Merge changes from v2.1.0-next.1 into main (#20)

.vscode/extensions.json

@@ -14,11 +14,11 @@
 
     // Linting/formatting features:
     "dbaeumer.vscode-eslint",
-		"esbenp.prettier-vscode",
+    "esbenp.prettier-vscode",
 
     // Markdown/documentation features:
-		"bierner.markdown-preview-github-styles",
-    "bierner.markdown-mermaid",
+    "bierner.markdown-preview-github-styles",
+    "bierner.markdown-mermaid"
   ],
 
   // List of extensions recommended by VS Code that should not be recommended for users of this workspace.

CHANGELOG.md

@@ -4,6 +4,27 @@ All notable changes to this project will be documented in this file.
 
 ---
 
+# [2.1.0-next.1](https://github.com/Nerdware-LLC/fixit-api/compare/v2.0.1...v2.1.0-next.1) (2024-03-24)
+
+
+### Bug Fixes
+
+* correct DateTime validity logic ([6273a0a](https://github.com/Nerdware-LLC/fixit-api/commit/6273a0a4e4d6df5b466272769ab5f621a1a9d9e4))
+* ensure every next call wraps an Error ([9efc8e5](https://github.com/Nerdware-LLC/fixit-api/commit/9efc8e58eedd6d54db2ab7f9bb58f30025bf986b))
+* update google OAuth related logic ([9fa247b](https://github.com/Nerdware-LLC/fixit-api/commit/9fa247b11d083166650e81f2eb75a57701b10dc2))
+
+
+### Features
+
+* add Google OAuth2 client ([5529074](https://github.com/Nerdware-LLC/fixit-api/commit/5529074517b445d8ab9b3814995ae68dfc837b3e))
+* add googleID/googleIDToken handling ([0f8df48](https://github.com/Nerdware-LLC/fixit-api/commit/0f8df48eb6f664346515e93083f825356a49438f))
+* add isValidTimestamp util ([ce20e7f](https://github.com/Nerdware-LLC/fixit-api/commit/ce20e7f2e928644764ddc20c77e2f950d7948f6c))
+* rm requirement for user.sca.id ([e46c681](https://github.com/Nerdware-LLC/fixit-api/commit/e46c6816f79592b4432629389c3b3653e673df36))
+* set 'phone' and sca fields to allow null ([4fa7ccf](https://github.com/Nerdware-LLC/fixit-api/commit/4fa7ccfdd39e6f443928c31b078ed27709ce6b22))
+* update codegen'd types ([7cf2141](https://github.com/Nerdware-LLC/fixit-api/commit/7cf21412be8bf58cb2afd2d25f0dc8ad0c6a548f))
+* update local gql shema file for nullable phone ([9e98c85](https://github.com/Nerdware-LLC/fixit-api/commit/9e98c85af321f17e6121b9a11646ee5b4de10104))
+* update logic to allow 'phone' to be optional ([b2df714](https://github.com/Nerdware-LLC/fixit-api/commit/b2df7145e91f70282fe57b786323900b58e9f9bc))
+
 ## [2.0.1](https://github.com/Nerdware-LLC/fixit-api/compare/v2.0.0...v2.0.1) (2024-03-10)
 
 ## [2.0.1-next.1](https://github.com/Nerdware-LLC/fixit-api/compare/v2.0.0...v2.0.1-next.1) (2024-03-10)

README.md

@@ -181,7 +181,8 @@ flowchart LR
   admin --> csp("/api/admin/csp-violation \n­\n • CSP #quot;report-to#quot;" target)
   admin --> healthcheck("/api/admin/healthcheck \n­\n • Healthchecks target")
   auth --> register("/api/auth/register \n­\n • User registration")
-  auth --> login("/api/auth/login \n­\n • User login requests. Accepts \n email+pw or Google OAuth")
+  auth --> login("/api/auth/login \n­\n • User logins via Local\n or OAuth mechanisms")
+  auth --> googleToken("/api/auth/google-token \n­\n • User logins via Google\nOAuth2 OneTap FedCM")
   auth --> token("/api/auth/token \n­\n • Refreshes auth tokens")
   connect --> accountLink("/api/connect/account-link \n­\n • Returns a link to the Stripe-hosted\nConnect onboarding portal")
   connect --> dashboardLink("/api/connect/dashboard-link \n­\n • Returns a link to the Stripe-hosted\naccount management portal")
@@ -224,7 +225,7 @@ This API uses a single DynamoDB table with primary keys `pk` and `sk`, along wit
 
 ### Fixit-API Access Patterns
 
-<!-- TODO add commentary here re: DynamoDB Access Patterns -->
+<!-- TODO Add commentary here re: DynamoDB Access Patterns -->
 
 - **USERS**
   - Find a User by their email
@@ -247,11 +248,7 @@ This API uses a single DynamoDB table with primary keys `pk` and `sk`, along wit
   - Find a User's WorkOrders using their user ID
   - Find WorkOrders within a given date range
 
-<!-- TODO talk more about
-  - the DB generally
-  - Adjacency Lists design pattern
-  - Excellent query patterns
--->
+<!-- TODO Write more about the DB generally, adjacency Lists design patterns, excellent query patterns. -->
 
 ### Single Table Design
 

docs/endpoints/auth.google-token.yaml

@@ -0,0 +1,17 @@
+## yaml-language-server: $schema=https://raw.githubusercontent.com/OAI/OpenAPI-Specification/main/schemas/v3.1/schema.yaml#/$defs/path-item
+
+# POST /auth/token
+
+post:
+  operationId: GoogleToken
+  summary: Processes JSON JWT payloads from GoogleID services (existing users only)
+  security: []
+  tags: [auth]
+  requestBody: { $ref: "../open-api.yaml#/components/requestBodies/GoogleTokenRequest" }
+  responses:
+    # TODO Update 200 to use 200.AuthTokenAndPreFetchedUserItems, then run codegen
+    "200": { $ref: "../open-api.yaml#/components/responses/200AuthToken" }
+    "400": { $ref: "../open-api.yaml#/components/responses/400InvalidUserInput" }
+    "401": { $ref: "../open-api.yaml#/components/responses/401AuthenticationRequired" }
+    "5XX": { $ref: "../open-api.yaml#/components/responses/5xxInternalServerError" }
+    default: { $ref: "../open-api.yaml#/components/responses/UnexpectedResponse" }

docs/objectProperties/googleIDToken.yaml

@@ -0,0 +1,2 @@
+type: string
+description: "A base64-encoded JSON JWT from GoogleID services (auth: google-oauth)."

docs/objectProperties/phone.yaml

@@ -1,4 +1,6 @@
-type: string
+type:
+  - string
+  - "null"
 description: |
   A user's phone number. Currently this API only supports US phone numbers. All
   whitespace, non-numeric characters, and country/calling code prefixes will be

docs/open-api.yaml

@@ -3,7 +3,7 @@
 openapi: "3.1.0"
 info:
   title: Fixit REST API
-  version: "1.23.0"
+  version: "2.0.1"
   description: API for Fixit auth and user account management.
   termsOfService: "https://gofixit.app/tos"
   contact:
@@ -12,10 +12,11 @@ info:
     url: "https://github.com/trevor-anderson"
   license:
     name: Proprietary
-    url: "https://raw.githubusercontent.com/Nerdware-LLC/fixit-api/main/LICENSE?token=GHSAT0AAAAAACNMYXYE3P3MCJON2YGKRFQCZNWLHXQ"
+    url: "https://raw.githubusercontent.com/Nerdware-LLC/fixit-api/main/LICENSE"
 servers:
   - { url: "http://localhost:8080/api", description: Local Dev Server }
-  - { url: "https://gofixit.app/api", description: Production Server }
+  - { url: "https://gofixit.app/api", description: Production API }
+  - { url: "https://staging.gofixit.app/api", description: Staging API }
 tags:
   - { name: admin, description: Administrative endpoints }
   - { name: auth, description: Authentication endpoints }
@@ -30,6 +31,7 @@ paths:
   "/auth/login": { $ref: "./endpoints/auth.login.yaml" }
   "/auth/register": { $ref: "./endpoints/auth.register.yaml" }
   "/auth/token": { $ref: "./endpoints/auth.token.yaml" }
+  "/auth/google-token": { $ref: "./endpoints/auth.google-token.yaml" }
   "/connect/account-link": { $ref: "./endpoints/connect.account-link.yaml" }
   "/connect/dashboard-link": { $ref: "./endpoints/connect.dashboard-link.yaml" }
   "/subscriptions/check-promo-code": { $ref: "./endpoints/subscriptions.check-promo-code.yaml" }
@@ -40,17 +42,16 @@ components:
     JwtBearerAuth: { $ref: "./securitySchemes/JwtBearerAuth.yaml" }
   requestBodies:
     CheckPromoCodeRequest: { $ref: "./requestBodies/CheckPromoCodeRequest.yaml" }
+    GoogleTokenRequest: { $ref: "./requestBodies/GoogleTokenRequest.yaml" }
     LoginRequest: { $ref: "./requestBodies/LoginRequest.yaml" }
     RefreshAuthTokenRequest: { $ref: "./requestBodies/RefreshAuthTokenRequest.yaml" }
     StripeLinkRequest: { $ref: "./requestBodies/StripeLinkRequest.yaml" }
     UserRegistrationRequest: { $ref: "./requestBodies/UserRegistrationRequest.yaml" }
+  # prettier-ignore
   responses:
     200AuthToken: { $ref: "./responses/200.AuthToken.yaml" }
-    200AuthTokenAndPreFetchedUserItems:
-      { $ref: "./responses/200.AuthTokenAndPreFetchedUserItems.yaml" }
-    200AuthTokenAndCheckoutCompletionInfo: {
-        $ref: "./responses/200.AuthTokenAndCheckoutCompletionInfo.yaml",
-      } # prettier-ignore
+    200AuthTokenAndPreFetchedUserItems: { $ref: "./responses/200.AuthTokenAndPreFetchedUserItems.yaml" }
+    200AuthTokenAndCheckoutCompletionInfo: { $ref: "./responses/200.AuthTokenAndCheckoutCompletionInfo.yaml" }
     200CheckPromoCode: { $ref: "./responses/200.CheckPromoCode.yaml" }
     200StripeLink: { $ref: "./responses/200.StripeLink.yaml" }
     400InvalidUserInput: { $ref: "./responses/400.InvalidUserInput.yaml" }
@@ -60,13 +61,15 @@ components:
     404ResourceNotFound: { $ref: "./responses/404.ResourceNotFound.yaml" }
     5xxInternalServerError: { $ref: "./responses/5xx.InternalServerError.yaml" }
     UnexpectedResponse: { $ref: "./responses/default.UnexpectedResponse.yaml" }
+  # prettier-ignore
   schemas:
     # REQUEST-RELATED SCHEMAS:
     UserRegistrationParams: { $ref: "./schemas/UserRegistrationParams.yaml" }
     LoginParams: { $ref: "./schemas/LoginParams.yaml" }
     LoginCredentials: { $ref: "./schemas/LoginCredentials.yaml" }
     LocalLoginCredentials: { $ref: "./schemas/LoginCredentials.Local.yaml" }
     GoogleOAuthLoginCredentials: { $ref: "./schemas/LoginCredentials.GoogleOAuth.yaml" }
+    GoogleIDTokenField: { $ref: "./schemas/GoogleIDTokenField.yaml" }
     UserProfileParams: { $ref: "./schemas/UserProfileParams.yaml" }
     ExpoPushTokenParam: { $ref: "./schemas/ExpoPushTokenParam.yaml" }
     # RESPONSE-RELATED SCHEMAS:
@@ -78,9 +81,7 @@ components:
     WorkOrder: { $ref: "./schemas/WorkOrder.yaml" }
     PromoCodeInfoResponseField: { $ref: "./schemas/PromoCodeInfoResponseField.yaml" }
     PromoCodeInfo: { $ref: "./schemas/PromoCodeInfo.yaml" }
-    CheckoutCompletionInfoResponseField: {
-        $ref: "./schemas/CheckoutCompletionInfoResponseField.yaml",
-      } # prettier-ignore
+    CheckoutCompletionInfoResponseField: { $ref: "./schemas/CheckoutCompletionInfoResponseField.yaml" }
     CheckoutCompletionInfo: { $ref: "./schemas/CheckoutCompletionInfo.yaml" }
     StripeLinkResponseField: { $ref: "./schemas/StripeLinkResponseField.yaml" }
     # OTHER SCHEMAS:
@@ -92,8 +93,7 @@ components:
     # OBJECT PROPERTIES:
     CreatedAt: { $ref: "./objectProperties/createdAt.yaml" }
     Email: { $ref: "./objectProperties/email.yaml" }
-    GoogleAccessToken: { $ref: "./objectProperties/googleAccessToken.yaml" }
-    GoogleID: { $ref: "./objectProperties/googleID.yaml" }
+    GoogleIDToken: { $ref: "./objectProperties/googleIDToken.yaml" }
     Handle: { $ref: "./objectProperties/handle.yaml" }
     Password: { $ref: "./objectProperties/password.yaml" }
     PaymentMethodID: { $ref: "./objectProperties/paymentMethodID.yaml" }

docs/requestBodies/GoogleTokenRequest.yaml

@@ -0,0 +1,8 @@
+## yaml-language-server: $schema=https://raw.githubusercontent.com/OAI/OpenAPI-Specification/main/schemas/v3.1/schema.yaml#/$defs/request-body
+
+# req.body for /auth/google-token
+
+required: true
+content:
+  application/json:
+    schema: { $ref: "../open-api.yaml#/components/schemas/GoogleIDTokenField" }

docs/schemas/GoogleIDTokenField.yaml

@@ -0,0 +1,12 @@
+## yaml-language-server: $schema=https://raw.githubusercontent.com/OAI/OpenAPI-Specification/main/schemas/v3.1/schema.yaml#/$defs/schema
+
+# REST Schema: GoogleIDTokenField
+
+type: object
+description: |
+  An object which contains a base64-encoded JSON JWT from GoogleID services
+  under the key "googleIDToken".
+properties:
+  googleIDToken: { $ref: "../open-api.yaml#/components/schemas/GoogleIDToken" }
+required:
+  - googleIDToken

docs/schemas/LoginCredentials.GoogleOAuth.yaml

@@ -6,9 +6,7 @@ type: object
 description: The user's login credentials for google-oauth authentication
 properties:
   email: { $ref: "../open-api.yaml#/components/schemas/Email" }
-  googleID: { $ref: "../open-api.yaml#/components/schemas/GoogleID" }
-  googleAccessToken: { $ref: "../open-api.yaml#/components/schemas/GoogleAccessToken" }
+  googleIDToken: { $ref: "../open-api.yaml#/components/schemas/GoogleIDToken" }
 required:
   - email
-  - googleID
-  - googleAccessToken
+  - googleIDToken

docs/schemas/UserRegistrationParams.yaml

@@ -14,4 +14,3 @@ allOf:
     required:
       - handle
       - email
-      - phone

fixit@current.graphql

@@ -19,12 +19,12 @@ type Query {
   This query returns a paginated list of Users whose handle begins with the provided
   `handle` argument, which can be incomplete but must at least contain two characters:
   the beginning "@", and one character that's either alphanumeric or an underscore.
-
+  
   Note that this query is intended to be used in conjunction with a pagination utility
   like [Apollo's `fetchMore` function](https://www.apollographql.com/docs/react/pagination/core-api#the-fetchmore-function).
-
+  
   ### ROADMAP:
-
+  
   - Matching Algorithm Change: In the future, the Contact selection method used in this
     query will either be replaced by a fuzzy-matching system based on the Levenshtein-Demerau
     model, or a cloud-based search service like ElasticSearch. This change will eliminate
@@ -43,7 +43,7 @@ type Query {
     """
     The number of searchable Users to skip before returning results (default 0, min 0).
     **This argument should only be used if all of the following conditions are true:**
-
+    
       1. A previous call to this query returned the maximum number of results (i.e., `limit`).
       2. The User who made the previous call wants to retrieve more results.
       3. The `handle` argument in the previous call is a valid substring of the `handle`
@@ -119,7 +119,7 @@ interface FixitUser {
   email: Email!
 
   """Phone number of either a User or Contact"""
-  phone: String!
+  phone: String
 
   """Profile object of either a User or Contact"""
   profile: Profile!
@@ -161,7 +161,7 @@ type Contact implements FixitUser {
   email: Email!
 
   """Contact phone number"""
-  phone: String!
+  phone: String
 
   """Contact Profile object"""
   profile: Profile!
@@ -298,8 +298,8 @@ type User implements FixitUser {
   """(Immutable) User's own email address"""
   email: Email!
 
-  """(Immutable) User's own phone number"""
-  phone: String!
+  """User's own phone number"""
+  phone: String
 
   """
   (Mobile-Only) User's Expo push token, used to send push notifications to the User's mobile device