Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BC-6453 - Add authorization service client module #5050

Merged
merged 47 commits into from
Jun 13, 2024
Merged
Changes from 1 commit
Commits
Show all changes
47 commits
Select commit Hold shift + click to select a range
913faff
BC-6453 - Add authorization service client using OpenAPI
bergatco Jun 5, 2024
a9808c1
BC-6453 - move OpenAPI generated client to `apps/server/src/infra/aut…
bergatco Jun 5, 2024
f208138
BC-6453 - move latest OpenAPI config file to separate file and use la…
bergatco Jun 5, 2024
bc66ea2
BC-6453 - add tests for `AuthorizationClientAdapter`
bergatco Jun 5, 2024
417de23
BC-6453 - remove unused OpenAPI generated models
bergatco Jun 6, 2024
eaf8756
BC-6453 - add some comments to `apps/server/src/infra/authorization-c…
bergatco Jun 6, 2024
dcdb14a
BC-6453 - extend unit tests and remove generated `AuthorizationApi` f…
bergatco Jun 7, 2024
3b9ef42
Merge branch 'main' into BC-6453-add-authorisation-service-client-module
bergatco Jun 7, 2024
e443713
BC-6453 - fix package.json error
bergatco Jun 7, 2024
d1fc493
BC-6453 - fix `package-lock.json` issue
bergatco Jun 7, 2024
52dc411
Merge branch 'main' into BC-6453-add-authorisation-service-client-module
bergatco Jun 7, 2024
127eb4a
BC-6453 - update API title and description for swagger to use Schulcl…
bergatco Jun 7, 2024
499febb
BC-6453 - remove redundant npm package `@openapitools/openapi-generat…
bergatco Jun 7, 2024
c8eca15
BC-6453 - revert `package-lock.json` to `main`
bergatco Jun 7, 2024
c43f99f
BC-6453 - apply renaming of `HPI Schul-Cloud` to `Schulcloud-Verbund-…
bergatco Jun 7, 2024
60fe578
BC-6453 - make barrel file `apps/server/src/infra/authorization-clien…
bergatco Jun 7, 2024
ddd78d1
BC-6453 - extract jwt from request and remove `apiKey`
bergatco Jun 10, 2024
2d400cb
BC-6453 - add unit tests for `hasPermissionByReferences`
bergatco Jun 10, 2024
be14363
BC-6453 - fix `authorization` handling
bergatco Jun 10, 2024
f119586
BC-6453 - add "own" loggable as well as extend unit tests
bergatco Jun 10, 2024
e89b3e4
BC-6453 - add unit tests for loggables
bergatco Jun 10, 2024
0ce6d86
BC-6453 - update JWT extraction and handling in AuthorizationClientAd…
bergatco Jun 10, 2024
e0db97e
BC-6453 - fix currently broken unit tests
bergatco Jun 10, 2024
7122174
Merge branch 'main' into BC-6453-add-authorisation-service-client-module
bergatco Jun 11, 2024
7d7f51c
BC-6453 - make jwt extraction more general
bergatco Jun 11, 2024
a7453b9
BC-6453 - extend unit tests for jwt and cookie handling
bergatco Jun 11, 2024
f588019
BC-6453 - remove some more unnecessary file from generated api
bergatco Jun 11, 2024
8f1a7de
BC-6453 - remove files to be ignored
bergatco Jun 11, 2024
a18eeed
BC-6453 - add `resetAllMocks` after each unit test
bergatco Jun 11, 2024
ee2b0e8
BC-6453 - allow also ONLY jwt in authorization header
bergatco Jun 11, 2024
50317aa
BC-6453 - remove unnecessary comments, improve unit test structure pl…
bergatco Jun 11, 2024
0a0626f
BC-6453 - improve unit tests structure
bergatco Jun 11, 2024
82060cf
BC-6453 - fix wording in one unit tests
bergatco Jun 12, 2024
69d8a78
BC-6453 - further improve unit tests structure
bergatco Jun 12, 2024
2a95f62
Merge branch 'main' into BC-6453-add-authorisation-service-client-module
bergatco Jun 12, 2024
eacdd8b
BC-6453 - rename functions
bergatco Jun 12, 2024
0d07a81
BC-6453 - move auth header creation to separate function `createOptio…
bergatco Jun 12, 2024
ca37249
BC-6453 - remove loggable tests
bergatco Jun 12, 2024
c8395e8
Merge branch 'main' into BC-6453-add-authorisation-service-client-module
bergatco Jun 12, 2024
2574922
Merge branch 'main' into BC-6453-add-authorisation-service-client-module
bergatco Jun 12, 2024
eeb78a5
BC-6453 - replace `UnauthorizedException` with `AuthorizationErrorLog…
bergatco Jun 13, 2024
7511741
BC-6453 - fix naming of unit test
bergatco Jun 13, 2024
1ebdf2e
BC-6453 - extend error handling in `AuthorizationErrorLoggableException`
bergatco Jun 13, 2024
e15c9bb
Merge branch 'main' into BC-6453-add-authorisation-service-client-module
bergatco Jun 13, 2024
ec9dddd
BC-6453 - extend unit tests for `AuthorizationClientAdapter` to inclu…
bergatco Jun 13, 2024
5069818
BC-6453 - re-add loggable tests
bergatco Jun 13, 2024
558bae8
BC-6453 - remove loggable tests from `AuthorizationClientAdapter` uni…
bergatco Jun 13, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
BC-6453 - remove loggable tests from AuthorizationClientAdapter uni…
…t tests and extend own unit tests
  • Loading branch information
bergatco committed Jun 13, 2024
commit 558bae8da41dde396db354db3278eaa55d7117c8
Original file line number Diff line number Diff line change
@@ -107,137 +107,32 @@ describe(AuthorizationClientAdapter.name, () => {

await expect(service.checkPermissionsByReference(params)).rejects.toThrowError(expectedError);
});

it('should have correct log message', async () => {
const { params } = setup({ isAuthorized: false });

const expectedLogMessage = {
type: 'FORBIDDEN_EXCEPTION',
stack: expect.any(String),
data: {
action: params.context.action,
referenceId: params.referenceId,
referenceType: params.referenceType,
requiredPermissions: params.context.requiredPermissions.join(','),
},
};

try {
await service.checkPermissionsByReference(params);
// Fail test if above expression doesn't throw anything.
expect(true).toBe(false);
} catch (e) {
const logMessage = (e as AuthorizationForbiddenLoggableException).getLogMessage();

expect(logMessage).toEqual(expectedLogMessage);
}
});
});
});

describe('when authorizationReferenceControllerAuthorizeByReference returns error', () => {
describe('when error is instance of Error', () => {
const setup = () => {
const error = new Error('testError');
authorizationApi.authorizationReferenceControllerAuthorizeByReference.mockRejectedValueOnce(error);

const params = {
context: {
action: Action.READ,
requiredPermissions,
},
referenceType: AuthorizationBodyParamsReferenceType.COURSES,
referenceId: 'someReferenceId',
};

return { params, error };
};

it('should throw AuthorizationErrorLoggableException', async () => {
const { params, error } = setup();

const expectedError = new AuthorizationErrorLoggableException(error, params);

await expect(service.checkPermissionsByReference(params)).rejects.toThrowError(expectedError);
});

it('should have correct log message', async () => {
const { params, error } = setup();

const expectedLogMessage = {
type: 'INTERNAL_SERVER_ERROR',
error,
stack: expect.any(String),
data: {
action: params.context.action,
referenceId: params.referenceId,
referenceType: params.referenceType,
requiredPermissions: params.context.requiredPermissions.join(','),
},
};

try {
await service.hasPermissionsByReference(params);
// Fail test if above expression doesn't throw anything.
expect(true).toBe(false);
} catch (e) {
const logMessage = (e as AuthorizationErrorLoggableException).getLogMessage();

expect(logMessage).toEqual(expectedLogMessage);
}
});
});

describe('when error is NOT instance of Error', () => {
const setup = () => {
const params = {
context: {
action: Action.READ,
requiredPermissions,
},
referenceType: AuthorizationBodyParamsReferenceType.COURSES,
referenceId: 'someReferenceId',
};

const error = { code: '123', message: 'testError' };
authorizationApi.authorizationReferenceControllerAuthorizeByReference.mockRejectedValueOnce(error);

return { params, error };
const setup = () => {
const params = {
context: {
action: Action.READ,
requiredPermissions,
},
referenceType: AuthorizationBodyParamsReferenceType.COURSES,
referenceId: 'someReferenceId',
};

it('should throw AuthorizationErrorLoggableException', async () => {
const { params, error } = setup();
const error = new Error('testError');
authorizationApi.authorizationReferenceControllerAuthorizeByReference.mockRejectedValueOnce(error);

const expectedError = new AuthorizationErrorLoggableException(error, params);

await expect(service.hasPermissionsByReference(params)).rejects.toThrowError(expectedError);
});
return { params, error };
};

it('should have correct log message', async () => {
const { params, error } = setup();

const expectedLogMessage = {
type: 'INTERNAL_SERVER_ERROR',
error: new Error(JSON.stringify(error)),
stack: expect.any(String),
data: {
action: params.context.action,
referenceId: params.referenceId,
referenceType: params.referenceType,
requiredPermissions: params.context.requiredPermissions.join(','),
},
};
it('should throw AuthorizationErrorLoggableException', async () => {
const { params, error } = setup();

try {
await service.hasPermissionsByReference(params);
// Fail test if above expression doesn't throw anything.
expect(true).toBe(false);
} catch (e) {
const logMessage = (e as AuthorizationErrorLoggableException).getLogMessage();
const expectedError = new AuthorizationErrorLoggableException(error, params);

expect(logMessage).toEqual(expectedLogMessage);
}
});
await expect(service.checkPermissionsByReference(params)).rejects.toThrowError(expectedError);
});
});
});
@@ -401,137 +296,31 @@ describe(AuthorizationClientAdapter.name, () => {

await expect(adapter.hasPermissionsByReference(params)).rejects.toThrowError(expectedError);
});

it('should have correct log message', async () => {
const { params, adapter, error } = setup();

const expectedLogMessage = {
type: 'INTERNAL_SERVER_ERROR',
error,
stack: expect.any(String),
data: {
action: params.context.action,
referenceId: params.referenceId,
referenceType: params.referenceType,
requiredPermissions: params.context.requiredPermissions.join(','),
},
};

try {
await adapter.hasPermissionsByReference(params);
// Fail test if above expression doesn't throw anything.
expect(true).toBe(false);
} catch (e) {
const logMessage = (e as AuthorizationErrorLoggableException).getLogMessage();

expect(logMessage).toEqual(expectedLogMessage);
}
});
});

describe('when authorizationReferenceControllerAuthorizeByReference returns error', () => {
describe('when error is instance of Error', () => {
const setup = () => {
const params = {
context: {
action: Action.READ,
requiredPermissions,
},
referenceType: AuthorizationBodyParamsReferenceType.COURSES,
referenceId: 'someReferenceId',
};

const error = new Error('testError');
authorizationApi.authorizationReferenceControllerAuthorizeByReference.mockRejectedValueOnce(error);

return { params, error };
};

it('should throw AuthorizationErrorLoggableException', async () => {
const { params, error } = setup();

const expectedError = new AuthorizationErrorLoggableException(error, params);

await expect(service.hasPermissionsByReference(params)).rejects.toThrowError(expectedError);
});

it('should have correct log message', async () => {
const { params, error } = setup();

const expectedLogMessage = {
type: 'INTERNAL_SERVER_ERROR',
error,
stack: expect.any(String),
data: {
action: params.context.action,
referenceId: params.referenceId,
referenceType: params.referenceType,
requiredPermissions: params.context.requiredPermissions.join(','),
},
};

try {
await service.hasPermissionsByReference(params);
// Fail test if above expression doesn't throw anything.
expect(true).toBe(false);
} catch (e) {
const logMessage = (e as AuthorizationErrorLoggableException).getLogMessage();

expect(logMessage).toEqual(expectedLogMessage);
}
});
});

describe('when error is NOT instance of Error', () => {
const setup = () => {
const params = {
context: {
action: Action.READ,
requiredPermissions,
},
referenceType: AuthorizationBodyParamsReferenceType.COURSES,
referenceId: 'someReferenceId',
};

const error = { code: '123', message: 'testError' };
authorizationApi.authorizationReferenceControllerAuthorizeByReference.mockRejectedValueOnce(error);

return { params, error };
const setup = () => {
const params = {
context: {
action: Action.READ,
requiredPermissions,
},
referenceType: AuthorizationBodyParamsReferenceType.COURSES,
referenceId: 'someReferenceId',
};

it('should throw AuthorizationErrorLoggableException', async () => {
const { params, error } = setup();

const expectedError = new AuthorizationErrorLoggableException(error, params);
const error = new Error('testError');
authorizationApi.authorizationReferenceControllerAuthorizeByReference.mockRejectedValueOnce(error);

await expect(service.hasPermissionsByReference(params)).rejects.toThrowError(expectedError);
});
return { params, error };
};

it('should have correct log message', async () => {
const { params, error } = setup();

const expectedLogMessage = {
type: 'INTERNAL_SERVER_ERROR',
error: new Error(JSON.stringify(error)),
stack: expect.any(String),
data: {
action: params.context.action,
referenceId: params.referenceId,
referenceType: params.referenceType,
requiredPermissions: params.context.requiredPermissions.join(','),
},
};
it('should throw AuthorizationErrorLoggableException', async () => {
const { params, error } = setup();

try {
await service.hasPermissionsByReference(params);
// Fail test if above expression doesn't throw anything.
expect(true).toBe(false);
} catch (e) {
const logMessage = (e as AuthorizationErrorLoggableException).getLogMessage();
const expectedError = new AuthorizationErrorLoggableException(error, params);

expect(logMessage).toEqual(expectedLogMessage);
}
});
await expect(service.hasPermissionsByReference(params)).rejects.toThrowError(expectedError);
});
});
});
Loading
Loading