Skip to content

Commit

Permalink
refactor: validate MyInfo env vars using Convict (#559)
Browse files Browse the repository at this point in the history
* refactor: validate myinfo env vars using convict

* refactor: combine imports

* test: add required env vars to tests

* ref: change myInfoClientMode default to prod
  • Loading branch information
mantariksh authored Nov 9, 2020
1 parent 0c3d778 commit aaacd5b
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 8 deletions.
13 changes: 7 additions & 6 deletions src/app/factories/spcp-myinfo.factory.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,10 @@ const featureManager = require('../../config/feature-manager').default
const config = require('../../config/config')
const fs = require('fs')
const SPCPAuthClient = require('@opengovsg/spcp-auth-client')
const { MyInfoGovClient } = require('@opengovsg/myinfo-gov-client')
const {
MyInfoGovClient,
Mode: MyInfoClientMode,
} = require('@opengovsg/myinfo-gov-client')
const MyInfoService = require('../services/myinfo.service')
const logger = require('../../config/logger').createLoggerWithLabel(module)

Expand Down Expand Up @@ -59,12 +62,10 @@ const spcpFactory = ({ isEnabled, props }) => {
// as part of convict (Issue #255)
if (config.nodeEnv === 'production') {
let myInfoPrefix =
process.env.MYINFO_CLIENT_CONFIG === 'stg' ? 'STG2-' : 'PROD2-'
myInfoConfig.privateKey = fs.readFileSync(
process.env.MYINFO_FORMSG_KEY_PATH,
)
props.myInfoClientMode === MyInfoClientMode.Staging ? 'STG2-' : 'PROD2-'
myInfoConfig.privateKey = fs.readFileSync(props.myInfoKeyPath)
myInfoConfig.appId = myInfoPrefix + myInfoConfig.singpassEserviceId
myInfoConfig.mode = process.env.MYINFO_CLIENT_CONFIG
myInfoConfig.mode = props.myInfoClientMode
myInfoGovClient = new MyInfoGovClient(myInfoConfig)
} else {
logger.warn({
Expand Down
16 changes: 16 additions & 0 deletions src/config/feature-manager/spcp-myinfo.config.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
import { Mode as MyInfoClientMode } from '@opengovsg/myinfo-gov-client'

import { FeatureNames, RegisterableFeature } from './types'

const HOUR_IN_MILLIS = 1000 * 60 * 60
Expand Down Expand Up @@ -151,6 +153,20 @@ const spcpMyInfoFeature: RegisterableFeature<FeatureNames.SpcpMyInfo> = {
default: null,
env: 'CP_IDP_CERT_PATH',
},
myInfoClientMode: {
doc:
'Configures MyInfoGovClient. Set this to either `stg` or `prod` to fetch MyInfo data from the corresponding endpoints.',
format: Object.values(MyInfoClientMode),
default: MyInfoClientMode.Production,
env: 'MYINFO_CLIENT_CONFIG',
},
myInfoKeyPath: {
doc:
'Filepath to MyInfo private key, which is used to decrypt returned responses.',
format: String,
default: null,
env: 'MYINFO_FORMSG_KEY_PATH',
},
},
}

Expand Down
10 changes: 9 additions & 1 deletion src/config/feature-manager/types.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import { Mode as MyInfoClientMode } from '@opengovsg/myinfo-gov-client'
import { Schema } from 'convict'

export enum FeatureNames {
Expand Down Expand Up @@ -36,7 +37,7 @@ export interface ISms {
twilioMsgSrvcSid: string
}

export interface ISpcpMyInfo {
export interface ISpcpConfig {
isSPMaintenance: string
isCPMaintenance: string
spCookieMaxAge: number
Expand All @@ -61,6 +62,13 @@ export interface ISpcpMyInfo {
cpIdpCertPath: string
}

export interface IMyInfoConfig {
myInfoClientMode: MyInfoClientMode
myInfoKeyPath: string
}

export type ISpcpMyInfo = ISpcpConfig & IMyInfoConfig

export interface IVerifiedFields {
verificationSecretKey: string
}
Expand Down
4 changes: 3 additions & 1 deletion tests/.test-full-env
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ SINGPASS_IDP_ID=https://saml-internet.singpass.gov.sg/FIM/sps/SingpassIDPFed/sam
MOCKPASS_PORT=5156
SINGPASS_ESRVC_ID=Test-eServiceId-Sp

MYINFO_CLIENT_CONFIG=stg
MYINFO_FORMSG_KEY_PATH=./node_modules/@opengovsg/mockpass/static/certs/key.pem

CP_FORMSG_KEY_PATH=./node_modules/@opengovsg/mockpass/static/certs/key.pem
CP_FORMSG_CERT_PATH=./node_modules/@opengovsg/mockpass/static/certs/server.crt
CP_IDP_CERT_PATH=./node_modules/@opengovsg/mockpass/static/certs/spcp.crt
Expand All @@ -26,7 +29,6 @@ SHOW_LOGIN_PAGE=true
IS_SP_MAINTENANCE=Date/Time-SP
IS_CP_MAINTENANCE=Date/Time-CP

MYINFO_CLIENT_CONFIG=stg
MOCKPASS_NRIC=S6005038D
MOCKPASS_UEN=123456789A

Expand Down

0 comments on commit aaacd5b

Please sign in to comment.