Revisions per comments

Author: seshubaws

aws_lambda_powertools/utilities/data_masking/base.py

@@ -29,10 +29,10 @@ def _apply_action(self, data, fields, action, *args, **kwargs):
     def _use_ast(self, data: Union[dict, str], fields, action, *args, **kwargs) -> str:
         if fields is None:
             raise ValueError("No fields specified.")
+
         if isinstance(data, str):
             # Parse JSON string as dictionary
             my_dict_parsed = json.loads(data)
-
         elif isinstance(data, dict):
             # Turn into json string so everything has quotes around it
             my_dict_parsed = json.dumps(data)

aws_lambda_powertools/utilities/data_masking/provider.py

@@ -1,7 +1,7 @@
 from abc import abstractmethod
 from collections.abc import Iterable
 
-from aws_lambda_powertools.shared.constants import DATA_MASKING_STRING as MASK
+from aws_lambda_powertools.shared.constants import DATA_MASKING_STRING
 
 
 class Provider:
@@ -20,7 +20,7 @@ def decrypt(self, data):
 
     def mask(self, data):
         if isinstance(data, (str, dict, bytes)):
-            return MASK
+            return DATA_MASKING_STRING
         elif isinstance(data, Iterable):
-            return type(data)([MASK] * len(data))
-        return MASK
+            return type(data)([DATA_MASKING_STRING] * len(data))
+        return DATA_MASKING_STRING

aws_lambda_powertools/utilities/data_masking/providers/aws_encryption_sdk.py

@@ -24,12 +24,13 @@ def __call__(cls, *args, **kwargs):
         return cls._instances[cls]
 
 
-class AwsEncryptionSdkProvider(Provider, metaclass=SingletonMeta):
-    CACHE_CAPACITY: int = 100
-    MAX_ENTRY_AGE_SECONDS: float = 300.0
-    MAX_MESSAGES: int = 200
-    # NOTE: You can also set max messages/bytes per data key
+CACHE_CAPACITY: int = 100
+MAX_ENTRY_AGE_SECONDS: float = 300.0
+MAX_MESSAGES: int = 200
+# NOTE: You can also set max messages/bytes per data key
+
 
+class AwsEncryptionSdkProvider(Provider, metaclass=SingletonMeta):
     cache = LocalCryptoMaterialsCache(CACHE_CAPACITY)
     session = botocore.session.Session()
 
@@ -40,8 +41,8 @@ def __init__(self, keys: List[str], client: Optional[EncryptionSDKClient] = None
         self.cache_cmm = CachingCryptoMaterialsManager(
             master_key_provider=self.key_provider,
             cache=self.cache,
-            max_age=self.MAX_ENTRY_AGE_SECONDS,
-            max_messages_encrypted=self.MAX_MESSAGES,
+            max_age=MAX_ENTRY_AGE_SECONDS,
+            max_messages_encrypted=MAX_MESSAGES,
         )
 
     def encrypt(self, data: Union[bytes, str], *args, **kwargs) -> str:

aws_lambda_powertools/utilities/data_masking/providers/itsdangerous.py

@@ -4,20 +4,50 @@
 
 
 class ItsDangerousProvider(Provider):
-    def __init__(self, keys, salt=None):
+    def __init__(
+        self,
+        keys,
+        salt=None,
+        serializer=None,
+        serializer_kwargs=None,
+        signer=None,
+        signer_kwargs=None,
+        fallback_signers=None,
+    ):
         self.keys = keys
         self.salt = salt
+        self.serializer = serializer
+        self.serializer_kwargs = serializer_kwargs
+        self.signer = signer
+        self.signer_kwargs = signer_kwargs
+        self.fallback_signers = fallback_signers
 
-    def encrypt(self, data, **kwargs):
+    def encrypt(self, data):
         if data is None:
             return data
 
-        serialized = URLSafeSerializer(self.keys, salt=self.salt, **kwargs)
+        serialized = URLSafeSerializer(
+            self.keys,
+            salt=self.salt,
+            serializer=None,
+            serializer_kwargs=None,
+            signer=None,
+            signer_kwargs=None,
+            fallback_signers=None,
+        )
         return serialized.dumps(data)
 
-    def decrypt(self, data, **kwargs):
+    def decrypt(self, data):
         if data is None:
             return data
 
-        serialized = URLSafeSerializer(self.keys, salt=self.salt, **kwargs)
+        serialized = URLSafeSerializer(
+            self.keys,
+            salt=self.salt,
+            serializer=None,
+            serializer_kwargs=None,
+            signer=None,
+            signer_kwargs=None,
+            fallback_signers=None,
+        )
         return serialized.loads(data)