updated py file for email correct information

englit2008 · englit2008 · commit b25ab2d68911 · 2025-09-09T16:57:07.000+04:00
diff --git a/chveulebrivi_for_azure_devops.py b/chveulebrivi_for_azure_devops.py
diff --git a/get_email_webhook.py b/get_email_webhook.py
@@ -1,5 +1,4 @@
 import os
-import json
 import hmac
 import hashlib
 import requests
@@ -81,7 +80,7 @@ def verify_github_signature(payload_body, signature, secret):
     def github_webhook():
         payload_body = request.data
         signature = request.headers.get("X-Hub-Signature-256")
-        secret = os.getenv("GITHUB_WEBHOOK_SECRET")  # ✅ Correct usage
+        secret = os.getenv("GITHUB_WEBHOOK_SECRET")
 
         # Debug logging
         print("📥 Incoming GitHub webhook")
@@ -104,13 +103,18 @@ def github_webhook():
 
         # Handle repository create/delete events
         if event == "repository" and data.get("action") in ["created", "deleted"]:
-            repo_name = data["repository"]["full_name"]
+            repo = data.get("repository", {})
+            owner = repo.get("owner", {})
             action = data["action"]
 
-            subject = f"[GitHub Alert] Repository {action}: {repo_name}"
+            subject = f"[GitHub Alert] Repository {action}: {repo.get('full_name', 'unknown')}"
+
             body = (
                 f"A repository was {action} in your GitHub organization.\n\n"
-                f"Details:\n{json.dumps(data, indent=2)}"
+                f"📌 Repository Name: {repo.get('full_name')}\n"
+                f"🔒 Visibility: {'Private' if repo.get('private') else 'Public'}\n"
+                f"👤 Owner: {owner.get('login')}\n"
+                f"🌍 URL: {repo.get('html_url', 'N/A')}\n"
             )
 
             print(f"📩 Sending email alert: {subject}")
@@ -135,6 +139,5 @@ def health_check():
         )
     else:
         print("✅ Flask is up and listening on /webhook and /health")
-        # Azure expects port 8000 by default for containerized apps
         port = int(os.getenv("PORT", 8000))
-        app.run(host="0.0.0.0", port=port)
+        app.run(host="0.0.0.0", port=port)
diff --git a/get_email_webhook_old_musha.py b/get_email_webhook_old_musha.py
@@ -0,0 +1,140 @@
+import os
+import json
+import hmac
+import hashlib
+import requests
+from msal import ConfidentialClientApplication
+
+# --- Determine mode ---
+TEST_MODE = os.getenv("TEST_MODE", "true").lower() == "true"
+
+# Only import Flask if not in TEST_MODE
+if not TEST_MODE:
+    from flask import Flask, request, jsonify
+    app = Flask(__name__)
+
+# --- Microsoft Graph Email Sending Function ---
+def send_email_via_graph(subject, body):
+    TENANT_ID = os.getenv("TENANT_ID")
+    CLIENT_ID = os.getenv("CLIENT_ID")
+    CLIENT_SECRET = os.getenv("CLIENT_SECRET")
+    FROM_EMAIL = os.getenv("FROM_EMAIL")
+    TO_EMAIL = os.getenv("TO_EMAIL")
+
+    if not all([TENANT_ID, CLIENT_ID, CLIENT_SECRET, FROM_EMAIL, TO_EMAIL]):
+        print("❌ Missing required environment variables")
+        return False
+
+    try:
+        app_msal = ConfidentialClientApplication(
+            CLIENT_ID,
+            authority=f"https://login.microsoftonline.com/{TENANT_ID}",
+            client_credential=CLIENT_SECRET
+        )
+        token = app_msal.acquire_token_for_client(scopes=["https://graph.microsoft.com/.default"])
+        access_token = token.get("access_token")
+        if not access_token:
+            print(f"❌ Failed to get access token: {token}")
+            return False
+
+        email_msg = {
+            "message": {
+                "subject": subject,
+                "body": {"contentType": "Text", "content": body},
+                "toRecipients": [{"emailAddress": {"address": TO_EMAIL}}]
+            }
+        }
+
+        response = requests.post(
+            f"https://graph.microsoft.com/v1.0/users/{FROM_EMAIL}/sendMail",
+            headers={"Authorization": f"Bearer {access_token}", "Content-Type": "application/json"},
+            json=email_msg
+        )
+
+        if response.status_code == 202:
+            print(f"✅ Email sent to {TO_EMAIL}")
+            return True
+        else:
+            print(f"❌ Failed to send email: {response.status_code} {response.text}")
+            return False
+
+    except Exception as e:
+        print(f"❌ Exception occurred while sending email: {e}")
+        return False
+
+# --- Verify GitHub webhook signature ---
+def verify_github_signature(payload_body, signature, secret):
+    if not secret:
+        print("⚠️ No webhook secret set, skipping verification")
+        return True
+    if not signature:
+        print("❌ No signature provided in headers")
+        return False
+
+    mac = hmac.new(secret.encode(), msg=payload_body, digestmod=hashlib.sha256)
+    expected_signature = "sha256=" + mac.hexdigest()
+    return hmac.compare_digest(expected_signature, signature)
+
+# --- GitHub Webhook Handler ---
+if not TEST_MODE:
+    @app.route("/webhook", methods=["POST"])
+    def github_webhook():
+        payload_body = request.data
+        signature = request.headers.get("X-Hub-Signature-256")
+        secret = os.getenv("GITHUB_WEBHOOK_SECRET")  # ✅ Correct usage
+
+        # Debug logging
+        print("📥 Incoming GitHub webhook")
+        print(f"📥 Payload size: {len(payload_body)} bytes")
+        print(f"📥 GitHub Event: {request.headers.get('X-GitHub-Event')}")
+        print(f"📥 Signature header: {signature}")
+        print(f"📥 Secret length: {len(secret) if secret else 'None'}")
+
+        if not verify_github_signature(payload_body, signature, secret):
+            print("❌ Invalid signature! Webhook rejected.")
+            return "❌ Invalid signature", 401
+
+        try:
+            data = request.json or {}
+        except Exception as e:
+            print(f"❌ Failed to parse JSON payload: {e}")
+            return "❌ Bad payload", 400
+
+        event = request.headers.get("X-GitHub-Event", "")
+
+        # Handle repository create/delete events
+        if event == "repository" and data.get("action") in ["created", "deleted"]:
+            repo_name = data["repository"]["full_name"]
+            action = data["action"]
+
+            subject = f"[GitHub Alert] Repository {action}: {repo_name}"
+            body = (
+                f"A repository was {action} in your GitHub organization.\n\n"
+                f"Details:\n{json.dumps(data, indent=2)}"
+            )
+
+            print(f"📩 Sending email alert: {subject}")
+            send_email_via_graph(subject, body)
+        else:
+            print(f"ℹ️ Ignored event: {event}, action: {data.get('action')}")
+
+        return "OK", 200
+
+    # Health check endpoint
+    @app.route("/health", methods=["GET"])
+    def health_check():
+        return jsonify({"status": "running"}), 200
+
+# --- Main Entry Point ---
+if __name__ == "__main__":
+    if TEST_MODE:
+        print("🔹 TEST_MODE: sending test email")
+        send_email_via_graph(
+            "[Test] Graph Email",
+            "This is a test email sent via Microsoft Graph with application permissions."
+        )
+    else:
+        print("✅ Flask is up and listening on /webhook and /health")
+        # Azure expects port 8000 by default for containerized apps
+        port = int(os.getenv("PORT", 8000))
+        app.run(host="0.0.0.0", port=port)
