🗃️(models) remove 'secret' field from mailbox model

We remove 'secret' field, as it won't be of use in interactions
between la Régie and dimail. Régie credentials will be stored and used
as project variable.

CHANGELOG.md

@@ -13,11 +13,15 @@ and this project adheres to
 - 📈(monitoring) configure sentry monitoring #378
 - 🥅(frontend) improve api error handling #355
 
+### Changed
+
+- 🗃️(models) move dimail 'secret' to settings #372 
+
 ### Fixed
 
 - 🐛(dimail) improve handling of dimail errors on failed mailbox creation #377
--  💬(frontend) fix group member removal text #382
--  💬(frontend) fix add mail domain text #382
+- 💬(frontend) fix group member removal text #382
+- 💬(frontend) fix add mail domain text #382
 - 🐛(frontend) fix keyboard navigation #379
 - 🐛(frontend) fix add mail domain form submission #355
 

src/backend/mailbox_manager/migrations/0013_remove_maildomain_secret.py

@@ -0,0 +1,17 @@
+# Generated by Django 5.1 on 2024-08-30 12:46
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('mailbox_manager', '0012_alter_mailbox_local_part'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='maildomain',
+            name='secret',
+        ),
+    ]

src/backend/mailbox_manager/models.py

@@ -26,7 +26,6 @@ class MailDomain(BaseModel):
         default=MailDomainStatusChoices.PENDING,
         choices=MailDomainStatusChoices.choices,
     )
-    secret = models.CharField(_("secret"), max_length=255, null=True, blank=True)
 
     class Meta:
         db_table = "people_mail_domain"
@@ -139,15 +138,19 @@ class Mailbox(BaseModel):
         return f"{self.local_part!s}@{self.domain.name:s}"
 
     def clean(self):
-        """Mailboxes can be created only on enabled domains, with a set secret."""
+        """
+        Mailboxes can only be created on enabled domains.
+        Also, mail-provisioning API credentials must be set for dimail to allow auth.
+        """
         if self.domain.status != MailDomainStatusChoices.ENABLED:
             raise exceptions.ValidationError(
                 "You can create mailbox only for a domain enabled"
             )
 
-        if not self.domain.secret:
+        # Won't be able to query user token if MAIL_PROVISIONING_API_CREDENTIALS are not set
+        if not settings.MAIL_PROVISIONING_API_CREDENTIALS:
             raise exceptions.ValidationError(
-                "Please configure your domain's secret before creating any mailbox."
+                "Please configure MAIL_PROVISIONING_API_CREDENTIALS before creating any mailbox."
             )
 
     def save(self, *args, **kwargs):

src/backend/mailbox_manager/utils/dimail.py

@@ -30,14 +30,16 @@ class DimailAPIClient:
 
     API_URL = settings.MAIL_PROVISIONING_API_URL
 
-    def get_headers(self, domain):
+    def get_headers(self):
         """Build header dict from domain object."""
         # self.secret is the encoded basic auth, to request a new token from dimail-api
         headers = {"Content-Type": "application/json"}
 
         response = requests.get(
             f"{self.API_URL}/token/",
-            headers={"Authorization": f"Basic {domain.secret}"},
+            headers={
+                "Authorization": f"Basic {settings.MAIL_PROVISIONING_API_CREDENTIALS}"
+            },
             timeout=20,
         )
 
@@ -48,8 +50,8 @@ class DimailAPIClient:
 
         if response.status_code == status.HTTP_403_FORBIDDEN:
             logger.error(
-                "[DIMAIL] 403 Forbidden: please check the mail domain secret of %s",
-                domain.name,
+                "[DIMAIL] 403 Forbidden: Could not retrieve a token,\
+                please check 'MAIL_PROVISIONING_API_CREDENTIALS' setting.",
             )
             raise exceptions.PermissionDenied
 
@@ -68,7 +70,7 @@ class DimailAPIClient:
             response = session.post(
                 f"{self.API_URL}/domains/{mailbox.domain}/mailboxes/{mailbox.local_part}/",
                 json=payload,
-                headers=self.get_headers(mailbox.domain),
+                headers=self.get_headers(),
                 verify=True,
                 timeout=10,
             )
@@ -98,7 +100,7 @@ class DimailAPIClient:
 
         if response.status_code == status.HTTP_403_FORBIDDEN:
             raise exceptions.PermissionDenied(
-                f"Secret not valid for this domain {mailbox.domain.name}"
+                "Permission denied. Please check your MAIL_PROVISIONING_API_CREDENTIALS."
             )
 
         return self.pass_dimail_unexpected_response(response)

src/backend/people/settings.py

@@ -415,12 +415,17 @@ class Base(Configuration):
 
     OIDC_TIMEOUT = values.Value(None, environ_name="OIDC_TIMEOUT", environ_prefix=None)
 
-    # mailboxes provisioning API
+    # MAILBOX-PROVISIONING API
     MAIL_PROVISIONING_API_URL = values.Value(
         default="https://api.dev.ox.numerique.gouv.fr",
         environ_name="MAIL_PROVISIONING_API_URL",
         environ_prefix=None,
     )
+    MAIL_PROVISIONING_API_CREDENTIALS = values.Value(
+        default=None,
+        environ_name="MAIL_PROVISIONING_API_CREDENTIALS",
+        environ_prefix=None,
+    )
 
     FEATURES = {
         "TEAMS": values.BooleanValue(
@@ -575,6 +580,9 @@ class Test(Base):
 
     CELERY_TASK_ALWAYS_EAGER = values.BooleanValue(True)
 
+    # this is a dev credentials for mail provisioning API
+    MAIL_PROVISIONING_API_CREDENTIALS = "bGFfcmVnaWU6cGFzc3dvcmQ"
+
 
 class ContinuousIntegration(Test):
     """