chore: update-routes,fix-cookie,etc

Author: ryanbas21

e2e/mock-api-v2/src/addStepCookie.openapi.ts

@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+export const addStepCookie = (spec: any) => {
+  const FLOW_TAGS = new Set(['Authorization', 'Capabilities']);
+  const FLOW_PATH_MATCHERS = [
+    /\/davinci\/authorize\b/,
+    /\/davinci\/connections\/[^/]+\/capabilities\//,
+  ];
+
+  const shouldAnnotate = (path: string, op: any) =>
+    (Array.isArray(op?.tags) && op.tags.some((t: string) => FLOW_TAGS.has(t))) ||
+    FLOW_PATH_MATCHERS.some((rx) => rx.test(path));
+
+  const addCookieParam = (op: any) => {
+    op.parameters ||= [];
+    const already = op.parameters.some(
+      (p: any) => p && p.in === 'cookie' && p.name === 'stepIndex',
+    );
+    if (!already) {
+      op.parameters.push({
+        name: 'stepIndex',
+        in: 'cookie',
+        required: false,
+        description:
+          'Current flow step. Server initializes on first request and increments thereafter.',
+        schema: { type: 'integer', minimum: 0 },
+        example: 2,
+      });
+    }
+  };
+
+  const ensureSetCookie = (op: any, status: string) => {
+    op.responses ||= {};
+    const resp = (op.responses[status] ||= { description: 'Success' });
+    resp.headers ||= {};
+    if (!resp.headers['Set-Cookie']) {
+      resp.headers['Set-Cookie'] = {
+        description:
+          'Updated step cookie (e.g., `stepIndex=3; Path=/; HttpOnly; Secure; SameSite=Lax`). ' +
+          'May be removed on completion.',
+        schema: { type: 'string' },
+        example: 'stepIndex=3; Path=/; HttpOnly; Secure; SameSite=Lax',
+      };
+    }
+  };
+
+  for (const [path, methods] of Object.entries(spec.paths ?? {})) {
+    for (const [, op] of Object.entries<any>(methods as any)) {
+      if (!op || typeof op !== 'object') continue;
+      if (!shouldAnnotate(path, op)) continue;
+      addCookieParam(op);
+      // Add for common success statuses you use
+      ensureSetCookie(op, '200');
+      ensureSetCookie(op, '302');
+    }
+  }
+
+  return spec;
+};
+
+export default addStepCookie;

e2e/mock-api-v2/src/handlers/capabilities.handler.ts

@@ -4,7 +4,7 @@
  * This software may be modified and distributed under the terms
  * of the MIT license. See the LICENSE file for details.
  */
-import { Effect, pipe } from 'effect';
+import { Console, Effect, pipe } from 'effect';
 import { MockApi } from '../spec.js';
 import {
   HttpApiBuilder,
@@ -25,6 +25,7 @@ const CapabilitiesHandlerMock = HttpApiBuilder.group(MockApi, 'Capabilities', (h
        * If it is not present, we return a 404 Not Found error.
        */
       const acr_value = urlParams?.acr_values ?? '';
+      console.log('acr_value', acr_value);
 
       if (!acr_value) {
         return yield* Effect.fail(new HttpApiError.NotFound());
@@ -38,12 +39,14 @@ const CapabilitiesHandlerMock = HttpApiBuilder.group(MockApi, 'Capabilities', (h
       const req = yield* HttpServerRequest.HttpServerRequest;
 
       const stepIndexCookie = req.cookies['stepIndex'];
+      console.log(req.cookies);
 
       /**
        * If we are here with no step index that means we can't continue through a flow.
        * We should error
        */
       if (!stepIndexCookie) {
+        console.log('no step index');
         return yield* Effect.fail(new HttpApiError.NotFound());
       }
 
@@ -89,6 +92,7 @@ const CapabilitiesHandlerMock = HttpApiBuilder.group(MockApi, 'Capabilities', (h
          * and we have no more steps to process.
          */
         const body = yield* HttpBody.json(returnSuccessResponseRedirect).pipe(
+          Effect.tap(Console.log(`here stepIndex: ${stepIndex}`)),
           /**
            * Decide on a better way to handle this error possibiltiy
            */

e2e/mock-api-v2/src/middleware/CookieMiddleware.ts

@@ -1,63 +1,74 @@
+/**
+ * Copyright (c) 2025 Ping Identity Corporation.
+ * MIT License
+ */
 import {
-  HttpServerResponse,
   HttpApiMiddleware,
   HttpApp,
   HttpServerRequest,
+  HttpServerResponse,
 } from '@effect/platform';
 import { ResponseError } from '@effect/platform/HttpServerError';
 import { Console, Effect, Layer } from 'effect';
 
-class IncrementStepIndex extends HttpApiMiddleware.Tag<IncrementStepIndex>()(
+// Export the tag so you can .middleware(IncrementStepIndex) in your spec if desired
+export class IncrementStepIndex extends HttpApiMiddleware.Tag<IncrementStepIndex>()(
   'IncrementStepIndex',
 ) {}
-const IncrementStepIndexMock = Layer.effect(
+
+export const IncrementStepIndexMock = Layer.effect(
   IncrementStepIndex,
   Effect.gen(function* () {
-    yield* Console.log('In middleware');
+    yield* Console.log('IncrementStepIndex: init');
 
     return Effect.gen(function* () {
-      // Get the current request to read cookies
+      // Read cookies from the current request
       const request = yield* HttpServerRequest.HttpServerRequest;
 
       // Parse existing stepIndex cookie or default to 0
       const cookies = request.cookies;
-      const currentStepIndex = cookies.stepIndex ? parseInt(cookies.stepIndex) : 0;
+      const currentStepIndex = cookies.stepIndex ? parseInt(cookies.stepIndex, 10) : 0;
 
-      // Get the request URL path
-      const urlPath = request.url.split('?')[0];
-      // Check if this is an end-session request
-      const isEndSessionRequest = urlPath.includes('/end_session');
-      // Determine the new stepIndex based on the request type
+      // Normalize URL (strip query) and detect special flows
+      const urlPath = request.url.split('?')[0] ?? '';
+      const isEndSessionRequest =
+        urlPath.includes('/endSession') || urlPath.includes('/end_session');
+      const isAuthFlowRequest = urlPath.includes('/authorize') || urlPath.includes('/authenticate');
+
+      // Decide next value
       let newStepIndex = currentStepIndex;
       if (isEndSessionRequest) {
-        // Reset the stepIndex for end_session requests
         newStepIndex = 0;
-        yield* Console.log('End session request detected, resetting stepIndex to: ' + newStepIndex);
-      } else if (urlPath.includes('/authorize') || urlPath.includes('/authenticate')) {
-        // Increment the stepIndex for authorization flow requests
+        yield* Console.log(
+          `IncrementStepIndex: end-session detected → resetting stepIndex to ${newStepIndex}`,
+        );
+      } else if (isAuthFlowRequest) {
         newStepIndex = currentStepIndex + 1;
         yield* Console.log(
-          'Current stepIndex: ' + currentStepIndex + ', incrementing to: ' + newStepIndex,
+          `IncrementStepIndex: auth flow → ${currentStepIndex} -> ${newStepIndex}`,
         );
       } else {
-        // For other requests, keep the stepIndex the same
-        yield* Console.log('Request to ' + urlPath + ', keeping stepIndex at: ' + currentStepIndex);
+        yield* Console.log(
+          `IncrementStepIndex: other route ${urlPath} → keeping stepIndex ${currentStepIndex}`,
+        );
       }
 
-      // Set the appropriate stepIndex cookie in the response
-      yield* HttpApp.appendPreResponseHandler((request, response) =>
-        HttpServerResponse.setCookie(response, 'stepIndex', String(newStepIndex), {
-          // Optional cookie options
+      // Write cookie just before the response is sent
+      yield* HttpApp.appendPreResponseHandler((req, res) =>
+        HttpServerResponse.setCookie(res, 'stepIndex', String(newStepIndex), {
+          // NOTE: mock defaults; tighten in prod (httpOnly: true, secure: true, sameSite: 'lax')
           httpOnly: false,
           secure: false,
           sameSite: 'strict',
+          path: '/',
         }).pipe(
+          // If cookie setting fails, convert to a typed ResponseError for consistent diagnostics
           Effect.catchTag(
             'CookieError',
             () =>
               new ResponseError({
-                request,
-                response,
+                request: req,
+                response: res,
                 reason: 'Decode',
                 cause: 'error updating the stepIndex cookie',
               }),
@@ -67,5 +78,3 @@ const IncrementStepIndexMock = Layer.effect(
     });
   }),
 );
-
-export { IncrementStepIndexMock };

e2e/mock-api-v2/src/schemas/capabilities/capabilities.headers.schema.ts

@@ -1,8 +1,8 @@
 import { Schema } from 'effect';
 
 export const CapabilitiesHeaders = Schema.Struct({
-  'X-Requested-With': Schema.String,
-  interactionId: Schema.String,
-  interactionToken: Schema.String,
-  'Content-Type': Schema.String,
+  'X-Requested-With': Schema.optional(Schema.String),
+  interactionId: Schema.optional(Schema.String),
+  interactionToken: Schema.optional(Schema.String),
+  'Content-Type': Schema.optional(Schema.String),
 });