VIA-630 MD: bring the birthdate back in and update session with calculated age

marie-dedikova-nhs · marie-dedikova-nhs · commit a32afa201218 · 2025-12-11T17:51:50.000Z
diff --git a/src/app/_components/inactivity/InactivityDialog.test.tsx b/src/app/_components/inactivity/InactivityDialog.test.tsx
@@ -5,11 +5,13 @@ import useInactivityTimer from "@src/utils/auth/inactivity-timer";
 import { userLogout } from "@src/utils/auth/user-logout";
 import { render, screen } from "@testing-library/react";
 import { Session } from "next-auth";
+import { Age } from "@src/utils/auth/types";
 
 const mockSessionValue: Partial<Session> = {
   expires: new Date(Date.now() + 60000).toISOString(),
   user: {
     nhs_number: "" as NhsNumber,
+    age: 20 as Age,
   },
 };
 let mockSession = { data: mockSessionValue, status: "authenticated" };
diff --git a/src/utils/auth/callbacks/get-token.test.ts b/src/utils/auth/callbacks/get-token.test.ts
@@ -48,7 +48,7 @@ describe("getToken", () => {
 
   const nowInSeconds = 1749052001;
 
-  const profile = {
+  const profile: Profile = {
     nhs_number: "test_nhs_number",
   };
 
@@ -101,6 +101,7 @@ describe("getToken", () => {
       expectResultToMatchTokenWith(
         result,
         profile.nhs_number,
+        "",
         "newIdToken",
         "new-apim-access-token",
         nowInSeconds + 1111,
@@ -118,7 +119,7 @@ describe("getToken", () => {
 
       const result = await getToken(undefinedToken, undefinedAccount, undefinedProfile, maxAgeInSeconds);
 
-      expectResultToMatchTokenWith(result, "", "", "", 0, maxAgeInSeconds);
+      expectResultToMatchTokenWith(result, "", "", "", "", 0, maxAgeInSeconds);
     });
 
     it("should fill in missing values in token with default empty string", async () => {
@@ -166,7 +167,7 @@ describe("getToken", () => {
 
       const result = await getToken(token, account, profile, maxAgeInSeconds);
 
-      expectResultToMatchTokenWith(result, profile.nhs_number, "newIdToken", "", 0, maxAgeInSeconds);
+      expectResultToMatchTokenWith(result, profile.nhs_number, "","newIdToken", "", 0, maxAgeInSeconds);
     });
   });
 
@@ -182,13 +183,14 @@ describe("getToken", () => {
 
       const result = await getToken(token, account, profile, maxAgeInSeconds);
 
-      expectResultToMatchTokenWith(result, profile.nhs_number, "newIdToken", "", 0, maxAgeInSeconds);
+      expectResultToMatchTokenWith(result, profile.nhs_number, "", "newIdToken", "", 0, maxAgeInSeconds);
     });
   });
 
   const expectResultToMatchTokenWith = (
     result: JWT | null,
     nhsNumber: string,
+    birthdate: string,
     idToken: string,
     apimToken: string,
     apimExpiresAt: number,
@@ -198,6 +200,7 @@ describe("getToken", () => {
     expect(result).toMatchObject({
       user: {
         nhs_number: nhsNumber,
+        birthdate: birthdate,
       },
       nhs_login: {
         id_token: idToken,
diff --git a/src/utils/auth/callbacks/get-token.ts b/src/utils/auth/callbacks/get-token.ts
@@ -1,7 +1,7 @@
 import { NhsNumber } from "@src/models/vaccine";
 import { getOrRefreshApimCredentials } from "@src/utils/auth/apim/get-or-refresh-apim-credentials";
 import { ApimAccessCredentials } from "@src/utils/auth/apim/types";
-import { IdToken, MaxAgeInSeconds, NowInSeconds } from "@src/utils/auth/types";
+import { BirthDate, IdToken, MaxAgeInSeconds, NowInSeconds } from "@src/utils/auth/types";
 import { logger } from "@src/utils/logger";
 import { RequestContext, asyncLocalStorage } from "@src/utils/requestContext";
 import { extractRequestContextFromHeaders } from "@src/utils/requestScopedStorageWrapper";
@@ -10,6 +10,22 @@ import { JWT } from "next-auth/jwt";
 import { headers } from "next/headers";
 import { Logger } from "pino";
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 const log: Logger = logger.child({ module: "utils-auth-callbacks-get-token" });
 
 /* from Next Auth documentation:
@@ -86,10 +102,11 @@ const fillMissingFieldsInTokenWithDefaultValues = (token: JWT, apimAccessCredent
   return {
     ...token,
     user: {
-      nhs_number: token.user?.nhs_number ?? "",
+      nhs_number: token.user?.nhs_number ?? "" as NhsNumber,
+      birthdate: token.user?.birthdate ?? "" as BirthDate,
     },
     nhs_login: {
-      id_token: token.nhs_login?.id_token ?? "",
+      id_token: token.nhs_login?.id_token ?? "" as IdToken,
     },
     apim: {
       access_token: (apimAccessCredentials ? apimAccessCredentials.accessToken : token.apim?.access_token) ?? "",
@@ -108,11 +125,12 @@ const updateTokenWithValuesFromAccountAndProfile = (
   profile: Profile,
   nowInSeconds: NowInSeconds,
   maxAgeInSeconds: MaxAgeInSeconds,
-) => {
+): JWT => {
   const updatedToken: JWT = {
     ...token,
     user: {
       nhs_number: (profile.nhs_number ?? "") as NhsNumber,
+      birthdate: token.user?.birthdate ?? "" as BirthDate,
     },
     nhs_login: {
       id_token: (account.id_token ?? "") as IdToken,
diff --git a/src/utils/auth/callbacks/get-updated-session.test.ts b/src/utils/auth/callbacks/get-updated-session.test.ts
@@ -1,6 +1,6 @@
 import { NhsNumber } from "@src/models/vaccine";
 import { getUpdatedSession } from "@src/utils/auth/callbacks/get-updated-session";
-import { AccessToken, ExpiresAt, IdToken } from "@src/utils/auth/types";
+import { AccessToken, Age, BirthDate, ExpiresAt, IdToken } from "@src/utils/auth/types";
 import { Session } from "next-auth";
 import { JWT } from "next-auth/jwt";
 
@@ -11,13 +11,15 @@ describe("getSession", () => {
     const session: Session = {
       user: {
         nhs_number: "" as NhsNumber,
+        age: 0 as Age,
       },
       expires: "some-date",
     };
 
     const token = {
       user: {
         nhs_number: "test-nhs-number" as NhsNumber,
+        birthdate: "1995-01-01"
       },
       nhs_login: {
         id_token: "test-id-token" as IdToken,
@@ -31,12 +33,14 @@ describe("getSession", () => {
     const result: Session = getUpdatedSession(session, token);
 
     expect(result.user.nhs_number).toBe("test-nhs-number");
+    expect(result.user.age).toBe(30);
   });
 
   it("does not update session if token.user is missing", () => {
     const session: Session = {
       user: {
         nhs_number: "old-nhs-number" as NhsNumber,
+        age: 36 as Age,
       },
       expires: "some-date",
     };
@@ -46,6 +50,7 @@ describe("getSession", () => {
     const result: Session = getUpdatedSession(session, token);
 
     expect(result.user.nhs_number).toBe("old-nhs-number");
+    expect(result.user.age).toBe(36);
   });
 
   it("does not update session if session.user is missing", () => {
diff --git a/src/utils/auth/callbacks/get-updated-session.ts b/src/utils/auth/callbacks/get-updated-session.ts
@@ -2,14 +2,16 @@ import { logger } from "@src/utils/logger";
 import { Session } from "next-auth";
 import { JWT } from "next-auth/jwt";
 import { Logger } from "pino";
+import { calculateAge } from "@src/utils/date";
 
 const log: Logger = logger.child({
   module: "utils-auth-callbacks-get-session",
 });
 
-const getUpdatedSession = (session: Session, token: JWT) => {
+const getUpdatedSession = (session: Session, token: JWT): Session => {
   if (token?.user && session.user) {
     session.user.nhs_number = token.user.nhs_number;
+    session.user.age = calculateAge(token.user.birthdate);
   } else {
     log.info(
       {
diff --git a/src/utils/auth/types.d.ts b/src/utils/auth/types.d.ts
@@ -6,6 +6,8 @@ export type AccessToken = Brand<string, "AccessToken">;
 export type ExpiresIn = Brand<string, "ExpiresIn">;
 export type ExpiresAt = Brand<number, "ExpiresAt">;
 export type IdToken = Brand<string, "IdToken">;
+export type BirthDate = Brand<string, "BirthDate">;
+export type Age = Brand<number, "Age">;
 export type NowInSeconds = Brand<number, "NowInSeconds">;
 export type MaxAgeInSeconds = Brand<number, "MaxAgeInSeconds">;
 export type ExpiresSoonAt = Brand<number, "ExpiresSoonAt">;
@@ -43,6 +45,7 @@ declare module "next-auth" {
   interface Session {
     user: {
       nhs_number: NhsNumber;
+      age: Age;
     } & DefaultSession["user"];
   }
 
@@ -55,6 +58,7 @@ declare module "next-auth/jwt" {
   interface JWT {
     user: {
       nhs_number: NhsNumber;
+      birthdate: BirthDate;
     };
     nhs_login: {
       id_token: IdToken;
diff --git a/src/utils/logger.ts b/src/utils/logger.ts
@@ -18,6 +18,7 @@ const REDACT_KEYS: string[] = [
   "api_key",
   "apimToken",
   "aud",
+  "birthdate",
   "clientAssertion",
   "client_assertion",
   "elidUri",
