Skip to content

Commit e33a750

Browse files
GekkioGekkio
committed
Simplify createProxy
1 parent f6d2ace commit e33a750

File tree

7 files changed

+50
-47
lines changed

7 files changed

+50
-47
lines changed

apigw/src/enduser/app.ts

+3-2
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ export function enduserGwRouter(
3131
const router = express.Router()
3232

3333
const sessions = sessionSupport('enduser', redisClient, config.citizen)
34+
const getUserHeader = (req: express.Request) => sessions.getUserHeader(req)
3435

3536
// middlewares
3637
router.use(sessions.middleware)
@@ -89,7 +90,7 @@ export function enduserGwRouter(
8990
router.use(csrf)
9091

9192
// public endpoints
92-
router.all('/citizen/public/*', createProxy({ sessions }))
93+
router.all('/citizen/public/*', createProxy({ getUserHeader }))
9394
router.use(mapRoutes)
9495
router.get('/auth/status', authStatus(sessions))
9596
router.post(
@@ -100,7 +101,7 @@ export function enduserGwRouter(
100101

101102
// authenticated endpoints
102103
router.use(sessions.requireAuthentication)
103-
router.all('/citizen/*', createProxy({ sessions }))
104+
router.all('/citizen/*', createProxy({ getUserHeader }))
104105

105106
// global error middleware
106107
router.use(errorHandler(false))

apigw/src/enduser/mapRoutes.ts

+5-2
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ router.get(
8181
? createDigitransitProxy('/geocoding/v1/autocomplete')
8282
: enableDevApi
8383
? createProxy({
84-
sessions: undefined,
84+
getUserHeader: () => undefined,
8585
path: '/dev-api/digitransit/autocomplete'
8686
})
8787
: (_, res) => res.status(404)
@@ -92,7 +92,10 @@ router.post(
9292
digitransitApiEnabled
9393
? createDigitransitProxy('/routing/v1/routers/finland/index/graphql')
9494
: enableDevApi
95-
? createProxy({ sessions: undefined, path: '/dev-api/digitransit/query' })
95+
? createProxy({
96+
getUserHeader: () => undefined,
97+
path: '/dev-api/digitransit/query'
98+
})
9699
: (_, res) => res.status(404)
97100
)
98101

apigw/src/internal/app.ts

+14-6
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ import cookieParser from 'cookie-parser'
77
import express from 'express'
88
import expressBasicAuth from 'express-basic-auth'
99

10+
import { integrationUserHeader } from '../shared/auth/index.js'
1011
import {
1112
appCommit,
1213
Config,
@@ -43,6 +44,7 @@ export function internalGwRouter(
4344
const router = express.Router()
4445

4546
const sessions = sessionSupport('employee', redisClient, config.employee)
47+
const getUserHeader = (req: express.Request) => sessions.getUserHeader(req)
4648

4749
// middlewares
4850
router.use(sessions.middleware)
@@ -68,7 +70,10 @@ export function internalGwRouter(
6870
})
6971
}
7072
router.use('/integration', expressBasicAuth({ users: integrationUsers }))
71-
router.all('/integration/*', createProxy({ sessions: undefined }))
73+
router.all(
74+
'/integration/*',
75+
createProxy({ getUserHeader: (_) => integrationUserHeader })
76+
)
7277

7378
router.all('/auth/*', (req: express.Request, res, next) => {
7479
if (req.session?.idpProvider === 'evaka') {
@@ -118,7 +123,10 @@ export function internalGwRouter(
118123
if (enableDevApi) {
119124
router.use(
120125
'/dev-api',
121-
createProxy({ sessions: undefined, path: ({ url }) => `/dev-api${url}` })
126+
createProxy({
127+
getUserHeader: () => undefined,
128+
path: ({ url }) => `/dev-api${url}`
129+
})
122130
)
123131

124132
router.get('/auth/mobile-e2e-signup', devApiE2ESignup(sessions))
@@ -128,8 +136,8 @@ export function internalGwRouter(
128136
router.use(csrf)
129137

130138
// public endpoints
131-
router.all('/employee/public/*', createProxy({ sessions }))
132-
router.all('/employee-mobile/public/*', createProxy({ sessions }))
139+
router.all('/employee/public/*', createProxy({ getUserHeader }))
140+
router.all('/employee-mobile/public/*', createProxy({ getUserHeader }))
133141
router.get(
134142
'/auth/status',
135143
refreshMobileSession(sessions),
@@ -149,8 +157,8 @@ export function internalGwRouter(
149157
express.json(),
150158
pinLogoutRequestHandler(sessions, redisClient)
151159
)
152-
router.all('/employee/*', createProxy({ sessions }))
153-
router.all('/employee-mobile/*', createProxy({ sessions }))
160+
router.all('/employee/*', createProxy({ getUserHeader }))
161+
router.all('/employee-mobile/*', createProxy({ getUserHeader }))
154162

155163
// global error middleware
156164
router.use(errorHandler(true))

apigw/src/shared/auth/index.ts

+3-5
Original file line numberDiff line numberDiff line change
@@ -51,9 +51,7 @@ export type EvakaSessionUser =
5151
| EmployeeSessionUser
5252
| EmployeeMobileSessionUser
5353

54-
export function createUserHeader(
55-
user: EvakaSessionUser | { userType: 'SYSTEM' }
56-
): string {
54+
export function createUserHeader(user: EvakaSessionUser): string {
5755
return JSON.stringify(
5856
((): object => {
5957
switch (user.userType) {
@@ -74,15 +72,15 @@ export function createUserHeader(
7472
id: user.id,
7573
employeeId: user.mobileEmployeeId
7674
}
77-
case 'SYSTEM':
78-
return { type: 'system' }
7975
case undefined:
8076
throw new Error('User type is undefined')
8177
}
8278
})()
8379
)
8480
}
8581

82+
export const systemUserHeader = JSON.stringify({ type: 'system' })
83+
8684
export const integrationUserHeader = JSON.stringify({ type: 'integration' })
8785

8886
export function createLogoutToken(profile: Profile) {

apigw/src/shared/proxy-utils.ts

+4-7
Original file line numberDiff line numberDiff line change
@@ -10,18 +10,17 @@ import _ from 'lodash'
1010

1111
import { evakaServiceUrl } from './config.js'
1212
import { createServiceRequestHeaders } from './service-client.js'
13-
import { Sessions } from './session.js'
1413

1514
interface ProxyOptions {
16-
sessions: Sessions | undefined
1715
path?: string | ((req: express.Request) => string)
1816
url?: string
17+
getUserHeader: (req: express.Request) => string | undefined
1918
}
2019

2120
export function createProxy({
22-
sessions,
2321
path,
24-
url = evakaServiceUrl
22+
url = evakaServiceUrl,
23+
getUserHeader
2524
}: ProxyOptions) {
2625
return expressHttpProxy(url, {
2726
parseReqBody: false,
@@ -33,10 +32,8 @@ export function createProxy({
3332
delete originalHeaders['authorization']
3433
delete originalHeaders['x-user']
3534

36-
const user = sessions?.getUser(srcReq)
37-
3835
const serviceHeaders = lowercaseHeaderNames(
39-
createServiceRequestHeaders(srcReq, user)
36+
createServiceRequestHeaders(srcReq, getUserHeader(srcReq))
4037
)
4138
proxyReqOpts.headers = {
4239
...originalHeaders,

apigw/src/shared/service-client.ts

+13-24
Original file line numberDiff line numberDiff line change
@@ -5,11 +5,7 @@
55
import axios from 'axios'
66
import express from 'express'
77

8-
import {
9-
createUserHeader,
10-
EvakaSessionUser,
11-
integrationUserHeader
12-
} from './auth/index.js'
8+
import { systemUserHeader } from './auth/index.js'
139
import { getJwt } from './auth/jwt.js'
1410
import { evakaServiceUrl } from './config.js'
1511

@@ -19,10 +15,6 @@ export const client = axios.create({
1915

2016
export type UUID = string
2117

22-
const machineUser = {
23-
userType: 'SYSTEM' as const
24-
}
25-
2618
export type UserRole =
2719
| 'CITIZEN_WEAK'
2820
| 'ADMIN'
@@ -47,16 +39,13 @@ export type ServiceRequestHeaders = Partial<
4739

4840
export function createServiceRequestHeaders(
4941
req: express.Request | undefined,
50-
user: EvakaSessionUser | { userType: 'SYSTEM' } | undefined | null
42+
userHeader: string | undefined
5143
) {
5244
const headers: ServiceRequestHeaders = {
5345
Authorization: `Bearer ${getJwt()}`
5446
}
55-
if (req?.path.startsWith('/integration/')) {
56-
headers['X-User'] = integrationUserHeader
57-
}
58-
if (user) {
59-
headers['X-User'] = createUserHeader(user)
47+
if (userHeader) {
48+
headers['X-User'] = userHeader
6049
}
6150
if (req?.traceId) {
6251
headers['X-Request-ID'] = req.traceId
@@ -112,7 +101,7 @@ export async function employeeLogin(
112101
`/system/employee-login`,
113102
employee,
114103
{
115-
headers: createServiceRequestHeaders(undefined, machineUser)
104+
headers: createServiceRequestHeaders(undefined, systemUserHeader)
116105
}
117106
)
118107
return data
@@ -126,7 +115,7 @@ export async function getEmployeeDetails(
126115
const { data } = await client.get<EmployeeUserResponse>(
127116
`/system/employee/${employeeId}`,
128117
{
129-
headers: createServiceRequestHeaders(req, machineUser)
118+
headers: createServiceRequestHeaders(req, systemUserHeader)
130119
}
131120
)
132121
return data
@@ -146,7 +135,7 @@ export async function citizenLogin(
146135
`/system/citizen-login`,
147136
person,
148137
{
149-
headers: createServiceRequestHeaders(undefined, machineUser)
138+
headers: createServiceRequestHeaders(undefined, systemUserHeader)
150139
}
151140
)
152141
return data
@@ -164,7 +153,7 @@ export async function citizenWeakLogin(
164153
`/system/citizen-weak-login`,
165154
request,
166155
{
167-
headers: createServiceRequestHeaders(undefined, machineUser)
156+
headers: createServiceRequestHeaders(undefined, systemUserHeader)
168157
}
169158
)
170159
return data
@@ -177,7 +166,7 @@ export async function getCitizenDetails(
177166
const { data } = await client.get<CitizenUserResponse>(
178167
`/system/citizen/${encodeURIComponent(personId)}`,
179168
{
180-
headers: createServiceRequestHeaders(req, machineUser)
169+
headers: createServiceRequestHeaders(req, systemUserHeader)
181170
}
182171
)
183172
return data
@@ -202,7 +191,7 @@ export async function validatePairing(
202191
`/system/pairings/${encodeURIComponent(id)}/validation`,
203192
request,
204193
{
205-
headers: createServiceRequestHeaders(req, machineUser)
194+
headers: createServiceRequestHeaders(req, systemUserHeader)
206195
}
207196
)
208197
return data
@@ -225,7 +214,7 @@ export async function identifyMobileDevice(
225214
const { data } = await client.get<MobileDeviceIdentity | undefined>(
226215
`/system/mobile-identity/${encodeURIComponent(token)}`,
227216
{
228-
headers: createServiceRequestHeaders(req, machineUser)
217+
headers: createServiceRequestHeaders(req, systemUserHeader)
229218
}
230219
)
231220
return data
@@ -249,7 +238,7 @@ export async function authenticateMobileDevice(
249238
userAgent: req.headers['user-agent'] ?? ''
250239
},
251240
{
252-
headers: createServiceRequestHeaders(req, machineUser)
241+
headers: createServiceRequestHeaders(req, systemUserHeader)
253242
}
254243
)
255244
return data
@@ -274,7 +263,7 @@ export async function employeePinLogin(
274263
`/system/mobile-pin-login`,
275264
req.body,
276265
{
277-
headers: createServiceRequestHeaders(req, machineUser)
266+
headers: createServiceRequestHeaders(req, systemUserHeader)
278267
}
279268
)
280269
return data

apigw/src/shared/session.ts

+8-1
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ import { isDate } from 'date-fns/isDate'
1010
import express from 'express'
1111
import session from 'express-session'
1212

13-
import { EvakaSessionUser } from './auth/index.js'
13+
import { createUserHeader, EvakaSessionUser } from './auth/index.js'
1414
import { SessionConfig } from './config.js'
1515
import { createSha256Hash } from './crypto.js'
1616
import { LogoutToken, toMiddleware } from './express.js'
@@ -54,6 +54,7 @@ export interface Sessions {
5454

5555
updateUser(req: express.Request, user: EvakaSessionUser): Promise<void>
5656
getUser(req: express.Request): EvakaSessionUser | undefined
57+
getUserHeader(req: express.Request): string | undefined
5758
isAuthenticated(req: express.Request): boolean
5859
}
5960

@@ -242,6 +243,11 @@ export function sessionSupport(
242243
return req.session?.passport?.user ?? undefined
243244
}
244245

246+
function getUserHeader(req: express.Request): string | undefined {
247+
const user = getUser(req)
248+
return user ? createUserHeader(user) : undefined
249+
}
250+
245251
function isAuthenticated(req: express.Request): boolean {
246252
return !!req.session?.passport?.user
247253
}
@@ -257,6 +263,7 @@ export function sessionSupport(
257263
destroy,
258264
updateUser,
259265
getUser,
266+
getUserHeader,
260267
isAuthenticated
261268
}
262269
}

0 commit comments

Comments
 (0)