src/backend/mailbox_manager/utils/dimail.py

"""A minimalist client to synchronize with mailbox provisioning API."""

from logging import getLogger

from django.conf import settings
from django.core import exceptions

import requests
from rest_framework import status
from urllib3.util import Retry

logger = getLogger(__name__)

adapter = requests.adapters.HTTPAdapter(
    max_retries=Retry(
        total=4,
        backoff_factor=0.1,
        status_forcelist=[500, 502],
        allowed_methods=["PATCH"],
    )
)

session = requests.Session()
session.mount("http://", adapter)
session.mount("https://", adapter)


class DimailAPIClient:
    """A dimail-API client."""

    API_URL = settings.MAIL_PROVISIONING_API_URL

    def get_headers(self, domain):
        """Build header dict from domain object."""
        # self.secret is the encoded basic auth, to request a new token from dimail-api
        headers = {"Content-Type": "application/json"}

        response = requests.get(
            f"{self.API_URL}/token/",
            headers={"Authorization": f"Basic {domain.secret}"},
            timeout=20,
        )

        if response.status_code == status.HTTP_403_FORBIDDEN:
            logger.error(
                "[DIMAIL] 403 Forbidden: please check the mail domain secret of %s",
                domain.name,
            )
            raise exceptions.PermissionDenied

        if "access_token" in response.json():
            headers["Authorization"] = f"Bearer {response.json()['access_token']}"
            logger.info("Token succesfully granted by mail-provisioning API.")

        return headers

    def send_mailbox_request(self, mailbox):
        """Send a CREATE mailbox request to mail provisioning API."""

        payload = {
            "givenName": mailbox.first_name,
            "surName": mailbox.last_name,
            "displayName": f"{mailbox.first_name} {mailbox.last_name}",
        }

        try:
            response = session.post(
                f"{self.API_URL}/domains/{mailbox.domain}/mailboxes/{mailbox.local_part}/",
                json=payload,
                headers=self.get_headers(mailbox.domain),
                verify=True,
                timeout=10,
            )
        except requests.exceptions.ConnectionError as error:
            logger.error(
                "Connection error while trying to reach %s.",
                self.API_URL,
                exc_info=error,
            )
            raise error
        except exceptions.PermissionDenied as error:
            raise exceptions.PermissionDenied(
                f"Token denied - Wrong secret on mail domain {mailbox.domain.name}"
            ) from error

        if response.status_code == status.HTTP_201_CREATED:
            extra = {"response": response.content.decode("utf-8")}
            # This a temporary broken solution. Password will soon be sent
            # from OX servers but their prod is not ready.
            # In the meantime, we log mailbox info (including password !)
            logger.info(
                "Mailbox successfully created on domain %s",
                mailbox.domain.name,
                extra=extra,
            )
            return response

        if response.status_code == status.HTTP_403_FORBIDDEN:
            raise exceptions.PermissionDenied(
                f"Secret not valid for this domain {mailbox.domain.name}"
            )

        # All other errors are considered 'unexpected'
        logger.error(
            "Unexpected response: %s",
            response.content.decode("utf-8"),
        )
        raise SystemError(
            f"Unexpected response from dimail: {response.content.decode('utf-8')}"
        )
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`"""A minimalist client to synchronize with mailbox provisioning API."""`

			`from logging import getLogger`

			`from django.conf import settings`
			`from django.core import exceptions`

			`import requests`
			`from rest_framework import status`
			`from urllib3.util import Retry`

			`logger = getLogger(__name__)`

			`adapter = requests.adapters.HTTPAdapter(`
			`max_retries=Retry(`
			`total=4,`
			`backoff_factor=0.1,`
			`status_forcelist=[500, 502],`
			`allowed_methods=["PATCH"],`
			`)`
			`)`

			`session = requests.Session()`
			`session.mount("http://", adapter)`
			`session.mount("https://", adapter)`


			`class DimailAPIClient:`
			`"""A dimail-API client."""`

👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`API_URL = settings.MAIL_PROVISIONING_API_URL`

✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`def get_headers(self, domain):`
			`"""Build header dict from domain object."""`
			`# self.secret is the encoded basic auth, to request a new token from dimail-api`
			`headers = {"Content-Type": "application/json"}`

			`response = requests.get(`
👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`f"{self.API_URL}/token/",`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`headers={"Authorization": f"Basic {domain.secret}"},`
🐛(dimail) improve handling of dimail errors on failed mailbox creation dimail is called twice when creating a mailbox (once for the token, and once for the post on mailbox endpoint). we want to clarify the status_codes and messages of each error to inform user and ease debug 2024-09-03 18:29:28 +02:00			`timeout=20,`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`)`

🐛(dimail) improve handling of dimail errors on failed mailbox creation dimail is called twice when creating a mailbox (once for the token, and once for the post on mailbox endpoint). we want to clarify the status_codes and messages of each error to inform user and ease debug 2024-09-03 18:29:28 +02:00			`if response.status_code == status.HTTP_403_FORBIDDEN:`
			`logger.error(`
			`"[DIMAIL] 403 Forbidden: please check the mail domain secret of %s",`
			`domain.name,`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`)`
🐛(dimail) improve handling of dimail errors on failed mailbox creation dimail is called twice when creating a mailbox (once for the token, and once for the post on mailbox endpoint). we want to clarify the status_codes and messages of each error to inform user and ease debug 2024-09-03 18:29:28 +02:00			`raise exceptions.PermissionDenied`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00
			`if "access_token" in response.json():`
			`headers["Authorization"] = f"Bearer {response.json()['access_token']}"`
👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`logger.info("Token succesfully granted by mail-provisioning API.")`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00
			`return headers`

			`def send_mailbox_request(self, mailbox):`
			`"""Send a CREATE mailbox request to mail provisioning API."""`

			`payload = {`
			`"givenName": mailbox.first_name,`
			`"surName": mailbox.last_name,`
			`"displayName": f"{mailbox.first_name} {mailbox.last_name}",`
			`}`

			`try:`
			`response = session.post(`
👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`f"{self.API_URL}/domains/{mailbox.domain}/mailboxes/{mailbox.local_part}/",`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`json=payload,`
			`headers=self.get_headers(mailbox.domain),`
			`verify=True,`
			`timeout=10,`
			`)`
👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`except requests.exceptions.ConnectionError as error:`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`logger.error(`
			`"Connection error while trying to reach %s.",`
👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`self.API_URL,`
			`exc_info=error,`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`)`
👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`raise error`
🐛(dimail) improve handling of dimail errors on failed mailbox creation dimail is called twice when creating a mailbox (once for the token, and once for the post on mailbox endpoint). we want to clarify the status_codes and messages of each error to inform user and ease debug 2024-09-03 18:29:28 +02:00			`except exceptions.PermissionDenied as error:`
			`raise exceptions.PermissionDenied(`
			`f"Token denied - Wrong secret on mail domain {mailbox.domain.name}"`
			`) from error`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00
			`if response.status_code == status.HTTP_201_CREATED:`
			`extra = {"response": response.content.decode("utf-8")}`
			`# This a temporary broken solution. Password will soon be sent`
			`# from OX servers but their prod is not ready.`
			`# In the meantime, we log mailbox info (including password !)`
			`logger.info(`
			`"Mailbox successfully created on domain %s",`
			`mailbox.domain.name,`
			`extra=extra,`
			`)`
🐛(dimail) improve handling of dimail errors on failed mailbox creation dimail is called twice when creating a mailbox (once for the token, and once for the post on mailbox endpoint). we want to clarify the status_codes and messages of each error to inform user and ease debug 2024-09-03 18:29:28 +02:00			`return response`

			`if response.status_code == status.HTTP_403_FORBIDDEN:`
✨(mailboxes) manage bad secret sent to dimail API - manage 403 returned by dimail API when mail domain secret is not valid - improve some tests - improve MailboxFactory to mock success for dimail API POST call - override 403.html to return a nice failing error in django admin - an error message is displayed on mailbox creation form of frontend 2024-08-08 18:28:01 +02:00			`raise exceptions.PermissionDenied(`
🐛(dimail) improve handling of dimail errors on failed mailbox creation dimail is called twice when creating a mailbox (once for the token, and once for the post on mailbox endpoint). we want to clarify the status_codes and messages of each error to inform user and ease debug 2024-09-03 18:29:28 +02:00			`f"Secret not valid for this domain {mailbox.domain.name}"`
👽️(mailboxes) fix mailbox creation after dimail api improvement Latest dimail modification lead to a bug in our app, preventing mailbox creation from working properly. I swapped old dimail url to new one, mirrored dimail modification and fixed tests and tada! 2024-08-26 19:10:43 +02:00			`)`

🐛(dimail) improve handling of dimail errors on failed mailbox creation dimail is called twice when creating a mailbox (once for the token, and once for the post on mailbox endpoint). we want to clarify the status_codes and messages of each error to inform user and ease debug 2024-09-03 18:29:28 +02:00			`# All other errors are considered 'unexpected'`
			`logger.error(`
			`"Unexpected response: %s",`
			`response.content.decode("utf-8"),`
			`)`
			`raise SystemError(`
			`f"Unexpected response from dimail: {response.content.decode('utf-8')}"`
			`)`