Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added SSO to retrieve credentials for calling Cognito related queries #41

Merged
merged 5 commits into from
Oct 26, 2023
Merged

Added SSO to retrieve credentials for calling Cognito related queries #41

merged 5 commits into from
Oct 26, 2023

Conversation

KevinHa48
Copy link
Member

@KevinHa48 KevinHa48 commented Sep 24, 2023
edited
Loading

Summary of changes

  • Depends on: Update portal to new submodule location and add AWS credential related env variables portal#10 (potential shortcomings of using this method are also mentioned here
  • AWS-CLI (local installation) will be needed for developers to dynamically retrieve credentials to call Cognito services
  • boto3 uses the AWS_CONFIG_FILE and AWS_PROFILE Docker environment variables to make its calls.
  • aws configure sso should be run by developers which creates the AWS_CONFIG_FILE directory and AWS_PROFILE
  • See README.md in the portal repo for setup details.

@KevinHa48 KevinHa48 linked an issue Sep 24, 2023 that may be closed by this pull request
Implement way to query Cognito data #27
Closed
@gcarvellas gcarvellas mentioned this pull request Sep 28, 2023
Merged
@gcarvellas
Copy link
Contributor

mypy fails

root@razer-blade-15:/portal/backend# make check
python3 -m mypy .
database/cognito.py:3: error: Skipping analyzing "botocore.exceptions": module is installed, but missing library stubs or py.typed marker  [import]
database/cognito.py:3: note: See https://mypy.readthedocs.io/en/stable/running_mypy.html#missing-imports
database/cognito.py:5: error: Skipping analyzing "boto3": module is installed, but missing library stubs or py.typed marker  [import]
database/cognito.py:10: error: Function is missing a return type annotation  [no-untyped-def]
database/cognito.py:10: note: Use "-> None" if function does not return a value
database/cognito.py:13: error: Function is missing a return type annotation  [no-untyped-def]
app.py:19: error: Call to untyped function "CognitoIdentityProviderWrapper" in typed context  [no-untyped-call]

Before doing anything I'd wait for #43 to get merged

@gcarvellas gcarvellas mentioned this pull request Oct 12, 2023
Closed
gcarvellas
gcarvellas reviewed Oct 12, 2023
View reviewed changes
managers/contract.py
approver_cognito_data = CognitoIdentityProviderWrapper().get_user(approver_name)
approver_email = approver_cognito_data.email

# TODO the approver_name should be the user's name, not username
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#46

gcarvellas
gcarvellas reviewed Oct 12, 2023
View reviewed changes
.devcontainer/docker-compose-dev.yml
@@ -16,11 +16,12 @@ services:
- ../../backend.env
volumes:
- ../../:/portal
- ~/.aws:/.aws
- ~/.aws:/root/.aws
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

castlepointanime/portal#12

@gcarvellas
Copy link
Contributor

Thanks @KevinHa48 for the great work on this!

This MR will also integrate the cognito user querying into POST /contracts. When we query for a random approver, we first query the MongoDB for any user with the approver role, then we take that username and query the cognito DB for their email.

This is done to separate non confidential data in the MongoDB and confidential data in Cognito.

I need to test this some more before merging.

@gcarvellas gcarvellas merged commit 8a818ca into main Oct 26, 2023
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gcarvellas gcarvellas gcarvellas left review comments

@Yun-L Yun-L Awaiting requested review from Yun-L

@g00gol g00gol Awaiting requested review from g00gol

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement way to query Cognito data
2 participants
@KevinHa48 @gcarvellas