Merged in feat/sw-2866-move-partners-router-to-trpc-package (pull request #2414)

feat(sw-2866): Move partners router to trpc package

* Add eslint to trpc package

* Apply lint rules

* Use direct imports from trpc package

* Add lint-staged config to trpc

* Move lang enum to common

* Restructure trpc package folder structure

* WIP first step

* update internal imports in trpc

* Fix most errors in scandic-web

Just 100 left...

* Move Props type out of trpc

* Fix CategorizedFilters types

* Move more schemas in hotel router

* Fix deps

* fix getNonContentstackUrls

* Fix import error

* Fix entry error handling

* Fix generateMetadata metrics

* Fix alertType enum

* Fix duplicated types

* lint:fix

* Merge branch 'master' into feat/sw-2863-move-contentstack-router-to-trpc-package

* Fix broken imports

* Move booking router to trpc package

* Move partners router to trpc package

* Merge branch 'master' into feat/sw-2866-move-partners-router-to-trpc-package


Approved-by: Linus Flood

packages/trpc/lib/routers/partners/sas/otp/constants.ts

@@ -0,0 +1,2 @@
+export const SAS_REQUEST_OTP_STATE_STORAGE_COOKIE_NAME =
+  "sas-x-scandic-request-otp-state"

packages/trpc/lib/routers/partners/sas/otp/getOTPState.ts

@@ -0,0 +1,18 @@
+import { cookies } from "next/headers"
+import { z } from "zod"
+
+import { SAS_REQUEST_OTP_STATE_STORAGE_COOKIE_NAME } from "./constants"
+
+const otpStateSchema = z.object({
+  referenceId: z.string().uuid(),
+  databaseUUID: z.string().uuid(),
+})
+
+export type OtpState = z.infer<typeof otpStateSchema>
+
+export async function getOTPState() {
+  const cookieStore = await cookies()
+  const otpState = cookieStore.get(SAS_REQUEST_OTP_STATE_STORAGE_COOKIE_NAME)
+
+  return otpStateSchema.parse(JSON.parse(otpState?.value ?? "{}"))
+}

packages/trpc/lib/routers/partners/sas/otp/request/requestOtp.ts

@@ -0,0 +1,136 @@
+import * as Sentry from "@sentry/nextjs"
+import { TRPCError } from "@trpc/server"
+import { cookies } from "next/headers"
+import { v4 as uuidv4 } from "uuid"
+import { z } from "zod"
+
+import { env } from "../../../../../../env/server"
+import { protectedProcedure } from "../../../../../procedures"
+import { getSasToken } from "../../getSasToken"
+import { SAS_REQUEST_OTP_STATE_STORAGE_COOKIE_NAME } from "../constants"
+import {
+  parseSASRequestOtpError,
+  type RequestOtpGeneralError,
+} from "./requestOtpError"
+
+import type { OtpState } from "../getOTPState"
+
+const successSchema = z.object({
+  status: z.literal("SENT"),
+  referenceId: z.string().uuid(),
+  databaseUUID: z.string().uuid(),
+  otpExpiration: z.number(),
+  otpReceiver: z.string(),
+})
+
+const failureSchema = z.object({
+  status: z.enum([
+    "VERIFIED",
+    "ABUSED",
+    "EXPIRED",
+    "PENDING",
+    "RETRY",
+    "NULL",
+    "NOTSENT",
+  ]),
+})
+
+const outputSchema = z.union([successSchema, failureSchema])
+
+export const requestOtp = protectedProcedure
+  .output(outputSchema)
+  .mutation(async function () {
+    const sasAuthToken = await getSasToken()
+
+    if (!sasAuthToken) {
+      throw createError("AUTH_TOKEN_NOT_FOUND")
+    }
+
+    const tokenResponse = await fetchRequestOtp({ sasAuthToken })
+    console.log(
+      "[SAS] requestOtp",
+      tokenResponse.status,
+      tokenResponse.statusText
+    )
+
+    const body = await tokenResponse.json()
+    const parseResult = outputSchema.safeParse(body)
+    if (!parseResult.success) {
+      console.error("[SAS] requestOtp error", body)
+
+      if (!tokenResponse.ok) {
+        throw createError(body)
+      }
+      throw createError(parseResult.error)
+    }
+
+    if (parseResult.data.status === "SENT") {
+      setSASOtpCookie(parseResult.data)
+    } else {
+      const sasRequestOtpErrorMessage = `[SAS] requestOtp did not return SENT status with body: ${JSON.stringify(body)}`
+      console.warn(sasRequestOtpErrorMessage)
+      Sentry.captureMessage(sasRequestOtpErrorMessage)
+    }
+
+    return parseResult.data
+  })
+
+function createError(
+  errorBody:
+    | {
+        status: string
+        error: string
+        errorCode: number
+        databaseUUID: string
+      }
+    | Error
+    | RequestOtpGeneralError
+): TRPCError {
+  const errorInfo = parseSASRequestOtpError(errorBody)
+  console.error("[SAS] createError", errorInfo)
+  return new TRPCError({
+    code: "BAD_REQUEST",
+    cause: errorInfo,
+  })
+}
+
+async function fetchRequestOtp({ sasAuthToken }: { sasAuthToken: string }) {
+  const endpoint = `${env.SAS_API_ENDPOINT}/api/scandic-partnership/customer/send-otp`
+
+  console.log("[SAS]: Requesting OTP")
+
+  return await fetch(endpoint, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "Ocp-Apim-Subscription-Key": env.SAS_OCP_APIM,
+      Authorization: `Bearer ${sasAuthToken}`,
+    },
+    body: JSON.stringify({
+      referenceId: uuidv4(),
+    }),
+    signal: AbortSignal.timeout(15_000),
+  })
+}
+
+async function setSASOtpCookie({
+  referenceId,
+  databaseUUID,
+}: {
+  referenceId: string
+  databaseUUID: string
+}) {
+  const cookieStore = await cookies()
+  cookieStore.set(
+    SAS_REQUEST_OTP_STATE_STORAGE_COOKIE_NAME,
+    JSON.stringify({
+      referenceId: referenceId,
+      databaseUUID: databaseUUID,
+    } satisfies OtpState),
+    {
+      httpOnly: true,
+      maxAge: 3600,
+      secure: env.NODE_ENV !== "development",
+    }
+  )
+}

packages/trpc/lib/routers/partners/sas/otp/request/requestOtpError.ts

@@ -0,0 +1,70 @@
+import { z } from "zod"
+
+export type RequestOtpResponseError = "TOO_MANY_REQUESTS" | "UNKNOWN"
+
+const requestOtpGeneralError = z.enum([
+  "AUTH_TOKEN_EXPIRED",
+  "AUTH_TOKEN_NOT_FOUND",
+  "UNKNOWN",
+])
+export type RequestOtpGeneralError = z.infer<typeof requestOtpGeneralError>
+
+export type RequestOtpError = {
+  errorCode: RequestOtpResponseError | RequestOtpGeneralError
+}
+export function parseSASRequestOtpError(
+  error: SasOtpRequestError | {}
+): RequestOtpError {
+  const parseResult = sasOtpRequestErrorSchema.safeParse(error)
+  if (!parseResult.success) {
+    const generalErrorResult = requestOtpGeneralError.safeParse(error)
+    if (!generalErrorResult.success) {
+      return {
+        errorCode: "UNKNOWN",
+      }
+    }
+
+    return {
+      errorCode: generalErrorResult.data,
+    }
+  }
+
+  return {
+    errorCode: getErrorCodeByNumber(parseResult.data.errorCode),
+  }
+}
+
+const SAS_REQUEST_OTP_ERROR_CODES: {
+  [key in Exclude<RequestOtpResponseError, "UNKNOWN">]: number
+} = {
+  TOO_MANY_REQUESTS: 10,
+}
+
+const getErrorCodeByNumber = (number: number): RequestOtpResponseError => {
+  const v =
+    Object.entries(SAS_REQUEST_OTP_ERROR_CODES).find(
+      ([_, value]) => value === number
+    )?.[0] ?? "UNKNOWN"
+
+  console.log("[SAS] getErrorCodeByNumber", number, v)
+  return v as RequestOtpResponseError
+}
+
+const sasOtpRequestErrorSchema = z.object({
+  status: z.enum([
+    "VERIFIED",
+    "ABUSED",
+    "EXPIRED",
+    "PENDING",
+    "RETRY",
+    "SENT",
+    "NULL",
+    "NOTSENT",
+  ]),
+  otpExpiration: z.string().datetime(),
+  error: z.string(),
+  errorCode: z.number(),
+  databaseUUID: z.string().uuid(),
+})
+
+export type SasOtpRequestError = z.infer<typeof sasOtpRequestErrorSchema>

packages/trpc/lib/routers/partners/sas/otp/verify/verifyOtp.ts

@@ -0,0 +1,111 @@
+import { TRPCError } from "@trpc/server"
+import { z } from "zod"
+
+import { env } from "../../../../../../env/server"
+import { protectedProcedure } from "../../../../../procedures"
+import { getSasToken } from "../../getSasToken"
+import { getOTPState } from "../getOTPState"
+import {
+  parseSASVerifyOtpError,
+  type VerifyOtpGeneralError,
+} from "./verifyOtpError"
+
+const inputSchema = z.object({
+  otp: z.string(),
+})
+
+const outputSchema = z.object({
+  status: z.enum([
+    "VERIFIED",
+    "ABUSED",
+    "EXPIRED",
+    "PENDING",
+    "RETRY",
+    "SENT",
+    "NULL",
+    "NOTSENT",
+  ]),
+  referenceId: z.string().uuid().optional(),
+  databaseUUID: z.string().uuid().optional(),
+})
+
+export const verifyOtp = protectedProcedure
+  .input(inputSchema)
+  .output(outputSchema)
+  .mutation(async function ({ input }) {
+    const sasAuthToken = await getSasToken()
+
+    if (!sasAuthToken) {
+      throw createError("AUTH_TOKEN_NOT_FOUND")
+    }
+
+    const verifyResponse = await fetchVerifyOtp(input)
+    console.log(
+      "[SAS] verifyOTP",
+      verifyResponse.status,
+      verifyResponse.statusText
+    )
+
+    if (verifyResponse.status > 499) {
+      console.error("[SAS] verifyOTP error", await verifyResponse.text())
+      throw new TRPCError({
+        code: "SERVICE_UNAVAILABLE",
+        message: "Error from downstream SAS service",
+      })
+    }
+
+    const data = await verifyResponse.json()
+    console.log("[SAS] verifyOTP data", data)
+    const result = outputSchema.safeParse(data)
+    if (!result.success) {
+      console.error("[SAS] verifyOTP error", result.error)
+      throw createError(data)
+    }
+
+    console.log("[SAS] verifyOTP success")
+    console.log("[SAS] verifyOTP responding", result.data)
+
+    return result.data
+  })
+
+async function fetchVerifyOtp(input: z.infer<typeof inputSchema>) {
+  const sasAuthToken = await getSasToken()
+  const { referenceId, databaseUUID } = await getOTPState()
+
+  return await fetch(
+    `${env.SAS_API_ENDPOINT}/api/scandic-partnership/customer/verify-otp`,
+    {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Ocp-Apim-Subscription-Key": env.SAS_OCP_APIM,
+        Authorization: `Bearer ${sasAuthToken}`,
+      },
+      body: JSON.stringify({
+        referenceId: referenceId,
+        otpCode: input.otp,
+        databaseUUID: databaseUUID,
+      }),
+      signal: AbortSignal.timeout(15_000),
+    }
+  )
+}
+
+function createError(
+  errorBody:
+    | {
+        status: string
+        error: string
+        errorCode: number
+        databaseUUID: string
+      }
+    | Error
+    | VerifyOtpGeneralError
+): TRPCError {
+  const errorInfo = parseSASVerifyOtpError(errorBody)
+
+  return new TRPCError({
+    code: "BAD_REQUEST",
+    cause: errorInfo,
+  })
+}

packages/trpc/lib/routers/partners/sas/otp/verify/verifyOtpError.ts

@@ -0,0 +1,57 @@
+import { z } from "zod"
+
+export type VerifyOtpResponseError = "OTP_EXPIRED" | "WRONG_OTP" | "UNKNOWN"
+
+const VerifyOtpGeneralError = z.enum(["AUTH_TOKEN_NOT_FOUND", "UNKNOWN"])
+export type VerifyOtpGeneralError = z.infer<typeof VerifyOtpGeneralError>
+
+export type VerifyOtpError = {
+  errorCode: VerifyOtpResponseError | VerifyOtpGeneralError
+}
+export function parseSASVerifyOtpError(
+  error: SasOtpVerifyError | {}
+): VerifyOtpError {
+  const parseResult = sasOtpVerifyErrorSchema.safeParse(error)
+  if (!parseResult.success) {
+    const generalErrorResult = VerifyOtpGeneralError.safeParse(error)
+    if (!generalErrorResult.success) {
+      return {
+        errorCode: "UNKNOWN",
+      }
+    }
+
+    return {
+      errorCode: generalErrorResult.data,
+    }
+  }
+
+  return {
+    errorCode: getErrorCodeByNumber(parseResult.data.errorCode),
+  }
+}
+
+const SAS_VERIFY_OTP_ERROR_CODES: {
+  [key in Exclude<VerifyOtpResponseError, "UNKNOWN">]: number
+} = {
+  OTP_EXPIRED: 1,
+  WRONG_OTP: 2,
+}
+
+const getErrorCodeByNumber = (number: number): VerifyOtpResponseError => {
+  const v =
+    Object.entries(SAS_VERIFY_OTP_ERROR_CODES).find(
+      ([_, value]) => value === number
+    )?.[0] ?? "UNKNOWN"
+
+  return v as VerifyOtpResponseError
+}
+
+const sasOtpVerifyErrorSchema = z.object({
+  status: z.string(),
+  otpExpiration: z.string().datetime(),
+  error: z.string(),
+  errorCode: z.number(),
+  databaseUUID: z.string().uuid(),
+})
+
+export type SasOtpVerifyError = z.infer<typeof sasOtpVerifyErrorSchema>