feat(docusign): implement embedded signing flow with parallel signatures, geolocation tracking, and PDF certificate generation
This MR includes the full integration of DocuSign electronic signature into the report lifecycle, replacing the delegated email flow with an embedded signing approach where both parties sign directly (company from the BO interface, driver from the mobile app), with no dependency on DocuSign email delivery.
DocuSign Service (DocuSignServiceImpl)
- JWT-based authentication with DocuSign API
- Envelope creation with embedded signing for both company and driver signers
- Parallel signing: both signers are set at
routingOrder=1 -
getRecipientSigningUrl: generates an embedded signing URL for a given recipient -
ensureEmbeddedSigner: two-pass lookup to safely identify a recipient byclientUserIdfirst, then by email (avoids wrong-signer assignment) -
saveSignatureLocation: persists signer geolocation at time of signing
DocuSign Webhook (DocuSignWebhookServiceImpl)
- Handles
recipient-completedevents: updates report status toDRIVER_SIGNEDorCOMPANY_SIGNEDbased on the signer's role - Handles
envelope-completedevent: appends the signature certificate to the signed PDF, uploads the final document to S3, then sets status toCOMPLETED(race condition fix:COMPLETEDis only set after the final PDF is on S3)
Report Service (ReportServiceImpl)
- Report is saved to DB before envelope creation to ensure a valid ID is available as
clientUserId(fixesUNKNOWN_ENVELOPE_RECIPIENTerror) - Driver signing email sent immediately at envelope creation
-
getReportUrlreturns the final signed S3 key when available, falling back to the original key
Report Controller (ReportController)
- New endpoints:
GET /reports/{reportId}/company-signing-url,GET /reports/{reportId}/driver-signing-url - New endpoint:
POST /reports/{reportId}/signature-locationto save signer geolocation -
ReportResponseDtoextended with signature fields:signatureStatus,driverSigned,companySigned,driverSignerEmail,driverSignerName,companySigningUrl