in src/key_generator.py [0:0]
def retrieve_content_id_secret(self, content_id):
"""
Retrieve the secret value by content ID used for generating keys
"""
try:
# cached locally?
secret = self.retrieve_local_secret(content_id)
print("CACHED-SECRET {}".format(content_id))
except IOError:
# try secrets manager
secret_id = "speke/{}".format(content_id)
try:
response = self.secrets_client.get_secret_value(SecretId=secret_id)
secret = response['SecretString']
self.store_local_secret(content_id, secret)
print("RETRIEVE-SECRET {}".format(content_id))
except ClientError as error:
if error.response['Error']['Code'] == 'ResourceNotFoundException':
# we need a new secret value
print("CREATE-SECRET {}".format(content_id))
secret = self.generate_content_id_secret()
self.secrets_client.create_secret(Name=secret_id, SecretString=secret, Description='SPEKE content ID secret value for key generation')
self.store_local_secret(content_id, secret)
else:
# we're done trying
raise error
return secret