Adds GNW interface and basic GHA test runner.

.github/workflows/build_and_test.yml

@@ -0,0 +1,16 @@
+name: build-and-test
+run-name: Build and Test run by @${{ github.actor }}
+
+on: [push]
+
+jobs:
+  build_and_test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v5
+      - name: Build, start services, and run tests with Docker Compose
+        run: docker compose -f docker-compose-test.yml up --build --abort-on-container-exit
+
+

.nvmrc

@@ -1 +1 @@
-20.4
+20.5

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:20.4-alpine3.18
+FROM node:20.5-alpine3.18
 MAINTAINER info@vizzuality.com
 
 ENV NAME authorization
@@ -12,22 +12,19 @@ RUN addgroup $USER && adduser -s /bin/bash -D -G $USER $USER
 RUN yarn global add --unsafe-perm bunyan
 
 RUN mkdir -p /opt/$NAME
-COPY package.json /opt/$NAME/package.json
-COPY yarn.lock /opt/$NAME/yarn.lock
-RUN cd /opt/$NAME && yarn
-
-COPY entrypoint.sh /opt/$NAME/entrypoint.sh
-COPY tsconfig.json /opt/$NAME/tsconfig.json
-COPY config /opt/$NAME/config
-COPY ./src /opt/$NAME/src
-COPY ./test opt/$NAME/test
-
+RUN chown -R $USER:$USER /opt/$NAME
+USER $USER
 WORKDIR /opt/$NAME
 
-RUN chown -R $USER:$USER /opt/$NAME
+COPY package.json yarn.lock ./
+RUN yarn --pure-lockfile
+
+COPY entrypoint.sh tsconfig.json ./
+COPY config ./config
+COPY test ./test
+COPY src ./src
 
 # Tell Docker we are going to use this ports
 EXPOSE 9000
-USER $USER
 
 ENTRYPOINT ["./entrypoint.sh"]

authorization.sh

@@ -6,14 +6,18 @@ case "$1" in
         ;;
     develop)
         type docker-compose >/dev/null 2>&1 || { echo >&2 "docker-compose is required but it's not installed.  Aborting."; exit 1; }
-        docker-compose -f docker-compose-develop.yml build && docker-compose -f docker-compose-develop.yml up
+        docker-compose -f docker-compose-develop.yml up --build
         ;;
     test)
         type docker-compose >/dev/null 2>&1 || { echo >&2 "docker-compose is required but it's not installed.  Aborting."; exit 1; }
-        docker-compose -f docker-compose-test.yml build && docker-compose -f docker-compose-test.yml up --abort-on-container-exit
+        docker-compose -f docker-compose-test.yml up --build --abort-on-container-exit
+        ;;
+    debug)
+        type docker-compose >/dev/null 2>&1 || { echo >&2 "docker-compose is required but it's not installed.  Aborting."; exit 1; }
+        docker-compose -f docker-compose-debug.yml up --build
         ;;
     *)
-        echo "Usage: authorization.sh {start|test}" >&2
+        echo "Usage: authorization.sh {start|develop|test|debug}" >&2
         exit 1
         ;;
 esac

config/default.json

@@ -3,7 +3,7 @@
     "name": "authorization"
   },
   "redis": {
-    "url": "redis://localhost:6379",
+    "url": "redis://redis:6379",
     "defaultTTL": 86400
   },
   "logger": {
@@ -23,7 +23,7 @@
   },
   "mongodb": {
     "database": "authorization",
-    "host": "localhost",
+    "host": "mongo",
     "port": 27017
   },
   "application": {
@@ -35,7 +35,7 @@
     "token": ""
   },
   "okta": {
-    "url": "https://wri.okta.com",
+    "url": "https://www.okta.com/",
     "apiKey": null,
     "clientId": null,
     "clientSecret": null,

docker-compose-debug.yml

@@ -0,0 +1,26 @@
+version: "3"
+services:
+  debug:
+    build: .
+    ports:
+      - "9000:9000"
+      - "9229:9229"
+    container_name: authorization
+    env_file:
+      - dev.env
+    command: debug
+    depends_on:
+      - redis
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+  redis:
+    image: redis
+    container_name: authorization-redis
+    ports:
+      - "6379:6379"
+    restart: always
+  mongo:
+    image: mongo:3.6
+    conatiner_name: authorization-mongo
+    ports:
+      - "27017"

docker-compose-develop.yml

@@ -3,7 +3,7 @@ services:
   develop:
     build: .
     ports:
-      - "30505:30505"
+      - "9000:9000"
     container_name: authorization
     env_file:
       - dev.env
@@ -12,9 +12,15 @@ services:
       - redis
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
+      - ./src:/opt/authorization/src
   redis:
     image: redis
     container_name: authorization-redis
     ports:
-      - "16379:6379"
+      - "6379:6379"
     restart: always
+  mongo:
+    image: mongo:3.6
+    container_name: authorization-mongo
+    ports:
+      - "27017"

docker-compose-test.yml

@@ -15,7 +15,7 @@ services:
       PUBLIC_URL: http://127.0.0.1:9000
       REDIS_URL: redis://redis:6379
       ALLOW_CONFIG_MUTATIONS: "true"
-      GATEWAY_URL: http://mymachine:8000
+      GATEWAY_URL: http://127.0.0.1:8000
       MICROSERVICE_TOKEN: cttoken
       LOCAL_URL: http://127.0.0.1:9000
       HOST_IP: 127.0.0.1
@@ -41,5 +41,6 @@ services:
 
   mongo:
     image: mongo:3.6
+    container_name: authorization-mongo
     ports:
       - "27017"

entrypoint.sh

@@ -2,9 +2,13 @@
 set -e
 
 case "$1" in
+    debug)
+        echo "Running Development Server in Debug mode"
+        exec yarn run debug
+        ;;
     develop)
         echo "Running Development Server"
-        exec yarn run start
+        exec yarn run watch
         ;;
     test)
         echo "Running Test"

package.json

@@ -8,10 +8,11 @@
     "coverage": "nyc ts-mocha -b --project tsconfig.json -r tsconfig-paths/register --timeout 20000 'test/**/*.ts' --exit",
     "test": "ts-mocha -b --project tsconfig.json -r tsconfig-paths/register --timeout 20000 'test/**/*.ts' --exit",
     "start": "ts-node --files --project tsconfig.json -r tsconfig-paths/register src/index.ts",
-    "watch": "ts-node-dev --respawn --transpile-only --files --project tsconfig.json -r tsconfig-paths/register src/index.ts",
+    "watch": "nodemon -r tsconfig-paths/register -L src/index.ts",
     "build": "tsc",
     "lint": "eslint \"{src,test}/**/*.ts\" --fix",
-    "prepare": "husky install"
+    "prepare": "husky install",
+    "debug": "node --inspect=0.0.0.0:9229 -r ts-node/register -r tsconfig-paths/register src/index.ts"
   },
   "keywords": [
     "authorization",
@@ -27,7 +28,7 @@
   },
   "license": "MIT",
   "engines": {
-    "node": "~20.4"
+    "node": "~20.5"
   },
   "lint-staged": {
     "*.ts": [
@@ -105,7 +106,8 @@
     "ts-mocha": "^10.0.0",
     "ts-node": "^10.9.1",
     "ts-node-dev": "^2.0.0",
-    "tsconfig-paths": "^4.1.0"
+    "tsconfig-paths": "^4.1.0",
+    "nodemon": "^3.1.0"
   },
   "dependencies": {
     "@aws-sdk/client-api-gateway": "^3.218.0",

src/app.ts

@@ -105,13 +105,13 @@ const init: () => Promise<IInit> = async (): Promise<IInit> => {
 
             app.use(RWAPIMicroservice.bootstrap({
                 logger,
-                gatewayURL: process.env.GATEWAY_URL,
-                microserviceToken: process.env.MICROSERVICE_TOKEN,
-                fastlyEnabled: process.env.FASTLY_ENABLED as boolean | 'true' | 'false',
+                gatewayURL: process.env.GATEWAY_URL || "http://localhost",
+                microserviceToken: process.env.MICROSERVICE_TOKEN || "XXXX",
+                fastlyEnabled: process.env.FASTLY_ENABLED as boolean | 'true' | 'false' || false,
                 fastlyServiceId: process.env.FASTLY_SERVICEID,
                 fastlyAPIKey: process.env.FASTLY_APIKEY,
                 requireAPIKey: process.env.REQUIRE_API_KEY as boolean | 'true' | 'false' || true,
-                awsRegion: process.env.AWS_REGION,
+                awsRegion: process.env.AWS_REGION || "us-east-1",
                 awsCloudWatchLogStreamName: config.get('service.name'),
                 awsCloudWatchLoggingEnabled: process.env.AWS_CLOUD_WATCH_LOGGING_ENABLED as boolean | 'true' | 'false' || true,
                 skipAPIKeyRequirementEndpoints: [
@@ -141,6 +141,8 @@ const init: () => Promise<IInit> = async (): Promise<IInit> => {
                     { method: 'GET', pathRegex: '^/auth/generate-token$' },
                     { method: 'GET', pathRegex: '^/auth/authorization-code/callback$' },
                     { method: 'GET', pathRegex: '^/auth/sign-up-redirect$' },
+                    //{ method: 'GET', pathRegex: '^/auth/user$' },
+                    //{ method: 'GET', pathRegex: '^/auth/user/me$' },
                     { method: 'GET', pathRegex: '^/api/v1/application$' },
                     { method: 'GET', pathRegex: '^/api/v1/application/(.*)$' },
                     { method: 'POST', pathRegex: '^/api/v1/application$' },
@@ -164,8 +166,8 @@ const init: () => Promise<IInit> = async (): Promise<IInit> => {
             resolve({ app, server });
 
         }).catch((mongoConnectionError: CallbackError) => {
-            logger.error('MongoURI', mongoUri);
-            logger.error(mongoConnectionError);
+            logger.error('MongoURI:', mongoUri);
+            logger.error('Mongo Connection Error:', mongoConnectionError);
             reject(new Error(mongoConnectionError.message));
         });
     });

src/providers/okta.facebook.provider.ts

@@ -54,7 +54,7 @@ export class OktaFacebookProvider {
                 user = OktaService.convertOktaUserToIUser(oktaUser);
             } catch (err) {
                 // User not found, let's create him/her
-                logger.info(`[OktaFacebookProvider] User with email ${email} does not exist`);
+                logger.info(`[OktaFacebookProvider] User with email ${email} does not exist, creating new user.`);
                 user = await OktaService.createUserWithoutPassword({
                     name: profile?.displayName,
                     email,
@@ -92,7 +92,14 @@ export class OktaFacebookProvider {
 
     static async facebookToken(ctx: Context, next: Next): Promise<void> {
         const app: string = Utils.getOriginApp(ctx);
-        await passport.authenticate(`facebook-token:${app}`)((ctx as Context & RouterContext), next);
+        try {
+            await passport.authenticate(`facebook-token:${app}`)((ctx as Context & RouterContext), next);
+        } catch (err) {
+            if (err.oauthError) {
+                logger.error('[OktaFacebookProvider] Error detail:', JSON.parse(err.oauthError.data));
+            }
+            throw err;
+        }
     }
 
     static async facebookCallback(ctx: Context, next: Next): Promise<void> {

src/services/cache.service.ts

@@ -8,9 +8,9 @@ class CacheService {
     private client: RedisClient;
 
     constructor() {
-        logger.debug('[CacheService] Initializing cache service');
-
-        this.client = redis.createClient({ url: config.get('redis.url') as string });
+        const redis_url = config.get('redis.url') as string;
+        logger.debug('[CacheService] Initializing cache service, connecting to', redis_url);
+        this.client = redis.createClient({ url: redis_url });
     }
 
     async get(key: string): Promise<OktaUser> {