fix: Move to using scopes correctly from LogTo [DEV-3090] (#317)

* - Move to asking scope directly from logto
- refactorings and cleanups

* Review comments

* - Refactor error codes
- Rename /key/{:key} to /key/read/{:key}

---------

Co-authored-by: Ankur Banerjee <ankurdotb@users.noreply.github.com>

package.json

@@ -70,6 +70,7 @@
 		"express-session": "^1.17.3",
 		"express-validator": "^7.0.1",
 		"helmet": "^7.0.0",
+		"http-status-codes": "^2.2.0",
 		"json-stringify-safe": "^5.0.1",
 		"node-cache": "^5.1.2",
 		"pg": "^8.11.1",

src/app.ts

@@ -4,23 +4,25 @@ import cors from 'cors'
 import session from 'express-session'
 import cookieParser from 'cookie-parser'
 import path from 'path'
+import swaggerUi from 'swagger-ui-express'
+import { StatusCodes } from 'http-status-codes'
+
 import { CredentialController } from './controllers/credentials.js'
-import { StoreController } from './controllers/store.js'
 import { IssuerController } from './controllers/issuer.js'
 import { AccountController } from './controllers/customer.js'
 import { Authentication } from './middleware/authentication.js'
 import { Connection } from './database/connection/connection.js'
 import { RevocationController } from './controllers/revocation.js'
-import { CORS_ERROR_MSG } from './types/constants.js'
+import { CORS_ERROR_MSG, configLogToExpress } from './types/constants.js'
 import { LogToWebHook } from './middleware/hook.js'
 import { Middleware } from './middleware/middleware.js'
-import swaggerUi from 'swagger-ui-express'
 
 import * as dotenv from 'dotenv'
 dotenv.config()
 
 // Define Swagger file
 import swaggerDocument from './static/swagger.json' assert { type: "json" }
+import { handleAuthRoutes, withLogto } from '@logto/express'
 
 let swaggerOptions = {}
 if (process.env.ENABLE_AUTHENTICATION === 'true') {
@@ -63,9 +65,9 @@ class App {
     if (process.env.ENABLE_AUTHENTICATION === 'true') {
       this.express.use(session({secret: process.env.COOKIE_SECRET, cookie: { maxAge: 14 * 24 * 60 * 60 }}))
       // Authentication functions/methods
-      this.express.use(async (req, res, next) => await auth.setup(req, res, next))
-      this.express.use(async (req, res, next) => await auth.wrapperHandleAuthRoutes(req, res, next))
-      this.express.use(async (req, res, next) => await auth.withLogtoWrapper(req, res, next))
+      this.express.use(async (req, res, next) => await auth.setup(next))
+      this.express.use(handleAuthRoutes(configLogToExpress))
+      this.express.use(withLogto(configLogToExpress))
       if (process.env.ENABLE_EXTERNAL_DB === 'true') {
         this.express.use(async (req, res, next) => await auth.guard(req, res, next))
       }
@@ -104,13 +106,9 @@ class App {
     app.post('/credential-status/check', RevocationController.commonValidator, RevocationController.checkValidator, new RevocationController().checkStatusList)
     app.get('/credential-status/search', RevocationController.commonValidator, new RevocationController().fetchStatusList)
 
-    // store
-    app.post(`/store`, new StoreController().set)
-    app.get(`/store/:id`, new StoreController().get)
-
     // Keys API
     app.post(`/key/create`, new IssuerController().createKey)
-    app.get(`/key/:kid`, new IssuerController().getKey)
+    app.get(`/key/read/:kid`, new IssuerController().getKey)
 
     // DIDs API 
     app.post(`/did/create`, IssuerController.createValidator, new IssuerController().createDid)
@@ -136,7 +134,7 @@ class App {
           {extensions: ['js'], index: false}))
 
     // 404 for all other requests
-    app.all('*', (req, res) => res.status(400).send('Bad request'))
+    app.all('*', (req, res) => res.status(StatusCodes.BAD_REQUEST).send('Bad request'))
   }
 
 }

src/controllers/credentials.ts

@@ -1,5 +1,6 @@
 import type { Request, Response } from 'express'
 import type { VerifiableCredential } from '@veramo/core'
+import { StatusCodes } from 'http-status-codes'
 
 import { check, query, validationResult } from 'express-validator'
 
@@ -80,7 +81,7 @@ export class CredentialController {
   public async issue(request: Request, response: Response) {
     const result = validationResult(request)
     if (!result.isEmpty()) {
-      return response.status(400).json({ error: result.array()[0].msg })
+      return response.status(StatusCodes.BAD_REQUEST).json({ error: result.array()[0].msg })
     }
 
     // Handles string input instead of an array
@@ -93,9 +94,9 @@ export class CredentialController {
 
     try {
       const credential: VerifiableCredential = await Credentials.instance.issue_credential(request.body, response.locals.customerId)
-      response.status(200).json(credential)
+      response.status(StatusCodes.OK).json(credential)
     } catch (error) {
-        return response.status(500).json({
+        return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
             error: `${error}`
         })
     }
@@ -148,7 +149,7 @@ export class CredentialController {
   public async verify(request: Request, response: Response) {
     const result = validationResult(request)
     if (!result.isEmpty()) {
-        return response.status(400).json({ error: result.array()[0].msg })
+        return response.status(StatusCodes.BAD_REQUEST).json({ error: result.array()[0].msg })
     }
 
     const { credential, policies } = request.body
@@ -162,14 +163,14 @@ export class CredentialController {
             }
         )
         if (result.error) {
-            return response.status(400).json({
+            return response.status(StatusCodes.BAD_REQUEST).json({
                 verified: result.verified,
                 error: result.error
             })
         }
-		return response.status(200).json(result)
+		return response.status(StatusCodes.OK).json(result)
     } catch (error) {
-        return response.status(500).json({
+        return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
             error: `${error}`
         })
     }
@@ -217,14 +218,14 @@ export class CredentialController {
   public async revoke(request: Request, response: Response) {
     const result = validationResult(request)
     if (!result.isEmpty()) {
-        return response.status(400).json({ error: result.array()[0].msg })
+        return response.status(StatusCodes.BAD_REQUEST).json({ error: result.array()[0].msg })
     }
 
     const publish = request.query.publish === 'false' ? false : true
     try {
-		return response.status(200).json(await new Identity(response.locals.customerId).agent.revokeCredentials(request.body.credential, publish, response.locals.customerId))
+		return response.status(StatusCodes.OK).json(await new Identity(response.locals.customerId).agent.revokeCredentials(request.body.credential, publish, response.locals.customerId))
     } catch (error) {
-        return response.status(500).json({
+        return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
             error: `${error}`
         })
     }
@@ -270,13 +271,13 @@ export class CredentialController {
   public async suspend(request: Request, response: Response) {
     const result = validationResult(request)
     if (!result.isEmpty()) {
-        return response.status(400).json({ error: result.array()[0].msg })
+        return response.status(StatusCodes.BAD_REQUEST).json({ error: result.array()[0].msg })
     }
 
     try {
-		return response.status(200).json(await new Identity(response.locals.customerId).agent.suspendCredentials(request.body.credential, request.body.publish, response.locals.customerId))
+		return response.status(StatusCodes.OK).json(await new Identity(response.locals.customerId).agent.suspendCredentials(request.body.credential, request.body.publish, response.locals.customerId))
     } catch (error) {
-        return response.status(500).json({
+        return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
             error: `${error}`
         })
     }
@@ -322,13 +323,13 @@ export class CredentialController {
   public async reinstate(request: Request, response: Response) {
     const result = validationResult(request)
     if (!result.isEmpty()) {
-        return response.status(400).json({ error: result.array()[0].msg })
+        return response.status(StatusCodes.BAD_REQUEST).json({ error: result.array()[0].msg })
     }
 
     try {
-		return response.status(200).json(await new Identity(response.locals.customerId).agent.reinstateCredentials(request.body.credential, request.body.publish, response.locals.customerId))
+		return response.status(StatusCodes.OK).json(await new Identity(response.locals.customerId).agent.reinstateCredentials(request.body.credential, request.body.publish, response.locals.customerId))
     } catch (error) {
-        return response.status(500).json({
+        return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
             error: `${error}`
         })
     }
@@ -381,7 +382,7 @@ export class CredentialController {
   public async verifyPresentation(request: Request, response: Response) {
     const result = validationResult(request)
     if (!result.isEmpty()) {
-        return response.status(400).json({ error: result.array()[0].msg })
+        return response.status(StatusCodes.BAD_REQUEST).json({ error: result.array()[0].msg })
     }
 
     const { presentation, verifierDid, policies } = request.body
@@ -396,14 +397,14 @@ export class CredentialController {
             }
         )
         if (result.error) {
-            return response.status(400).json({
+            return response.status(StatusCodes.BAD_REQUEST).json({
                 verified: result.verified,
                 error: result.error
             })
         }
-		return response.status(200).json(result)
+		return response.status(StatusCodes.OK).json(result)
     } catch (error) {
-        return response.status(500).json({
+        return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
             error: `${error}`
         })
     }

src/controllers/customer.ts

@@ -2,6 +2,7 @@ import type { Request, Response } from 'express'
 
 import { CustomerService } from '../services/customer.js'
 import { LogToHelper } from '../middleware/auth/logto.js'
+import { StatusCodes } from 'http-status-codes'
 
 export class AccountController {
 
@@ -31,15 +32,15 @@ export class AccountController {
         try {
             const customer = await CustomerService.instance.create(response.locals.customerId)
             if(!customer) {
-                return response.status(400).json({
+                return response.status(StatusCodes.BAD_REQUEST).json({
                     error: `Error creating customer. Please try again`
                 })
             }
-            return response.status(200).json({
+            return response.status(StatusCodes.OK).json({
                 customerId: customer.customerId,
             })
         } catch (error) {
-            return response.status(500).json({
+            return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
                 error: `Error creating customer ${error}`
             })
         }
@@ -71,17 +72,17 @@ export class AccountController {
         try {
             const result = await CustomerService.instance.get(response.locals.customerId)
             if(result && !Array.isArray(result)) {
-                return response.status(200).json({
+                return response.status(StatusCodes.OK).json({
                     customerId: result.customerId,
                     address: result.address
                 })
             }
 
-            return response.status(400).json({
+            return response.status(StatusCodes.BAD_REQUEST).json({
                 error: 'Customer not found'
             })
         } catch (error) {
-            return response.status(500).json({
+            return response.status(StatusCodes. INTERNAL_SERVER_ERROR).json({
                 error: `${error}`
             })
         }
@@ -92,15 +93,17 @@ export class AccountController {
             const { body } = request
             if (!body.user.isSuspended) {
                 const logToHelper = new LogToHelper()
-                await logToHelper.setup()
-                const resp = await logToHelper.setDefaultRoleForUser(body.user.id as string)
-                if (resp) {
-                    return response.status(resp.status).json({
-                        error: resp.error})
+                const _r = await logToHelper.setup()
+                if (_r.status !== StatusCodes.OK) {
+                    return response.status(StatusCodes.BAD_GATEWAY).json({
+                        error: _r.error
+                    })
                 }
-                return response.status(500).json({})
+                const resp = await logToHelper.setDefaultRoleForUser(body.user.id as string)
+                return response.status(resp.status).json({
+                    error: resp.error})
             }
         }
-        return response.status(400).json({})
+        return response.status(StatusCodes.BAD_REQUEST).json({})
     }
 }