@optimizely-opal/opal-tool-ocp-sdk 1.0.0-OCP-1441.4 → 1.0.0-OCP-1442.1

package/src/function/GlobalToolFunction.ts

@@ -1,6 +1,7 @@
 import { GlobalFunction, Response, amendLogContext } from '@zaiusinc/app-sdk';
 import { authenticateGlobalRequest, extractAuthData } from '../auth/AuthUtils';
 import { toolsService } from '../service/Service';
+import { ToolLogger } from '../logging/ToolLogger';
 
 /**
  * Abstract base class for global tool-based function execution
@@ -24,6 +25,8 @@ export abstract class GlobalToolFunction extends GlobalFunction {
    * @returns Response as the HTTP response
    */
   public async perform(): Promise<Response> {
+    const startTime = Date.now();
+
     // Extract customer_id from auth data for global context attribution
     const authInfo = extractAuthData(this.request);
     const customerId = authInfo?.authData?.credentials?.customer_id;
@@ -33,6 +36,14 @@ export abstract class GlobalToolFunction extends GlobalFunction {
       customerId: customerId || ''
     });
 
+    ToolLogger.logRequest(this.request);
+
+    const response = await this.handleRequest();
+    ToolLogger.logResponse(this.request, response, startTime - Date.now());
+    return response;
+  }
+
+  private async handleRequest(): Promise<Response> {
     if (!(await this.authorizeRequest())) {
       return new Response(403, { error: 'Forbidden' });
     }

package/src/function/ToolFunction.test.ts

@@ -0,0 +1,377 @@
+import { ToolFunction } from './ToolFunction';
+import { toolsService } from '../service/Service';
+import { Response, getAppContext } from '@zaiusinc/app-sdk';
+import { getTokenVerifier } from '../auth/TokenVerifier';
+
+// Mock the dependencies
+jest.mock('../service/Service', () => ({
+  toolsService: {
+    processRequest: jest.fn(),
+  },
+}));
+
+jest.mock('../auth/TokenVerifier', () => ({
+  getTokenVerifier: jest.fn(),
+}));
+
+jest.mock('@zaiusinc/app-sdk', () => ({
+  Function: class {
+    protected request: any;
+    public constructor(_name?: string) {
+      this.request = {};
+    }
+  },
+  Request: jest.fn().mockImplementation(() => ({})),
+  Response: jest.fn().mockImplementation((status, data) => ({
+    status,
+    data,
+    bodyJSON: data,
+    bodyAsU8Array: new Uint8Array()
+  })),
+  amendLogContext: jest.fn(),
+  getAppContext: jest.fn(),
+  logger: {
+    info: jest.fn(),
+    error: jest.fn(),
+    warn: jest.fn(),
+    debug: jest.fn(),
+  },
+  LogVisibility: {
+    Zaius: 'zaius'
+  },
+}));
+
+// Create a concrete implementation for testing
+class TestToolFunction extends ToolFunction {
+  private mockReady: jest.MockedFunction<() => Promise<boolean>>;
+
+  public constructor(request?: any) {
+    super(request || {});
+    (this as any).request = request;
+    this.mockReady = jest.fn().mockResolvedValue(true);
+  }
+
+  // Override the ready method with mock implementation for testing
+  protected ready(): Promise<boolean> {
+    return this.mockReady();
+  }
+
+  public getRequest() {
+    return (this as any).request;
+  }
+
+  public getMockReady() {
+    return this.mockReady;
+  }
+}
+
+describe('ToolFunction', () => {
+  let mockRequest: any;
+  let mockResponse: Response;
+  let toolFunction: TestToolFunction;
+  let mockProcessRequest: jest.MockedFunction<typeof toolsService.processRequest>;
+  let mockGetTokenVerifier: jest.MockedFunction<typeof getTokenVerifier>;
+  let mockGetAppContext: jest.MockedFunction<typeof getAppContext>;
+  let mockTokenVerifier: jest.Mocked<{
+    verify: (token: string) => Promise<any>;
+  }>;
+
+  beforeEach(() => {
+    jest.clearAllMocks();
+
+    // Create mock token verifier
+    mockTokenVerifier = {
+      verify: jest.fn(),
+    };
+
+    // Setup the mocks
+    mockProcessRequest = jest.mocked(toolsService.processRequest);
+    mockGetTokenVerifier = jest.mocked(getTokenVerifier);
+    mockGetAppContext = jest.mocked(getAppContext);
+
+    mockGetTokenVerifier.mockResolvedValue(mockTokenVerifier as any);
+    mockGetAppContext.mockReturnValue({
+      account: {
+        organizationId: 'app-org-123'
+      }
+    } as any);
+
+    // Create mock request with bodyJSON structure
+    mockRequest = {
+      headers: new Map(),
+      method: 'POST',
+      path: '/test',
+      bodyJSON: {
+        parameters: {
+          task_id: 'task-123',
+          content_id: 'content-456'
+        },
+        auth: {
+          provider: 'OptiID',
+          credentials: {
+            token_type: 'Bearer',
+            access_token: 'valid-access-token',
+            org_sso_id: 'org-sso-123',
+            user_id: 'user-456',
+            instance_id: 'instance-789',
+            customer_id: 'app-org-123',
+            product_sku: 'OPAL'
+          }
+        },
+        environment: {
+          execution_mode: 'headless'
+        }
+      }
+    };
+
+    mockResponse = {} as Response;
+    toolFunction = new TestToolFunction(mockRequest);
+  });
+
+  // Helper function to create a ready request with valid auth
+  const createReadyRequestWithAuth = () => ({
+    headers: new Map(),
+    method: 'GET',
+    path: '/ready',
+    bodyJSON: {
+      auth: {
+        provider: 'OptiID',
+        credentials: {
+          access_token: 'valid-token',
+          customer_id: 'app-org-123'
+        }
+      }
+    }
+  });
+
+  // Helper function to setup authorization mocks to pass
+  const setupAuthMocks = () => {
+    mockTokenVerifier.verify.mockResolvedValue(true);
+    mockGetAppContext.mockReturnValue({
+      account: {
+        organizationId: 'app-org-123'
+      }
+    } as any);
+  };
+
+  describe('/ready endpoint', () => {
+    beforeEach(() => {
+      setupAuthMocks();
+    });
+
+    it('should return ready: true when ready method returns true', async () => {
+      // Arrange
+      const readyRequest = createReadyRequestWithAuth();
+
+      toolFunction = new TestToolFunction(readyRequest);
+      toolFunction.getMockReady().mockResolvedValue(true);
+
+      // Act
+      const result = await toolFunction.perform();
+
+      // Assert
+      expect(toolFunction.getMockReady()).toHaveBeenCalledTimes(1);
+      expect(result).toEqual(new Response(200, { ready: true }));
+      expect(mockProcessRequest).not.toHaveBeenCalled(); // Should not call service
+    });
+
+    it('should return ready: false when ready method returns false', async () => {
+      // Arrange
+      const readyRequest = createReadyRequestWithAuth();
+
+      toolFunction = new TestToolFunction(readyRequest);
+      toolFunction.getMockReady().mockResolvedValue(false);
+
+      // Act
+      const result = await toolFunction.perform();
+
+      // Assert
+      expect(toolFunction.getMockReady()).toHaveBeenCalledTimes(1);
+      expect(result).toEqual(new Response(200, { ready: false }));
+      expect(mockProcessRequest).not.toHaveBeenCalled(); // Should not call service
+    });
+
+    it('should handle ready method throwing an error', async () => {
+      // Arrange
+      const readyRequest = createReadyRequestWithAuth();
+
+      toolFunction = new TestToolFunction(readyRequest);
+      toolFunction.getMockReady().mockRejectedValue(new Error('Ready check failed'));
+
+      // Act & Assert
+      await expect(toolFunction.perform()).rejects.toThrow('Ready check failed');
+      expect(toolFunction.getMockReady()).toHaveBeenCalledTimes(1);
+      expect(mockProcessRequest).not.toHaveBeenCalled(); // Should not call service
+    });
+
+    it('should use default ready implementation when not overridden', async () => {
+      // Create a class that doesn't override ready method
+      class DefaultReadyToolFunction extends ToolFunction {
+        public constructor(request?: any) {
+          super(request || {});
+          (this as any).request = request;
+        }
+
+        public getRequest() {
+          return (this as any).request;
+        }
+      }
+
+      // Arrange
+      const readyRequest = createReadyRequestWithAuth();
+      const defaultToolFunction = new DefaultReadyToolFunction(readyRequest);
+
+      // Act
+      const result = await defaultToolFunction.perform();
+
+      // Assert - Default implementation should return true
+      expect(result).toEqual(new Response(200, { ready: true }));
+      expect(mockProcessRequest).not.toHaveBeenCalled(); // Should not call service
+    });
+  });
+
+  describe('perform', () => {
+    it('should execute successfully with valid token and matching organization', async () => {
+      // Setup mock token verifier to return true for valid token
+      mockTokenVerifier.verify.mockResolvedValue(true);
+      mockProcessRequest.mockResolvedValue(mockResponse);
+
+      const result = await toolFunction.perform();
+
+      expect(result).toBe(mockResponse);
+      expect(mockGetTokenVerifier).toHaveBeenCalled();
+      expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-access-token');
+      expect(mockGetAppContext).toHaveBeenCalled();
+      expect(mockProcessRequest).toHaveBeenCalledWith(mockRequest, toolFunction);
+    });
+
+    it('should return 403 response with invalid token', async () => {
+      // Setup mock token verifier to return false
+      mockTokenVerifier.verify.mockResolvedValue(false);
+
+      const result = await toolFunction.perform();
+
+      expect(result).toEqual(new Response(403, { error: 'Forbidden' }));
+      expect(mockGetTokenVerifier).toHaveBeenCalled();
+      expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-access-token');
+      expect(mockProcessRequest).not.toHaveBeenCalled();
+    });
+
+    it('should return 403 response when organization ID does not match', async () => {
+      // Update mock request with different customer_id
+      const requestWithDifferentOrgId = {
+        ...mockRequest,
+        bodyJSON: {
+          ...mockRequest.bodyJSON,
+          auth: {
+            ...mockRequest.bodyJSON.auth,
+            credentials: {
+              ...mockRequest.bodyJSON.auth.credentials,
+              customer_id: 'different-org-123'
+            }
+          }
+        }
+      };
+
+      const toolFunctionWithDifferentOrgId = new TestToolFunction(requestWithDifferentOrgId);
+
+      const result = await toolFunctionWithDifferentOrgId.perform();
+
+      expect(result).toEqual(new Response(403, { error: 'Forbidden' }));
+      expect(mockGetAppContext).toHaveBeenCalled();
+      expect(mockProcessRequest).not.toHaveBeenCalled();
+    });
+
+    it('should return 403 response when access token is missing', async () => {
+      // Create request without access token
+      const requestWithoutToken = {
+        ...mockRequest,
+        bodyJSON: {
+          ...mockRequest.bodyJSON,
+          auth: {
+            ...mockRequest.bodyJSON.auth,
+            credentials: {
+              ...mockRequest.bodyJSON.auth.credentials,
+              access_token: undefined
+            }
+          }
+        }
+      };
+
+      const toolFunctionWithoutToken = new TestToolFunction(requestWithoutToken);
+
+      const result = await toolFunctionWithoutToken.perform();
+
+      expect(result).toEqual(new Response(403, { error: 'Forbidden' }));
+      expect(mockGetTokenVerifier).not.toHaveBeenCalled();
+      expect(mockProcessRequest).not.toHaveBeenCalled();
+    });
+
+    it('should return 403 response when organisation id is missing', async () => {
+      // Create request without customer_id
+      const requestWithoutCustomerId = {
+        ...mockRequest,
+        bodyJSON: {
+          ...mockRequest.bodyJSON,
+          auth: {
+            ...mockRequest.bodyJSON.auth,
+            credentials: {
+              ...mockRequest.bodyJSON.auth.credentials,
+              customer_id: undefined
+            }
+          }
+        }
+      };
+
+      const toolFunctionWithoutCustomerId = new TestToolFunction(requestWithoutCustomerId);
+
+      const result = await toolFunctionWithoutCustomerId.perform();
+
+      expect(result).toEqual(new Response(403, { error: 'Forbidden' }));
+      expect(mockGetTokenVerifier).not.toHaveBeenCalled();
+      expect(mockProcessRequest).not.toHaveBeenCalled();
+    });
+
+    it('should return 403 response when auth structure is missing', async () => {
+      // Create request without auth structure
+      const requestWithoutAuth = {
+        ...mockRequest,
+        bodyJSON: {
+          parameters: mockRequest.bodyJSON.parameters,
+          environment: mockRequest.bodyJSON.environment
+        }
+      };
+
+      const toolFunctionWithoutAuth = new TestToolFunction(requestWithoutAuth);
+
+      const result = await toolFunctionWithoutAuth.perform();
+
+      expect(result).toEqual(new Response(403, { error: 'Forbidden' }));
+      expect(mockGetTokenVerifier).not.toHaveBeenCalled();
+      expect(mockProcessRequest).not.toHaveBeenCalled();
+    });
+
+    it('should return 403 response when token verifier initialization fails', async () => {
+      // Setup mock to fail during token verifier initialization
+      mockGetTokenVerifier.mockRejectedValue(new Error('Failed to initialize token verifier'));
+
+      const result = await toolFunction.perform();
+
+      expect(result).toEqual(new Response(403, { error: 'Forbidden' }));
+      expect(mockGetTokenVerifier).toHaveBeenCalled();
+      expect(mockProcessRequest).not.toHaveBeenCalled();
+    });
+  });
+
+  describe('inheritance', () => {
+    it('should be an instance of Function', () => {
+      // Assert
+      expect(toolFunction).toBeInstanceOf(ToolFunction);
+    });
+
+    it('should have access to the request property', () => {
+      // Assert
+      expect(toolFunction.getRequest()).toBe(mockRequest);
+    });
+  });
+});

package/src/function/ToolFunction.ts

@@ -1,5 +1,7 @@
 import { Function, Response, amendLogContext } from '@zaiusinc/app-sdk';
+import { authenticateRegularRequest } from '../auth/AuthUtils';
 import { toolsService } from '../service/Service';
+import { ToolLogger } from '../logging/ToolLogger';
 
 /**
  * Abstract base class for tool-based function execution
@@ -18,12 +20,28 @@ export abstract class ToolFunction extends Function {
   }
 
   /**
-   * Process the incoming request using the tools service
+   * Process the incoming request with logging
    *
    * @returns Response as the HTTP response
    */
   public async perform(): Promise<Response> {
+    const startTime = Date.now();
     amendLogContext({ opalThreadId: this.request.headers.get('x-opal-thread-id') || '' });
+
+    ToolLogger.logRequest(this.request);
+
+    const response = await this.handleRequest();
+
+    ToolLogger.logResponse(this.request, response, startTime - Date.now());
+    return response;
+  }
+
+  /**
+   * Handle the core request processing logic
+   *
+   * @returns Response as the HTTP response
+   */
+  private async handleRequest(): Promise<Response> {
     if (!(await this.authorizeRequest())) {
       return new Response(403, { error: 'Forbidden' });
     }
@@ -32,6 +50,7 @@ export abstract class ToolFunction extends Function {
       const isReady = await this.ready();
       return new Response(200, { ready: isReady });
     }
+
     // Pass 'this' as context so decorated methods can use the existing instance
     return toolsService.processRequest(this.request, this);
   }
@@ -42,6 +61,6 @@ export abstract class ToolFunction extends Function {
    * @returns true if authentication succeeds
    */
   private async authorizeRequest(): Promise<boolean> {
-    return true;
+    return await authenticateRegularRequest(this.request);
   }
 }