iExecBlockchainComputing
diff --git a/‎.drone.yml‎
Lines changed: 19 additions & 2 deletions b/‎.drone.yml‎
Lines changed: 19 additions & 2 deletions
diff --git a/‎dapp/.env.override‎
Lines changed: 2 additions & 2 deletions b/‎dapp/.env.override‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎dapp/local-test.sh‎
Lines changed: 6 additions & 4 deletions b/‎dapp/local-test.sh‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎dapp/src/sendEmail.js‎
Lines changed: 10 additions & 0 deletions b/‎dapp/src/sendEmail.js‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎dapp/src/validateEmailAddress.js‎
Lines changed: 33 additions & 0 deletions b/‎dapp/src/validateEmailAddress.js‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎dapp/src/validation.js‎
Lines changed: 1 addition & 0 deletions b/‎dapp/src/validation.js‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎dapp/tests/_test_inputs_/dataDisposableEmail.zip‎
220 Bytes b/‎dapp/tests/_test_inputs_/dataDisposableEmail.zip‎
220 Bytes
diff --git a/‎dapp/tests/_test_inputs_/dataEmailUserDoesNotExist.zip‎
216 Bytes b/‎dapp/tests/_test_inputs_/dataEmailUserDoesNotExist.zip‎
216 Bytes
@@ -575,11 +575,20 @@ steps:
       - cd dapp
       - npm run lint
 
-  - name: unit-test
+  - name: test
     image: node:14-alpine3.11
+    environment:
+      MJ_APIKEY_PUBLIC:
+        from_secret: mj_apikey_public
+      MJ_APIKEY_PRIVATE:
+        from_secret: mj_apikey_private
+      MJ_SENDER:
+        from_secret: mj_sender
+      MAILGUN_APIKEY:
+        from_secret: mailgun_apikey
     commands:
       - cd dapp
-      - npm run ctest tests/unit/
+      - npm run ctest
 
   - name: docker-publish-dry-run
     # plugin doc https://plugins.drone.io/plugins/docker and repo https://github.com/drone-plugins/drone-docker
@@ -643,6 +652,8 @@ steps:
         from_secret: mj_apikey_private
       MJ_SENDER:
         from_secret: mj_sender
+      MAILGUN_APIKEY:
+        from_secret: mailgun_apikey
     commands:
       - cd dapp
       - npm run ctest
@@ -711,6 +722,8 @@ steps:
         from_secret: mj_apikey_private
       MJ_SENDER:
         from_secret: mj_sender
+      MAILGUN_APIKEY:
+        from_secret: mailgun_apikey
     commands:
       - cd dapp
       - npm run ctest
@@ -844,6 +857,8 @@ steps:
         from_secret: mj_apikey_private
       MJ_SENDER:
         from_secret: mj_sender
+      MAILGUN_APIKEY:
+        from_secret: mailgun_apikey
     commands:
       - cd deployment-dapp
       - npm run push-dapp-secret
@@ -1026,6 +1041,8 @@ steps:
         from_secret: mj_apikey_private
       MJ_SENDER:
         from_secret: mj_sender
+      MAILGUN_APIKEY:
+        from_secret: mailgun_apikey
     commands:
       - cd deployment-dapp
       - npm run push-dapp-secret
 
@@ -1,5 +1,5 @@
 IEXEC_IN=/path/to/input/directory
 IEXEC_OUT=/path/to/output/directory
 IEXEC_DATASET_FILENAME="protectedData.zip"
-IEXEC_APP_DEVELOPER_SECRET='{"MJ_APIKEY_PUBLIC":"dev_mailjet_public_key","MJ_APIKEY_PRIVATE":"dev_mailjet_private_key","MJ_SENDER":"dev_sender_email"}'
-IEXEC_REQUESTER_SECRET_1='{"emailSubject":"mail_object_to_send","emailContentMultiAddr":"encrypted_email_content_multiAddr","senderName":"sender_name","emailContentEncryptionKey":"email_content_encryption_key","contentType":"text/plain"}'
+IEXEC_APP_DEVELOPER_SECRET='{"MJ_APIKEY_PUBLIC":"dev_mailjet_public_key","MJ_APIKEY_PRIVATE":"dev_mailjet_private_key","MJ_SENDER":"dev_sender_email","MAILGUN_APIKEY":"dev_mailgun_api_key"}'
+IEXEC_REQUESTER_SECRET_1='{"emailSubject":"mail_object_to_send","emailContentMultiAddr":"encrypted_email_content_multiAddr","senderName":"sender_name","emailContentEncryptionKey":"email_content_encryption_key","contentType":"text/plain"}'
@@ -1,4 +1,4 @@
-# Set the name of the Docker image
+# Set the name of the Docker image
 IMG_NAME=web3mail:non-tee
 
 # Build the regular non-TEE image
@@ -14,14 +14,16 @@ if [ ! -d "/tmp/iexec_out" ]; then
 fi
 
 # Place your .zip file in the /tmp/iexec_in directory and replace DATA_FILENAME with the name of the file you just placed in the directory
-# The .zip file should contain a file with the email content you want to protect
+# The .zip file should contain a file with the email content you want to protect
 DATA_FILENAME="your_file_name.zip"
 
 
 # Replace the values of the variables MJ_APIKEY_PUBLIC, MJ_APIKEY_PRIVATE, and MJ_SENDER with your own Mailjet API key and sender email address
 MJ_APIKEY_PUBLIC="your_mail_jet_api_key_public"
 MJ_APIKEY_PRIVATE="your_mail_jet_api_private"
 MJ_SENDER="your_mail_jet_sender"
+# Replace the value of the variable MAILGUN_APIKEY with your own Mailgun API key
+MAILGUN_APIKEY="your_mailgun_api_key"
 
 
 # Replace the following variables with your own values:
@@ -32,7 +34,7 @@ SENDER_NAME="the_sender_name"
 CONTENT_TYPE="text/plain"
 
 IEXEC_REQUESTER_SECRET_1='{"emailSubject":"'${EMAIL_SUBJECT}'","emailContentEncryptionKey":"'${EMAIL_CONTENT_ENCRYPTION_KEY}'","emailContentMultiAddr":"'${EMAIL_CONTENT_MULTIADDR}'","senderName":"'${SENDER_NAME}'","contentType":"'${CONTENT_TYPE}'"}'
-IEXEC_APP_DEVELOPER_SECRET='{"MJ_APIKEY_PUBLIC":"'$MJ_APIKEY_PUBLIC'","MJ_APIKEY_PRIVATE":"'$MJ_APIKEY_PRIVATE'","MJ_SENDER":"'$MJ_SENDER'"}'
+IEXEC_APP_DEVELOPER_SECRET='{"MJ_APIKEY_PUBLIC":"'$MJ_APIKEY_PUBLIC'","MJ_APIKEY_PRIVATE":"'$MJ_APIKEY_PRIVATE'","MJ_SENDER":"'$MJ_SENDER'","MAILGUN_APIKEY":"'$MAILGUN_APIKEY'"}'
 
 docker run -it --rm \
             -v /tmp/iexec_in:/iexec_in \
@@ -42,4 +44,4 @@ docker run -it --rm \
             -e IEXEC_DATASET_FILENAME=${DATA_FILENAME} \
             -e IEXEC_APP_DEVELOPER_SECRET=${IEXEC_APP_DEVELOPER_SECRET} \
             -e IEXEC_REQUESTER_SECRET_1=${IEXEC_REQUESTER_SECRET_1} \
-            ${IMG_NAME}
+            ${IMG_NAME}
@@ -13,6 +13,7 @@ const {
   downloadEncryptedContent,
   decryptContent,
 } = require('./decryptEmailContent');
+const { validateEmailAddress } = require('./validateEmailAddress');
 
 async function writeTaskOutput(path, message) {
   try {
@@ -61,8 +62,16 @@ async function start() {
   } catch (e) {
     throw Error(`Failed to parse ProtectedData: ${e.message}`);
   }
+
+  // 1- Validate email address syntax (Joi regexp)
   validateProtectedData(protectedData);
 
+  // 2- Third-party validation service (Mailgun)
+  await validateEmailAddress({
+    emailAddress: protectedData.email,
+    mailgunApiKey: appDeveloperSecret.MAILGUN_APIKEY,
+  });
+
   const encryptedEmailContent = await downloadEncryptedContent(
     requesterSecret.emailContentMultiAddr
   );
@@ -78,6 +87,7 @@ async function start() {
     mailJetApiKeyPublic: appDeveloperSecret.MJ_APIKEY_PUBLIC,
     mailJetApiKeyPrivate: appDeveloperSecret.MJ_APIKEY_PRIVATE,
     mailJetSender: appDeveloperSecret.MJ_SENDER,
+    mailgunApiKey: appDeveloperSecret.MAILGUN_APIKEY,
     // from requester secret
     emailContent: requesterEmailContent,
     emailSubject: requesterSecret.emailSubject,
 
@@ -0,0 +1,33 @@
+// fetch is not included in node 14
+const fetch = require('node-fetch');
+
+async function validateEmailAddress({ emailAddress, mailgunApiKey }) {
+  // https://documentation.mailgun.com/docs/inboxready/mailgun-validate/single-valid-ir/#single-validation
+  const basicAuth = Buffer.from(`api:${mailgunApiKey}`).toString('base64');
+  const response = await fetch(
+    `https://api.mailgun.net/v4/address/validate?address=${encodeURIComponent(
+      emailAddress
+    )}`,
+    {
+      method: 'GET',
+      headers: {
+        Authorization: `Basic ${basicAuth}`,
+      },
+    }
+  );
+
+  if (!response.ok) {
+    // Mailgun API down? Prefer not to throw
+    return;
+  }
+
+  const emailAddressSeemsLegit = await response.json();
+
+  if (emailAddressSeemsLegit.result !== 'deliverable') {
+    throw new Error('The protected email address seems to be invalid.');
+  }
+}
+
+module.exports = {
+  validateEmailAddress,
+};
@@ -19,6 +19,7 @@ const appSecretSchema = Joi.object({
   MJ_APIKEY_PUBLIC: Joi.string().required(),
   MJ_APIKEY_PRIVATE: Joi.string().required(),
   MJ_SENDER: Joi.string().email().required(),
+  MAILGUN_APIKEY: Joi.string().required(),
 });
 
 function validateAppSecret(obj) {