Fix inbound mail attachment upload (#8472)

Signed-off-by: Nikolay Chunosov <Chunosov.N@gmail.com>

services/mail/pod-inbound-mail/package.json

@@ -67,13 +67,14 @@
     "@hcengineering/contact": "^0.6.24",
     "@hcengineering/core": "^0.6.32",
     "@hcengineering/mail": "^0.6.0",
+    "@hcengineering/platform": "^0.6.11",
     "@hcengineering/server-core": "^0.6.1",
     "@hcengineering/server-storage": "^0.6.0",
+    "@hcengineering/server-token": "^0.6.11",
     "cors": "^2.8.5",
     "dotenv": "~16.0.0",
     "eml-parse-js": "^1.2.0-beta.0",
     "express": "^4.21.2",
-    "jwt-simple": "^0.5.6",
     "sanitize-html": "^2.15.0",
     "turndown": "^7.2.0",
     "uuid": "^8.3.2"

services/mail/pod-inbound-mail/src/index.ts

@@ -18,7 +18,9 @@ import express, { NextFunction, Request, Response } from 'express'
 import { join } from 'path'
 import { SplitLogger } from '@hcengineering/analytics-service'
 import { MeasureContext, MeasureMetricsContext, newMetrics } from '@hcengineering/core'
+import { setMetadata } from '@hcengineering/platform'
 import { initStatisticsContext } from '@hcengineering/server-core'
+import serverToken from '@hcengineering/server-token'
 import { handleMtaHook } from './handlerMta'
 import config from './config'
 
@@ -39,6 +41,8 @@ async function main (): Promise<void> {
       )
   })
 
+  setMetadata(serverToken.metadata.Secret, config.secret)
+
   const app = express()
 
   app.use(cors())
@@ -77,7 +81,12 @@ async function main (): Promise<void> {
   })
 
   const server = app.listen(config.port, () => {
-    ctx.info('server started', { ...config, secret: '(stripped)', hookToken: '(stripped)' })
+    ctx.info('server started', {
+      ...config,
+      secret: config.secret !== undefined ? '(stripped)' : undefined,
+      hookToken: config.hookToken !== undefined ? '(stripped)' : undefined,
+      storageConfig: config.storageConfig !== undefined ? '(stripped)' : undefined
+    })
   })
 
   const shutdown = (): void => {

services/mail/pod-inbound-mail/src/message.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
-import { encode } from 'jwt-simple'
 import { getClient as getAccountClient } from '@hcengineering/account-client'
 import { createRestTxOperations } from '@hcengineering/api-client'
 import { type Card } from '@hcengineering/card'
@@ -36,6 +35,7 @@ import {
 } from '@hcengineering/core'
 import mail from '@hcengineering/mail'
 import { buildStorageFromConfig, storageConfigFromEnv } from '@hcengineering/server-storage'
+import { generateToken } from '@hcengineering/server-token'
 import config from './config'
 import { ensureGlobalPerson, ensureLocalPerson } from './person'
 
@@ -46,16 +46,6 @@ export interface Attachment {
   contentType: string
 }
 
-function generateToken (): string {
-  return encode(
-    {
-      account: systemAccountUuid,
-      extra: { service: 'mail' }
-    },
-    config.secret
-  )
-}
-
 export async function createMessages (
   ctx: MeasureContext,
   mailId: string,
@@ -68,7 +58,8 @@ export async function createMessages (
 ): Promise<void> {
   ctx.info('Sending message', { mailId, from: from.address, to: tos.map((to) => to.address).join(',') })
 
-  const accountClient = getAccountClient(config.accountsUrl, generateToken())
+  const token = generateToken(systemAccountUuid, undefined, { service: 'mail' })
+  const accountClient = getAccountClient(config.accountsUrl, token)
   const wsInfo = await accountClient.selectWorkspace(config.workspaceUrl)
   const transactorUrl = wsInfo.endpoint.replace('ws://', 'http://').replace('wss://', 'https://')
   const txClient = await createRestTxOperations(transactorUrl, wsInfo.workspace, wsInfo.token)
@@ -129,7 +120,7 @@ export async function createMessages (
 
   const attachedBlobs: Attachment[] = []
   if (config.storageConfig !== undefined) {
-    const storageConfig = storageConfigFromEnv()
+    const storageConfig = storageConfigFromEnv(config.storageConfig)
     const storageAdapter = buildStorageFromConfig(storageConfig)
     try {
       for (const a of attachments ?? []) {