@friggframework/core 2.0.0--canary.393.5a4db58.0 → 2.0.0--canary.395.d07514c.0

package/integrations/integration-router.js

@@ -3,22 +3,29 @@ const { get } = require('../assertions');
 const Boom = require('@hapi/boom');
 const catchAsyncError = require('express-async-handler');
 const { debug } = require('../logs');
+
+
+// todo: dont send moduleFactory, integrationFactory, and IntegrationHelper as a factory object, instead send them as separate
+// params and import IntegrationHelper where needed.
+// todo: this could be a use case class
+/**
+ * Creates an Express router with integration and entity routes configured
+ * @param {Object} params - Configuration parameters for the router
+ * @param {express.Router} [params.router] - Optional Express router instance, creates new one if not provided
+ * @param {Object} params.factory - Factory object containing moduleFactory, integrationFactory, and IntegrationHelper
+ * @param {Object} params.factory.moduleFactory - Factory for creating and managing API modules
+ * @param {Object} params.factory.integrationFactory - Factory for creating and managing integrations
+ * @param {Object} params.factory.IntegrationHelper - Helper utilities for integration operations
+ * @param {import('../user/use-cases/get-user-from-bearer-token').GetUserFromBearerToken} params.getUserFromBearerToken - Use case for retrieving a user from a bearer token
+ * @returns {express.Router} Configured Express router with integration and entity routes
+ */
 function createIntegrationRouter(params) {
     const router = get(params, 'router', express());
     const factory = get(params, 'factory');
-    const getUserId = get(params, 'getUserId', (req) => null);
-    const requireLoggedInUser = get(
-        params,
-        'requireLoggedInUser',
-        (req, res, next) => next()
-    );
-
-    router.all('/api/entities*', requireLoggedInUser);
-    router.all('/api/authorize', requireLoggedInUser);
-    router.all('/api/integrations*', requireLoggedInUser);
+    const getUserFromBearerToken = get(params, 'getUserFromBearerToken');
 
-    setIntegrationRoutes(router, factory, getUserId);
-    setEntityRoutes(router, factory, getUserId);
+    setIntegrationRoutes(router, factory, getUserFromBearerToken);
+    setEntityRoutes(router, factory, getUserFromBearerToken);
     return router;
 }
 
@@ -36,33 +43,42 @@ function checkRequiredParams(params, requiredKeys) {
 
     if (missingKeys.length > 0) {
         throw Boom.badRequest(
-            `Missing Parameter${
-                missingKeys.length === 1 ? '' : 's'
-            }: ${missingKeys.join(', ')} ${
-                missingKeys.length === 1 ? 'is' : 'are'
+            `Missing Parameter${missingKeys.length === 1 ? '' : 's'
+            }: ${missingKeys.join(', ')} ${missingKeys.length === 1 ? 'is' : 'are'
             } required.`
         );
     }
     return returnDict;
 }
 
-function setIntegrationRoutes(router, factory, getUserId) {
+/**
+ * Sets up integration-related routes on the provided Express router
+ * @param {express.Router} router - Express router instance to add routes to
+ * @param {Object} factory - Factory object containing moduleFactory, integrationFactory, and IntegrationHelper
+ * @param {Object} factory.moduleFactory - Factory for creating and managing API modules
+ * @param {Object} factory.integrationFactory - Factory for creating and managing integrations
+ * @param {Object} factory.IntegrationHelper - Helper utilities for integration operations
+ * @param {import('../user/use-cases/get-user-from-bearer-token').GetUserFromBearerToken} getUserFromBearerToken - Use case for retrieving a user from a bearer token
+ */
+function setIntegrationRoutes(router, factory, getUserFromBearerToken) {
     const { moduleFactory, integrationFactory, IntegrationHelper } = factory;
     router.route('/api/integrations').get(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const results = await integrationFactory.getIntegrationOptions();
             results.entities.authorized =
-                await moduleFactory.getEntitiesForUser(getUserId(req));
+                await moduleFactory.getEntitiesForUser(userId);
             results.integrations =
-                await IntegrationHelper.getIntegrationsForUserId(
-                    getUserId(req)
-                );
+                await IntegrationHelper.getIntegrationsForUserId(userId);
 
             for (const integrationRecord of results.integrations) {
                 const integration =
                     await integrationFactory.getInstanceFromIntegrationId({
                         integrationId: integrationRecord.id,
-                        userId: getUserId(req),
+                        userId,
                     });
                 integrationRecord.userActions = integration.userActions;
             }
@@ -72,6 +88,10 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations').post(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, [
                 'entities',
                 'config',
@@ -82,7 +102,7 @@ function setIntegrationRoutes(router, factory, getUserId) {
             // create integration
             const integration = await integrationFactory.createIntegration(
                 params.entities,
-                getUserId(req),
+                userId,
                 params.config
             );
 
@@ -102,12 +122,16 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId').patch(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, ['config']);
 
             const integration =
                 await integrationFactory.getInstanceFromIntegrationId({
                     integrationId: req.params.integrationId,
-                    userId: getUserId(req),
+                    userId,
                 });
 
             debug(
@@ -126,10 +150,14 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId').delete(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['integrationId']);
             const integration =
                 await integrationFactory.getInstanceFromIntegrationId({
-                    userId: getUserId(req),
+                    userId,
                     integrationId: params.integrationId,
                 });
 
@@ -138,7 +166,7 @@ function setIntegrationRoutes(router, factory, getUserId) {
             );
             await integration.send('ON_DELETE');
             await IntegrationHelper.deleteIntegrationForUserById(
-                getUserId(req),
+                userId,
                 params.integrationId
             );
 
@@ -148,6 +176,9 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId/config/options').get(
         catchAsyncError(async (req, res) => {
+            await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
             const params = checkRequiredParams(req.params, ['integrationId']);
             const integration =
                 await integrationFactory.getInstanceFromIntegrationId(params);
@@ -159,6 +190,9 @@ function setIntegrationRoutes(router, factory, getUserId) {
         .route('/api/integrations/:integrationId/config/options/refresh')
         .post(
             catchAsyncError(async (req, res) => {
+                await getUserFromBearerToken.execute(
+                    req.headers.authorization
+                );
                 const params = checkRequiredParams(req.params, [
                     'integrationId',
                 ]);
@@ -174,6 +208,9 @@ function setIntegrationRoutes(router, factory, getUserId) {
         );
     router.route('/api/integrations/:integrationId/actions').all(
         catchAsyncError(async (req, res) => {
+            await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
             const params = checkRequiredParams(req.params, ['integrationId']);
             const integration =
                 await integrationFactory.getInstanceFromIntegrationId(params);
@@ -185,6 +222,9 @@ function setIntegrationRoutes(router, factory, getUserId) {
         .route('/api/integrations/:integrationId/actions/:actionId/options')
         .all(
             catchAsyncError(async (req, res) => {
+                await getUserFromBearerToken.execute(
+                    req.headers.authorization
+                );
                 const params = checkRequiredParams(req.params, [
                     'integrationId',
                     'actionId',
@@ -209,6 +249,9 @@ function setIntegrationRoutes(router, factory, getUserId) {
         )
         .post(
             catchAsyncError(async (req, res) => {
+                await getUserFromBearerToken.execute(
+                    req.headers.authorization
+                );
                 const params = checkRequiredParams(req.params, [
                     'integrationId',
                     'actionId',
@@ -229,6 +272,9 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId/actions/:actionId').post(
         catchAsyncError(async (req, res) => {
+            await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
             const params = checkRequiredParams(req.params, [
                 'integrationId',
                 'actionId',
@@ -242,6 +288,9 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId').get(
         catchAsyncError(async (req, res) => {
+            await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
             const params = checkRequiredParams(req.params, ['integrationId']);
             const integration = await IntegrationHelper.getIntegrationById(
                 params.integrationId
@@ -259,10 +308,14 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId/test-auth').get(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['integrationId']);
             const instance =
                 await integrationFactory.getInstanceFromIntegrationId({
-                    userId: getUserId(req),
+                    userId,
                     integrationId: params.integrationId,
                 });
 
@@ -286,9 +339,16 @@ function setIntegrationRoutes(router, factory, getUserId) {
     );
 }
 
-function setEntityRoutes(router, factory, getUserId) {
+
+/**
+ * Sets up entity-related routes for the integration router
+ * @param {Object} router - Express router instance
+ * @param {Object} factory - Factory object containing moduleFactory and IntegrationHelper
+ * @param {import('../user/use-cases/get-user-from-bearer-token').GetUserFromBearerToken} getUserFromBearerToken - Use case for retrieving a user from a bearer token
+ */
+function setEntityRoutes(router, factory, getUserFromBearerToken) {
     const { moduleFactory, IntegrationHelper } = factory;
-    const getModuleInstance = async (req, entityType) => {
+    const getModuleInstance = async (userId, entityType) => {
         if (!moduleFactory.checkIsValidType(entityType)) {
             throw Boom.badRequest(
                 `Error: Invalid entity type of ${entityType}, options are ${moduleFactory.moduleTypes.join(
@@ -298,14 +358,18 @@ function setEntityRoutes(router, factory, getUserId) {
         }
         return await moduleFactory.getInstanceFromTypeName(
             entityType,
-            getUserId(req)
+            userId
         );
     };
 
     router.route('/api/authorize').get(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.query, ['entityType']);
-            const module = await getModuleInstance(req, params.entityType);
+            const module = await getModuleInstance(userId, params.entityType);
             const areRequirementsValid =
                 module.validateAuthorizationRequirements();
             if (!areRequirementsValid) {
@@ -320,15 +384,19 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/authorize').post(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, [
                 'entityType',
                 'data',
             ]);
-            const module = await getModuleInstance(req, params.entityType);
+            const module = await getModuleInstance(userId, params.entityType);
 
             res.json(
                 await module.processAuthorizationCallback({
-                    userId: getUserId(req),
+                    userId,
                     data: params.data,
                 })
             );
@@ -337,6 +405,10 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entity').post(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, [
                 'entityType',
                 'data',
@@ -352,12 +424,12 @@ function setEntityRoutes(router, factory, getUserId) {
                 throw Boom.badRequest('Invalid credential ID');
             }
 
-            const module = await getModuleInstance(req, params.entityType);
+            const module = await getModuleInstance(userId, params.entityType);
             const entityDetails = await module.getEntityDetails(
                 module.api,
                 null,
                 null,
-                getUserId(req)
+                userId
             );
 
             res.json(await module.findOrCreateEntity(entityDetails));
@@ -366,17 +438,21 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entity/options/:credentialId').get(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             // TODO May want to pass along the user ID as well so credential ID's can't be fished???
             // TODO **flagging this for review** -MW
             const credential = await IntegrationHelper.getCredentialById(
                 req.params.credentialId
             );
-            if (credential.user._id.toString() !== getUserId(req)) {
+            if (credential.user._id.toString() !== userId) {
                 throw Boom.forbidden('Credential does not belong to user');
             }
 
             const params = checkRequiredParams(req.query, ['entityType']);
-            const module = await getModuleInstance(req, params.entityType);
+            const module = await getModuleInstance(userId, params.entityType);
 
             res.json(await module.getEntityOptions());
         })
@@ -384,10 +460,14 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entities/:entityId/test-auth').get(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['entityId']);
             const module = await moduleFactory.getModuleInstanceFromEntityId(
                 params.entityId,
-                getUserId(req)
+                userId
             );
 
             if (!module) {
@@ -415,10 +495,14 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entities/:entityId').get(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['entityId']);
             const module = await moduleFactory.getModuleInstanceFromEntityId(
                 params.entityId,
-                getUserId(req)
+                userId
             );
 
             if (!module) {
@@ -431,13 +515,16 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entities/:entityId/options').post(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.params, [
                 'entityId',
-                getUserId(req),
             ]);
             const module = await moduleFactory.getModuleInstanceFromEntityId(
                 params.entityId,
-                getUserId(req)
+                userId
             );
 
             if (!module) {
@@ -450,13 +537,16 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entities/:entityId/options/refresh').post(
         catchAsyncError(async (req, res) => {
+            const user = await getUserFromBearerToken.execute(
+                req.headers.authorization
+            );
+            const userId = user.getId();
             const params = checkRequiredParams(req.params, [
                 'entityId',
-                getUserId(req),
             ]);
             const module = await moduleFactory.getModuleInstanceFromEntityId(
                 params.entityId,
-                getUserId(req)
+                userId
             );
 
             if (!module) {

package/module-plugin/auther.js

@@ -56,7 +56,7 @@ class Auther extends Delegate {
         } else {
             if (
                 definition.API.requesterType ===
-                    ModuleConstants.authType.oauth2 &&
+                ModuleConstants.authType.oauth2 &&
                 !definition.requiredAuthMethods.getToken
             ) {
                 throw new Error(
@@ -241,6 +241,7 @@ class Auther extends Delegate {
         //     type: one of the types defined in modules/Constants.js
         //     data: ["required", "fields", "we", "may", "need"]
         // }
+        console.log(this.api);
         return this.api.getAuthorizationRequirements();
     }
 
@@ -326,7 +327,7 @@ class Auther extends Delegate {
         if (search.length > 1) {
             throw new Error(
                 'Multiple entities found with the same identifiers: ' +
-                    JSON.stringify(identifiers)
+                JSON.stringify(identifiers)
             );
         } else if (search.length === 0) {
             this.entity = await this.EntityModel.create({

package/module-plugin/test/mock-api/api.js

@@ -1,5 +1,5 @@
-const { get } = require('../../assertions');
-const { OAuth2Requester } = require('../../module-plugin');
+const { get } = require('../../../assertions');
+const { OAuth2Requester } = require('../..');
 
 class Api extends OAuth2Requester {
     constructor(params) {
@@ -23,7 +23,12 @@ class Api extends OAuth2Requester {
         return this.authorizationUri;
     }
 
-
+    getAuthorizationRequirements() {
+        return {
+            url: this.getAuthUri(),
+            type: 'oauth2',
+        };
+    }
 }
 
 module.exports = { Api };

package/module-plugin/test/mock-api/definition.js

@@ -1,19 +1,23 @@
 require('dotenv').config();
-const {Api} = require('./api');
-const {get} = require('../../assertions');
-const config = {name: 'anapi'}
+const { Api } = require('./api');
+const { get } = require('../../../assertions');
+const config = { name: 'anapi' }
 
 const Definition = {
     API: Api,
-    getName: function() {return config.name},
+    getAuthorizationRequirements: () => ({
+        url: 'http://localhost:3000/redirect/anapi',
+        type: 'oauth2',
+    }),
+    getName: function () { return config.name },
     moduleName: config.name,
     modelName: 'AnApi',
     requiredAuthMethods: {
-        getToken: async function(api, params){
+        getToken: async function (api, params) {
             const code = get(params.data, 'code');
             return api.getTokenFromCode(code);
         },
-        getEntityDetails: async function(api, callbackParams, tokenResponse, userId) {
+        getEntityDetails: async function (api, callbackParams, tokenResponse, userId) {
             const userDetails = await api.getUserDetails();
             return {
                 identifiers: { externalId: userDetails.portalId, user: userId },
@@ -26,14 +30,14 @@ const Definition = {
             ],
             entity: [],
         },
-        getCredentialDetails: async function(api, userId) {
+        getCredentialDetails: async function (api, userId) {
             const userDetails = await api.getUserDetails();
             return {
                 identifiers: { externalId: userDetails.portalId, user: userId },
                 details: {}
             };
         },
-        testAuthRequest: async function(api){
+        testAuthRequest: async function (api) {
             return api.getUserDetails()
         },
     },

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@friggframework/core",
   "prettier": "@friggframework/prettier-config",
-  "version": "2.0.0--canary.393.5a4db58.0",
+  "version": "2.0.0--canary.395.d07514c.0",
   "dependencies": {
     "@hapi/boom": "^10.0.1",
     "aws-sdk": "^2.1200.0",
@@ -22,9 +22,9 @@
     "uuid": "^9.0.1"
   },
   "devDependencies": {
-    "@friggframework/eslint-config": "2.0.0--canary.393.5a4db58.0",
-    "@friggframework/prettier-config": "2.0.0--canary.393.5a4db58.0",
-    "@friggframework/test": "2.0.0--canary.393.5a4db58.0",
+    "@friggframework/eslint-config": "2.0.0--canary.395.d07514c.0",
+    "@friggframework/prettier-config": "2.0.0--canary.395.d07514c.0",
+    "@friggframework/test": "2.0.0--canary.395.d07514c.0",
     "@types/lodash": "4.17.15",
     "@typescript-eslint/eslint-plugin": "^8.0.0",
     "chai": "^4.3.6",
@@ -53,5 +53,5 @@
   },
   "homepage": "https://github.com/friggframework/frigg#readme",
   "description": "",
-  "gitHead": "5a4db5802fd0ba3ae88a79981d1a9ba7fb2070d1"
+  "gitHead": "d07514cc9f891cbe6a53bea70322bf4c613b3058"
 }

package/user/tests/doubles/test-user-repository.js

@@ -0,0 +1,115 @@
+const Boom = require('@hapi/boom');
+const { User } = require('../../user');
+
+class TestUserRepository {
+    constructor({ userConfig }) {
+        this.individualUsers = new Map();
+        this.organizationUsers = new Map();
+        this.tokens = new Map();
+        this.userConfig = userConfig;
+    }
+
+    async getSessionToken(token) {
+        return this.tokens.get(token);
+    }
+
+    async findOrganizationUserById(userId) {
+        const orgUserDoc = this.organizationUsers.get(userId);
+        if (!orgUserDoc) {
+            throw Boom.unauthorized('Organization User Not Found');
+        }
+        return new User(null, orgUserDoc, this.userConfig.usePassword, this.userConfig.primary, this.userConfig.individualUserRequired, this.userConfig.organizationUserRequired);
+    }
+
+    async findIndividualUserById(userId) {
+        const individualUserDoc = this.individualUsers.get(userId);
+        if (!individualUserDoc) {
+            throw Boom.unauthorized('Individual User Not Found');
+        }
+        return new User(individualUserDoc, null, this.userConfig.usePassword, this.userConfig.primary, this.userConfig.individualUserRequired, this.userConfig.organizationUserRequired);
+    }
+
+    async createToken(userId, rawToken, minutes = 120) {
+        const token = `token-for-${userId}-for-${minutes}-mins`;
+        this.tokens.set(token, { user: userId, rawToken });
+        return token;
+    }
+
+    async createIndividualUser(params) {
+        const individualUserData = { id: `individual-${Date.now()}`, ...params };
+        this.individualUsers.set(individualUserData.id, individualUserData);
+        return new User(
+            individualUserData,
+            null,
+            this.userConfig.usePassword,
+            this.userConfig.primary,
+            this.userConfig.individualUserRequired,
+            this.userConfig.organizationUserRequired
+        );
+    }
+
+    async createOrganizationUser(params) {
+        const orgUserData = { ...params, id: `org-${Date.now()}` };
+        this.organizationUsers.set(orgUserData.id, orgUserData);
+        return new User(
+            null,
+            orgUserData,
+            this.userConfig.usePassword,
+            this.userConfig.primary,
+            this.userConfig.individualUserRequired,
+            this.userConfig.organizationUserRequired
+        );
+    }
+
+    async findIndividualUserByUsername(username) {
+        for (const userDoc of this.individualUsers.values()) {
+            if (userDoc.username === username) {
+                return new User(
+                    userDoc,
+                    null,
+                    this.userConfig.usePassword,
+                    this.userConfig.primary,
+                    this.userConfig.individualUserRequired,
+                    this.userConfig.organizationUserRequired
+                );
+            }
+        }
+        throw Boom.unauthorized('user not found');
+    }
+
+    async findIndividualUserByAppUserId(appUserId) {
+        if (!appUserId) throw Boom.unauthorized('user not found');
+        for (const userDoc of this.individualUsers.values()) {
+            if (userDoc.appUserId === appUserId) {
+                return new User(
+                    userDoc,
+                    null,
+                    this.userConfig.usePassword,
+                    this.userConfig.primary,
+                    this.userConfig.individualUserRequired,
+                    this.userConfig.organizationUserRequired
+                );
+            }
+        }
+        throw Boom.unauthorized('user not found');
+    }
+
+    async findOrganizationUserByAppOrgId(appOrgId) {
+        if (!appOrgId) throw Boom.unauthorized('user not found');
+        for (const userDoc of this.organizationUsers.values()) {
+            if (userDoc.appOrgId === appOrgId) {
+                return new User(
+                    null,
+                    userDoc,
+                    this.userConfig.usePassword,
+                    this.userConfig.primary,
+                    this.userConfig.individualUserRequired,
+                    this.userConfig.organizationUserRequired
+                );
+            }
+        }
+        throw Boom.unauthorized('user not found');
+    }
+}
+
+module.exports = { TestUserRepository };