BAU: refactor send mfa code error handling to helper function

alhcomer · alhcomer · commit 41ec30d1a06c · 2025-05-28T12:08:37.000+01:00
diff --git a/src/components/enter-password/enter-password-controller.ts b/src/components/enter-password/enter-password-controller.ts
@@ -28,6 +28,7 @@ import { supportAccountInterventions } from "../../config.js";
 import { getJourneyTypeFromUserSession } from "../common/journey/journey.js";
 import { accountInterventionService } from "../account-intervention/account-intervention-service.js";
 import type { AccountInterventionsInterface } from "../account-intervention/types.js";
+import { handleSendMfaCodeError } from "../../utils/send-mfa-code-error-helper.js";
 
 const ENTER_PASSWORD_TEMPLATE = "enter-password/index.njk";
 const ENTER_PASSWORD_VALIDATION_KEY =
@@ -210,27 +211,7 @@ export function enterPasswordPost(
       );
 
       if (!result.success) {
-        if (result.data.code === ERROR_CODES.MFA_CODE_REQUESTS_BLOCKED) {
-          return res.render("security-code-error/index-wait.njk");
-        }
-
-        if (result.data.code === ERROR_CODES.ENTERED_INVALID_MFA_MAX_TIMES) {
-          return res.render(
-            "security-code-error/index-security-code-entered-exceeded.njk",
-            {
-              show2HrScreen: true,
-              contentId: "727a0395-cc00-48eb-a411-bfe9d8ac5fc8",
-            }
-          );
-        }
-
-        const path = getErrorPathByCode(result.data.code);
-
-        if (path) {
-          return res.redirect(path);
-        }
-
-        throw new BadRequestError(result.data.message, result.data.code);
+        return handleSendMfaCodeError(result, res);
       }
     }
     return res.redirect(
diff --git a/src/components/how-do-you-want-security-codes/how-do-you-want-security-codes-controller.ts b/src/components/how-do-you-want-security-codes/how-do-you-want-security-codes-controller.ts
@@ -1,17 +1,14 @@
 import type { Request, Response } from "express";
 import { MFA_METHOD_TYPE, PATH_NAMES } from "../../app.constants.js";
 import type { ExpressRouteFunc, MfaMethod } from "../../types.js";
-import {
-  ERROR_CODES,
-  getErrorPathByCode,
-  getNextPathAndUpdateJourney,
-} from "../common/constants.js";
+import { getNextPathAndUpdateJourney } from "../common/constants.js";
 import { USER_JOURNEY_EVENTS } from "../common/state-machine/state-machine.js";
 import type { MfaServiceInterface } from "../common/mfa/types.js";
 import { mfaService } from "../common/mfa/mfa-service.js";
 import xss from "xss";
 import { getJourneyTypeFromUserSession } from "../common/journey/journey.js";
 import { BadRequestError } from "../../utils/error.js";
+import { handleSendMfaCodeError } from "../../utils/send-mfa-code-error-helper.js";
 
 export function sortMfaMethodsBackupFirst(
   mfaMethods: MfaMethod[]
@@ -65,27 +62,7 @@ export function howDoYouWantSecurityCodesPost(
         );
 
         if (!result.success) {
-          if (result.data.code === ERROR_CODES.MFA_CODE_REQUESTS_BLOCKED) {
-            return res.render("security-code-error/index-wait.njk");
-          }
-
-          if (result.data.code === ERROR_CODES.ENTERED_INVALID_MFA_MAX_TIMES) {
-            return res.render(
-              "security-code-error/index-security-code-entered-exceeded.njk",
-              {
-                show2HrScreen: true,
-                contentId: "727a0395-cc00-48eb-a411-bfe9d8ac5fc8",
-              }
-            );
-          }
-
-          const path = getErrorPathByCode(result.data.code);
-
-          if (path) {
-            return res.redirect(path);
-          }
-
-          throw new BadRequestError(result.data.message, result.data.code);
+          return handleSendMfaCodeError(result, res);
         }
       }
 
diff --git a/src/utils/send-mfa-code-error-helper.ts b/src/utils/send-mfa-code-error-helper.ts
@@ -0,0 +1,34 @@
+import type { ApiResponseResult, DefaultApiResponse } from "../types.js";
+import type { Response } from "express";
+import {
+  ERROR_CODES,
+  getErrorPathByCode,
+} from "../components/common/constants.js";
+import { BadRequestError } from "./error.js";
+
+export const handleSendMfaCodeError = (
+  result: ApiResponseResult<DefaultApiResponse>,
+  res: Response
+) => {
+  if (result.data.code === ERROR_CODES.MFA_CODE_REQUESTS_BLOCKED) {
+    return res.render("security-code-error/index-wait.njk");
+  }
+
+  if (result.data.code === ERROR_CODES.ENTERED_INVALID_MFA_MAX_TIMES) {
+    return res.render(
+      "security-code-error/index-security-code-entered-exceeded.njk",
+      {
+        show2HrScreen: true,
+        contentId: "727a0395-cc00-48eb-a411-bfe9d8ac5fc8",
+      }
+    );
+  }
+
+  const path = getErrorPathByCode(result.data.code);
+
+  if (path) {
+    return res.redirect(path);
+  }
+
+  throw new BadRequestError(result.data.message, result.data.code);
+};
diff --git a/test/unit/utils/send-mfa-code-error-helper.test.ts b/test/unit/utils/send-mfa-code-error-helper.test.ts
@@ -0,0 +1,72 @@
+import { describe } from "mocha";
+import { mockResponse } from "mock-req-res";
+import type { Response } from "express";
+import type {
+  ApiResponseResult,
+  DefaultApiResponse,
+} from "../../../src/types.js";
+import { ERROR_CODES } from "../../../src/components/common/constants.js";
+import { handleSendMfaCodeError } from "../../../src/utils/send-mfa-code-error-helper.js";
+import { expect } from "../../utils/test-utils.js";
+import { createApiResponse } from "../../../src/utils/http.js";
+import { BadRequestError } from "../../../src/utils/error.js";
+
+describe("send mfa code error helper", () => {
+  const res: Response = mockResponse();
+  let result: ApiResponseResult<DefaultApiResponse>;
+
+  it("should return render security-code-error/index-wait", () => {
+    result = createApiResponse({
+      config: undefined,
+      headers: undefined,
+      status: 0,
+      statusText: "",
+      data: { code: ERROR_CODES.MFA_CODE_REQUESTS_BLOCKED },
+    });
+    handleSendMfaCodeError(result, res);
+    expect(res.render).to.have.calledWith("security-code-error/index-wait.njk");
+  });
+
+  it("should return render security-code-error/index-security-code-entered-exceeded", () => {
+    result = createApiResponse({
+      config: undefined,
+      headers: undefined,
+      status: 0,
+      statusText: "",
+      data: { code: ERROR_CODES.ENTERED_INVALID_MFA_MAX_TIMES },
+    });
+    handleSendMfaCodeError(result, res);
+    expect(res.render).to.have.calledWith(
+      "security-code-error/index-security-code-entered-exceeded.njk"
+    );
+  });
+
+  it("should redirect to error path associated with a code", () => {
+    result = createApiResponse({
+      config: undefined,
+      headers: undefined,
+      status: 0,
+      statusText: "",
+      data: {
+        code: ERROR_CODES.VERIFY_CHANGE_HOW_GET_SECURITY_CODES_MAX_CODES_SENT,
+      },
+    });
+    handleSendMfaCodeError(result, res);
+    expect(res.redirect).to.have.calledWith(
+      "/security-code-requested-too-many-times?actionType=changeSecurityCodesEmailMaxCodesSent"
+    );
+  });
+
+  it("should throw bad request error", () => {
+    result = createApiResponse({
+      config: undefined,
+      headers: undefined,
+      status: 0,
+      statusText: "",
+      data: { code: 123456789 },
+    });
+    expect(() => {
+      handleSendMfaCodeError(result, res);
+    }).to.throw(BadRequestError);
+  });
+});
