Merge pull request #273 from pagopa/SELC-7067_add_otp_email_endpoint

AleDore · web-flow · commit 91cafb050466 · 2025-06-20T17:17:24.000+02:00
[#SELC-7067] Add Send OTP mail endpoint
diff --git a/apps/user-ms/src/main/docs/openapi.json b/apps/user-ms/src/main/docs/openapi.json
@@ -1579,6 +1579,55 @@
         } ]
       }
     },
+    "/users/{userId}/send-mail-otp" : {
+      "post" : {
+        "tags" : [ "User" ],
+        "summary" : "Send an email with OTP",
+        "description" : "The sendEmailOtp function is used to send email containing a One Time Password for account verification",
+        "operationId" : "sendEmailOtp",
+        "parameters" : [ {
+          "name" : "userId",
+          "in" : "path",
+          "required" : true,
+          "schema" : {
+            "type" : "string"
+          }
+        } ],
+        "requestBody" : {
+          "content" : {
+            "application/json" : {
+              "schema" : {
+                "$ref" : "#/components/schemas/SendEmailOtpDto"
+              }
+            }
+          }
+        },
+        "responses" : {
+          "202" : {
+            "description" : "Email send accepted!"
+          },
+          "400" : {
+            "description" : "Bad Request",
+            "content" : {
+              "application/problem+json" : {
+                "schema" : {
+                  "$ref" : "#/components/schemas/Problem"
+                }
+              }
+            }
+          },
+          "401" : {
+            "description" : "Not Authorized"
+          },
+          "403" : {
+            "description" : "Not Allowed"
+          }
+        },
+        "security" : [ {
+          "SecurityScheme" : [ ]
+        } ]
+      }
+    },
     "/users/{userId}/send-mail-request" : {
       "post" : {
         "tags" : [ "User" ],
@@ -1891,6 +1940,20 @@
           }
         }
       },
+      "SendEmailOtpDto" : {
+        "required" : [ "otp", "institutionalEmail" ],
+        "type" : "object",
+        "properties" : {
+          "otp" : {
+            "minLength" : 1,
+            "type" : "string"
+          },
+          "institutionalEmail" : {
+            "minLength" : 1,
+            "type" : "string"
+          }
+        }
+      },
       "SendMailDto" : {
         "required" : [ "userMailUuid", "institutionName", "productId", "role" ],
         "type" : "object",
diff --git a/apps/user-ms/src/main/docs/openapi.yaml b/apps/user-ms/src/main/docs/openapi.yaml
@@ -1122,6 +1122,40 @@ paths:
           description: Not Allowed
       security:
       - SecurityScheme: []
+  /users/{userId}/send-mail-otp:
+    post:
+      tags:
+      - User
+      summary: Send an email with OTP
+      description: The sendEmailOtp function is used to send email containing a One
+        Time Password for account verification
+      operationId: sendEmailOtp
+      parameters:
+      - name: userId
+        in: path
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/SendEmailOtpDto"
+      responses:
+        "202":
+          description: Email send accepted!
+        "400":
+          description: Bad Request
+          content:
+            application/problem+json:
+              schema:
+                $ref: "#/components/schemas/Problem"
+        "401":
+          description: Not Authorized
+        "403":
+          description: Not Allowed
+      security:
+      - SecurityScheme: []
   /users/{userId}/send-mail-request:
     post:
       tags:
@@ -1374,6 +1408,18 @@ components:
       properties:
         fiscalCode:
           type: string
+    SendEmailOtpDto:
+      required:
+      - otp
+      - institutionalEmail
+      type: object
+      properties:
+        otp:
+          minLength: 1
+          type: string
+        institutionalEmail:
+          minLength: 1
+          type: string
     SendMailDto:
       required:
       - userMailUuid
diff --git a/apps/user-ms/src/main/java/it/pagopa/selfcare/user/constant/TemplateMailConstant.java b/apps/user-ms/src/main/java/it/pagopa/selfcare/user/constant/TemplateMailConstant.java
@@ -17,4 +17,6 @@ public class TemplateMailConstant {
     public static final String CREATE_TEMPLATE_MULTIPLE_ROLE = "user_added_multi_role.ftlh";
     public static final String CREATE_SUBJECT = "Hai un nuovo ruolo per un prodotto PagoPA";
     public static final String CREATE_TEMPLATE_SINGLE_ROLE = "user_added_single_role.ftlh";
+    public static final String OTP_SUBJECT = "Conferma la tua identità";
+    public static final String OTP_TEMPLATE = "user_otp.ftlh";
 }
diff --git a/apps/user-ms/src/main/java/it/pagopa/selfcare/user/controller/UserController.java b/apps/user-ms/src/main/java/it/pagopa/selfcare/user/controller/UserController.java
@@ -9,6 +9,7 @@
 import it.pagopa.selfcare.user.controller.request.AddUserRoleDto;
 import it.pagopa.selfcare.user.controller.request.CreateUserDto;
 import it.pagopa.selfcare.user.controller.request.SendMailDto;
+import it.pagopa.selfcare.user.controller.request.SendEmailOtpDto;
 import it.pagopa.selfcare.user.controller.response.*;
 import it.pagopa.selfcare.user.controller.response.product.SearchUserDto;
 import it.pagopa.selfcare.user.exception.InvalidRequestException;
@@ -431,6 +432,25 @@ public Uni<Void> sendMailRequest(@PathParam("userId") String userId,
                 .onItem().transformToUni(loggedUser -> userService.sendMail(userId, sendMailDto.getUserMailUuid(), sendMailDto.getInstitutionName(), sendMailDto.getProductId(), sendMailDto.getRole(), loggedUser));
     }
 
+    @APIResponses({
+            @APIResponse(responseCode = "202", description = "Email send accepted!"),
+            @APIResponse(responseCode = "400", description = "Bad Request", content = @Content(schema = @Schema(implementation = Problem.class), mediaType = "application/problem+json"))
+    })
+    @Operation(description = "The sendEmailOtp function is used to send email containing a One Time Password for account verification", summary = "Send an email with OTP")
+    @POST
+    @Path(value = "/{userId}/send-mail-otp")
+    @Tag(name = "User")
+    @Consumes(MediaType.APPLICATION_JSON)
+    @Produces(MediaType.APPLICATION_JSON)
+    public Uni<Response> sendEmailOtp(@PathParam(value = "userId") String userId,
+                                      @Valid SendEmailOtpDto sendEmailOtpDto,
+                                      @Context SecurityContext ctx) {
+        return readUserIdFromToken(ctx)
+                .onItem().transformToUni(loggedUser -> userService.sendEmailOtp(userId, sendEmailOtpDto.getInstitutionalEmail(), sendEmailOtpDto.getOtp()))
+                .map(response -> Response
+                        .status(HttpStatus.SC_ACCEPTED).build());
+    }
+
     private Uni<LoggedUser> readUserIdFromToken(SecurityContext ctx) {
         return currentIdentityAssociation.getDeferredIdentity()
                 .onItem().transformToUni(identity -> {
diff --git a/apps/user-ms/src/main/java/it/pagopa/selfcare/user/controller/request/SendEmailOtpDto.java b/apps/user-ms/src/main/java/it/pagopa/selfcare/user/controller/request/SendEmailOtpDto.java
@@ -0,0 +1,14 @@
+package it.pagopa.selfcare.user.controller.request;
+
+import jakarta.validation.constraints.NotEmpty;
+import lombok.Data;
+
+@Data
+public class SendEmailOtpDto {
+
+    @NotEmpty(message = "otp is required")
+    private String otp;
+
+    @NotEmpty(message = "institutionalEmail is required")
+    private String institutionalEmail;
+}
diff --git a/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserNotificationService.java b/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserNotificationService.java
@@ -19,4 +19,6 @@ public interface UserNotificationService {
     Uni<Void> sendCreateUserNotification(String institutionDescription, List<String> roleLabels, UserResource userResource, UserInstitution userInstitution, Product product, LoggedUser loggedUser);
 
     Uni<Void> buildDataModelRequestAndSendEmail(UserResource user, UserInstitution institution, Product product, PartyRole productRole, String loggedUserName, String loggedUserSurname);
+
+    Uni<Void> sendOtpNotification(String institutionalEmail, String name, String otp);
 }
diff --git a/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserNotificationServiceImpl.java b/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserNotificationServiceImpl.java
@@ -126,6 +126,16 @@ public Uni<Void> sendCreateUserNotification(String institutionDescription, List<
                 .onItem().invoke(() -> log.debug("sendCreateNotification end"));
     }
 
+    @Override
+    public Uni<Void> sendOtpNotification(String institutionalEmail, String name, String otp) {
+        log.debug("sendOtpNotification start");
+
+        Map<String, String> dataModel = Map.of("name",name, "otp", otp);
+
+        return this.sendEmailNotification(OTP_TEMPLATE, OTP_SUBJECT, institutionalEmail, dataModel)
+                .onItem().invoke(() -> log.debug("sendOtpNotification end"));
+    }
+
     private Map<String, String> buildCreateEmailDataModel(LoggedUser loggedUser, Product product, String institutionDescription, List<String> productRoleCodes) {
         Map<String, String> dataModel = new HashMap<>();
         dataModel.put(REQUESTER_NAME, Optional.ofNullable(loggedUser.getName()).orElse(""));
diff --git a/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserService.java b/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserService.java
@@ -67,4 +67,6 @@ public interface UserService {
     Uni<Boolean> checkUser(String fiscalCode, String institutionId, String productId);
 
     Uni<Void> sendMail(String userId, String userMailUuid, String institutionName, String productId, PartyRole productRole, LoggedUser loggedUser);
+
+    Uni<Void> sendEmailOtp(String userId, String institutionalEmail, String otp);
 }
diff --git a/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserServiceImpl.java b/apps/user-ms/src/main/java/it/pagopa/selfcare/user/service/UserServiceImpl.java
@@ -916,6 +916,14 @@ public Uni<Boolean> checkUser(String fiscalCode, String institutionId, String pr
                 .recoverWithItem(false);
     }
 
+    @Override
+    public Uni<Void> sendEmailOtp(String userId, String institutionalEmail, String otp) {
+        return userRegistryService.findByIdUsingGET(USERS_WORKS_FIELD_LIST, userId)
+                .map(userResource -> userResource.getName().getValue()).chain(name ->
+                        userNotificationService.sendOtpNotification(institutionalEmail,name, otp)
+                );
+    }
+
     private boolean isNotFound(Throwable throwable) {
         return ((WebApplicationException) throwable).getResponse().getStatus() == 404;
     }
diff --git a/apps/user-ms/src/test/java/it/pagopa/selfcare/user/controller/UserControllerTest.java b/apps/user-ms/src/test/java/it/pagopa/selfcare/user/controller/UserControllerTest.java
@@ -12,6 +12,7 @@
 import it.pagopa.selfcare.user.controller.request.AddUserRoleDto;
 import it.pagopa.selfcare.user.controller.request.CreateUserDto;
 import it.pagopa.selfcare.user.controller.request.SendMailDto;
+import it.pagopa.selfcare.user.controller.request.SendEmailOtpDto;
 import it.pagopa.selfcare.user.controller.response.*;
 import it.pagopa.selfcare.user.controller.response.product.SearchUserDto;
 import it.pagopa.selfcare.user.entity.UserInfo;
@@ -340,7 +341,7 @@ void testGetUserProductsInfoOk() {
                 .then()
                 .statusCode(200);
 
-        Mockito.verify(userService).retrieveBindings(any(), any(), any());
+        verify(userService).retrieveBindings(any(), any(), any());
 
     }
 
@@ -355,7 +356,7 @@ void testGetUserProductsInfoNotAuthorized() {
                 .then()
                 .statusCode(401);
 
-        Mockito.verify(userService, Mockito.never()).retrieveBindings(any(), any(), any());
+        verify(userService, Mockito.never()).retrieveBindings(any(), any(), any());
     }
 
 
@@ -802,6 +803,40 @@ void testSendMail_invalidRequestBody() {
                 .statusCode(400);
     }
 
+    @Test
+    @TestSecurity(user = "userJwt")
+    void testSendMailOtp() {
+        String PATH_USER_ID = "userId";
+        String PATH_SEND_MAIL = "/{userId}/send-mail-otp";
+        SendEmailOtpDto mailDto = createSendEmailOtpDto();
+        given()
+                .when()
+                .contentType(ContentType.JSON)
+                .pathParam(PATH_USER_ID, "userId")
+                .body(mailDto)
+                .post(PATH_SEND_MAIL)
+                .then()
+                .statusCode(202);
+
+        verify(userService, times(1)).sendEmailOtp(anyString(), anyString(), anyString());
+    }
+
+    @Test
+    @TestSecurity(user = "userJwt")
+    void testSendMailOtp_invalidRequestBody() {
+        String PATH_USER_ID = "userId";
+        String PATH_SEND_MAIL = "/{userId}/send-mail-otp";
+        SendEmailOtpDto mailDto = new SendEmailOtpDto();
+        given()
+                .when()
+                .contentType(ContentType.JSON)
+                .body(mailDto)
+                .pathParam(PATH_USER_ID, "userId")
+                .post(PATH_SEND_MAIL)
+                .then()
+                .statusCode(400);
+    }
+
     private CreateUserDto buildCreateUserDto() {
         CreateUserDto userDto = new CreateUserDto();
         userDto.setInstitutionId("institutionId");
@@ -873,4 +908,11 @@ private SendMailDto createSendMailDto() {
         sendMailDto.setRole(MANAGER);
         return sendMailDto;
     }
+
+    private SendEmailOtpDto createSendEmailOtpDto() {
+        SendEmailOtpDto sendMailDto = new SendEmailOtpDto();
+        sendMailDto.setOtp("123456");
+        sendMailDto.setInstitutionalEmail("test@test.com");
+        return sendMailDto;
+    }
 }
diff --git a/apps/user-ms/src/test/java/it/pagopa/selfcare/user/service/UserNotificationServiceImplTest.java b/apps/user-ms/src/test/java/it/pagopa/selfcare/user/service/UserNotificationServiceImplTest.java
@@ -475,4 +475,23 @@ void testSendMailNotificationForOnboardingRequest() throws IOException {
 
     }
 
+    @Test
+    void testSendMailNotificationForOtp() throws IOException {
+        Configuration freemarkerConfig = mock(Configuration.class);
+        CloudTemplateLoader cloudTemplateLoader = mock(CloudTemplateLoader.class);
+        when(freemarkerConfig.getTemplate(anyString())).thenReturn(mock(freemarker.template.Template.class));
+        when(freemarkerConfig.getTemplateLoader()).thenReturn(cloudTemplateLoader);
+
+        UserNotificationServiceImpl userNotificationServiceImpl = new UserNotificationServiceImpl(freemarkerConfig, cloudTemplateLoader, mailService, true, telemetryClient);
+        when(mailService.sendMail(anyString(), anyString(), anyString())).thenReturn(Uni.createFrom().voidItem());
+
+        userNotificationServiceImpl.sendOtpNotification(
+                        "test@test.com", "name", "123456"
+                )
+                .subscribe()
+                .withSubscriber(UniAssertSubscriber.create())
+                .awaitItem().assertCompleted();
+        verify(mailService, times(1)).sendMail(anyString(), anyString(), anyString());
+
+    }
 }
diff --git a/apps/user-ms/src/test/java/it/pagopa/selfcare/user/service/UserServiceTest.java b/apps/user-ms/src/test/java/it/pagopa/selfcare/user/service/UserServiceTest.java

Original file line number	Diff line number	Diff line change
`@@ -17,4 +17,6 @@ public class TemplateMailConstant {`
`17`	`17`	`public static final String CREATE_TEMPLATE_MULTIPLE_ROLE = "user_added_multi_role.ftlh";`
`18`	`18`	`public static final String CREATE_SUBJECT = "Hai un nuovo ruolo per un prodotto PagoPA";`
`19`	`19`	`public static final String CREATE_TEMPLATE_SINGLE_ROLE = "user_added_single_role.ftlh";`
	`20`	`+ public static final String OTP_SUBJECT = "Conferma la tua identità";`
	`21`	`+ public static final String OTP_TEMPLATE = "user_otp.ftlh";`
`20`	`22`	`}`
Original file line number	Diff line number	Diff line change
`@@ -19,4 +19,6 @@ public interface UserNotificationService {`
`19`	`19`	`Uni<Void> sendCreateUserNotification(String institutionDescription, List<String> roleLabels, UserResource userResource, UserInstitution userInstitution, Product product, LoggedUser loggedUser);`
`20`	`20`
`21`	`21`	`Uni<Void> buildDataModelRequestAndSendEmail(UserResource user, UserInstitution institution, Product product, PartyRole productRole, String loggedUserName, String loggedUserSurname);`
	`22`	`+`
	`23`	`+ Uni<Void> sendOtpNotification(String institutionalEmail, String name, String otp);`
`22`	`24`	`}`
Original file line number	Diff line number	Diff line change
`@@ -67,4 +67,6 @@ public interface UserService {`
`67`	`67`	`Uni<Boolean> checkUser(String fiscalCode, String institutionId, String productId);`
`68`	`68`
`69`	`69`	`Uni<Void> sendMail(String userId, String userMailUuid, String institutionName, String productId, PartyRole productRole, LoggedUser loggedUser);`
	`70`	`+`
	`71`	`+ Uni<Void> sendEmailOtp(String userId, String institutionalEmail, String otp);`
`70`	`72`	`}`
Original file line number	Diff line number	Diff line change
`@@ -916,6 +916,14 @@ public Uni<Boolean> checkUser(String fiscalCode, String institutionId, String pr`
`916`	`916`	`.recoverWithItem(false);`
`917`	`917`	`}`
`918`	`918`
	`919`	`+ @Override`
	`920`	`+ public Uni<Void> sendEmailOtp(String userId, String institutionalEmail, String otp) {`
	`921`	`+ return userRegistryService.findByIdUsingGET(USERS_WORKS_FIELD_LIST, userId)`
	`922`	`+ .map(userResource -> userResource.getName().getValue()).chain(name ->`
	`923`	`+ userNotificationService.sendOtpNotification(institutionalEmail,name, otp)`
	`924`	`+ );`
	`925`	`+ }`
	`926`	`+`
`919`	`927`	`private boolean isNotFound(Throwable throwable) {`
`920`	`928`	`return ((WebApplicationException) throwable).getResponse().getStatus() == 404;`
`921`	`929`	`}`