VIA-537 SB Use lazy config in middleware.

VIA-537 SB Add lazy config builder for tests.

VIA-537 SB Extend use of lazy config to everything called by middleware.

VIA-537 SB Extend use of lazy config to EliD & content services.

Author: acerathereinspirative-nhs-nvir

auth.ts

@@ -5,7 +5,7 @@ import { getToken } from "@src/utils/auth/callbacks/get-token";
 import { getUpdatedSession } from "@src/utils/auth/callbacks/get-updated-session";
 import { isValidSignIn } from "@src/utils/auth/callbacks/is-valid-signin";
 import { MaxAgeInSeconds } from "@src/utils/auth/types";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { profilePerformanceEnd, profilePerformanceStart } from "@src/utils/performance";
 import { RequestContext, asyncLocalStorage } from "@src/utils/requestContext";
@@ -21,16 +21,15 @@ const AuthJWTPerformanceMarker = "auth-jwt-callback";
 const AuthSessionPerformanceMarker = "auth-session-callback";
 
 export const { handlers, signIn, signOut, auth } = NextAuth(async () => {
-  const config: AppConfig = await configProvider();
-  const MAX_SESSION_AGE_SECONDS: number = config.MAX_SESSION_AGE_MINUTES * 60;
+  const MAX_SESSION_AGE_SECONDS: number = ((await lazyConfig.MAX_SESSION_AGE_MINUTES) as number) * 60;
   const headerValues = await headers();
 
   const requestContext: RequestContext = extractRequestContextFromHeaders(headerValues);
 
   return await asyncLocalStorage.run(requestContext, async () => {
     return {
       providers: [await NHSLoginAuthProvider()],
-      secret: config.AUTH_SECRET,
+      secret: (await lazyConfig.AUTH_SECRET) as string,
       pages: {
         signIn: SSO_FAILURE_ROUTE,
         signOut: SESSION_LOGOUT_ROUTE,
@@ -49,7 +48,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth(async () => {
           let response: boolean;
           try {
             profilePerformanceStart(AuthSignInPerformanceMarker);
-            response = isValidSignIn(account, config);
+            response = await isValidSignIn(account);
             profilePerformanceEnd(AuthSignInPerformanceMarker);
           } catch (error) {
             log.error({ error: error }, "signIn() callback error");
@@ -64,7 +63,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth(async () => {
           let response;
           try {
             profilePerformanceStart(AuthJWTPerformanceMarker);
-            response = getToken(token, account, profile, config, MAX_SESSION_AGE_SECONDS as MaxAgeInSeconds);
+            response = getToken(token, account, profile, MAX_SESSION_AGE_SECONDS as MaxAgeInSeconds);
             profilePerformanceEnd(AuthJWTPerformanceMarker);
           } catch (error) {
             log.error({ error: error }, "jwt() callback error");

contract/fetch-eligibility-content.contract.ts

@@ -1,22 +1,13 @@
 import { NhsNumber } from "@src/models/vaccine";
 import { EligibilityApiResponse } from "@src/services/eligibility-api/api-types";
 import { fetchEligibilityContent } from "@src/services/eligibility-api/gateway/fetch-eligibility-content";
-import { AppConfig } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { asyncLocalStorage } from "@src/utils/requestContext";
-import { appConfigBuilder } from "@test-data/config/builders";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import { readFileSync } from "fs";
 import { pactWith } from "jest-pact";
 
-jest.mock("@src/utils/config", () => ({
-  configProvider: jest.fn((): Promise<AppConfig> => {
-    const value: AppConfig = appConfigBuilder()
-      .withELIGIBILITY_API_ENDPOINT(new URL("http://localhost:1234/"))
-      .andELIGIBILITY_API_KEY("test-api-key")
-      .andIS_APIM_AUTH_ENABLED(false)
-      .build();
-    return Promise.resolve(value);
-  }),
-}));
+jest.mock("@src/utils/lazy-config");
 jest.mock("next-auth/jwt", () => ({
   getToken: jest.fn(),
 }));
@@ -49,6 +40,17 @@ const successfulResponse: EligibilityApiResponse = {
 };
 
 pactWith({ consumer: "VitA", provider: "EliD", port: 1234, logLevel: "warn" }, (provider) => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
+  beforeEach(() => {
+    const defaultConfig = lazyConfigBuilder()
+      .withEligibilityApiEndpoint(new URL("http://localhost:1234/"))
+      .andEligibilityApiKey("test-api-key")
+      .andIsApimAuthEnabled(false)
+      .build();
+    Object.assign(mockedConfig, defaultConfig);
+  });
+
   describe("EliD returns expected fields", () => {
     const mockNhsNumber = "9450114080" as NhsNumber;
     const vitaTraceId = "mock-trace-id";

src/middleware.test.ts

@@ -4,16 +4,16 @@
 import { auth } from "@project/auth";
 import { unprotectedUrlPaths } from "@src/app/_components/inactivity/constants";
 import { config, middleware } from "@src/middleware";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import { NextRequest } from "next/server";
 
 jest.mock("@project/auth", () => ({
   auth: jest.fn(),
   signIn: jest.fn(),
 }));
 jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
-
-jest.mock("@src/utils/config");
+jest.mock("@src/utils/lazy-config");
 
 const middlewareRegex = new RegExp(config.matcher[0]);
 const otherExcludedPaths = ["/favicon.ico", "/assets", "/js", "/css", "/_next"];
@@ -34,12 +34,14 @@ function getMockRequest(testUrl: string) {
 }
 
 describe("middleware", () => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
   beforeEach(() => {
-    (configProvider as jest.Mock).mockImplementation(
-      (): Partial<AppConfig> => ({
-        NHS_APP_REDIRECT_LOGIN_URL: "https://nhs-app-redirect-login-url",
-      }),
-    );
+    const defaultConfig = lazyConfigBuilder()
+      .withNhsAppRedirectLoginUrl(new URL("https://nhs-app-redirect-login-url"))
+      .build();
+    Object.assign(mockedConfig, defaultConfig);
+
     jest.clearAllMocks();
   });
 

src/middleware.ts

@@ -1,5 +1,5 @@
 import { auth } from "@project/auth";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { profilePerformanceEnd, profilePerformanceStart } from "@src/utils/performance";
 import { RequestContext, asyncLocalStorage } from "@src/utils/requestContext";
@@ -25,13 +25,11 @@ const middlewareWrapper = async (request: NextRequest) => {
   const headers = new Headers(request.headers);
   headers.set("nextUrl", request.nextUrl.href);
 
-  const config: AppConfig = await configProvider();
-
   let response: NextResponse;
   const session: Session | null = await auth();
   if (!session?.user) {
     log.info({ context: { nextUrl: request.nextUrl.href } }, "Missing user session, redirecting to login");
-    response = NextResponse.redirect(new URL(config.NHS_APP_REDIRECT_LOGIN_URL));
+    response = NextResponse.redirect((await lazyConfig.NHS_APP_REDIRECT_LOGIN_URL) as URL);
     response.headers.set("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
   } else {
     response = NextResponse.next({

src/services/content-api/content-api.integration.test.tsx

@@ -6,7 +6,8 @@ import mockRsvVaccineJson from "@project/wiremock/__files/rsv-vaccine.json";
 import { VaccineType } from "@src/models/vaccine";
 import { getContentForVaccine } from "@src/services/content-api/content-service";
 import { GetContentForVaccineResponse } from "@src/services/content-api/types";
-import { configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import { Readable } from "stream";
 
 jest.mock("@src/utils/config");
@@ -23,6 +24,8 @@ const mockRsvResponse = {
 };
 
 describe("Content API Read Integration Test ", () => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
   afterEach(async () => {
     const { styledVaccineContent, contentError }: GetContentForVaccineResponse = await getContentForVaccine(
       VaccineType.RSV,
@@ -38,15 +41,14 @@ describe("Content API Read Integration Test ", () => {
   });
 
   it("should return processed data from local cache", async () => {
-    (configProvider as jest.Mock).mockImplementation(() => ({
-      CONTENT_CACHE_PATH: "wiremock/__files/",
-    }));
+    const defaultConfig = lazyConfigBuilder().withContentCachePath("wiremock/__files/").build();
+    Object.assign(mockedConfig, defaultConfig);
   });
 
   it("should return processed data from external cache", async () => {
-    (configProvider as jest.Mock).mockImplementation(() => ({
-      CONTENT_CACHE_PATH: "s3://test-bucket",
-    }));
+    const defaultConfig = lazyConfigBuilder().withContentCachePath("s3://test-bucket").build();
+    Object.assign(mockedConfig, defaultConfig);
+
     (S3Client as jest.Mock).mockImplementation(() => ({
       send: () => mockRsvResponse,
     }));

src/services/content-api/content-service.test.ts

@@ -4,18 +4,20 @@ import { getContentForVaccine } from "@src/services/content-api/content-service"
 import { readContentFromCache } from "@src/services/content-api/gateway/content-reader-service";
 import { InvalidatedCacheError, S3NoSuchKeyError } from "@src/services/content-api/gateway/exceptions";
 import { ContentErrorTypes, GetContentForVaccineResponse } from "@src/services/content-api/types";
-import { configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 
 jest.mock("@src/services/content-api/gateway/content-reader-service");
-jest.mock("@src/utils/config");
+jest.mock("@src/utils/lazy-config");
 jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
 
 describe("getContentForVaccine()", () => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
   describe("when readContent succeeds", () => {
     beforeEach(() => {
-      (configProvider as jest.Mock).mockImplementation(() => ({
-        CONTENT_CACHE_PATH: "wiremock/__files/",
-      }));
+      const defaultConfig = lazyConfigBuilder().withContentCachePath("wiremock/__files/").build();
+      Object.assign(mockedConfig, defaultConfig);
     });
 
     it("should return response for rsv vaccine from content cache", async () => {

src/services/content-api/content-service.ts

@@ -9,7 +9,7 @@ import {
   StyledVaccineContent,
   VaccinePageContent,
 } from "@src/services/content-api/types";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { profilePerformanceEnd, profilePerformanceStart } from "@src/utils/performance";
 import { Logger } from "pino";
@@ -22,11 +22,11 @@ const getContentForVaccine = async (vaccineType: VaccineType): Promise<GetConten
   try {
     profilePerformanceStart(GetVaccineContentPerformanceMarker);
 
-    const config: AppConfig = await configProvider();
+    const cachePath = (await lazyConfig.CONTENT_CACHE_PATH) as string;
     const vaccineCacheFilename = VaccineInfo[vaccineType].cacheFilename;
 
     // fetch content from api
-    const vaccineContent = await readContentFromCache(config.CONTENT_CACHE_PATH, vaccineCacheFilename, vaccineType);
+    const vaccineContent = await readContentFromCache(cachePath, vaccineCacheFilename, vaccineType);
 
     // filter and style content
     const filteredContent: VaccinePageContent = getFilteredContentForVaccine(vaccineType, vaccineContent);

src/services/eligibility-api/gateway/fetch-eligibility-content.ts

@@ -10,7 +10,7 @@ import {
 } from "@src/services/eligibility-api/gateway/exceptions";
 import { Cohort, Heading } from "@src/services/eligibility-api/types";
 import { getApimAccessToken } from "@src/utils/auth/apim/get-apim-access-token";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { asyncLocalStorage } from "@src/utils/requestContext";
 import axios, { AxiosError, AxiosResponse, HttpStatusCode } from "axios";
@@ -27,10 +27,8 @@ const log = logger.child({ module: "fetch-eligibility-content" });
 const ELIGIBILITY_API_PATH_SUFFIX = "eligibility-signposting-api/patient-check/";
 
 export const fetchEligibilityContent = async (nhsNumber: NhsNumber): Promise<EligibilityApiResponse> => {
-  const config: AppConfig = await configProvider();
-
-  const apiEndpoint: URL = config.ELIGIBILITY_API_ENDPOINT;
-  const apiKey: string = config.ELIGIBILITY_API_KEY;
+  const apiEndpoint: URL = (await lazyConfig.ELIGIBILITY_API_ENDPOINT) as URL;
+  const apiKey: string = (await lazyConfig.ELIGIBILITY_API_KEY) as string;
   const vitaTraceId: string | undefined = asyncLocalStorage?.getStore()?.traceId;
 
   const elidUri: string = `${apiEndpoint}${ELIGIBILITY_API_PATH_SUFFIX}${nhsNumber}`;
@@ -40,8 +38,8 @@ export const fetchEligibilityContent = async (nhsNumber: NhsNumber): Promise<Eli
     "X-Correlation-ID": vitaTraceId,
   };
 
-  if (config.IS_APIM_AUTH_ENABLED) {
-    const apimAccessToken = await getApimAccessToken(config);
+  if (await lazyConfig.IS_APIM_AUTH_ENABLED) {
+    const apimAccessToken = await getApimAccessToken();
     headers = { ...headers, Authorization: `Bearer ${apimAccessToken}` };
   }
 

src/utils/auth/apim/get-apim-access-token.test.ts

@@ -3,8 +3,6 @@ import { getApimAccessToken, retrieveApimCredentials } from "@src/utils/auth/api
 import { getOrRefreshApimCredentials } from "@src/utils/auth/apim/get-or-refresh-apim-credentials";
 import { getJwtToken } from "@src/utils/auth/get-jwt-token";
 import { AccessToken, IdToken } from "@src/utils/auth/types";
-import { AppConfig } from "@src/utils/config";
-import { appConfigBuilder } from "@test-data/config/builders";
 
 jest.mock("@src/utils/auth/get-jwt-token", () => ({
   getJwtToken: jest.fn(),
@@ -19,7 +17,6 @@ jest.mock("@src/utils/auth/apim/get-or-refresh-apim-credentials", () => ({
   getOrRefreshApimCredentials: jest.fn(),
 }));
 
-const mockConfig: AppConfig = appConfigBuilder().build();
 const nowInSeconds = 1000;
 
 const apimAccessTokenFromJwt = "test-access-token" as AccessToken;
@@ -50,24 +47,24 @@ describe("getApimAccessToken", () => {
 
     (getJwtToken as jest.Mock).mockResolvedValue(mockJwtToken);
 
-    const apimAccessToken = await getApimAccessToken(mockConfig);
+    const apimAccessToken = await getApimAccessToken();
 
-    expect(getOrRefreshApimCredentials).toHaveBeenCalledWith(mockConfig, mockJwtToken, nowInSeconds);
+    expect(getOrRefreshApimCredentials).toHaveBeenCalledWith(mockJwtToken, nowInSeconds);
     expect(apimAccessToken).toEqual(getOrRefreshedApimAccessToken as AccessToken);
   });
 
   it("should throw error if APIM access token not available in JWT token", async () => {
     (getJwtToken as jest.Mock).mockResolvedValue({ apim: {} });
 
-    await expect(getApimAccessToken(mockConfig)).rejects.toThrow("APIM access token is not present on JWT token");
+    await expect(getApimAccessToken()).rejects.toThrow("APIM access token is not present on JWT token");
   });
 
   it("should throw error if _getOrRefresh APIM access token returns undefined", async () => {
     (getOrRefreshApimCredentials as jest.Mock).mockResolvedValue(undefined);
 
     (getJwtToken as jest.Mock).mockResolvedValue(mockJwtToken);
 
-    await expect(getApimAccessToken(mockConfig)).rejects.toThrow("getOrRefreshApimCredentials returned undefined");
+    await expect(getApimAccessToken()).rejects.toThrow("getOrRefreshApimCredentials returned undefined");
   });
 });
 

src/utils/auth/apim/get-apim-access-token.ts

@@ -4,12 +4,11 @@ import { getOrRefreshApimCredentials } from "@src/utils/auth/apim/get-or-refresh
 import { ApimAccessCredentials, ApimTokenResponse } from "@src/utils/auth/apim/types";
 import { getJwtToken } from "@src/utils/auth/get-jwt-token";
 import { AccessToken, ExpiresAt, IdToken } from "@src/utils/auth/types";
-import { AppConfig } from "@src/utils/config";
 import { logger } from "@src/utils/logger";
 
 const log = logger.child({ module: "utils-auth-apim-get-apim-access-token" });
 
-const getApimAccessToken = async (config: AppConfig): Promise<AccessToken> => {
+const getApimAccessToken = async (): Promise<AccessToken> => {
   /**
    * Gets the APIM access token from the JWT session cookie.
    *
@@ -26,7 +25,7 @@ const getApimAccessToken = async (config: AppConfig): Promise<AccessToken> => {
   }
 
   const nowInSeconds = Math.floor(Date.now() / 1000);
-  const apimAccessCredentials = await getOrRefreshApimCredentials(config, token, nowInSeconds);
+  const apimAccessCredentials = await getOrRefreshApimCredentials(token, nowInSeconds);
 
   if (!apimAccessCredentials) {
     log.error("Error: getOrRefreshApimCredentials returned undefined");