fix conflict

app/celery/process_ses_receipts_tasks.py

@@ -9,8 +9,8 @@ from celery.exceptions import Retry
 from flask import Blueprint, current_app, json, jsonify, request
 from sqlalchemy.orm.exc import NoResultFound
 
-from app import notify_celery, redis_store, statsd_client
-from app.celery.validate_sns import validate_sns_message
+from app import notify_celery, statsd_client
+from app.celery.validate_sns_message import sns_notification_handler
 from app.config import QueueNames
 from app.dao import notifications_dao
 from app.errors import InvalidRequest, register_errors
@@ -51,43 +51,15 @@ def verify_message_type(message_type: str):
 # got refactored into a task, which is fine, but it created a circular dependency. Will need
 # to investigate why GDS extracted this into a lambda
 @ses_callback_blueprint.route('/notifications/email/ses', methods=['POST'])
-def sns_callback_handler():
-    message_type = request.headers.get('x-amz-sns-message-type')
+def email_ses_callback_handler():
     try:
-        verify_message_type(message_type)
-    except InvalidMessageTypeException:
-        current_app.logger.exception(f"Response headers: {request.headers}\nResponse data: {request.data}")
+        data = sns_notification_handler(request.data, request.headers)
+    except Exception as e:
         raise InvalidRequest("SES-SNS callback failed: invalid message type", 400)
-
-    try:
-        message = json.loads(request.data.decode('utf-8'))
-    except decoder.JSONDecodeError:
-        current_app.logger.exception(f"Response headers: {request.headers}\nResponse data: {request.data}")
-        raise InvalidRequest("SES-SNS callback failed: invalid JSON given", 400)
-
-    try:
-        validate_sns_message(message)
-    except Exception as err:
-        current_app.logger.error(f"SES-SNS callback failed: validation failed! Response headers: {request.headers}\nResponse data: {request.data}\nError: Signature validation failed with error {err}")
-        raise InvalidRequest("SES-SNS callback failed: validation failed", 400)
-
-    if message.get('Type') == 'SubscriptionConfirmation':
-        url = message.get('SubscribeUrl') if 'SubscribeUrl' in message else message.get('SubscribeURL')
-        response = requests.get(url)
-        try:
-            response.raise_for_status()
-        except Exception as e:
-            current_app.logger.warning(f"Attempt to raise_for_status()SubscriptionConfirmation Type message files for response: {response.text} with error {e}")
-            raise e
-
-        return jsonify(
-            result="success", message="SES-SNS auto-confirm callback succeeded"
-        ), 200
-
-    # TODO remove after smoke testing on prod is implemented
-    current_app.logger.info(f"SNS message: {message} is a valid delivery status message. Attempting to process it now.")
     
-    process_ses_results.apply_async([{"Message": message.get("Message")}], queue=QueueNames.NOTIFY)
+    message = data.get("Message")
+    if "mail" in message:
+        process_ses_results.apply_async([{"Message": message}], queue=QueueNames.NOTIFY)
 
     return jsonify(
         result="success", message="SES-SNS callback succeeded"

app/celery/validate_sns_cert.py

@@ -68,10 +68,11 @@ def get_string_to_sign(sns_payload):
     return string_to_sign
 
 
-def validate_sns_message(sns_payload):
+def validate_sns_cert(sns_payload):
     """
     Adapted from the solution posted at
     https://github.com/boto/boto3/issues/2508#issuecomment-992931814
+    Modified to swap m2crypto for oscrypto
     """
     if not isinstance(sns_payload, dict):
         raise ValidationError("Unexpected message type {!r}".format(type(sns_payload).__name__))

app/celery/validate_sns_message.py

@@ -0,0 +1,66 @@
+import enum
+from datetime import timedelta
+from json import decoder
+
+import requests
+from flask import current_app, json
+
+from app.celery.validate_sns_cert import validate_sns_cert
+from app.errors import InvalidRequest
+
+
+DEFAULT_MAX_AGE = timedelta(days=10000)
+
+
+class SNSMessageType(enum.Enum):
+    SubscriptionConfirmation = 'SubscriptionConfirmation'
+    Notification = 'Notification'
+    UnsubscribeConfirmation = 'UnsubscribeConfirmation'
+
+
+class InvalidMessageTypeException(Exception):
+    pass
+
+
+def verify_message_type(message_type: str):
+    try:
+        SNSMessageType(message_type)
+    except ValueError:
+        raise InvalidRequest("SES-SNS callback failed: invalid message type", 400)
+
+
+def sns_notification_handler(data, headers):
+    message_type = headers.get('x-amz-sns-message-type')
+    try:
+        verify_message_type(message_type)
+    except InvalidMessageTypeException:
+        current_app.logger.exception(f"Response headers: {headers}\nResponse data: {data}")
+        raise InvalidRequest("SES-SNS callback failed: invalid message type", 400)
+
+    try:
+        message = json.loads(data.decode('utf-8'))
+    except decoder.JSONDecodeError:
+        current_app.logger.exception(f"Response headers: {headers}\nResponse data: {data}")
+        raise InvalidRequest("SES-SNS callback failed: invalid JSON given", 400)
+
+    try:
+        validate_sns_cert(message)
+    except Exception as e:
+        current_app.logger.error(f"SES-SNS callback failed: validation failed with error: Signature validation failed with error {e}")
+        raise InvalidRequest("SES-SNS callback failed: validation failed", 400)
+
+    if message.get('Type') == 'SubscriptionConfirmation':
+        url = message.get('SubscribeUrl') if 'SubscribeUrl' in message else message.get('SubscribeURL')
+        response = requests.get(url)
+        try:
+            response.raise_for_status()
+        except Exception as e:
+            current_app.logger.warning(f"Attempt to raise_for_status()SubscriptionConfirmation Type message files for response: {response.text} with error {e}")
+            raise InvalidRequest("SES-SNS callback failed: attempt to raise_for_status()SubscriptionConfirmation Type message failed", 400)
+        current_app.logger.info("SES-SNS auto-confirm subscription callback succeeded")
+        return message
+
+    # TODO remove after smoke testing on prod is implemented
+    current_app.logger.info(f"SNS message: {message} is a valid message. Attempting to process it now.")
+    
+    return message

app/config.py

@@ -118,7 +118,7 @@ class Config(object):
     NOTIFY_EMAIL_DOMAIN = 'notify.sandbox.10x.gsa.gov'
     
     # AWS SNS topics for delivery receipts
-    VALID_SNS_TOPICS = ['notify_test_bounce', 'notify_test_success', 'notify_test_complaint']
+    VALID_SNS_TOPICS = ['notify_test_bounce', 'notify_test_success', 'notify_test_complaint', 'notify_test_sms_inbound']
 
     # URL of redis instance
     REDIS_URL = os.environ.get('REDIS_URL')
@@ -193,7 +193,7 @@ class Config(object):
     MOU_SIGNER_RECEIPT_TEMPLATE_ID = '4fd2e43c-309b-4e50-8fb8-1955852d9d71'
     MOU_SIGNED_ON_BEHALF_SIGNER_RECEIPT_TEMPLATE_ID = 'c20206d5-bf03-4002-9a90-37d5032d9e84'
     MOU_SIGNED_ON_BEHALF_ON_BEHALF_RECEIPT_TEMPLATE_ID = '522b6657-5ca5-4368-a294-6b527703bd0b'
-    NOTIFY_INTERNATIONAL_SMS_SENDER = '07984404008'
+    NOTIFY_INTERNATIONAL_SMS_SENDER = '18446120782'
     LETTERS_VOLUME_EMAIL_TEMPLATE_ID = '11fad854-fd38-4a7c-bd17-805fb13dfc12'
     NHS_EMAIL_BRANDING_ID = 'a7dc4e56-660b-4db7-8cff-12c37b12b5ea'
     # we only need real email in Live environment (production)

app/inbound_sms/rest.py

@@ -30,9 +30,10 @@ def post_inbound_sms_for_service(service_id):
     form = validate(request.get_json(), get_inbound_sms_for_service_schema)
     user_number = form.get('phone_number')
 
-    if user_number:
-        # we use this to normalise to an international phone number - but this may fail if it's an alphanumeric
-        user_number = try_validate_and_format_phone_number(user_number, international=True)
+    # TODO update this for US formatting
+    # if user_number:
+    #     # we use this to normalise to an international phone number - but this may fail if it's an alphanumeric
+    #     user_number = try_validate_and_format_phone_number(user_number, international=True)
 
     inbound_data_retention = fetch_service_data_retention_by_notification_type(service_id, 'sms')
     limit_days = inbound_data_retention.days_of_retention if inbound_data_retention else 7

app/notifications/receive_notifications.py

@@ -2,15 +2,16 @@ from datetime import datetime
 from urllib.parse import unquote
 
 import iso8601
-from flask import Blueprint, abort, current_app, jsonify, request
+from flask import Blueprint, abort, current_app, jsonify, request, json
 from gds_metrics.metrics import Counter
 from notifications_utils.recipients import try_validate_and_format_phone_number
 
 from app.celery import tasks
+from app.celery.validate_sns_message import sns_notification_handler
 from app.config import QueueNames
 from app.dao.inbound_sms_dao import dao_create_inbound_sms
 from app.dao.services_dao import dao_fetch_service_by_inbound_number
-from app.errors import register_errors
+from app.errors import register_errors, InvalidRequest
 from app.models import INBOUND_SMS_TYPE, SMS_TYPE, InboundSms
 
 receive_notifications_blueprint = Blueprint('receive_notifications', __name__)
@@ -23,6 +24,64 @@ INBOUND_SMS_COUNTER = Counter(
     ['provider']
 )
 
+@receive_notifications_blueprint.route('/notifications/sms/receive/sns', methods=['POST'])
+def receive_sns_sms():
+    """
+    {
+        "originationNumber":"+14255550182",
+        "destinationNumber":"+12125550101",
+        "messageKeyword":"JOIN", # unique to our sending number
+        "messageBody":"EXAMPLE",
+        "inboundMessageId":"cae173d2-66b9-564c-8309-21f858e9fb84",
+        "previousPublishedMessageId":"wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
+    }
+    """
+    
+    try:
+        post_data = sns_notification_handler(request.data, request.headers)
+    except Exception as e:
+        raise InvalidRequest(f"SMS-SNS callback failed with error: {e}", 400)
+
+    message = json.loads(post_data.get("Message"))
+    # TODO wrap this up
+    if "inboundMessageId" in message:
+        # TODO use standard formatting we use for all US numbers
+        inbound_number = message['destinationNumber'].replace('+','')
+
+        service = fetch_potential_service(inbound_number, 'sns')
+        if not service:
+            # since this is an issue with our service <-> number mapping, or no inbound_sms service permission
+            # we should still tell SNS that we received it successfully
+            current_app.logger.warning(f"Mapping between service and inbound number: {inbound_number} is broken, or service does not have permission to receive inbound sms")
+            return jsonify(
+                result="success", message="SMS-SNS callback succeeded"
+            ), 200
+
+        INBOUND_SMS_COUNTER.labels("sns").inc()
+
+        content = message.get("messageBody")
+        from_number = message.get('originationNumber')
+        provider_ref = message.get('inboundMessageId')
+        date_received = post_data.get('Timestamp')
+        provider_name = "sns"
+
+        inbound = create_inbound_sms_object(service,
+                                            content=content,
+                                            from_number=from_number,
+                                            provider_ref=provider_ref,
+                                            date_received=date_received,
+                                            provider_name=provider_name)
+
+        # TODO ensure inbound sms callback endpoints are accessible and functioning for notify api users, then uncomment the task below
+        tasks.send_inbound_sms_to_service.apply_async([str(inbound.id), str(service.id)], queue=QueueNames.NOTIFY)
+
+        current_app.logger.debug(
+            '{} received inbound SMS with reference {} from SNS'.format(service.id, inbound.provider_reference))
+
+    return jsonify(
+        result="success", message="SMS-SNS callback succeeded"
+    ), 200
+
 
 @receive_notifications_blueprint.route('/notifications/sms/receive/mmg', methods=['POST'])
 def receive_mmg_sms():