lesgo 0.7.8 → 1.0.0

package/src/middlewares/clientAuthMiddleware.js

@@ -1,5 +1,4 @@
 import client from 'Config/client'; // eslint-disable-line import/no-unresolved
-import { errorHttpResponseAfterHandler } from './errorHttpResponseMiddleware';
 import validateFields from '../utils/validateFields';
 import { LesgoException } from '../exceptions';
 
@@ -7,7 +6,7 @@ const FILE = 'Middlewares/clientAuthMiddleware';
 
 const validateParams = params => {
   const validFields = [
-    { key: 'x-client-id', type: 'string', required: true },
+    { key: 'clientKey', type: 'string', required: true },
     { key: 'client', type: 'object', required: true },
   ];
 
@@ -21,8 +20,28 @@ const validateParams = params => {
 };
 
 const getClientKey = event => {
-  if (typeof event.headers['x-client-id'] === 'string') {
-    return event.headers['x-client-id'];
+  const foundExistingKey = client.headerKeys.find(headerKey => {
+    if (event.headers && typeof event.headers[headerKey] === 'string') {
+      return true;
+    }
+
+    if (
+      event.queryStringParameters &&
+      typeof event.queryStringParameters[headerKey] === 'string'
+    ) {
+      return true;
+    }
+
+    return false;
+  });
+
+  if (foundExistingKey) {
+    if (event.headers && event.headers[foundExistingKey]) {
+      return event.headers[foundExistingKey];
+    }
+
+    // There will always be one where this is found existing
+    return event.queryStringParameters[foundExistingKey];
   }
 
   if (event.input && typeof event.input.clientid === 'string') {
@@ -32,20 +51,23 @@ const getClientKey = event => {
   return undefined;
 };
 
-export const clientAuthMiddlewareBeforeHandler = (
+export const clientAuthMiddlewareBeforeHandler = async (
   handler,
   next,
-  opt = undefined
+  opt = {}
 ) => {
-  const validated = validateParams({
-    'x-client-id': getClientKey(handler.event),
-    client,
-  });
+  const { clients, callback } = {
+    ...client,
+    ...(typeof opt === 'function' ? { callback: opt } : opt),
+  };
 
-  const clientKey = validated['x-client-id'];
+  const { client: validatedClient, clientKey } = validateParams({
+    clientKey: getClientKey(handler.event),
+    client: clients,
+  });
 
-  const platform = Object.keys(validated.client).filter(clientPlatform => {
-    return validated.client[clientPlatform].key === clientKey;
+  const platform = Object.keys(validatedClient).filter(clientPlatform => {
+    return validatedClient[clientPlatform].key === clientKey;
   });
 
   if (platform.length === 0) {
@@ -58,13 +80,13 @@ export const clientAuthMiddlewareBeforeHandler = (
   }
 
   // eslint-disable-next-line no-param-reassign,prefer-destructuring
-  handler.event.platform = platform[0];
+  handler.event.platform = {
+    id: platform[0],
+    ...client.clients[platform[0]],
+  };
 
-  if (typeof opt === 'function') {
-    opt(handler);
-  } else if (typeof opt === 'object') {
-    const { callback } = opt;
-    if (typeof callback === 'function') callback(handler);
+  if (typeof callback === 'function') {
+    await callback(handler);
   }
 
   next();
@@ -75,7 +97,6 @@ const clientAuthMiddleware = opt => {
   return {
     before: (handler, next) =>
       clientAuthMiddlewareBeforeHandler(handler, next, opt),
-    onError: (handler, next) => errorHttpResponseAfterHandler(handler, next),
   };
 };
 

package/src/middlewares/errorHttpResponseMiddleware.js

@@ -66,7 +66,9 @@ export const errorHttpResponseHandler = async opts => {
   return {
     headers: options.headers,
     statusCode,
-    body: JSON.stringify(jsonBody),
+    body: options.formatError
+      ? options.formatError(options)
+      : JSON.stringify(jsonBody),
   };
 };
 

package/src/middlewares/httpNoOutputMiddleware.js

@@ -3,15 +3,19 @@ import { normalizeHttpRequestBeforeHandler } from './normalizeHttpRequestMiddlew
 import { successHttpResponseHandler } from './successHttpResponseMiddleware';
 import { errorHttpResponseHandler } from './errorHttpResponseMiddleware';
 
+const allowResponse = () => {
+  return app.debug;
+};
+
 const successHttpNoOutputResponseHandler = async opts => {
   const { queryStringParameters } = opts.event;
-  const debug =
-    queryStringParameters && queryStringParameters.debug && app.debug;
+  const debug = queryStringParameters && queryStringParameters.debug;
   const response = await successHttpResponseHandler(opts);
+  const shouldAllowResponse = opts.allowResponse || allowResponse;
 
   /* istanbul ignore next */
-  if (!debug && !opts.allowResponse(opts)) {
-    response.body = null;
+  if (!debug || !shouldAllowResponse(opts)) {
+    response.body = '';
   }
 
   return response;
@@ -25,7 +29,7 @@ export const successHttpNoOutputResponseAfterHandler = async (
   const defaults = {
     response: handler.response,
     event: handler.event,
-    allowResponse: () => false,
+    allowResponse,
   };
   const options = { ...defaults, ...opts };
 
@@ -38,16 +42,16 @@ export const successHttpNoOutputResponseAfterHandler = async (
 
 const errorHttpResponseNoOutputHandler = async opts => {
   const { queryStringParameters } = opts.event;
-  const debug =
-    queryStringParameters && queryStringParameters.debug && app.debug;
+  const debug = queryStringParameters && queryStringParameters.debug;
   const response = await errorHttpResponseHandler({
     ...opts,
     debugMode: opts.debugMode || debug,
   });
+  const shouldAllowResponse = opts.allowResponse || allowResponse;
 
-  if (!debug && !opts.allowResponse(opts)) {
+  if (!debug || !shouldAllowResponse(opts)) {
     response.statusCode = 200;
-    response.body = null;
+    response.body = '';
   }
 
   return response;
@@ -62,7 +66,7 @@ export const errorHttpNoOutputResponseAfterHandler = async (
     error: handler.error,
     event: handler.event,
     logger: console.error, // eslint-disable-line no-console
-    allowResponse: () => false,
+    allowResponse,
   };
 
   const options = { ...defaults, ...opts };

package/src/middlewares/index.js

@@ -4,6 +4,8 @@ import successHttpResponseMiddleware from './successHttpResponseMiddleware';
 import errorHttpResponseMiddleware from './errorHttpResponseMiddleware';
 import normalizeSQSMessageMiddleware from './normalizeSQSMessageMiddleware';
 import verifyJwtMiddleware from './verifyJwtMiddleware';
+import basicAuthMiddleware from './basicAuthMiddleware';
+import clientAuthMiddleware from './clientAuthMiddleware';
 
 export {
   httpMiddleware,
@@ -12,4 +14,6 @@ export {
   errorHttpResponseMiddleware,
   normalizeSQSMessageMiddleware,
   verifyJwtMiddleware,
+  basicAuthMiddleware,
+  clientAuthMiddleware,
 };

package/src/middlewares/successHttpResponseMiddleware.js

@@ -43,11 +43,13 @@ export const successHttpResponseHandler = async opts => {
   return {
     headers: options.headers,
     statusCode: options.statusCode,
-    body: JSON.stringify({
-      status: 'success',
-      data: options.response,
-      _meta: options.debugMode ? options.event : {},
-    }),
+    body: options.formatSuccess
+      ? options.formatSuccess(options)
+      : JSON.stringify({
+          status: 'success',
+          data: options.response,
+          _meta: options.debugMode ? options.event : {},
+        }),
   };
 };
 

package/src/middlewares/verifyJwtMiddleware.js

@@ -26,7 +26,7 @@ export const token = headers => {
   return parsed[1];
 };
 
-export const verifyJwtMiddlewareBeforeHandler = (handler, next, opts) => {
+export const verifyJwtMiddlewareBeforeHandler = async (handler, next, opts) => {
   const { headers } = handler.event;
 
   const finalConfig =
@@ -34,18 +34,29 @@ export const verifyJwtMiddlewareBeforeHandler = (handler, next, opts) => {
       ? opts.jwtConfig
       : config;
 
+  const { secret, callback } = finalConfig;
+
   try {
-    const service = new JwtService(token(headers), finalConfig);
+    const service = new JwtService(token(headers), {
+      ...finalConfig,
+      ...{
+        secret: typeof secret === 'function' ? secret(handler) : secret,
+      },
+    });
 
     // eslint-disable-next-line no-param-reassign
     handler.event.decodedJwt = service.validate().decoded;
 
+    if (typeof callback === 'function') {
+      await callback(handler);
+    }
+
     next();
   } catch (err) {
     if (err.name === 'JsonWebTokenError') {
-      throw new LesgoException(err.message, 'JWT_ERROR', 403);
+      throw new LesgoException(err.message, 'JWT_ERROR', 403, err);
     } else if (err.name === 'TokenExpiredError') {
-      throw new LesgoException(err.message, 'JWT_EXPIRED', 403);
+      throw new LesgoException(err.message, 'JWT_EXPIRED', 403, err);
     } else {
       throw err;
     }

package/src/services/LoggerService.js

@@ -30,8 +30,9 @@ export default class LoggerService {
     this.logLevels = {
       error: 0,
       warn: 1,
-      info: 2,
-      debug: 3,
+      notice: 2,
+      info: 3,
+      debug: 4,
     };
   }
 
@@ -63,6 +64,10 @@ export default class LoggerService {
     this.log('debug', message, extra);
   }
 
+  notice(message, extra = {}) {
+    this.log('notice', message, extra);
+  }
+
   addMeta(meta = {}) {
     this.meta = {
       ...this.meta,
@@ -73,7 +78,9 @@ export default class LoggerService {
   consoleLogger(level, message) {
     if (!this.checkIsLogRequired('console', level)) return null;
     const refinedMessage = this.refineMessagePerTransport('console', message);
-    return console[level](JSON.stringify(refinedMessage)); // eslint-disable-line no-console
+    const consoleFunc = level === 'notice' ? 'log' : level;
+
+    return console[consoleFunc](JSON.stringify(refinedMessage)); // eslint-disable-line no-console
   }
 
   checkIsLogRequired(transportName, level) {

package/src/services/__tests__/LoggerService.spec.js

@@ -13,8 +13,9 @@ describe('ServicesGroup: test LoggerService instantiation', () => {
     expect(logger.logLevels).toMatchObject({
       error: 0,
       warn: 1,
-      info: 2,
-      debug: 3,
+      notice: 2,
+      info: 3,
+      debug: 4,
     });
   });
 
@@ -146,6 +147,20 @@ describe('ServicesGroup: test log LoggerService with console transport', () => {
     );
   });
 
+  it('test log with notice level', () => {
+    const logger = new LoggerService({ transports: [{ logType: 'console' }] });
+    logger.notice('some notice log');
+
+    expect(console.log).toHaveBeenCalledWith(
+      JSON.stringify({
+        level: 'notice',
+        message: 'some notice log',
+        logger: 'lesgo-logger',
+        extra: {},
+      })
+    );
+  });
+
   it('test log with error level', () => {
     const logger = new LoggerService({ transports: [{ logType: 'console' }] });
     logger.error('some error log');

package/CHANGELOG.md

@@ -1,9 +0,0 @@
-# Changes as of November 11, 2019:
- - Added DatabaseService
-   - where you could connect thru your own sql server (mysql, posgres and etc.)
- - Added ElasticSearchService
-   - this service provides a connection that can connect thru local or AWS' ElasticSearch as of the moment.
- - Added JwtService
-   - to validate jwt access token, and custom claims.
- - Added ElastiCacheService
-   - a service that can use memcached/redis for in-memory key-value search.

package/src/middlewares/__tests__/serverAuthMiddleware.spec.js

@@ -1,170 +0,0 @@
-import serverAuthMiddleware, {
-  serverAuthBeforeHandler,
-} from '../serverAuthMiddleware';
-import { generateBasicAuthorizationHash } from '../basicAuthMiddleware';
-import client from '../../../tests/__mocks__/config/client';
-
-describe('test serverAuthMiddleware middleware', () => {
-  test.each`
-    clientObj
-    ${undefined}
-    ${{}}
-    ${{
-  default: {
-    key: '1111-1111-1111-1111',
-    secret: '1111-1111-1111-1111',
-  },
-}}
-  `('should return object', ({ clientObj }) => {
-    const result = serverAuthMiddleware({
-      client: clientObj,
-    });
-
-    expect(result).toHaveProperty('before');
-    expect(result).toHaveProperty('onError');
-  });
-});
-
-// eslint-disable-next-line
-const next = () => {};
-
-describe('test serverAuthBeforeHandler with valid credentials', () => {
-  const validBasicAuth = Buffer.from(
-    generateBasicAuthorizationHash(
-      client.platform_2.key,
-      client.platform_2.secret
-    )
-  ).toString('base64');
-
-  test.each`
-    clientObj
-    ${undefined}
-    ${{}}
-    ${{
-  platform_2: {
-    key: '2222-2222-2222-2222',
-    secret: '2222-2222-2222-2222',
-  },
-}}
-  `('should return undefined when successful', ({ clientObj }) => {
-    const handler = {
-      event: {
-        headers: {
-          Authorization: `basic ${validBasicAuth}`,
-        },
-        site: {
-          id: 'platform_2',
-        },
-      },
-    };
-
-    let hasError = false;
-
-    try {
-      serverAuthBeforeHandler(handler, next, {
-        client: clientObj,
-      });
-    } catch (e) {
-      hasError = true;
-    }
-
-    expect(hasError).toBeFalsy();
-  });
-
-  test.each`
-    Authorization                | blacklistMode
-    ${undefined}                 | ${false}
-    ${`basic ${validBasicAuth}`} | ${false}
-    ${`Basic ${validBasicAuth}`} | ${false}
-    ${`basic ${validBasicAuth}`} | ${true}
-    ${`Basic ${validBasicAuth}`} | ${true}
-  `(
-    'test Exception with valid credentials',
-    ({ Authorization, blacklistMode }) => {
-      const handler = {
-        event: {
-          headers: {
-            Authorization,
-          },
-          site: {
-            id: 'platform_2',
-          },
-        },
-      };
-
-      let hasError = false;
-
-      try {
-        serverAuthBeforeHandler(handler, next, {
-          blacklistMode,
-        });
-      } catch (e) {
-        hasError = true;
-      }
-
-      expect(hasError).toBeFalsy();
-    }
-  );
-});
-
-describe('test serverAuthBeforeHandler error handling', () => {
-  const invalidClientKey = Buffer.from('client_key:secret_key').toString(
-    'base64'
-  );
-  const invalidSecretKey = Buffer.from(
-    `${client.platform_2.key}:secret_key`
-  ).toString('base64');
-
-  test.each`
-    headers                                           | errorName           | errorMessage                                  | errorStatusCode | errorCode                                                               | blacklistMode
-    ${{}}                                             | ${'LesgoException'} | ${'Authorization Header is required!'}        | ${403}          | ${'JWT_MISSING_AUTHORIZATION_HEADER'}                                   | ${undefined}
-    ${{ Authorization: 'auth' }}                      | ${'LesgoException'} | ${'Missing Bearer token!'}                    | ${403}          | ${'JWT_MISSING_BEARER_TOKEN'}                                           | ${undefined}
-    ${{ Authorization: 'basic ' }}                    | ${'LesgoException'} | ${'Empty basic authentication hash provided'} | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_EMPTY_BASIC_HASH'}             | ${undefined}
-    ${{ Authorization: `basic ${invalidClientKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${undefined}
-    ${{ Authorization: `basic ${invalidSecretKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${undefined}
-    ${{ Authorization: `Basic ${invalidSecretKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${undefined}
-    ${{}}                                             | ${'LesgoException'} | ${'Authorization Header is required!'}        | ${403}          | ${'JWT_MISSING_AUTHORIZATION_HEADER'}                                   | ${true}
-    ${{ Authorization: 'auth' }}                      | ${'LesgoException'} | ${'Missing Bearer token!'}                    | ${403}          | ${'JWT_MISSING_BEARER_TOKEN'}                                           | ${true}
-    ${{ Authorization: 'basic ' }}                    | ${'LesgoException'} | ${'Empty basic authentication hash provided'} | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_EMPTY_BASIC_HASH'}             | ${true}
-    ${{ Authorization: `basic ${invalidClientKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${true}
-    ${{ Authorization: `basic ${invalidSecretKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${true}
-    ${{ Authorization: `Basic ${invalidSecretKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${true}
-    ${{ Authorization: 'auth' }}                      | ${'LesgoException'} | ${'Missing Bearer token!'}                    | ${403}          | ${'JWT_MISSING_BEARER_TOKEN'}                                           | ${false}
-    ${{ Authorization: 'basic ' }}                    | ${'LesgoException'} | ${'Empty basic authentication hash provided'} | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_EMPTY_BASIC_HASH'}             | ${false}
-    ${{ Authorization: `basic ${invalidClientKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${false}
-    ${{ Authorization: `basic ${invalidSecretKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${false}
-    ${{ Authorization: `Basic ${invalidSecretKey}` }} | ${'LesgoException'} | ${'Invalid client key or secret provided'}    | ${403}          | ${'Middlewares/basicAuthMiddleware::AUTH_INVALID_CLIENT_OR_SECRET_KEY'} | ${false}
-  `(
-    'should throw $errorMessage when authorization header is $headers',
-    async ({
-      headers,
-      errorName,
-      errorMessage,
-      errorStatusCode,
-      errorCode,
-      blacklistMode,
-    }) => {
-      const handler = {
-        event: {
-          headers,
-          site: {
-            id: 'platform_1',
-          },
-        },
-      };
-
-      try {
-        expect(
-          serverAuthBeforeHandler(handler, next, {
-            blacklistMode,
-          })
-        ).toThrow();
-      } catch (error) {
-        expect(error.name).toBe(errorName);
-        expect(error.message).toBe(errorMessage);
-        expect(error.statusCode).toBe(errorStatusCode);
-        expect(error.code).toBe(errorCode);
-      }
-    }
-  );
-});

package/src/middlewares/serverAuthMiddleware.js

@@ -1,29 +0,0 @@
-import { verifyBasicAuthBeforeHandler } from './basicAuthMiddleware';
-import { verifyJwtMiddlewareBeforeHandler } from './verifyJwtMiddleware';
-import { errorHttpResponseAfterHandler } from './errorHttpResponseMiddleware';
-
-export const serverAuthBeforeHandler = (handler, next, opts) => {
-  try {
-    return verifyBasicAuthBeforeHandler(handler, next, opts);
-  } catch (e) {
-    if (
-      e.code !==
-        `Middlewares/basicAuthMiddleware::AUTH_INVALID_AUTHORIZATION_TYPE` &&
-      e.code !==
-        `Middlewares/basicAuthMiddleware::AUTHORIZATION_HEADER_NOT_FOUND`
-    )
-      throw e;
-  }
-
-  return verifyJwtMiddlewareBeforeHandler(handler, next, opts);
-};
-
-/* istanbul ignore next */
-const serverAuthMiddleware = opts => {
-  return {
-    before: (handler, next) => serverAuthBeforeHandler(handler, next, opts),
-    onError: (handler, next) => errorHttpResponseAfterHandler(handler, next),
-  };
-};
-
-export default serverAuthMiddleware;