update sending email

Author: doukoure2018

micro-digiservices/authorizationserver/src/main/java/io/digiservices/authorizationserver/security/AuthorizationServerConfig.java

@@ -2,6 +2,8 @@
 
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import io.digiservices.authorizationserver.model.User;
+import io.digiservices.authorizationserver.repository.UserRepository;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpSession;
 import lombok.RequiredArgsConstructor;
@@ -27,7 +29,9 @@
 import org.springframework.security.oauth2.core.OAuth2RefreshToken;
 import org.springframework.security.oauth2.core.OAuth2Token;
 import org.springframework.security.oauth2.core.oidc.OidcScopes;
+import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames;
 import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
+import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
 import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
@@ -80,6 +84,8 @@ public class AuthorizationServerConfig {
     @Value("${UI_APP_URL:https://digi-creditrural-io.com}")
     private String uiAppUrl;
 
+    private final UserRepository userRepository;
+
     @Bean
     @Order(1)
     public SecurityFilterChain oauth2ServerConfig(HttpSecurity http, RegisteredClientRepository registeredClientRepository, OAuth2TokenCustomizer<JwtEncodingContext> customizer) throws Exception {
@@ -253,12 +259,50 @@ public AuthorizationServerSettings authorizationServerSettings()
     @Bean
     public OAuth2TokenCustomizer<JwtEncodingContext> customizer() {
         return context -> {
-            if(ACCESS_TOKEN.equals(context.getTokenType())) {
-                context.getClaims().claims(claims -> claims.put(AUTHORITY_KEY, getAuthorities(context)));
+            Authentication principal = context.getPrincipal();
+
+            // Add authorities to access token
+            if (OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType())) {
+                context.getClaims().claims(claims ->
+                        claims.put(AUTHORITY_KEY, getAuthoritiesAsString(context))
+                );
+            }
+
+            // Add user info to ID token for Flutter app
+            if (OidcParameterNames.ID_TOKEN.equals(context.getTokenType().getValue())) {
+                try {
+                    // The principal IS the User object!
+                    Object principalObj = principal.getPrincipal();
+
+                    if (principalObj instanceof User) {
+                        User user = (User) principalObj;
+
+                        log.info("✅ Adding user claims to ID token for user: {} (ID: {})",
+                                user.getEmail(), user.getUserId());
+
+                        context.getClaims()
+                                .claim("sub", user.getUserId().toString())
+                                .claim("name", user.getFirstName() + " " + user.getLastName())
+                                .claim("given_name", user.getFirstName())
+                                .claim("family_name", user.getLastName())
+                                .claim("email", user.getEmail())
+                                .claim("preferred_username", user.getEmail());
+                    } else {
+                        log.warn("⚠️ Principal is not a User object: {}", principalObj.getClass().getName());
+                    }
+                } catch (Exception e) {
+                    log.error("❌ Error adding user claims to ID token: {}", e.getMessage(), e);
+                }
             }
         };
     }
 
+    // Method for access token authorities (returns String)
+    private String getAuthoritiesAsString(JwtEncodingContext context) {
+        return context.getPrincipal().getAuthorities().stream()
+                .map(GrantedAuthority::getAuthority)
+                .collect(Collectors.joining(","));
+    }
     @Bean
     public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
         JdbcRegisteredClientRepository repository = new JdbcRegisteredClientRepository(jdbcTemplate);
@@ -305,6 +349,8 @@ public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTe
         return repository;
     }
 
+
+
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         var corsConfiguration = new CorsConfiguration();

micro-digiservices/authorizationserver/src/main/java/io/digiservices/authorizationserver/security/MobileOAuthSessionFilter.java

@@ -0,0 +1,44 @@
+package io.digiservices.authorizationserver.security;
+
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpSession;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+@Slf4j
+@Component
+@Order(1) // Execute early in filter chain
+public class MobileOAuthSessionFilter implements Filter {
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+
+        HttpServletRequest httpRequest = (HttpServletRequest) request;
+
+        // Check if this is a mobile OAuth authorization request
+        if (httpRequest.getRequestURI().contains("/oauth2/authorize")) {
+            String clientId = httpRequest.getParameter("client_id");
+            String redirectUri = httpRequest.getParameter("redirect_uri");
+
+            log.info("OAuth2 authorize request - client_id: {}, redirect_uri: {}", clientId, redirectUri);
+
+            // Clear session for mobile app requests to force fresh login
+            if ("mobile-app-client".equals(clientId)) {
+                HttpSession session = httpRequest.getSession(false);
+                if (session != null) {
+                    log.info("✂️ Clearing existing session for mobile OAuth request");
+                    session.invalidate();
+                } else {
+                    log.info("ℹ️ No existing session found for mobile OAuth request");
+                }
+            }
+        }
+
+        chain.doFilter(request, response);
+    }
+}

micro-digiservices/notificationservice/pom.xml

@@ -107,6 +107,11 @@
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>com.sendgrid</groupId>
+            <artifactId>sendgrid-java</artifactId>
+            <version>4.10.2</version>
+        </dependency>
     </dependencies>
 
 </project>

micro-digiservices/notificationservice/src/main/java/io/digiservices/notificationservice/service/impl/EmailServiceImpl.java

@@ -1,18 +1,20 @@
 package io.digiservices.notificationservice.service.impl;
 
+import com.sendgrid.*;
+import com.sendgrid.helpers.mail.Mail;
+import com.sendgrid.helpers.mail.objects.Content;
+import com.sendgrid.helpers.mail.objects.Email;
 import io.digiservices.notificationservice.exception.ApiException;
 import io.digiservices.notificationservice.service.EmailService;
-import jakarta.mail.internet.MimeMessage;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.mail.javamail.JavaMailSender;
-import org.springframework.mail.javamail.MimeMessageHelper;
 import org.springframework.scheduling.annotation.Async;
 import org.springframework.stereotype.Service;
 import org.thymeleaf.TemplateEngine;
 import org.thymeleaf.context.Context;
 
+import java.io.IOException;
 import java.util.Map;
 
 import static io.digiservices.notificationservice.utils.EmailUtils.getResetPasswordUrl;
@@ -24,20 +26,27 @@
 public class EmailServiceImpl implements EmailService {
 
     public static final String NEW_USER_ACCOUNT_VERIFICATION = "New Account Verification";
-    public static final String UTF_8_ENCODING = "UTF-8";
     public static final String ACCOUNT_VERIFICATION_TEMPLATE = "newaccount";
     public static final String PASSWORD_RESET_TEMPLATE = "resetpassword";
+    public static final String PASSWORD_RESET_REQUEST = "Reset Password Request";
     public static final String NEW_TICKET_TEMPLATE = "newticket";
     public static final String NEW_COMMENT_TEMPLATE = "newcomment";
     public static final String NEW_FILE_TEMPLATE = "newfile";
     public static final String NEW_TICKET_REQUEST = "New Support Ticket";
-    public static final String PASSWORD_RESET_REQUEST = "Password Reset Request";
-    private final JavaMailSender emailSender;
+
     private final TemplateEngine templateEngine;
+
+    @Value("${spring.sendgrid.api.key}")
+    private String sendGridApiKey;
+
+    @Value("${spring.sendgrid.from.email}")
+    private String fromEmail;
+
+    @Value("${spring.sendgrid.from.name}")
+    private String fromName;
+
     @Value("${verify.email.host}")
     private String host;
-    @Value("${spring.mail.username}")
-    private String fromEmail;
 
     @Override
     @Async
@@ -48,55 +57,74 @@ public void sendNewAccountHtmlEmail(String name, String to, String token) {
                     "name", name,
                     "url", getVerificationUrl(host, token)
             ));
-            var text = templateEngine.process(ACCOUNT_VERIFICATION_TEMPLATE, context);
-            MimeMessage message = getMimeMessage();
-            MimeMessageHelper helper = new MimeMessageHelper(message, true, UTF_8_ENCODING);
-            helper.setPriority(1);
-            helper.setSubject(NEW_USER_ACCOUNT_VERIFICATION);
-            helper.setFrom(fromEmail);
-            helper.setTo(to);
-            helper.setText(text, true);
-            emailSender.send(message);
+            var htmlContent = templateEngine.process(ACCOUNT_VERIFICATION_TEMPLATE, context);
+
+            sendEmail(to, NEW_USER_ACCOUNT_VERIFICATION, htmlContent);
+            log.info("Account verification email sent to: {}", to);
         } catch (Exception exception) {
-            log.error(exception.getMessage(), exception);
+            log.error("Error sending account verification email: {}", exception.getMessage(), exception);
             throw new ApiException("Unable to send email");
         }
     }
 
     @Override
+    @Async
     public void sendPasswordResetHtmlEmail(String name, String to, String token) {
         try {
             var context = new Context();
             context.setVariables(Map.of(
                     "name", name,
                     "url", getResetPasswordUrl(host, token)
             ));
-            var text = templateEngine.process(PASSWORD_RESET_TEMPLATE, context);
-            MimeMessage message = getMimeMessage();
-            MimeMessageHelper helper = new MimeMessageHelper(message, true, UTF_8_ENCODING);
-            helper.setPriority(1);
-            helper.setSubject(PASSWORD_RESET_REQUEST);
-            helper.setFrom(fromEmail);
-            helper.setTo(to);
-            helper.setText(text, true);
-            emailSender.send(message);
+            var htmlContent = templateEngine.process(PASSWORD_RESET_TEMPLATE, context);
+
+            sendEmail(to, PASSWORD_RESET_REQUEST, htmlContent);
+            log.info("Password reset email sent to: {}", to);
         } catch (Exception exception) {
-            log.error(exception.getMessage(), exception);
+            log.error("Error sending password reset email: {}", exception.getMessage(), exception);
             throw new ApiException("Unable to send email");
         }
     }
 
     @Override
     public void sendNewTicketHtmlEmail(String name, String email, String ticketTitle, String ticketNumber, String priority) {
-
+        // TODO: Implement when needed
     }
 
     @Override
     public void sendNewFilesHtmlEmail(String name, String email, String files, String ticketTitle, String ticketNumber, String priority, String date) {
-
+        // TODO: Implement when needed
     }
 
-    private MimeMessage getMimeMessage(){
-        return emailSender.createMimeMessage();
+    /**
+     * Core method to send email using SendGrid
+     */
+    private void sendEmail(String toEmail, String subject, String htmlContent) {
+        Email from = new Email(fromEmail, fromName);
+        Email to = new Email(toEmail);
+        Content content = new Content("text/html", htmlContent);
+        Mail mail = new Mail(from, subject, to, content);
+
+        SendGrid sg = new SendGrid(sendGridApiKey);
+        Request request = new Request();
+
+        try {
+            request.setMethod(Method.POST);
+            request.setEndpoint("mail/send");
+            request.setBody(mail.build());
+
+            Response response = sg.api(request);
+
+            if (response.getStatusCode() >= 200 && response.getStatusCode() < 300) {
+                log.info("Email sent successfully to {}. Status: {}", toEmail, response.getStatusCode());
+            } else {
+                log.error("Failed to send email to {}. Status: {}, Body: {}",
+                        toEmail, response.getStatusCode(), response.getBody());
+                throw new ApiException("Failed to send email. Status: " + response.getStatusCode());
+            }
+        } catch (IOException ex) {
+            log.error("Error calling SendGrid API: {}", ex.getMessage(), ex);
+            throw new ApiException("Failed to send email via SendGrid");
+        }
     }
-}
+}

micro-digiservices/notificationservice/src/main/resources/application-prod.yml

@@ -24,6 +24,14 @@ spring:
             required: true
     default-encoding: UTF-8
 
+
+  sendgrid:
+    api:
+      key: ${SENDGRID_API_KEY}
+    from:
+      email: ${SENDGRID_FROM_EMAIL:[email protected]}
+      name: ${SENDGRID_FROM_NAME:Digicrg}
+
   cloud:
     discovery:
       client:

micro-digiservices/notificationservice/src/main/resources/application.yml

@@ -25,6 +25,14 @@ spring:
             required: true
     default-encoding: UTF-8
 
+
+  sendgrid:
+    api:
+      key: ${SENDGRID_API_KEY}
+    from:
+      email: ${SENDGRID_FROM_EMAIL:[email protected]}
+      name: ${SENDGRID_FROM_NAME:Digicrg}
+
   cloud:
     discovery:
       client: