Modified identification request webhook

app/controllers/eeid/webhooks/identification_requests_controller.rb

@@ -16,7 +16,10 @@ module Eeid
         return render_unauthorized unless ip_whitelisted?
         return render_invalid_signature unless valid_hmac_signature?(request.headers['X-HMAC-Signature'])
 
-        verify_contact(permitted_params[:reference])
+        contact = Contact.find_by_code(permitted_params[:reference])
+        poi = catch_poi
+        verify_contact(contact)
+        inform_registrar(contact, poi)
         render json: { status: 'success' }, status: :ok
       rescue StandardError => e
         handle_error(e)
@@ -42,17 +45,32 @@ module Eeid
         ActiveSupport::SecurityUtils.secure_compare(computed_signature, hmac_signature)
       end
 
-      def verify_contact(ref)
-        contact = Contact.find_by_code(ref)
-
+      def verify_contact(contact)
+        ref = permitted_params[:reference]
         if contact&.ident_request_sent_at.present?
-          contact.update(verified_at: Time.zone.now)
+          contact.update(verified_at: Time.zone.now, verification_id: permitted_params[:identification_request_id])
           Rails.logger.info("Contact verified: #{ref}")
         else
           Rails.logger.error("Valid contact not found for reference: #{ref}")
         end
       end
 
+      def catch_poi
+        ident_service = Eeid::IdentificationService.new
+        response = ident_service.get_proof_of_identity(permitted_params[:identification_request_id])
+        raise StandardError, response[:error] if response[:error].present?
+
+        response[:data]
+      end
+
+      def inform_registrar(contact, poi)
+        email = contact&.registrar&.email
+        return unless email
+
+        RegistrarMailer.contact_verified(email: email, contact: contact, poi: poi)
+                       .deliver_now
+      end
+
       def ip_whitelisted?
         allowed_ips = ENV['webhook_allowed_ips'].to_s.split(',').map(&:strip)
 
@@ -67,7 +85,7 @@ module Eeid
 
       def handle_error(error)
         Rails.logger.error("Error handling webhook: #{error.message}")
-        render json: { error: 'Internal Server Error' }, status: :internal_server_error
+        render json: { error: error.message }, status: :internal_server_error
       end
 
       def handle_throttle_error

app/controllers/repp/v1/contacts_controller.rb

@@ -2,10 +2,10 @@ require 'serializers/repp/contact'
 module Repp
   module V1
     class ContactsController < BaseController # rubocop:disable Metrics/ClassLength
-      before_action :find_contact, only: %i[show update destroy verify]
-      skip_around_action :log_request, only: :search
+      before_action :find_contact, only: %i[show update destroy verify download_poi]
+      skip_around_action :log_request, only: %i[search]
 
-      THROTTLED_ACTIONS = %i[index check search create show update destroy verify].freeze
+      THROTTLED_ACTIONS = %i[index check search create show update destroy verify download_poi].freeze
       include Shunter::Integration::Throttle
 
       api :get, '/repp/v1/contacts'
@@ -132,6 +132,19 @@ module Repp
         render_success(data: data)
       end
 
+      api :get, '/repp/v1/contacts/download_poi/:contact_code'
+      desc 'Get proof of identity pdf file for a contact'
+      def download_poi
+        authorize! :verify, Epp::Contact
+        ident_service = Eeid::IdentificationService.new
+        response = ident_service.get_proof_of_identity(@contact.verification_id)
+
+        send_data response[:data], filename: "proof_of_identity_#{@contact.verification_id}.pdf",
+                                   type: 'application/pdf', disposition: 'inline'
+      rescue Eeid::IdentError => e
+        handle_non_epp_errors(@contact, e.message)
+      end
+
       private
 
       def index_params