From 800a10284a4c5314ef1e6fdb9c8432e6fd3ea55c Mon Sep 17 00:00:00 2001 From: LEGO Technix <109212476+lego-technix@users.noreply.github.com> Date: Tue, 4 Feb 2025 14:25:40 +0100 Subject: [PATCH 1/2] feat(api): add /api/healthcheck/forwarded-origin route --- .../healthcheck/healthcheck-controller.js | 12 ++++++++- .../shared/application/healthcheck/index.js | 10 +++++++ .../application/healthcheck/index_test.js | 23 ++++++++++++++++ .../application/healthcheck.route.test.js | 27 +++++++++++++++++++ 4 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 api/tests/shared/acceptance/application/healthcheck.route.test.js diff --git a/api/src/shared/application/healthcheck/healthcheck-controller.js b/api/src/shared/application/healthcheck/healthcheck-controller.js index ebb40e1b16c..e1d8c3ff858 100644 --- a/api/src/shared/application/healthcheck/healthcheck-controller.js +++ b/api/src/shared/application/healthcheck/healthcheck-controller.js @@ -2,6 +2,7 @@ import Boom from '@hapi/boom'; import { knex } from '../../../../db/knex-database-connection.js'; import packageJSON from '../../../../package.json' with { type: 'json' }; +import * as network from '../../../identity-access-management/infrastructure/utils/network.js'; import { config } from '../../config.js'; import { redisMonitor } from '../../infrastructure/utils/redis-monitor.js'; @@ -37,6 +38,15 @@ const checkRedisStatus = async function () { } }; -const healthcheckController = { get, checkDbStatus, checkRedisStatus }; +const checkForwardedOriginStatus = async function (request, h) { + const forwardedOrigin = network.getForwardedOrigin(request.headers); + if (!forwardedOrigin) { + return h.response('Obtaining Forwarded Origin failed').code(500); + } + + return h.response(forwardedOrigin).code(200); +}; + +const healthcheckController = { get, checkDbStatus, checkRedisStatus, checkForwardedOriginStatus }; export { healthcheckController }; diff --git a/api/src/shared/application/healthcheck/index.js b/api/src/shared/application/healthcheck/index.js index d90cd61bd3c..ef832787b0d 100644 --- a/api/src/shared/application/healthcheck/index.js +++ b/api/src/shared/application/healthcheck/index.js @@ -29,6 +29,16 @@ const register = async function (server) { tags: ['api'], }, }, + { + method: 'GET', + path: '/api/healthcheck/forwarded-origin', + config: { + auth: false, + handler: healthcheckController.checkForwardedOriginStatus, + notes: ['- **Cette route est publique**\n' + '- Récupération de l’origine HTTP de l’application appelante\n'], + tags: ['api', 'healthcheck'], + }, + }, ]); }; diff --git a/api/tests/integration/application/healthcheck/index_test.js b/api/tests/integration/application/healthcheck/index_test.js index b5bfda506dc..02e4d160083 100644 --- a/api/tests/integration/application/healthcheck/index_test.js +++ b/api/tests/integration/application/healthcheck/index_test.js @@ -57,4 +57,27 @@ describe('Integration | Application | Route | healthcheckRouter', function () { expect(healthCheckController.checkRedisStatus).to.have.been.calledOnce; }); }); + + describe('GET /api/healthcheck/forwarded-origin', function () { + context('when forwarded origin is not obtained', function () { + it('returns an HTTP status code 500', async function () { + // given + const options = { + method: 'GET', + url: '/api/healthcheck/forwarded-origin', + headers: { + 'x-forwarded-proto': 'https', + 'x-forwarded-host-is-missing': 'there is a problem with the nginx configuration', + }, + }; + + // when + const response = await httpTestServer.requestObject(options); + + // then + expect(response.statusCode).to.equal(500); + expect(response.result).to.equal('Obtaining Forwarded Origin failed'); + }); + }); + }); }); diff --git a/api/tests/shared/acceptance/application/healthcheck.route.test.js b/api/tests/shared/acceptance/application/healthcheck.route.test.js new file mode 100644 index 00000000000..1ebf5cc2ead --- /dev/null +++ b/api/tests/shared/acceptance/application/healthcheck.route.test.js @@ -0,0 +1,27 @@ +import { createServer, expect } from '../../../test-helper.js'; + +describe('Acceptance | Shared | Application | Route | healthcheck', function () { + let server; + + beforeEach(async function () { + server = await createServer(); + }); + + describe('GET /api/healthcheck/forwarded-origin', function () { + it('returns an HTTP status code 200 with the forwarded origin', async function () { + // given + const options = { + method: 'GET', + url: '/api/healthcheck/forwarded-origin', + headers: { 'x-forwarded-proto': 'https', 'x-forwarded-host': 'app.pix.org' }, + }; + + // when + const response = await server.inject(options); + + // then + expect(response.statusCode).to.equal(200); + expect(response.result).to.equal('https://app.pix.org'); + }); + }); +}); From 1ad2cf0c39a9504232d66bbf468ed035e5359a6a Mon Sep 17 00:00:00 2001 From: LEGO Technix <109212476+lego-technix@users.noreply.github.com> Date: Tue, 4 Feb 2025 14:56:06 +0100 Subject: [PATCH 2/2] feat(api): remove temporary test route for forwarded origin --- .../feature-toggle-controller.js | 10 ++-------- .../application/feature-toggles/index.js | 15 -------------- .../feature-toggle-controller_test.js | 20 ------------------- 3 files changed, 2 insertions(+), 43 deletions(-) diff --git a/api/src/shared/application/feature-toggles/feature-toggle-controller.js b/api/src/shared/application/feature-toggles/feature-toggle-controller.js index e1a65b82804..2385dcaf458 100644 --- a/api/src/shared/application/feature-toggles/feature-toggle-controller.js +++ b/api/src/shared/application/feature-toggles/feature-toggle-controller.js @@ -1,5 +1,4 @@ import { config } from '../../../../src/shared/config.js'; -import * as network from '../../../identity-access-management/infrastructure/utils/network.js'; import { featureToggles } from '../../infrastructure/feature-toggles/index.js'; import * as serializer from '../../infrastructure/serializers/jsonapi/feature-toggle-serializer.js'; @@ -11,11 +10,6 @@ const getActiveFeatures = async function () { return serializer.serialize({ ...newFeatureToggles, ...legacyFeatureToggles }); }; -// TODO: Test route to be removed soon -const getForwardedOrigin = function (request, h) { - return h.response(network.getForwardedOrigin(request.headers)).code(200); -}; - -const featureToggleController = { getActiveFeatures, getForwardedOrigin }; +const featureToggleController = { getActiveFeatures }; -export { featureToggleController, getForwardedOrigin }; +export { featureToggleController }; diff --git a/api/src/shared/application/feature-toggles/index.js b/api/src/shared/application/feature-toggles/index.js index 4e1afaa94bd..444e2cc3861 100644 --- a/api/src/shared/application/feature-toggles/index.js +++ b/api/src/shared/application/feature-toggles/index.js @@ -12,21 +12,6 @@ const register = async function (server) { cache: false, }, }, - // TODO: Test route to be removed soon - { - method: 'GET', - path: '/api/test-origin-soon-to-be-remove', - config: { - auth: false, - handler: featureToggleController.getForwardedOrigin, - notes: [ - '- **Route ponctuelle à des fins de test**\n' + - '- **Cette route est publique**\n' + - '- Récupération de l’origin HTTP de l’application appelante\n', - ], - tags: ['identity-access-management', 'api', 'user'], - }, - }, ]); }; diff --git a/api/tests/shared/acceptance/application/feature-toggles/feature-toggle-controller_test.js b/api/tests/shared/acceptance/application/feature-toggles/feature-toggle-controller_test.js index 6bcb10acd4c..78284350b22 100644 --- a/api/tests/shared/acceptance/application/feature-toggles/feature-toggle-controller_test.js +++ b/api/tests/shared/acceptance/application/feature-toggles/feature-toggle-controller_test.js @@ -51,24 +51,4 @@ describe('Acceptance | Shared | Application | Controller | feature-toggle', func expect(response.result).to.deep.equal(expectedData); }); }); - - describe('GET /api/test-origin-soon-to-be-remove. Test route soon to be removed.', function () { - const options = { - method: 'GET', - url: '/api/test-origin-soon-to-be-remove', - headers: { 'x-forwarded-proto': 'http', 'x-forwarded-host': 'test.pix.org' }, - }; - - it('returns an empty string because the calling application HTTP Origin', async function () { - // given - const expectedData = 'http://test.pix.org'; - - // when - const response = await server.inject(options); - - // then - expect(response.statusCode).to.equal(200); - expect(response.result).to.deep.equal(expectedData); - }); - }); });