chore: update-routes

Author: ryanbas21

e2e/mock-api-v2/package.json

@@ -14,7 +14,7 @@
   },
   "dependencies": {
     "@effect/language-service": "catalog:effect",
-    "@effect/opentelemetry": "0.53.1",
+    "@effect/opentelemetry": "catalog:effect",
     "@effect/platform": "catalog:effect",
     "@effect/platform-node": "catalog:effect",
     "@opentelemetry/sdk-logs": "0.202.0",

e2e/mock-api-v2/src/errors/index.ts

@@ -4,9 +4,6 @@
  * This software may be modified and distributed under the terms
  * of the MIT license. See the LICENSE file for details.
  */
-class InvalidUsernamePassword {
-  readonly _tag = 'InvalidUsernamePassword';
-}
 
 class FetchError {
   readonly _tag = 'FetchError';
@@ -20,4 +17,4 @@ class UnableToFindNextStep {
   readonly _tag = 'UnableToFindNextStep';
 }
 
-export { FetchError, InvalidUsernamePassword, InvalidProtectNode, UnableToFindNextStep };
+export { FetchError, InvalidProtectNode, UnableToFindNextStep };

e2e/mock-api-v2/src/handlers/authorize.handler.ts

@@ -6,18 +6,26 @@
  */
 import { Effect } from 'effect';
 
-import { Authorize } from '../services/authorize.service.js';
 import { MockApi } from '../spec.js';
-import { HttpApiBuilder } from '@effect/platform';
+import { HttpApiBuilder, HttpApiError } from '@effect/platform';
+import { getFirstElementAndRespond } from '../services/mock-env-helpers/index.js';
 
 const AuthorizeHandlerMock = HttpApiBuilder.group(MockApi, 'Authorization', (handlers) =>
-  handlers.handle('DavinciAuthorize', ({ urlParams }) =>
+  handlers.handle('authorize', ({ urlParams }) =>
     Effect.gen(function* () {
-      const { handleAuthorize } = yield* Authorize;
+      /**
+       * We expect an acr_value query parameter to be present in the request.
+       * If it is not present, we return a 404 Not Found error.
+       */
+      const acr_value = urlParams?.acr_values ?? '';
 
-      const response = yield* handleAuthorize(urlParams);
+      if (!acr_value) {
+        return yield* Effect.fail(new HttpApiError.NotFound());
+      }
 
-      return response.body;
+      const response = yield* getFirstElementAndRespond(urlParams);
+
+      return response;
     }).pipe(Effect.withSpan('DavinciAuthorize')),
   ),
 );

e2e/mock-api-v2/src/handlers/capabilities.handler.ts

@@ -0,0 +1,144 @@
+/**
+ * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+import { Effect, pipe } from 'effect';
+import { MockApi } from '../spec.js';
+import {
+  HttpApiBuilder,
+  HttpApiError,
+  HttpBody,
+  HttpServerRequest,
+  HttpServerResponse,
+} from '@effect/platform';
+import { responseMap } from '../responses/index.js';
+import { validator } from '../helpers/match.js';
+import { returnSuccessResponseRedirect } from '../responses/return-success-redirect.js';
+
+const CapabilitiesHandlerMock = HttpApiBuilder.group(MockApi, 'Capabilities', (handlers) =>
+  handlers.handle('capabilities', ({ urlParams, payload }) =>
+    Effect.gen(function* () {
+      /**
+       * We expect an acr_value query parameter to be present in the request.
+       * If it is not present, we return a 404 Not Found error.
+       */
+      const acr_value = urlParams?.acr_values ?? '';
+
+      if (!acr_value) {
+        return yield* Effect.fail(new HttpApiError.NotFound());
+      }
+
+      /**
+       * We need a step index cookie to determine which step of the authentication process we are on.
+       * If the cookie is not present, we return a 404 Not Found error.
+       */
+
+      const req = yield* HttpServerRequest.HttpServerRequest;
+
+      const stepIndexCookie = req.cookies['stepIndex'];
+
+      /**
+       * If we are here with no step index that means we can't continue through a flow.
+       * We should error
+       */
+      if (!stepIndexCookie) {
+        return yield* Effect.fail(new HttpApiError.NotFound());
+      }
+
+      const stepIndex = parseInt(stepIndexCookie);
+
+      /**
+       * If we have no step index, we should error or if its an invalid number
+       */
+
+      if (isNaN(stepIndex) || stepIndex < 0) {
+        return yield* Effect.fail(new HttpApiError.NotFound());
+      }
+
+      /**
+       * Match the body against validators now
+       * if the body has no match, we are defaulting to a successful response.
+       */
+      const result = yield* validator(payload);
+
+      if (result === false) {
+        return yield* Effect.fail(new HttpApiError.Unauthorized());
+      }
+
+      /**
+       * We use the step index to find the next step in the response map.
+       * If the step index is out of bounds, we return a 404 Not Found error.
+       */
+      const steps = responseMap[acr_value];
+
+      /**
+       * This may not be the best way to write this.
+       * An alternative option would be for us to include the success response we want to return,
+       * in the response map.
+       *
+       * then we can check if we are at the last step. if we are we write the cookie
+       * and then we return the success response (last item in array)
+       *
+       * for now, this returns a default success response and writes cookies.
+       */
+      if (stepIndex + 1 >= steps.length) {
+        /**
+         * we need to return a success because we have not failed yet,
+         * and we have no more steps to process.
+         */
+        const body = yield* HttpBody.json(returnSuccessResponseRedirect).pipe(
+          /**
+           * Decide on a better way to handle this error possibiltiy
+           */
+          Effect.catchTag('HttpBodyError', () =>
+            Effect.fail(
+              new HttpApiError.HttpApiDecodeError({
+                message: 'Failed to encode body',
+                issues: [],
+              }),
+            ),
+          ),
+        );
+        return pipe(
+          HttpServerResponse.json(body),
+          HttpServerResponse.setCookie('ST', 'MockApiCookie123'),
+          HttpServerResponse.setCookie(
+            'interactionId',
+            returnSuccessResponseRedirect.interactionId,
+            {
+              httpOnly: true,
+              secure: true,
+              sameSite: 'strict',
+            },
+          ),
+          HttpServerResponse.setCookie(
+            'interactionToken',
+            returnSuccessResponseRedirect.interactionToken,
+            {
+              httpOnly: true,
+              secure: true,
+              sameSite: 'strict',
+            },
+          ),
+          HttpServerResponse.removeCookie('stepIndex'),
+          HttpServerResponse.setStatus(200),
+          HttpServerResponse.setHeader('Content-Type', 'application/json'),
+        );
+      }
+
+      /**
+       * The stepIndex middleware is used to auto-increment the step index
+       * based on the request type. If the step index is out of bounds,
+       * we return a 404 Not Found error. so we won't increment it, but we check for the next step
+       * in the flow.
+       */
+      const nextStep = steps[stepIndex + 1];
+
+      return nextStep;
+    }).pipe(Effect.withSpan('Capabilities Handler Mock')),
+  ),
+);
+
+export { CapabilitiesHandlerMock };

e2e/mock-api-v2/src/handlers/custom-html-template.handler.ts

@@ -9,7 +9,7 @@ import { Tokens } from '../services/tokens.service.js';
 import { HttpApiBuilder } from '@effect/platform';
 import { Effect } from 'effect';
 
-const RevokeTokenHandler = HttpApiBuilder.group(MockApi, 'TokenRevocation', (handlers) =>
+const RevokeTokenHandler = HttpApiBuilder.group(MockApi, 'Revoke', (handlers) =>
   handlers.handle('RevokeToken', () =>
     Effect.gen(function* () {
       const { revokeToken } = yield* Tokens;

e2e/mock-api-v2/src/handlers/revoke.handler.ts

@@ -10,7 +10,7 @@ import { UserInfo } from '../services/userinfo.service.js';
 import { HttpApiBuilder } from '@effect/platform';
 import { BearerToken } from '../middleware/Authorization.js';
 
-const UserInfoMockHandler = HttpApiBuilder.group(MockApi, 'Protected Requests', (handlers) =>
+const UserInfoMockHandler = HttpApiBuilder.group(MockApi, 'ProtectedRequests', (handlers) =>
   handlers.handle('UserInfo', () =>
     Effect.gen(function* () {
       const authToken = yield* BearerToken;

e2e/mock-api-v2/src/handlers/userinfo.handler.ts

@@ -6,12 +6,10 @@
  */
 import { Effect, Match, Schema } from 'effect';
 
-import { InvalidUsernamePassword, InvalidProtectNode } from '../errors/index.js';
-import { PingOneCustomHtmlRequestBody } from '../schemas/custom-html-template/custom-html-template-request.schema.js';
+import { HttpApiError } from '@effect/platform';
+import { CapabilitiesRequestBody } from '../schemas/capabilities/capabilities.request.schema.js';
 
-type PingRequestData = Schema.Schema.Type<
-  typeof PingOneCustomHtmlRequestBody
->['parameters']['data']['formData']['value'];
+type PingRequestData = Schema.Schema.Type<typeof CapabilitiesRequestBody>;
 /**
  * Using this to match on the data types, realistically, this will be a schema of possible
  * response bodies we want to validate against they validate to our conditions.
@@ -20,18 +18,19 @@ type PingRequestData = Schema.Schema.Type<
  * or we can continue to the next step in the flow
  */
 const validator = Match.type<PingRequestData>().pipe(
-  Match.when({ username: Match.string, password: Match.string }, ({ username, password }) => {
-    return Effect.if(username == 'testuser' && password === 'Password', {
-      onFalse: () => Effect.fail(new InvalidUsernamePassword()),
-      onTrue: () => Effect.succeed(true),
-    });
-  }),
-  Match.when({ pingprotectsdk: Match.string }, ({ pingprotectsdk }) => {
-    return Effect.if(pingprotectsdk.length > 1, {
-      onTrue: () => Effect.succeed(true),
-      onFalse: () => Effect.fail(new InvalidProtectNode()),
-    });
-  }),
-  Match.exhaustive,
+  Match.when(
+    { parameters: { data: { formData: { username: Match.string, password: Match.string } } } },
+    ({ parameters }) =>
+      Effect.if(
+        parameters.data.formData.username == 'testuser' &&
+          parameters.data.formData.password === 'Password',
+        {
+          onFalse: () => Effect.fail(new HttpApiError.Unauthorized()),
+          onTrue: () => Effect.succeed(true),
+        },
+      ),
+  ),
+  Match.orElse(() => Effect.succeed(true)),
 );
+
 export { validator, PingRequestData };

e2e/mock-api-v2/src/helpers/match.ts

@@ -13,7 +13,7 @@ import { HealthCheckLive } from './handlers/healthcheck.handler.js';
 import { OpenidConfigMock } from './handlers/open-id-configuration.handler.js';
 import { IncrementStepIndexMock } from './middleware/CookieMiddleware.js';
 import { AuthorizeHandlerMock } from './handlers/authorize.handler.js';
-import { AuthorizeMock } from './services/authorize.service.js';
+import { CapabilitiesHandlerMock } from './handlers/capabilities.handler.js';
 import { TokensMock } from './services/tokens.service.js';
 import { TokensHandler } from './handlers/token.handler.js';
 import { UserInfoMockHandler } from './handlers/userinfo.handler.js';
@@ -26,6 +26,15 @@ import { BatchSpanProcessor, ConsoleSpanExporter } from '@opentelemetry/sdk-trac
 import { EndSessionHandlerMock } from './handlers/end-session.handler.js';
 import { RevokeTokenHandler } from './handlers/revoke.handler.js';
 
+const Services = [
+  Layer.provide(TokensMock),
+  Layer.provide(IncrementStepIndexMock),
+  Layer.provide(AuthorizationMock),
+  Layer.provide(UserInfoMockService),
+  Layer.provide(SessionMiddlewareMock),
+  Layer.provide(SessionStorage.Default),
+] as const;
+
 const NodeSdkLive = NodeSdk.layer(() => ({
   resource: { serviceName: 'Mock-Api' },
   spanProcessor: new BatchSpanProcessor(new ConsoleSpanExporter()),
@@ -36,22 +45,15 @@ const APIMock = HttpApiBuilder.api(MockApi).pipe(
   Layer.provide(OpenidConfigMock),
   Layer.provide(AuthorizeHandlerMock),
   Layer.provide(TokensHandler),
+  Layer.provide(CapabilitiesHandlerMock),
   Layer.provide(UserInfoMockHandler),
   Layer.provide(EndSessionHandlerMock),
   Layer.provide(RevokeTokenHandler),
+  ...Services,
 );
 
 const ServerMock = HttpApiBuilder.serve(HttpMiddleware.logger).pipe(
   Layer.provide(HttpApiSwagger.layer()),
-  Layer.provide(APIMock),
-  Layer.provide(TokensMock),
-  Layer.provide(IncrementStepIndexMock),
-  Layer.provide(AuthorizationMock),
-  Layer.provide(UserInfoMockService),
-  Layer.provide(SessionMiddlewareMock),
-  Layer.provide(SessionStorage.Default),
-  Layer.provide(AuthorizeMock),
-  Layer.provide(NodeSdkLive),
   Layer.provide(
     HttpApiBuilder.middlewareCors({
       allowedMethods: ['GET', 'PUT', 'POST', 'OPTIONS'],
@@ -60,6 +62,9 @@ const ServerMock = HttpApiBuilder.serve(HttpMiddleware.logger).pipe(
       maxAge: 3600,
     }),
   ),
+  Layer.provide(APIMock),
+
+  Layer.provide(NodeSdkLive),
   HttpServer.withLogAddress,
   Layer.provide(NodeHttpServer.layer(createServer, { port: 9443 })),
 );