pr comments fixes

island-is · Oct 4, 2024 · 3f5870f · 3f5870f
1 parent eeb80b0
commit 3f5870f
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 12 deletions.
diff --git a/apps/services/auth/admin-api/src/app/v2/delegations/delegation-admin.controller.ts b/apps/services/auth/admin-api/src/app/v2/delegations/delegation-admin.controller.ts
@@ -33,8 +33,15 @@ import { DelegationAdminScopes } from '@island.is/auth/scopes'
 import { isDefined } from '@island.is/shared/utils'
 
 const namespace = '@island.is/auth/delegation-admin'
+
 const ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE =
-  process.env.ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE ?? ''
+  process.env.ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE
+
+if (!ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE) {
+  throw new Error(
+    'Environment variable ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE must be set',
+  )
+}
 
 @UseGuards(IdsUserGuard, ScopesGuard)
 @ApiTags('delegation-admin')
@@ -100,12 +107,12 @@ export class DelegationAdminController {
   @UseGuards(ZendeskAuthGuard(ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE))
   @Post('/zendesk')
   @Documentation({
-    response: { status: 200, type: DelegationDTO },
+    response: { status: 200 },
   })
-  createByZendeskId(
+  async createByZendeskId(
     @Body() { id }: ZendeskWebhookInputDto,
-  ): Promise<DelegationDTO> {
-    return this.delegationAdminService.createDelegationByZendeskId(id)
+  ): Promise<void> {
+    await this.delegationAdminService.createDelegationByZendeskId(id)
   }
 
   @Delete(':delegationId')

diff --git a/libs/auth-api-lib/src/lib/delegations/admin/delegation-admin-custom.service.ts b/libs/auth-api-lib/src/lib/delegations/admin/delegation-admin-custom.service.ts
@@ -153,7 +153,7 @@ export class DelegationAdminCustomService {
     }
   }
 
-  async createDelegationByZendeskId(zendeskId: string): Promise<DelegationDTO> {
+  async createDelegationByZendeskId(zendeskId: string): Promise<void> {
     const zendeskCase = await this.zendeskService.getTicket(zendeskId)
 
     const { fromReferenceId, toReferenceId, validTo, createdByNationalId } =
@@ -168,15 +168,13 @@ export class DelegationAdminCustomService {
 
     this.verifyZendeskTicket(zendeskCase, fromReferenceId, toReferenceId)
 
-    const newDelegation = await this.insertDelegation({
+    await this.insertDelegation({
       fromNationalId: fromReferenceId,
       toNationalId: toReferenceId,
       referenceId: zendeskId,
       validTo: this.formatZendeskDate(validTo),
       createdBy: createdByNationalId,
     })
-
-    return newDelegation.toDTO(AuthDelegationType.GeneralMandate)
   }
 
   async createDelegation(
@@ -352,6 +350,13 @@ export class DelegationAdminCustomService {
 
     const [day, month, year] = date.split('.').map(Number)
 
+    if (!day || !month || !year || isNaN(day) || isNaN(month) || isNaN(year)) {
+      throw new BadRequestException({
+        message: 'Invalid date format in Zendesk ticket',
+        error: ErrorCodes.INVALID_DATE_FORMAT,
+      })
+    }
+
     return new Date(year, month - 1, day)
   }
 }
diff --git a/libs/auth-nest-tools/src/lib/zendeskAuth.guard.ts b/libs/auth-nest-tools/src/lib/zendeskAuth.guard.ts
@@ -4,7 +4,13 @@ import * as crypto from 'crypto'
 
 const SIGNING_SECRET_ALGORITHM = 'sha256'
 
-export function ZendeskAuthGuard(signingSecret: string): Type<CanActivate> {
+export function ZendeskAuthGuard(
+  signingSecret: string | undefined,
+): Type<CanActivate> {
+  if (!signingSecret) {
+    throw new Error('Signing secret must be set')
+  }
+
   @Injectable()
   class ZendeskAuthGuardMixin implements CanActivate {
     canActivate(context: ExecutionContext): boolean {
@@ -20,13 +26,16 @@ export function ZendeskAuthGuard(signingSecret: string): Type<CanActivate> {
 
       return this.isValidSignature(signature, body, timestamp)
     }
-
+    
     isValidSignature(
       signature: string,
       body: string,
       timestamp: string,
     ): boolean {
-      const hmac = crypto.createHmac(SIGNING_SECRET_ALGORITHM, signingSecret)
+      const hmac = crypto.createHmac(
+        SIGNING_SECRET_ALGORITHM,
+        signingSecret as string,
+      )
       const sig = hmac.update(timestamp + body).digest('base64')
 
       return Buffer.compare(Buffer.from(signature), Buffer.from(sig)) === 0

diff --git a/libs/shared/utils/src/lib/errorCodes.ts b/libs/shared/utils/src/lib/errorCodes.ts
@@ -5,4 +5,5 @@ export enum ErrorCodes {
   ZENDESK_STATUS = 'ZENDESK_STATUS',
   INPUT_VALIDATION_SAME_NATIONAL_ID = 'INPUT_VALIDATION_SAME_NATIONAL_ID',
   INPUT_VALIDATION_INVALID_PERSON = 'INPUT_VALIDATION_INVALID_PERSON',
+  INVALID_DATE_FORMAT = 'INVALID_DATE_FORMAT',
 }