SPIKE SB Use lazy config in middleware.

SPIKE SB Add lazy config builder for tests.

SPIKE SB Extend use of lazy config to everything called by middleware.

SPIKE SB Extend use of lazy config to EliD & content services.

Author: acerathereinspirative-nhs-nvir

auth.ts

@@ -5,7 +5,7 @@ import { getToken } from "@src/utils/auth/callbacks/get-token";
 import { getUpdatedSession } from "@src/utils/auth/callbacks/get-updated-session";
 import { isValidSignIn } from "@src/utils/auth/callbacks/is-valid-signin";
 import { MaxAgeInSeconds } from "@src/utils/auth/types";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { profilePerformanceEnd, profilePerformanceStart } from "@src/utils/performance";
 import { RequestContext, asyncLocalStorage } from "@src/utils/requestContext";
@@ -21,16 +21,15 @@ const AuthJWTPerformanceMarker = "auth-jwt-callback";
 const AuthSessionPerformanceMarker = "auth-session-callback";
 
 export const { handlers, signIn, signOut, auth } = NextAuth(async () => {
-  const config: AppConfig = await configProvider();
-  const MAX_SESSION_AGE_SECONDS: number = config.MAX_SESSION_AGE_MINUTES * 60;
+  const MAX_SESSION_AGE_SECONDS: number = ((await lazyConfig.MAX_SESSION_AGE_MINUTES) as number) * 60;
   const headerValues = await headers();
 
   const requestContext: RequestContext = extractRequestContextFromHeaders(headerValues);
 
   return await asyncLocalStorage.run(requestContext, async () => {
     return {
       providers: [await NHSLoginAuthProvider()],
-      secret: config.AUTH_SECRET,
+      secret: (await lazyConfig.AUTH_SECRET) as string,
       pages: {
         signIn: SSO_FAILURE_ROUTE,
         signOut: SESSION_LOGOUT_ROUTE,
@@ -49,7 +48,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth(async () => {
           let response: boolean;
           try {
             profilePerformanceStart(AuthSignInPerformanceMarker);
-            response = isValidSignIn(account, config);
+            response = await isValidSignIn(account);
             profilePerformanceEnd(AuthSignInPerformanceMarker);
           } catch (error) {
             log.error({ error: error }, "signIn() callback error");
@@ -64,7 +63,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth(async () => {
           let response;
           try {
             profilePerformanceStart(AuthJWTPerformanceMarker);
-            response = getToken(token, account, profile, config, MAX_SESSION_AGE_SECONDS as MaxAgeInSeconds);
+            response = getToken(token, account, profile, MAX_SESSION_AGE_SECONDS as MaxAgeInSeconds);
             profilePerformanceEnd(AuthJWTPerformanceMarker);
           } catch (error) {
             log.error({ error: error }, "jwt() callback error");

contract/fetch-eligibility-content.contract.ts

@@ -1,22 +1,13 @@
 import { NhsNumber } from "@src/models/vaccine";
 import { EligibilityApiResponse } from "@src/services/eligibility-api/api-types";
 import { fetchEligibilityContent } from "@src/services/eligibility-api/gateway/fetch-eligibility-content";
-import { AppConfig } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { asyncLocalStorage } from "@src/utils/requestContext";
-import { appConfigBuilder } from "@test-data/config/builders";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import { readFileSync } from "fs";
 import { pactWith } from "jest-pact";
 
-jest.mock("@src/utils/config", () => ({
-  configProvider: jest.fn((): Promise<AppConfig> => {
-    const value: AppConfig = appConfigBuilder()
-      .withELIGIBILITY_API_ENDPOINT(new URL("http://localhost:1234/"))
-      .andELIGIBILITY_API_KEY("test-api-key")
-      .andIS_APIM_AUTH_ENABLED(false)
-      .build();
-    return Promise.resolve(value);
-  }),
-}));
+jest.mock("@src/utils/lazy-config");
 jest.mock("next-auth/jwt", () => ({
   getToken: jest.fn(),
 }));
@@ -49,6 +40,17 @@ const successfulResponse: EligibilityApiResponse = {
 };
 
 pactWith({ consumer: "VitA", provider: "EliD", port: 1234, logLevel: "warn" }, (provider) => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
+  beforeEach(() => {
+    const defaultConfig = lazyConfigBuilder()
+      .withEligibilityApiEndpoint(new URL("http://localhost:1234/"))
+      .andEligibilityApiKey("test-api-key")
+      .andIsApimAuthEnabled(false)
+      .build();
+    Object.assign(mockedConfig, defaultConfig);
+  });
+
   describe("EliD returns expected fields", () => {
     const mockNhsNumber = "9450114080" as NhsNumber;
     const vitaTraceId = "mock-trace-id";

src/middleware.test.ts

@@ -4,16 +4,16 @@
 import { auth } from "@project/auth";
 import { unprotectedUrlPaths } from "@src/app/_components/inactivity/constants";
 import { config, middleware } from "@src/middleware";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import { NextRequest } from "next/server";
 
 jest.mock("@project/auth", () => ({
   auth: jest.fn(),
   signIn: jest.fn(),
 }));
 jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
-
-jest.mock("@src/utils/config");
+jest.mock("@src/utils/lazy-config");
 
 const middlewareRegex = new RegExp(config.matcher[0]);
 const otherExcludedPaths = ["/favicon.ico", "/assets", "/js", "/css", "/_next"];
@@ -34,12 +34,14 @@ function getMockRequest(testUrl: string) {
 }
 
 describe("middleware", () => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
   beforeEach(() => {
-    (configProvider as jest.Mock).mockImplementation(
-      (): Partial<AppConfig> => ({
-        NHS_APP_REDIRECT_LOGIN_URL: "https://nhs-app-redirect-login-url",
-      }),
-    );
+    const defaultConfig = lazyConfigBuilder()
+      .withNhsAppRedirectLoginUrl(new URL("https://nhs-app-redirect-login-url"))
+      .build();
+    Object.assign(mockedConfig, defaultConfig);
+
     jest.clearAllMocks();
   });
 

src/middleware.ts

@@ -1,5 +1,5 @@
 import { auth } from "@project/auth";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { profilePerformanceEnd, profilePerformanceStart } from "@src/utils/performance";
 import { RequestContext, asyncLocalStorage } from "@src/utils/requestContext";
@@ -25,13 +25,11 @@ const middlewareWrapper = async (request: NextRequest) => {
   const headers = new Headers(request.headers);
   headers.set("nextUrl", request.nextUrl.href);
 
-  const config: AppConfig = await configProvider();
-
   let response: NextResponse;
   const session: Session | null = await auth();
   if (!session?.user) {
     log.info({ context: { nextUrl: request.nextUrl.href } }, "Missing user session, redirecting to login");
-    response = NextResponse.redirect(new URL(config.NHS_APP_REDIRECT_LOGIN_URL));
+    response = NextResponse.redirect((await lazyConfig.NHS_APP_REDIRECT_LOGIN_URL) as URL);
     response.headers.set("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
   } else {
     response = NextResponse.next({

src/services/content-api/content-api.integration.test.tsx

@@ -6,7 +6,8 @@ import mockRsvVaccineJson from "@project/wiremock/__files/rsv-vaccine.json";
 import { VaccineType } from "@src/models/vaccine";
 import { getContentForVaccine } from "@src/services/content-api/content-service";
 import { GetContentForVaccineResponse } from "@src/services/content-api/types";
-import { configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 import { Readable } from "stream";
 
 jest.mock("@src/utils/config");
@@ -23,6 +24,8 @@ const mockRsvResponse = {
 };
 
 describe("Content API Read Integration Test ", () => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
   afterEach(async () => {
     const { styledVaccineContent, contentError }: GetContentForVaccineResponse = await getContentForVaccine(
       VaccineType.RSV,
@@ -38,15 +41,14 @@ describe("Content API Read Integration Test ", () => {
   });
 
   it("should return processed data from local cache", async () => {
-    (configProvider as jest.Mock).mockImplementation(() => ({
-      CONTENT_CACHE_PATH: "wiremock/__files/",
-    }));
+    const defaultConfig = lazyConfigBuilder().withContentCachePath("wiremock/__files/").build();
+    Object.assign(mockedConfig, defaultConfig);
   });
 
   it("should return processed data from external cache", async () => {
-    (configProvider as jest.Mock).mockImplementation(() => ({
-      CONTENT_CACHE_PATH: "s3://test-bucket",
-    }));
+    const defaultConfig = lazyConfigBuilder().withContentCachePath("s3://test-bucket").build();
+    Object.assign(mockedConfig, defaultConfig);
+
     (S3Client as jest.Mock).mockImplementation(() => ({
       send: () => mockRsvResponse,
     }));

src/services/content-api/content-service.test.ts

@@ -4,18 +4,20 @@ import { getContentForVaccine } from "@src/services/content-api/content-service"
 import { readContentFromCache } from "@src/services/content-api/gateway/content-reader-service";
 import { InvalidatedCacheError, S3NoSuchKeyError } from "@src/services/content-api/gateway/exceptions";
 import { ContentErrorTypes, GetContentForVaccineResponse } from "@src/services/content-api/types";
-import { configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
+import { AsyncConfigMock, lazyConfigBuilder } from "@test-data/config/builders";
 
 jest.mock("@src/services/content-api/gateway/content-reader-service");
-jest.mock("@src/utils/config");
+jest.mock("@src/utils/lazy-config");
 jest.mock("sanitize-data", () => ({ sanitize: jest.fn() }));
 
 describe("getContentForVaccine()", () => {
+  const mockedConfig = lazyConfig as AsyncConfigMock;
+
   describe("when readContent succeeds", () => {
     beforeEach(() => {
-      (configProvider as jest.Mock).mockImplementation(() => ({
-        CONTENT_CACHE_PATH: "wiremock/__files/",
-      }));
+      const defaultConfig = lazyConfigBuilder().withContentCachePath("wiremock/__files/").build();
+      Object.assign(mockedConfig, defaultConfig);
     });
 
     it("should return response for rsv vaccine from content cache", async () => {

src/services/content-api/content-service.ts

@@ -9,7 +9,7 @@ import {
   StyledVaccineContent,
   VaccinePageContent,
 } from "@src/services/content-api/types";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { profilePerformanceEnd, profilePerformanceStart } from "@src/utils/performance";
 import { Logger } from "pino";
@@ -22,11 +22,11 @@ const getContentForVaccine = async (vaccineType: VaccineType): Promise<GetConten
   try {
     profilePerformanceStart(GetVaccineContentPerformanceMarker);
 
-    const config: AppConfig = await configProvider();
+    const cachePath = (await lazyConfig.CONTENT_CACHE_PATH) as string;
     const vaccineCacheFilename = VaccineInfo[vaccineType].cacheFilename;
 
     // fetch content from api
-    const vaccineContent = await readContentFromCache(config.CONTENT_CACHE_PATH, vaccineCacheFilename, vaccineType);
+    const vaccineContent = await readContentFromCache(cachePath, vaccineCacheFilename, vaccineType);
 
     // filter and style content
     const filteredContent: VaccinePageContent = getFilteredContentForVaccine(vaccineType, vaccineContent);

src/services/eligibility-api/gateway/fetch-eligibility-content.ts

@@ -10,7 +10,7 @@ import {
 } from "@src/services/eligibility-api/gateway/exceptions";
 import { Cohort, Heading } from "@src/services/eligibility-api/types";
 import { getApimAccessToken } from "@src/utils/auth/apim/get-apim-access-token";
-import { AppConfig, configProvider } from "@src/utils/config";
+import lazyConfig from "@src/utils/lazy-config";
 import { logger } from "@src/utils/logger";
 import { asyncLocalStorage } from "@src/utils/requestContext";
 import axios, { AxiosError, AxiosResponse, HttpStatusCode } from "axios";
@@ -27,10 +27,8 @@ const log = logger.child({ module: "fetch-eligibility-content" });
 const ELIGIBILITY_API_PATH_SUFFIX = "eligibility-signposting-api/patient-check/";
 
 export const fetchEligibilityContent = async (nhsNumber: NhsNumber): Promise<EligibilityApiResponse> => {
-  const config: AppConfig = await configProvider();
-
-  const apiEndpoint: URL = config.ELIGIBILITY_API_ENDPOINT;
-  const apiKey: string = config.ELIGIBILITY_API_KEY;
+  const apiEndpoint: URL = (await lazyConfig.ELIGIBILITY_API_ENDPOINT) as URL;
+  const apiKey: string = (await lazyConfig.ELIGIBILITY_API_KEY) as string;
   const vitaTraceId: string | undefined = asyncLocalStorage?.getStore()?.traceId;
 
   const elidUri: string = `${apiEndpoint}${ELIGIBILITY_API_PATH_SUFFIX}${nhsNumber}`;
@@ -40,8 +38,8 @@ export const fetchEligibilityContent = async (nhsNumber: NhsNumber): Promise<Eli
     "X-Correlation-ID": vitaTraceId,
   };
 
-  if (config.IS_APIM_AUTH_ENABLED) {
-    const apimAccessToken = await getApimAccessToken(config);
+  if (await lazyConfig.IS_APIM_AUTH_ENABLED) {
+    const apimAccessToken = await getApimAccessToken();
     headers = { ...headers, Authorization: `Bearer ${apimAccessToken}` };
   }
 

src/utils/auth/apim/get-apim-access-token.test.ts

@@ -3,8 +3,6 @@ import { getApimAccessToken, retrieveApimCredentials } from "@src/utils/auth/api
 import { getOrRefreshApimCredentials } from "@src/utils/auth/apim/get-or-refresh-apim-credentials";
 import { getJwtToken } from "@src/utils/auth/get-jwt-token";
 import { AccessToken, IdToken } from "@src/utils/auth/types";
-import { AppConfig } from "@src/utils/config";
-import { appConfigBuilder } from "@test-data/config/builders";
 
 jest.mock("@src/utils/auth/get-jwt-token", () => ({
   getJwtToken: jest.fn(),
@@ -19,7 +17,6 @@ jest.mock("@src/utils/auth/apim/get-or-refresh-apim-credentials", () => ({
   getOrRefreshApimCredentials: jest.fn(),
 }));
 
-const mockConfig: AppConfig = appConfigBuilder().build();
 const nowInSeconds = 1000;
 
 const apimAccessTokenFromJwt = "test-access-token" as AccessToken;
@@ -50,24 +47,24 @@ describe("getApimAccessToken", () => {
 
     (getJwtToken as jest.Mock).mockResolvedValue(mockJwtToken);
 
-    const apimAccessToken = await getApimAccessToken(mockConfig);
+    const apimAccessToken = await getApimAccessToken();
 
-    expect(getOrRefreshApimCredentials).toHaveBeenCalledWith(mockConfig, mockJwtToken, nowInSeconds);
+    expect(getOrRefreshApimCredentials).toHaveBeenCalledWith(mockJwtToken, nowInSeconds);
     expect(apimAccessToken).toEqual(getOrRefreshedApimAccessToken as AccessToken);
   });
 
   it("should throw error if APIM access token not available in JWT token", async () => {
     (getJwtToken as jest.Mock).mockResolvedValue({ apim: {} });
 
-    await expect(getApimAccessToken(mockConfig)).rejects.toThrow("APIM access token is not present on JWT token");
+    await expect(getApimAccessToken()).rejects.toThrow("APIM access token is not present on JWT token");
   });
 
   it("should throw error if _getOrRefresh APIM access token returns undefined", async () => {
     (getOrRefreshApimCredentials as jest.Mock).mockResolvedValue(undefined);
 
     (getJwtToken as jest.Mock).mockResolvedValue(mockJwtToken);
 
-    await expect(getApimAccessToken(mockConfig)).rejects.toThrow("getOrRefreshApimCredentials returned undefined");
+    await expect(getApimAccessToken()).rejects.toThrow("getOrRefreshApimCredentials returned undefined");
   });
 });
 

src/utils/auth/apim/get-apim-access-token.ts

@@ -4,12 +4,11 @@ import { getOrRefreshApimCredentials } from "@src/utils/auth/apim/get-or-refresh
 import { ApimAccessCredentials, ApimTokenResponse } from "@src/utils/auth/apim/types";
 import { getJwtToken } from "@src/utils/auth/get-jwt-token";
 import { AccessToken, ExpiresAt, IdToken } from "@src/utils/auth/types";
-import { AppConfig } from "@src/utils/config";
 import { logger } from "@src/utils/logger";
 
 const log = logger.child({ module: "utils-auth-apim-get-apim-access-token" });
 
-const getApimAccessToken = async (config: AppConfig): Promise<AccessToken> => {
+const getApimAccessToken = async (): Promise<AccessToken> => {
   /**
    * Gets the APIM access token from the JWT session cookie.
    *
@@ -26,7 +25,7 @@ const getApimAccessToken = async (config: AppConfig): Promise<AccessToken> => {
   }
 
   const nowInSeconds = Math.floor(Date.now() / 1000);
-  const apimAccessCredentials = await getOrRefreshApimCredentials(config, token, nowInSeconds);
+  const apimAccessCredentials = await getOrRefreshApimCredentials(token, nowInSeconds);
 
   if (!apimAccessCredentials) {
     log.error("Error: getOrRefreshApimCredentials returned undefined");