etalab · skelz0r · Jun 19, 2024 · Jun 19, 2024 · Jun 19, 2024 · Jun 19, 2024
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -93,6 +93,10 @@ Metrics/MethodLength:
 RSpec/NestedGroups:
   Enabled: false
 
+RSpec/SpecFilePathFormat:
+  Exclude:
+    - "spec/**/*hubee*"
+
 Naming/VariableNumber:
   Enabled: false
 

diff --git a/Gemfile b/Gemfile
@@ -77,6 +77,11 @@ gem 'ransack'
 gem 'wicked'
 
 gem 'rest-client'
+gem 'faraday'
+gem 'faraday-gzip'
+gem 'faraday-net_http'
+gem 'faraday-retry'
+gem 'faraday-encoding'
 
 group :development, :test do
   gem 'awesome_print'
@@ -101,10 +106,10 @@ group :development do
   # Can be configured to work on production as well see: https://github.com/MiniProfiler/rack-mini-profiler/blob/master/README.md
   gem 'rack-mini-profiler', '~> 3.3'
   gem 'rubocop', require: false
-  gem 'rubocop-rails'
-  gem 'rubocop-rspec'
   gem 'rubocop-capybara'
   gem 'rubocop-factory_bot'
+  gem 'rubocop-rails'
+  gem 'rubocop-rspec'
   gem 'rubocop-rspec_rails'
 
   gem 'better_errors'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -153,11 +153,18 @@ GEM
       railties (>= 5.0.0)
     faraday (2.9.0)
       faraday-net_http (>= 2.0, < 3.2)
+    faraday-encoding (0.0.6)
+      faraday
+    faraday-gzip (2.0.1)
+      faraday (>= 1.0)
+      zlib (~> 3.0)
     faraday-net_http (3.1.0)
       net-http
     faraday-net_http_persistent (2.1.0)
       faraday (~> 2.5)
       net-http-persistent (~> 4.0)
+    faraday-retry (2.2.1)
+      faraday (~> 2.0)
     ferrum (0.15)
       addressable (~> 2.5)
       concurrent-ruby (~> 1.1)
@@ -560,6 +567,7 @@ GEM
       nokogiri (~> 1.8)
     yajl-ruby (1.4.3)
     zeitwerk (2.7.0)
+    zlib (3.1.1)
 
 PLATFORMS
   aarch64-linux
@@ -583,6 +591,11 @@ DEPENDENCIES
   cuprite
   draper
   factory_bot_rails
+  faraday
+  faraday-encoding
+  faraday-gzip
+  faraday-net_http
+  faraday-retry
   gaffe
   good_job (~> 3.99)
   guard-rspec

diff --git a/app/clients/abstract_hubee_api_client.rb b/app/clients/abstract_hubee_api_client.rb
@@ -0,0 +1,23 @@
+require 'faraday'
+
+class AbstractHubEEAPIClient
+  protected
+
+  def http_connection(&block)
+    Faraday.new do |conn|
+      conn.request :retry, max: 5
+      conn.response :raise_error
+      conn.response :json
+      conn.options.timeout = 2
+      yield(conn) if block
+    end
+  end
+
+  def consumer_key
+    Rails.application.credentials.hubee_consumer_key
+  end
+
+  def consumer_secret
+    Rails.application.credentials.hubee_consumer_secret
+  end
+end
diff --git a/app/clients/abstract_insee_api_client.rb b/app/clients/abstract_insee_api_client.rb
@@ -0,0 +1,23 @@
+require 'faraday'
+
+class AbstractINSEEAPIClient
+  protected
+
+  def http_connection(&block)
+    @http_connection ||= Faraday.new do |conn|
+      conn.request :retry, max: 5
+      conn.response :raise_error
+      conn.response :json
+      conn.options.timeout = 2
+      yield(conn) if block
+    end
+  end
+
+  def consumer_key
+    Rails.application.credentials.insee_consumer_key
+  end
+
+  def consumer_secret
+    Rails.application.credentials.insee_consumer_secret
+  end
+end
diff --git a/app/clients/formulaire_qf_api_client.rb b/app/clients/formulaire_qf_api_client.rb
@@ -0,0 +1,35 @@
+class FormulaireQFAPIClient
+  def create_collectivity(authorization_request)
+    organization = authorization_request.organization
+    editor_name = authorization_request.extra_infos.dig('service_provider', 'id')
+
+    params = {
+      siret: organization.siret,
+      code_cog: organization.code_commune_etablissement,
+      departement: organization.code_postal_etablissement[0..1],
+      name: organization.denomination,
+      status: 'active',
+      editor: editor_name
+    }
+
+    http_connection.post("#{host}/api/collectivites", params.to_json)
+  end
+
+  private
+
+  def host
+    Rails.application.credentials.formulaire_qf.host
+  end
+
+  def http_connection(&block)
+    Faraday.new do |conn|
+      conn.headers['Content-Type'] = 'application/json'
+      conn.request :authorization, 'Bearer', -> { secret }
+      yield(conn) if block
+    end
+  end
+
+  def secret
+    Rails.application.credentials.formulaire_qf.secret
+  end
+end
diff --git a/app/clients/hubee_api_authentication.rb b/app/clients/hubee_api_authentication.rb
@@ -0,0 +1,28 @@
+class HubEEAPIAuthentication < AbstractHubEEAPIClient
+  def access_token
+    http_connection.post(
+      auth_url,
+      'grant_type=client_credentials&scope=ADMIN',
+      {
+        'Authorization' => "Basic #{encoded_client_id_and_secret}"
+      }
+    ).body['access_token']
+  end
+
+  private
+
+  def auth_url
+    Rails.application.credentials.hubee_auth_url
+  end
+
+  def encoded_client_id_and_secret
+    Base64.strict_encode64("#{consumer_key}:#{consumer_secret}")
+  end
+
+  def http_connection(&block)
+    @http_connection ||= super do |conn|
+      conn.response :json
+      yield(conn) if block
+    end
+  end
+end
diff --git a/app/clients/hubee_api_client.rb b/app/clients/hubee_api_client.rb
@@ -0,0 +1,110 @@
+class HubEEAPIClient < AbstractHubEEAPIClient
+  class NotFound < StandardError; end
+  class AlreadyExists < StandardError; end
+
+  def find_organization(organization)
+    http_connection.get("#{host}/referential/v1/organizations/SI-#{organization.siret}-#{organization.code_commune_etablissement}").body
+  rescue Faraday::ResourceNotFound
+    raise NotFound
+  end
+
+  def create_organization(organization, email)
+    http_connection.post(
+      "#{host}/referential/v1/organizations",
+      {
+        type: 'SI',
+        companyRegister: organization.siret,
+        branchCode: organization.code_commune_etablissement,
+        email:,
+        name: organization.denomination,
+        country: 'France',
+        postalCode: organization.code_postal_etablissement,
+        territory: organization.code_commune_etablissement,
+        status: 'Actif'
+      }.to_json,
+      'Content-Type' => 'application/json'
+    )
+  rescue Faraday::BadRequestError => e
+    raise AlreadyExists if already_exists_error?(e)
+
+    raise
+  end
+
+  def create_subscription(authorization_request, organization_payload, process_code)
+    http_connection.post(
+      "#{host}/referential/v1/subscriptions",
+      {
+        datapassId: authorization_request.external_id.to_i,
+        notificationFrequency: 'Aucune',
+        processCode: process_code,
+        subscriber: {
+          type: 'SI',
+          companyRegister: organization_payload['companyRegister'],
+          branchCode: organization_payload['branchCode']
+        },
+        email: authorization_request.demandeur.email,
+        status: 'Inactif',
+        localAdministrator: {
+          email: authorization_request.demandeur.email
+        },
+        validateDateTime: DateTime.now.iso8601,
+        updateDateTime: DateTime.now.iso8601
+      }.to_json,
+      'Content-Type' => 'application/json'
+    )
+  rescue Faraday::BadRequestError => e
+    raise AlreadyExists if already_exists_error?(e)
+
+    raise
+  end
+
+  def find_subscription(_authorization_request, organization_payload, process_code)
+    request = http_connection { |conn| conn.request :gzip }.get(
+      "#{host}/referential/v1/subscriptions",
+      companyRegister: organization_payload['companyRegister'],
+      processCode: process_code
+    )
+    request.body.first
+  end
+
+  def update_subscription(authorization_request, subscription_payload, editor_payload = {})
+    subscription_id = authorization_request.extra_infos['hubee_subscription_id']
+    return if subscription_id.blank?
+
+    payload = subscription_payload.with_indifferent_access.merge({
+      status: 'Actif',
+      activateDateTime: DateTime.now.iso8601,
+      accessMode: 'API',
+      notificationFrequency: 'Aucune'
+    }.with_indifferent_access)
+
+    payload.delete('id')
+    payload.delete('creationDateTime')
+    payload.merge!(editor_payload.with_indifferent_access) if editor_payload.present?
+
+    http_connection.put(
+      "#{host}/referential/v1/subscriptions/#{subscription_id}",
+      payload.to_json,
+      'Content-Type' => 'application/json'
+    )
+  end
+
+  protected
+
+  def host
+    Rails.application.credentials.hubee_api_url
+  end
+
+  def already_exists_error?(faraday_error)
+    faraday_error.response[:body]['errors'].any? do |error|
+      error['message'].include?('already exists')
+    end
+  end
+
+  def http_connection(&block)
+    super do |conn|
+      conn.request :authorization, 'Bearer', -> { HubEEAPIAuthentication.new.access_token }
+      yield(conn) if block
+    end
+  end
+end
diff --git a/app/clients/insee_api_authentication.rb b/app/clients/insee_api_authentication.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class INSEEAPIAuthentication < AbstractINSEEAPIClient
+  def access_token
+    http_connection.post(
+      'https://api.insee.fr/token',
+      'grant_type=client_credentials',
+      {
+        'Authorization' => "Basic #{encoded_client_id_and_secret}"
+      }
+    ).body['access_token']
+  end
+
+  private
+
+  def encoded_client_id_and_secret
+    Base64.strict_encode64("#{consumer_key}:#{consumer_secret}")
+  end
+end
diff --git a/app/clients/insee_sirene_api_client.rb b/app/clients/insee_sirene_api_client.rb
@@ -0,0 +1,15 @@
+class INSEESireneAPIClient < AbstractINSEEAPIClient
+  def etablissement(siret:)
+    http_connection.get(
+      "https://api.insee.fr/entreprises/sirene/V3.11/siret/#{siret}"
+    ).body
+  end
+
+  protected
+
+  def http_connection
+    super do |conn|
+      conn.request :authorization, 'Bearer', -> { INSEEAPIAuthentication.new.access_token }
+    end
+  end
+end
diff --git a/app/interactors/datapass_webhook/adapt_v2_to_v1.rb b/app/interactors/datapass_webhook/adapt_v2_to_v1.rb
@@ -1,6 +1,7 @@
 class DatapassWebhook::AdaptV2ToV1 < ApplicationInteractor
   def call
     context.event = context.event.sub('authorization_request', 'enrollment')
+    context.authorization_request_data = generic_data.dup
     context.data = build_data
   end
 
@@ -21,7 +22,8 @@ def build_data
         'previous_enrollment_id' => nil,
         'scopes' => generic_data['scopes'].index_with { |_scope| true },
         'team_members' => build_team_members,
-        'events' => []
+        'events' => [],
+        'service_provider' => context.data['service_provider'],
       }
     }
   end

diff --git a/app/interactors/datapass_webhook/create_or_prolong_token.rb b/app/interactors/datapass_webhook/create_or_prolong_token.rb
@@ -1,6 +1,11 @@
 class DatapassWebhook::CreateOrProlongToken < ApplicationInteractor
+  before do
+    context.modalities ||= %w[params]
+  end
+
   def call
     return if %w[approve validate].exclude?(context.event)
+    return if context.modalities.exclude?('params')
 
     token = create_or_prolong_token
 

diff --git a/app/interactors/datapass_webhook/find_or_create_authorization_request.rb b/app/interactors/datapass_webhook/find_or_create_authorization_request.rb
@@ -72,10 +72,17 @@ def authorization_request_attributes
     ).merge(authorization_request_attributes_for_current_event).merge(
       'last_update' => fired_at_as_datetime,
       'previous_external_id' => context.data['pass']['copied_from_enrollment_id'],
-      'api' => context.api
+      'api' => context.api,
+      'extra_infos' => extra_infos_with_service_provider
     )
   end
 
+  def extra_infos_with_service_provider
+    context.authorization_request.extra_infos.merge({
+      'service_provider' => Hash(context.data.dig('pass', 'service_provider'))
+    })
+  end
+
   def authorization_request_attributes_for_current_event
     authorization_request_attributes_for_current_event = {}
 

diff --git a/app/interactors/datapass_webhook/schedule_create_formulaire_qf_hubee_subscription_job.rb b/app/interactors/datapass_webhook/schedule_create_formulaire_qf_hubee_subscription_job.rb
@@ -0,0 +1,9 @@
+class DatapassWebhook::ScheduleCreateFormulaireQFHubEESubscriptionJob < ApplicationInteractor
+  def call
+    return unless context.event == 'approve'
+    return unless context.modalities.include?('formulaire_qf')
+
+    CreateFormulaireQFHubEESubscriptionJob.perform_later(context.authorization_request.id)
+    CreateFormulaireQFCollectivityJob.perform_later(context.authorization_request.id)
+  end
+end