Skip to content

Commit

Permalink
VTA-1660: Add jwt log when unauthorised policy is returned (#81)
Browse files Browse the repository at this point in the history 
* feat(vta-1660): added jwt log when unauthorised policy is returned

* feat(VTA-1660): insert token in error object
  • Loading branch information
@cb-cs
cb-cs committed Jul 6, 2023
1 parent 6821431 commit 5563790
Show file tree
Hide file tree
Showing 4 changed files with 19 additions and 9 deletions.
3 changes: 2 additions & 1 deletion src/common/Logger.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import { ILogEvent } from "../models/ILogEvent";
import { JWT_MESSAGE } from "../models/enums";
import { ILogError } from "../models/ILogError";

export const writeLogMessage = (log: ILogEvent, error?: any) => {
export const writeLogMessage = (log: ILogEvent, jwt: string, error?: any) => {
if (!error) {
log.statusCode = 200;
console.log(log);
Expand Down Expand Up @@ -32,6 +32,7 @@ export const writeLogMessage = (log: ILogEvent, error?: any) => {
}
}
log.error = logError;
log.error.token = jwt;
console.error(log);
}
return log;
Expand Down
6 changes: 3 additions & 3 deletions src/functions/authorizer.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ export const authorizer = async (event: APIGatewayTokenAuthorizerEvent, context:
const logEvent: ILogEvent = {};

if (!process.env.AZURE_TENANT_ID || !process.env.AZURE_CLIENT_ID) {
writeLogMessage(logEvent, JWT_MESSAGE.INVALID_ID_SETUP);
writeLogMessage(logEvent, event.authorizationToken, JWT_MESSAGE.INVALID_ID_SETUP);
return unauthorisedPolicy();
}

Expand All @@ -36,10 +36,10 @@ export const authorizer = async (event: APIGatewayTokenAuthorizerEvent, context:
}

reportNoValidRoles(jwt, event, context, logEvent);
writeLogMessage(logEvent, JWT_MESSAGE.INVALID_ROLES);
writeLogMessage(logEvent, event.authorizationToken, JWT_MESSAGE.INVALID_ROLES);
return unauthorisedPolicy();
} catch (error: any) {
writeLogMessage(logEvent, error);
writeLogMessage(logEvent, event.authorizationToken, error);
return unauthorisedPolicy();
}
};
Expand Down
1 change: 1 addition & 0 deletions src/models/ILogError.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
export interface ILogError {
name?: string;
message?: string;
token?: string;
}
18 changes: 13 additions & 5 deletions tests/unit/common/Logger.unitTest.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ describe("test writeLogMessage method", () => {

context("when only the log event is passed in", () => {
it("should return no errors", () => {
const returnValue: ILogEvent = writeLogMessage(successLogEvent, null);
const returnValue: ILogEvent = writeLogMessage(successLogEvent, "mock-jwt", null);

expect(returnValue.statusCode).toBe(200);
});
Expand All @@ -20,41 +20,49 @@ describe("test writeLogMessage method", () => {
context("when log event and error are passed in", () => {
it("should log TokenExpiredError", () => {
const error: ILogError = { name: "TokenExpiredError", message: "Error" };
console.log = jest.fn();

logError.name = "TokenExpiredError";
const returnValue: ILogEvent = writeLogMessage(logErrorEvent, error);
const returnValue: ILogEvent = writeLogMessage(logErrorEvent,"mock-jwt", error);

expect(returnValue.error?.name).toBe("TokenExpiredError");
expect(returnValue.error?.message).toBe("[JWT-ERROR-07] Error at undefined");
expect(returnValue.error?.token).toBe("mock-jwt");
});

it("should log NotBeforeError", () => {
const error: ILogError = { name: "NotBeforeError" };
console.log = jest.fn();

logError.name = "NotBeforeError";
const returnValue: ILogEvent = writeLogMessage(logErrorEvent, error);
const returnValue: ILogEvent = writeLogMessage(logErrorEvent,"mock-jwt", error);

expect(returnValue.error?.name).toBe("NotBeforeError");
expect(returnValue.error?.message).toBe("[JWT-ERROR-08] undefined until undefined");
expect(returnValue.error?.token).toBe("mock-jwt");
});

it("should log JsonWebTokenError", () => {
const error: ILogError = { name: "JsonWebTokenError", message: "test" };
console.log = jest.fn();

logError.name = "JsonWebTokenError";
const returnValue: ILogEvent = writeLogMessage(logErrorEvent, error);
const returnValue: ILogEvent = writeLogMessage(logErrorEvent,"mock-jwt", error);

expect(returnValue.error?.name).toBe("JsonWebTokenError");
expect(returnValue.error?.message).toBe("[JWT-ERROR-09] test");
expect(returnValue.error?.token).toBe("mock-jwt");
});

it("should log the default error", () => {
const error: ILogError = { name: "Error", message: "Error" };
console.log = jest.fn();

const returnValue: ILogEvent = writeLogMessage(logErrorEvent, error);
const returnValue: ILogEvent = writeLogMessage(logErrorEvent,"mock-jwt", error);

expect(returnValue.error?.name).toBe("Error");
expect(returnValue.error?.message).toBe("Error");
expect(returnValue.error?.token).toBe("mock-jwt");
});
});
});

0 comments on commit 5563790

Please sign in to comment.