Merge pull request #20 from Konnect-Agri/feat/mono-repo

Modified APIs in CM and Auth service

apps/authentication/src/auth/auth.service.ts

@@ -10,15 +10,9 @@ export class AuthService {
   async handleAuth(authDTO: AuthDto) {
     //TODO: add consent artifact processin
     try {
-      const requestOptions = {
-        headers: {
-          'Content-Type': 'application/json',
-        },
-      };
       // const myHeaders = new Headers();
       // myHeaders.append('Content-Type', 'application/json');
 
-      const raw = authDTO.consentArtifact;
       // var raw = JSON.stringify({
       //   "id": "927d81cf-77ee-4528-94d1-2d98a2595740",
       //   "caId": "036232e5-0ac7-4863-bad2-c70e70ef2d2f",
@@ -81,14 +75,13 @@ export class AuthService {
       //   "webhook_url": "https://sample-consumer/api/v1/consume",
       //   "total_attempts": 0
       // });
-      const reqOptions = {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        body: raw,
-        redirect: 'follow',
-      };
+      // const reqOptions = {
+      //   method: 'POST',
+      //   headers: {
+      //     'Content-Type': 'application/json',
+      //   },
+      //   redirect: 'follow',
+      // };
       // fetch('https://api.consent-manager.konnect.samagra.io/verify', reqOptions)
       //   .then((response) => response.text())
       //   .then((result) => console.log(result))
@@ -105,27 +98,22 @@ export class AuthService {
 
       const caRes = await lastValueFrom(
         this.httpService
-          .post(
-            `${process.env.CONSENT_MANAGER_URI}/verify`,
-            raw,
-            reqOptions,
+          .get(
+            `${process.env.CONSENT_MANAGER_URI}/${authDTO.caId}/verify`
           )
           .pipe(map((response) => response.data)),
       );
       if (!caRes.caId) {
         return "An error occured while verifying Consent Artifact";
       }
 
-      if (caRes.status != 200) {
-        return "An error occured while verifying Consent Artifact";
-      }
+      console.log("CA RES---->", caRes)
 
       const responseData = await lastValueFrom(
         this.httpService
           .post(
             process.env.LINK_TO_AUTHORIZATION_SERVICE,
-            { consentArtifact: authDTO.consentArtifact, gql: authDTO.gql },
-            requestOptions,
+            { consentArtifact: caRes, gql: authDTO.gql }
           )
           .pipe(map((response) => response.data)),
       );

apps/authentication/src/auth/dto/auth.dto.ts

@@ -1,5 +1,5 @@
 export class AuthDto {
-  consentArtifact: JSON;
+  caId: string
   gql: string;
   token: string;
 }

apps/consent-manager/src/app.controller.ts

@@ -54,23 +54,29 @@ export class AppController {
 
   @ApiOperation({ summary: 'Verify CA' })
   @ApiResponse({ type: GetCAResponse, status: 200, description: 'Get CA details' })
-  @Post('verify/')
-  async verifyCA(@Body() caRequest: object): Promise<any> {
-    const ca: CARequests = await this.appService.getCA(caRequest["caId"]);
+  @Get('/:caId/verify')
+  async verifyCA(@Param('caId') caId: string): Promise<any> {
+    const ca: CARequests = await this.appService.getCA(caId);
     const status = await this.appService.updateFrequency(ca);
     if (status === 200) {
       return ca;
+    } else if (status === 401) {
+      throw new HttpException({
+        statusCode: HttpStatus.UNAUTHORIZED,
+        error: 'Consent has not been provided by the user yet',
+        message: 'Consent has not been provided by the user yet',
+      }, 401);
     } else if (status === 403) {
       throw new HttpException({
         statusCode: HttpStatus.FORBIDDEN,
-        error: 'Consent has been revoked for this artifact',
-        message: 'Consent has been revoked for this artifact',
+        error: 'Consent has been REVOKED or DECLINED for this artifact',
+        message: 'Consent has been REVOKED or DECLINED for this artifact',
       }, 403);
     } else if (status === 410) {
       throw new HttpException({
         statusCode: HttpStatus.GONE,
-        error: 'Requested Consent Artifact has expired',
-        message: 'Requested Consent Artifact has expired',
+        error: 'Requested Consent Artifact has EXPIRED',
+        message: 'Requested Consent Artifact has EXPIRED',
       }, 410);
     } else if (status === 429) {
       throw new HttpException({

apps/consent-manager/src/app.service.ts

@@ -82,14 +82,24 @@ export class AppService {
       const currDate = new Date();
 
       // If the Consent Artifact has expired
-      if (new Date(consentArtifact.expires) <= currDate) {
+      if ((new Date(consentArtifact.expires) <= currDate) || ca.state == 'EXPIRED') {
         return 410;
       }
       // If the Consent Artifact has been revoked.
       if (ca.state == 'REVOKED') {
         return 403;
       }
 
+      // If the Consent Artifact has been revoked.
+      if (ca.state == 'DECLINE') {
+        return 403;
+      }
+
+      // If the Consent Artifact has been revoked.
+      if (ca.state == 'CREATED') {
+        return 401;
+      }
+
       if (ca.total_attempts + 1 <= consentArtifact.total_queries_allowed) {
         const currentValue = await this.cacheManager.get(ca.caId);
         if (!currentValue || currentValue == null) {
@@ -139,8 +149,8 @@ export class AppService {
   }
 
   tokenizeRequest(payload: ConsentArtifact): any {
-    var privateKEY = fs.readFileSync('./keys/private.key', 'utf8');
-    var signOptions:any = {
+    var privateKEY = fs.readFileSync(process.cwd() + '/apps/consent-manager/keys/private.key', 'utf8');
+    var signOptions: any = {
       issuer: this.configService.get<string>('JWT_ISSUER'),
       subject: payload.user.id,
       audience: payload.consumer.id,