try using truststore

This commit is contained in:
Kenneth Kehl
2025-07-22 10:44:14 -07:00
parent 72f2ccb91a
commit e16c4fe277
6 changed files with 78 additions and 42 deletions

View File

@@ -1,35 +1,46 @@
import logging as real_logging
import os
import secrets
import string
import time
import uuid
from contextlib import contextmanager
from threading import Lock
from time import monotonic
import truststore
from celery import Celery, Task, current_task
from flask import current_app, g, has_request_context, jsonify, make_response, request
from flask.ctx import has_app_context
from flask_migrate import Migrate
from flask_socketio import SocketIO
from flask_sqlalchemy import SQLAlchemy as _SQLAlchemy
from sqlalchemy import event
from werkzeug.exceptions import HTTPException as WerkzeugHTTPException
from werkzeug.local import LocalProxy
truststore.inject_into_ssl() # noqa
from app import config
from app.clients import NotificationProviderClients
from app.clients.cloudwatch.aws_cloudwatch import AwsCloudwatchClient
from app.clients.document_download import DocumentDownloadClient
from app.clients.email.aws_ses import AwsSesClient
from app.clients.email.aws_ses_stub import AwsSesStubClient
from app.clients.pinpoint.aws_pinpoint import AwsPinpointClient
from app.clients.sms.aws_sns import AwsSnsClient
from notifications_utils import logging, request_helper
from notifications_utils.clients.encryption.encryption_client import Encryption
from notifications_utils.clients.redis.redis_client import RedisClient
from notifications_utils.clients.zendesk.zendesk_client import ZendeskClient
import logging as real_logging # noqa
import os # noqa
import secrets # noqa
import string # noqa
import time # noqa
import uuid # noqa
from contextlib import contextmanager # noqa
from threading import Lock # noqa
from time import monotonic # noqa
from celery import Celery, Task, current_task # noqa
from flask import ( # noqa
current_app,
g,
has_request_context,
jsonify,
make_response,
request,
)
from flask.ctx import has_app_context # noqa
from flask_migrate import Migrate # noqa
from flask_socketio import SocketIO # noqa
from flask_sqlalchemy import SQLAlchemy as _SQLAlchemy # noqa
from sqlalchemy import event # noqa
from werkzeug.exceptions import HTTPException as WerkzeugHTTPException # noqa
from werkzeug.local import LocalProxy # noqa
from app import config # noqa
from app.clients import NotificationProviderClients # noqa
from app.clients.cloudwatch.aws_cloudwatch import AwsCloudwatchClient # noqa
from app.clients.document_download import DocumentDownloadClient # noqa
from app.clients.email.aws_ses import AwsSesClient # noqa
from app.clients.email.aws_ses_stub import AwsSesStubClient # noqa
from app.clients.pinpoint.aws_pinpoint import AwsPinpointClient # noqa
from app.clients.sms.aws_sns import AwsSnsClient # noqa
from notifications_utils import logging, request_helper # noqa
from notifications_utils.clients.encryption.encryption_client import Encryption # noqa
from notifications_utils.clients.redis.redis_client import RedisClient # noqa
from notifications_utils.clients.zendesk.zendesk_client import ZendeskClient # noqa
job_cache = {}
job_cache_lock = Lock()

View File

@@ -9,6 +9,10 @@
__version__ = "10.0.1"
import truststore
truststore.inject_into_ssl() # noqa
from notifications_python_client.errors import ( # noqa
REQUEST_ERROR_MESSAGE,
REQUEST_ERROR_STATUS_CODE,

View File

@@ -1,5 +1,9 @@
import re
from datetime import datetime, timezone
import truststore
truststore.inject_into_ssl() # noqa
import re # noqa
from datetime import datetime, timezone # noqa
SMS_CHAR_COUNT_LIMIT = 918 # 153 * 6, no network issues but check with providers before upping this further
LETTER_MAX_PAGE_COUNT = 10

14
poetry.lock generated
View File

@@ -4895,6 +4895,18 @@ files = [
{file = "trove_classifiers-2025.5.9.12.tar.gz", hash = "sha256:7ca7c8a7a76e2cd314468c677c69d12cc2357711fcab4a60f87994c1589e5cb5"},
]
[[package]]
name = "truststore"
version = "0.10.1"
description = "Verify certificates using native system trust stores"
optional = false
python-versions = ">=3.10"
groups = ["dev"]
files = [
{file = "truststore-0.10.1-py3-none-any.whl", hash = "sha256:b64e6025a409a43ebdd2807b0c41c8bff49ea7ae6550b5087ac6df6619352d4c"},
{file = "truststore-0.10.1.tar.gz", hash = "sha256:eda021616b59021812e800fa0a071e51b266721bef3ce092db8a699e21c63539"},
]
[[package]]
name = "types-python-dateutil"
version = "2.9.0.20250708"
@@ -5533,4 +5545,4 @@ cffi = ["cffi (>=1.11)"]
[metadata]
lock-version = "2.1"
python-versions = "^3.12.9"
content-hash = "6abf626cf2fee8ccaaee2087f0cf37244b829e7cbcace1287c7807747e70bd5c"
content-hash = "22349492b1a9f51489155a385d34be31490bba5d7a18dda853c556f4f4983829"

View File

@@ -108,6 +108,7 @@ radon = "^6.0.1"
requests-mock = "^1.11.0"
setuptools = "^80.9.0"
sqlalchemy-utils = "^0.41.2"
truststore = "^0.10.1"
vulture = "^2.10"
detect-secrets = "^1.5.0"
poetry-dotenv-plugin = "^0.2.0"

View File

@@ -1,14 +1,18 @@
import uuid
import truststore
from flask import current_app
from sqlalchemy import select
truststore.inject_into_ssl() # noqa
from app import db
from app.dao.api_key_dao import save_model_api_key
from app.dao.services_dao import dao_fetch_service_by_id
from app.enums import KeyType
from app.models import ApiKey
from notifications_python_client.authentication import create_jwt_token
import uuid # noqa
from flask import current_app # noqa
from sqlalchemy import select # noqa
from app import db # noqa
from app.dao.api_key_dao import save_model_api_key # noqa
from app.dao.services_dao import dao_fetch_service_by_id # noqa
from app.enums import KeyType # noqa
from app.models import ApiKey # noqa
from notifications_python_client.authentication import create_jwt_token # noqa
def create_service_authorization_header(service_id, key_type=KeyType.NORMAL):