# frozen_string_literal: true
# Ingests inbound emails from Amazon's Simple Email Service (SES).
#
# Requires the full RFC 822 message in the +content+ parameter. Authenticates requests by validating their signatures.
#
# Returns:
#
# - 204 No Content if an inbound email is successfully recorded and enqueued for routing to the appropriate mailbox
# - 401 Unauthorized if the request's signature could not be validated
# - 404 Not Found if Action Mailbox is not configured to accept inbound emails from SES
# - 422 Unprocessable Entity if the request is missing the required +content+ parameter
# - 500 Server Error if one of the Active Record database, the Active Storage service, or
# the Active Job backend is misconfigured or unavailable
#
# == Usage
#
# 1. Install the {aws-sdk-sns}[https://rubygems.org/gems/aws-sdk-sns] gem:
#
# # Gemfile
# gem "aws-sdk-sns", ">= 1.9.0", require: false
#
# 2. Tell Action Mailbox to accept emails from SES:
#
# # config/environments/production.rb
# config.action_mailbox.ingress = :amazon
#
# 3. {Configure SES}[https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-notifications.html]
# to deliver emails to your application via POST requests to +/rails/action_mailbox/amazon/inbound_emails+.
# If your application lived at https://example.com, you would specify the fully-qualified URL
# https://example.com/rails/action_mailbox/amazon/inbound_emails.
class ActionMailbox::Ingresses::Amazon::InboundEmailsController < ActionMailbox::BaseController
before_action :authenticate
cattr_accessor :verifier
def self.prepare
self.verifier ||= begin
require "aws-sdk-sns/message_verifier"
Aws::SNS::MessageVerifier.new
end
end
def create
ActionMailbox::InboundEmail.create_and_extract_message_id! params.require(:content)
end
private
def authenticate
head :unauthorized unless verifier.authentic?(request.body)
end
end