@app-connect/core 1.7.21 → 1.7.23

package/test/handlers/auth.test.js

@@ -22,6 +22,8 @@ const oauth = require('../../lib/oauth');
 const { Connector } = require('../../models/dynamo/connectorSchema');
 const { RingCentral } = require('../../lib/ringcentral');
 const adminCore = require('../../handlers/admin');
+const { AccountDataModel } = require('../../models/accountDataModel');
+const { encode } = require('../../lib/encode');
 
 describe('Auth Handler', () => {
   const originalEnv = process.env;
@@ -31,6 +33,7 @@ describe('Auth Handler', () => {
     jest.clearAllMocks();
     global.testUtils.resetConnectorRegistry();
     process.env = { ...originalEnv };
+    process.env.APP_SERVER_SECRET_KEY = 'test-app-server-secret-key-123456';
   });
 
   afterEach(() => {
@@ -38,6 +41,10 @@ describe('Auth Handler', () => {
   });
 
   describe('onApiKeyLogin', () => {
+    afterEach(async () => {
+      await AccountDataModel.destroy({ where: {} });
+    });
+
     test('should handle successful API key login', async () => {
       // Arrange
       const mockUserInfo = {
@@ -60,7 +67,7 @@ describe('Auth Handler', () => {
         getBasicAuth: jest.fn().mockReturnValue('dGVzdC1hcGkta2V5Og=='),
         getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
       });
-      
+
       connectorRegistry.getConnector.mockReturnValue(mockConnector);
 
       const requestData = {
@@ -82,7 +89,7 @@ describe('Auth Handler', () => {
       expect(mockConnector.getUserInfo).toHaveBeenCalledWith({
         authHeader: 'Basic dGVzdC1hcGkta2V5Og==',
         hostname: 'test.example.com',
-        additionalInfo: {},
+        additionalInfo: { apiKey: 'test-api-key' },
         apiKey: 'test-api-key',
         platform: 'testCRM',
         proxyId: undefined
@@ -105,7 +112,7 @@ describe('Auth Handler', () => {
         getBasicAuth: jest.fn().mockReturnValue('dGVzdC1hcGkta2V5Og=='),
         getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
       });
-      
+
       connectorRegistry.getConnector.mockReturnValue(mockConnector);
 
       const requestData = {
@@ -123,6 +130,394 @@ describe('Auth Handler', () => {
       expect(result.returnMessage).toEqual(mockUserInfo.returnMessage);
     });
 
+    test('should mark managed auth auto-login failure so the next attempt can fall back to manual auth', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'apiKey', required: true, managed: true, managedScope: 'user' }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-fail',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-org',
+        data: {
+          fields: {
+            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('tenant-1')) }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-fail',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-user:101',
+        data: {
+          rcExtensionId: '101',
+          rcUserName: 'Agent 101',
+          fields: {
+            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('bad-stored-key')) }
+          }
+        }
+      });
+
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded-bad-key'),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: false,
+          platformUserInfo: null,
+          returnMessage: {
+            messageType: 'error',
+            message: 'Invalid API key',
+            ttl: 3000
+          }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-fail',
+        rcExtensionId: '101',
+        additionalInfo: {}
+      });
+
+      expect(result.userInfo).toBeNull();
+      const failureRecord = await AccountDataModel.findOne({
+        where: {
+          rcAccountId: 'rc-account-fail',
+          platformName: 'testCRM',
+          dataKey: 'managed-auth-login-failure:101'
+        }
+      });
+      expect(failureRecord).not.toBeNull();
+    });
+
+    test('should merge stored org managed auth values into additionalInfo', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'apiKey', required: true, managed: true, managedScope: 'account' },
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-1',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-org',
+        data: {
+          fields: {
+            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-api-key')) },
+            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('tenant-1')) }
+          }
+        }
+      });
+
+      const mockUserInfo = {
+        successful: true,
+        platformUserInfo: {
+          id: 'test-user-id',
+          name: 'Test User',
+          platformAdditionalInfo: {}
+        },
+        returnMessage: { messageType: 'success', message: 'ok' }
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded-shared'),
+        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+
+      await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-1',
+        additionalInfo: { userToken: 'user-token-1' }
+      });
+
+      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'stored-api-key' });
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: expect.objectContaining({
+          apiKey: 'stored-api-key',
+          tenantId: 'tenant-1',
+          userToken: 'user-token-1'
+        })
+      }));
+    });
+
+    test('should allow submitted shared fields to satisfy missing required managed auth values', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'companyId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn(),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: true,
+          platformUserInfo: {
+            id: 'test-user-id',
+            name: 'Test User',
+            platformAdditionalInfo: {}
+          },
+          returnMessage: { messageType: 'success', message: 'ok' }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-2',
+        additionalInfo: {
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        }
+      });
+
+      expect(result.userInfo).not.toBeNull();
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: expect.objectContaining({
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        })
+      }));
+    });
+
+    test('should not persist submitted managed auth values from end users', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'companyId', required: false, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+
+      const mockUserInfo = {
+        successful: true,
+        platformUserInfo: {
+          id: 'test-user-id',
+          name: 'Test User',
+          platformAdditionalInfo: {}
+        },
+        returnMessage: { messageType: 'success', message: 'ok' }
+      };
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded'),
+        getUserInfo: jest.fn().mockResolvedValue(mockUserInfo)
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+
+      await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-2',
+        additionalInfo: {
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        }
+      });
+
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: expect.objectContaining({
+          companyId: 'company-123',
+          userToken: 'user-token-1'
+        })
+      }));
+
+      const stored = await AccountDataModel.findOne({
+        where: {
+          rcAccountId: 'rc-account-2',
+          platformName: 'testCRM',
+          dataKey: 'managed-auth-org'
+        }
+      });
+      expect(stored).toBeNull();
+    });
+
+    test('should allow manual fallback values to override stored managed credentials and clear failure state after success', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'apiKey', required: true, managed: true, managedScope: 'user' },
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-recover',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-org',
+        data: {
+          fields: {
+            tenantId: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-tenant')) }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-recover',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-user:202',
+        data: {
+          rcExtensionId: '202',
+          rcUserName: 'Agent 202',
+          fields: {
+            apiKey: { version: 1, encrypted: true, value: encode(JSON.stringify('stored-bad-key')) }
+          }
+        }
+      });
+      await AccountDataModel.create({
+        rcAccountId: 'rc-account-recover',
+        platformName: 'testCRM',
+        dataKey: 'managed-auth-login-failure:202',
+        data: {
+          failedAt: '2026-04-07T00:00:00.000Z'
+        }
+      });
+
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn().mockReturnValue('encoded-manual-key'),
+        getUserInfo: jest.fn().mockResolvedValue({
+          successful: true,
+          platformUserInfo: {
+            id: 'test-user-id',
+            name: 'Recovered User',
+            platformAdditionalInfo: {}
+          },
+          returnMessage: { messageType: 'success', message: 'ok' }
+        })
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-recover',
+        rcExtensionId: '202',
+        additionalInfo: {
+          apiKey: 'manual-good-key',
+          tenantId: 'manual-tenant'
+        }
+      });
+
+      expect(result.userInfo).not.toBeNull();
+      expect(mockConnector.getBasicAuth).toHaveBeenCalledWith({ apiKey: 'manual-good-key' });
+      expect(mockConnector.getUserInfo).toHaveBeenCalledWith(expect.objectContaining({
+        additionalInfo: {
+          apiKey: 'manual-good-key',
+          tenantId: 'manual-tenant'
+        }
+      }));
+
+      const failureRecord = await AccountDataModel.findOne({
+        where: {
+          rcAccountId: 'rc-account-recover',
+          platformName: 'testCRM',
+          dataKey: 'managed-auth-login-failure:202'
+        }
+      });
+      expect(failureRecord).toBeNull();
+    });
+
+    test('should return warning when required auth fields are missing', async () => {
+      connectorRegistry.getManifest.mockReturnValue({
+        platforms: {
+          testCRM: {
+            auth: {
+              type: 'apiKey',
+              apiKey: {
+                page: {
+                  content: [
+                    { const: 'tenantId', required: true, managed: true, managedScope: 'account' },
+                    { const: 'userToken', required: true }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      });
+
+      const mockConnector = global.testUtils.createMockConnector({
+        getBasicAuth: jest.fn(),
+        getUserInfo: jest.fn()
+      });
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+
+      const result = await authHandler.onApiKeyLogin({
+        platform: 'testCRM',
+        hostname: 'test.example.com',
+        rcAccountId: 'rc-account-4',
+        additionalInfo: {}
+      });
+
+      expect(result.userInfo).toBeNull();
+      expect(result.returnMessage).toEqual({
+        messageType: 'warning',
+        message: 'Missing required authentication fields.',
+        ttl: 3000,
+        missingRequiredFieldConsts: ['tenantId', 'userToken']
+      });
+      expect(mockConnector.getBasicAuth).not.toHaveBeenCalled();
+      expect(mockConnector.getUserInfo).not.toHaveBeenCalled();
+    });
+
     test('should throw error when connector not found', async () => {
       // Arrange
       connectorRegistry.getConnector.mockImplementation(() => {
@@ -160,7 +555,7 @@ describe('Auth Handler', () => {
         getOauthInfo: jest.fn().mockResolvedValue({}),
         authValidation: jest.fn().mockResolvedValue(mockValidationResponse)
       });
-      
+
       connectorRegistry.getConnector.mockReturnValue(mockConnector);
 
       // Mock UserModel.findOne to return a user
@@ -229,7 +624,7 @@ describe('Auth Handler', () => {
         getOauthInfo: jest.fn().mockResolvedValue({}),
         authValidation: jest.fn().mockResolvedValue(mockValidationResponse)
       });
-      
+
       connectorRegistry.getConnector.mockReturnValue(mockConnector);
 
       // Mock UserModel.findOne to return a user
@@ -616,4 +1011,5 @@ describe('Auth Handler', () => {
       expect(RingCentral).not.toHaveBeenCalled();
     });
   });
-}); 
+});
+

package/test/handlers/log.test.js

@@ -24,6 +24,7 @@ jest.mock('../../models/dynamo/connectorSchema', () => ({
     getProxyConfig: jest.fn()
   }
 }));
+jest.mock('axios');
 
 const logHandler = require('../../handlers/log');
 const { CallLogModel } = require('../../models/callLogModel');
@@ -34,6 +35,7 @@ const connectorRegistry = require('../../connector/registry');
 const oauth = require('../../lib/oauth');
 const { composeCallLog } = require('../../lib/callLogComposer');
 const { NoteCache } = require('../../models/dynamo/noteCacheSchema');
+const axios = require('axios');
 const { sequelize } = require('../../models/sequelize');
 
 describe('Log Handler', () => {
@@ -61,6 +63,7 @@ describe('Log Handler', () => {
       id: 'test-user-id',
       platform: 'testCRM',
       accessToken: 'test-access-token',
+      rcAccountId: '12345',
       platformAdditionalInfo: {}
     };
 
@@ -217,6 +220,63 @@ describe('Log Handler', () => {
       expect(savedLog.thirdPartyLogId).toBe('new-log-123');
     });
 
+    test('should call plugin with Bearer auth and without query jwt token', async () => {
+      await UserModel.create(mockUser);
+      await AccountDataModel.create({
+        rcAccountId: mockUser.rcAccountId,
+        platformName: 'testPlugin',
+        dataKey: 'pluginData',
+        data: {
+          name: 'plugin.sample',
+          supportedLogTypes: ['call'],
+          isAsync: false,
+          endpointUrl: 'https://plugins.example.com/plugin/testPlugin',
+          jwtToken: 'plugin-jwt-token'
+        }
+      });
+
+      const mockConnector = {
+        getAuthType: jest.fn().mockResolvedValue('apiKey'),
+        getBasicAuth: jest.fn().mockReturnValue('base64-encoded'),
+        getLogFormatType: jest.fn().mockReturnValue('text/plain'),
+        createCallLog: jest.fn().mockResolvedValue({
+          logId: 'new-log-123',
+          returnMessage: { message: 'Call logged', messageType: 'success', ttl: 2000 }
+        })
+      };
+      connectorRegistry.getConnector.mockReturnValue(mockConnector);
+      composeCallLog.mockReturnValue('Composed log details');
+
+      axios.post.mockResolvedValue({
+        data: {
+          ...mockIncomingData,
+          note: 'updated by plugin'
+        },
+        headers: {
+          'x-refreshed-jwt-token': 'refreshed-plugin-jwt'
+        }
+      });
+
+      const result = await logHandler.createCallLog({
+        platform: 'testCRM',
+        userId: 'test-user-id',
+        incomingData: mockIncomingData,
+        hashedAccountId: 'hashed-123',
+        isFromSSCL: false
+      });
+
+      expect(result.successful).toBe(true);
+      expect(axios.post).toHaveBeenCalledWith(
+        'https://plugins.example.com/plugin/testPlugin',
+        { data: mockIncomingData, config: null },
+        {
+          headers: {
+            Authorization: 'Bearer plugin-jwt-token'
+          }
+        }
+      );
+    });
+
     test('should successfully create call log with oauth auth', async () => {
       // Arrange
       const oauthUser = { ...mockUser };