Merge pull request #1 from seanpedrick-case/dev

Added Gemini and AWS Bedrock compatibility. Gemma model. Now document redaction QA.

Author: seanpedrick-case

.dockerignore

@@ -0,0 +1,14 @@
+*.pyc
+*.ipynb
+*.pdf
+*.spec
+*.toc
+*.csv
+*.bin
+bootstrapper.py
+build/*
+dist/*
+test/*
+config/*
+output/*
+input/*

.gitattributes

@@ -0,0 +1 @@
+*.zip filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -8,4 +8,7 @@
 bootstrapper.py
 build/*
 dist/*
-test/*
+test/*
+config/*
+output/*
+input/*

app.py

@@ -1,37 +1,62 @@
-
+#import os
 import boto3
-from chatfuncs.helper_functions import get_or_create_env_var
-
-client_id = get_or_create_env_var('AWS_CLIENT_ID', '') # This client id is borrowed from async gradio app client
-print(f'The value of AWS_CLIENT_ID is {client_id}')
+#import gradio as gr
+import hmac
+import hashlib
+import base64
+from chatfuncs.config import AWS_CLIENT_ID, AWS_CLIENT_SECRET, AWS_USER_POOL_ID, AWS_REGION
 
-user_pool_id = get_or_create_env_var('AWS_USER_POOL_ID', '')
-print(f'The value of AWS_USER_POOL_ID is {user_pool_id}')
+def calculate_secret_hash(client_id:str, client_secret:str, username:str):
+    message = username + client_id
+    dig = hmac.new(
+        str(client_secret).encode('utf-8'),
+        msg=str(message).encode('utf-8'),
+        digestmod=hashlib.sha256
+    ).digest()
+    secret_hash = base64.b64encode(dig).decode()
+    return secret_hash
 
-def authenticate_user(username, password, user_pool_id=user_pool_id, client_id=client_id):
+def authenticate_user(username:str, password:str, user_pool_id:str=AWS_USER_POOL_ID, client_id:str=AWS_CLIENT_ID, client_secret:str=AWS_CLIENT_SECRET):
     """Authenticates a user against an AWS Cognito user pool.
 
     Args:
         user_pool_id (str): The ID of the Cognito user pool.
         client_id (str): The ID of the Cognito user pool client.
         username (str): The username of the user.
         password (str): The password of the user.
+        client_secret (str): The client secret of the app client
 
     Returns:
         bool: True if the user is authenticated, False otherwise.
     """
 
-    client = boto3.client('cognito-idp')  # Cognito Identity Provider client
+    client = boto3.client('cognito-idp', region_name=AWS_REGION)  # Cognito Identity Provider client
+
+    # Compute the secret hash
+    secret_hash = calculate_secret_hash(client_id, client_secret, username)
 
     try:
-        response = client.initiate_auth(
+
+        if client_secret == '':
+            response = client.initiate_auth(
+                AuthFlow='USER_PASSWORD_AUTH',
+                AuthParameters={
+                    'USERNAME': username,
+                    'PASSWORD': password,
+                },
+                ClientId=client_id
+            )
+
+        else:
+            response = client.initiate_auth(
             AuthFlow='USER_PASSWORD_AUTH',
             AuthParameters={
                 'USERNAME': username,
                 'PASSWORD': password,
+                'SECRET_HASH': secret_hash
             },
             ClientId=client_id
-        )
+            )
 
         # If successful, you'll receive an AuthenticationResult in the response
         if response.get('AuthenticationResult'):
@@ -44,5 +69,7 @@ def authenticate_user(username, password, user_pool_id=user_pool_id, client_id=c
     except client.exceptions.UserNotFoundException:
         return False
     except Exception as e:
-        print(f"An error occurred: {e}")
-        return False
+        out_message = f"An error occurred: {e}"
+        print(out_message)
+        raise Exception(out_message)
+        return False