Skip to content

Commit 34d9782

Browse files
authored
fix(02-use-cases): Removed client secret from env file and some cleanup to remove files which are not used (#294)
1 parent 443c29a commit 34d9782

9 files changed

Lines changed: 23 additions & 150 deletions

File tree

02-use-cases/healthcare-appointment-agent/.env.example

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,8 @@ cognito_discovery_url=
77
cognito_issuer=
88
cognito_auth_endpoint=
99
cognito_token_url=
10+
cognito_user_pool_id=
1011
cognito_client_id=
11-
cognito_client_secret=
1212
cognito_auth_scope=
1313

1414
openapi_spec_file="./fhir-openapi-spec.yaml"

02-use-cases/healthcare-appointment-agent/init_env.py

Lines changed: 2 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,6 @@
2020
parser.add_argument('--profile', help = "AWS Credentials Profile Name (optional)")
2121

2222
def main():
23-
user_pool_id = ""
2423
apigateway_endpoint = ""
2524
apigateway_cognito_lambda = ""
2625

@@ -31,8 +30,8 @@ def main():
3130
"cognito_issuer":"",
3231
"cognito_auth_endpoint":"",
3332
"cognito_token_url":"",
33+
"cognito_user_pool_id":"",
3434
"cognito_client_id":"",
35-
"cognito_client_secret":"",
3635
"cognito_auth_scope":"",
3736
"healthlake_endpoint":"",
3837
"openapi_spec_file":args.openapi_spec_file
@@ -47,7 +46,6 @@ def main():
4746

4847
print(f"Getting output variables from Cloudformation stack name: {args.cfn_name}")
4948
cfn_client = session.client("cloudformation", region_name=args.region)
50-
cognito_client = session.client("cognito-idp", region_name=args.region)
5149

5250
next_token = "start"
5351
while next_token != "end":
@@ -80,14 +78,12 @@ def main():
8078
env_vars['cognito_token_url'] = output['OutputValue']
8179
elif output['OutputKey'] == 'APIClientId':
8280
env_vars['cognito_client_id'] = output['OutputValue']
83-
elif output['OutputKey'] == 'ClientSecret':
84-
env_vars['cognito_client_secret'] = output['OutputValue']
8581
elif output['OutputKey'] == 'oAuthScope':
8682
env_vars['cognito_auth_scope'] = output['OutputValue']
8783
elif output['OutputKey'] == 'HealthLakeEndpoint':
8884
env_vars['healthlake_endpoint'] = output['OutputValue']
8985
elif output['OutputKey'] == 'UserPoolId':
90-
user_pool_id = output['OutputValue']
86+
env_vars['cognito_user_pool_id'] = output['OutputValue']
9187
elif output['OutputKey'] == 'ApiUrl':
9288
apigateway_endpoint = output['OutputValue']
9389
elif output['OutputKey'] == 'APIGWCognitoLambdaName':
@@ -105,13 +101,6 @@ def main():
105101
if 'issuer' in response_json:
106102
env_vars['cognito_issuer'] = response_json['issuer']
107103

108-
print(f"Getting Client Secret using UserPoolId: {user_pool_id} and ClientId: {env_vars['cognito_client_id']}")
109-
response = cognito_client.describe_user_pool_client(
110-
UserPoolId=user_pool_id,
111-
ClientId=env_vars['cognito_client_id']
112-
)
113-
env_vars['cognito_client_secret'] = response['UserPoolClient']['ClientSecret']
114-
115104
print(f"Creating .env file")
116105
# Open the .env file in write mode
117106
with open(".env", "w") as f:

02-use-cases/healthcare-appointment-agent/langgraph_agent.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -130,5 +130,5 @@ async def main(gateway_endpoint, jwt_token):
130130
gatewayEndpoint=utils.get_gateway_endpoint(agentcore_client=agentcore_client, gateway_id=args.gateway_id)
131131
print(f"Gateway Endpoint: {gatewayEndpoint}")
132132

133-
jwtToken = utils.get_oath_token()
133+
jwtToken = utils.get_oath_token(boto_session)
134134
asyncio.run(main(gatewayEndpoint, jwtToken))

02-use-cases/healthcare-appointment-agent/requirements.txt

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,10 @@ mcp[cli]>=1.10.0
66
strands-agents==0.1.8
77
ipykernel==6.29.5
88
aiohttp==3.12.14
9-
langchain==0.3.26
10-
langchain-aws==0.2.27
11-
langchain-mcp-adapters==0.1.7
12-
langgraph==0.5.1
9+
langchain==0.3.27
10+
langchain-aws==0.2.31
11+
langchain-mcp-adapters==0.1.9
12+
langgraph==0.6.6
1313
botocore
1414
bedrock-agentcore
1515
boto3

02-use-cases/healthcare-appointment-agent/setup_fhir_mcp.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,7 @@ def create_egress_oauth_provider(gateway_name):
142142
}
143143
},
144144
"clientId": os.getenv("cognito_client_id"),
145-
"clientSecret": os.getenv("cognito_client_secret")
145+
"clientSecret": utils.get_cognito_client_secret(boto_session)
146146
}
147147
}
148148

-99.2 KB
Loading

02-use-cases/healthcare-appointment-agent/strands_agent.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@
4343
gatewayEndpoint=utils.get_gateway_endpoint(agentcore_client=agentcore_client, gateway_id=args.gateway_id)
4444
print(f"Gateway Endpoint: {gatewayEndpoint}")
4545

46-
jwtToken = utils.get_oath_token()
46+
jwtToken = utils.get_oath_token(boto_session)
4747
client = MCPClient(lambda: streamablehttp_client(gatewayEndpoint,headers={"Authorization": f"Bearer {jwtToken}"}))
4848

4949
bedrockmodel = BedrockModel(

02-use-cases/healthcare-appointment-agent/test_fhir_mcp.py

Lines changed: 0 additions & 126 deletions
This file was deleted.

02-use-cases/healthcare-appointment-agent/utils.py

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,12 +39,22 @@ def list_gateways(agentcore_client):
3939

4040
return response['items']
4141

42-
def get_oath_token():
42+
def get_oath_token(boto_session):
4343
response = requests.post(
4444
os.getenv("cognito_token_url"),
45-
data=f"grant_type=client_credentials&client_id={os.getenv('cognito_client_id')}&client_secret={os.getenv('cognito_client_secret')}&scope={os.getenv('cognito_auth_scope')}",
45+
data=f"grant_type=client_credentials&client_id={os.getenv('cognito_client_id')}&client_secret={get_cognito_client_secret(boto_session)}&scope={os.getenv('cognito_auth_scope')}",
4646
headers={'Content-Type': 'application/x-www-form-urlencoded'}
4747
)
4848

4949
#print(response.json())
50-
return response.json()['access_token']
50+
return response.json()['access_token']
51+
52+
def get_cognito_client_secret(boto_session):
53+
cognito_client = boto_session.client("cognito-idp", region_name=os.getenv('aws_default_region'))
54+
55+
print(f"Getting Client Secret using UserPoolId: {os.getenv('cognito_user_pool_id')} and ClientId: {os.getenv('cognito_client_id')}")
56+
response = cognito_client.describe_user_pool_client(
57+
UserPoolId=os.getenv('cognito_user_pool_id'),
58+
ClientId=os.getenv('cognito_client_id')
59+
)
60+
return response['UserPoolClient']['ClientSecret']

0 commit comments

Comments
 (0)