microservice-chassis-grupo2-cc-prod 0.1.8__tar.gz

microservice_chassis_grupo2_cc_prod-0.1.8/PKG-INFO

@@ -0,0 +1,56 @@
+Metadata-Version: 2.4
+Name: microservice_chassis_grupo2_cc_prod
+Version: 0.1.8
+Summary: A reusable library for microservices
+Home-page: https://github.com/Grupo-MACC/Chassis
+Author: Grupo 2
+Author-email: 
+Project-URL: Homepage, https://github.com/Grupo-MACC/Chassis
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+Dynamic: home-page
+
+# 🧩 Microservice Chassis Grupo 2
+
+**Repository link:** https://github.com/Grupo-MACC/Chassis
+
+---
+
+## Functionalities
+
+This repository provides a **shared chassis** for microservices, containing configuration, database management, authentication, messaging, and helper utilities.  
+It allows microservices to reuse common functionalities such as database connections, JWT validation, RabbitMQ communication, and standardized base models.
+
+Below is a detailed list of the available functionalities:
+
+| **Module** | **Functionality** | **Description** |
+|-------------|------------------|-----------------|
+| `core/config.py` | **Settings Management** | Centralized configuration for the chassis. Defines constants like the encryption algorithm (`RS256`), RabbitMQ connection parameters (`RABBITMQ_HOST`), and exchange name (`broker`). |
+| `core/security.py` | **Token Decoding and Verification** | Handles JWT decoding using a public RSA key. Validates tokens and raises appropriate HTTP errors if invalid or missing. |
+| `core/dependencies.py` | **Database Session & Authentication Dependency** | Provides FastAPI dependencies to manage asynchronous database sessions (`get_db`) and current user retrieval (`get_current_user`) from a JWT token. |
+| `core/rabbitmq.py` | **RabbitMQ Channel & Exchange Management** | Creates asynchronous connections to RabbitMQ using `aio_pika`. Declares durable topic exchanges for inter-service communication. |
+| `core/utils.py` | **Helper Functions and Service URLs** | Defines service URLs (order, machine, delivery, payment, auth) and provides error handling utilities with standardized logging (`raise_and_log_error`). |
+| `sql/database.py` | **Database Engine & Session Configuration** | Configures SQLAlchemy’s asynchronous engine and sessionmaker. Supports `SQLALCHEMY_DATABASE_URL` via environment variable (defaults to SQLite). |
+| `sql/base_class.py` | **Base Model for ORM Classes** | Provides a reusable abstract base class (`BaseModel`) for all database models, including timestamp columns (`creation_date`, `update_date`) and helper methods for converting models to dictionaries. |
+
+---
+
+## Functionalities per Microservice
+
+| **Microservice** | **Used Functionalities** |
+|------------------|--------------------------|
+| `payment` | `core/config`, `core/security`, `core/dependencies`, `core/rabbitmq`, `core/utils`, `sql/database`, `sql/base_class` |
+
+---
+
+## Summary
+
+This chassis allows the `payment` microservice (and potentially others in the future) to operate with consistent patterns for:
+- Secure token validation.
+- Standardized database access and sessions.
+- Centralized configuration.
+- RabbitMQ-based inter-service communication.
+- Common helper utilities and error management.
+- Unified base ORM models.
+
+It provides a robust foundation for building scalable and maintainable microservices within the system.

microservice_chassis_grupo2_cc_prod-0.1.8/README.md

@@ -0,0 +1,44 @@
+# 🧩 Microservice Chassis Grupo 2
+
+**Repository link:** https://github.com/Grupo-MACC/Chassis
+
+---
+
+## Functionalities
+
+This repository provides a **shared chassis** for microservices, containing configuration, database management, authentication, messaging, and helper utilities.  
+It allows microservices to reuse common functionalities such as database connections, JWT validation, RabbitMQ communication, and standardized base models.
+
+Below is a detailed list of the available functionalities:
+
+| **Module** | **Functionality** | **Description** |
+|-------------|------------------|-----------------|
+| `core/config.py` | **Settings Management** | Centralized configuration for the chassis. Defines constants like the encryption algorithm (`RS256`), RabbitMQ connection parameters (`RABBITMQ_HOST`), and exchange name (`broker`). |
+| `core/security.py` | **Token Decoding and Verification** | Handles JWT decoding using a public RSA key. Validates tokens and raises appropriate HTTP errors if invalid or missing. |
+| `core/dependencies.py` | **Database Session & Authentication Dependency** | Provides FastAPI dependencies to manage asynchronous database sessions (`get_db`) and current user retrieval (`get_current_user`) from a JWT token. |
+| `core/rabbitmq.py` | **RabbitMQ Channel & Exchange Management** | Creates asynchronous connections to RabbitMQ using `aio_pika`. Declares durable topic exchanges for inter-service communication. |
+| `core/utils.py` | **Helper Functions and Service URLs** | Defines service URLs (order, machine, delivery, payment, auth) and provides error handling utilities with standardized logging (`raise_and_log_error`). |
+| `sql/database.py` | **Database Engine & Session Configuration** | Configures SQLAlchemy’s asynchronous engine and sessionmaker. Supports `SQLALCHEMY_DATABASE_URL` via environment variable (defaults to SQLite). |
+| `sql/base_class.py` | **Base Model for ORM Classes** | Provides a reusable abstract base class (`BaseModel`) for all database models, including timestamp columns (`creation_date`, `update_date`) and helper methods for converting models to dictionaries. |
+
+---
+
+## Functionalities per Microservice
+
+| **Microservice** | **Used Functionalities** |
+|------------------|--------------------------|
+| `payment` | `core/config`, `core/security`, `core/dependencies`, `core/rabbitmq`, `core/utils`, `sql/database`, `sql/base_class` |
+
+---
+
+## Summary
+
+This chassis allows the `payment` microservice (and potentially others in the future) to operate with consistent patterns for:
+- Secure token validation.
+- Standardized database access and sessions.
+- Centralized configuration.
+- RabbitMQ-based inter-service communication.
+- Common helper utilities and error management.
+- Unified base ORM models.
+
+It provides a robust foundation for building scalable and maintainable microservices within the system.

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/core/config.py

@@ -0,0 +1,72 @@
+# -*- coding: utf-8 -*-
+"""
+Configuración del Chassis.
+
+Objetivo:
+    - Mantener compatibilidad con el sistema actual (AMQP sin TLS por defecto).
+    - Permitir activar TLS (AMQPS) sin tocar el código de los microservicios:
+        * RABBITMQ_USE_TLS=1
+        * RABBITMQ_PORT=5671
+        * RABBITMQ_TLS_CA_FILE=/certs/ca.pem
+"""
+
+from __future__ import annotations
+
+import os
+
+
+def _env_bool(name: str, default: str = "0") -> bool:
+    """
+    Convierte una variable de entorno a bool de forma tolerante.
+
+    Acepta: 1/true/yes/on/y (case-insensitive).
+    """
+    val = os.getenv(name, default)
+    return str(val).strip().lower() in {"1", "true", "yes", "on", "y"}
+
+
+class Settings:
+    """
+    Settings centralizados.
+
+    Nota:
+        Mantengo el nombre `RABBITMQ_HOST` porque ya lo usa todo el proyecto.
+        Aquí pasa a ser una URL completa (amqp/amqps) con puerto.
+    """
+
+    ALGORITHM: str = "RS256"
+    RABBITMQ_USER = os.getenv("RABBITMQ_USER", "guest")
+    EXCHANGE_NAME = "broker"
+    EXCHANGE_NAME_COMMAND = "command"
+    EXCHANGE_NAME_SAGA = "saga"
+    EXCHANGE_NAME_LOGS = "logs"
+    EXCHANGE_NAME_SAGA_CANCEL_CMD = "saga_cancel_cmd"
+    EXCHANGE_NAME_SAGA_CANCEL_EVT = "saga_cancel_evt"
+
+    # --- RabbitMQ base ---
+    RABBITMQ_USER = os.getenv("RABBITMQ_USER", "guest")
+    RABBITMQ_PASSWORD = os.getenv("RABBITMQ_PASSWORD", "guest")
+    RABBITMQ_HOSTNAME = os.getenv("RABBITMQ_HOST", "localhost")
+
+    # --- TLS switch ---
+    RABBITMQ_USE_TLS: bool = _env_bool("RABBITMQ_USE_TLS", "0")
+
+    # Puerto por defecto según TLS
+    _default_port = "5671" if RABBITMQ_USE_TLS else "5672"
+    RABBITMQ_PORT = int(os.getenv("RABBITMQ_PORT", _default_port))
+
+    # Override opcional por si alguien quiere pasar una URL completa
+    RABBITMQ_URL = os.getenv("RABBITMQ_URL", "").strip()
+
+    # URL final (compatibilidad con el resto del código)
+    if RABBITMQ_URL:
+        RABBITMQ_HOST = RABBITMQ_URL
+    else:
+        scheme = "amqps" if RABBITMQ_USE_TLS else "amqp"
+        RABBITMQ_HOST = (
+            f"{scheme}://{RABBITMQ_USER}:{RABBITMQ_PASSWORD}"
+            f"@{RABBITMQ_HOSTNAME}:{RABBITMQ_PORT}/"
+        )
+
+
+settings = Settings()

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/core/consul.py

@@ -0,0 +1,91 @@
+import os
+import asyncio
+import httpx
+
+class ConsulClient:
+    def __init__(self, host: str, port: str):
+        self.host = host
+        self.port = port
+        self.base_url = f"https://{host}:{port}/v1"
+
+    async def deregister_service(
+        self,
+        service_id: str
+    ) -> bool:
+        try:
+            async with httpx.AsyncClient() as client:
+                response = await client.put(
+                    f"{self.base_url}/agent/service/deregister/{service_id}",
+                    timeout=10.0,
+                )
+                if response.status_code == 200:
+                    return True
+                else:
+                    return False
+        except Exception as e:
+            return False
+    
+    async def discover_service(
+        self,
+        service_name: str
+    ) -> dict:
+        try:
+            async with httpx.AsyncClient() as client:
+                response = await client.get(
+                    f"{self.base_url}/catalog/service/{service_name}",
+                    timeout=10.0,
+                    verify=False
+                )
+                if response.status_code == 200:
+                    services = response.json()
+                    if services:
+                        service = services[0]
+                        return {
+                            "address": service.get("ServiceAddress") or service.get("Address"),
+                            "port": service.get("ServicePort"),
+                        }
+                else:
+                    with open("/home/pyuser/code/log_consul.txt", "a") as f:
+                        f.write(f"Consul response code: {response.status_code}\n")
+        except Exception as e:
+            with open("/home/pyuser/code/log_consul.txt", "a") as f:
+                f.write(f"Consul error: {type(e).__name__}: {str(e)}\n")
+            return None
+
+_consul_client = None
+
+def create_consul_client() -> ConsulClient:
+    global _consul_client
+    if _consul_client is None:
+        host = os.getenv("CONSUL_HOST", "localhost")
+        port = int(os.getenv("CONSUL_PORT", 8501))
+        _consul_client = ConsulClient(host, port)
+    return _consul_client
+
+async def get_service_url(service_name: str, default_url: str = None) -> str:
+    consul_client = create_consul_client()
+    max_retries = 5
+    retry_delay = 1
+    last_error: Exception | None = None
+
+    for attempt in range(max_retries):
+        try:
+            service_info = await consul_client.discover_service(service_name)
+            if service_info:
+                return f"https://{service_info['address']}:{service_info['port']}"
+        except Exception as e:
+            last_error = e
+
+        if attempt < max_retries - 1:
+            await asyncio.sleep(retry_delay)
+
+    if default_url:
+        return default_url
+
+    if last_error:
+        raise RuntimeError(
+            f"Could not discover service '{service_name}': "
+            f"{last_error.__class__.__name__}: {last_error}"
+        )
+
+    raise RuntimeError(f"Could not discover service '{service_name}': no instances found")

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/core/dependencies.py

@@ -0,0 +1,64 @@
+import logging
+from fastapi import Depends, HTTPException, status
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+from microservice_chassis_grupo2.core.security import decode_token, PUBLIC_KEY_PATH
+import os
+
+logger = logging.getLogger(__name__)
+auth_scheme = HTTPBearer()
+
+# Database #########################################################################################
+async def get_db():
+    """Genera sesiones de BD y las cierra al terminar.
+
+    Nota:
+        - init_database() es idempotente: si ya se inicializó, no repite trabajo.
+        - Se mantiene commit/rollback automático como en tu implementación original.
+    """
+    from microservice_chassis_grupo2.sql.database import init_database, SessionLocal
+
+    # ✅ Asegura engine y SessionLocal listos antes de usarlos
+    await init_database()
+
+    if SessionLocal is None:
+        raise RuntimeError(
+            "SessionLocal no inicializada tras init_database(). "
+            "Revisa microservice_chassis_grupo2/sql/database.py"
+        )
+
+    db = SessionLocal()
+    try:
+        yield db
+        await db.commit()
+    except Exception:
+        await db.rollback()
+        raise
+    finally:
+        await db.close()
+
+async def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(auth_scheme)
+):
+    """
+    Decodifica el JWT y obtiene el usuario actual desde la base de datos.
+    """
+    token = credentials.credentials
+
+    try:
+        payload = decode_token(token) 
+    except ValueError:
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Token inválido")
+
+    user_id = payload.get("user_id")
+    if not user_id:
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Token inválido")
+    
+    return user_id
+
+def check_public_key():
+    if os.path.exists(PUBLIC_KEY_PATH):
+        with open(PUBLIC_KEY_PATH, "r", encoding="utf-8") as f:
+            f.read()
+        return True
+    else:
+        return False

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/core/rabbitmq_core.py

@@ -0,0 +1,184 @@
+# -*- coding: utf-8 -*-
+"""
+RabbitMQ core del Chassis (aio-pika).
+
+Objetivo:
+    - Si TLS está activo, usar AMQPS con verificación del servidor por CA.
+    - SIN mTLS: no cargamos certificado/clave de cliente (no hace falta).
+"""
+
+from __future__ import annotations
+
+import os
+import ssl
+import inspect
+import logging
+from aio_pika.exceptions import AMQPConnectionError
+from aio_pika import connect_robust, ExchangeType
+
+from microservice_chassis_grupo2.core.config import settings
+from microservice_chassis_grupo2.core.consul import get_service_url
+from microservice_chassis_grupo2.core.secrets import SSMSecrets
+
+logger = logging.getLogger(__name__)
+
+# Ruta al public key para verificar JWTs
+PUBLIC_KEY_PATH = os.getenv("PUBLIC_KEY_PATH", "auth_public.pem")
+
+ssm = SSMSecrets(region=os.getenv("AWS_REGION", "us-east-1"))
+
+def _env_bool(name: str, default: str = "0") -> bool:
+    """
+    Convierte una variable de entorno a bool de forma tolerante.
+
+    Acepta: 1/true/yes/on/y (case-insensitive).
+    """
+    val = os.getenv(name, default)
+    return str(val).strip().lower() in {"1", "true", "yes", "on", "y"}
+
+
+def _build_ssl_context() -> ssl.SSLContext:
+    """
+    Construye un SSLContext para TLS simple (server-auth).
+
+    Requisitos:
+        - RABBITMQ_TLS_CA_FILE debe apuntar al CA que firmó el cert del servidor RabbitMQ.
+        - No se carga cert/key de cliente (NO mTLS).
+
+    Decisiones:
+        - TLSv1.2+.
+        - check_hostname=False para evitar problemas típicos de CN/SAN en entornos docker.
+          (Si tus certs están bien con SAN, puedes ponerlo True sin problema.)
+    """
+    ca_file = os.getenv("RABBITMQ_TLS_CA_FILE", "/certs/ca.pem")
+
+    if not os.path.exists(ca_file):
+        raise FileNotFoundError(f"CA file no encontrado: {ca_file}")
+
+    ctx = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH, cafile=ca_file)
+    ctx.minimum_version = ssl.TLSVersion.TLSv1_2
+    ctx.check_hostname = False
+
+    # Verificación estricta del servidor (lo normal en TLS simple)
+    ctx.verify_mode = ssl.CERT_REQUIRED
+
+    return ctx
+
+
+async def _connect(url: str, ssl_ctx: ssl.SSLContext | None):
+    """
+    Conecta con aio-pika de forma robusta.
+
+    Estrategia:
+        - Si no hay TLS (ssl_ctx is None): conexión normal.
+        - Si hay TLS: pasar el SSLContext usando el parámetro correcto
+          para la versión de aio-pika instalada.
+
+    Compatibilidad:
+        - Algunas versiones soportan `ssl_context=SSLContext`.
+        - Otras usan `ssl=True` + `ssl_options` (dict u objeto SSLOptions).
+    """
+    if ssl_ctx is None:
+        return await connect_robust(url)
+
+    sig = inspect.signature(connect_robust)
+    params = sig.parameters
+
+    # Opción 1 (preferida): ssl_context=
+    if "ssl_context" in params:
+        return await connect_robust(url, ssl_context=ssl_ctx)
+
+    # Opción 2: ssl=True + ssl_options=dict(...)
+    if "ssl_options" in params:
+        # Para aiormq, suele funcionar pasando el contexto dentro de ssl_options.
+        # Si tu versión exige keys tipo cafile/certfile/keyfile,
+        # aquí también podrías pasar {"cafile": "..."} en vez de context.
+        return await connect_robust(url, ssl=True, ssl_options={"context": ssl_ctx})
+
+    # Último recurso: algunas versiones aceptan ssl como contexto
+    return await connect_robust(url, ssl=ssl_ctx)
+
+
+async def get_channel():
+    """
+    Devuelve (connection, channel) listo para usar.
+
+    Nota profesional:
+        - Abrir/cerrar conexión por cada publish es caro.
+          Para producción, lo suyo es pool o conexión global por proceso.
+        - Aquí mantengo tu contrato actual por compatibilidad.
+    """
+
+    ssl_ctx = _build_ssl_context()
+    
+
+    try:
+        service_url = await get_service_url("rabbitmq")
+        if service_url:
+            address = service_url.split("//")[1].split(":")[0]
+            port = service_url.split(":")[2]
+            #rabbitmq_url = f"amqp://{settings.RABBITMQ_USER}:{ssm.get_parameter('/infrastructure/dev/rabbitmq/password')}@{address}:{port}/"
+            rabbitmq_url = f"amqp://{settings.RABBITMQ_USER}:guest@{address}:{port}/"
+        connection = await _connect(rabbitmq_url, ssl_ctx)
+        channel = await connection.channel()
+        return connection, channel
+    except AMQPConnectionError as e:
+        # Re-lanzamos con contexto útil (no lo escondas con un fallback “mágico”).
+        raise RuntimeError(f"RabbitMQ connection failed (TLS={ssl_ctx is not None}) to {rabbitmq_url}: {e}") from e
+
+
+async def declare_exchange(channel):
+    """Declara el exchange general (broker)."""
+    return await channel.declare_exchange(
+        settings.EXCHANGE_NAME,
+        ExchangeType.TOPIC,
+        durable=True,
+    )
+
+
+async def declare_exchange_command(channel):
+    """Declara el exchange de comandos (command)."""
+    return await channel.declare_exchange(
+        settings.EXCHANGE_NAME_COMMAND,
+        ExchangeType.TOPIC,
+        durable=True,
+    )
+
+
+async def declare_exchange_saga(channel):
+    """Declara el exchange de saga (saga)."""
+    return await channel.declare_exchange(
+        settings.EXCHANGE_NAME_SAGA,
+        ExchangeType.TOPIC,
+        durable=True,
+    )
+
+async def declare_exchange_saga_cancelation_commands(channel):
+    """Declara el exchange de comandos (command)."""
+    return await channel.declare_exchange(
+        settings.EXCHANGE_NAME_SAGA_CANCEL_CMD,
+        ExchangeType.TOPIC,
+        durable=True,
+    )
+
+
+async def declare_exchange_saga_cancelation_events(channel):
+    """Declara el exchange de saga (saga)."""
+    return await channel.declare_exchange(
+        settings.EXCHANGE_NAME_SAGA_CANCEL_EVT,
+        ExchangeType.TOPIC,
+        durable=True,
+    )
+
+async def declare_exchange_logs(channel):
+    """
+    Declara el exchange de logs (logs) y asegura la cola telegraf_metrics.
+    """
+    exchange = await channel.declare_exchange(
+        settings.EXCHANGE_NAME_LOGS,
+        ExchangeType.TOPIC,
+        durable=True,
+    )
+    queue = await channel.declare_queue("telegraf_metrics", durable=True)
+    await queue.bind(exchange, routing_key="#")
+    return exchange

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/core/router_utils.py

@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+"""Util/Helper functions for router definitions."""
+import logging
+import os
+from fastapi import HTTPException
+
+ORDER_SERVICE_URL = f"{os.getenv('ORDER_SERVICE', 'http://localhost')}:5000"
+MACHINE_SERVICE_URL = f"{os.getenv('MACHINE_SERVICE', 'http://localhost')}:5001"
+DELIVERY_SERVICE_URL = f"{os.getenv('DELIVERY_SERVICE', 'http://localhost')}:5002"
+PAYMENT_SERVICE_URL = f"{os.getenv('PAYMENT_SERVICE', 'http://localhost')}:5003"
+AUTH_SERVICE_URL = f"{os.getenv('AUTH_SERVICE', 'http://localhost')}:5004"
+
+logger = logging.getLogger(__name__)
+
+
+def raise_and_log_error(my_logger, status_code: int, message: str):
+    """Raises HTTPException and logs an error."""
+    my_logger.error(message)
+    raise HTTPException(status_code, message)

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/core/secrets.py

@@ -0,0 +1,113 @@
+import base64
+import boto3
+from typing import Dict, Optional
+
+
+class SecretsError(Exception):
+    """Excepción base para errores de secretos"""
+    pass
+
+
+class SSMSecrets:
+    def __init__(self, region: Optional[str] = None):
+        self.client = boto3.client("ssm", region_name=region)
+
+    def get_parameter(self, name: str, decrypt: bool = True) -> str:
+        """
+        Obtiene un parámetro individual de SSM
+        """
+        try:
+            response = self.client.get_parameter(
+                Name=name,
+                WithDecryption=decrypt
+            )
+            return response["Parameter"]["Value"]
+        except self.client.exceptions.ParameterNotFound:
+            raise SecretsError(f"SSM parameter not found: {name}")
+        except Exception as e:
+            raise SecretsError(f"Error getting SSM parameter {name}: {e}")
+
+    def get_parameters_by_path(
+        self,
+        path: str,
+        recursive: bool = True,
+        decrypt: bool = True
+    ) -> Dict[str, str]:
+        """
+        Obtiene todos los parámetros bajo un path
+        Devuelve un dict {nombre_parametro: valor}
+        """
+        parameters = {}
+        next_token = None
+
+        try:
+            while True:
+                kwargs = {
+                    "Path": path,
+                    "Recursive": recursive,
+                    "WithDecryption": decrypt,
+                }
+                if next_token:
+                    kwargs["NextToken"] = next_token
+
+                response = self.client.get_parameters_by_path(**kwargs)
+
+                for param in response["Parameters"]:
+                    key = param["Name"].split("/")[-1]
+                    parameters[key] = param["Value"]
+
+                next_token = response.get("NextToken")
+                if not next_token:
+                    break
+
+            return parameters
+
+        except Exception as e:
+            raise SecretsError(f"Error getting SSM parameters by path {path}: {e}")
+
+
+class SecretsManager:
+    def __init__(self, region: Optional[str] = None):
+        self.client = boto3.client("secretsmanager", region_name=region)
+
+    def get_secret(self, secret_id: str) -> str:
+        """
+        Obtiene un secreto de Secrets Manager
+        """
+        try:
+            response = self.client.get_secret_value(
+                SecretId=secret_id
+            )
+
+            if "SecretString" in response:
+                return response["SecretString"]
+
+            # Secret binario (poco común)
+            return base64.b64decode(response["SecretBinary"]).decode("utf-8")
+
+        except self.client.exceptions.ResourceNotFoundException:
+            raise SecretsError(f"Secret not found: {secret_id}")
+        except Exception as e:
+            raise SecretsError(f"Error getting secret {secret_id}: {e}")
+
+
+class KMSService:
+    def __init__(self, region: Optional[str] = None):
+        self.client = boto3.client("kms", region_name=region)
+
+    def decrypt(self, ciphertext_base64: str) -> str:
+        """
+        Descifra manualmente un ciphertext usando KMS.
+        Útil si guardas datos cifrados fuera de SSM/Secrets Manager.
+        """
+        try:
+            ciphertext = base64.b64decode(ciphertext_base64)
+
+            response = self.client.decrypt(
+                CiphertextBlob=ciphertext
+            )
+
+            return response["Plaintext"].decode("utf-8")
+
+        except Exception as e:
+            raise SecretsError(f"Error decrypting with KMS: {e}")

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/core/security.py

@@ -0,0 +1,27 @@
+import jwt
+import os
+from fastapi import HTTPException
+from microservice_chassis_grupo2.core.config import settings
+
+#"/home/pyuser/code/auth_public.pem"
+PUBLIC_KEY_PATH = os.getenv("PUBLIC_KEY_PATH", "auth_public.pem")
+
+def read_public_pem():
+    if not os.path.exists(PUBLIC_KEY_PATH):
+        print("no hay")
+        print(PUBLIC_KEY_PATH)
+        raise ValueError(f"Public key not found at {PUBLIC_KEY_PATH}")
+    with open(PUBLIC_KEY_PATH, "r", encoding="utf-8") as f:
+        return f.read()
+
+def decode_token(token: str) -> dict:
+    try:
+        public_pem = read_public_pem()
+        payload = jwt.decode(token, public_pem, algorithms=[settings.ALGORITHM])
+        return payload
+    except FileNotFoundError as e:
+        raise HTTPException(status_code=500, detail="Public key file not found")
+    except ValueError as e:
+        raise HTTPException(status_code=401, detail=str(e))
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=f"Unexpected error: {str(e)}")

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/sql/database.py

@@ -0,0 +1,117 @@
+# -*- coding: utf-8 -*-
+"""microservice_chassis_grupo2.sql.database
+
+Inicialización de SQLAlchemy Async.
+
+Compatibilidad:
+    - Si existe SQLALCHEMY_DATABASE_URL, inicializa engine/SessionLocal al importar
+      (evita `engine=None` en microservicios que usan `database.engine` directamente).
+
+Modo “avanzado” (AWS/Consul):
+    - Si no existe SQLALCHEMY_DATABASE_URL, se puede usar `await init_database()`
+      para resolver RDS (por RDS_HOST o descubriendo servicio `rds` en Consul).
+"""
+from __future__ import annotations
+
+import os
+import asyncio
+from sqlalchemy.orm import sessionmaker, declarative_base
+from sqlalchemy.ext.asyncio import create_async_engine, AsyncSession
+from microservice_chassis_grupo2.core.consul import get_service_url
+import logging
+from microservice_chassis_grupo2.core.secrets import SSMSecrets
+
+logger = logging.getLogger(__name__)
+
+try:
+    ssm = SSMSecrets(region=os.getenv("AWS_REGION", "us-east-1"))
+except Exception as e:
+    logger.error(f"Error initializing SSMSecrets: {type(e).__name__}: {str(e)}")
+    ssm = None  # Fallback si SSM no está disponible
+
+async def get_database_url():
+    """Get database URL from Consul or fallback to environment variable."""
+    print("[DATABASE] Starting get_database_url()")
+    
+    db_user = os.getenv('DB_USER', 'admin')
+    #db_password = ssm.get_parameter('/infrastructure/dev/rds/password')
+    db_password = os.getenv('DB_PASSWORD', 'maccadmin')
+    db_name = os.getenv('DB_NAME')
+    
+    if not db_name:
+        raise ValueError("DB_NAME environment variable is required")
+    
+    print(f"[DATABASE] Using DB_NAME: {db_name}")
+    
+    # ✅ Primero intentar RDS_HOST directo
+    rds_host = os.getenv('RDS_HOST')
+    if rds_host:
+        rds_port = os.getenv('RDS_PORT', '3306')
+        direct_url = f"mysql+aiomysql://{db_user}:{db_password}@{rds_host}:{rds_port}/{db_name}"
+        print(f"[DATABASE] Using direct RDS connection: {rds_host}:{rds_port}")
+        logger.info(f"Using direct RDS connection: {rds_host}:{rds_port}/{db_name}")
+        return direct_url
+    
+    try:
+        print("[DATABASE] Attempting to get RDS from Consul...")
+        rds_info = await get_service_url(
+            service_name="rds",
+            default_url=None
+        )
+        
+        print(f"[DATABASE] Got RDS info from Consul: {rds_info}")
+        
+        # ✅ CORRECCIÓN: Remover el prefijo http:// si existe
+        if rds_info.startswith('http://'):
+            rds_info = rds_info.replace('http://', '')
+        elif rds_info.startswith('https://'):
+            rds_info = rds_info.replace('https://', '')
+        
+        print(f"[DATABASE] Cleaned RDS info: {rds_info}")
+        
+        # Construir URL de conexión MySQL
+        database_url = f"mysql+aiomysql://{db_user}:{db_password}@{rds_info}/{db_name}"
+        print(f"[DATABASE] Using RDS from Consul for database: {db_name}")
+        logger.info(f"Using RDS from Consul: {rds_info} for database: {db_name}")
+        return database_url
+        
+    except Exception as e:
+        print(f"[DATABASE] Error getting RDS from Consul: {type(e).__name__}: {str(e)}")
+        fallback_url = os.getenv('SQLALCHEMY_DATABASE_URL', 'sqlite+aiosqlite:///./test.db')
+        print(f"[DATABASE] Using fallback: {fallback_url}")
+        logger.warning(f"Could not get RDS from Consul: {str(e)}, using fallback: {fallback_url}")
+        return fallback_url
+
+# Variables globales
+engine = None
+SessionLocal = None
+Base = declarative_base()
+_db_initialized = False
+
+async def init_database():
+    global engine, SessionLocal, _db_initialized
+
+    print("[DATABASE] init_database() called")
+
+    if _db_initialized:
+        print("[DATABASE] Database already initialized")
+        return
+
+    database_url = await get_database_url()
+
+    print("[DATABASE] Creating engine...")
+
+    engine = create_async_engine(
+        database_url,
+        echo=False,
+        pool_pre_ping=True,
+        future=True,
+    )
+    SessionLocal = sessionmaker(
+        bind=engine,
+        class_=AsyncSession,
+        expire_on_commit=False,
+    )
+
+    _db_initialized = True
+    print("[DATABASE] Engine and session created successfully")

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2/sql/models.py

@@ -0,0 +1,30 @@
+from sqlalchemy import Column, DateTime
+from sqlalchemy.sql import func
+from microservice_chassis_grupo2.sql.database import Base
+
+class BaseModel(Base):
+    """Base database table representation to reuse."""
+    __abstract__ = True
+    creation_date = Column(DateTime(timezone=True), server_default=func.now())
+    update_date = Column(DateTime, nullable=False, server_default=func.now(), onupdate=func.now())
+
+    def __repr__(self):
+        fields = ""
+        for column in self.__table__.columns:
+            if fields == "":
+                fields = f"{column.name}='{getattr(self, column.name)}'"
+                # fields = "{}='{}'".format(column.name, getattr(self, column.name))
+            else:
+                fields = f"{fields}, {column.name}='{getattr(self, column.name)}'"
+                # fields = "{}, {}='{}'".format(fields, column.name, getattr(self, column.name))
+        return f"<{self.__class__.__name__}({fields})>"
+        # return "<{}({})>".format(self.__class__.__name__, fields)
+
+    @staticmethod
+    def list_as_dict(items):
+        """Returns list of items as dict."""
+        return [i.as_dict() for i in items]
+
+    def as_dict(self):
+        """Return the item as dict."""
+        return {c.name: getattr(self, c.name) for c in self.__table__.columns}

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2_cc_prod.egg-info/PKG-INFO

@@ -0,0 +1,56 @@
+Metadata-Version: 2.4
+Name: microservice_chassis_grupo2_cc_prod
+Version: 0.1.8
+Summary: A reusable library for microservices
+Home-page: https://github.com/Grupo-MACC/Chassis
+Author: Grupo 2
+Author-email: 
+Project-URL: Homepage, https://github.com/Grupo-MACC/Chassis
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+Dynamic: home-page
+
+# 🧩 Microservice Chassis Grupo 2
+
+**Repository link:** https://github.com/Grupo-MACC/Chassis
+
+---
+
+## Functionalities
+
+This repository provides a **shared chassis** for microservices, containing configuration, database management, authentication, messaging, and helper utilities.  
+It allows microservices to reuse common functionalities such as database connections, JWT validation, RabbitMQ communication, and standardized base models.
+
+Below is a detailed list of the available functionalities:
+
+| **Module** | **Functionality** | **Description** |
+|-------------|------------------|-----------------|
+| `core/config.py` | **Settings Management** | Centralized configuration for the chassis. Defines constants like the encryption algorithm (`RS256`), RabbitMQ connection parameters (`RABBITMQ_HOST`), and exchange name (`broker`). |
+| `core/security.py` | **Token Decoding and Verification** | Handles JWT decoding using a public RSA key. Validates tokens and raises appropriate HTTP errors if invalid or missing. |
+| `core/dependencies.py` | **Database Session & Authentication Dependency** | Provides FastAPI dependencies to manage asynchronous database sessions (`get_db`) and current user retrieval (`get_current_user`) from a JWT token. |
+| `core/rabbitmq.py` | **RabbitMQ Channel & Exchange Management** | Creates asynchronous connections to RabbitMQ using `aio_pika`. Declares durable topic exchanges for inter-service communication. |
+| `core/utils.py` | **Helper Functions and Service URLs** | Defines service URLs (order, machine, delivery, payment, auth) and provides error handling utilities with standardized logging (`raise_and_log_error`). |
+| `sql/database.py` | **Database Engine & Session Configuration** | Configures SQLAlchemy’s asynchronous engine and sessionmaker. Supports `SQLALCHEMY_DATABASE_URL` via environment variable (defaults to SQLite). |
+| `sql/base_class.py` | **Base Model for ORM Classes** | Provides a reusable abstract base class (`BaseModel`) for all database models, including timestamp columns (`creation_date`, `update_date`) and helper methods for converting models to dictionaries. |
+
+---
+
+## Functionalities per Microservice
+
+| **Microservice** | **Used Functionalities** |
+|------------------|--------------------------|
+| `payment` | `core/config`, `core/security`, `core/dependencies`, `core/rabbitmq`, `core/utils`, `sql/database`, `sql/base_class` |
+
+---
+
+## Summary
+
+This chassis allows the `payment` microservice (and potentially others in the future) to operate with consistent patterns for:
+- Secure token validation.
+- Standardized database access and sessions.
+- Centralized configuration.
+- RabbitMQ-based inter-service communication.
+- Common helper utilities and error management.
+- Unified base ORM models.
+
+It provides a robust foundation for building scalable and maintainable microservices within the system.

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2_cc_prod.egg-info/SOURCES.txt

@@ -0,0 +1,19 @@
+README.md
+pyproject.toml
+setup.py
+microservice_chassis_grupo2/__init__.py
+microservice_chassis_grupo2/core/__init__.py
+microservice_chassis_grupo2/core/config.py
+microservice_chassis_grupo2/core/consul.py
+microservice_chassis_grupo2/core/dependencies.py
+microservice_chassis_grupo2/core/rabbitmq_core.py
+microservice_chassis_grupo2/core/router_utils.py
+microservice_chassis_grupo2/core/secrets.py
+microservice_chassis_grupo2/core/security.py
+microservice_chassis_grupo2/sql/__init__.py
+microservice_chassis_grupo2/sql/database.py
+microservice_chassis_grupo2/sql/models.py
+microservice_chassis_grupo2_cc_prod.egg-info/PKG-INFO
+microservice_chassis_grupo2_cc_prod.egg-info/SOURCES.txt
+microservice_chassis_grupo2_cc_prod.egg-info/dependency_links.txt
+microservice_chassis_grupo2_cc_prod.egg-info/top_level.txt

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2_cc_prod.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

microservice_chassis_grupo2_cc_prod-0.1.8/microservice_chassis_grupo2_cc_prod.egg-info/top_level.txt

@@ -0,0 +1 @@
+microservice_chassis_grupo2

microservice_chassis_grupo2_cc_prod-0.1.8/pyproject.toml

@@ -0,0 +1,31 @@
+# pyproject.toml
+[build-system]
+requires = [
+  "setuptools>=69",
+  "wheel",
+  "setuptools_scm[toml]>=8"
+]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "microservice_chassis_grupo2_cc_prod"
+dynamic = ["version"]
+description = "A reusable library for microservices"
+readme = "README.md"
+requires-python = ">=3.10"
+authors = [{ name = "Grupo 2" }]
+urls = { "Homepage" = "https://github.com/Grupo-MACC/Chassis" }
+
+[tool.setuptools.packages.find]
+where = ["."]
+include = ["microservice_chassis_grupo2*"]
+
+[tool.setuptools_scm]
+version_scheme = "no-guess-dev"
+local_scheme = "no-local-version"
+
+# Acepta tags tipo v0.1.9, v0.1.5rc10, v1.2.3
+tag_regex = "^(?:v)?(?P<version>\\d+\\.\\d+\\.\\d+(?:(?:a|b|rc)\\d+)?)$"
+
+# Escribe versión dentro del paquete (evita problemas al construir desde sdist)
+write_to = "microservice_chassis_grupo2/_version.py"

microservice_chassis_grupo2_cc_prod-0.1.8/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

microservice_chassis_grupo2_cc_prod-0.1.8/setup.py

@@ -0,0 +1,26 @@
+"""
+setup.py
+
+Este setup.py deja de hardcodear la versión.
+La versión se obtiene de tags Git mediante setuptools_scm (configurado en pyproject.toml).
+
+Nota:
+    Con pyproject.toml presente, lo normal es construir con:
+        python -m build
+    y no con setup.py directamente.
+"""
+
+from setuptools import setup, find_packages
+
+
+setup(
+    name="microservice_chassis_grupo2_cc_prod",
+    version="0.1.8",
+    packages=find_packages(),
+    use_scm_version=True,  # <-- clave: versión por tags
+    description="A reusable library for microservices",
+    url="https://github.com/Grupo-MACC/Chassis",
+    author="Grupo 2",
+    author_email="",
+    install_requires=[]
+)