# WebhookSyncApp

Monolithic ASP.NET Core 8.0 MVC application for multi-user Microsoft 365 Calendar synchronization via Webhooks and Delta Tokens.

## Architecture & Process Updates

### 1. Authentication & Identity
- Configured **Confidential Client Flow** using `Microsoft.Identity.Web` and `.AddMicrosoftIdentityWebApp`.
- Configured `.AddInMemoryTokenCaches()` for prototype token persistence.
- Implemented `ITokenAcquisition` within the `SyncEngine` for obtaining tokens on behalf of users asynchronously to support background/webhook execution flows using a custom constructed `ClaimsPrincipal` mapped to the user's `HomeAccountId`.

### 2. Data & Transparency Layer
- **SQLite + EF Core** integration (`Microsoft.EntityFrameworkCore.Sqlite`).
- **Models**:
  - `UserConfig`: Stores `UserId`, `HomeAccountId`, `Email`, `SubscriptionId`, `Expiration`, and `LastDeltaLink`.
  - `WebhookLog`: Stores raw json payloads, endpoint types, and timestamps.
- **Dashboard (`SyncController`)**: Shows both active users and real-time webhook logs in a responsive, clean Bootstrap table format.

### 3. Webhook Endpoints
- `NotificationsController` implemented with `/api/notifications/listen` and `/api/notifications/lifecycle`.
- **Transparency First**: Every incoming request stream is captured and immediately persisted to `WebhookLogs` before parsing.
- **Handshake Validation**: Instant response logic for `validationToken` parameters returning `text/plain`.
- **Security Check**: The payloads are deserialized to confirm the `clientState` against the configuration string. If valid, the engine triggers an asynchronous background sync job for the `subscriptionId`.

### 4. Sync Engine (Microsoft Graph SDK v5)
- Encapsulated logic inside `SyncEngine.cs` using `GraphServiceClient`.
- Uses `Delta Query` with stateful links saved back to the database.
- Implements custom SHA-256 deduplication on events grouping by `Subject + Start + End`.
- Exports a CSV file via the OneDrive Graph API `Drives["me"].Items["root:/SyncResults.csv:"].Content.PutAsync(stream)`.

### 5. Auto-Renewal Service
- Added `SubscriptionRenewalService` inheriting from `BackgroundService`.
- Triggers every 12 hours. Scans the database for `Expiration` < 24h.
- Re-authenticates the user contexts and patches their graph subscriptions to a new 4230 minutes limit.

### 6. User Experience
- Overhauled the default `Home/Index.cshtml` landing page.
- Created an `Onboard` action triggered by a "Connect Microsoft Calendar" button that forces authorization.
- Completes the initial flow by storing user information, running a baseline delta query, setting up the webhook subscription, and then safely redirecting the user to the transparency dashboard.