refactor: service module to TS + ESM (v2)

.eslintrc.json

@@ -52,7 +52,8 @@
     "@typescript-eslint/no-explicit-any": "off", // temporary until TS refactor is complete
     "@typescript-eslint/no-unused-vars": "off", // temporary until TS refactor is complete
     "@typescript-eslint/no-require-imports": "off", // prevents error on old "require" imports
-    "@typescript-eslint/no-unused-expressions": "off" // prevents error on test "expect" expressions
+    "@typescript-eslint/no-unused-expressions": "off", // prevents error on test "expect" expressions
+    "new-cap": "off" // prevents errors on express.Router()
   },
   "settings": {
     "react": {

config.schema.json

@@ -173,6 +173,14 @@
           }
         }
       }
+    },
+    "smtpHost": {
+      "type": "string",
+      "description": "SMTP host to use for sending emails"
+    },
+    "smtpPort": {
+      "type": "number",
+      "description": "SMTP port to use for sending emails"
     }
   },
   "definitions": {

package.json

@@ -90,12 +90,20 @@
     "@babel/preset-react": "^7.27.1",
     "@commitlint/cli": "^19.8.1",
     "@commitlint/config-conventional": "^19.8.1",
+    "@types/cors": "^2.8.19",
     "@types/domutils": "^1.7.8",
     "@types/express": "^5.0.3",
     "@types/express-http-proxy": "^1.6.7",
+    "@types/express-session": "^1.18.2",
+    "@types/jsonwebtoken": "^9.0.10",
+    "@types/jwk-to-pem": "^2.0.3",
     "@types/lodash": "^4.17.20",
+    "@types/lusca": "^1.7.5",
     "@types/mocha": "^10.0.10",
     "@types/node": "^22.17.0",
+    "@types/nodemailer": "^7.0.1",
+    "@types/passport": "^1.0.17",
+    "@types/passport-local": "^1.0.38",
     "@types/react-dom": "^17.0.26",
     "@types/react-html-parser": "^2.0.7",
     "@types/validator": "^13.15.2",

packages/git-proxy-cli/test/testCli.test.js

@@ -9,7 +9,7 @@ require('../../../src/config/file').configFile = path.join(
   'test',
   'testCli.proxy.config.json',
 );
-const service = require('../../../src/service');
+const service = require('../../../src/service').default;
 
 /* test constants */
 // push ID which does not exist

proxy.config.json

@@ -182,5 +182,7 @@
         "loginRequired": true
       }
     ]
-  }
+  },
+  "smtpHost": "",
+  "smtpPort": 0
 }

src/config/index.ts

@@ -40,6 +40,8 @@ let _contactEmail: string = defaultSettings.contactEmail;
 let _csrfProtection: boolean = defaultSettings.csrfProtection;
 let _domains: Record<string, unknown> = defaultSettings.domains;
 let _rateLimit: RateLimitConfig = defaultSettings.rateLimit;
+let _smtpHost: string = defaultSettings.smtpHost;
+let _smtpPort: number = defaultSettings.smtpPort;
 
 // These are not always present in the default config file, so casting is required
 let _tlsEnabled = defaultSettings.tls.enabled;
@@ -264,6 +266,20 @@ export const getRateLimit = () => {
   return _rateLimit;
 };
 
+export const getSmtpHost = () => {
+  if (_userSettings && _userSettings.smtpHost) {
+    _smtpHost = _userSettings.smtpHost;
+  }
+  return _smtpHost;
+};
+
+export const getSmtpPort = () => {
+  if (_userSettings && _userSettings.smtpPort) {
+    _smtpPort = _userSettings.smtpPort;
+  }
+  return _smtpPort;
+};
+
 // Function to handle configuration updates
 const handleConfigUpdate = async (newConfig: typeof _config) => {
   console.log('Configuration updated from external source');

src/config/types.ts

@@ -23,6 +23,8 @@ export interface UserSettings {
   csrfProtection: boolean;
   domains: Record<string, unknown>;
   rateLimit: RateLimitConfig;
+  smtpHost?: string;
+  smtpPort?: number;
 }
 
 export interface TLSConfig {
@@ -49,6 +51,39 @@ export interface Authentication {
   type: string;
   enabled: boolean;
   options?: Record<string, unknown>;
+  oidcConfig?: OidcConfig;
+  adConfig?: AdConfig;
+  jwtConfig?: JwtConfig;
+
+  // Deprecated fields for backwards compatibility
+  // TODO: remove in future release and keep the ones in adConfig
+  userGroup?: string;
+  adminGroup?: string;
+  domain?: string;
+}
+
+export interface OidcConfig {
+  issuer: string;
+  clientID: string;
+  clientSecret: string;
+  callbackURL: string;
+  scope: string;
+}
+
+export interface AdConfig {
+  url: string;
+  baseDN: string;
+  searchBase: string;
+  userGroup?: string;
+  adminGroup?: string;
+  domain?: string;
+}
+
+export interface JwtConfig {
+  clientID: string;
+  authorityURL: string;
+  roleMapping: Record<string, unknown>;
+  expectedAudience?: string;
 }
 
 export interface TempPasswordConfig {

src/db/file/pushes.ts

@@ -29,9 +29,10 @@ const defaultPushQuery: PushQuery = {
   blocked: true,
   allowPush: false,
   authorised: false,
+  type: 'push',
 };
 
-export const getPushes = (query: PushQuery): Promise<Action[]> => {
+export const getPushes = (query: Partial<PushQuery>): Promise<Action[]> => {
   if (!query) query = defaultPushQuery;
   return new Promise((resolve, reject) => {
     db.find(query, (err: Error, docs: Action[]) => {

src/db/file/users.ts

@@ -115,11 +115,10 @@ export const deleteUser = (username: string): Promise<void> => {
   });
 };
 
-export const updateUser = (user: User): Promise<void> => {
-  user.username = user.username.toLowerCase();
-  if (user.email) {
-    user.email = user.email.toLowerCase();
-  }
+export const updateUser = (user: Partial<User>): Promise<void> => {
+  if (user.username) user.username = user.username.toLowerCase();
+  if (user.email) user.email = user.email.toLowerCase();
+
   return new Promise((resolve, reject) => {
     // The mongo db adaptor adds fields to existing documents, where this adaptor replaces the document
     //   hence, retrieve and merge documents to avoid dropping fields (such as the gitaccount)

src/db/index.ts

@@ -155,7 +155,7 @@ export const canUserCancelPush = async (id: string, user: string) => {
 
 export const getSessionStore = (): MongoDBStore | null =>
   sink.getSessionStore ? sink.getSessionStore() : null;
-export const getPushes = (query: PushQuery): Promise<Action[]> => sink.getPushes(query);
+export const getPushes = (query: Partial<PushQuery>): Promise<Action[]> => sink.getPushes(query);
 export const writeAudit = (action: Action): Promise<void> => sink.writeAudit(action);
 export const getPush = (id: string): Promise<Action | null> => sink.getPush(id);
 export const deletePush = (id: string): Promise<void> => sink.deletePush(id);
@@ -182,4 +182,4 @@ export const findUserByEmail = (email: string): Promise<User | null> => sink.fin
 export const findUserByOIDC = (oidcId: string): Promise<User | null> => sink.findUserByOIDC(oidcId);
 export const getUsers = (query?: object): Promise<User[]> => sink.getUsers(query);
 export const deleteUser = (username: string): Promise<void> => sink.deleteUser(username);
-export const updateUser = (user: User): Promise<void> => sink.updateUser(user);
+export const updateUser = (user: Partial<User>): Promise<void> => sink.updateUser(user);

src/db/mongo/pushes.ts

@@ -10,9 +10,12 @@ const defaultPushQuery: PushQuery = {
   blocked: true,
   allowPush: false,
   authorised: false,
+  type: 'push',
 };
 
-export const getPushes = async (query: PushQuery = defaultPushQuery): Promise<Action[]> => {
+export const getPushes = async (
+  query: Partial<PushQuery> = defaultPushQuery,
+): Promise<Action[]> => {
   return findDocuments<Action>(collectionName, query, {
     projection: {
       _id: 0,

src/db/mongo/users.ts

@@ -50,8 +50,10 @@ export const createUser = async function (user: User): Promise<void> {
   await collection.insertOne(user as OptionalId<Document>);
 };
 
-export const updateUser = async (user: User): Promise<void> => {
-  user.username = user.username.toLowerCase();
+export const updateUser = async (user: Partial<User>): Promise<void> => {
+  if (user.username) {
+    user.username = user.username.toLowerCase();
+  }
   if (user.email) {
     user.email = user.email.toLowerCase();
   }

src/db/types.ts

@@ -6,6 +6,7 @@ export type PushQuery = {
   blocked: boolean;
   allowPush: boolean;
   authorised: boolean;
+  type: string;
 };
 
 export type UserRole = 'canPush' | 'canAuthorise';
@@ -62,7 +63,7 @@ export class User {
 
 export interface Sink {
   getSessionStore?: () => MongoDBStore;
-  getPushes: (query: PushQuery) => Promise<Action[]>;
+  getPushes: (query: Partial<PushQuery>) => Promise<Action[]>;
   writeAudit: (action: Action) => Promise<void>;
   getPush: (id: string) => Promise<Action | null>;
   deletePush: (id: string) => Promise<void>;
@@ -85,5 +86,5 @@ export interface Sink {
   getUsers: (query?: object) => Promise<User[]>;
   createUser: (user: User) => Promise<void>;
   deleteUser: (username: string) => Promise<void>;
-  updateUser: (user: User) => Promise<void>;
+  updateUser: (user: Partial<User>) => Promise<void>;
 }

src/service/emailSender.js → src/service/emailSender.ts

@@ -1,7 +1,7 @@
-const nodemailer = require('nodemailer');
-const config = require('../config');
+import nodemailer from 'nodemailer';
+import * as config from '../config';
 
-exports.sendEmail = async (from, to, subject, body) => {
+export const sendEmail = async (from: string, to: string, subject: string, body: string) => {
   const smtpHost = config.getSmtpHost();
   const smtpPort = config.getSmtpPort();
   const transporter = nodemailer.createTransport({

src/service/index.js → src/service/index.ts

@@ -1,19 +1,20 @@
-const express = require('express');
-const session = require('express-session');
-const http = require('http');
-const cors = require('cors');
-const app = express();
-const path = require('path');
-const config = require('../config');
-const db = require('../db');
-const rateLimit = require('express-rate-limit');
-const lusca = require('lusca');
-const configLoader = require('../config/ConfigLoader');
+import express, { Express } from 'express';
+import session from 'express-session';
+import http from 'http';
+import cors from 'cors';
+import path from 'path';
+import rateLimit from 'express-rate-limit';
+import lusca from 'lusca';
+
+import * as config from '../config';
+import * as db from '../db';
+import { serverConfig } from '../config/env';
 
 const limiter = rateLimit(config.getRateLimit());
 
-const { GIT_PROXY_UI_PORT: uiPort } = require('../config/env').serverConfig;
+const { GIT_PROXY_UI_PORT: uiPort } = serverConfig;
 
+const app: Express = express();
 const _httpServer = http.createServer(app);
 
 const corsOptions = {
@@ -23,57 +24,22 @@ const corsOptions = {
 
 /**
  * Internal function used to bootstrap the Git Proxy API's express application.
- * @param {proxy} proxy A reference to the proxy express application, used to restart it when necessary.
+ * @param {Express} proxy A reference to the proxy express application, used to restart it when necessary.
  * @return {Promise<Express>}
  */
-async function createApp(proxy) {
+async function createApp(proxy: Express) {
   // configuration of passport is async
   // Before we can bind the routes - we need the passport strategy
   const passport = await require('./passport').configure();
-  const routes = require('./routes');
+  const routes = await import('./routes');
   const absBuildPath = path.join(__dirname, '../../build');
   app.use(cors(corsOptions));
   app.set('trust proxy', 1);
   app.use(limiter);
 
-  // Add new admin-only endpoint to reload config
-  app.post('/api/v1/admin/reload-config', async (req, res) => {
-    if (!req.isAuthenticated() || !req.user.admin) {
-      return res.status(403).json({ error: 'Unauthorized' });
-    }
-
-    try {
-      // 1. Reload configuration
-      await configLoader.loadConfiguration();
-
-      // 2. Stop existing services
-      await proxy.stop();
-
-      // 3. Apply new configuration
-      config.validate();
-
-      // 4. Restart services with new config
-      await proxy.start();
-
-      console.log('Configuration reloaded and services restarted successfully');
-      res.json({ status: 'success', message: 'Configuration reloaded and services restarted' });
-    } catch (error) {
-      console.error('Failed to reload configuration and restart services:', error);
-
-      // Attempt to restart with existing config if reload fails
-      try {
-        await proxy.start();
-      } catch (startError) {
-        console.error('Failed to restart services:', startError);
-      }
-
-      res.status(500).json({ error: 'Failed to reload configuration' });
-    }
-  });
-
   app.use(
     session({
-      store: config.getDatabase().type === 'mongo' ? db.getSessionStore(session) : null,
+      store: config.getDatabase().type === 'mongo' ? db.getSessionStore() || undefined : undefined,
       secret: config.getCookieSecret(),
       resave: false,
       saveUninitialized: false,
@@ -102,7 +68,7 @@ async function createApp(proxy) {
   app.use(passport.session());
   app.use(express.json());
   app.use(express.urlencoded({ extended: true }));
-  app.use('/', routes(proxy));
+  app.use('/', routes.default(proxy));
   app.use('/', express.static(absBuildPath));
   app.get('/*', (req, res) => {
     res.sendFile(path.join(`${absBuildPath}/index.html`));
@@ -113,10 +79,10 @@ async function createApp(proxy) {
 
 /**
  * Starts the proxy service.
- * @param {proxy?} proxy A reference to the proxy express application, used to restart it when necessary.
+ * @param {*} proxy A reference to the proxy express application, used to restart it when necessary.
  * @return {Promise<Express>} the express application (used for testing).
  */
-async function start(proxy) {
+async function start(proxy: any) {
   if (!proxy) {
     console.warn("WARNING: proxy is null and can't be controlled by the API service");
   }
@@ -139,4 +105,8 @@ async function stop() {
   _httpServer.close();
 }
 
-module.exports = { start, stop, httpServer: _httpServer };
+export default {
+  start,
+  stop,
+  httpServer: _httpServer,
+};