Encryptors 2.43__tar.gz → 2.46__tar.gz

{encryptors-2.43 → encryptors-2.46}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: Encryptors
-Version: 2.43
+Version: 2.46
 Summary: End-to-end algorithm library
 Author: OSDental LLC
 Author-email: support@osdental.ai

{encryptors-2.43 → encryptors-2.46}/setup.py

@@ -2,7 +2,7 @@ from setuptools import setup, find_packages
 # ANDERSON ESTO YA SE SUBIO Y ESTA ESTABLE, AUN TE QUEDA PENDIENTE LA AUDITORIA CON RSA Y AES DE ACCESSTOKEN
 setup(
     name="Encryptors", 
-    version="2.43",
+    version="2.46",
     author="OSDental LLC",
     author_email="support@osdental.ai",
     description="End-to-end algorithm library",

{encryptors-2.43 → encryptors-2.46}/src/Encryptors.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: Encryptors
-Version: 2.43
+Version: 2.46
 Summary: End-to-end algorithm library
 Author: OSDental LLC
 Author-email: support@osdental.ai

{encryptors-2.43 → encryptors-2.46}/src/Osdental/Decorators/SecureResolver.py

@@ -2,27 +2,27 @@ from functools import wraps
 from typing import Callable
 from Osdental.Models.Response import Response
 from Osdental.Shared.Enums.Profile import Profile
-from Osdental.Exception.ControlledException import OSDException, AccessDeniedException
+from Osdental.Exception.ControlledException import OSDException, AccessDeniedException, UnauthorizedException
 from Osdental.Shared.Logger import logger
 
 def resolver(public: bool = False, action=None):
 
     def decorator(func: Callable):
 
+        func._is_public = public
+
         @wraps(func)
         async def wrapper(obj, info, **kwargs):
             try:
                 context = info.context
                 token = getattr(context, "token", None)
 
-                # 🔐 AUTH
                 if not public:
                     if not token:
-                        raise AccessDeniedException(
+                        raise UnauthorizedException(
                             error="Authorization required"
                         )
 
-                    # 🎯 AUTHORIZATION (roles)
                     if action:
                         if Profile(token.abbreviation) not in action.allowed_roles:
                             raise AccessDeniedException(
@@ -42,8 +42,8 @@ def resolver(public: bool = False, action=None):
                 return Response(
                     status=e.status_code,
                     message=e.message,
-                    error=None
-                ).send()
+                    error=e.error
+                )
 
             except Exception as e:
                 logger.exception(f"Unexpected error: {str(e)}")
@@ -52,9 +52,7 @@ def resolver(public: bool = False, action=None):
                     status="DB_ERROR_UNEXPECTED",
                     message="Could not process request.",
                     error=str(e)
-                ).send()
-
-        wrapper._is_public = public
+                )
 
         return wrapper
 

{encryptors-2.43 → encryptors-2.46}/src/Osdental/Graphql/Extensions/AuditExtension.py

@@ -1,3 +1,4 @@
+import inspect
 import json
 from graphql.pyutils import is_awaitable
 from ariadne.types import Extension
@@ -39,7 +40,6 @@ class AuditExtension(Extension):
 
         # cache body
         context._cached_body = getattr(context, "_cached_body", None) or await request.json()
-
         body = context._cached_body
 
         # skip introspection
@@ -55,7 +55,7 @@ class AuditExtension(Extension):
         if is_root:
 
             # identificar resolver público
-            resolver_fn = getattr(next_, "__wrapped__", next_)
+            resolver_fn = inspect.unwrap(next_)
             is_public = getattr(resolver_fn, "_is_public", False)
 
             # inicializar auth UNA SOLA VEZ
@@ -66,27 +66,20 @@ class AuditExtension(Extension):
                 container = context.container
                 token_service = container.token_service
 
-                aes_auth = request.app.state.aes_auth
-                aes_user = request.app.state.aes_user
-
-                if not aes_auth or not aes_user:
-                    aes_auth = None
-                    aes_user = None
-
                 original_token = None
+                context.aes_auth = None
                 if not is_public and headers.get("authorization"):
+                    aes_auth = request.app.state.aes_auth
+                    aes_user = request.app.state.aes_user
+
                     try:
                         original_token = await token_service.authenticate(headers, aes_user)
                     except Exception:
                         original_token = None
 
-                context._original_token = original_token
-                context.token = original_token
-                context.aes_auth = aes_auth
+                    context.aes_auth = aes_auth
 
             # VALIDACIÓN SOLO ROOT
-            original_token = getattr(context, "_original_token", None)
-
             if not is_public and not original_token:
                 raise ValueError("Authorization required")
 
@@ -100,30 +93,37 @@ class AuditExtension(Extension):
 
             decrypted_payload = None
 
-            if encrypted_payload is not None:
-                if isinstance(encrypted_payload, dict):
-                    decrypted_payload = encrypted_payload
+            if not is_public and encrypted_payload is not None:
+
+                if not isinstance(encrypted_payload, str):
+                    raise ValueError("Encrypted payload must be a string")
+
+                if not context.aes_auth:
+                    raise ValueError("Missing AES configuration")
+
+                try:
+                    decrypted = AES.decrypt(context.aes_auth, encrypted_payload)
+                except Exception:
+                    raise ValueError("Invalid encrypted payload")
+
+                if isinstance(decrypted, dict):
+                    decrypted_payload = decrypted
 
-                elif isinstance(encrypted_payload, str):
+                elif isinstance(decrypted, str):
                     try:
-                        decrypted_payload = json.loads(encrypted_payload)
+                        decrypted_payload = json.loads(decrypted)
                     except Exception:
-                        if context.aes_auth:
-                            try:
-                                decrypted_payload = AES.decrypt(context.aes_auth, encrypted_payload)
-                                try:
-                                    decrypted_payload = json.loads(decrypted_payload)
-                                except Exception:
-                                    pass
-                            except Exception:
-                                decrypted_payload = None
+                        raise ValueError("Decrypted payload is not valid JSON")
 
+                else:
+                    raise ValueError("Unsupported decrypted payload type")
+                        
             if decrypted_payload is not None:
                 kwargs["data"] = decrypted_payload
             
             if not is_public:
                 token = TenantPolicy.resolve(
-                    token=context._original_token,
+                    token=original_token,
                     headers=request.headers,
                     decrypted_payload=decrypted_payload,
                     operation_type=info.operation.operation.value
@@ -171,12 +171,10 @@ class AuditExtension(Extension):
         if self.result is None:
             return
 
-        decrypted_key = None
+        decrypted_key = context.aes_auth
 
         if isinstance(self.result, Response):
-            decrypted_key = self.result.key or context.aes_auth
-        else:
-            decrypted_key = context.aes_auth
+            decrypted_key = self.result.key or decrypted_key
 
         dispatcher = context.request.app.state.audit_dispatcher
 

{encryptors-2.43 → encryptors-2.46}/src/Osdental/Graphql/_Helpers/_AuditHelper.py

@@ -5,7 +5,7 @@ from Osdental.Models._Audit import Audit
 class AuditHelper:
         
     @staticmethod
-    async def build_request_payload(audit: Audit) -> Dict:
+    async def build_request_payload(audit: Audit) -> Dict[str, Any]:
         request = audit.request
         audit_config = audit.audit_config
         payload = audit.payload
@@ -14,7 +14,7 @@ class AuditHelper:
 
         user_ip = request.headers.get("X-Forwarded-For")
         if user_ip:
-            user_ip = user_ip.split(',')[0]
+            user_ip = user_ip.split(",")[0]
         else:
             user_ip = getattr(request.client, "host", "*")
 
@@ -49,12 +49,12 @@ class AuditHelper:
     def build_final_payload(
         _type: Literal["RESPONSE", "ERROR"],
         status_code: Any,
-        result: Optional[Any] = "*",
+        result: Optional[Any] = None,
         error: Optional[Any] = "*"
-    ):
+    ) -> Dict[str, Any]:
         return {
             "type": _type,
             "httpResponseCode": status_code,
-            "messageOut": json.dumps(result) if isinstance(result, dict) else result,
+            "messageOut": json.dumps(result) if isinstance(result, dict) else "*",
             "errorProducer": error
         }

{encryptors-2.43 → encryptors-2.46}/src/Osdental/Helpers/AuditDispatcher.py

@@ -74,7 +74,7 @@ class AuditDispatcher:
                 self._queue.task_done()
 
     # Logica
-    async def _process(self, payload: Dict[str, Any]):
+    async def _process(self, payload: Dict[str, Any]) -> None:
         request = payload["request"]
         request_payload = payload["request_payload"]
         result: Response = payload["result"]
@@ -103,7 +103,7 @@ class AuditDispatcher:
 
         # Obtencion de campos adicionales cuando es otro tipo de encriptacion o clave
         encryption_type = result.encryption_type
-        decrypted_key = metadata["decrypted_key"]
+        decrypted_key = metadata.get("decrypted_key")
 
         if audit_type == Constant.MESSAGE_LOG_INTERNAL:
 
@@ -128,7 +128,7 @@ class AuditDispatcher:
             audit_message = request_audit_payload | payload
 
         else:
-            if encryption_type in VALID_TYPES and decrypted_key:
+            if encryption_type in VALID_TYPES and decrypted_key and data:
                 data = decryptor_data(encryption_type, decrypted_key, data)
 
             payload = AuditHelper.build_final_payload(
@@ -139,4 +139,4 @@ class AuditDispatcher:
 
             audit_message = request_audit_payload | payload
         
-        await self._messaging.send_message(audit_message)
+        await self._messaging.send_message(audit_message)