refactor: inject trainee ID in to controllers #492
Conversation
Create a TraineeIdentityInterceptor to inject trainee identity details (traineeTisId) in to the request scope. The interceptor will run on each request and provides a single place where the JWT token needs to be handled to extract the trainee ID. The TraineeIdentity can be autowired in to any existing controllers and will be auto-populated with the trainee ID. NO-TICKET
Refactor the existing controllers which are currently handling extracting the trainee ID from the auth token themselves. Autowire a TraineeIdentity to the controllers and get the trainee ID from it. NO-TICKET
| String token = TestJwtUtil.generateToken("{}"); | ||
|
|
||
| this.mockMvc.perform(get("/api/trainee-profile") | ||
| .contentType(MediaType.APPLICATION_JSON) | ||
| .header(HttpHeaders.AUTHORIZATION, token)) | ||
| .andExpect(status().isNotFound()); | ||
| .andExpect(status().isBadRequest()); |
There was a problem hiding this comment.
I suppose the new response for this and other requests without the token is not enough to comprise a breaking change.
There was a problem hiding this comment.
I don't believe so no, one of the benefits of this not being a documented API (yet) 😉
The previous 404 feels like an oversight anyway, we only get it because we previously passed traineeId = null from API -> service -> repo. Which is just a waste of processing.
At some point it will change again to return 403 Forbidden when there is no trainee ID, which is what the new CCT endpoints will return. But the external (trainee facing) and internal (sync facing) endpoints need untangling first to make that easier to achieve (likely by replacing the internal calls with event listeners).
|
feat: create interceptor to inject trainee ID
Create a TraineeIdentityInterceptor to inject trainee identity details
(traineeTisId) in to the request scope.
The interceptor will run on each request and provides a single place
where the JWT token needs to be handled to extract the trainee ID. The
TraineeIdentity can be autowired in to any existing controllers and will
be auto-populated with the trainee ID.
refactor: controllers to use TraineeIdentity
Refactor the existing controllers which are currently handling
extracting the trainee ID from the auth token themselves. Autowire a
TraineeIdentity to the controllers and get the trainee ID from it.