Merge pull request #291 from asfadmin/before-first-request

move initialization to lambda_handler due to before_first_request removal in flask 2.3.0

door/src/door/lambda_handler.py

@@ -1,3 +1,7 @@
+import json
+import os
+
+import boto3
 import serverless_wsgi
 
 from door import app
@@ -6,5 +10,16 @@
 serverless_wsgi.TEXT_MIME_TYPES.append('application/problem+json')
 
 
+def get_secret(secret_name):
+    sm = boto3.client('secretsmanager', os.environ['AWS_REGION'])
+    response = sm.get_secret_value(SecretId=secret_name)
+    secret = json.loads(response['SecretString'])
+    return secret
+
+
+private_key = get_secret(os.environ['PRIVATE_KEY_SECRET_NAME'])['private_key']
+os.environ['CLOUDFRONT_PRIVATE_KEY'] = str(private_key)
+
+
 def handler(event, context):
     return serverless_wsgi.handle_request(app, event, context)

door/src/door/routes.py

@@ -1,4 +1,3 @@
-import json
 import os
 from datetime import datetime, timedelta, timezone
 from urllib.parse import quote_plus
@@ -25,12 +24,6 @@ def decode_token(token):
         return None
 
 
-@app.before_first_request
-def init_app():
-    private_key = get_secret(os.environ['PRIVATE_KEY_SECRET_NAME'])['private_key']
-    os.environ['CLOUDFRONT_PRIVATE_KEY'] = str(private_key)
-
-
 @app.before_request
 def authenticate_user():
     cookie = request.cookies.get(os.environ['JWT_COOKIE_NAME'])
@@ -71,10 +64,3 @@ def rsa_signer(message):
     cf_signer = CloudFrontSigner(os.environ['CLOUDFRONT_KEY_PAIR_ID'], rsa_signer)
     signed_url = cf_signer.generate_presigned_url(base_url, date_less_than=expiration_datetime)
     return signed_url
-
-
-def get_secret(secret_name):
-    sm = boto3.client('secretsmanager', os.environ['AWS_REGION'])
-    response = sm.get_secret_value(SecretId=secret_name)
-    secret = json.loads(response['SecretString'])
-    return secret