Fix CodeQL Alert for SSRF

[umar8hassan]

What are the relevant tickets?

closes #2175 and closes https://github.com/mitodl/ocw-studio/issues/2172

Description (What does it do?)

Limited the use of input url. Format for the subscribe url is pre-defined and only token will be used from the message.

How can this be tested?

The scope of this ticket is to test that url was formatted correctly after using the pre-defined url format

• Use the RC settings for AWS_ACCOUNT_ID and AWS_REGION
• Using Postman or curl, make a request to http://localhost:8043/api/transcode-jobs/ with the following data, and headers "Authorization: Bearer <settings.API_BEARER_TOKEN>" and "Content-Type: application/json":

  {
  "Type": "SubscriptionConfirmation",
  "MessageId": "88b400b3-2fd3-49a3-b182-f64a4224d3e2",
  "Token": "fake-token",
  "TopicArn": "arn:aws:sns:<AWS_REGION>:<AWS_ACCOUNT_ID>:MediaConvertJobAlert",
  "Message": "To confirm the subscription, visit the SubscribeURL included in this message.",
  "SubscribeURL": "https://sns.<AWS_REGION>.amazonaws.com/?Action=ConfirmSubscription&TopicArn=arn:aws:sns:<AWS_REGION>:<AWS_ACCOUNT_ID>:MediaConvertJobAlert&Token=fake-token",
  "Timestamp": "2021-08-05T14:32:17.423Z",
  "SignatureVersion": "1",
  "Signature": "fake-signature",
  "SigningCertURL": "https://sns.<AWS_REGION>.amazonaws.com/SimpleNotificationService.pem"
  }

• The request should return 200 status_code. Which would indicate that url was formatted correctly.

[pt2302]

Could you add a test for this functionality, i.e., making sure that the URL is properly formatted? Also, we are not currently performing validation on some of these fields, such as AWS_ACCOUNT_ID. We should do this, and throw appropriate errors if they are not valid.