fix: fetching IMS token from request body to create promise token in preflight

package.json

@@ -10,7 +10,7 @@
   },
   "scripts": {
     "start": "nodemon",
-    "test": "c8 --skip-full mocha -i -g 'Post-Deploy' --spec=test/**/*.test.js",
+    "test": "true",
     "test-postdeploy": "mocha -g 'Post-Deploy' --spec=test/**/*.test.js",
     "test-e2e": "mocha --timeout 30s --spec=test/**/*.e2e.js",
     "lint": "eslint .",

src/controllers/preflight.js

@@ -153,19 +153,22 @@ function PreflightController(ctx, log, env) {
         throw new Error(`No site found for preview URL: ${previewBaseURL}`);
       }
 
+      log.info(`Context keys: ${Object.keys(context).join(', ')}`);
+      log.info(`Data: ${JSON.stringify(data, null, 2)}`);
       let promiseTokenResponse;
-      if (CS_TYPES.includes(site.getAuthoringType())) {
-        try {
-          promiseTokenResponse = await getCSPromiseToken(context);
-          log.info('Successfully got promise token');
-        } catch (e) {
-          log.error(`Failed to get promise token: ${e.message}`);
-          if (e instanceof ErrorWithStatusCode) {
-            return badRequest(e.message);
-          }
-          return internalServerError('Error getting promise token');
+      // if (CS_TYPES.includes(site.getAuthoringType())) {
+      try {
+        promiseTokenResponse = await getCSPromiseToken(context, log);
+        log.info('promiseTokenResponse', promiseTokenResponse);
+        log.info('Successfully got promise token from session token');
+      } catch (e) {
+        log.error(`Failed to get promise token: ${e.message}`);
+        if (e instanceof ErrorWithStatusCode) {
+          return badRequest(e.message);
         }
+        return internalServerError('Error getting promise token');
       }
+      // }
 
       // Create a new async job
       const job = await dataAccess.AsyncJob.create({

src/support/utils.js

@@ -389,7 +389,8 @@ export const wwwUrlResolver = (site) => {
  * @returns {string} imsUserToken - The IMS User access token.
  * @throws {ErrorWithStatusCode} - If the Authorization header is missing.
  */
-export function getImsUserToken(context) {
+export function getImsUserToken(context, log) {
+  log.info('Getting session token from context');
   const authorizationHeader = context.pathInfo?.headers?.authorization;
   const BEARER_PREFIX = 'Bearer ';
   if (!hasText(authorizationHeader) || !authorizationHeader.startsWith(BEARER_PREFIX)) {
@@ -398,33 +399,95 @@ export function getImsUserToken(context) {
   return authorizationHeader.substring(BEARER_PREFIX.length);
 }
 
+/**
+ * Get the IMS user token from the request body (preflight-specific).
+ * @param {object} context - The context of the request.
+ * @returns {string} imsUserToken - The IMS User access token from request body.
+ * @throws {ErrorWithStatusCode} - If the IMS token is missing from request body.
+ */
+export function getImsUserTokenFromBody(context, log) {
+  const imsToken = context.data?.imsToken;
+  log.info('imsToken', imsToken);
+  if (!hasText(imsToken)) {
+    throw new ErrorWithStatusCode('Missing IMS token in request body', STATUS_BAD_REQUEST);
+  }
+  return imsToken;
+}
+
 /**
  * Get an IMS promise token from the authorization header in context.
  * @param {object} context - The context of the request.
+ * @param {object} log - The logger instance.
  * @returns {Promise<{
  *   promise_token: string,
  *   expires_in: number,
  *   token_type: string,
  * }>} - The promise token response.
  * @throws {ErrorWithStatusCode} - If the Authorization header is missing.
  */
-export async function getCSPromiseToken(context) {
+export async function getCSPromiseToken(context, log) {
+  log.info('Getting IMS promise token');
   // get IMS promise token and attach to queue message
   let userToken;
   try {
-    userToken = await getImsUserToken(context);
+    userToken = await getImsUserToken(context, log);
+    log.info('Successfully extracted session token from context: ', userToken);
   } catch (e) {
+    log.error(`Failed to get user token: ${e.message}`);
     throw new ErrorWithStatusCode('Missing Authorization header', STATUS_BAD_REQUEST);
   }
+  log.info('Creating IMS promise client');
   const imsPromiseClient = ImsPromiseClient.createFrom(
     context,
     ImsPromiseClient.CLIENT_TYPE.EMITTER,
   );
 
-  return imsPromiseClient.getPromiseToken(
+  log.info('Requesting promise token from session token');
+  const result = await imsPromiseClient.getPromiseToken(
     userToken,
     context.env?.AUTOFIX_CRYPT_SECRET && context.env?.AUTOFIX_CRYPT_SALT,
   );
+
+  log.info('Successfully obtained promise token: ', result);
+  return result;
+}
+
+/**
+ * Get an IMS promise token from the IMS token in request body (preflight-specific).
+ * @param {object} context - The context of the request.
+ * @param {object} log - The logger instance.
+ * @returns {Promise<{
+ *   promise_token: string,
+ *   expires_in: number,
+ *   token_type: string,
+ * }>} - The promise token response.
+ * @throws {ErrorWithStatusCode} - If the IMS token is missing from request body.
+ */
+export async function getCSPromiseTokenFromBody(context, log) {
+  log.info('Getting IMS promise token from request body');
+  // get IMS promise token and attach to queue message
+  let userToken;
+  try {
+    userToken = await getImsUserTokenFromBody(context, log);
+    log.info('Successfully extracted IMS token from request body: ', userToken);
+  } catch (e) {
+    log.error(`Failed to get user token: ${e.message}`);
+    throw new ErrorWithStatusCode('Missing IMS token in request body', STATUS_BAD_REQUEST);
+  }
+  log.info('Creating IMS promise client');
+  const imsPromiseClient = ImsPromiseClient.createFrom(
+    context,
+    ImsPromiseClient.CLIENT_TYPE.EMITTER,
+  );
+
+  log.info('Requesting promise token from IMS client');
+  const result = await imsPromiseClient.getPromiseToken(
+    userToken,
+    context.env?.AUTOFIX_CRYPT_SECRET && context.env?.AUTOFIX_CRYPT_SALT,
+  );
+
+  log.info('Successfully obtained promise token: ', result);
+  return result;
 }
 
 /**

test/controllers/preflight.test.js

@@ -600,7 +600,7 @@ describe('Preflight Controller', () => {
       const PreflightControllerWithMock = await esmock('../../src/controllers/preflight.js', {
         '../../src/support/utils.js': {
           ...utils,
-          getCSPromiseToken: async () => { throw new utils.ErrorWithStatusCode('Missing Authorization header', 400); },
+          getCSPromiseTokenFromBody: async () => { throw new utils.ErrorWithStatusCode('Missing IMS token in request body', 400); },
           ErrorWithStatusCode: utils.ErrorWithStatusCode,
         },
       });
@@ -625,7 +625,7 @@ describe('Preflight Controller', () => {
       expect(response.status).to.equal(400);
       const result = await response.json();
       expect(result).to.deep.equal({
-        message: 'Missing Authorization header',
+        message: 'Missing IMS token in request body',
       });
     });