fix: ORV2-2532 Proceed to Route Handler if one of the guard validates…

… successfully (#1460)

dops/src/guard/jwt-one-of-auth.guard.ts

@@ -0,0 +1,25 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import { Observable } from 'rxjs';
+import { JwtAuthGuard } from './auth.guard';
+import { JwtServiceAccountAuthGuard } from './jwt-sa-auth.guard';
+import { Reflector } from '@nestjs/core';
+
+@Injectable()
+export class JwtOneOfAuthGuard implements CanActivate {
+  constructor(private reflector: Reflector) {}
+  canActivate(
+    context: ExecutionContext,
+  ): boolean | Promise<boolean> | Observable<boolean> {
+    const jwtAuthGuard = new JwtAuthGuard(this.reflector);
+    const jwtServiceAccountAuthGuard = new JwtServiceAccountAuthGuard(
+      this.reflector,
+    );
+
+    try {
+      return jwtAuthGuard.canActivate(context); // Attempt to activate the jwtAuthGuard
+    } catch (error) {
+      // If the jwtAuthGuard fails, attempt to activate the jwtServiceAccountAuthGuard
+      return jwtServiceAccountAuthGuard.canActivate(context);
+    }
+  }
+}

dops/src/modules/dgen/dgen.controller.ts

@@ -28,8 +28,7 @@ import { Role } from '../../enum/roles.enum';
 import { CreateGeneratedReportDto } from './dto/request/create-generated-report.dto';
 import { DgenService } from './dgen.service';
 import { ReadFileDto } from '../common/dto/response/read-file.dto';
-import { JwtAuthGuard } from 'src/guard/auth.guard';
-import { JwtServiceAccountAuthGuard } from 'src/guard/jwt-sa-auth.guard';
+import { JwtOneOfAuthGuard } from '../../guard/jwt-one-of-auth.guard';
 
 @ApiTags('Document Generator (DGEN)')
 @ApiBadRequestResponse({
@@ -64,7 +63,7 @@ export class DgenController {
     description: 'Required when IDP is not IDIR .',
   })
   @Roles(Role.GENERATE_DOCUMENT)
-  @UseGuards(JwtAuthGuard, JwtServiceAccountAuthGuard)
+  @UseGuards(JwtOneOfAuthGuard)
   @Post('/template/render')
   async generate(
     @Req() request: Request,

dops/src/modules/notification/notification.controller.ts

@@ -21,8 +21,7 @@ import { NotificationService } from './notification.service';
 import { ExceptionDto } from '../../exception/exception.dto';
 import { NotificationDocumentDto } from './dto/request/notification-document.dto';
 import { NotificationDto } from './dto/request/notification.dto';
-import { JwtAuthGuard } from 'src/guard/auth.guard';
-import { JwtServiceAccountAuthGuard } from 'src/guard/jwt-sa-auth.guard';
+import { JwtOneOfAuthGuard } from '../../guard/jwt-one-of-auth.guard';
 
 @ApiBearerAuth()
 @ApiBadRequestResponse({
@@ -61,7 +60,7 @@ export class NotificationController {
     description:
       'Processes and sends an notification with specified documents as attachments to the given recipient(s), and returns a transaction ID for the operation.',
   })
-  @UseGuards(JwtAuthGuard, JwtServiceAccountAuthGuard)
+  @UseGuards(JwtOneOfAuthGuard)
   @Post('/document')
   @Roles({ allOf: [Role.SEND_NOTIFICATION, Role.READ_DOCUMENT] })
   async notificationWithDocumentsFromDops(

vehicles/src/common/guard/jwt-one-of-auth.guard.ts

@@ -0,0 +1,25 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import { Observable } from 'rxjs';
+import { JwtAuthGuard } from './auth.guard';
+import { JwtServiceAccountAuthGuard } from './jwt-sa-auth.guard';
+import { Reflector } from '@nestjs/core';
+
+@Injectable()
+export class JwtOneOfAuthGuard implements CanActivate {
+  constructor(private reflector: Reflector) {}
+  canActivate(
+    context: ExecutionContext,
+  ): boolean | Promise<boolean> | Observable<boolean> {
+    const jwtAuthGuard = new JwtAuthGuard(this.reflector);
+    const jwtServiceAccountAuthGuard = new JwtServiceAccountAuthGuard(
+      this.reflector,
+    );
+
+    try {
+      return jwtAuthGuard.canActivate(context); // Attempt to activate the jwtAuthGuard
+    } catch (error) {
+      // If the jwtAuthGuard fails, attempt to activate the jwtServiceAccountAuthGuard
+      return jwtServiceAccountAuthGuard.canActivate(context);
+    }
+  }
+}