diff --git a/src/main/java/com/gepardec/mega/rest/api/MailResource.java b/src/main/java/com/gepardec/mega/rest/api/MailResource.java index 74253527..84ff2bb7 100644 --- a/src/main/java/com/gepardec/mega/rest/api/MailResource.java +++ b/src/main/java/com/gepardec/mega/rest/api/MailResource.java @@ -2,11 +2,8 @@ import io.quarkus.oidc.Tenant; import jakarta.ws.rs.GET; -import jakarta.ws.rs.POST; import jakarta.ws.rs.Path; import jakarta.ws.rs.Produces; -import jakarta.ws.rs.core.Context; -import jakarta.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; import org.eclipse.microprofile.openapi.annotations.Operation; @@ -24,21 +21,20 @@ @Tenant("mega-cron") @Tag(name = "MailResource") @Produces(MediaType.APPLICATION_JSON) -//@SecurityRequirement(name = "mega-cron") -//@SecuritySchemes( -// @SecurityScheme( -// securitySchemeName = "mega-cron", -// type = SecuritySchemeType.OAUTH2, -// flows = @OAuthFlows(clientCredentials = @OAuthFlow()) -// ) -//) +@SecurityRequirement(name = "mega-cron") +@SecuritySchemes( + @SecurityScheme( + securitySchemeName = "mega-cron", + type = SecuritySchemeType.OAUTH2, + flows = @OAuthFlows(clientCredentials = @OAuthFlow()) + ) +) public interface MailResource { @Operation(operationId = "send-reminder", description = "Sends reminder emails to affected employees.") @GET @Path("/send-reminder") Response sendReminder(); -// service-60018822787@gcp-sa-pubsub.iam.gserviceaccount.com /** * The sole purpose of this endpoint is to trigger the retrieval of emails from the ZEP inbox manually. @@ -52,23 +48,7 @@ public interface MailResource { @Path("/retrieve-zep-mails") Response retrieveZepEmailsFromInbox(); - /** - * This endpoint serves as a webhook for new emails from ZEP to trigger comment creation. - * A Google Cloud Pub/Sub subscription is set up to call this endpoint when a new email is received. - * - * @return - */ - @Operation(operationId = "gmailMessageReceivedWebhook", description = "Webhook for new emails from ZEP to trigger comment creation.") - @POST - @Path("/message-received") - Response gmailMessageReceivedWebhook(String payload); - @Path("/ping") @GET LocalDateTime ping(); - - @Tenant("google") - @Path("/ping") - @POST - LocalDateTime postPing(@Context HttpHeaders headers); } diff --git a/src/main/java/com/gepardec/mega/rest/api/PubSubResource.java b/src/main/java/com/gepardec/mega/rest/api/PubSubResource.java new file mode 100644 index 00000000..ee7404bc --- /dev/null +++ b/src/main/java/com/gepardec/mega/rest/api/PubSubResource.java @@ -0,0 +1,33 @@ +package com.gepardec.mega.rest.api; + +import io.quarkus.oidc.Tenant; +import io.quarkus.security.Authenticated; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.core.Context; +import jakarta.ws.rs.core.HttpHeaders; +import jakarta.ws.rs.core.Response; +import org.eclipse.microprofile.openapi.annotations.Operation; + +import java.time.LocalDateTime; + +@Tenant("pubsub") +@Path("/pubsub") +public interface PubSubResource { + + /** + * This endpoint serves as a webhook for new emails from ZEP to trigger comment creation. + * A Google Cloud Pub/Sub subscription is set up to call this endpoint when a new email is received. + * + * @return + */ + @Operation(operationId = "gmailMessageReceivedWebhook", description = "Webhook for new emails from ZEP to trigger comment creation.") + @POST + @Path("/message-received") + Response gmailMessageReceivedWebhook(String payload); + + @Path("/ping") + @POST + LocalDateTime postPing(@Context HttpHeaders headers); +} diff --git a/src/main/java/com/gepardec/mega/rest/impl/MailResourceImpl.java b/src/main/java/com/gepardec/mega/rest/impl/MailResourceImpl.java index 6ca453dc..fa2f3144 100644 --- a/src/main/java/com/gepardec/mega/rest/impl/MailResourceImpl.java +++ b/src/main/java/com/gepardec/mega/rest/impl/MailResourceImpl.java @@ -1,22 +1,18 @@ package com.gepardec.mega.rest.impl; -import com.gepardec.mega.application.exception.UnauthorizedException; import com.gepardec.mega.notification.mail.ReminderEmailSender; import com.gepardec.mega.notification.mail.receiver.MailReceiver; import com.gepardec.mega.rest.api.MailResource; +import jakarta.annotation.security.RolesAllowed; import jakarta.enterprise.context.RequestScoped; import jakarta.inject.Inject; -import jakarta.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.Response; -import org.eclipse.microprofile.jwt.Claim; -import org.eclipse.microprofile.jwt.ClaimValue; -import org.eclipse.microprofile.jwt.Claims; import org.slf4j.Logger; import java.time.LocalDateTime; @RequestScoped -//@RolesAllowed("mega-cron:mail") +@RolesAllowed("mega-cron:mail") public class MailResourceImpl implements MailResource { @Inject @@ -52,38 +48,8 @@ public Response retrieveZepEmailsFromInbox() { return Response.ok().build(); } - @Override - public Response gmailMessageReceivedWebhook(String payload) { - try { - logger.info("Received payload: {}", payload); - mailReceiver.retrieveZepEmailsFromInbox(); - } catch (Exception e) { - logger.error(e.getMessage()); - return Response.serverError().entity(e.getMessage()).build(); - } - - return Response.ok().build(); - } - @Override public LocalDateTime ping() { return LocalDateTime.now(); } - - @Inject - @Claim(standard = Claims.email) - ClaimValue email; - - @Override - public LocalDateTime postPing(HttpHeaders httpHeaders) { - logger.info("Received POST request"); - logger.info("Headers: {}", httpHeaders.getRequestHeaders()); - logger.info("Email: {}", email.getValue()); - - if (!"gepardec-service-mail@mega-260510.iam.gserviceaccount.com".equals(email.getValue())) { - throw new UnauthorizedException("Account not authorized to access this resource."); - } - - return LocalDateTime.now(); - } } diff --git a/src/main/java/com/gepardec/mega/rest/impl/PubSubResourceImpl.java b/src/main/java/com/gepardec/mega/rest/impl/PubSubResourceImpl.java new file mode 100644 index 00000000..a361bb05 --- /dev/null +++ b/src/main/java/com/gepardec/mega/rest/impl/PubSubResourceImpl.java @@ -0,0 +1,42 @@ +package com.gepardec.mega.rest.impl; + +import com.gepardec.mega.notification.mail.receiver.MailReceiver; +import com.gepardec.mega.rest.api.PubSubResource; +import io.quarkus.security.Authenticated; +import jakarta.inject.Inject; +import jakarta.ws.rs.core.HttpHeaders; +import jakarta.ws.rs.core.Response; +import org.slf4j.Logger; + +import java.time.LocalDateTime; + +@Authenticated +public class PubSubResourceImpl implements PubSubResource { + + @Inject + Logger logger; + + @Inject + MailReceiver mailReceiver; + + @Override + public Response gmailMessageReceivedWebhook(String payload) { + try { + logger.info("Received payload: {}", payload); + mailReceiver.retrieveZepEmailsFromInbox(); + } catch (Exception e) { + logger.error(e.getMessage()); + return Response.serverError().entity(e.getMessage()).build(); + } + + return Response.ok().build(); + } + + @Override + public LocalDateTime postPing(HttpHeaders httpHeaders) { + logger.info("Received POST request"); + logger.info("Headers: {}", httpHeaders.getRequestHeaders()); + + return LocalDateTime.now(); + } +} diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index f88ab824..04f704dc 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -102,11 +102,12 @@ quarkus: roles: source: accesstoken role-claim-path: "resource_access/mega-cron/roles" - google: - auth-server-url: "https://accounts.google.com" + pubsub: + provider: google application-type: "service" - token: - issuer: "https://accounts.google.com" + + + mp: openapi: