VIA-537 SB Continue replacing usage of eager config object.

Author: acerathereinspirative-nhs-nvir

src/app/api/auth/[...nextauth]/provider.test.ts

@@ -1,17 +1,18 @@
 import NHSLoginAuthProvider from "@src/app/api/auth/[...nextauth]/provider";
-import { configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 
 jest.mock("@src/utils/config");
 jest.mock("@src/utils/auth/pem-to-crypto-key");
 jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
 
 describe("provider", () => {
-  (configProvider as jest.Mock).mockImplementation(() => ({
-    NHS_LOGIN_URL: "",
-    NHS_LOGIN_CLIENT_ID: "",
-    NHS_LOGIN_SCOPE: "",
-    NHS_LOGIN_PRIVATE_KEY: "",
-  }));
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
+  beforeEach(() => {
+    const defaultConfig = lazyConfigBuilder().build();
+    Object.assign(mockedConfig, defaultConfig);
+  });
 
   it("should be configured correctly", async () => {
     const provider = await NHSLoginAuthProvider();

src/app/api/auth/[...nextauth]/provider.ts

@@ -1,28 +1,26 @@
 import { OIDCConfig } from "@auth/core/providers";
 import pemToCryptoKey from "@src/utils/auth/pem-to-crypto-key";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { Profile } from "next-auth";
 
 export const NHS_LOGIN_PROVIDER_ID = "nhs-login";
 
 const NHSLoginAuthProvider = async (): Promise<OIDCConfig<Profile>> => {
-  const config: AppConfig = await configProvider();
-
   return {
     id: NHS_LOGIN_PROVIDER_ID,
     name: "NHS Login Auth Provider",
     type: "oidc",
-    issuer: config.NHS_LOGIN_URL,
-    clientId: config.NHS_LOGIN_CLIENT_ID,
-    wellKnown: `${config.NHS_LOGIN_URL}/.well-known/openid-configuration`,
+    issuer: (await lazyConfig.NHS_LOGIN_URL) as string,
+    clientId: (await lazyConfig.NHS_LOGIN_CLIENT_ID) as string,
+    wellKnown: `${await lazyConfig.NHS_LOGIN_URL}/.well-known/openid-configuration`,
     authorization: {
       params: {
-        scope: `${config.NHS_LOGIN_SCOPE}`,
+        scope: `${await lazyConfig.NHS_LOGIN_SCOPE}`,
         prompt: "none",
       },
     },
     token: {
-      clientPrivateKey: await pemToCryptoKey(config.NHS_LOGIN_PRIVATE_KEY),
+      clientPrivateKey: await pemToCryptoKey((await lazyConfig.NHS_LOGIN_PRIVATE_KEY) as string),
     },
     client: {
       token_endpoint_auth_method: "private_key_jwt",

src/services/nbs/nbs-service.test.ts

@@ -1,65 +1,66 @@
 import { VaccineType } from "@src/models/vaccine";
 import { getSSOUrlToNBSForVaccine } from "@src/services/nbs/nbs-service";
 import { generateAssertedLoginIdentityJwt } from "@src/utils/auth/generate-auth-payload";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 
-jest.mock("@src/utils/config");
 jest.mock("@src/utils/auth/generate-auth-payload", () => ({
   generateAssertedLoginIdentityJwt: jest.fn(),
 }));
 jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
 
-const nbsUrlFromConfig = "https://test-nbs-url";
+const nbsUrlFromConfig = new URL("https://test-nbs-url");
 const nbsBookingPathFromConfig = "/test/path/book";
 
 const mockAssertedLoginIdentityJWT = "mock-jwt";
 
 describe("getSSOUrlToNBSForVaccine", () => {
-  beforeEach(() => {
-    (configProvider as jest.Mock).mockImplementation(
-      (): Partial<AppConfig> => ({
-        NBS_URL: nbsUrlFromConfig,
-        NBS_BOOKING_PATH: nbsBookingPathFromConfig,
-      }),
-    );
+  const mockedConfig = lazyConfig as AsyncConfigMock;
 
-    (generateAssertedLoginIdentityJwt as jest.Mock).mockReturnValue(mockAssertedLoginIdentityJWT);
-  });
+  describe("when NBS config is valid", () => {
+    beforeEach(() => {
+      const defaultConfig = lazyConfigBuilder()
+        .withNbsUrl(nbsUrlFromConfig)
+        .andNbsBookingPath(nbsBookingPathFromConfig)
+        .build();
+      Object.assign(mockedConfig, defaultConfig);
 
-  it("returns sso url of NBS configured in config for RSV vaccine", async () => {
-    const nbsRedirectUrl = new URL(await getSSOUrlToNBSForVaccine(VaccineType.RSV));
-    expect(nbsRedirectUrl.origin).toEqual(nbsUrlFromConfig);
-    expect(nbsRedirectUrl.pathname).toEqual(`${nbsBookingPathFromConfig}/rsv`);
-  });
+      (generateAssertedLoginIdentityJwt as jest.Mock).mockReturnValue(mockAssertedLoginIdentityJWT);
+    });
 
-  it("should include campaignID query param in NBS URL", async () => {
-    const nbsRedirectUrl = new URL(await getSSOUrlToNBSForVaccine(VaccineType.RSV));
-    expect(nbsRedirectUrl.searchParams.get("wt.mc_id")).toEqual(expect.any(String));
-  });
+    it("returns sso url of NBS configured in config for RSV vaccine", async () => {
+      const nbsRedirectUrl = new URL(await getSSOUrlToNBSForVaccine(VaccineType.RSV));
+      expect(nbsRedirectUrl.origin).toEqual(nbsUrlFromConfig.origin);
+      expect(nbsRedirectUrl.pathname).toEqual(`${nbsBookingPathFromConfig}/rsv`);
+    });
 
-  it("should include assertedLoginIdentity query param in NBS URL", async () => {
-    const nbsRedirectUrl = new URL(await getSSOUrlToNBSForVaccine(VaccineType.RSV));
-    expect(nbsRedirectUrl.searchParams.get("assertedLoginIdentity")).toEqual(mockAssertedLoginIdentityJWT);
-  });
+    it("should include campaignID query param in NBS URL", async () => {
+      const nbsRedirectUrl = new URL(await getSSOUrlToNBSForVaccine(VaccineType.RSV));
+      expect(nbsRedirectUrl.searchParams.get("wt.mc_id")).toEqual(expect.any(String));
+    });
+
+    it("should include assertedLoginIdentity query param in NBS URL", async () => {
+      const nbsRedirectUrl = new URL(await getSSOUrlToNBSForVaccine(VaccineType.RSV));
+      expect(nbsRedirectUrl.searchParams.get("assertedLoginIdentity")).toEqual(mockAssertedLoginIdentityJWT);
+    });
 
-  it("should redirect to SSO failure page if error occurs generating assertedLoginIdentity", async () => {
-    (generateAssertedLoginIdentityJwt as jest.Mock).mockRejectedValue(
-      new Error("Error creating SSO assertedLoginIdentity: id_token.jti attribute missing from session"),
-    );
+    it("should redirect to SSO failure page if error occurs generating assertedLoginIdentity", async () => {
+      (generateAssertedLoginIdentityJwt as jest.Mock).mockRejectedValue(
+        new Error("Error creating SSO assertedLoginIdentity: id_token.jti attribute missing from session"),
+      );
 
-    const nbsRedirectUrl = await getSSOUrlToNBSForVaccine(VaccineType.RSV);
-    expect(nbsRedirectUrl).toBe("/sso-failure");
+      const nbsRedirectUrl = await getSSOUrlToNBSForVaccine(VaccineType.RSV);
+      expect(nbsRedirectUrl).toBe("/sso-failure");
+    });
   });
 
-  it("should redirect to SSO failure page if NBS Url config invalid", async () => {
-    (configProvider as jest.Mock).mockImplementation(
-      (): Partial<AppConfig> => ({
-        NBS_URL: "not-a-valid-url",
-        NBS_BOOKING_PATH: nbsBookingPathFromConfig,
-      }),
-    );
+  describe("Without valid config", () => {
+    it("should redirect to SSO failure page if NBS Url config invalid", async () => {
+      const defaultConfig = {};
+      Object.assign(mockedConfig, defaultConfig);
 
-    const nbsRedirectUrl = await getSSOUrlToNBSForVaccine(VaccineType.RSV);
-    expect(nbsRedirectUrl).toBe("/sso-failure");
+      const nbsRedirectUrl = await getSSOUrlToNBSForVaccine(VaccineType.RSV);
+      expect(nbsRedirectUrl).toBe("/sso-failure");
+    });
   });
 });

src/services/nbs/nbs-service.ts

@@ -3,7 +3,7 @@
 import { SSO_FAILURE_ROUTE } from "@src/app/sso-failure/constants";
 import { VaccineType } from "@src/models/vaccine";
 import { generateAssertedLoginIdentityJwt } from "@src/utils/auth/generate-auth-payload";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { Logger } from "pino";
 
@@ -24,11 +24,12 @@ const nbsVaccinePath: Record<VaccinesWithNBSBookingAvailable, string> = {
 };
 
 const getSSOUrlToNBSForVaccine = async (vaccineType: VaccinesWithNBSBookingAvailable) => {
-  const config: AppConfig = await configProvider();
-
   let redirectUrl;
   try {
-    const nbsURl = new URL(`${config.NBS_URL}${config.NBS_BOOKING_PATH}${nbsVaccinePath[vaccineType]}`);
+    const nbsURl = new URL(
+      `${await lazyConfig.NBS_BOOKING_PATH}${nbsVaccinePath[vaccineType]}`,
+      (await lazyConfig.NBS_URL) as URL,
+    );
     const nbsQueryParams = await getNbsQueryParams();
     nbsQueryParams.forEach((param) => {
       nbsURl.searchParams.append(param.name, param.value);
@@ -43,8 +44,7 @@ const getSSOUrlToNBSForVaccine = async (vaccineType: VaccinesWithNBSBookingAvail
 };
 
 const getNbsQueryParams = async () => {
-  const config: AppConfig = await configProvider();
-  const assertedLoginIdentityJWT = await generateAssertedLoginIdentityJwt(config);
+  const assertedLoginIdentityJWT = await generateAssertedLoginIdentityJwt();
 
   return [
     { name: NBS_QUERY_PARAMS.CAMPAIGN_ID, value: PLACEHOLDER_CAMPAIGN_ID },

src/utils/auth/generate-auth-payload.test.ts

@@ -3,26 +3,21 @@
  */
 import { generateAssertedLoginIdentityJwt } from "@src/utils/auth/generate-auth-payload";
 import { getJwtToken } from "@src/utils/auth/get-jwt-token";
-import { AppConfig } from "@src/utils/config";
-import { appConfigBuilder } from "@test-data/config/builders";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import jwt from "jsonwebtoken";
 import { jwtDecode } from "jwt-decode";
 
 jest.mock("jsonwebtoken", () => ({
   sign: jest.fn(),
 }));
 jest.mock("jwt-decode");
+jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
 
 jest.mock("@src/utils/auth/get-jwt-token", () => ({
   getJwtToken: jest.fn(),
 }));
 
-const mockConfig: AppConfig = appConfigBuilder()
-  .withNHS_LOGIN_URL("https://mock.nhs.login")
-  .andNHS_LOGIN_CLIENT_ID("mock-client-id")
-  .andNHS_LOGIN_PRIVATE_KEY("private-key")
-  .build();
-
 const mockSignedJwt = "mock-signed-jwt";
 const mockRandomUUID = "mock-jti";
 const mockNowInSeconds = 1749052001;
@@ -35,6 +30,7 @@ const mockJwtToken = {
 
 describe("generate-auth-payload", () => {
   let randomUUIDSpy: jest.SpyInstance;
+  const mockedConfig = lazyConfig as AsyncConfigMock;
 
   beforeAll(() => {
     randomUUIDSpy = jest.spyOn(global.crypto, "randomUUID").mockReturnValue(mockRandomUUID);
@@ -47,6 +43,12 @@ describe("generate-auth-payload", () => {
     (jwtDecode as jest.Mock).mockReturnValue({
       jti: mockJtiFromSessionIdToken,
     });
+    const defaultConfig = lazyConfigBuilder()
+      .withNhsLoginUrl(new URL("https://mock.nhs.login"))
+      .andNhsLoginClientId("mock-client-id")
+      .andNhsLoginPrivateKey("private-key")
+      .build();
+    Object.assign(mockedConfig, defaultConfig);
   });
 
   afterAll(() => {
@@ -62,13 +64,13 @@ describe("generate-auth-payload", () => {
 
       const expectedAssertedLoginPayloadContent = {
         code: mockJtiFromSessionIdToken,
-        iss: mockConfig.NHS_LOGIN_CLIENT_ID,
+        iss: "mock-client-id",
         jti: mockRandomUUID,
         iat: mockNowInSeconds,
         exp: mockNowInSeconds + 60,
       };
 
-      const token = await generateAssertedLoginIdentityJwt(mockConfig);
+      const token = await generateAssertedLoginIdentityJwt();
 
       expect(jwt.sign).toHaveBeenCalledWith(expectedAssertedLoginPayloadContent, "private-key", { algorithm: "RS512" });
       expect(token).toEqual(mockSignedJwt);
@@ -83,7 +85,7 @@ describe("generate-auth-payload", () => {
 
       (getJwtToken as jest.Mock).mockResolvedValue(mockJwtTokenWithMissingJti);
 
-      await expect(generateAssertedLoginIdentityJwt(mockConfig)).rejects.toThrow(
+      await expect(generateAssertedLoginIdentityJwt()).rejects.toThrow(
         "Missing information. hasJwtToken=true, hasNHSLogin=true, hasIDToken=false",
       );
     });
@@ -93,7 +95,7 @@ describe("generate-auth-payload", () => {
 
       (jwt.sign as jest.Mock).mockRejectedValue(new Error("Invalid key"));
 
-      await expect(generateAssertedLoginIdentityJwt(mockConfig)).rejects.toThrow("Invalid key");
+      await expect(generateAssertedLoginIdentityJwt()).rejects.toThrow("Invalid key");
     });
   });
 });

src/utils/auth/generate-auth-payload.ts

@@ -1,12 +1,12 @@
 import { getJwtToken } from "@src/utils/auth/get-jwt-token";
 import { DecodedIdToken } from "@src/utils/auth/types";
-import { AppConfig } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import jwt from "jsonwebtoken";
 import { jwtDecode } from "jwt-decode";
 
 const ASSERTED_LOGIN_IDENTITY_EXPIRY_SECONDS = 60;
 
-const generateAssertedLoginIdentityJwt = async (config: AppConfig): Promise<string> => {
+const generateAssertedLoginIdentityJwt = async (): Promise<string> => {
   const token = await getJwtToken();
 
   if (!token?.nhs_login?.id_token) {
@@ -19,14 +19,14 @@ const generateAssertedLoginIdentityJwt = async (config: AppConfig): Promise<stri
 
   const nowInSeconds: number = Math.floor(Date.now() / 1000);
   const payload = {
-    iss: config.NHS_LOGIN_CLIENT_ID,
+    iss: await lazyConfig.NHS_LOGIN_CLIENT_ID,
     jti: crypto.randomUUID(),
     code: jtiFromIdToken,
     exp: nowInSeconds + ASSERTED_LOGIN_IDENTITY_EXPIRY_SECONDS,
     iat: nowInSeconds,
   };
 
-  return jwt.sign(payload, config.NHS_LOGIN_PRIVATE_KEY, { algorithm: "RS512" });
+  return jwt.sign(payload, (await lazyConfig.NHS_LOGIN_PRIVATE_KEY) as string, { algorithm: "RS512" });
 };
 
 export { generateAssertedLoginIdentityJwt };

src/utils/auth/get-jwt-token.test.ts

@@ -1,7 +1,7 @@
 import { getJwtToken } from "@src/utils/auth/get-jwt-token";
 import { AccessToken } from "@src/utils/auth/types";
-import { configProvider } from "@src/utils/config";
-import { appConfigBuilder } from "@test-data/config/builders";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import { getToken } from "next-auth/jwt";
 import { cookies, headers } from "next/headers";
 
@@ -13,15 +13,14 @@ jest.mock("next/headers", () => ({
   headers: jest.fn(),
   cookies: jest.fn(),
 }));
-
-jest.mock("@src/utils/config", () => ({
-  configProvider: jest.fn(),
-}));
+jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
 
 describe("getJwtToken", () => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
   beforeEach(() => {
-    const mockConfig = appConfigBuilder().withAUTH_SECRET("test-auth-secret");
-    (configProvider as jest.Mock).mockResolvedValue(mockConfig);
+    const defaultConfig = lazyConfigBuilder().withAuthSecret("test-auth-secret").build();
+    Object.assign(mockedConfig, defaultConfig);
   });
 
   const mockGetTokenResult = {

src/utils/auth/get-jwt-token.ts

@@ -1,16 +1,15 @@
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { JWT, getToken } from "next-auth/jwt";
 import { cookies, headers } from "next/headers";
 
 const getJwtToken = async (): Promise<JWT | null> => {
-  const config: AppConfig = await configProvider();
   const headerEntries = await headers();
   const cookieEntries = await cookies();
   const req = {
     headers: Object.fromEntries(headerEntries),
     cookies: Object.fromEntries(cookieEntries.getAll().map((c) => [c.name, c.value])),
   };
 
-  return await getToken({ req, secret: config.AUTH_SECRET, secureCookie: true });
+  return await getToken({ req, secret: (await lazyConfig.AUTH_SECRET) as string, secureCookie: true });
 };
 export { getJwtToken };