Skip to content

Commit

Permalink
fix(download-service): Update usage of accesstoken in jwt strategy an…
Browse files Browse the repository at this point in the history 
…d download service controllers (#16216)

* Update jsw strategy to return access token in authorisation field if avaliable in body. Also updated all controllers in download service to get the access token from the user context instead

* fix optional

* Update test

* Remove unused import

* Update test because of unwanted new line

* Remove/update body from finance controller and update headers

* Remove unused import

---------

Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
  • Loading branch information
@snaerseljan @kodiakhq
snaerseljan and kodiakhq[bot] authored Oct 2, 2024
1 parent 4d38b65 commit a04a8cd
Show file tree
Hide file tree
Showing 18 changed files with 110 additions and 250 deletions.
20 changes: 5 additions & 15 deletions apps/download-service/src/app/modules/documents/document.controller.ts
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,16 @@
import {
Body,
Controller,
Header,
Post,
Res,
Param,
UseGuards,
} from '@nestjs/common'
import { ApiOkResponse, ApiTags } from '@nestjs/swagger'
import { GetDocumentDto } from './dto/getDocument.dto'
import { Response } from 'express'
import { DocumentClient } from '@island.is/clients/documents'
import { DocumentsScope } from '@island.is/auth/scopes'
import type { User } from '@island.is/auth-nest-tools'
import {
CurrentUser,
IdsUserGuard,
Scopes,
ScopesGuard,
} from '@island.is/auth-nest-tools'
import { DocumentsScope } from '@island.is/auth/scopes'
import { DocumentClient } from '@island.is/clients/documents'
import { AuditService } from '@island.is/nest/audit'
import { Controller, Header, Param, Post, Res, UseGuards } from '@nestjs/common'
import { ApiOkResponse, ApiTags } from '@nestjs/swagger'
import { Response } from 'express'

@UseGuards(IdsUserGuard, ScopesGuard)
@Scopes(DocumentsScope.main)
Expand All @@ -40,7 +31,6 @@ export class DocumentController {
async getPdf(
@Param('pdfId') pdfId: string,
@CurrentUser() user: User,
@Body() resource: GetDocumentDto,
@Res() res: Response,
) {
const rawDocumentDTO = await this.documentClient.customersDocument({
Expand Down
12 changes: 0 additions & 12 deletions apps/download-service/src/app/modules/documents/dto/getDocument.dto.ts
View file

This file was deleted.

8 changes: 0 additions & 8 deletions ...ownload-service/src/app/modules/education-documents/dto/getEducationGraduationDocument.ts
View file

This file was deleted.

37 changes: 11 additions & 26 deletions apps/download-service/src/app/modules/education-documents/education-document.controller.ts
View file
Original file line number Diff line number Diff line change
@@ -1,30 +1,21 @@
import {
Body,
Controller,
Header,
Post,
Res,
Param,
UseGuards,
} from '@nestjs/common'
import { ApiOkResponse } from '@nestjs/swagger'
import { Response } from 'express'
import { ApiScope } from '@island.is/auth/scopes'
import type { User } from '@island.is/auth-nest-tools'
import {
CurrentUser,
IdsUserGuard,
Scopes,
ScopesGuard,
} from '@island.is/auth-nest-tools'
import { AuditService } from '@island.is/nest/audit'
import { GetEducationGraduationDocumentDto } from './dto/getEducationGraduationDocument'
import { ApiScope } from '@island.is/auth/scopes'
import {
UniversityCareersClientService,
UniversityIdShort,
UniversityShortIdMap,
} from '@island.is/clients/university-careers'
import { AuditService } from '@island.is/nest/audit'
import { Locale } from '@island.is/shared/types'
import { UniversityShortIdMap } from '@island.is/clients/university-careers'
import { Controller, Header, Param, Post, Res, UseGuards } from '@nestjs/common'
import { ApiOkResponse } from '@nestjs/swagger'
import { Response } from 'express'

@UseGuards(IdsUserGuard, ScopesGuard)
@Scopes(ApiScope.education)
Expand All @@ -48,16 +39,10 @@ export class EducationController {
@Param('university') uni: UniversityIdShort,
@CurrentUser()
user: User,
@Body() resource: GetEducationGraduationDocumentDto,
@Res() res: Response,
) {
const authUser: User = {
...user,
authorization: `Bearer ${resource.__accessToken}`,
}

const documentResponse = await this.universitiesApi.getStudentTrackPdf(
authUser,
user,
parseInt(trackNumber),
UniversityShortIdMap[uni],
lang as Locale,
Expand All @@ -78,10 +63,10 @@ export class EducationController {
'Content-Disposition',
`inline; filename=${user.nationalId}-skoli-${UniversityShortIdMap[uni]}-brautskraning-${trackNumber}.pdf`,
)
res.header('Content-Type: application/pdf')
res.header('Pragma: no-cache')
res.header('Cache-Control: no-cache')
res.header('Cache-Control: nmax-age=0')
res.header('Content-Type', 'application/pdf')
res.header('Pragma', 'no-cache')
res.header('Cache-Control', 'no-cache')
res.header('Cache-Control', 'nmax-age=0')
return res.status(200).end(buffer)
}
return res.end()
Expand Down
44 changes: 20 additions & 24 deletions apps/download-service/src/app/modules/finance-documents/document.controller.ts
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,24 @@
import type { User } from '@island.is/auth-nest-tools'
import {
CurrentUser,
IdsUserGuard,
Scopes,
ScopesGuard,
} from '@island.is/auth-nest-tools'
import { ApiScope } from '@island.is/auth/scopes'
import { FinanceClientService } from '@island.is/clients/finance'
import { AuditService } from '@island.is/nest/audit'
import {
Body,
Controller,
Header,
Param,
Post,
Res,
Param,
UseGuards,
} from '@nestjs/common'
import { ApiOkResponse } from '@nestjs/swagger'
import { Response } from 'express'
import { FinanceClientService } from '@island.is/clients/finance'
import { ApiScope } from '@island.is/auth/scopes'
import type { User } from '@island.is/auth-nest-tools'
import {
CurrentUser,
IdsUserGuard,
Scopes,
ScopesGuard,
} from '@island.is/auth-nest-tools'
import { AuditService } from '@island.is/nest/audit'
import { GetFinanceDocumentDto } from './dto/getFinanceDocument.dto'

@UseGuards(IdsUserGuard, ScopesGuard)
@Scopes(ApiScope.financeOverview, ApiScope.financeSalary)
Expand All @@ -37,28 +36,25 @@ export class FinanceDocumentController {
description: 'Get a PDF document from the Finance service',
})
async getFinancePdf(
@Param('pdfId') pdfId: string,
@CurrentUser() user: User,
@Body() resource: GetFinanceDocumentDto,
@Res() res: Response,
@Param('pdfId') pdfId: string,
@Body('annualDoc') annualDoc?: string,
) {
const authUser: User = {
...user,
authorization: `Bearer ${resource.__accessToken}`,
}
const documentResponse = resource.annualDoc
const documentResponse = annualDoc
? await this.financeService.getAnnualStatusDocument(
user.nationalId,
pdfId,
authUser,
user,
)
: await this.financeService.getFinanceDocument(
user.nationalId,
pdfId,
authUser,
user,
)

const documentBase64 = documentResponse?.docment?.document

if (documentBase64) {
this.auditService.audit({
action: 'getFinancePdf',
Expand All @@ -70,9 +66,9 @@ export class FinanceDocumentController {

res.header('Content-length', buffer.length.toString())
res.header('Content-Disposition', `inline; filename=${pdfId}.pdf`)
res.header('Pragma: no-cache')
res.header('Cache-Control: no-cache')
res.header('Cache-Control: nmax-age=0')
res.header('Pragma', 'no-cache')
res.header('Cache-Control', 'no-cache')
res.header('Cache-Control', 'nmax-age=0')

return res.status(200).end(buffer)
}
Expand Down
13 changes: 0 additions & 13 deletions apps/download-service/src/app/modules/finance-documents/dto/getFinanceDocument.dto.ts
View file

This file was deleted.

8 changes: 0 additions & 8 deletions apps/download-service/src/app/modules/health/dto/getHealthPaymentDocument.dto.ts
View file

This file was deleted.

40 changes: 10 additions & 30 deletions apps/download-service/src/app/modules/health/payment-overview-documents.controller.ts
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,3 @@
import {
Controller,
Header,
Post,
Res,
Param,
UseGuards,
Inject,
Body,
} from '@nestjs/common'
import { ApiOkResponse } from '@nestjs/swagger'
import { Response } from 'express'
import { ApiScope } from '@island.is/auth/scopes'
import type { User } from '@island.is/auth-nest-tools'
import {
AuthMiddleware,
Expand All @@ -19,9 +6,12 @@ import {
Scopes,
ScopesGuard,
} from '@island.is/auth-nest-tools'
import { AuditService } from '@island.is/nest/audit'
import { ApiScope } from '@island.is/auth/scopes'
import { PaymentsOverviewApi } from '@island.is/clients/icelandic-health-insurance/rights-portal'
import { GetGetHealthPaymentDocumentDto } from './dto/getHealthPaymentDocument.dto'
import { AuditService } from '@island.is/nest/audit'
import { Controller, Header, Param, Post, Res, UseGuards } from '@nestjs/common'
import { ApiOkResponse } from '@nestjs/swagger'
import { Response } from 'express'

@UseGuards(IdsUserGuard, ScopesGuard)
@Scopes(ApiScope.healthPayments)
Expand All @@ -42,16 +32,10 @@ export class HealthPaymentsOverviewController {
async getHealthPaymentOverviewPdf(
@Param('documentId') documentId: string,
@CurrentUser() user: User,
@Body() resource: GetGetHealthPaymentDocumentDto,
@Res() res: Response,
) {
const authUser = {
...user,
authorization: `Bearer ${resource.__accessToken}`,
}

const documentResponse = await this.paymentApi
.withMiddleware(new AuthMiddleware(authUser))
.withMiddleware(new AuthMiddleware(user))
.getPaymentsOverviewDocument({
documentId: parseInt(documentId),
})
Expand All @@ -73,19 +57,15 @@ export class HealthPaymentsOverviewController {

const buffer = Buffer.from(documentResponse.data, 'base64')

// const contentArrayBuffer =
// await documentResponse.contentType.arrayBuffer()
// const buffer = Buffer.from(contentArrayBuffer)

res.header('Content-length', buffer.length.toString())
res.header(
'Content-Disposition',
`inline; filename=${user.nationalId}-health-payment-overview-${documentResponse.fileName}.pdf`,
)
res.header('Content-Type: application/pdf')
res.header('Pragma: no-cache')
res.header('Cache-Control: no-cache')
res.header('Cache-Control: nmax-age=0')
res.header('Content-Type', 'application/pdf')
res.header('Pragma', 'no-cache')
res.header('Cache-Control', 'no-cache')
res.header('Cache-Control', 'nmax-age=0')
return res.status(200).end(buffer)
}
return res.end()
Expand Down
10 changes: 4 additions & 6 deletions ...download-service/src/app/modules/occupational-licenses/occupational-license.controller.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,12 @@ import {
} from '@island.is/auth-nest-tools'
import { AuditService } from '@island.is/nest/audit'
import { MMSApi } from '@island.is/clients/mms'
import { DistrictCommissionersLicensesService } from '@island.is/clients/district-commissioners-licenses'

@UseGuards(IdsUserGuard, ScopesGuard)
@Scopes(ApiScope.education)
@Controller('occupational-licenses')
export class OccupationalLicensesController {
constructor(
private readonly dcApi: DistrictCommissionersLicensesService,
private readonly mmsApi: MMSApi,
private readonly auditService: AuditService,
) {}
Expand Down Expand Up @@ -55,10 +53,10 @@ export class OccupationalLicensesController {
'Content-Disposition',
`inline; filename=${user.nationalId}-starfsleyfi-${licenceId}.pdf`,
)
res.header('Content-Type: application/pdf')
res.header('Pragma: no-cache')
res.header('Cache-Control: no-cache')
res.header('Cache-Control: nmax-age=0')
res.header('Content-Type', 'application/pdf')
res.header('Pragma', 'no-cache')
res.header('Cache-Control', 'no-cache')
res.header('Cache-Control', 'nmax-age=0')
return res.status(200).end(buffer)
}
return res.end()
Expand Down
8 changes: 0 additions & 8 deletions ...wnload-service/src/app/modules/regulation-documents/dto/getRegulationDraftDocument.dto.ts
View file

This file was deleted.

Loading

0 comments on commit a04a8cd

Please sign in to comment.