From 8d10f55ad26ec589ddb34a5fb885c3e9839a0223 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20Rafael=20Siqueira?= Date: Sun, 12 Oct 2025 01:09:40 -0300 Subject: [PATCH] add send cert reporting --- enrollments-events/app/config.py | 4 +- enrollments-events/app/enrollment.py | 8 - .../app/events/allocate_slots.py | 1 + .../app/events/cert_reporting/__init__.py | 0 .../cert_reporting/append_issued_cert.py | 79 ++++++++++ .../cert_reporting/send_report_email.py | 146 ++++++++++++++++++ enrollments-events/app/events/issue_cert.py | 12 +- .../app/events/set_cert_expired.py | 9 +- enrollments-events/template.yaml | 65 +++++++- .../cert_reporting/test_append_issued_cert.py | 66 ++++++++ .../cert_reporting/test_send_report_email.py | 25 +++ .../tests/events/test_issue_cert.py | 2 +- .../tests/events/test_set_cert_expired.py | 4 +- enrollments-events/tests/seeds.jsonl | 9 +- enrollments-events/uv.lock | 10 +- .../app/routes/openid_configuration.py | 2 +- .../client/app/routes/authorize.ts | 8 +- .../app/events/billing/close_window.py | 4 +- order-events/template.yaml | 2 +- order-events/uv.lock | 34 ++-- 20 files changed, 435 insertions(+), 55 deletions(-) create mode 100644 enrollments-events/app/events/cert_reporting/__init__.py create mode 100644 enrollments-events/app/events/cert_reporting/append_issued_cert.py create mode 100644 enrollments-events/app/events/cert_reporting/send_report_email.py create mode 100644 enrollments-events/tests/events/cert_reporting/test_append_issued_cert.py create mode 100644 enrollments-events/tests/events/cert_reporting/test_send_report_email.py diff --git a/enrollments-events/app/config.py b/enrollments-events/app/config.py index 3b36fc7..6a5cd24 100644 --- a/enrollments-events/app/config.py +++ b/enrollments-events/app/config.py @@ -8,8 +8,10 @@ COURSE_TABLE: str = os.getenv('COURSE_TABLE') # type: ignore BUCKET_NAME: str = os.getenv('BUCKET_NAME') # type: ignore EMAIL_SENDER = ('EDUSEG®', 'noreply@eduseg.com.br') + PAPERFORGE_API = 'https://paperforge.saladeaula.digital' -SIGNATURE_URI = 's3://saladeaula.digital/signatures/ecnpj_2025.pfx' +CERT_REPORTING_URI = 's3://saladeaula.digital/certs/reporting.html' +ESIGN_URI = 's3://saladeaula.digital/esigns/ecnpj_2025.pfx' DBNAME: str = os.getenv('POSTGRES_DB') # type: ignore diff --git a/enrollments-events/app/enrollment.py b/enrollments-events/app/enrollment.py index 07b90f0..9a9c016 100644 --- a/enrollments-events/app/enrollment.py +++ b/enrollments-events/app/enrollment.py @@ -64,14 +64,6 @@ def enroll( # Post-migration: uncomment the following line # | ({'org_id': org['org_id']} if org else {}), ) - transact.put( - item={ - 'id': enrollment.id, - 'sk': 'METADATA#COURSE', - 'created_at': now_, - **course.model_dump(include={'cert', 'access_period'}), - } - ) # Relationships between this enrollment and its related entities for parent_entity in linked_entities: diff --git a/enrollments-events/app/events/allocate_slots.py b/enrollments-events/app/events/allocate_slots.py index 6ad26ed..b17b88e 100644 --- a/enrollments-events/app/events/allocate_slots.py +++ b/enrollments-events/app/events/allocate_slots.py @@ -34,6 +34,7 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: order = order_layer.collection.get_items( TransactKey(order_id) + SortKey('0') + SortKey('items', path_spec='items'), ) + # Post-migration: rename `tenant_id` to `org_id` org_id = order['tenant_id'] items = { item['id']: int(item['quantity']) diff --git a/enrollments-events/app/events/cert_reporting/__init__.py b/enrollments-events/app/events/cert_reporting/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/enrollments-events/app/events/cert_reporting/append_issued_cert.py b/enrollments-events/app/events/cert_reporting/append_issued_cert.py new file mode 100644 index 0000000..a27f74a --- /dev/null +++ b/enrollments-events/app/events/cert_reporting/append_issued_cert.py @@ -0,0 +1,79 @@ +import os +from datetime import datetime, timedelta + +import pytz +from aws_lambda_powertools import Logger +from aws_lambda_powertools.utilities.data_classes import ( + EventBridgeEvent, + event_source, +) +from aws_lambda_powertools.utilities.typing import LambdaContext +from glom import glom +from layercake.dateutils import fromisoformat, now, ttl +from layercake.dynamodb import DynamoDBPersistenceLayer +from layercake.funcs import pick + +from boto3clients import dynamodb_client +from config import ENROLLMENT_TABLE + +logger = Logger(__name__) +dyn = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client) +tz = os.getenv('TZ', 'UTC') + + +@event_source(data_class=EventBridgeEvent) +@logger.inject_lambda_context +def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool | None: + new_image = event.detail['new_image'] + expires_at = glom(new_image, 'cert.expires_at', default=None) + + if not expires_at: + return None + + enrollment_id = new_image['id'] + org_id = new_image['org_id'] + expires_at: datetime = fromisoformat(expires_at).replace(tzinfo=pytz.timezone(tz)) # type: ignore + # The reporting month is the month before the certificate expires + month_start = (expires_at.replace(day=1) - timedelta(days=1)).replace(day=1) + now_ = now() + pk = f'CERT#REPORTING#ORG#{org_id}' + sk = 'MONTH#{}'.format(expires_at.strftime('%Y-%m')) + + if now_ > expires_at: + return None + + try: + with dyn.transact_writer() as transact: + transact.put( + item={ + 'id': pk, + 'sk': 'MONTH#{}#SCHEDULE#SEND_REPORT_EMAIL'.format( + month_start.strftime('%Y-%m') + ), + 'target_month': expires_at.strftime('%Y-%m'), + 'ttl': ttl(start_dt=month_start), + } + ) + + transact.put( + item={ + 'id': pk, + 'sk': f'{sk}#ENROLLMENT#{enrollment_id}', + 'enrollment_id': new_image['id'], + 'user': pick(('id', 'name'), new_image['user']), + 'course': pick(('id', 'name'), new_image['course']), + 'enrolled_at': new_image['created_at'], + 'expires_at': expires_at, # type: ignore + 'completed_at': new_image['completed_at'], + 'created_at': now_, + }, + cond_expr='attribute_not_exists(sk)', + exc_cls=EnrollmentConflictError, + ) + except EnrollmentConflictError: + return False + + return True + + +class EnrollmentConflictError(Exception): ... diff --git a/enrollments-events/app/events/cert_reporting/send_report_email.py b/enrollments-events/app/events/cert_reporting/send_report_email.py new file mode 100644 index 0000000..c2d1bce --- /dev/null +++ b/enrollments-events/app/events/cert_reporting/send_report_email.py @@ -0,0 +1,146 @@ +import json +from datetime import date, datetime +from email.mime.application import MIMEApplication + +import requests +from aws_lambda_powertools import Logger +from aws_lambda_powertools.shared.json_encoder import Encoder +from aws_lambda_powertools.utilities.data_classes import ( + EventBridgeEvent, + event_source, +) +from aws_lambda_powertools.utilities.typing import LambdaContext +from layercake.dateutils import now +from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair +from layercake.email_ import Message + +from boto3clients import dynamodb_client, sesv2_client +from config import ( + CERT_REPORTING_URI, + EMAIL_SENDER, + ENROLLMENT_TABLE, + PAPERFORGE_API, + USER_TABLE, +) + +SUBJECT = 'Certificados que vencerão em {month} na EDUSEG®' +REPLY_TO = ('Carolina Brand', 'carolina@somosbeta.com.br') +BCC = [ + 'sergio@somosbeta.com.br', + 'carolina@somosbeta.com.br', + 'tiago@somosbeta.com.br', +] +MESSAGE = """ +Oi, tudo bem?

+ +Em anexo você encontra os certificados que vencerão em {month}. +

+ +Qualquer dúvida, estamos à disposição. +""" + + +logger = Logger(__name__) +enrollment_layer = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client) +user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client) + + +@event_source(data_class=EventBridgeEvent) +@logger.inject_lambda_context +def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: + old_image = event.detail['old_image'] + # Key pattern `CERT#REPORTING#ORG#{org_id}` + *_, org_id = old_image['id'].split('#') + event_name = old_image['sk'] + target_month = datetime.strptime(old_image['target_month'], '%Y-%m').date() + month = _monthfmt(target_month) + now_ = now() + + result = enrollment_layer.collection.query( + KeyPair( + pk=old_image['id'], + sk='MONTH#{}#ENROLLMENT'.format(target_month.strftime('%Y-%m')), + ), + limit=150, + ) + + json_data = json.dumps( + { + 'template_uri': CERT_REPORTING_URI, + 'args': { + 'month': month, + 'items': result['items'], + }, + }, + cls=Encoder, + ) + # Send template URI and data to Paperforge API to generate a PDF + r = requests.post(PAPERFORGE_API, data=json_data) + r.raise_for_status() + + emailmsg = Message( + from_=EMAIL_SENDER, + to=_get_admin_emails(org_id), + subject=SUBJECT.format(month=month), + ) + emailmsg.add_alternative(MESSAGE.format(month=month)) + attachment = MIMEApplication(r.content) + attachment.add_header( + 'Content-Disposition', + 'attachment', + filename='{}.pdf'.format(target_month.strftime('%Y-%m')), + ) + emailmsg.attach(attachment) + + try: + sesv2_client.send_email( + Content={ + 'Raw': { + 'Data': emailmsg.as_bytes(), + }, + } + ) + enrollment_layer.put_item( + item={ + 'id': old_image['id'], + 'sk': f'{event_name}#EXECUTED', + 'created_at': now_, + } + ) + logger.info('Email sent') + except Exception as exc: + logger.exception(exc) + enrollment_layer.put_item( + item={ + 'id': old_image['id'], + 'sk': f'{event_name}#FAILED', + 'created_at': now_, + } + ) + return False + else: + return True + + +def _get_admin_emails(org_id: str) -> list[tuple[str, str]]: + # Post-migration: rename `admins` to `ADMIN` + r = user_layer.collection.query(KeyPair(org_id, 'admins')) + return [(x['name'], x['email']) for x in r['items']] + + +def _monthfmt(dt: date) -> str: + months = [ + 'Janeiro', + 'Fevereiro', + 'Março', + 'Abril', + 'Maio', + 'Junho', + 'Julho', + 'Agosto', + 'Setembro', + 'Outubro', + 'Novembro', + 'Dezembro', + ] + return f'{months[dt.month - 1]} de {dt.year}' diff --git a/enrollments-events/app/events/issue_cert.py b/enrollments-events/app/events/issue_cert.py index bf8c871..3955c95 100644 --- a/enrollments-events/app/events/issue_cert.py +++ b/enrollments-events/app/events/issue_cert.py @@ -16,8 +16,8 @@ from config import ( BUCKET_NAME, COURSE_TABLE, ENROLLMENT_TABLE, + ESIGN_URI, PAPERFORGE_API, - SIGNATURE_URI, ) logger = Logger(__name__) @@ -38,12 +38,12 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: sk=SortKey('0', path_spec='cert', rename_key='cert'), ), raise_on_error=False, - default=False, + default=None, ) if not cert: logger.debug('Certificate not found') - # There is no certificate to issue from metadata + # There is no certificate to issue from course return False started_at: datetime = fromisoformat(new_image['started_at']) # type: ignore @@ -62,7 +62,7 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: data=json.dumps( { 'template_uri': cert['s3_uri'], - 'sign_uri': SIGNATURE_URI, + 'sign_uri': ESIGN_URI, 'args': { 'name': new_image['user']['name'], 'cpf': _cpffmt(new_image['user']['cpf']), @@ -106,10 +106,10 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: pk=enrollment_id, sk='0', ), - update_expr='SET issued_cert = :issued_cert, updated_at = :now', + update_expr='SET cert = :cert, updated_at = :now', expr_attr_values={ ':now': now_, - ':issued_cert': { + ':cert': { 'issued_at': now_, } | ({'expires_at': cert_expires_at} if cert_expires_at else {}) diff --git a/enrollments-events/app/events/set_cert_expired.py b/enrollments-events/app/events/set_cert_expired.py index 02d1a73..09bd280 100644 --- a/enrollments-events/app/events/set_cert_expired.py +++ b/enrollments-events/app/events/set_cert_expired.py @@ -21,10 +21,10 @@ dyn = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client) def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: old_image = event.detail['old_image'] now_ = now() - issued_cert = dyn.collection.get_item( + cert = dyn.collection.get_item( KeyPair( pk=old_image['id'], - sk=SortKey('0', path_spec='issued_cert'), + sk=SortKey('0', path_spec='cert'), ), raise_on_error=False, default={}, @@ -37,12 +37,11 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: pk=old_image['id'], sk='0', ), - update_expr='SET issued_cert = :issued_cert, \ - updated_at = :now', + update_expr='SET cert = :cert, updated_at = :now', cond_expr='#status = :completed', expr_attr_names={'#status': 'status'}, expr_attr_values={ - ':issued_cert': issued_cert | {'expired': True}, + ':cert': cert | {'expired': True}, ':completed': 'COMPLETED', ':now': now_, }, diff --git a/enrollments-events/template.yaml b/enrollments-events/template.yaml index 02cfd03..794f031 100644 --- a/enrollments-events/template.yaml +++ b/enrollments-events/template.yaml @@ -26,7 +26,7 @@ Globals: Architectures: - x86_64 Layers: - - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:97 + - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:98 Environment: Variables: TZ: America/Sao_Paulo @@ -140,7 +140,7 @@ Resources: Type: EventBridgeRule Properties: Pattern: - resources: [betaeducacao-prod-orders] + resources: [!Ref OrderTable] detail-type: [INSERT] detail: new_image: @@ -331,3 +331,64 @@ Resources: status: [COMPLETED] old_image: status: [IN_PROGRESS] + + EventCertReportingAppendIssuedCertFunction: + Type: AWS::Serverless::Function + Properties: + Handler: events.cert_reporting.append_issued_cert.lambda_handler + LoggingConfig: + LogGroup: !Ref EventLog + Policies: + - DynamoDBCrudPolicy: + TableName: !Ref EnrollmentTable + Events: + DynamoDBEvent: + Type: EventBridgeRule + Properties: + Pattern: + resources: [!Ref EnrollmentTable] + detail: + keys: + sk: ["0"] + new_image: + status: [COMPLETED] + cert: + exists: true + org_id: + exists: true + old_image: + cert: + exists: false + + EventCertReportingSendReportEmailFunction: + Type: AWS::Serverless::Function + Properties: + Handler: events.cert_reporting.send_report_email.lambda_handler + LoggingConfig: + LogGroup: !Ref EventLog + Policies: + - DynamoDBReadPolicy: + TableName: !Ref EnrollmentTable + - DynamoDBReadPolicy: + TableName: !Ref UserTable + - Version: 2012-10-17 + Statement: + - Effect: Allow + Action: + - ses:SendRawEmail + Resource: + - !Sub arn:aws:ses:${AWS::Region}:${AWS::AccountId}:identity/eduseg.com.br + - !Sub arn:aws:ses:${AWS::Region}:${AWS::AccountId}:configuration-set/tracking + Events: + DynamoDBEvent: + Type: EventBridgeRule + Properties: + Pattern: + resources: [!Ref EnrollmentTable] + detail-type: [EXPIRE] + detail: + keys: + id: + - prefix: CERT#REPORTING#ORG + sk: + - suffix: SCHEDULE#SEND_REPORT_EMAIL diff --git a/enrollments-events/tests/events/cert_reporting/test_append_issued_cert.py b/enrollments-events/tests/events/cert_reporting/test_append_issued_cert.py new file mode 100644 index 0000000..1eb3f14 --- /dev/null +++ b/enrollments-events/tests/events/cert_reporting/test_append_issued_cert.py @@ -0,0 +1,66 @@ +from datetime import timedelta + +import app.events.cert_reporting.append_issued_cert as app +from aws_lambda_powertools.utilities.typing import LambdaContext +from layercake.dateutils import now +from layercake.dynamodb import ( + DynamoDBPersistenceLayer, + SortKey, + TransactKey, +) + + +def test_append_issued_cert( + seeds, + dynamodb_persistence_layer: DynamoDBPersistenceLayer, + lambda_context: LambdaContext, +): + expires_at = now() + timedelta(days=360) + event = { + 'detail': { + 'new_image': { + 'id': 'e45019d8-be7a-4a82-9b37-12a01f0127bb', + 'sk': '0', + 'course': { + 'id': '431', + 'name': 'How to Sing Better', + }, + 'cert': { + # 'expires_at': '2026-02-10T20:14:42.880991', + 'expires_at': expires_at.isoformat(), + }, + 'user': { + 'id': '1234', + 'name': 'Tobias Summit', + }, + 'org_id': '1e2eaf0e-e319-49eb-ab33-1ddec156dc94', + 'created_at': '2025-01-01T00:00:00-03:06', + 'completed_at': '2025-01-10T00:00:00-03:06', + } + } + } + assert app.lambda_handler(event, lambda_context) # type: ignore + + # The reporting month is the month before the certificate expires + month_start = (expires_at.replace(day=1) - timedelta(days=1)).replace(day=1) + report_sk = 'MONTH#{}#SCHEDULE#SEND_REPORT_EMAIL'.format( + month_start.strftime('%Y-%m') + ) + + r = dynamodb_persistence_layer.collection.get_items( + TransactKey('CERT#REPORTING#ORG#1e2eaf0e-e319-49eb-ab33-1ddec156dc94') + + SortKey( + sk=report_sk, + rename_key='report_email', + ) + + SortKey( + sk='MONTH#{}#ENROLLMENT#e45019d8-be7a-4a82-9b37-12a01f0127bb'.format( + expires_at.strftime('%Y-%m') + ), + rename_key='enrollment', + ), + flatten_top=False, + ) + + assert 'course' in r['enrollment'] + assert 'ttl' in r['report_email'] diff --git a/enrollments-events/tests/events/cert_reporting/test_send_report_email.py b/enrollments-events/tests/events/cert_reporting/test_send_report_email.py new file mode 100644 index 0000000..3e37b47 --- /dev/null +++ b/enrollments-events/tests/events/cert_reporting/test_send_report_email.py @@ -0,0 +1,25 @@ +import app.events.cert_reporting.send_report_email as app +from aws_lambda_powertools.utilities.typing import LambdaContext +from layercake.dynamodb import ( + DynamoDBPersistenceLayer, +) + + +def test_send_report_email( + monkeypatch, + seeds, + dynamodb_persistence_layer: DynamoDBPersistenceLayer, + lambda_context: LambdaContext, +): + event = { + 'detail': { + 'old_image': { + 'id': 'CERT#REPORTING#ORG#00237409-9384-4692-9be5-b4443a41e1c4', + 'sk': 'MONTH#2025-06#SCHEDULE#SEND_REPORT_EMAIL', + 'target_month': '2025-07', + }, + } + } + monkeypatch.setattr(app.sesv2_client, 'send_email', lambda *args, **kwargs: ...) + + assert app.lambda_handler(event, lambda_context) # type: ignore diff --git a/enrollments-events/tests/events/test_issue_cert.py b/enrollments-events/tests/events/test_issue_cert.py index 62711fe..7336d5a 100644 --- a/enrollments-events/tests/events/test_issue_cert.py +++ b/enrollments-events/tests/events/test_issue_cert.py @@ -35,4 +35,4 @@ def test_issue_cert( key=KeyPair('1ee108ae-67d4-4545-bf6d-4e641cdaa4e0', '0') ) - assert 'issued_cert' in r + assert 'cert' in r diff --git a/enrollments-events/tests/events/test_set_cert_expired.py b/enrollments-events/tests/events/test_set_cert_expired.py index 79f1dc8..ea58bd4 100644 --- a/enrollments-events/tests/events/test_set_cert_expired.py +++ b/enrollments-events/tests/events/test_set_cert_expired.py @@ -29,7 +29,7 @@ def test_set_cert_expired( ) assert r['status'] == 'COMPLETED' assert 'executed' in r - assert 'issued_cert' in r + assert 'cert' in r def test_existing_issued_cert( @@ -50,4 +50,4 @@ def test_existing_issued_cert( r = dynamodb_persistence_layer.collection.get_items( TransactKey('1ee108ae-67d4-4545-bf6d-4e641cdaa4e0') + SortKey('0') ) - assert 's3_uri' in r['issued_cert'] + assert 's3_uri' in r['cert'] diff --git a/enrollments-events/tests/seeds.jsonl b/enrollments-events/tests/seeds.jsonl index b7a1927..e50a5f1 100644 --- a/enrollments-events/tests/seeds.jsonl +++ b/enrollments-events/tests/seeds.jsonl @@ -27,7 +27,7 @@ {"id": "6437a282-6fe8-4e4d-9eb0-da1007238007", "sk": "0", "status": "IN_PROGRESS", "progress": 10} {"id": "845fe390-e3c3-4514-97f8-c42de0566cf0", "sk": "0", "status": "COMPLETED", "progress": 100} -{"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "0", "status": "COMPLETED", "score": 100, "course": {"id": "123", "name": "CIPA Grau de Risco 1"}, "user": {"name": "Kurt Cobain"}, "issued_cert": {"s3_uri": "s3://saladeaula.digital/issuedcerts/1ee108ae-67d4-4545-bf6d-4e641cdaa4e0.pdf"}} +{"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "0", "status": "COMPLETED", "score": 100, "course": {"id": "123", "name": "CIPA Grau de Risco 1"}, "user": {"name": "Kurt Cobain"}, "cert": {"s3_uri": "s3://saladeaula.digital/issuedcerts/1ee108ae-67d4-4545-bf6d-4e641cdaa4e0.pdf"}} {"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "STARTED", "started_at": "2025-08-24T01:44:42.703012-03:06"} {"id": "1ee108ae-67d4-4545-bf6d-4e641cdaa4e0", "sk": "COMPLETED", "completed_at": "2025-08-31T21:59:10.842467-03:00"} @@ -37,3 +37,10 @@ {"id": "294e9864-8284-4287-b153-927b15d90900", "sk": "konviva", "class_id": 34, "user_id": 26943, "created_at": "2025-09-09T09:11:29.315247-03:00", "enrollment_id": 244488} {"id": "294e9864-8284-4287-b153-927b15d90900", "sk": "tenant", "org_id": "123", "name": "EDUSEG", "create_date": "2025-09-12T17:11:00.556907-03:00"} +// Certificate reporting +{"id": "CERT#REPORTING#ORG#00237409-9384-4692-9be5-b4443a41e1c4", "sk": "MONTH#2025-07#ENROLLMENT#ba4d48e6-3671-4060-988a-d6cf97dd0ea4", "completed_at": "2025-01-10T00:00:00-03:06", "enrolled_at": "2025-01-01T00:00:00-03:06", "expires_at": "2026-02-10T20:14:42.880991", "course": {"name": "How to Sing Better", "id": "431"}, "created_at": "2025-10-11T23:39:12.194344-03:00", "user": {"name": "Tobias Summit", "id": "1234"}, "enrollment_id": "e45019d8-be7a-4a82-9b37-12a01f0127bb"} + +// Org +{"id": "1e2eaf0e-e319-49eb-ab33-1ddec156dc94", "sk": "0", "name": "pytest"} +// Org admins +{"id": "00237409-9384-4692-9be5-b4443a41e1c4", "sk": "admins#1234", "email": "sergio@somosbeta.com.br", "name": "Sérgio R Siqueira"} diff --git a/enrollments-events/uv.lock b/enrollments-events/uv.lock index 37f3a81..f62a44e 100644 --- a/enrollments-events/uv.lock +++ b/enrollments-events/uv.lock @@ -31,14 +31,14 @@ wheels = [ [[package]] name = "authlib" -version = "1.6.1" +version = "1.6.5" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "cryptography" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/8e/a1/d8d1c6f8bc922c0b87ae0d933a8ed57be1bef6970894ed79c2852a153cd3/authlib-1.6.1.tar.gz", hash = "sha256:4dffdbb1460ba6ec8c17981a4c67af7d8af131231b5a36a88a1e8c80c111cdfd", size = 159988, upload-time = "2025-07-20T07:38:42.834Z" } +sdist = { url = "https://files.pythonhosted.org/packages/cd/3f/1d3bbd0bf23bdd99276d4def22f29c27a914067b4cf66f753ff9b8bbd0f3/authlib-1.6.5.tar.gz", hash = "sha256:6aaf9c79b7cc96c900f0b284061691c5d4e61221640a948fe690b556a6d6d10b", size = 164553, upload-time = "2025-10-02T13:36:09.489Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/f9/58/cc6a08053f822f98f334d38a27687b69c6655fb05cd74a7a5e70a2aeed95/authlib-1.6.1-py2.py3-none-any.whl", hash = "sha256:e9d2031c34c6309373ab845afc24168fe9e93dc52d252631f52642f21f5ed06e", size = 239299, upload-time = "2025-07-20T07:38:39.259Z" }, + { url = "https://files.pythonhosted.org/packages/f8/aa/5082412d1ee302e9e7d80b6949bc4d2a8fa1149aaab610c5fc24709605d6/authlib-1.6.5-py2.py3-none-any.whl", hash = "sha256:3e0e0507807f842b02175507bdee8957a1d5707fd4afb17c32fb43fee90b6e3a", size = 243608, upload-time = "2025-10-02T13:36:07.637Z" }, ] [[package]] @@ -501,7 +501,7 @@ wheels = [ [[package]] name = "layercake" -version = "0.10.0" +version = "0.10.1" source = { directory = "../layercake" } dependencies = [ { name = "arnparse" }, @@ -529,7 +529,7 @@ dependencies = [ [package.metadata] requires-dist = [ { name = "arnparse", specifier = ">=0.0.2" }, - { name = "authlib", specifier = ">=1.6.1" }, + { name = "authlib", specifier = ">=1.6.5" }, { name = "aws-lambda-powertools", extras = ["all"], specifier = ">=3.18.0" }, { name = "dictdiffer", specifier = ">=0.9.0" }, { name = "ftfy", specifier = ">=6.3.1" }, diff --git a/id.saladeaula.digital/app/routes/openid_configuration.py b/id.saladeaula.digital/app/routes/openid_configuration.py index 41bb881..6278f2d 100644 --- a/id.saladeaula.digital/app/routes/openid_configuration.py +++ b/id.saladeaula.digital/app/routes/openid_configuration.py @@ -14,7 +14,7 @@ def openid_configuration(): 'revocation_endpoint': f'{ISSUER}/revoke', 'userinfo_endpoint': f'{ISSUER}/userinfo', 'jwks_uri': f'{ISSUER}/.well-known/jwks.json', - 'scopes_supported': OAUTH2_SCOPES_SUPPORTED.split(), + 'scopes_supported': OAUTH2_SCOPES_SUPPORTED, 'response_types_supported': ['code'], 'grant_types_supported': ['authorization_code', 'refresh_token'], 'subject_types_supported': ['public'], diff --git a/id.saladeaula.digital/client/app/routes/authorize.ts b/id.saladeaula.digital/client/app/routes/authorize.ts index 1b8436e..d628607 100644 --- a/id.saladeaula.digital/client/app/routes/authorize.ts +++ b/id.saladeaula.digital/client/app/routes/authorize.ts @@ -6,16 +6,16 @@ import { parse } from 'cookie' export async function loader({ request, context }: Route.LoaderArgs) { const cookies = parse(request.headers.get('Cookie') || '') const url = new URL(request.url) - const redirect = new URL('/', url.origin) + const loginUrl = new URL('/', url.origin) const issuerUrl = new URL('/authorize', context.cloudflare.env.ISSUER_URL) issuerUrl.search = url.search - redirect.search = url.search + loginUrl.search = url.search if (!cookies?.__session) { return new Response(null, { status: httpStatus.FOUND, headers: { - Location: redirect.toString() + Location: loginUrl.toString() } }) } @@ -56,7 +56,7 @@ export async function loader({ request, context }: Route.LoaderArgs) { return new Response(null, { status: httpStatus.FOUND, headers: { - Location: redirect.toString() + Location: loginUrl.toString() } }) } catch { diff --git a/order-events/app/events/billing/close_window.py b/order-events/app/events/billing/close_window.py index c8382ad..7d1cdcd 100644 --- a/order-events/app/events/billing/close_window.py +++ b/order-events/app/events/billing/close_window.py @@ -12,7 +12,7 @@ from layercake.dateutils import now from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair from boto3clients import dynamodb_client, s3_client -from config import BUCKET_NAME, ORDER_TABLE, PAPERFORGE_API, TEMPLATE_URI +from config import BILLING_TEMPLATE_URI, BUCKET_NAME, ORDER_TABLE, PAPERFORGE_API logger = Logger(__name__) order_layer = DynamoDBPersistenceLayer(ORDER_TABLE, dynamodb_client) @@ -38,7 +38,7 @@ def lambda_handler(event: EventBridgeEvent, context: LambdaContext) -> bool: json_data = json.dumps( { - 'template_uri': TEMPLATE_URI, + 'template_uri': BILLING_TEMPLATE_URI, 'args': { 'start_date': start_date, 'end_date': end_date, diff --git a/order-events/template.yaml b/order-events/template.yaml index c4852c3..2f61ea4 100644 --- a/order-events/template.yaml +++ b/order-events/template.yaml @@ -26,7 +26,7 @@ Globals: Architectures: - x86_64 Layers: - - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:94 + - !Sub arn:aws:lambda:sa-east-1:336641857101:layer:layercake:98 Environment: Variables: TZ: America/Sao_Paulo diff --git a/order-events/uv.lock b/order-events/uv.lock index f994690..348fe3c 100644 --- a/order-events/uv.lock +++ b/order-events/uv.lock @@ -40,14 +40,14 @@ wheels = [ [[package]] name = "authlib" -version = "1.6.1" +version = "1.6.5" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "cryptography" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/8e/a1/d8d1c6f8bc922c0b87ae0d933a8ed57be1bef6970894ed79c2852a153cd3/authlib-1.6.1.tar.gz", hash = "sha256:4dffdbb1460ba6ec8c17981a4c67af7d8af131231b5a36a88a1e8c80c111cdfd", size = 159988, upload-time = "2025-07-20T07:38:42.834Z" } +sdist = { url = "https://files.pythonhosted.org/packages/cd/3f/1d3bbd0bf23bdd99276d4def22f29c27a914067b4cf66f753ff9b8bbd0f3/authlib-1.6.5.tar.gz", hash = "sha256:6aaf9c79b7cc96c900f0b284061691c5d4e61221640a948fe690b556a6d6d10b", size = 164553, upload-time = "2025-10-02T13:36:09.489Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/f9/58/cc6a08053f822f98f334d38a27687b69c6655fb05cd74a7a5e70a2aeed95/authlib-1.6.1-py2.py3-none-any.whl", hash = "sha256:e9d2031c34c6309373ab845afc24168fe9e93dc52d252631f52642f21f5ed06e", size = 239299, upload-time = "2025-07-20T07:38:39.259Z" }, + { url = "https://files.pythonhosted.org/packages/f8/aa/5082412d1ee302e9e7d80b6949bc4d2a8fa1149aaab610c5fc24709605d6/authlib-1.6.5-py2.py3-none-any.whl", hash = "sha256:3e0e0507807f842b02175507bdee8957a1d5707fd4afb17c32fb43fee90b6e3a", size = 243608, upload-time = "2025-10-02T13:36:07.637Z" }, ] [[package]] @@ -576,7 +576,7 @@ wheels = [ [[package]] name = "layercake" -version = "0.9.14" +version = "0.10.1" source = { directory = "../layercake" } dependencies = [ { name = "arnparse" }, @@ -585,6 +585,7 @@ dependencies = [ { name = "dictdiffer" }, { name = "ftfy" }, { name = "glom" }, + { name = "joserfc" }, { name = "meilisearch" }, { name = "orjson" }, { name = "passlib" }, @@ -592,7 +593,7 @@ dependencies = [ { name = "pycpfcnpj" }, { name = "pydantic", extra = ["email"] }, { name = "pydantic-extra-types" }, - { name = "pyjwt" }, + { name = "python-multipart" }, { name = "pytz" }, { name = "requests" }, { name = "smart-open", extra = ["s3"] }, @@ -603,11 +604,12 @@ dependencies = [ [package.metadata] requires-dist = [ { name = "arnparse", specifier = ">=0.0.2" }, - { name = "authlib", specifier = ">=1.6.1" }, + { name = "authlib", specifier = ">=1.6.5" }, { name = "aws-lambda-powertools", extras = ["all"], specifier = ">=3.18.0" }, { name = "dictdiffer", specifier = ">=0.9.0" }, { name = "ftfy", specifier = ">=6.3.1" }, { name = "glom", specifier = ">=24.11.0" }, + { name = "joserfc", specifier = ">=1.2.2" }, { name = "meilisearch", specifier = ">=0.34.0" }, { name = "orjson", specifier = ">=3.10.15" }, { name = "passlib", specifier = ">=1.7.4" }, @@ -615,7 +617,7 @@ requires-dist = [ { name = "pycpfcnpj", specifier = ">=1.8" }, { name = "pydantic", extras = ["email"], specifier = ">=2.10.6" }, { name = "pydantic-extra-types", specifier = ">=2.10.3" }, - { name = "pyjwt", specifier = ">=2.10.1" }, + { name = "python-multipart", specifier = ">=0.0.20" }, { name = "pytz", specifier = ">=2025.1" }, { name = "requests", specifier = ">=2.32.3" }, { name = "smart-open", extras = ["s3"], specifier = ">=7.1.0" }, @@ -1023,15 +1025,6 @@ wheels = [ { url = "https://files.pythonhosted.org/packages/b6/5f/d6d641b490fd3ec2c4c13b4244d68deea3a1b970a97be64f34fb5504ff72/pydantic_settings-2.9.1-py3-none-any.whl", hash = "sha256:59b4f431b1defb26fe620c71a7d3968a710d719f5f4cdbbdb7926edeb770f6ef", size = 44356, upload-time = "2025-04-18T16:44:46.617Z" }, ] -[[package]] -name = "pyjwt" -version = "2.10.1" -source = { registry = "https://pypi.org/simple" } -sdist = { url = "https://files.pythonhosted.org/packages/e7/46/bd74733ff231675599650d3e47f361794b22ef3e3770998dda30d3b63726/pyjwt-2.10.1.tar.gz", hash = "sha256:3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9381953", size = 87785, upload-time = "2024-11-28T03:43:29.933Z" } -wheels = [ - { url = "https://files.pythonhosted.org/packages/61/ad/689f02752eeec26aed679477e80e632ef1b682313be70793d798c1d5fc8f/PyJWT-2.10.1-py3-none-any.whl", hash = "sha256:dcdd193e30abefd5debf142f9adfcdd2b58004e644f25406ffaebd50bd98dacb", size = 22997, upload-time = "2024-11-28T03:43:27.893Z" }, -] - [[package]] name = "pyparsing" version = "3.2.3" @@ -1090,6 +1083,15 @@ wheels = [ { url = "https://files.pythonhosted.org/packages/1e/18/98a99ad95133c6a6e2005fe89faedf294a748bd5dc803008059409ac9b1e/python_dotenv-1.1.0-py3-none-any.whl", hash = "sha256:d7c01d9e2293916c18baf562d95698754b0dbbb5e74d457c45d4f6561fb9d55d", size = 20256, upload-time = "2025-03-25T10:14:55.034Z" }, ] +[[package]] +name = "python-multipart" +version = "0.0.20" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/f3/87/f44d7c9f274c7ee665a29b885ec97089ec5dc034c7f3fafa03da9e39a09e/python_multipart-0.0.20.tar.gz", hash = "sha256:8dd0cab45b8e23064ae09147625994d090fa46f5b0d1e13af944c331a7fa9d13", size = 37158, upload-time = "2024-12-16T19:45:46.972Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/45/58/38b5afbc1a800eeea951b9285d3912613f2603bdf897a4ab0f4bd7f405fc/python_multipart-0.0.20-py3-none-any.whl", hash = "sha256:8a62d3a8335e06589fe01f2a3e178cdcc632f3fbe0d492ad9ee0ec35aab1f104", size = 24546, upload-time = "2024-12-16T19:45:44.423Z" }, +] + [[package]] name = "pytz" version = "2025.2"