help

devksingh4 · devksingh4 · commit a085c7379f66 · 2024-08-05T16:36:03.000-04:00
diff --git a/cloudformation/main.yml b/cloudformation/main.yml
@@ -40,7 +40,7 @@ Mappings:
       HostedZoneId: Z04502822NVIA85WM2SML
       ApiDomainName: "aws.qa.acmuiuc.org"
       ValidCorsOrigins: ["*"]
-      AadValidClientId: "251efa82-f589-42e1-9ebb-e214a4f40a0f"
+      AadValidClientId: "39c28870-94e4-47ee-b4fb-affe0bf96c9f"
     prod:
       ApiCertificateArn: arn:aws:acm:us-east-1:298118738376:certificate/6142a0e2-d62f-478e-bf15-5bdb616fe705
       HostedZoneId: Z05246633460N5MEB9DBF
@@ -98,6 +98,7 @@ Resources:
         Variables:
           RunEnvironment: !Ref RunEnvironment
           ValidCorsOrigins: !Join [",", !FindInMap [ApiGwConfig, !Ref RunEnvironment, ValidCorsOrigins]]
+          AadValidClientId: !FindInMap [ApiGwConfig, !Ref RunEnvironment, AadValidClientId]
       VpcConfig: 
         Ipv6AllowedForDualStack: !If [ShouldAttachVpc, True, !Ref AWS::NoValue]
         SecurityGroupIds: !If [ShouldAttachVpc, !FindInMap [EnvironmentToCidr, !Ref RunEnvironment, SecurityGroupIds], !Ref AWS::NoValue]
diff --git a/dist/index.js b/dist/index.js
@@ -1,9 +1,9 @@
 /* eslint import/no-nodejs-modules: ["error", {"allow": ["crypto"]}] */
 import { randomUUID } from "crypto";
 import fastify from "fastify";
-import { fastifyAuthPlugin } from "./plugins/auth.js";
-import FastifyAuthProvider from '@fastify/auth';
-import { EventsApiRoles } from "./roles.js";
+import FastifyAuthProvider from "@fastify/auth";
+import fastifyAuthPlugin from "./plugins/auth.js";
+import protectedRoute from "./routes/protected.js";
 const now = () => Date.now();
 async function init() {
     const app = fastify({
@@ -21,7 +21,7 @@ async function init() {
     });
     await app.register(fastifyAuthPlugin);
     await app.register(FastifyAuthProvider);
-    app.runEnvironment = process.env.RunEnvironment ?? 'dev';
+    app.runEnvironment = process.env.RunEnvironment ?? "dev";
     app.addHook("onRequest", (req, _, done) => {
         req.startTime = now();
         req.log.info({ url: req.raw.url }, "received request");
@@ -36,15 +36,9 @@ async function init() {
         done();
     });
     app.get("/api/v1/healthz", (_, reply) => reply.send({ message: "UP" }));
-    app.get("/api/v1/protected", async (_, reply) => {
-        app.auth([
-            app.authenticate,
-            async (request, reply) => {
-                await app.authorize(request, reply, [EventsApiRoles.MANAGER]);
-            }
-        ]);
-        reply.send({ message: "UP" });
-    });
+    await app.register(async (api, _options) => {
+        api.register(protectedRoute, { prefix: "/protected" });
+    }, { prefix: "/api/v1" });
     return app;
 }
 if (import.meta.url === `file://${process.argv[1]}`) {
diff --git a/src/errors/index.ts b/src/errors/index.ts
@@ -5,7 +5,7 @@ interface BaseErrorParams<T extends string> {
   httpStatusCode: number;
 }
 
-abstract class BaseError<T extends string> extends Error {
+export abstract class BaseError<T extends string> extends Error {
   public name: T;
 
   public id: number;
@@ -20,22 +20,51 @@ abstract class BaseError<T extends string> extends Error {
     this.id = id;
     this.message = message;
     this.httpStatusCode = httpStatusCode;
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(this, this.constructor);
+    }
+  }
+  toString() {
+    return `Error ${this.id} (${this.name}): ${this.message}\n\n${this.stack}`
   }
 }
 
 export class UnauthorizedError extends BaseError<"UnauthorizedError"> {
   constructor({ message }: { message: string }) {
-    super({ name: "UnauthorizedError", id: 100, message, httpStatusCode: 401 });
+    super({ name: "UnauthorizedError", id: 101, message, httpStatusCode: 401 });
   }
 }
 
 export class UnauthenticatedError extends BaseError<"UnauthenticatedError"> {
   constructor({ message }: { message: string }) {
     super({
       name: "UnauthenticatedError",
-      id: 101,
+      id: 102,
       message,
       httpStatusCode: 403,
     });
   }
 }
+
+export class InternalServerError extends BaseError<"InternalServerError"> {
+  constructor() {
+    super({
+      name: "InternalServerError",
+      id: 100,
+      message: "An internal server error occurred. Please try again or contact support.",
+      httpStatusCode: 500,
+    });
+  }
+}
+
+
+export class NotFoundError extends BaseError<"NotFoundError"> {
+  constructor({endpointName}: {endpointName: string}) {
+    super({
+      name: "NotFoundError",
+      id: 103,
+      message: `${endpointName} is not a valid URL.`,
+      httpStatusCode: 404,
+    });
+  }
+}
diff --git a/src/index.ts b/src/index.ts
@@ -4,6 +4,7 @@ import fastify, { FastifyInstance } from "fastify";
 import FastifyAuthProvider from "@fastify/auth";
 import fastifyAuthPlugin from "./plugins/auth.js";
 import protectedRoute from "./routes/protected.js";
+import errorHandlerPlugin from "./plugins/errorHandler.js";
 
 const now = () => Date.now();
 
@@ -23,6 +24,7 @@ async function init() {
   });
   await app.register(fastifyAuthPlugin);
   await app.register(FastifyAuthProvider);
+  await app.register(errorHandlerPlugin);
   app.runEnvironment = process.env.RunEnvironment ?? "dev";
   app.addHook("onRequest", (req, _, done) => {
     req.startTime = now();
diff --git a/src/plugins/auth.ts b/src/plugins/auth.ts
@@ -1,9 +1,9 @@
 import { FastifyPluginAsync, FastifyReply, FastifyRequest } from "fastify";
 import fp from "fastify-plugin";
-import { UnauthenticatedError, UnauthorizedError } from "../errors/index.js";
-import { EventsApiRoles } from "../roles.js";
+import { BaseError, UnauthenticatedError, UnauthorizedError } from "../errors/index.js";
+import { AppRoles } from "../roles.js";
 
-// const GroupRoleMapping: Record<string, EventsApiRoles[]> = {};
+// const GroupRoleMapping: Record<string, AppRoles[]> = {};
 
 const authPlugin: FastifyPluginAsync = async (fastify, _options) => {
   fastify.decorate(
@@ -13,8 +13,14 @@ const authPlugin: FastifyPluginAsync = async (fastify, _options) => {
       _reply: FastifyReply,
     ): Promise<void> {
       try {
-        request.log.info("Authenticating JWT");
-      } catch (_: unknown) {
+        const clientId = process.env.AadValidClientId;
+        if (!clientId) {
+          throw new UnauthenticatedError({message: "Server could not find valid AAD Client ID."})
+        }
+      } catch (err: unknown) {
+        if (err instanceof BaseError) {
+          throw err;
+        }
         throw new UnauthenticatedError({ message: "Could not verify JWT." });
       }
     },
@@ -24,7 +30,7 @@ const authPlugin: FastifyPluginAsync = async (fastify, _options) => {
     async function (
       request: FastifyRequest,
       _reply: FastifyReply,
-      _validRoles: EventsApiRoles[],
+      _validRoles: AppRoles[],
     ): Promise<void> {
       try {
         request.log.info("Authorizing JWT");
diff --git a/src/plugins/errorHandler.ts b/src/plugins/errorHandler.ts
@@ -0,0 +1,31 @@
+import fastify, { FastifyReply, FastifyRequest } from 'fastify';
+import fp from 'fastify-plugin';
+import { BaseError, InternalServerError, NotFoundError } from '../errors/index.js';
+import { request } from 'http';
+
+const errorHandlerPlugin = fp(async(fastify) => {
+    fastify.setErrorHandler((err: unknown, request: FastifyRequest, reply: FastifyReply) => {
+        let finalErr = new InternalServerError();
+        if (err instanceof BaseError) {
+            finalErr = err;
+        }
+        if (err instanceof BaseError) {
+            request.log.error({errId: err.id, errName: err.name}, finalErr.toString())
+        } else if (err instanceof Error) {
+            request.log.error({errName: err.name}, 'Native unhandled error: response sent to client.')
+        } else {
+            request.log.error('Native unhandled error: response sent to client.')
+        }
+        reply.status(finalErr.httpStatusCode).type('application/json').send({
+            error: true,
+            name: finalErr.name,
+            id: finalErr.id,
+            message: finalErr.message,
+        })
+    })
+    fastify.setNotFoundHandler((request: FastifyRequest) => {
+        throw new NotFoundError({endpointName: request.url});
+    })
+})
+
+export default errorHandlerPlugin;
diff --git a/src/roles.ts b/src/roles.ts
@@ -1,4 +1,4 @@
 /* eslint-disable import/prefer-default-export */
-export enum EventsApiRoles {
+export enum AppRoles {
   MANAGER,
 }
diff --git a/src/routes/protected.ts b/src/routes/protected.ts
@@ -1,5 +1,5 @@
 import { FastifyPluginAsync } from "fastify";
-import { EventsApiRoles } from "../roles.js";
+import { AppRoles } from "../roles.js";
 
 const protectedRoute: FastifyPluginAsync = async (fastify, _options) => {
   fastify.get(
@@ -8,7 +8,7 @@ const protectedRoute: FastifyPluginAsync = async (fastify, _options) => {
       onRequest: fastify.auth([
         fastify.authenticate,
         async (request, reply) => {
-          fastify.authorize(request, reply, [EventsApiRoles.MANAGER]);
+          fastify.authorize(request, reply, [AppRoles.MANAGER]);
         },
       ]),
     },
diff --git a/src/types.d.ts b/src/types.d.ts
@@ -1,5 +1,5 @@
 import { FastifyRequest, FastifyInstance, FastifyReply } from "fastify";
-import { EventsApiRoles } from "./roles.ts";
+import { AppRoles } from "./roles.ts";
 declare module "fastify" {
   interface FastifyInstance {
     authenticate: (
@@ -9,7 +9,7 @@ declare module "fastify" {
     authorize: (
       request: FastifyRequest,
       reply: FastifyReply,
-      validRoles: EventsApiRoles[],
+      validRoles: AppRoles[],
     ) => Promise<void>;
     runEnvironment: string;
   }

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`	`1`	`/* eslint-disable import/prefer-default-export */`
`2`		`-export enum EventsApiRoles {`
	`2`	`+export enum AppRoles {`
`3`	`3`	`MANAGER,`
`4`	`4`	`}`