@labdigital/commercetools-mock 2.10.0 → 2.12.0

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@labdigital/commercetools-mock",
   "author": "Michael van Tellingen",
-  "version": "2.10.0",
+  "version": "2.12.0",
   "license": "MIT",
   "main": "dist/index.cjs",
   "module": "dist/index.js",

package/src/exceptions.ts

@@ -21,3 +21,10 @@ export interface InvalidRequestError {
 	readonly code: 'invalid_request'
 	readonly message: string
 }
+
+export interface AuthError {
+	readonly statusCode: number
+	readonly message: string
+	readonly error: string
+	readonly error_description: string
+}

package/src/oauth/server.test.ts

@@ -0,0 +1,89 @@
+import { describe, it, expect, beforeEach } from 'vitest'
+import express from 'express'
+import supertest from 'supertest'
+import { OAuth2Server } from './server'
+
+describe('OAuth2Server', () => {
+	let app: express.Express
+	let server: OAuth2Server
+
+	beforeEach(() => {
+		server = new OAuth2Server({ enabled: true, validate: false })
+		app = express()
+		app.use(server.createRouter())
+	})
+
+	describe('POST /token', () => {
+		it('should return a token for valid client credentials', async () => {
+			const response = await supertest(app)
+				.post('/token')
+				.auth('validClientId', 'validClientSecret')
+				.query({ grant_type: 'client_credentials' })
+				.send()
+
+			const body = await response.body
+
+			expect(response.status, JSON.stringify(body)).toBe(200)
+			expect(body).toHaveProperty('access_token')
+		})
+
+		it('should failed on invalid refresh token', async () => {
+			const response = await supertest(app)
+				.post('/token')
+				.auth('validClientId', 'validClientSecret')
+				.query({ grant_type: 'refresh_token', refresh_token: 'invalid' })
+				.send()
+
+			const body = await response.body
+
+			expect(response.status, JSON.stringify(body)).toBe(400)
+		})
+
+		it('should refresh a token', async () => {
+			const createResponse = await supertest(app)
+				.post(`/my-project/anonymous/token`)
+				.auth('validClientId', 'validClientSecret')
+				.query({ grant_type: 'client_credentials' })
+				.send()
+
+			const refreshToken = createResponse.body.refresh_token
+
+			const response = await supertest(app)
+				.post('/token')
+				.auth('validClientId', 'validClientSecret')
+				.query({ grant_type: 'refresh_token', refresh_token: refreshToken })
+				.send()
+
+			const body = await response.body
+
+			expect(response.status, JSON.stringify(body)).toBe(200)
+			expect(body.access_token).not.toBe(createResponse.body.access_token)
+			expect(body.refresh_token).toBeUndefined()
+		})
+	})
+
+	describe('POST /:projectKey/anonymous/token', () => {
+		it('should return a token for anonymous access', async () => {
+			const projectKey = 'test-project'
+
+			const response = await supertest(app)
+				.post(`/${projectKey}/anonymous/token`)
+				.auth('validClientId', 'validClientSecret')
+				.query({ grant_type: 'client_credentials' })
+				.send()
+
+			expect(response.status).toBe(200)
+			expect(response.body).toHaveProperty('access_token')
+
+			const matches = response.body.scope?.match(
+				/(customer_id|anonymous_id):([^\s]+)/
+			)
+			if (matches) {
+				expect(matches[1]).toBe('anonymous_id')
+				expect(matches[2]).toBeDefined()
+			} else {
+				expect(response.body.scope).toBe('')
+			}
+		})
+	})
+})

package/src/oauth/server.ts

@@ -6,7 +6,11 @@ import express, {
 	type Response,
 } from 'express'
 import { InvalidTokenError } from '@commercetools/platform-sdk'
-import { CommercetoolsError, InvalidRequestError } from '../exceptions.js'
+import {
+	AuthError,
+	CommercetoolsError,
+	InvalidRequestError,
+} from '../exceptions.js'
 import { InvalidClientError, UnsupportedGrantType } from './errors.js'
 import { OAuth2Store } from './store.js'
 import { getBearerToken } from './helpers.js'
@@ -160,11 +164,37 @@ export class OAuth2Server {
 			)
 			return response.status(200).send(token)
 		} else if (grantType === 'refresh_token') {
-			const token = this.store.getClientToken(
+			const refreshToken = request.query.refresh_token?.toString()
+			if (!refreshToken) {
+				return next(
+					new CommercetoolsError<InvalidRequestError>(
+						{
+							code: 'invalid_request',
+							message: 'Missing required parameter: refresh_token.',
+						},
+						400
+					)
+				)
+			}
+			const token = this.store.refreshToken(
 				request.credentials.clientId,
 				request.credentials.clientSecret,
-				request.query.scope?.toString()
+				refreshToken
 			)
+			if (!token) {
+				return next(
+					new CommercetoolsError<AuthError>(
+						{
+							statusCode: 400,
+							message: 'The refresh token was not found. It may have expired.',
+							error: 'invalid_grant',
+							error_description:
+								'The refresh token was not found. It may have expired.',
+						},
+						400
+					)
+				)
+			}
 			return response.status(200).send(token)
 		} else {
 			return next(
@@ -250,14 +280,27 @@ export class OAuth2Server {
 		response: Response,
 		next: NextFunction
 	) {
-		return next(
-			new CommercetoolsError<InvalidClientError>(
-				{
-					code: 'invalid_client',
-					message: 'Not implemented yet in commercetools-mock',
-				},
-				401
+		const grantType = request.query.grant_type || request.body.grant_type
+		if (!grantType) {
+			return next(
+				new CommercetoolsError<InvalidRequestError>(
+					{
+						code: 'invalid_request',
+						message: 'Missing required parameter: grant_type.',
+					},
+					400
+				)
 			)
-		)
+		}
+
+		if (grantType === 'client_credentials') {
+			const scope =
+				request.query.scope?.toString() || request.body.scope?.toString()
+
+			const anonymous_id = undefined
+
+			const token = this.store.getAnonymousToken(scope, anonymous_id)
+			return response.status(200).send(token)
+		}
 	}
 }

package/src/oauth/store.ts

@@ -1,10 +1,12 @@
 import { randomBytes } from 'crypto'
+import { v4 as uuidv4 } from 'uuid'
 
 type Token = {
 	access_token: string
 	token_type: 'Bearer'
 	expires_in: number
 	scope: string
+	refresh_token?: string
 }
 
 export class OAuth2Store {
@@ -21,6 +23,24 @@ export class OAuth2Store {
 			token_type: 'Bearer',
 			expires_in: 172800,
 			scope: scope || 'todo',
+			refresh_token: `my-project-${randomBytes(16).toString('base64')}`,
+		}
+		this.tokens.push(token)
+		return token
+	}
+
+	getAnonymousToken(scope: string, anonymousId: string | undefined) {
+		if (!anonymousId) {
+			anonymousId = uuidv4()
+		}
+		const token: Token = {
+			access_token: randomBytes(16).toString('base64'),
+			token_type: 'Bearer',
+			expires_in: 172800,
+			scope: scope
+				? `${scope} anonymous_id:${anonymousId}`
+				: `anonymous_id:${anonymousId}`,
+			refresh_token: `my-project-${randomBytes(16).toString('base64')}`,
 		}
 		this.tokens.push(token)
 		return token
@@ -32,13 +52,34 @@ export class OAuth2Store {
 			token_type: 'Bearer',
 			expires_in: 172800,
 			scope: scope
-				? `${scope} custome_id:${customerId}`
-				: `customer_id: ${customerId}`,
+				? `${scope} customer_id:${customerId}`
+				: `customer_id:${customerId}`,
+			refresh_token: `my-project-${randomBytes(16).toString('base64')}`,
 		}
 		this.tokens.push(token)
 		return token
 	}
 
+	refreshToken(clientId: string, clientSecret: string, refreshToken: string) {
+		const existing = this.tokens.find((t) => t.refresh_token === refreshToken)
+		if (!existing) {
+			return undefined
+		}
+		const token: Token = {
+			...existing,
+			access_token: randomBytes(16).toString('base64'),
+		}
+		this.tokens.push(token)
+
+		// We don't want to return the refresh_token again
+		return {
+			access_token: token.access_token,
+			token_type: token.token_type,
+			expires_in: token.expires_in,
+			scope: token.scope,
+		}
+	}
+
 	validateToken(token: string) {
 		if (!this.validate) return true