fix: explicitly handle ProcessingException and add SQS VPC Endpoint (#883)

Benito Visone · web-flow · commit 13706b6a7f84 · 2025-10-16T11:05:40.000+02:00
* feat: add explicit ProcessingException handling

* feat: enable sqs vpc endpoint

* feat: set pdv-api rest client timeout to 1000ms

* fix: use more appropriate error code
diff --git a/src/infra/modules/network/main.tf b/src/infra/modules/network/main.tf
@@ -150,15 +150,13 @@ module "vpc_endpoints" {
     #   security_group_ids  = [aws_security_group.vpc_tls.id]
     #   tags                = { Name = "apigw-endpoint" }
     # },
-    /*
     sqs = {
       service             = "sqs"
       private_dns_enabled = true
       subnet_ids          = module.vpc.private_subnets
       security_group_ids  = [aws_security_group.vpc_tls.id]
       tags                = { Name = "sqs" }
     },
-    */
     /*
     events = {
       service             = "events"
diff --git a/src/oneid/oneid-ecs-core/src/main/java/it/pagopa/oneid/service/OIDCServiceImpl.java b/src/oneid/oneid-ecs-core/src/main/java/it/pagopa/oneid/service/OIDCServiceImpl.java
@@ -45,6 +45,7 @@
 import it.pagopa.oneid.web.dto.TokenDataDTO;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
+import jakarta.ws.rs.ProcessingException;
 import jakarta.ws.rs.WebApplicationException;
 import java.io.StringWriter;
 import java.net.URI;
@@ -279,13 +280,15 @@ public TokenDataDTO getOIDCTokens(String requestId, String clientId,
               () -> Log.warn("API Key not found for clientId: " + clientId
                   + ", can't retrieve pairwise sub from PDV")
           );
-        } catch (WebApplicationException e) {
+        } catch (WebApplicationException | ProcessingException e) {
           // if PDV returns an error, we log it but we don't block the authentication flow
           Log.error("error during PDV upsertUser call: " + e.getMessage());
           // Send message to SQS to manage retry mechanism asynchronously
           sendPDVErrorSQSMessage(clientId, savePDVUserDTO);
           // Update metric on CloudWatch
-          cloudWatchConnectorImpl.sendPDVErrorMetricData(e.getResponse().getStatus());
+          cloudWatchConnectorImpl.sendPDVErrorMetricData(
+              e instanceof WebApplicationException ? ((WebApplicationException) e).getResponse()
+                  .getStatus() : 504);
         }
       } else {
         // if fiscalNumber is not present, we can't generate the pairwise sub
diff --git a/src/oneid/oneid-ecs-core/src/main/resources/application.properties b/src/oneid/oneid-ecs-core/src/main/resources/application.properties
@@ -77,6 +77,6 @@ quarkus.rest-client.pdv-api.url=${PDV_BASE_URL:https://api.dev.pdv.pagopa.it}
 # Queue url for PDV error async processing
 pdv_error_queue_url=${PDV_ERROR_QUEUE_URL:https://localhost:8000/errors-queue}
 # Timeout settings for the PDV API client
-quarkus.rest-client.pdv-api.connect-timeout=5000
-quarkus.rest-client.pdv-api.read-timeout=5000
+quarkus.rest-client.pdv-api.connect-timeout=1000
+quarkus.rest-client.pdv-api.read-timeout=1000
 #endregion
