feat(identity): unit tests for services

__mocks__/@aws-sdk/client-secrets-manager.ts

@@ -0,0 +1,15 @@
+// This is a manual module mock for the AWS client.
+// This is done to prevent our internal services from pinging the actual AWS ones
+// and to ensure our tests are 1. consistent 2. reliable.
+
+export const mockSend = jest.fn()
+
+export const secretsManagerClient = {
+  send: mockSend,
+}
+
+export const SecretsManagerClient: jest.Mock<
+  typeof secretsManagerClient
+> = jest.fn().mockImplementation(() => secretsManagerClient)
+
+export const GetSecretValueCommand = jest.fn((secret) => ({ SecretId: secret }))

__mocks__/axios.ts

@@ -0,0 +1,3 @@
+import mockAxios from "jest-mock-axios"
+
+export default mockAxios

__mocks__/otplib.ts

@@ -0,0 +1,6 @@
+// eslint-disable-next-line import/prefer-default-export
+export const totp = {
+  clone: jest.fn().mockReturnThis(),
+  generate: jest.fn(),
+  verify: jest.fn(),
+}

jest.config.js

@@ -0,0 +1,20 @@
+/** @type {import('ts-jest/dist/types').InitialOptionsTsJest} */
+module.exports = {
+  preset: "ts-jest",
+  testEnvironment: "node",
+  moduleNameMapper: {
+    "^@root/(.*)": "<rootDir>/$1",
+    "^@classes/(.*)": "<rootDir>/classes/$1",
+    "^@errors/(.*)": "<rootDir>/errors/$1",
+    "^@logger/(.*)": "<rootDir>/logger/$1",
+    "^@middleware/(.*)": "<rootDir>/middleware/$1",
+    "^@routes/(.*)": "<rootDir>/routes/$1",
+    "^@utils/(.*)": "<rootDir>/utils/$1",
+    "^@loaders/(.*)": "<rootDir>/loaders/$1",
+    "^@database/(.*)": "<rootDir>/database/$1",
+    "^@services/(.*)": "<rootDir>/services/$1",
+    "^@validators/(.*)": "<rootDir>/validators/$1",
+    "^@fixtures/(.*)": "<rootDir>/fixtures/$1",
+    "^@mocks/(.*)": "<rootDir>/__mocks__/$1",
+  },
+}

package.json

@@ -59,6 +59,7 @@
   },
   "devDependencies": {
     "@tsconfig/recommended": "^1.0.1",
+    "@types/jest": "^27.4.1",
     "@typescript-eslint/eslint-plugin": "^5.12.1",
     "@typescript-eslint/parser": "^5.12.1",
     "auto-changelog": "^2.4.0",
@@ -72,10 +73,12 @@
     "eslint-plugin-only-warn": "^1.0.2",
     "eslint-plugin-prettier": "^3.4.0",
     "husky": "^6.0.0",
-    "jest": "^27.2.2",
+    "jest": "^27.5.1",
+    "jest-mock-axios": "^4.5.0",
     "lint-staged": "^11.1.2",
     "prettier": "2.2.1",
-    "typescript": "^4.5.5"
+    "ts-jest": "^27.1.3",
+    "typescript": "^4.6.2"
   },
   "config": {
     "commitizen": {
@@ -96,22 +99,6 @@
     "@validators": "validators",
     "@fixtures": "fixtures"
   },
-  "jest": {
-    "moduleNameMapper": {
-      "^@root/(.*)": "<rootDir>/$1",
-      "^@classes/(.*)": "<rootDir>/classes/$1",
-      "^@errors/(.*)": "<rootDir>/errors/$1",
-      "^@logger/(.*)": "<rootDir>/logger/$1",
-      "^@middleware/(.*)": "<rootDir>/middleware/$1",
-      "^@routes/(.*)": "<rootDir>/routes/$1",
-      "^@utils/(.*)": "<rootDir>/utils/$1",
-      "^@loaders/(.*)": "<rootDir>/loaders/$1",
-      "^@database/(.*)": "<rootDir>/database/$1",
-      "^@services/(.*)": "<rootDir>/services/$1",
-      "^@validators/(.*)": "<rootDir>/validators/$1",
-      "^@fixtures/(.*)": "<rootDir>/fixtures/$1"
-    }
-  },
   "lint-staged": {
     "**/*.(js|jsx|ts|tsx)": [
       "eslint --fix",

services/identity/MailClient.ts

@@ -2,14 +2,23 @@ import axios from "axios"
 
 import logger from "@logger/logger"
 
-const { POSTMAN_API_KEY } = process.env
 const POSTMAN_API_URL = "https://api.postman.gov.sg/v1"
 
 class MailClient {
-  async sendMail(recipient: string, body: string): Promise<void> {
-    if (!POSTMAN_API_KEY)
+  // NOTE: This is set as a private readonly property
+  // rather than a variable within the file for testing.
+  // This is to allow us to test that initialization fails when the API key is empty
+  private readonly POSTMAN_API_KEY: string
+
+  constructor() {
+    const { POSTMAN_API_KEY } = process.env
+    if (!POSTMAN_API_KEY) {
       throw new Error("Postman.gov.sg API key cannot be empty.")
+    }
+    this.POSTMAN_API_KEY = POSTMAN_API_KEY
+  }
 
+  async sendMail(recipient: string, body: string): Promise<void> {
     const endpoint = `${POSTMAN_API_URL}/transactional/email/send`
     const email = {
       subject: "One-Time Password (OTP) for IsomerCMS",
@@ -21,7 +30,7 @@ class MailClient {
     try {
       await axios.post(endpoint, email, {
         headers: {
-          Authorization: `Bearer ${POSTMAN_API_KEY}`,
+          Authorization: `Bearer ${this.POSTMAN_API_KEY}`,
         },
       })
     } catch (err) {
@@ -31,4 +40,4 @@ class MailClient {
   }
 }
 
-module.exports = MailClient
+export default MailClient

services/identity/SmsClient.ts

@@ -4,13 +4,16 @@ import logger from "@logger/logger"
 
 import { AxiosClient } from "@root/types"
 
-const { POSTMAN_API_KEY, POSTMAN_SMS_CRED_NAME } = process.env
+const { POSTMAN_SMS_CRED_NAME } = process.env
+
 const POSTMAN_API_URL = "https://api.postman.gov.sg/v1"
 
 class SmsClient {
-  axiosClient: AxiosClient
+  private readonly axiosClient: AxiosClient
 
   constructor() {
+    const { POSTMAN_API_KEY } = process.env
+
     if (!POSTMAN_API_KEY)
       throw new Error("Postman.gov.sg API key cannot be empty.")
 
@@ -39,4 +42,4 @@ class SmsClient {
   }
 }
 
-module.exports = SmsClient
+export default SmsClient

services/identity/TokenStore.ts

@@ -5,17 +5,18 @@ import {
 } from "@aws-sdk/client-secrets-manager"
 
 class TokenStore {
-  secretsClient: SecretsManagerClient
+  private readonly secretsClient: SecretsManagerClient
 
   constructor() {
     this.secretsClient = this.createClient()
   }
 
-  createClient() {
+  private createClient() {
     const { AWS_REGION, AWS_ENDPOINT } = process.env
     const config: SecretsManagerClientConfig = {
       region: AWS_REGION || "ap-southeast-1",
     }
+
     // Use an alternate AWS endpoint if provided. For testing with localstack
     if (AWS_ENDPOINT) config.endpoint = AWS_ENDPOINT
 
@@ -24,7 +25,7 @@ class TokenStore {
 
   // NOTE: This is currently stricter than required.
   // We can relax the constraint so that it can be undefined in the future.
-  async getToken(apiTokenName: string) {
+  async getToken(apiTokenName: string): Promise<string | undefined> {
     const command = new GetSecretValueCommand({
       SecretId: apiTokenName,
     })
@@ -33,4 +34,4 @@ class TokenStore {
   }
 }
 
-module.exports = TokenStore
+export default TokenStore

services/identity/TotpGenerator.ts

@@ -6,11 +6,11 @@ interface TotpGeneratorProps {
 }
 
 class TotpGenerator {
-  generator: typeof totp
+  private readonly generator: typeof totp
 
-  expiry: number
+  private readonly expiry: number
 
-  secret: string
+  private readonly secret: string
 
   constructor({ secret, expiry }: TotpGeneratorProps) {
     this.secret = secret
@@ -47,4 +47,4 @@ class TotpGenerator {
   }
 }
 
-module.exports = TotpGenerator
+export default TotpGenerator

services/identity/__tests__/AuthService.spec.ts

@@ -0,0 +1,99 @@
+import mockAxios from "jest-mock-axios"
+
+import { BadRequestError } from "@root/errors/BadRequestError"
+
+import _AuthService from "../AuthService"
+
+import {
+  mockAccessToken,
+  mockHeaders,
+  mockSiteName,
+  mockUserId,
+} from "./constants"
+
+const AuthService = new _AuthService({ axiosClient: mockAxios })
+const mockEndpoint = `/${mockSiteName}/collaborators/${mockUserId}`
+
+describe("Auth Service", () => {
+  afterEach(() => mockAxios.reset())
+
+  it("should call axios successfully and return true when the call is successful", async () => {
+    // Arrange
+    const expected = true
+    mockAxios.get.mockResolvedValueOnce({
+      response: { status: 200 },
+    })
+
+    // Act
+    const actual = await AuthService.hasAccessToSite(
+      mockSiteName,
+      mockUserId,
+      mockAccessToken
+    )
+
+    // Assert
+    expect(actual).toBe(expected)
+    expect(mockAxios.get).toHaveBeenCalledWith(mockEndpoint, mockHeaders)
+  })
+
+  it("should call axios successfully and return false when the call fails with 403", async () => {
+    // Arrange
+    const expected = false
+    mockAxios.get.mockRejectedValueOnce({
+      response: { status: 403 },
+      // NOTE: Axios uses this property to determine if it's an axios error
+      isAxiosError: true,
+    })
+
+    // Act
+    const actual = await AuthService.hasAccessToSite(
+      mockSiteName,
+      mockUserId,
+      mockAccessToken
+    )
+
+    // Assert
+    expect(actual).toBe(expected)
+    expect(mockAxios.get).toHaveBeenCalledWith(mockEndpoint, mockHeaders)
+  })
+
+  it("should call axios successfully and return false when the call fails with 404", async () => {
+    // Arrange
+    const expected = false
+    mockAxios.get.mockRejectedValueOnce({
+      response: { status: 404 },
+      // NOTE: Axios uses this property to determine if it's an axios error
+      isAxiosError: true,
+    })
+
+    // Act
+    const actual = await AuthService.hasAccessToSite(
+      mockSiteName,
+      mockUserId,
+      mockAccessToken
+    )
+
+    // Assert
+    expect(actual).toBe(expected)
+    expect(mockAxios.get).toHaveBeenCalledWith(mockEndpoint, mockHeaders)
+  })
+
+  it("should call axios successfully and bubble the error when the status is not 403 or 404", async () => {
+    // Arrange
+    const expected = {
+      response: { status: 400 },
+    }
+    mockAxios.get.mockRejectedValueOnce(new BadRequestError(expected))
+
+    // Act
+    const actual = AuthService.hasAccessToSite(
+      mockSiteName,
+      mockUserId,
+      mockAccessToken
+    )
+
+    // Assert
+    expect(actual).rejects.toThrowError(new BadRequestError(expected))
+    expect(mockAxios.get).toHaveBeenCalledWith(mockEndpoint, mockHeaders)
+  })
+})

services/identity/__tests__/MailClient.spec.ts

@@ -0,0 +1,69 @@
+import mockAxios from "jest-mock-axios"
+
+import _MailClient from "../MailClient"
+
+import { mockRecipient, mockBody, mockHeaders } from "./constants"
+
+const mockEndpoint = "https://api.postman.gov.sg/v1/transactional/email/send"
+
+const MailClient = new _MailClient()
+
+const generateEmail = (recipient: string, body: string) => ({
+  subject: "One-Time Password (OTP) for IsomerCMS",
+  from: "IsomerCMS <[email protected]>",
+  body,
+  recipient,
+})
+
+describe("Mail Client", () => {
+  afterEach(() => mockAxios.reset())
+
+  it("should return the result successfully when all parameters are valid", async () => {
+    // Arrange
+    mockAxios.post.mockResolvedValueOnce(200)
+
+    // Act
+    const actual = await MailClient.sendMail(mockRecipient, mockBody)
+
+    // Assert
+    expect(actual).toBeUndefined()
+    expect(mockAxios.post).toHaveBeenCalledWith(
+      mockEndpoint,
+      generateEmail(mockRecipient, mockBody),
+      mockHeaders
+    )
+  })
+
+  it("should throw an error on initialization when the env var is not set", async () => {
+    // Arrange
+    // Store the API key and set it later so that other tests are not affected
+    const curApiKey = process.env.POSTMAN_API_KEY
+    process.env.POSTMAN_API_KEY = ""
+
+    // Act
+    // NOTE: We require a new instance because the old one would already have the API key bound
+    const actual = () => new _MailClient()
+
+    // Assert
+    expect(actual).toThrowError("Postman.gov.sg API key cannot be empty")
+    process.env.POSTMAN_API_KEY = curApiKey
+    expect(process.env.POSTMAN_API_KEY).toBe(curApiKey)
+  })
+
+  it("should return an error when a network error occurs", async () => {
+    // Arrange
+    const generatedEmail = generateEmail(mockRecipient, mockBody)
+    mockAxios.post.mockRejectedValueOnce("some error")
+
+    // Act
+    const actual = MailClient.sendMail(mockRecipient, mockBody)
+
+    // Assert
+    expect(actual).rejects.toThrowError("Failed to send email")
+    expect(mockAxios.post).toHaveBeenCalledWith(
+      mockEndpoint,
+      generatedEmail,
+      mockHeaders
+    )
+  })
+})