src/backend/mailbox_manager/utils/dimail.py

"""A minimalist client to synchronize with mailbox provisioning API."""

from logging import getLogger

from django.conf import settings
from django.core import exceptions

import requests
from rest_framework import status
from urllib3.util import Retry

logger = getLogger(__name__)

adapter = requests.adapters.HTTPAdapter(
    max_retries=Retry(
        total=4,
        backoff_factor=0.1,
        status_forcelist=[500, 502],
        allowed_methods=["PATCH"],
    )
)

session = requests.Session()
session.mount("http://", adapter)
session.mount("https://", adapter)


class DimailAPIClient:
    """A dimail-API client."""

    def get_headers(self, domain):
        """Build header dict from domain object."""
        # self.secret is the encoded basic auth, to request a new token from dimail-api
        headers = {"Content-Type": "application/json"}

        response = requests.get(
            f"{settings.MAIL_PROVISIONING_API_URL}/token/",
            headers={"Authorization": f"Basic {domain.secret}"},
            timeout=status.HTTP_200_OK,
        )

        if response.json() == "{'detail': 'Permission denied'}":
            raise exceptions.PermissionDenied(
                "This secret does not allow for a new token."
            )

        if "access_token" in response.json():
            headers["Authorization"] = f"Bearer {response.json()['access_token']}"

        return headers

    def send_mailbox_request(self, mailbox):
        """Send a CREATE mailbox request to mail provisioning API."""

        payload = {
            "email": f"{mailbox.local_part}@{mailbox.domain}",
            "givenName": mailbox.first_name,
            "surName": mailbox.last_name,
            "displayName": f"{mailbox.first_name} {mailbox.last_name}",
        }

        try:
            response = session.post(
                f"{settings.MAIL_PROVISIONING_API_URL}/domains/{mailbox.domain}/mailboxes/",
                json=payload,
                headers=self.get_headers(mailbox.domain),
                verify=True,
                timeout=10,
            )
        except requests.exceptions.ConnectionError as e:
            logger.error(
                "Connection error while trying to reach %s.",
                settings.MAIL_PROVISIONING_API_URL,
                exc_info=e,
            )

        if response.status_code == status.HTTP_201_CREATED:
            extra = {"response": response.content.decode("utf-8")}
            # This a temporary broken solution. Password will soon be sent
            # from OX servers but their prod is not ready.
            # In the meantime, we log mailbox info (including password !)
            logger.info(
                "Mailbox successfully created on domain %s",
                mailbox.domain.name,
                extra=extra,
            )

        return response
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`"""A minimalist client to synchronize with mailbox provisioning API."""`

			`from logging import getLogger`

			`from django.conf import settings`
			`from django.core import exceptions`

			`import requests`
			`from rest_framework import status`
			`from urllib3.util import Retry`

			`logger = getLogger(__name__)`

			`adapter = requests.adapters.HTTPAdapter(`
			`max_retries=Retry(`
			`total=4,`
			`backoff_factor=0.1,`
			`status_forcelist=[500, 502],`
			`allowed_methods=["PATCH"],`
			`)`
			`)`

			`session = requests.Session()`
			`session.mount("http://", adapter)`
			`session.mount("https://", adapter)`


			`class DimailAPIClient:`
			`"""A dimail-API client."""`

			`def get_headers(self, domain):`
			`"""Build header dict from domain object."""`
			`# self.secret is the encoded basic auth, to request a new token from dimail-api`
			`headers = {"Content-Type": "application/json"}`

			`response = requests.get(`
			`f"{settings.MAIL_PROVISIONING_API_URL}/token/",`
			`headers={"Authorization": f"Basic {domain.secret}"},`
			`timeout=status.HTTP_200_OK,`
			`)`

			`if response.json() == "{'detail': 'Permission denied'}":`
			`raise exceptions.PermissionDenied(`
			`"This secret does not allow for a new token."`
			`)`

			`if "access_token" in response.json():`
			`headers["Authorization"] = f"Bearer {response.json()['access_token']}"`

			`return headers`

			`def send_mailbox_request(self, mailbox):`
			`"""Send a CREATE mailbox request to mail provisioning API."""`

			`payload = {`
			`"email": f"{mailbox.local_part}@{mailbox.domain}",`
			`"givenName": mailbox.first_name,`
			`"surName": mailbox.last_name,`
			`"displayName": f"{mailbox.first_name} {mailbox.last_name}",`
			`}`

			`try:`
			`response = session.post(`
			`f"{settings.MAIL_PROVISIONING_API_URL}/domains/{mailbox.domain}/mailboxes/",`
			`json=payload,`
			`headers=self.get_headers(mailbox.domain),`
			`verify=True,`
			`timeout=10,`
			`)`
			`except requests.exceptions.ConnectionError as e:`
			`logger.error(`
			`"Connection error while trying to reach %s.",`
			`settings.MAIL_PROVISIONING_API_URL,`
			`exc_info=e,`
			`)`

			`if response.status_code == status.HTTP_201_CREATED:`
			`extra = {"response": response.content.decode("utf-8")}`
			`# This a temporary broken solution. Password will soon be sent`
			`# from OX servers but their prod is not ready.`
			`# In the meantime, we log mailbox info (including password !)`
			`logger.info(`
			`"Mailbox successfully created on domain %s",`
			`mailbox.domain.name,`
			`extra=extra,`
			`)`

			`return response`