boto3-assist 0.32.0__py3-none-any.whl

boto3_assist/aws_config.py

@@ -0,0 +1,199 @@
+import os
+from pathlib import Path
+import configparser
+from typing import Literal, Optional
+from boto3_assist.utilities.serialization_utility import SerializableModel
+
+
+class AWSConfigProfile(SerializableModel):
+    def __init__(
+        self, region: Optional[str] = "us-east-1", output: Optional[str] = "json"
+    ):
+
+        self.region: Optional[str] = region
+        self.output: Optional[str] = output
+
+        self.aws_access_key_id: Optional[str] = None
+        self.aws_secret_access_key: Optional[str] = None
+        self.aws_session_token: Optional[str] = None
+
+        self.sso_session: Optional[str] = None
+        self.sso_account_id: Optional[str] = None
+        self.sso_role_name: Optional[str] = None
+
+        self.credential_process: Optional[str] = None
+        self.credential_source: Optional[str] = None
+        self.role_arn: Optional[str] = None
+        self.source_profile: Optional[str] = None
+        self.external_id: Optional[str] = None
+        self.role_session_name: Optional[str] = None
+        self.duration_seconds: Optional[str] = None
+
+
+class AWSConfigSSOSession(SerializableModel):
+    def __init__(
+        self,
+        sso_start_url: Optional[str] = None,
+        sso_region: Optional[str] = None,
+        sso_registration_scopes: Optional[str] = None,
+    ):
+        self.sso_start_url: Optional[str] = sso_start_url
+        self.sso_region: Optional[str] = sso_region
+        self.sso_registration_scopes: Optional[str] = sso_registration_scopes
+
+
+class AWSConfig:
+    """
+    Performs Operations on an AWS Config
+    """
+
+    def __init__(self):
+        pass
+
+    def get_path(self) -> Path:
+        r"""
+        Returns the path to the AWS config file, honoring AWS_CONFIG_FILE
+        and falling back to ~/.aws/config (or %USERPROFILE%\.aws\config on Windows).
+        """
+        # 1) Check for explicit override
+        env_path = os.environ.get("AWS_CONFIG_FILE")
+        if env_path:
+            return Path(env_path).expanduser()
+
+        # 2) Default location
+        return os.path.join(Path.home(), ".aws", "config")
+
+    def path_exists(self) -> bool:
+        path = self.get_path()
+
+        return os.path.isfile(path)
+
+    def has_profile(self, profile_name: str) -> bool:
+        config = configparser.ConfigParser()
+        self.read_section(profile_name, config)
+        return profile_name in config.sections()
+
+    def upsert_profile(
+        self,
+        name: str,
+        profile: AWSConfigProfile,
+        config_path: Optional[str] = None,
+    ):
+        self.write_section(name, profile, config_path)
+
+    def upsert_sso_session(
+        self,
+        profile_name: str,
+        sso_session: AWSConfigSSOSession,
+        profile: AWSConfigProfile | None = None,
+        config_path: Optional[str] = None,
+    ):
+        """
+        Insert / Update the SSO Session block in the aws config
+        Args:
+            Name (str): Required.  Specifies the profile name.  This is the init key
+                which is added to the section for both sso-session and profile
+                e.g. [profile {profile_name}] or [sso-session {profile_name}]
+            sso_session (AWSConfigSSOSession): Defines the values written to this session block
+            profile (AWSConfigProfile): Defines the values written to the profile block.  Typically
+                you will need a profile block along with a session block when using sso-session
+
+
+        As a general rule you will typically need to build the following:
+            [profile {profile-name}]
+            sso_session = {optionally-use-profile-name}
+            sso_account_id = {aws-acount-id}
+            sso_role_name = {sso-role}
+            region = {region}
+            output = {output}
+
+            [sso-session {profile-name}]
+            sso_start_url = {sso_start_url} e.g. https://account-alias.awsapps.com/start
+            sso_region = {region}
+            sso_registration_scopes = {scopes}
+
+        """
+
+        if not profile_name:
+            raise ValueError("Name is required")
+
+        self.write_section(profile_name, sso_session, config_path)
+
+        if profile:
+            self.write_section(profile_name, profile, config_path)
+
+    def write_section(
+        self,
+        profile_name: str | None,
+        section: AWSConfigProfile | AWSConfigSSOSession,
+        config_path: Optional[str] = None,
+    ):
+        config = configparser.ConfigParser()
+        path = config_path or self.get_path()
+
+        if self.path_exists():
+            config.read(path)  # or any INI file path
+
+        section_key = ""
+
+        if profile_name.startswith("sso-session "):
+            profile_name = profile_name.replace("sso-session ", "")
+        if profile_name.startswith("profile "):
+            profile_name = profile_name.replace("profile ", "")
+
+        if isinstance(section, AWSConfigProfile):
+            if profile_name:
+                section_key = f"profile {profile_name}"
+            else:
+                section_key = "default"
+        elif isinstance(section, AWSConfigSSOSession):
+            section_key = f"sso-session {profile_name}"
+        else:
+            raise ValueError("Invalid section type")
+
+        config = self._write_section(section_key, section, config)
+
+        with open(path, "w", encoding="utf-8") as cfg_file:
+            config.write(cfg_file)
+
+    def _write_section(
+        self,
+        section_key: str,
+        section: AWSConfigProfile | AWSConfigSSOSession,
+        config: configparser.ConfigParser,
+    ) -> configparser.ConfigParser:
+
+        # always start with a "fresh" section
+        config[section_key] = {}
+
+        section_dictionary = section.to_dictionary()
+        for key, value in section_dictionary.items():
+            if value is not None:
+                config[section_key][key] = value
+
+        return config
+
+    def read_section(
+        self,
+        profile_name: Optional[str] = None,
+        config_path: Optional[str] = None,
+        section_type: Literal["profile", "sso-session"] = "profile",
+    ) -> configparser.SectionProxy:
+        config = configparser.ConfigParser()
+        if not config_path:
+            config_path = self.get_path()
+
+        if not os.path.isfile(config_path):
+            return config
+
+        config.read(config_path)
+        profile_ini = f"{section_type} {profile_name}"
+        if profile_ini in config:
+            profile = config[profile_ini]
+            return profile
+
+        if profile_name in config:
+            profile = config[profile_name]
+            return profile
+
+        return {}

boto3_assist/aws_lambda/event_info.py

@@ -0,0 +1,414 @@
+import json
+import re
+from typing import Any, Dict, List, Optional, Union
+
+from aws_lambda_powertools import Logger
+
+from boto3_assist.cognito.cognito_authorizer import CognitoCustomAuthorizer
+from boto3_assist.errors.custom_exceptions import Error
+from boto3_assist.http_status_codes import HttpStatusCodes
+
+logger = Logger()
+
+
+class LambdaEventInfo:
+    """
+    Utility class for parsing and interacting with AWS Lambda event payloads.
+    Contains methods to extract data from API Gateway payloads, path parameters,
+    and headers.
+    """
+
+    class ApiGatewayPayload:
+        """
+        Handles API Gateway-specific event payloads.
+        Provides methods to extract HTTP method types, resource paths, and
+        authorizer claims.
+        """
+
+        @staticmethod
+        def get_http_method_type(event: Dict[str, Any]) -> Optional[str]:
+            """
+            Extracts the HTTP method type (e.g., GET, POST) from the event.
+
+            Args:
+                event: The Lambda event payload.
+
+            Returns:
+                The HTTP method type as a string, or None if not found.
+            """
+            return LambdaEventInfo._get_value(event, "method_type", str)  # pylint: disable=w0212
+
+        @staticmethod
+        def get_resource_path(event: Dict[str, Any]) -> Optional[str]:
+            """
+            Extracts the resource path from the event.
+
+            Args:
+                event: The Lambda event payload.
+
+            Returns:
+                The resource path as a string, or None if not found.
+            """
+            return LambdaEventInfo._get_value_ex(event, "path", str)  # pylint: disable=w0212
+
+        @staticmethod
+        def get_resource_pattern(event: Dict[str, Any]) -> Optional[str]:
+            """
+            Extracts the resource pattern from the event, replacing path variables
+            with placeholders (e.g., /users/{user-id}).
+
+            Args:
+                event: The Lambda event payload.
+
+            Returns:
+                The resource pattern as a string, or None if not found.
+            """
+            return LambdaEventInfo._get_value_ex(event, "resourcePath", str)  # pylint: disable=w0212
+
+        class AuthorizerPayload:
+            """
+            Handles claims and tokens in API Gateway authorizer payloads.
+            """
+
+            @staticmethod
+            def get_authenticated_email(event: Dict[str, Any]) -> Optional[str]:
+                """
+                Extracts the authenticated email or client ID from the event based
+                on the token use.
+
+                Args:
+                    event: The Lambda event payload.
+
+                Returns:
+                    The email or client ID as a string, or None if not found.
+                """
+                token_use = (
+                    LambdaEventInfo.ApiGatewayPayload.AuthorizerPayload.get_token_use(
+                        event
+                    )
+                )  # pylint: disable=w0212
+                key = "email" if token_use == "access" else "client_id"
+                return (
+                    LambdaEventInfo.ApiGatewayPayload.AuthorizerPayload.get_claims_data(
+                        event, key
+                    )
+                )  # pylint: disable=w0212
+
+            @staticmethod
+            def get_token_use(event: Dict[str, Any]) -> Optional[str]:
+                """
+                Extracts the token use (e.g., "access" or "id") from the event.
+
+                Args:
+                    event: The Lambda event payload.
+
+                Returns:
+                    The token use as a string, or None if not found.
+                """
+                return LambdaEventInfo._get_value(  # pylint: disable=w0212
+                    event, "requestContext/authorizer/claims/token_use", str
+                )  # pylint: disable=w0212
+
+            @staticmethod
+            def get_claims_data(event: Dict[str, Any], key: str) -> Optional[str]:
+                """
+                Extracts a specific claim from the authorizer payload.
+
+                Args:
+                    event: The Lambda event payload.
+                    key: The claim key to extract.
+
+                Returns:
+                    The claim value as a string, or None if not found.
+                """
+                try:
+                    value = LambdaEventInfo._get_value(  # pylint: disable=w0212
+                        event, f"requestContext/authorizer/claims/{key}", str
+                    )  # pylint: disable=w0212
+                    if not value:
+                        value = LambdaEventInfo.ApiGatewayPayload.AuthorizerPayload.get_value_from_token(
+                            event, key
+                        )  # pylint: disable=w0212
+
+                    if value is None:
+                        raise Error(
+                            {
+                                "status_code": HttpStatusCodes.HTTP_401_UNAUTHENTICATED.value,
+                                "message": f"Failed to locate {key} info in JWT Token",
+                            }
+                        )
+                    return value
+
+                except Exception as e:
+                    raise Error(
+                        {
+                            "status_code": HttpStatusCodes.HTTP_401_UNAUTHENTICATED.value,
+                            "message": f"Failed to locate {key} info in JWT Token",
+                            "exception": str(e),
+                        }
+                    ) from e
+
+            @staticmethod
+            def get_value_from_token(event: Dict[str, Any], key: str) -> Optional[str]:
+                """
+                Extracts a value from the JWT token in the event.
+
+                Args:
+                    event: The Lambda event payload.
+                    key: The key to extract from the token.
+
+                Returns:
+                    The extracted value as a string, or None if not found.
+                """
+                try:
+                    jwt_token = LambdaEventInfo._get_value(  # pylint: disable=w0212
+                        event, "headers/Authorization", str
+                    )  # pylint: disable=w0212
+                    if jwt_token:
+                        ccas = CognitoCustomAuthorizer()
+                        decoded_token = ccas.parse_jwt(token=jwt_token)
+                        return decoded_token.get(key)
+
+                    raise Error(
+                        {
+                            "status_code": HttpStatusCodes.HTTP_404_NOT_FOUND.value,
+                            "message": f"Failed to locate {key} info in JWT Token",
+                        }
+                    )
+                except Exception as e:
+                    raise Error(
+                        {
+                            "status_code": HttpStatusCodes.HTTP_401_UNAUTHENTICATED.value,
+                            "message": f"Failed to locate {key} info in JWT Token",
+                            "exception": str(e),
+                        }
+                    ) from e
+
+    class HttpPathParameters:
+        """
+        Handles path parameters in API Gateway events.
+        """
+
+        @staticmethod
+        def get_target_user_id(
+            event: Dict[str, Any], key: str = "user-id"
+        ) -> Optional[str]:
+            """
+            Extracts the target user ID from the path parameters.
+
+            Args:
+                event: The Lambda event payload.
+                key: The key representing the user ID.
+
+            Returns:
+                The user ID as a string, or None if not found.
+            """
+            return LambdaEventInfo._get_value_from_path_parameters(event, key)  # pylint: disable=w0212
+
+        @staticmethod
+        def get_target_tenant_id(
+            event: Dict[str, Any], key: str = "tenant-id"
+        ) -> Optional[str]:
+            """
+            Extracts the target tenant ID from the path parameters.
+
+            Args:
+                event: The Lambda event payload.
+                key: The key representing the tenant ID.
+
+            Returns:
+                The tenant ID as a string, or None if not found.
+            """
+            return LambdaEventInfo._get_value_from_path_parameters(event, key)  # pylint: disable=w0212
+
+    @staticmethod
+    def get_message_id(event: Dict[str, Any], index: int = 0) -> Optional[str]:
+        """
+        Extracts the message ID from an event record.
+
+        Args:
+            event: The Lambda event payload.
+            index: The index of the record to extract the message ID from.
+
+        Returns:
+            The message ID as a string, or None if not found.
+        """
+        records: List[Dict[str, Any]] = event.get("Records", [])
+        if records and len(records) > index:
+            return records[index].get("messageId")
+        return None
+
+    @staticmethod
+    def _get_value_ex(
+        event: Dict[str, Any], key: str, expected_type: type
+    ) -> Optional[Any]:
+        """
+        Extracts a value from the event, checking additional paths if necessary.
+
+        Args:
+            event: The Lambda event payload.
+            key: The key to extract.
+            expected_type: The expected type of the value.
+
+        Returns:
+            The extracted value, or None if not found.
+        """
+        value = LambdaEventInfo._get_value(event, key, expected_type)  # pylint: disable=w0212
+        if value is None:
+            value = LambdaEventInfo._get_value(
+                event, f"requestContext/{key}", expected_type
+            )  # pylint: disable=w0212
+        return value
+
+    @staticmethod
+    def _get_value(
+        event: Dict[str, Any], key: Union[str, List[str]], expected_type: type
+    ) -> Optional[Any]:
+        """
+        Extracts a value from the event based on the key.
+
+        Args:
+            event: The Lambda event payload.
+            key: The key to extract, which can be a string or a list of strings for nested keys.
+            expected_type: The expected type of the value.
+
+        Returns:
+            The extracted value, or None if not found.
+        """
+        logger.debug({"source": "_get_value", "event": event, "key": key})
+        if not event:
+            return None
+
+        if isinstance(key, str):
+            key = re.split(r"[./]", key)
+
+        value = event
+        for k in key:
+            if isinstance(value, dict):
+                value = value.get(k)
+            else:
+                return None
+
+        if isinstance(value, expected_type):
+            return value
+        return None
+
+    @staticmethod
+    def _get_value_from_path_parameters(
+        event: Dict[str, Any], key: str, default: Optional[Any] = None
+    ) -> Optional[str]:
+        """
+        Extracts a value from the path parameters in the event.
+
+        Args:
+            event: The Lambda event payload.
+            key: The key to extract from the path parameters.
+            default: The default value to return if the key is not found.
+
+        Returns:
+            The extracted value, or None if not found.
+        """
+        value = LambdaEventInfo._search_key(event, "pathParameters", key, default)  # pylint: disable=w0212
+        if value is None:
+            path = LambdaEventInfo.ApiGatewayPayload.get_resource_path(event)  # pylint: disable=w0212
+            pattern = LambdaEventInfo.ApiGatewayPayload.get_resource_pattern(event)  # pylint: disable=w0212
+            if path and pattern:
+                value = LambdaEventInfo._extract_value_from_path(path, pattern, key)  # pylint: disable=w0212
+        return value
+
+    @staticmethod
+    def _extract_value_from_path(
+        path: str, pattern: str, variable_name: str
+    ) -> Optional[str]:
+        """
+        Extracts a value from a path using a regex pattern.
+
+        Args:
+            path: The actual path from the event.
+            pattern: The pattern with placeholders (e.g., /users/{user-id}).
+            variable_name: The variable name to extract.
+
+        Returns:
+            The extracted value, or None if not found.
+        """
+        regex_pattern = re.sub(
+            r"\{([^}]+)\}",
+            lambda m: f"(?P<{m.group(1).replace('-', '_')}>[^/]+)",
+            pattern,
+        )
+        variable_name = variable_name.replace("-", "_")
+        match = re.match(regex_pattern, path)
+        if match:
+            return match.group(variable_name)
+        return None
+
+    @staticmethod
+    def _search_key(
+        event: Dict[str, Any], container: str, key: str, default: Optional[Any] = None
+    ) -> Optional[Any]:
+        """
+        Searches for a key within a specified container in the event.
+
+        Args:
+            event: The Lambda event payload.
+            container: The container key to search within (e.g., "headers").
+            key: The key to search for within the container.
+            default: The default value to return if the key is not found.
+
+        Returns:
+            The extracted value, or the default value if not found.
+        """
+        events = [event]
+
+        if "Records" in event:
+            record = event["Records"][0]
+            if "body" in record:
+                body = json.loads(record["body"])
+                events.append(body)
+                if "requestContext" in body:
+                    events.append(body["requestContext"])
+
+        for e in events:
+            container_data = e.get(container)
+            if container_data and key in container_data:
+                return container_data[key]
+
+        return default
+
+    @staticmethod
+    def get_body(event: Dict[str, Any]) -> Optional[Dict[str, Any]]:
+        """
+        Extracts the body of the event payload.
+
+        Args:
+            event: The Lambda event payload.
+
+        Returns:
+            The body as a dictionary, or None if not found.
+        """
+        tmp = event.get("Records", [{}])[0].get("body", event)
+        if isinstance(tmp, str):
+            try:
+                return json.loads(tmp)
+            except json.JSONDecodeError as e:
+                raise ValueError("Invalid JSON body in the payload") from e
+        return tmp if isinstance(tmp, dict) else None
+
+    @staticmethod
+    def override_event_info(
+        event: Dict[str, Any], key: str, value: Any
+    ) -> Dict[str, Any]:
+        """
+        Overrides a value in the event payload.
+
+        Args:
+            event: The Lambda event payload.
+            key: The key to override.
+            value: The value to set.
+
+        Returns:
+            The updated event payload.
+        """
+        body = LambdaEventInfo.get_body(event) or {}
+        body[key] = value
+        return body

boto3_assist/aws_lambda/mock_context.py

@@ -0,0 +1,5 @@
+from aws_lambda_powertools.utilities.typing import LambdaContext
+
+
+class MockLambdaContext(LambdaContext):
+    pass