fix(pencil): adding logs and env variables validation with joi

Author: youssefElMkhantar

package-lock.json

@@ -41,6 +41,7 @@
     "cross-env": "^7.0.3",
     "dotenv": "^16.3.1",
     "https-proxy-agent": "^7.0.4",
+    "joi": "^17.12.3",
     "moment": "^2.30.1",
     "nodemailer": "^6.9.11",
     "openid-client": "^5.6.4",
@@ -56,6 +57,7 @@
     "@nestjs/testing": "^10.0.0",
     "@types/express": "^4.17.17",
     "@types/jest": "^29.5.2",
+    "@types/joi": "^17.2.3",
     "@types/node": "^20.3.1",
     "@types/supertest": "^2.0.12",
     "@typescript-eslint/eslint-plugin": "^6.0.0",

package.json

@@ -1,3 +1,4 @@
+import { configValidationSchema } from './config.schema';
 import { Module } from '@nestjs/common';
 import { AppController } from './app.controller';
 import { AppService } from './app.service';
@@ -50,6 +51,7 @@ import { MailerModule } from '@nestjs-modules/mailer';
     ConfigModule.forRoot({
       isGlobal: true,
       envFilePath: `.env.${process.env.NODE_ENV}`,
+      validationSchema: configValidationSchema,
     }),
     MongooseModule.forRootAsync({
       imports: [ConfigModule],

src/app.module.ts

@@ -1,3 +1,4 @@
+import { ConfigService } from '@nestjs/config';
 import { HttpService } from '@nestjs/axios';
 import {
   Logger,
@@ -12,21 +13,20 @@ import { HttpsProxyAgent } from 'https-proxy-agent';
 export class AuthenticationService {
   private readonly logger = new Logger(AuthenticationService.name);
 
-  constructor(private readonly httpService: HttpService) {}
+  constructor(
+    private readonly httpService: HttpService,
+    private readonly configService: ConfigService,
+  ) {}
 
   loginAuthorize(state: string, nonce: string) {
-    this.logger.log(
-      "envoi du lien d'authorization {/authentication/login_authorize} route",
-    );
-    return `${process.env.AGENTCONNECT_URL}/api/v2/authorize?response_type=code&acr_values=eidas1&scope=${process.env.AGENTCONNECT_SCOPE}&client_id=${process.env.AGENTCONNECT_CLIENTID}&redirect_uri=${process.env.AGENTCONNECT_REDIRECT_URL}/login_callback&state=${state}&nonce=${nonce}`;
+    return `${this.configService.get('AGENTCONNECT_URL')}/api/v2/authorize?response_type=code&acr_values=eidas1&scope=${this.configService.get('AGENTCONNECT_SCOPE')}&client_id=${this.configService.get('AGENTCONNECT_CLIENTID')}&redirect_uri=${this.configService.get('AGENTCONNECT_REDIRECT_URL')}/login_callback&state=${state}&nonce=${nonce}`;
   }
 
   async loginCallback(code: string, state: string, sendedState: string) {
-    this.logger.log('{/authentication/login_callback} route');
-    const client_id = process.env.AGENTCONNECT_CLIENTID;
-    const client_secret = process.env.AGENTCONNECT_SECRET;
+    const client_id = this.configService.get('AGENTCONNECT_CLIENTID');
+    const client_secret = this.configService.get('AGENTCONNECT_SECRET');
     const redirect_uri =
-      process.env.AGENTCONNECT_REDIRECT_URL + '/login_callback';
+      this.configService.get('AGENTCONNECT_REDIRECT_URL') + '/login_callback';
 
     if (sendedState !== state) {
       this.logger.warn(
@@ -41,7 +41,7 @@ export class AuthenticationService {
       const {
         data: { access_token: accessToken, id_token: idToken },
       } = await this.httpService.axiosRef.post(
-        `${process.env.AGENTCONNECT_URL}/api/v2/token`,
+        `${this.configService.get('AGENTCONNECT_URL')}/api/v2/token`,
         queryString.stringify({
           grant_type: 'authorization_code',
           code,
@@ -54,19 +54,23 @@ export class AuthenticationService {
             'Content-Type': 'application/x-www-form-urlencoded',
           },
           proxy: false,
-          httpsAgent: new HttpsProxyAgent(process.env.AGENTCONNECT_PROXYURL),
+          httpsAgent: new HttpsProxyAgent(
+            this.configService.get('AGENTCONNECT_PROXYURL'),
+          ),
         },
       );
       this.logger.log(
         "accessToken récupéré d'agentConnect {/authentication/login_callback} route",
       );
 
       const { data: userinfo } = await this.httpService.axiosRef.get(
-        `${process.env.AGENTCONNECT_URL}/api/v2/userinfo`,
+        `${this.configService.get('AGENTCONNECT_URL')}/api/v2/userinfo`,
         {
           headers: { Authorization: `Bearer ${accessToken}` },
           proxy: false,
-          httpsAgent: new HttpsProxyAgent(process.env.AGENTCONNECT_PROXYURL),
+          httpsAgent: new HttpsProxyAgent(
+            this.configService.get('AGENTCONNECT_PROXYURL'),
+          ),
         },
       );
       this.logger.log(
@@ -77,6 +81,7 @@ export class AuthenticationService {
     } catch (error) {
       this.logger.error(
         "erreur lors de récupération de l'accessToken ou userinfo d'agentConnect",
+        error,
       );
       throw new NotFoundException(
         "erreur lors de récupération de l'accessToken ou userinfo d'agentConnect",
@@ -90,9 +95,11 @@ export class AuthenticationService {
       id_token_hint: idToken,
       state,
       post_logout_redirect_uri:
-        process.env.AGENTCONNECT_REDIRECT_URL + '/logout_callback',
+        this.configService.get('AGENTCONNECT_REDIRECT_URL') +
+        '/logout_callback',
     };
-    const url = process.env.AGENTCONNECT_URL + '/api/v2/session/end' + '?';
+    const url =
+      this.configService.get('AGENTCONNECT_URL') + '/api/v2/session/end' + '?';
     return url + queryString.stringify(query);
   }
 }

src/authentication/authentication.service.ts

@@ -1,3 +1,4 @@
+import { ConfigService } from '@nestjs/config';
 import {
   Logger,
   BadRequestException,
@@ -22,6 +23,7 @@ export class ConferenceService {
     private readonly prosodyService: ProsodyService,
     private readonly jwtService: JwtService,
     private readonly mailerService: MailerService,
+    private readonly configService: ConfigService,
   ) {}
 
   async roomExists(roomName: string) {
@@ -41,10 +43,10 @@ export class ConferenceService {
       roomName.length === 30
     ) {
       const jwt = this.jwtService.sign({
-        iss: process.env.JITSI_JITSIJWT_ISS,
+        iss: this.configService.get('JITSI_JITSIJWT_ISS'),
         exp: moment().add('5', 'minutes').unix(),
-        aud: process.env.JITSI_JITSIJWT_AUD,
-        sub: process.env.JITSI_JITSIJWT_SUB,
+        aud: this.configService.get('JITSI_JITSIJWT_AUD'),
+        sub: this.configService.get('JITSI_JITSIJWT_SUB'),
         room: roomName,
       });
       return { roomName, jwt };
@@ -125,7 +127,7 @@ export class ConferenceService {
           Voici les liens pour accéder à la conférence:
           <br>
           <p style="overflow-wrap: break-word; margin:10px; color: black; background-color: white; border-radius: 2px; font-weight: bold;">
-              Lien modérateur (Valable pendant ${process.env.JITSI_JITSIJWT_EXPIRESAFTER} heures à partir de la réception de cet email) : 
+              Lien modérateur (Valable pendant ${this.configService.get('JITSI_JITSIJWT_EXPIRESAFTER')} heures à partir de la réception de cet email) : 
               <br>
               <small>Ce lien vous permet de contrôler le fonctionnement de votre conférence.</small>    
               <br>            
@@ -154,9 +156,9 @@ export class ConferenceService {
       </html>
       `;
       await this.mailerService.sendMail({
-        from: process.env.EMAIL_FROM, // sender address
+        from: this.configService.get('EMAIL_FROM'), // sender address
         to: email, // list of receivers
-        subject: process.env.EMAIL_SUBJECT + roomName, // Subject line
+        subject: this.configService.get('EMAIL_SUBJECT') + roomName, // Subject line
         html: html,
       });
 
@@ -173,7 +175,7 @@ export class ConferenceService {
         return { jwt };
       }
     } catch (error) {
-      this.logger.error("l'accessToken est expiré");
+      this.logger.error("l'accessToken est expiré", error);
       throw new UnauthorizedException("l'accessToken est expiré");
     }
   }
@@ -184,12 +186,12 @@ export class ConferenceService {
 
   sendToken(roomName: string) {
     const jwt = this.jwtService.sign({
-      iss: process.env.JITSI_JITSIJWT_ISS,
+      iss: this.configService.get('JITSI_JITSIJWT_ISS'),
       exp: moment()
-        .add(process.env.JITSI_JITSIJWT_EXPIRESAFTER, 'hours')
+        .add(this.configService.get('JITSI_JITSIJWT_EXPIRESAFTER'), 'hours')
         .unix(),
-      aud: process.env.JITSI_JITSIJWT_AUD,
-      sub: process.env.JITSI_JITSIJWT_SUB,
+      aud: this.configService.get('JITSI_JITSIJWT_AUD'),
+      sub: this.configService.get('JITSI_JITSIJWT_SUB'),
       room: roomName,
     });
     return { roomName, jwt };