@optimizely-opal/opal-tool-ocp-sdk 0.0.0-devmg.13 → 1.0.0-OCP-1441.2

package/src/function/ToolFunction.ts

@@ -1,7 +1,5 @@
-import { Function, Response, amendLogContext, getAppContext, logger } from '@zaiusinc/app-sdk';
+import { Function, Response, amendLogContext } from '@zaiusinc/app-sdk';
 import { toolsService } from '../service/Service';
-import { getTokenVerifier } from '../auth/TokenVerifier';
-import { OptiIdAuthData } from '../types/Models';
 
 /**
  * Abstract base class for tool-based function execution
@@ -41,45 +39,9 @@ export abstract class ToolFunction extends Function {
   /**
    * Authenticate the incoming request by validating the OptiID token and organization ID
    *
-   * @throws true if authentication succeeds
+   * @returns true if authentication succeeds
    */
   private async authorizeRequest(): Promise<boolean> {
-    if (this.request.path === '/discovery' || this.request.path === '/ready') {
-      return true;
-    }
-    const authData = this.request.bodyJSON?.auth as OptiIdAuthData;
-    const accessToken = authData?.credentials?.access_token;
-    if (!accessToken || authData?.provider?.toLowerCase() !== 'optiid') {
-      logger.error('OptiID token is required but not provided');
-      return false;
-    }
-
-    const customerId = authData.credentials?.customer_id;
-    if (!customerId) {
-      logger.error('Organisation ID is required but not provided');
-      return false;
-    }
-
-    const appOrganisationId = getAppContext().account?.organizationId;
-    if (customerId !== appOrganisationId) {
-      logger.error(`Invalid organisation ID: expected ${appOrganisationId}, received ${customerId}`);
-      return false;
-    }
-
-    return await this.validateAccessToken(accessToken);
+    return true;
   }
-
-  private async validateAccessToken(accessToken: string | undefined): Promise<boolean> {
-    try {
-      if (!accessToken) {
-        return false;
-      }
-      const tokenVerifier = await getTokenVerifier();
-      return await tokenVerifier.verify(accessToken);
-    } catch (error) {
-      logger.error('OptiID token validation failed:', error);
-      return false;
-    }
-  }
-
 }

package/src/index.ts

@@ -1,4 +1,5 @@
 export * from './function/ToolFunction';
+export * from './function/GlobalToolFunction';
 export * from './types/Models';
 export * from './decorator/Decorator';
 export * from './auth/TokenVerifier';

package/src/service/Service.test.ts

@@ -522,15 +522,25 @@ describe('ToolsService', () => {
 
     describe('edge cases', () => {
       it('should handle request with null bodyJSON', async () => {
+        // Create a tool without required parameters
+        const toolWithoutRequiredParams = {
+          name: 'no_required_params_tool',
+          description: 'Tool without required parameters',
+          handler: jest.fn().mockResolvedValue({ result: 'success' }),
+          parameters: [], // No parameters defined
+          endpoint: '/no-required-params-tool'
+        };
+
         toolsService.registerTool(
-          mockTool.name,
-          mockTool.description,
-          mockTool.handler,
-          mockTool.parameters,
-          mockTool.endpoint
+          toolWithoutRequiredParams.name,
+          toolWithoutRequiredParams.description,
+          toolWithoutRequiredParams.handler,
+          toolWithoutRequiredParams.parameters,
+          toolWithoutRequiredParams.endpoint
         );
 
         const requestWithNullBody = createMockRequest({
+          path: '/no-required-params-tool',
           bodyJSON: null,
           body: null
         });
@@ -538,19 +548,29 @@ describe('ToolsService', () => {
         const response = await toolsService.processRequest(requestWithNullBody, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockTool.handler).toHaveBeenCalledWith(mockToolFunction, null, undefined);
+        expect(toolWithoutRequiredParams.handler).toHaveBeenCalledWith(mockToolFunction, null, undefined);
       });
 
       it('should handle request with undefined bodyJSON', async () => {
+        // Create a tool without required parameters
+        const toolWithoutRequiredParams = {
+          name: 'no_required_params_tool_2',
+          description: 'Tool without required parameters',
+          handler: jest.fn().mockResolvedValue({ result: 'success' }),
+          parameters: [], // No parameters defined
+          endpoint: '/no-required-params-tool-2'
+        };
+
         toolsService.registerTool(
-          mockTool.name,
-          mockTool.description,
-          mockTool.handler,
-          mockTool.parameters,
-          mockTool.endpoint
+          toolWithoutRequiredParams.name,
+          toolWithoutRequiredParams.description,
+          toolWithoutRequiredParams.handler,
+          toolWithoutRequiredParams.parameters,
+          toolWithoutRequiredParams.endpoint
         );
 
         const requestWithUndefinedBody = createMockRequest({
+          path: '/no-required-params-tool-2',
           bodyJSON: undefined,
           body: undefined
         });
@@ -558,7 +578,7 @@ describe('ToolsService', () => {
         const response = await toolsService.processRequest(requestWithUndefinedBody, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockTool.handler).toHaveBeenCalledWith(mockToolFunction, undefined, undefined);
+        expect(toolWithoutRequiredParams.handler).toHaveBeenCalledWith(mockToolFunction, undefined, undefined);
       });
 
       it('should extract auth data from bodyJSON when body exists', async () => {
@@ -657,5 +677,102 @@ describe('ToolsService', () => {
         );
       });
     });
+
+    describe('parameter validation', () => {
+      beforeEach(() => {
+        jest.clearAllMocks();
+      });
+
+      it('should validate parameters and return 400 for invalid types', async () => {
+        // Register a tool with specific parameter types
+        const toolWithTypedParams = {
+          name: 'typed_tool',
+          description: 'Tool with typed parameters',
+          handler: jest.fn().mockResolvedValue({ result: 'success' }),
+          parameters: [
+            new Parameter('name', ParameterType.String, 'User name', true),
+            new Parameter('age', ParameterType.Integer, 'User age', true),
+            new Parameter('active', ParameterType.Boolean, 'Is active', false)
+          ],
+          endpoint: '/typed-tool'
+        };
+
+        toolsService.registerTool(
+          toolWithTypedParams.name,
+          toolWithTypedParams.description,
+          toolWithTypedParams.handler,
+          toolWithTypedParams.parameters,
+          toolWithTypedParams.endpoint
+        );
+
+        // Send invalid parameter types
+        const invalidRequest = createMockRequest({
+          path: '/typed-tool',
+          bodyJSON: {
+            parameters: {
+              name: 123, // should be string
+              age: '25', // should be integer
+              active: 'true' // should be boolean
+            }
+          }
+        });
+
+        const response = await toolsService.processRequest(invalidRequest, mockToolFunction);
+
+        expect(response.status).toBe(400);
+
+        // Expect RFC 9457 Problem Details format
+        expect(response.bodyJSON).toHaveProperty('title', 'One or more validation errors occurred.');
+        expect(response.bodyJSON).toHaveProperty('status', 400);
+        expect(response.bodyJSON).toHaveProperty('detail', 'See \'errors\' field for details.');
+        expect(response.bodyJSON).toHaveProperty('errors');
+        expect(response.bodyJSON.errors).toHaveLength(3);
+
+        // Check error structure - field and message
+        const errors = response.bodyJSON.errors;
+        expect(errors[0]).toHaveProperty('field', 'name');
+        expect(errors[0]).toHaveProperty('message', "Parameter 'name' must be a string, but received number");
+
+        // Verify the handler was not called
+        expect(toolWithTypedParams.handler).not.toHaveBeenCalled();
+      });
+
+      it('should skip validation for tools with no parameter definitions', async () => {
+        const toolWithoutParams = {
+          name: 'no_params_tool',
+          description: 'Tool without parameters',
+          handler: jest.fn().mockResolvedValue({ result: 'success' }),
+          parameters: [], // No parameters defined
+          endpoint: '/no-params-tool'
+        };
+
+        toolsService.registerTool(
+          toolWithoutParams.name,
+          toolWithoutParams.description,
+          toolWithoutParams.handler,
+          toolWithoutParams.parameters,
+          toolWithoutParams.endpoint
+        );
+
+        // Send request with any data (should be ignored)
+        const request = createMockRequest({
+          path: '/no-params-tool',
+          bodyJSON: {
+            parameters: {
+              unexpected: 'value'
+            }
+          }
+        });
+
+        const response = await toolsService.processRequest(request, mockToolFunction);
+
+        expect(response.status).toBe(200);
+        expect(toolWithoutParams.handler).toHaveBeenCalledWith(
+          mockToolFunction,
+          { unexpected: 'value' },
+          undefined
+        );
+      });
+    });
   });
 });

package/src/service/Service.ts

@@ -3,14 +3,14 @@ import { AuthRequirement, Parameter } from '../types/Models';
 import * as App from '@zaiusinc/app-sdk';
 import { logger } from '@zaiusinc/app-sdk';
 import { ToolFunction } from '../function/ToolFunction';
+import { GlobalToolFunction } from '../function/GlobalToolFunction';
+import { ParameterValidator } from '../validation/ParameterValidator';
 
 /**
  * Default OptiID authentication requirement that will be enforced for all tools
  */
 const DEFAULT_OPTIID_AUTH = new AuthRequirement('OptiID', 'default', true);
 
-
-
 /**
  * Result type for interaction handlers
  */
@@ -28,7 +28,11 @@ export class Interaction<TAuthData> {
   public constructor(
     public name: string,
     public endpoint: string,
-    public handler: (functionContext: ToolFunction, data: unknown, authData?: TAuthData) => Promise<InteractionResult>
+    public handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      data: unknown,
+      authData?: TAuthData
+    ) => Promise<InteractionResult>
   ) {}
 }
 
@@ -55,7 +59,11 @@ export class Tool<TAuthData> {
     public description: string,
     public parameters: Parameter[],
     public endpoint: string,
-    public handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
+    public handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      params: unknown,
+      authData?: TAuthData
+    ) => Promise<unknown>,
     public authRequirements: AuthRequirement[] = [DEFAULT_OPTIID_AUTH]
   ) {}
 
@@ -108,14 +116,25 @@ export class ToolsService {
   public registerTool<TAuthData>(
     name: string,
     description: string,
-    handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
+    handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      params: unknown,
+      authData?: TAuthData
+    ) => Promise<unknown>,
     parameters: Parameter[],
     endpoint: string,
     authRequirements?: AuthRequirement[]
   ): void {
     // Enforce OptiID authentication for all tools
     const enforcedAuthRequirements = this.enforceOptiIdAuth(authRequirements);
-    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, enforcedAuthRequirements);
+    const func = new Tool<TAuthData>(
+      name,
+      description,
+      parameters,
+      endpoint,
+      handler,
+      enforcedAuthRequirements
+    );
     this.functions.set(endpoint, func);
   }
 
@@ -127,15 +146,21 @@ export class ToolsService {
    */
   public registerInteraction<TAuthData>(
     name: string,
-    handler: (functionContext: ToolFunction, data: unknown, authData?: TAuthData) => Promise<InteractionResult>,
+    handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      data: unknown,
+      authData?: TAuthData
+    ) => Promise<InteractionResult>,
     endpoint: string
   ): void {
     const func = new Interaction<TAuthData>(name, endpoint, handler);
     this.interactions.set(endpoint, func);
   }
 
-  public async processRequest(req: App.Request,
-                              functionContext: ToolFunction): Promise<App.Response> {
+  public async processRequest(
+    req: App.Request,
+    functionContext: ToolFunction | GlobalToolFunction
+  ): Promise<App.Response> {
     if (req.path === '/discovery') {
       return new App.Response(200, { functions: Array.from(this.functions.values()).map((f) => f.toJSON()) });
     } else {
@@ -149,6 +174,22 @@ export class ToolsService {
             params = req.bodyJSON;
           }
 
+          // Validate parameters before calling the handler (only if tool has parameter definitions)
+          if (func.parameters && func.parameters.length > 0) {
+            const validationResult = ParameterValidator.validate(params, func.parameters);
+            if (!validationResult.isValid) {
+              return new App.Response(400, {
+                title: 'One or more validation errors occurred.',
+                status: 400,
+                detail: "See 'errors' field for details.",
+                errors: validationResult.errors.map((error) => ({
+                  field: error.field,
+                  message: error.message
+                }))
+              });
+            }
+          }
+
           // Extract auth data from body JSON
           const authData = req.bodyJSON ? req.bodyJSON.auth : undefined;