verifySESEmail.py

#!/usr/bin/env python

"""Manage email verifications for CU Emails.

Perform following operations on a list of emails:
    - verifyEmails: Sends an email to each of the emails in the
                list.  Amazon verifies that the email is
                syntaxically correct first.  (Each email is
                a call to AWS SES.)
    - getVerification: Sends Amazon a list of emails and Amazon
                   returns a list of emails and the statuses.
                   (Emails that Amazon doesn't have are not
                   returned.)
    - removeEmails: Sends a request to Amazon to remove email from
                the list of identities.  (Each email is a call
                to AWS SES.)

Default AWS_REGION is `us-west-2` but the tempalte can be created and verified
in other regions by setting up AWS_REGION env variable (check aws
docuementation for restrictions in certain regions.)

As of 2018-10-02, `HomeCUVerificationEmailTemplate` is the default
custom tempalte being and already should exist in the expected aws
region before running this script.

Fun fact, if you resend email verification request to an email which is already
verified, using the custom verification email template, aws ses will change
the status from verified to pending and the recipient will have to verify the
email again. This is not the case when you send email verifications using
aws's default process (i.e. not using custom verification email templates).
"""

import sys
import boto3
import os
import json
import argparse
from botocore.exceptions import ClientError

# Global settings
USAGE_HELP = ("verifySESEmail.py -e \"email1 email2 email3 ... emailN\" "
              "-a \"verifyEmails\"|\"getVerification\"|\"removeEmails\"")

# Use us-west-2 as a default region
# This should work for local development, alpha stack(us-east-2) and prod
AWS_REGION = os.getenv('AWS_REGION', 'us-west-2')

# Default custom email verification template name
CUSTOM_EMAIL_TEMPLATE = "HomeCUVerificationEmailTemplate"


class CustomArgumentParser(argparse.ArgumentParser):
    """Custom ArgumentParser class

    Extends:
        argparse.ArgumentParser
    """

    def error(self, message):
        """Suppressing default error method

        Return custom error message on ArgumentParser.error.

        Arguments:
            message -- error message

        Raises:
            SystemExit
        """
        custom_error = {
            'status': '999',
            'error': USAGE_HELP,
            'response': {}
        }
        print(json.dumps(custom_error))
        raise SystemExit(2)


def get_parser():
    """Prepare argument parser.

    Returns:
        parser -- ArgumentParser object
    """
    parser = CustomArgumentParser(
        description="AWS SES email verification using custom template."
    )

    parser.add_argument("-e", "--emails",
                        help="Space delimited list of emails",
                        required=True
                        )

    parser.add_argument("-a", "--action",
                        choices=["verifyEmails",
                                 "getVerification", "removeEmails"],
                        required=True,
                        help=('Action of the script. '
                              '(i) "verifyEmails" -- Sends an email to '
                              'each of the `emails` in the list. Amazon '
                              'verifies that the email is syntaxically correct'
                              ' first. (Each email is a call to AWS SES. '
                              '(ii) "getVerification" -- Sends Amazon a list'
                              ' of emails and Amazon returns a list of emails'
                              ' and the statuses (Emails that Amazon doesn\'t'
                              ' have are not returned). '
                              '(iii) "removeEmails" -- Sends a request to '
                              'Amazon to remove email from the list of '
                              'identities (Each email is a call to  AWS SES.))'
                              )
                        )

    parser.add_argument("-tn", "--template-name",
                        help="Provide a template name to use",
                        default=CUSTOM_EMAIL_TEMPLATE)

    return parser


def main(argv):
    """Main method to execute operations on email verification.

    Arguments:
        argv {list} -- list of script arguments

    Raises:
        SystemExit
        BaseException
    """

    main_return = {
        'status': '000',
        'error': '',
        'response': {}
    }

    # Get argument parser
    parser = get_parser()
    try:
        args = parser.parse_args(argv)
    except (argparse.ArgumentError, Exception) as e:
        main_return = {
            'status': '999',
            'error': e,
            'response': {}
        }
        print(json.dumps(main_return))
        raise SystemExit(2)

    response = None
    excption = False

    try:

        # Create boto3 client object
        client = boto3.client('ses', region_name=AWS_REGION)

        response = {}
        # Future improvements: As of 2018-10-03, the following loop will halt
        # if the invalid email is encountered and other remaining emails are
        # not processed. Since this script is called after validating the
        # emails on the client side, we should not encounter such use case
        # scenario. Otherwise, changes in this script and changes from
        # homecu/odyssey#175{0,1} need to be updated to handle such use case.
        for email in args.emails.split():
            # Verify email syntax
            email = email.strip()

            if (args.action == "verifyEmails"):
                try:
                    # Send verification email to email address using the
                    # custom verification email template
                    if (email not in response):
                        response[email] = client.send_custom_verification_email(
                            EmailAddress=email,
                            TemplateName=args.template_name
                        )
                except ClientError as e:
                    response[email] = e.response["Error"]["Message"]
                    raise BaseException(email + " is not valid")

            elif (args.action == "removeEmails"):
                try:
                    # Send request to delete email
                    if (email not in response):
                        response[email] = client.delete_identity(
                            Identity=email)
                except ClientError as e:
                    response[email] = e.response["Error"]["Message"]
                    raise BaseException(email + " is not valid")

            elif (args.action == "getVerification"):
                # remove duplicates from list
                if (email not in response):
                    response[email] = True

        if (args.action == "getVerification"):
            # Need to be "list" for client to accept it
            response = list(response.keys())
            try:
                response = client.get_identity_verification_attributes(
                    Identities=response)

            except ClientError as e:
                raise BaseException(e)

    except BaseException as e:
        main_return['status'] = '999'
        main_return['error'] = str(e)
        excption = True
    except Exception as e:
        main_return['status'] = '999'
        main_return['error'] = e
        excption = True

    # SUCCESS
    main_return['response'] = response
    print (json.dumps(main_return))

    if excption:
        raise SystemExit(2)


def run():
    """Script entrypoint"""
    main(sys.argv[1:])


if __name__ == "__main__":
    run()