@labdigital/commercetools-mock 2.66.0 → 3.0.0-beta.0

package/src/oauth/server.ts

@@ -1,11 +1,6 @@
 import type { InvalidTokenError } from "@commercetools/platform-sdk";
 import auth from "basic-auth";
-import bodyParser from "body-parser";
-import express, {
-	type NextFunction,
-	type Request,
-	type Response,
-} from "express";
+import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
 import type { AuthError, InvalidRequestError } from "#src/exceptions.ts";
 import { CommercetoolsError } from "#src/exceptions.ts";
 import { hashPassword } from "../lib/password.ts";
@@ -14,12 +9,15 @@ import type { InvalidClientError, UnsupportedGrantType } from "./errors.ts";
 import { getBearerToken } from "./helpers.ts";
 import { OAuth2Store } from "./store.ts";
 
-type AuthRequest = Request & {
-	credentials?: {
-		clientId: string;
-		clientSecret: string;
-	};
-};
+declare module "fastify" {
+	interface FastifyRequest {
+		credentials?: {
+			clientId: string;
+			clientSecret: string;
+		};
+	}
+}
+
 export type Token = {
 	access_token: string;
 	token_type: "Bearer";
@@ -32,8 +30,10 @@ export class OAuth2Server {
 	store: OAuth2Store;
 
 	private customerRepository: CustomerRepository;
+	private options: { enabled: boolean; validate: boolean };
 
-	constructor(private options: { enabled: boolean; validate: boolean }) {
+	constructor(options: { enabled: boolean; validate: boolean }) {
+		this.options = options;
 		this.store = new OAuth2Store(options.validate);
 	}
 
@@ -41,97 +41,99 @@ export class OAuth2Server {
 		this.customerRepository = repository;
 	}
 
-	createRouter() {
-		const router = express.Router();
-		router.use(bodyParser.urlencoded({ extended: true }));
-		router.use(this.validateClientCredentials.bind(this));
-		router.post("/token", this.tokenHandler.bind(this));
-		router.post(
-			"/:projectKey/customers/token",
-			this.customerTokenHandler.bind(this),
-		);
-		router.post(
-			"/:projectKey/in-store/key=:storeKey/customers/token",
-			this.inStoreCustomerTokenHandler.bind(this),
-		);
-		router.post(
-			"/:projectKey/anonymous/token",
-			this.anonymousTokenHandler.bind(this),
-		);
-		return router;
+	createPlugin() {
+		return async (instance: FastifyInstance) => {
+			await instance.register(import("@fastify/formbody"));
+			instance.decorateRequest("credentials", undefined);
+			instance.addHook("preHandler", this.validateClientCredentials.bind(this));
+			instance.post("/token", this.tokenHandler.bind(this));
+			instance.post(
+				"/:projectKey/customers/token",
+				this.customerTokenHandler.bind(this),
+			);
+			instance.post(
+				"/:projectKey/in-store/key=:storeKey/customers/token",
+				this.inStoreCustomerTokenHandler.bind(this),
+			);
+			instance.post(
+				"/:projectKey/anonymous/token",
+				this.anonymousTokenHandler.bind(this),
+			);
+		};
 	}
 
 	createMiddleware() {
 		if (!this.options.validate) {
-			return async (
-				request: Request,
-				response: Response,
-				next: NextFunction,
-			) => {
-				next();
+			return async (request: FastifyRequest, reply: FastifyReply) => {
+				// When validation is disabled, still populate credentials
+				// so createdBy/lastModifiedBy can be set on resources
+				const token = getBearerToken(request);
+				const clientId = token
+					? this.store.getClientIdForToken(token)
+					: undefined;
+				request.credentials = {
+					clientId: clientId ?? "",
+					clientSecret: "",
+				};
 			};
 		}
 
-		return async (request: Request, response: Response, next: NextFunction) => {
+		return async (request: FastifyRequest, reply: FastifyReply) => {
 			const token = getBearerToken(request);
 			if (!token) {
-				return next(
-					new CommercetoolsError<InvalidTokenError>(
-						{
-							code: "invalid_token",
-							message:
-								"This endpoint requires an access token. You can get one from the authorization server.",
-						},
-						401,
-					),
+				throw new CommercetoolsError<InvalidTokenError>(
+					{
+						code: "invalid_token",
+						message:
+							"This endpoint requires an access token. You can get one from the authorization server.",
+					},
+					401,
 				);
 			}
 
 			if (!token || !this.store.validateToken(token)) {
-				return next(
-					new CommercetoolsError<InvalidTokenError>(
-						{
-							code: "invalid_token",
-							message: "invalid_token",
-						},
-						401,
-					),
+				throw new CommercetoolsError<InvalidTokenError>(
+					{
+						code: "invalid_token",
+						message: "invalid_token",
+					},
+					401,
 				);
 			}
 
-			return next();
+			// Populate credentials so createdBy/lastModifiedBy can be set
+			const clientId = this.store.getClientIdForToken(token);
+			request.credentials = {
+				clientId: clientId ?? "",
+				clientSecret: "",
+			};
 		};
 	}
 
 	async validateClientCredentials(
-		request: AuthRequest,
-		response: Response,
-		next: NextFunction,
+		request: FastifyRequest,
+		reply: FastifyReply,
 	) {
-		const authHeader = request.header("Authorization");
+		const authHeader = request.headers.authorization;
 		if (!authHeader) {
-			return next(
-				new CommercetoolsError<InvalidClientError>(
-					{
-						code: "invalid_client",
-						message:
-							"Please provide valid client credentials using HTTP Basic Authentication.",
-					},
-					401,
-				),
+			throw new CommercetoolsError<InvalidClientError>(
+				{
+					code: "invalid_client",
+					message:
+						"Please provide valid client credentials using HTTP Basic Authentication.",
+				},
+				401,
 			);
 		}
 		const credentials = auth.parse(authHeader);
 		if (!credentials) {
-			return next(
-				new CommercetoolsError<InvalidClientError>(
-					{
-						code: "invalid_client",
-						message:
-							"Please provide valid client credentials using HTTP Basic Authentication.",
-					},
-					400,
-				),
+			throw new CommercetoolsError<InvalidClientError>(
+				{
+					code: "invalid_client",
+					message:
+						"Please provide valid client credentials using HTTP Basic Authentication.",
+				},
+				400,
 			);
 		}
 
@@ -139,37 +141,35 @@ export class OAuth2Server {
 			clientId: credentials.name,
 			clientSecret: credentials.pass,
 		};
-
-		next();
 	}
 
 	async tokenHandler(
-		request: AuthRequest,
-		response: Response,
-		next: NextFunction,
+		request: FastifyRequest<{
+			Querystring: Record<string, any>;
+			Body: Record<string, any>;
+		}>,
+		reply: FastifyReply,
 	) {
 		if (!request.credentials) {
-			return next(
-				new CommercetoolsError<InvalidClientError>(
-					{
-						code: "invalid_client",
-						message: "Client credentials are missing.",
-					},
-					401,
-				),
+			throw new CommercetoolsError<InvalidClientError>(
+				{
+					code: "invalid_client",
+					message: "Client credentials are missing.",
+				},
+				401,
 			);
 		}
 
-		const grantType = request.query.grant_type || request.body?.grant_type;
+		const query = request.query;
+		const body = request.body;
+		const grantType = query.grant_type || body?.grant_type;
 		if (!grantType) {
-			return next(
-				new CommercetoolsError<InvalidRequestError>(
-					{
-						code: "invalid_request",
-						message: "Missing required parameter: grant_type.",
-					},
-					400,
-				),
+			throw new CommercetoolsError<InvalidRequestError>(
+				{
+					code: "invalid_request",
+					message: "Missing required parameter: grant_type.",
+				},
+				400,
 			);
 		}
 
@@ -177,23 +177,20 @@ export class OAuth2Server {
 			const token = this.store.getClientToken(
 				request.credentials.clientId,
 				request.credentials.clientSecret,
-				request.query.scope?.toString(),
+				query.scope?.toString(),
 			);
-			response.status(200).send(token);
-			return;
+			return reply.status(200).send(token);
 		}
 		if (grantType === "refresh_token") {
 			const refreshToken =
-				request.query.refresh_token?.toString() || request.body?.refresh_token;
+				query.refresh_token?.toString() || body?.refresh_token;
 			if (!refreshToken) {
-				return next(
-					new CommercetoolsError<InvalidRequestError>(
-						{
-							code: "invalid_request",
-							message: "Missing required parameter: refresh_token.",
-						},
-						400,
-					),
+				throw new CommercetoolsError<InvalidRequestError>(
+					{
+						code: "invalid_request",
+						message: "Missing required parameter: refresh_token.",
+					},
+					400,
 				);
 			}
 			const token = this.store.refreshToken(
@@ -202,114 +199,114 @@ export class OAuth2Server {
 				refreshToken,
 			);
 			if (!token) {
-				return next(
-					new CommercetoolsError<AuthError>(
-						{
-							statusCode: 400,
-							message: "The refresh token was not found. It may have expired.",
-							error: "invalid_grant",
-							error_description:
-								"The refresh token was not found. It may have expired.",
-						},
-						400,
-					),
+				throw new CommercetoolsError<AuthError>(
+					{
+						statusCode: 400,
+						message: "The refresh token was not found. It may have expired.",
+						error: "invalid_grant",
+						error_description:
+							"The refresh token was not found. It may have expired.",
+					},
+					400,
 				);
 			}
-			response.status(200).send(token);
-			return;
+			return reply.status(200).send(token);
 		}
-		return next(
-			new CommercetoolsError<UnsupportedGrantType>(
-				{
-					code: "unsupported_grant_type",
-					message: `Invalid parameter: grant_type: Invalid grant type: ${grantType}`,
-				},
-				400,
-			),
+		throw new CommercetoolsError<UnsupportedGrantType>(
+			{
+				code: "unsupported_grant_type",
+				message: `Invalid parameter: grant_type: Invalid grant type: ${grantType}`,
+			},
+			400,
 		);
 	}
 
 	async customerTokenHandler(
-		request: AuthRequest,
-		response: Response,
-		next: NextFunction,
+		request: FastifyRequest<{
+			Params: Record<string, string>;
+			Querystring: Record<string, any>;
+			Body: Record<string, any>;
+		}>,
+		reply: FastifyReply,
 	) {
-		const projectKey = request.params.projectKey;
-		const grantType = request.query.grant_type || request.body?.grant_type;
+		const params = request.params;
+		const query = request.query;
+		const body = request.body;
+		const projectKey = params.projectKey;
+		const grantType = query.grant_type || body?.grant_type;
 		if (!grantType) {
-			return next(
-				new CommercetoolsError<InvalidRequestError>(
-					{
-						code: "invalid_request",
-						message: "Missing required parameter: grant_type.",
-					},
-					400,
-				),
+			throw new CommercetoolsError<InvalidRequestError>(
+				{
+					code: "invalid_request",
+					message: "Missing required parameter: grant_type.",
+				},
+				400,
 			);
 		}
 
 		if (grantType === "password") {
-			const username = request.query.username || request.body?.username;
-			const password = hashPassword(
-				request.query.password || request.body.password,
-			);
-			const scope =
-				request.query.scope?.toString() || request.body?.scope?.toString();
+			const username = query.username || body?.username;
+			const password = hashPassword(query.password || body.password);
+			const scope = query.scope?.toString() || body?.scope?.toString();
 
-			const result = this.customerRepository.query(
-				{ projectKey: request.params.projectKey },
+			const result = await this.customerRepository.query(
+				{ projectKey: params.projectKey },
 				{
 					where: [`email = "${username}"`, `password = "${password}"`],
 				},
 			);
 
 			if (result.count === 0) {
-				return next(
-					new CommercetoolsError<any>(
-						{
-							code: "invalid_customer_account_credentials",
-							message: "Customer account with the given credentials not found.",
-						},
-						400,
-					),
+				throw new CommercetoolsError<any>(
+					{
+						code: "invalid_customer_account_credentials",
+						message: "Customer account with the given credentials not found.",
+					},
+					400,
 				);
 			}
 
 			const customer = result.results[0];
-			const token = this.store.getCustomerToken(projectKey, customer.id, scope);
-			response.status(200).send(token);
+			const token = this.store.getCustomerToken(
+				projectKey,
+				customer.id,
+				scope,
+				request.credentials?.clientId,
+			);
+			return reply.status(200).send(token);
 		}
 	}
 
 	async inStoreCustomerTokenHandler(
-		request: Request,
-		response: Response,
-		next: NextFunction,
+		request: FastifyRequest<{
+			Params: Record<string, string>;
+			Querystring: Record<string, any>;
+			Body: Record<string, any>;
+		}>,
+		reply: FastifyReply,
 	) {
-		const projectKey = request.params.projectKey;
-		const storeKey = request.params.storeKey;
-		const grantType = request.query.grant_type || request.body.grant_type;
+		const params = request.params;
+		const query = request.query;
+		const body = request.body;
+		const projectKey = params.projectKey;
+		const storeKey = params.storeKey;
+		const grantType = query.grant_type || body.grant_type;
 		if (!grantType) {
-			return next(
-				new CommercetoolsError<InvalidRequestError>(
-					{
-						code: "invalid_request",
-						message: "Missing required parameter: grant_type.",
-					},
-					400,
-				),
+			throw new CommercetoolsError<InvalidRequestError>(
+				{
+					code: "invalid_request",
+					message: "Missing required parameter: grant_type.",
+				},
+				400,
 			);
 		}
 
 		if (grantType === "password") {
-			const username = request.query.username || request.body.username;
-			const password = hashPassword(
-				request.query.password || request.body.password,
-			);
-			const scope =
-				request.query.scope?.toString() || request.body.scope?.toString();
+			const username = query.username || body.username;
+			const password = hashPassword(query.password || body.password);
+			const scope = query.scope?.toString() || body.scope?.toString();
 
-			const result = this.customerRepository.query(
+			const result = await this.customerRepository.query(
 				{ projectKey, storeKey },
 				{
 					where: [`email = "${username}"`, `password = "${password}"`],
@@ -317,46 +314,51 @@ export class OAuth2Server {
 			);
 
 			if (result.count === 0) {
-				return next(
-					new CommercetoolsError<any>(
-						{
-							code: "invalid_customer_account_credentials",
-							message: "Customer account with the given credentials not found.",
-						},
-						400,
-					),
+				throw new CommercetoolsError<any>(
+					{
+						code: "invalid_customer_account_credentials",
+						message: "Customer account with the given credentials not found.",
+					},
+					400,
 				);
 			}
 
 			const customer = result.results[0];
-			const token = this.store.getCustomerToken(projectKey, customer.id, scope);
-			response.status(200).send(token);
-			return;
+			const token = this.store.getCustomerToken(
+				projectKey,
+				customer.id,
+				scope,
+				request.credentials?.clientId,
+			);
+			return reply.status(200).send(token);
 		}
 	}
 
 	async anonymousTokenHandler(
-		request: Request,
-		response: Response,
-		next: NextFunction,
+		request: FastifyRequest<{
+			Params: Record<string, string>;
+			Querystring: Record<string, any>;
+			Body: Record<string, any>;
+		}>,
+		reply: FastifyReply,
 	) {
-		const projectKey = request.params.projectKey;
-		const grantType = request.query.grant_type || request.body.grant_type;
+		const params = request.params;
+		const query = request.query;
+		const body = request.body;
+		const projectKey = params.projectKey;
+		const grantType = query.grant_type || body.grant_type;
 		if (!grantType) {
-			return next(
-				new CommercetoolsError<InvalidRequestError>(
-					{
-						code: "invalid_request",
-						message: "Missing required parameter: grant_type.",
-					},
-					400,
-				),
+			throw new CommercetoolsError<InvalidRequestError>(
+				{
+					code: "invalid_request",
+					message: "Missing required parameter: grant_type.",
+				},
+				400,
 			);
 		}
 
 		if (grantType === "client_credentials") {
-			const scope =
-				request.query.scope?.toString() || request.body?.scope?.toString();
+			const scope = query.scope?.toString() || body?.scope?.toString();
 
 			const anonymous_id = undefined;
 
@@ -364,9 +366,9 @@ export class OAuth2Server {
 				projectKey,
 				anonymous_id,
 				scope,
+				request.credentials?.clientId,
 			);
-			response.status(200).send(token);
-			return;
+			return reply.status(200).send(token);
 		}
 	}
 }

package/src/oauth/store.ts

@@ -11,6 +11,7 @@ type Token = {
 
 export class OAuth2Store {
 	tokens: Token[] = [];
+	private tokenClientMap: Map<string, string> = new Map();
 
 	validate = true;
 
@@ -18,8 +19,15 @@ export class OAuth2Store {
 		this.validate = validate;
 	}
 
-	addToken(token: Token) {
+	addToken(token: Token, clientId?: string) {
 		this.tokens.push(token);
+		if (clientId) {
+			this.tokenClientMap.set(token.access_token, clientId);
+		}
+	}
+
+	getClientIdForToken(accessToken: string): string | undefined {
+		return this.tokenClientMap.get(accessToken);
 	}
 
 	getClientToken(clientId: string, clientSecret: string, scope?: string) {
@@ -30,7 +38,7 @@ export class OAuth2Store {
 			scope: scope || "todo",
 			refresh_token: `my-project-${randomBytes(16).toString("base64")}`,
 		};
-		this.addToken(token);
+		this.addToken(token, clientId);
 		return token;
 	}
 
@@ -38,6 +46,7 @@ export class OAuth2Store {
 		projectKey: string,
 		anonymousId: string | undefined,
 		scope: string,
+		clientId?: string,
 	) {
 		if (!anonymousId) {
 			anonymousId = uuidv4();
@@ -51,11 +60,16 @@ export class OAuth2Store {
 				: `anonymous_id:${anonymousId}`,
 			refresh_token: `${projectKey}:${randomBytes(16).toString("base64")}`,
 		};
-		this.addToken(token);
+		this.addToken(token, clientId);
 		return token;
 	}
 
-	getCustomerToken(projectKey: string, customerId: string, scope: string) {
+	getCustomerToken(
+		projectKey: string,
+		customerId: string,
+		scope: string,
+		clientId?: string,
+	) {
 		const token: Token = {
 			access_token: randomBytes(16).toString("base64"),
 			token_type: "Bearer",
@@ -65,7 +79,7 @@ export class OAuth2Store {
 				: `customer_id:${customerId}`,
 			refresh_token: `${projectKey}:${randomBytes(16).toString("base64")}`,
 		};
-		this.addToken(token);
+		this.addToken(token, clientId);
 		return token;
 	}
 
@@ -78,7 +92,7 @@ export class OAuth2Store {
 			...existing,
 			access_token: randomBytes(16).toString("base64"),
 		};
-		this.addToken(token);
+		this.addToken(token, clientId);
 
 		// We don't want to return the refresh_token again
 		return {

package/src/orderSearch.ts

@@ -13,11 +13,11 @@ export class OrderSearch {
 		this._storage = config.storage;
 	}
 
-	search(
+	async search(
 		projectKey: string,
 		params: OrderSearchRequest,
-	): OrderPagedSearchResponse {
-		const orderResources = this._storage.all(projectKey, "order");
+	): Promise<OrderPagedSearchResponse> {
+		const orderResources = await this._storage.all(projectKey, "order");
 
 		// TODO: implement filtering based on params.query
 		const offset = params.offset || 0;