using Microsoft.AspNetCore.Mvc;
using MetaApi.Models;
using MetaApi.Security;
using MetaApi.Services;
namespace MetaApi.Controllers;
///
/// Internal API endpoint called by Gateway.
/// Protected by X-Internal-Key header validation.
///
[ApiController]
[Route("internal")]
public sealed class InternalController : ControllerBase
{
private readonly MetaMarketingService _metaAds;
private readonly ILogger _logger;
public InternalController(MetaMarketingService metaAds, ILogger logger)
{
_metaAds = metaAds;
_logger = logger;
}
///
/// Health check - no auth required.
///
[HttpGet("health")]
public IActionResult Health()
{
_logger.LogDebug("[InternalController] Health check");
return Ok(new
{
ok = true,
service = "MetaApi",
timestamp = DateTimeOffset.UtcNow
});
}
///
/// Main execution endpoint - Gateway calls this.
/// Protected by InternalAuthFilter.
///
[ServiceFilter(typeof(InternalAuthFilter))]
[HttpPost("execute")]
public async Task Execute([FromBody] ProviderRequest request, CancellationToken ct)
{
_logger.LogInformation(
"[InternalController] Execute called | Operation={Operation} RequestId={RequestId}",
request?.Operation, request?.RequestId);
if (request == null)
{
return BadRequest(ProviderResponse.Fail(null, "VALIDATION", "Request body is required"));
}
if (string.IsNullOrWhiteSpace(request.Operation))
{
return BadRequest(ProviderResponse.Fail(request.RequestId, "VALIDATION", "Operation is required"));
}
var result = await _metaAds.ExecuteAsync(request, ct);
if (result.Ok)
{
return Ok(result);
}
else
{
var statusCode = result.Error?.Code switch
{
"VALIDATION" => 400,
"NOT_FOUND" => 404,
"UNAUTHORIZED" => 401,
"FORBIDDEN" => 403,
"RATE_LIMITED" => 429,
_ => 400
};
return StatusCode(statusCode, result);
}
}
}