[Recording Oracle] Implement custom error handling (#3342)

* Implement custom error handling and replace existing exceptions with specific error classes

* add non-null assertion for privateKey in encryption setup

* update exception response format and improve error handling

Author: flopez7

packages/apps/fortune/recording-oracle/src/app.module.ts

@@ -1,6 +1,6 @@
 import { Module } from '@nestjs/common';
 import { ConfigModule } from '@nestjs/config';
-import { APP_INTERCEPTOR, APP_PIPE } from '@nestjs/core';
+import { APP_FILTER, APP_INTERCEPTOR, APP_PIPE } from '@nestjs/core';
 import { HttpValidationPipe } from './common/pipes';
 import { JobModule } from './modules/job/job.module';
 
@@ -10,13 +10,18 @@ import { WebhookModule } from './modules/webhook/webhook.module';
 import { envValidator } from './common/config/env-schema';
 import { EnvConfigModule } from './common/config/config.module';
 import { TransformEnumInterceptor } from './common/interceptors/transform-enum.interceptor';
+import { ExceptionFilter } from './common/exceptions/exception.filter';
 
 @Module({
   providers: [
     {
       provide: APP_PIPE,
       useClass: HttpValidationPipe,
     },
+    {
+      provide: APP_FILTER,
+      useClass: ExceptionFilter,
+    },
     {
       provide: APP_INTERCEPTOR,
       useClass: SnakeCaseInterceptor,

packages/apps/fortune/recording-oracle/src/common/constants/errors.ts

@@ -9,7 +9,6 @@ export enum ErrorJob {
   NotFoundIntermediateResultsUrl = 'Error while getting intermediate results url from escrow contract',
   SolutionAlreadyExists = 'Solution already exists',
   AllSolutionsHaveAlreadyBeenSent = 'All solutions have already been sent',
-  WebhookWasNotSent = 'Webhook was not sent',
   ManifestNotFound = 'Manifest not found',
 }
 

packages/apps/fortune/recording-oracle/src/common/errors/index.ts

@@ -0,0 +1,45 @@
+export class BaseError extends Error {
+  constructor(message: string, stack?: string) {
+    super(message);
+    this.name = this.constructor.name;
+    if (stack) {
+      this.stack = stack;
+    }
+  }
+}
+
+export class ValidationError extends BaseError {
+  constructor(message: string, stack?: string) {
+    super(message, stack);
+  }
+}
+
+export class AuthError extends BaseError {
+  constructor(message: string, stack?: string) {
+    super(message, stack);
+  }
+}
+
+export class ForbiddenError extends BaseError {
+  constructor(message: string, stack?: string) {
+    super(message, stack);
+  }
+}
+
+export class NotFoundError extends BaseError {
+  constructor(message: string, stack?: string) {
+    super(message, stack);
+  }
+}
+
+export class ConflictError extends BaseError {
+  constructor(message: string, stack?: string) {
+    super(message, stack);
+  }
+}
+
+export class ServerError extends BaseError {
+  constructor(message: string, stack?: string) {
+    super(message, stack);
+  }
+}

packages/apps/fortune/recording-oracle/src/common/exceptions/exception.filter.ts

@@ -0,0 +1,60 @@
+import {
+  ArgumentsHost,
+  Catch,
+  ExceptionFilter as IExceptionFilter,
+  HttpStatus,
+  Logger,
+} from '@nestjs/common';
+import { Request, Response } from 'express';
+import {
+  ValidationError,
+  AuthError,
+  ForbiddenError,
+  NotFoundError,
+  ConflictError,
+  ServerError,
+} from '../errors';
+
+@Catch()
+export class ExceptionFilter implements IExceptionFilter {
+  private logger = new Logger(ExceptionFilter.name);
+  private getStatus(exception: any): number {
+    if (exception instanceof ValidationError) {
+      return HttpStatus.BAD_REQUEST;
+    } else if (exception instanceof AuthError) {
+      return HttpStatus.UNAUTHORIZED;
+    } else if (exception instanceof ForbiddenError) {
+      return HttpStatus.FORBIDDEN;
+    } else if (exception instanceof NotFoundError) {
+      return HttpStatus.NOT_FOUND;
+    } else if (exception instanceof ConflictError) {
+      return HttpStatus.CONFLICT;
+    } else if (exception instanceof ServerError) {
+      return HttpStatus.UNPROCESSABLE_ENTITY;
+    } else if (exception.statusCode) {
+      return exception.statusCode;
+    }
+    return HttpStatus.INTERNAL_SERVER_ERROR;
+  }
+
+  catch(exception: any, host: ArgumentsHost) {
+    const ctx = host.switchToHttp();
+    const response = ctx.getResponse<Response>();
+    const request = ctx.getRequest<Request>();
+
+    const status = this.getStatus(exception);
+    const message = exception.message || 'Internal server error';
+
+    this.logger.error(
+      `Exception caught: ${message}`,
+      exception.stack || 'No stack trace available',
+    );
+
+    response.status(status).json({
+      status_code: status,
+      timestamp: new Date().toISOString(),
+      message: message,
+      path: request.url,
+    });
+  }
+}

packages/apps/fortune/recording-oracle/src/common/filter/global-exceptions.filter.ts

@@ -1,11 +1,12 @@
-import { Test, TestingModule } from '@nestjs/testing';
-import { ExecutionContext, UnauthorizedException } from '@nestjs/common';
-import { SignatureAuthGuard } from './signature.auth';
-import { verifySignature } from '../utils/signature';
 import { ChainId, EscrowUtils } from '@human-protocol/sdk';
+import { ExecutionContext } from '@nestjs/common';
+import { Test, TestingModule } from '@nestjs/testing';
 import { MOCK_ADDRESS } from '../../../test/constants';
-import { Role } from '../enums/role';
 import { HEADER_SIGNATURE_KEY } from '../constants';
+import { Role } from '../enums/role';
+import { AuthError } from '../errors';
+import { verifySignature } from '../utils/signature';
+import { SignatureAuthGuard } from './signature.auth';
 
 jest.mock('../../common/utils/signature');
 
@@ -77,18 +78,18 @@ describe('SignatureAuthGuard', () => {
       );
     });
 
-    it('should throw unauthorized exception if signature is not verified', async () => {
+    it('should throw AuthError if signature is not verified', async () => {
       (verifySignature as jest.Mock).mockReturnValue(false);
 
       await expect(guard.canActivate(context as any)).rejects.toThrow(
-        UnauthorizedException,
+        AuthError,
       );
     });
 
-    it('should throw unauthorized exception for unrecognized oracle type', async () => {
+    it('should throw AuthError for unrecognized oracle type', async () => {
       mockRequest.originalUrl = '/some/random/path';
       await expect(guard.canActivate(context as any)).rejects.toThrow(
-        UnauthorizedException,
+        AuthError,
       );
     });
   });

packages/apps/fortune/recording-oracle/src/common/filter/index.ts

@@ -1,13 +1,9 @@
-import {
-  CanActivate,
-  ExecutionContext,
-  Injectable,
-  UnauthorizedException,
-} from '@nestjs/common';
-import { verifySignature } from '../utils/signature';
-import { HEADER_SIGNATURE_KEY } from '../constants';
 import { EscrowUtils } from '@human-protocol/sdk';
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import { HEADER_SIGNATURE_KEY } from '../constants';
 import { Role } from '../enums/role';
+import { AuthError, ValidationError } from '../errors';
+import { verifySignature } from '../utils/signature';
 
 @Injectable()
 export class SignatureAuthGuard implements CanActivate {
@@ -42,11 +38,10 @@ export class SignatureAuthGuard implements CanActivate {
       if (isVerified) {
         return true;
       }
-    } catch (error) {
-      // eslint-disable-next-line no-console
-      console.error(error);
+    } catch (error: any) {
+      throw new ValidationError(error.message);
     }
 
-    throw new UnauthorizedException('Unauthorized');
+    throw new AuthError('Unauthorized');
   }
 }

packages/apps/fortune/recording-oracle/src/common/guards/signature.auth.spec.ts

@@ -1,15 +1,15 @@
 import {
+  CallHandler,
+  ExecutionContext,
   Injectable,
   NestInterceptor,
-  ExecutionContext,
-  CallHandler,
-  BadRequestException,
 } from '@nestjs/common';
-import { Observable } from 'rxjs';
-import { map } from 'rxjs/operators';
-import { plainToInstance, ClassConstructor } from 'class-transformer';
+import { ClassConstructor, plainToInstance } from 'class-transformer';
 import { validateSync } from 'class-validator';
 import 'reflect-metadata';
+import { Observable } from 'rxjs';
+import { map } from 'rxjs/operators';
+import { ValidationError } from '../errors';
 
 @Injectable()
 export class TransformEnumInterceptor implements NestInterceptor {
@@ -72,7 +72,7 @@ export class TransformEnumInterceptor implements NestInterceptor {
     // Validate the transformed data
     const validationErrors = validateSync(transformedInstance);
     if (validationErrors.length > 0) {
-      throw new BadRequestException('Validation failed');
+      throw new ValidationError('Validation failed');
     }
 
     return bodyOrQuery;

packages/apps/fortune/recording-oracle/src/common/guards/signature.auth.ts

@@ -1,17 +1,19 @@
 import {
-  BadRequestException,
   Injectable,
-  ValidationError,
+  ValidationError as ValidError,
   ValidationPipe,
   ValidationPipeOptions,
 } from '@nestjs/common';
+import { ValidationError } from '../errors';
 
 @Injectable()
 export class HttpValidationPipe extends ValidationPipe {
   constructor(options?: ValidationPipeOptions) {
     super({
-      exceptionFactory: (errors: ValidationError[]): BadRequestException =>
-        new BadRequestException(errors),
+      exceptionFactory: (errors: ValidError[]): ValidationError => {
+        const flattenErrors = this.flattenValidationErrors(errors);
+        throw new ValidationError(flattenErrors.join(', '));
+      },
       transform: true,
       whitelist: true,
       forbidNonWhitelisted: true,