mailer - remove base64 decode after kms decryption

newscorp-ghfb · Jun 19, 2022 · d6a0ce2 · d6a0ce2
1 parent dba0a66
commit d6a0ce2
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 8 deletions.
diff --git a/tools/c7n_mailer/c7n_mailer/jira_delivery.py b/tools/c7n_mailer/c7n_mailer/jira_delivery.py
@@ -21,8 +21,8 @@ def init_jira(self):
         # NOTE check length to skip calls to KMS while testing with plain text
         if len(auth_txt) > 100:
             self.logger.info("Calling KMS to decrypt the jira_basic_auth")
-            b64_txt = utils.kms_decrypt(self.config, self.logger, self.session, "jira_basic_auth")
-            self.config["jira_basic_auth"] = auth_txt = base64.b64decode(b64_txt).decode("utf8")
+            auth_txt = utils.kms_decrypt(self.config, self.logger, self.session, "jira_basic_auth")
+            self.config["jira_basic_auth"] = auth_txt
         basic_auth = tuple(auth_txt.split(":"))
         self.client = JIRA(server=self.url, basic_auth=basic_auth)
 

diff --git a/tools/c7n_mailer/c7n_mailer/queue_processor_pubsub.py b/tools/c7n_mailer/c7n_mailer/queue_processor_pubsub.py
@@ -32,7 +32,7 @@ def __init__(self, config, logger, session=None, processor=None):
                 CiphertextBlob = base64.b64decode(sa_info["private_key"])
                 kms = processor.session.client("kms")
                 pk = kms.decrypt(CiphertextBlob=CiphertextBlob)["Plaintext"].decode("utf8")
-                sa_info["private_key"] = base64.b64decode(pk).decode("utf8")[:-1].replace("\\n", "\n")
+                sa_info["private_key"] = pk.replace("\\n", "\n")
             except Exception as e:
                 self.logger.warning("Unable to decode/decrypt private key: " + str(e))
 

diff --git a/tools/c7n_mailer/c7n_mailer/sqs_queue_processor.py b/tools/c7n_mailer/c7n_mailer/sqs_queue_processor.py
@@ -63,7 +63,7 @@ def ack(self, m):
         )
 
 
-class MailerSqsQueueProcessor():
+class MailerSqsQueueProcessor:
     def __init__(self, config, session, logger, max_num_processes=16):
         self.config = config
         self.logger = logger
@@ -132,7 +132,7 @@ def run(self, parallel=False):
                 )
             else:
                 self.process_message(message, messageId, sentTimestamp)
-            self.logger.debug('Processed sqs_message')
+            self.logger.debug("Processed sqs_message")
             sqs_messages.ack(sqs_message)
         if parallel:
             process_pool.close()
@@ -205,9 +205,8 @@ def process_message(self, sqs_message, messageId=None, sentTimestamp=0):
 
             slack_token: str = self.config.get("slack_token")
             if slack_token and not slack_token.startswith("xoxb-"):
-                self.config["slack_token"] = kms_decrypt(
-                    self.config, self.logger, self.session, "slack_token"
-                )
+                slack_token = kms_decrypt(self.config, self.logger, self.session, "slack_token")
+                self.config["slack_token"] = slack_token
 
             slack_delivery = SlackDelivery(self.config, self.logger, email_delivery)
             slack_messages = slack_delivery.get_to_addrs_slack_messages_map(sqs_message)