@optimizely-opal/opal-tool-ocp-sdk 0.0.0-beta.1 → 0.0.0-beta.10

package/src/service/Service.test.ts

@@ -1,12 +1,16 @@
 import { toolsService, Tool, Interaction } from './Service';
 import { Parameter, ParameterType, AuthRequirement, OptiIdAuthDataCredentials, OptiIdAuthData } from '../types/Models';
+import { ToolFunction } from '../function/ToolFunction';
 import { logger } from '@zaiusinc/app-sdk';
 
-// Mock the logger
+// Mock the logger and other app-sdk exports
 jest.mock('@zaiusinc/app-sdk', () => ({
   logger: {
     error: jest.fn()
   },
+  Function: class {
+    public constructor(public request: any) {}
+  },
   Response: jest.fn().mockImplementation((status, data) => ({
     status,
     data,
@@ -18,6 +22,7 @@ jest.mock('@zaiusinc/app-sdk', () => ({
 describe('ToolsService', () => {
   let mockTool: Tool<unknown>;
   let mockInteraction: Interaction<unknown>;
+  let mockToolFunction: ToolFunction;
 
   beforeEach(() => {
     // Clear registered functions and interactions before each test
@@ -27,6 +32,14 @@ describe('ToolsService', () => {
     // Reset all mocks
     jest.clearAllMocks();
 
+    // Create mock ToolFunction
+    mockToolFunction = {
+      ready: jest.fn().mockResolvedValue(true),
+      perform: jest.fn(),
+      validateBearerToken: jest.fn().mockReturnValue(true),
+      request: {} as any
+    } as any;
+
     // Create mock tool handler
     const mockToolHandler = jest.fn().mockResolvedValue({ result: 'success' });
 
@@ -90,7 +103,7 @@ describe('ToolsService', () => {
         );
 
         const discoveryRequest = createMockRequest({ path: '/discovery' });
-        const response = await toolsService.processRequest(discoveryRequest);
+        const response = await toolsService.processRequest(discoveryRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(response).toHaveProperty('bodyJSON');
@@ -109,13 +122,14 @@ describe('ToolsService', () => {
           description: mockTool.description,
           parameters: mockTool.parameters.map((p: Parameter) => p.toJSON()),
           endpoint: mockTool.endpoint,
-          http_method: 'POST'
+          http_method: 'POST',
+          auth_requirements: [{ provider: 'OptiID', scope_bundle: 'default', required: true }]
         });
       });
 
       it('should return empty functions array when no tools are registered', async () => {
         const discoveryRequest = createMockRequest({ path: '/discovery' });
-        const response = await toolsService.processRequest(discoveryRequest);
+        const response = await toolsService.processRequest(discoveryRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(response.bodyAsU8Array).toBeDefined();
@@ -149,7 +163,7 @@ describe('ToolsService', () => {
         );
 
         const discoveryRequest = createMockRequest({ path: '/discovery' });
-        const response = await toolsService.processRequest(discoveryRequest);
+        const response = await toolsService.processRequest(discoveryRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
 
@@ -168,7 +182,8 @@ describe('ToolsService', () => {
           description: mockTool.description,
           parameters: mockTool.parameters.map((p: Parameter) => p.toJSON()),
           endpoint: mockTool.endpoint,
-          http_method: 'POST'
+          http_method: 'POST',
+          auth_requirements: [{ provider: 'OptiID', scope_bundle: 'default', required: true }]
         });
 
         expect(secondFunction).toEqual({
@@ -177,7 +192,10 @@ describe('ToolsService', () => {
           parameters: [],
           endpoint: '/second-tool',
           http_method: 'POST',
-          auth_requirements: authRequirements.map((auth) => auth.toJSON())
+          auth_requirements: [
+            { provider: 'oauth2', scope_bundle: 'calendar', required: true },
+            { provider: 'OptiID', scope_bundle: 'default', required: true }
+          ]
         });
       });
     });
@@ -195,15 +213,101 @@ describe('ToolsService', () => {
 
       it('should execute tool successfully with parameters', async () => {
         const mockRequest = createMockRequest();
-        const response = await toolsService.processRequest(mockRequest);
+        const response = await toolsService.processRequest(mockRequest, mockToolFunction);
+
+        expect(response.status).toBe(200);
+        expect(mockTool.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
+          { param1: 'test-value' },
+          undefined
+        );
+      });
+
+      it('should execute tool with existing ToolFunction instance context', async () => {
+        // Create a mock ToolFunction instance
+        const mockToolFunctionInstance = {
+          someProperty: 'test-value',
+          someMethod: jest.fn(),
+          ready: jest.fn().mockResolvedValue(true),
+          perform: jest.fn(),
+          validateBearerToken: jest.fn().mockReturnValue(true),
+          request: {} as any
+        } as any;
+
+        const mockRequest = createMockRequest();
+        const response = await toolsService.processRequest(mockRequest, mockToolFunctionInstance);
 
         expect(response.status).toBe(200);
         expect(mockTool.handler).toHaveBeenCalledWith(
+          mockToolFunctionInstance, // functionContext - existing instance
           { param1: 'test-value' },
           undefined
         );
       });
 
+      it('should allow handler in ToolFunction subclass to access request object', async () => {
+        // Create a mock class that extends ToolFunction
+        class MockToolFunction extends ToolFunction {
+          public testMethod() {
+            return `path: ${this.request.path}`;
+          }
+
+          public getRequestPath() {
+            return this.request.path;
+          }
+        }
+
+        // Create an instance with a mock request
+        const mockRequest = createMockRequest({ path: '/test-path' });
+        const mockToolFunctionInstance = new MockToolFunction(mockRequest);
+
+        // Create a handler that will use the ToolFunction instance's methods and properties
+        const handlerThatAccessesRequest = jest.fn().mockImplementation((
+          functionContext: any,
+          params: any,
+          _authData: any
+        ) => {
+          // This simulates what would happen in a decorated method of a ToolFunction subclass
+          if (functionContext && functionContext instanceof MockToolFunction) {
+            return Promise.resolve({
+              success: true,
+              requestPath: functionContext.getRequestPath(), // Use public method to access request
+              testMethodResult: functionContext.testMethod(),
+              receivedParams: params
+            });
+          }
+          return Promise.resolve({ success: false, error: 'No valid function context' });
+        });
+
+        // Register a tool with our custom handler
+        toolsService.registerTool(
+          'test-toolfunction-access',
+          'Test handler access to ToolFunction instance',
+          handlerThatAccessesRequest,
+          [],
+          '/test-toolfunction-access'
+        );
+
+        const testRequest = createMockRequest({
+          path: '/test-toolfunction-access',
+          bodyJSON: { action: 'test' }
+        });
+
+        const response = await toolsService.processRequest(testRequest, mockToolFunctionInstance);
+
+        expect(response.status).toBe(200);
+        expect((response as any).data).toBeDefined();
+        expect((response as any).data.success).toBe(true);
+        expect((response as any).data.requestPath).toBe('/test-path');
+        expect((response as any).data.testMethodResult).toBe('path: /test-path');
+        expect((response as any).data.receivedParams).toEqual({ action: 'test' });
+        expect(handlerThatAccessesRequest).toHaveBeenCalledWith(
+          mockToolFunctionInstance, // functionContext is the ToolFunction instance
+          { action: 'test' },
+          undefined
+        );
+      });
+
       it('should execute tool with OptiID auth data when provided', async () => {
         const authData = new OptiIdAuthData(
           'optiId',
@@ -221,10 +325,11 @@ describe('ToolsService', () => {
           })
         });
 
-        const response = await toolsService.processRequest(requestWithAuth);
+        const response = await toolsService.processRequest(requestWithAuth, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(mockTool.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
           { param1: 'test-value' },
           authData
         );
@@ -236,10 +341,11 @@ describe('ToolsService', () => {
           body: JSON.stringify({ param1: 'test-value' })
         });
 
-        const response = await toolsService.processRequest(requestWithoutWrapper);
+        const response = await toolsService.processRequest(requestWithoutWrapper, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(mockTool.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
           { param1: 'test-value' },
           undefined
         );
@@ -250,7 +356,7 @@ describe('ToolsService', () => {
         jest.mocked(mockTool.handler).mockRejectedValueOnce(new Error(errorMessage));
 
         const mockRequest = createMockRequest();
-        const response = await toolsService.processRequest(mockRequest);
+        const response = await toolsService.processRequest(mockRequest, mockToolFunction);
 
         expect(response.status).toBe(500);
         expect(logger.error).toHaveBeenCalledWith(
@@ -263,7 +369,7 @@ describe('ToolsService', () => {
         jest.mocked(mockTool.handler).mockRejectedValueOnce({});
 
         const mockRequest = createMockRequest();
-        const response = await toolsService.processRequest(mockRequest);
+        const response = await toolsService.processRequest(mockRequest, mockToolFunction);
 
         expect(response.status).toBe(500);
       });
@@ -285,10 +391,10 @@ describe('ToolsService', () => {
           body: JSON.stringify({ data: { param1: 'test-value' } })
         });
 
-        const response = await toolsService.processRequest(interactionRequest);
+        const response = await toolsService.processRequest(interactionRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockInteraction.handler).toHaveBeenCalledWith({ param1: 'test-value' }, undefined);
+        expect(mockInteraction.handler).toHaveBeenCalledWith(mockToolFunction, { param1: 'test-value' }, undefined);
       });
 
       it('should handle interaction request body without data wrapper', async () => {
@@ -298,10 +404,10 @@ describe('ToolsService', () => {
           body: JSON.stringify({ param1: 'test-value' })
         });
 
-        const response = await toolsService.processRequest(interactionRequest);
+        const response = await toolsService.processRequest(interactionRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockInteraction.handler).toHaveBeenCalledWith({ param1: 'test-value' }, undefined);
+        expect(mockInteraction.handler).toHaveBeenCalledWith(mockToolFunction, { param1: 'test-value' }, undefined);
       });
 
       it('should execute interaction with OptiID auth data when provided', async () => {
@@ -322,10 +428,11 @@ describe('ToolsService', () => {
           })
         });
 
-        const response = await toolsService.processRequest(interactionRequest);
+        const response = await toolsService.processRequest(interactionRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(mockInteraction.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
           { param1: 'test-value' },
           authData
         );
@@ -349,10 +456,11 @@ describe('ToolsService', () => {
           })
         });
 
-        const response = await toolsService.processRequest(interactionRequest);
+        const response = await toolsService.processRequest(interactionRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(mockInteraction.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
           {
             param1: 'test-value',
             auth: authData
@@ -370,7 +478,7 @@ describe('ToolsService', () => {
           bodyJSON: { data: { param1: 'test-value' } }
         });
 
-        const response = await toolsService.processRequest(interactionRequest);
+        const response = await toolsService.processRequest(interactionRequest, mockToolFunction);
 
         expect(response.status).toBe(500);
         expect(logger.error).toHaveBeenCalledWith(
@@ -383,7 +491,7 @@ describe('ToolsService', () => {
     describe('error cases', () => {
       it('should return 404 when no matching tool or interaction is found', async () => {
         const unknownRequest = createMockRequest({ path: '/unknown-endpoint' });
-        const response = await toolsService.processRequest(unknownRequest);
+        const response = await toolsService.processRequest(unknownRequest, mockToolFunction);
 
         expect(response.status).toBe(404);
       });
@@ -406,7 +514,7 @@ describe('ToolsService', () => {
           path: '/optid-auth-tool'
         });
 
-        const response = await toolsService.processRequest(authRequest);
+        const response = await toolsService.processRequest(authRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
       });
@@ -427,10 +535,10 @@ describe('ToolsService', () => {
           body: null
         });
 
-        const response = await toolsService.processRequest(requestWithNullBody);
+        const response = await toolsService.processRequest(requestWithNullBody, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockTool.handler).toHaveBeenCalledWith(null, undefined);
+        expect(mockTool.handler).toHaveBeenCalledWith(mockToolFunction, null, undefined);
       });
 
       it('should handle request with undefined bodyJSON', async () => {
@@ -447,10 +555,10 @@ describe('ToolsService', () => {
           body: undefined
         });
 
-        const response = await toolsService.processRequest(requestWithUndefinedBody);
+        const response = await toolsService.processRequest(requestWithUndefinedBody, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockTool.handler).toHaveBeenCalledWith(undefined, undefined);
+        expect(mockTool.handler).toHaveBeenCalledWith(mockToolFunction, undefined, undefined);
       });
 
       it('should extract auth data from bodyJSON when body exists', async () => {
@@ -478,10 +586,11 @@ describe('ToolsService', () => {
           })
         });
 
-        const response = await toolsService.processRequest(requestWithAuth);
+        const response = await toolsService.processRequest(requestWithAuth, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(mockTool.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
           { param1: 'test-value' },
           authData
         );
@@ -506,10 +615,11 @@ describe('ToolsService', () => {
           })
         });
 
-        const response = await toolsService.processRequest(requestWithoutAuth);
+        const response = await toolsService.processRequest(requestWithoutAuth, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(mockTool.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
           { param1: 'test-value' },
           undefined
         );
@@ -537,10 +647,11 @@ describe('ToolsService', () => {
           body: ''
         });
 
-        const response = await toolsService.processRequest(requestWithAuthButNoBody);
+        const response = await toolsService.processRequest(requestWithAuthButNoBody, mockToolFunction);
 
         expect(response.status).toBe(200);
         expect(mockTool.handler).toHaveBeenCalledWith(
+          mockToolFunction, // functionContext
           { param1: 'test-value' },
           authData
         );

package/src/service/Service.ts

@@ -2,6 +2,12 @@
 import { AuthRequirement, Parameter } from '../types/Models';
 import * as App from '@zaiusinc/app-sdk';
 import { logger } from '@zaiusinc/app-sdk';
+import { ToolFunction } from '../function/ToolFunction';
+
+/**
+ * Default OptiID authentication requirement that will be enforced for all tools
+ */
+const DEFAULT_OPTIID_AUTH = new AuthRequirement('OptiID', 'default', true);
 
 
 
@@ -22,7 +28,7 @@ export class Interaction<TAuthData> {
   public constructor(
     public name: string,
     public endpoint: string,
-    public handler: (data: unknown, authData?: TAuthData) => Promise<InteractionResult>
+    public handler: (functionContext: ToolFunction, data: unknown, authData?: TAuthData) => Promise<InteractionResult>
   ) {}
 }
 
@@ -42,15 +48,15 @@ export class Tool<TAuthData> {
    * @param parameters Function parameters
    * @param endpoint API endpoint
    * @param handler Function implementing the tool
-   * @param authRequirements Authentication requirements (optional)
+   * @param authRequirements Authentication requirements (mandatory - OptiID enforced)
    */
   public constructor(
     public name: string,
     public description: string,
     public parameters: Parameter[],
     public endpoint: string,
-    public handler: (params: unknown, authData?: TAuthData) => Promise<unknown>,
-    public authRequirements?: AuthRequirement[]
+    public handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
+    public authRequirements: AuthRequirement[] = [DEFAULT_OPTIID_AUTH]
   ) {}
 
   /**
@@ -62,13 +68,10 @@ export class Tool<TAuthData> {
       description: this.description,
       parameters: this.parameters.map((p) => p.toJSON()),
       endpoint: this.endpoint,
-      http_method: this.httpMethod
+      http_method: this.httpMethod,
+      auth_requirements: this.authRequirements.map((auth) => auth.toJSON())
     };
 
-    if (this.authRequirements && this.authRequirements.length > 0) {
-      result.auth_requirements = this.authRequirements.map((auth) => auth.toJSON());
-    }
-
     return result;
   }
 }
@@ -78,18 +81,19 @@ export class ToolsService {
   private interactions: Map<string, Interaction<any>> = new Map();
 
   /**
-   * Extract Bearer token from Authorization header
-   * @param headers Request headers (Map-like object or Headers object with get method)
-   * @returns Bearer token string or undefined
+   * Enforce OptiID authentication for tools by ensuring OptiID auth requirement is present
+   * @param authRequirements Original authentication requirements
+   * @returns Enforced authentication requirements with OptiID
    */
-  public extractBearerToken(headers: App.Headers): string | undefined {
-    let bearerToken: string | undefined;
+  private enforceOptiIdAuth(authRequirements?: AuthRequirement[]): AuthRequirement[] {
+    const hasOptiIdProvider = authRequirements
+      && authRequirements.some((auth) => auth.provider.toLowerCase() === 'optiid');
 
-    const authHeader = headers ? headers.get('authorization') : undefined;
-    if (authHeader && authHeader.startsWith('Bearer ')) {
-      bearerToken = authHeader.substring(7).trim();
+    if (hasOptiIdProvider) {
+      return authRequirements;
     }
-    return bearerToken;
+
+    return [...(authRequirements || []), DEFAULT_OPTIID_AUTH];
   }
 
   /**
@@ -104,12 +108,14 @@ export class ToolsService {
   public registerTool<TAuthData>(
     name: string,
     description: string,
-    handler: (params: unknown, authData?: TAuthData) => Promise<unknown>,
+    handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
     parameters: Parameter[],
     endpoint: string,
     authRequirements?: AuthRequirement[]
   ): void {
-    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, authRequirements);
+    // Enforce OptiID authentication for all tools
+    const enforcedAuthRequirements = this.enforceOptiIdAuth(authRequirements);
+    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, enforcedAuthRequirements);
     this.functions.set(endpoint, func);
   }
 
@@ -121,14 +127,15 @@ export class ToolsService {
    */
   public registerInteraction<TAuthData>(
     name: string,
-    handler: (data: unknown, authData?: TAuthData) => Promise<InteractionResult>,
+    handler: (functionContext: ToolFunction, data: unknown, authData?: TAuthData) => Promise<InteractionResult>,
     endpoint: string
   ): void {
     const func = new Interaction<TAuthData>(name, endpoint, handler);
     this.interactions.set(endpoint, func);
   }
 
-  public async processRequest(req: App.Request): Promise<App.Response> {
+  public async processRequest(req: App.Request,
+                              functionContext: ToolFunction): Promise<App.Response> {
     if (req.path === '/discovery') {
       return new App.Response(200, { functions: Array.from(this.functions.values()).map((f) => f.toJSON()) });
     } else {
@@ -145,7 +152,7 @@ export class ToolsService {
           // Extract auth data from body JSON
           const authData = req.bodyJSON ? req.bodyJSON.auth : undefined;
 
-          const result = await func.handler(params, authData);
+          const result = await func.handler(functionContext, params, authData);
           return new App.Response(200, result);
         } catch (error: any) {
           logger.error(`Error in function ${func.name}:`, error);
@@ -166,7 +173,7 @@ export class ToolsService {
           // Extract auth data from body JSON
           const authData = req.bodyJSON ? req.bodyJSON.auth : undefined;
 
-          const result = await interaction.handler(params, authData);
+          const result = await interaction.handler(functionContext, params, authData);
           return new App.Response(200, result);
         } catch (error: any) {
           logger.error(`Error in function ${interaction.name}:`, error);

package/src/types/Models.ts

@@ -48,10 +48,10 @@ export class Parameter {
 export class OptiIdAuthDataCredentials {
 
   public constructor(
-    public customerId: string,
-    public instanceId: string,
-    public accessToken: string,
-    public productSku: string
+    public customer_id: string,
+    public instance_id: string,
+    public access_token: string,
+    public product_sku: string
   ) {}
 }