Merge pull request #341 from ForgeRock/mock-api-v2-refactor

Mock api v2 refactor

Author: ryanbas21

e2e/mock-api-v2/README.md

@@ -1,109 +1,93 @@
-### Mock Api
+A mock API server for simulating Ping Identity and OpenID Connect flows, built using [Effect](https://effect.website/) and [@effect/platform](https://github.com/Effect-TS/platform). This service is designed for end-to-end testing and development, providing realistic responses for authentication and authorization scenarios.
 
-## Docs
+## Features
 
-you can run the server and visit `http://localhost:9443/docs#` to visit the swagger docs
-The swagger docs are automatically created (with effect-http) by way of the schemas that are defined in the [spec file]('./src/spec.ts')
+- Implements endpoints for:
+  - Healthcheck
+  - OpenID Connect Discovery
+  - Davinci Authorization
+  - Token acquisition
+  - UserInfo (protected, requires Bearer token)
 
-## Creating an endpoint in the Api specification
+- Uses Effect and @effect/platform for functional, type-safe API definition and handling.
+- Includes middleware for logging, CORS, cookie management, and Bearer token authorization.
 
-To create an endpoint, visit the [spec]('./src/spec.ts') file and add your endpoint. For organization and cleanliness, endpoints can be abstracted into the [endpoints]('./src/endpoints/') folder.
+## Tech Stack
 
-When an endpoint is made, you can add it to the [`spec`]('./src/spec.ts') `pipe`.
+- [Effect](https://effect.website/)
+- [@effect/platform](https://github.com/Effect-TS/platform)
+- Node.js (via @effect/platform-node)
+- TypeScript
 
-## Handling your new endpoint
+## Getting Started
 
-When you have created an endpoint in the specification, you need to now handle the endpoint. This is the actual code implementation of your endpoint.
+### Install dependencies
 
-handlers are saved in the [handlers]('./src/handlers/') folder.
-
-You use RouterBuilder.handler, passing in the [api spec]('./src/spec.ts') and the name of the route, and then an Effect returning function (`Effect.gen` is the simplest form of this).
-
-The request arguments, you define in your endpoint specification, (query params, path params, request bodies, etc) are the arguments passed to the callback function of `RouterBuilder.handler`.
-
-Ensure that you also add your `handler` to the RouterBuilder.handle [here]('./src/main.ts');
-
-## Adding a journey / flow to the response map
-
-If you are adding a flow to the response map the first thing to do is open up [responseMap]('./src/responses/index.ts')
-
-This file is a `map` of Names -> Array<Step> where a Step is the response you want to return (in order). Order is key here.
-
-If the Response you want to return is not already defined as a schema, you will have to define a new Schema and add the response.
-
-A schema is defined in the schemas folder [here]('./src/schemas/');
-A response is defined in the responses folder [here]('./src/responses/')
-
-This is still a work in progress in terms of making it more scalable.
-
-## Validating your code in Test
-
-After adding a journey/flow to the response map and defining a schema, you next want to have some validation on the submitted request. You can do this by adding it to the `validator` function [here]('./src/helpers/match.ts');
-
-This functions job is to `match` the type passed in, and validate based on the condition provided. If it passes, a boolean is returned, if it fails, a new Error should be returned.
-
-## Services
-
-To make it so types line up easier, each route, has a service dedicated to itself. The service under the hood, uses the `Requester` service. The `Requester` service is to mimic a call to the authorization server.
-
-Let's look at the `Authorize` service. This service is the workhorse of the `authorize` handler.
+```sh
+pnpm install
+```
 
-`Authorize`, the service, uses `Requester` which will fetch a response from the authorization server.
+### Build
 
-After retrieving the response, the service will catch any errors that may be thrown, and mold them into HttpErrors to respond back to the client.
+```sh
+pnpm build
+```
 
-In a mock environment, rather than fetching from the client, authorization service will grab the next response from the `responseMap`.
+### Run the server
 
-In a live environment, it will forward a request to the Fetch service, and return that response.
+```sh
+pnpm serve
+```
 
-## Creating Errors
+The server will start on port `9443`.
 
-If you want to create an error, it is simple. This is the skeleton of how to create an Error in `Effect`
+### Run tests
 
-```
-class MyErrorName {
-  readonly _tag  = 'MyErrorName'
-}
+```sh
+pnpm test
 ```
 
-The `_tag` is important as this is the name of the error, and how we can `catchTags` in our error handling. For simplicity, you can name is the same as your error class.
+## API Overview
 
-## Handling Errors
+### Healthcheck
 
-We want to return our errors back to the client, but typically we need an error response body that informs the client of the issue.
+- `GET /healthcheck`
+- Returns `"Healthy"` if the server is running.
 
-You should add your error responses to the response folder [here]('./src/responses');
+### OpenID Connect Discovery
 
-In the service where you want to handle your error, you will see a `catchTags` function.
+- `GET /:envid/as/.well-known/openid-configuration`
+- Returns a static OpenID configuration response.
 
-Let's pause here to understand the `Effect` type.
+### Davinci Authorization
 
-```ts
-Effect<Success, Error, Requirements>;
-```
+- `GET /:envid/as/authorize`
+- Accepts query parameters for authorization.
+- Returns a mock authorization response.
 
-When reading an Effect type, the first generic, is what is returned if the effect is successful.
+### Token Endpoint
 
-The second argument is what is returned if the effect is unsuccessful.
+- `POST /:envid/as/token`
+- Returns a mock access token response.
 
-The third argument is any services (or layers) that are required to run this effect.
+### UserInfo (Protected)
 
-So if we have an `effect` like this `Effect<Users, HttpError.HttpError | NoSuchElementException, never>`
+- `GET /:envid/as/userinfo`
+- Requires a valid Bearer token.
+- Returns mock user information.
 
-This tells us the `effect` returns `users`, and can error two ways, `NoSuchElementException`, and with an `HttpError`.
+### End Session
 
-We would rather handle this `NoSuchElementException` and send back to the client an HttpError informing them of the error that occurred.
+- `GET /:envid/as/endSession`
+- Ends the user's session.
+- Accepts `post_logout_redirect_uri` and `state` query parameters for redirects.
+- Returns a confirmation message.
 
-We can do something like this now
-
-```ts
-Effect.catchTag('NoSuchElementException', () =>
-  HttpError.unauthorizedError('no such element found'),
-);
-```
+## Notes
 
-This will return a 401 with that message.
+- The `customHtmlRoutes` and related endpoints are not currently implemented.
+- All endpoints return static or mock data for testing purposes.
 
-When handling errors, we try to keep the handler always returning an `HttpError`, so we should handle any other errors we have deeper in the call stack, to return HttpError unless there is a valid reason to allow the error to bubble up.
+## License
 
-If you have a shape of an error that you want to return from a handler, that does not match the current schema, you can add it to the `api spec`.
+MIT © Ping Identity Corporation

e2e/mock-api-v2/eslint.config.mjs

@@ -10,13 +10,9 @@ export default [
     rules: {
       '@typescript-eslint/no-empty-interface': 'off',
       '@typescript-eslint/no-empty-object-type': 'off',
+      'require-yield': 'off',
     },
   },
-  {
-    files: ['**/*.ts', '**/*.tsx'],
-    // Override or add rules here
-    rules: {},
-  },
   {
     files: ['**/*.js', '**/*.jsx'],
     // Override or add rules here

e2e/mock-api-v2/package.json

@@ -4,25 +4,29 @@
   "private": true,
   "description": "",
   "type": "module",
-  "main": "./dist/index.js",
+  "main": "./src/main.js",
   "scripts": {
     "build": "pnpm nx nxBuild",
+    "dev": "node dist/src/main.js --watch-path=./",
     "lint": "pnpm nx nxLint",
-    "serve": "node dist/e2e/mock-api-v2/src/main.js",
-    "serve:dev": "nodemon dist/e2e/mock-api-v2/src/main.js",
+    "serve": "node dist/src/main.js",
     "test": "pnpm nx nxTest"
   },
   "dependencies": {
-    "@effect/language-service": "^0.2.0",
-    "@effect/platform": "^0.58.27",
-    "@effect/platform-node": "^0.53.26",
-    "@effect/schema": "^0.68.23",
-    "effect": "^3.12.7",
-    "effect-http": "^0.73.0",
-    "effect-http-node": "^0.27.0"
+    "@effect/language-service": "catalog:effect",
+    "@effect/opentelemetry": "0.53.1",
+    "@effect/platform": "catalog:effect",
+    "@effect/platform-node": "catalog:effect",
+    "@opentelemetry/sdk-logs": "0.202.0",
+    "@opentelemetry/sdk-metrics": "2.0.1",
+    "@opentelemetry/sdk-trace-base": "2.0.1",
+    "@opentelemetry/sdk-trace-node": "2.0.1",
+    "@opentelemetry/sdk-trace-web": "2.0.1",
+    "effect": "catalog:effect",
+    "nanoid": "5.1.5"
   },
   "devDependencies": {
-    "@effect/vitest": "^0.19.0"
+    "@effect/vitest": "catalog:effect"
   },
   "nx": {
     "tags": ["scope:e2e"],

e2e/mock-api-v2/src/assets/.gitkeep

@@ -15,6 +15,7 @@ class FetchError {
 class InvalidProtectNode {
   readonly _tag = 'InvalidProtectNode';
 }
+
 class UnableToFindNextStep {
   readonly _tag = 'UnableToFindNextStep';
 }