name": "Kurt Cobain"}, "issued_cert": {"s3_uri": "s3://saladeaula.digital/issuedcerts/1ee108ae-67d4-4545-bf6d-4e641cdaa4e0.pdf"}}
+{"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "0", "status": "COMPLETED", "score": 100, "course": {"id": "123", "name": "CIPA Grau de Risco 1"}, "user": {"name": "Kurt Cobain"}, "cert": {"s3_uri": "s3://saladeaula.digital/issuedcerts/1ee108ae-67d4-4545-bf6d-4e641cdaa4e0.pdf"}}
{"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "STARTED", "started_at": "2025-08-24T01:44:42.703012-03:06"}
{"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "COMPLETED", "completed_at": "2025-08-31T21:59:10.842467-03:00"}
@@ -37,3 +37,10 @@
{"id": "294e9864-8284-4287-b153-927b15d90900", "sk": "konviva", "class_id": 34, "user_id": 26943, "created_at": "2025-09-09T09:11:29.315247-03:00", "enrollment_id": 244488}
{"id": "294e9864-8284-4287-b153-927b15d90900", "sk": "tenant", "org_id": "123", "name": "EDUSEG", "create_date": "2025-09-12T17:11:00.556907-03:00"}
+// Certificate reporting
+{"id": "CERT#REPORTING#ORG#00237409-9384-4692-9be5-b4443a41e1c4", "sk": "MONTH#2025-07#ENROLLMENT#ba4d48e6-3671-4060-988a-d6cf97dd0ea4", "completed_at": "2025-01-10T00:00:00-03:06", "enrolled_at": "2025-01-01T00:00:00-03:06", "expires_at": "2026-02-10T20:14:42.880991", "course": {"name": "How to Sing Better", "id": "431"}, "created_at": "2025-10-11T23:39:12.194344-03:00", "user": {"name": "Tobias Summit", "id": "1234"}, "enrollment_id": "e45019d8-be7a-4a82-9b37-12a01f0127bb"}
+
+// Org
+{"id": "1e2eaf0e-e319-49eb-ab33-1ddec156dc94", "sk": "0", "name": "pytest"}
+// Org admins
+{"id": "00237409-9384-4692-9be5-b4443a41e1c4", "sk": "admins#1234", "email": "sergio@somosbeta.com.br", "name": "Sérgio R Siqueira"}
diff --git a/enrollments-events/uv.lock b/enrollments-events/uv.lock
index 37f3a81..f62a44e 100644
--- a/enrollments-events/uv.lock
+++ b/enrollments-events/uv.lock
@@ -31,14 +31,14 @@ wheels = [
[[package]]
name = "authlib"
-version = "1.6.1"
+version = "1.6.5"
source = { registry = "https://pypi.org/simple" }
dependencies = [
{ name = "cryptography" },
]
-sdist = { url = "https://files.pythonhosted.org/packages/8e/a1/d8d1c6f8bc922c0b87ae0d933a8ed57be1bef6970894ed79c2852a153cd3/authlib-1.6.1.tar.gz", hash = "sha256:4dffdbb1460ba6ec8c17981a4c67af7d8af131231b5a36a88a1e8c80c111cdfd", size = 159988, upload-time = "2025-07-20T07:38:42.834Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/cd/3f/1d3bbd0bf23bdd99276d4def22f29c27a914067b4cf66f753ff9b8bbd0f3/authlib-1.6.5.tar.gz", hash = "sha256:6aaf9c79b7cc96c900f0b284061691c5d4e61221640a948fe690b556a6d6d10b", size = 164553, upload-time = "2025-10-02T13:36:09.489Z" }
wheels = [
- { url = "https://files.pythonhosted.org/packages/f9/58/cc6a08053f822f98f334d38a27687b69c6655fb05cd74a7a5e70a2aeed95/authlib-1.6.1-py2.py3-none-any.whl", hash = "sha256:e9d2031c34c6309373ab845afc24168fe9e93dc52d252631f52642f21f5ed06e", size = 239299, upload-time = "2025-07-20T07:38:39.259Z" },
+ { url = "https://files.pythonhosted.org/packages/f8/aa/5082412d1ee302e9e7d80b6949bc4d2a8fa1149aaab610c5fc24709605d6/authlib-1.6.5-py2.py3-none-any.whl", hash = "sha256:3e0e0507807f842b02175507bdee8957a1d5707fd4afb17c32fb43fee90b6e3a", size = 243608, upload-time = "2025-10-02T13:36:07.637Z" },
]
[[package]]
@@ -501,7 +501,7 @@ wheels = [
[[package]]
name = "layercake"
-version = "0.10.0"
+version = "0.10.1"
source = { directory = "../layercake" }
dependencies = [
{ name = "arnparse" },
@@ -529,7 +529,7 @@ dependencies = [
[package.metadata]
requires-dist = [
{ name = "arnparse", specifier = ">=0.0.2" },
- { name = "authlib", specifier = ">=1.6.1" },
+ { name = "authlib", specifier = ">=1.6.5" },
{ name = "aws-lambda-powertools", extras = ["all"], specifier = ">=3.18.0" },
{ name = "dictdiffer", specifier = ">=0.9.0" },
{ name = "ftfy", specifier = ">=6.3.1" },
diff --git a/id.saladeaula.digital/app/routes/openid_configuration.py b/id.saladeaula.digital/app/routes/openid_configuration.py
index 41bb881..6278f2d 100644
--- a/id.saladeaula.digital/app/routes/openid_configuration.py
+++ b/id.saladeaula.digital/app/routes/openid_configuration.py
@@ -14,7 +14,7 @@ def openid_configuration():
'revocation_endpoint': f'{ISSUER}/revoke',
'userinfo_endpoint': f'{ISSUER}/userinfo',
'jwks_uri': f'{ISSUER}/.well-known/jwks.json',
- 'scopes_supported': OAUTH2_SCOPES_SUPPORTED.split(),
+ 'scopes_supported': OAUTH2_SCOPES_SUPPORTED,
'response_types_supported': ['code'],
'grant_types_supported': ['authorization_code', 'refresh_token'],
'subject_types_supported': ['public'],
diff --git a/id.saladeaula.digital/client/app/routes/authorize.ts b/id.saladeaula.digital/client/app/routes/authorize.ts
index 1b8436e..d628607 100644
--- a/id.saladeaula.digital/client/app/routes/authorize.ts
+++ b/id.saladeaula.digital/client/app/routes/authorize.ts
@@ -6,16 +6,16 @@ import { parse } from 'cookie'
export async function loader({ request, context }: Route.LoaderArgs) {
const cookies = parse(request.headers.get('Cookie') || '')
const url = new URL(request.url)
- const redirect = new URL('/', url.origin)
+ const loginUrl = new URL('/', url.origin)
const issuerUrl = new URL('/authorize', context.cloudflare.env.ISSUER_URL)
issuerUrl.search = url.search
- redirect.search = url.search
+ loginUrl.search = url.search
if (!cookies?.__session) {
return new Response(null, {
status: httpStatus.FOUND,
headers: {
- Location: redirect.toString()
+ Location: loginUrl.toString()
}
})
}
@@ -56,7 +56,7 @@ export async function loader({ request, context }: Route.LoaderArgs) {
return new Response(null, {
status: httpStatus.FOUND,
headers: {
- Location: redirect.toString()
+ Location: loginUrl.toString()
}
})
} catch {
diff --git a/order-events/app/events/billing/close_window.py b/order-events/app/events/billing/close_window.py
index c8382ad..7d1cdcd 100644
--- a/order-events/app/events/billing/close_window.py
+++ b/order-events/app/events/billing/close_window.py
@@ -12,7 +12,7 @@ from layercake.dateutils import now
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair
from boto3clients import dynamodb_client, s3_client
-from config import BUCKET_NAME, ORDER_TABLE, PAPERFORGE_API, TEMPLATE_URI
+from config import BILLING_TEMPLATE_URI, BUCKET_NAME, ORDER_TABLE, PAPERFORGE_API
logger = Logger(__name__)
order_layer = DynamoDBPersistenceLayer(ORDER_TABLE, dynamodb_client)
@@ -38,7 +38,7 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool:
json_data = json.dumps(
{
- 'template_uri': TEMPLATE_URI,
+ 'template_uri': BILLING_TEMPLATE_URI,
'args': {
'start_date': start_date,
'end_date': end_date,
diff --git a/order-events/template.yaml b/order-events/template.yaml
index c4852c3..2f61ea4 100644
--- a/order-events/template.yaml
+++ b/order-events/template.yaml
@@ -26,7 +26,7 @@ Globals:
Architectures:
- x86_64
Layers:
- - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:94
+ - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:98
Environment:
Variables:
TZ: America/Sao_Paulo
diff --git a/order-events/uv.lock b/order-events/uv.lock
index f994690..348fe3c 100644
--- a/order-events/uv.lock
+++ b/order-events/uv.lock
@@ -40,14 +40,14 @@ wheels = [
[[package]]
name = "authlib"
-version = "1.6.1"
+version = "1.6.5"
source = { registry = "https://pypi.org/simple" }
dependencies = [
{ name = "cryptography" },
]
-sdist = { url = "https://files.pythonhosted.org/packages/8e/a1/d8d1c6f8bc922c0b87ae0d933a8ed57be1bef6970894ed79c2852a153cd3/authlib-1.6.1.tar.gz", hash = "sha256:4dffdbb1460ba6ec8c17981a4c67af7d8af131231b5a36a88a1e8c80c111cdfd", size = 159988, upload-time = "2025-07-20T07:38:42.834Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/cd/3f/1d3bbd0bf23bdd99276d4def22f29c27a914067b4cf66f753ff9b8bbd0f3/authlib-1.6.5.tar.gz", hash = "sha256:6aaf9c79b7cc96c900f0b284061691c5d4e61221640a948fe690b556a6d6d10b", size = 164553, upload-time = "2025-10-02T13:36:09.489Z" }
wheels = [
- { url = "https://files.pythonhosted.org/packages/f9/58/cc6a08053f822f98f334d38a27687b69c6655fb05cd74a7a5e70a2aeed95/authlib-1.6.1-py2.py3-none-any.whl", hash = "sha256:e9d2031c34c6309373ab845afc24168fe9e93dc52d252631f52642f21f5ed06e", size = 239299, upload-time = "2025-07-20T07:38:39.259Z" },
+ { url = "https://files.pythonhosted.org/packages/f8/aa/5082412d1ee302e9e7d80b6949bc4d2a8fa1149aaab610c5fc24709605d6/authlib-1.6.5-py2.py3-none-any.whl", hash = "sha256:3e0e0507807f842b02175507bdee8957a1d5707fd4afb17c32fb43fee90b6e3a", size = 243608, upload-time = "2025-10-02T13:36:07.637Z" },
]
[[package]]
@@ -576,7 +576,7 @@ wheels = [
[[package]]
name = "layercake"
-version = "0.9.14"
+version = "0.10.1"
source = { directory = "../layercake" }
dependencies = [
{ name = "arnparse" },
@@ -585,6 +585,7 @@ dependencies = [
{ name = "dictdiffer" },
{ name = "ftfy" },
{ name = "glom" },
+ { name = "joserfc" },
{ name = "meilisearch" },
{ name = "orjson" },
{ name = "passlib" },
@@ -592,7 +593,7 @@ dependencies = [
{ name = "pycpfcnpj" },
{ name = "pydantic", extra = ["email"] },
{ name = "pydantic-extra-types" },
- { name = "pyjwt" },
+ { name = "python-multipart" },
{ name = "pytz" },
{ name = "requests" },
{ name = "smart-open", extra = ["s3"] },
@@ -603,11 +604,12 @@ dependencies = [
[package.metadata]
requires-dist = [
{ name = "arnparse", specifier = ">=0.0.2" },
- { name = "authlib", specifier = ">=1.6.1" },
+ { name = "authlib", specifier = ">=1.6.5" },
{ name = "aws-lambda-powertools", extras = ["all"], specifier = ">=3.18.0" },
{ name = "dictdiffer", specifier = ">=0.9.0" },
{ name = "ftfy", specifier = ">=6.3.1" },
{ name = "glom", specifier = ">=24.11.0" },
+ { name = "joserfc", specifier = ">=1.2.2" },
{ name = "meilisearch", specifier = ">=0.34.0" },
{ name = "orjson", specifier = ">=3.10.15" },
{ name = "passlib", specifier = ">=1.7.4" },
@@ -615,7 +617,7 @@ requires-dist = [
{ name = "pycpfcnpj", specifier = ">=1.8" },
{ name = "pydantic", extras = ["email"], specifier = ">=2.10.6" },
{ name = "pydantic-extra-types", specifier = ">=2.10.3" },
- { name = "pyjwt", specifier = ">=2.10.1" },
+ { name = "python-multipart", specifier = ">=0.0.20" },
{ name = "pytz", specifier = ">=2025.1" },
{ name = "requests", specifier = ">=2.32.3" },
{ name = "smart-open", extras = ["s3"], specifier = ">=7.1.0" },
@@ -1023,15 +1025,6 @@ wheels = [
{ url = "https://files.pythonhosted.org/packages/b6/5f/d6d641b490fd3ec2c4c13b4244d68deea3a1b970a97be64f34fb5504ff72/pydantic_settings-2.9.1-py3-none-any.whl", hash = "sha256:59b4f431b1defb26fe620c71a7d3968a710d719f5f4cdbbdb7926edeb770f6ef", size = 44356, upload-time = "2025-04-18T16:44:46.617Z" },
]
-[[package]]
-name = "pyjwt"
-version = "2.10.1"
-source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/e7/46/bd74733ff231675599650d3e47f361794b22ef3e3770998dda30d3b63726/pyjwt-2.10.1.tar.gz", hash = "sha256:3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9381953", size = 87785, upload-time = "2024-11-28T03:43:29.933Z" }
-wheels = [
- { url = "https://files.pythonhosted.org/packages/61/ad/689f02752eeec26aed679477e80e632ef1b682313be70793d798c1d5fc8f/PyJWT-2.10.1-py3-none-any.whl", hash = "sha256:dcdd193e30abefd5debf142f9adfcdd2b58004e644f25406ffaebd50bd98dacb", size = 22997, upload-time = "2024-11-28T03:43:27.893Z" },
-]
-
[[package]]
name = "pyparsing"
version = "3.2.3"
@@ -1090,6 +1083,15 @@ wheels = [
{ url = "https://files.pythonhosted.org/packages/1e/18/98a99ad95133c6a6e2005fe89faedf294a748bd5dc803008059409ac9b1e/python_dotenv-1.1.0-py3-none-any.whl", hash = "sha256:d7c01d9e2293916c18baf562d95698754b0dbbb5e74d457c45d4f6561fb9d55d", size = 20256, upload-time = "2025-03-25T10:14:55.034Z" },
]
+[[package]]
+name = "python-multipart"
+version = "0.0.20"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/f3/87/f44d7c9f274c7ee665a29b885ec97089ec5dc034c7f3fafa03da9e39a09e/python_multipart-0.0.20.tar.gz", hash = "sha256:8dd0cab45b8e23064ae09147625994d090fa46f5b0d1e13af944c331a7fa9d13", size = 37158, upload-time = "2024-12-16T19:45:46.972Z" }
+wheels = [
+ { url = "https://files.pythonhosted.org/packages/45/58/38b5afbc1a800eeea951b9285d3912613f2603bdf897a4ab0f4bd7f405fc/python_multipart-0.0.20-py3-none-any.whl", hash = "sha256:8a62d3a8335e06589fe01f2a3e178cdcc632f3fbe0d492ad9ee0ec35aab1f104", size = 24546, upload-time = "2024-12-16T19:45:44.423Z" },
+]
+
[[package]]
name = "pytz"
version = "2025.2"