feat: add backend feature flag for auth redirect and form retrieval

Author: eliotlim

src/app/modules/form/public-form/public-form.controller.ts

@@ -1,9 +1,9 @@
-import {HttpStatusCode} from 'axios'
-import {celebrate, Joi, Segments} from 'celebrate'
-import {StatusCodes} from 'http-status-codes'
-import {err, ok, Result} from 'neverthrow'
+import { HttpStatusCode } from 'axios'
+import { celebrate, Joi, Segments } from 'celebrate'
+import { StatusCodes } from 'http-status-codes'
+import { err, ok, Result } from 'neverthrow'
 
-import {featureFlags} from '../../../../../shared/constants'
+import { featureFlags } from '../../../../../shared/constants'
 import {
   ErrorCode,
   ErrorDto,
@@ -17,37 +17,48 @@ import {
   PublicFormViewDto,
   StrippedFormWorkflowDto,
 } from '../../../../../shared/types'
-import {stripWorkflowEmails} from '../../../../../shared/utils/strip-workflow-emails'
-import {IPopulatedMultirespondentForm} from '../../../../types'
-import {createLoggerWithLabel} from '../../../config/logger'
-import {isMongoError} from '../../../utils/handle-mongo-error'
-import {createReqMeta, getRequestIp} from '../../../utils/request'
-import {getFormIfPublic} from '../../auth/auth.service'
+import { stripWorkflowEmails } from '../../../../../shared/utils/strip-workflow-emails'
+import { IPopulatedMultirespondentForm } from '../../../../types'
+import { createLoggerWithLabel } from '../../../config/logger'
+import { isMongoError } from '../../../utils/handle-mongo-error'
+import { createReqMeta, getRequestIp } from '../../../utils/request'
+import { getFormIfPublic } from '../../auth/auth.service'
 import * as BillingService from '../../billing/billing.service'
-import {ControllerHandler} from '../../core/core.types'
-import {MyInfoData} from '../../myinfo/myinfo.adapter'
+import { ControllerHandler } from '../../core/core.types'
+import { MyInfoData } from '../../myinfo/myinfo.adapter'
 import {
   MYINFO_AUTH_CODE_COOKIE_NAME,
   MYINFO_AUTH_CODE_COOKIE_OPTIONS,
   MYINFO_LOGIN_COOKIE_NAME,
   MYINFO_LOGIN_COOKIE_OPTIONS,
 } from '../../myinfo/myinfo.constants'
-import {MyInfoService} from '../../myinfo/myinfo.service'
-import {createMyInfoLoginCookie, extractAuthCode, getMyInfoEserviceIdInForm,} from '../../myinfo/myinfo.util'
-import {SGIDMyInfoData} from '../../sgid/sgid.adapter'
+import { MyInfoService } from '../../myinfo/myinfo.service'
+import {
+  createMyInfoLoginCookie,
+  extractAuthCode,
+  getMyInfoEserviceIdInForm,
+} from '../../myinfo/myinfo.util'
+import { SGIDMyInfoData } from '../../sgid/sgid.adapter'
 import {
   SGID_CODE_VERIFIER_COOKIE_NAME,
   SGID_COOKIE_NAME,
   SGID_MYINFO_COOKIE_NAME,
   SGID_MYINFO_LOGIN_COOKIE_NAME,
 } from '../../sgid/sgid.constants'
-import {SgidInvalidJwtError, SgidMalformedMyInfoCookieError, SgidVerifyJwtError,} from '../../sgid/sgid.errors'
-import {SgidService} from '../../sgid/sgid.service'
-import {validateSgidForm} from '../../sgid/sgid.util'
-import {InvalidJwtError, VerifyJwtError} from '../../spcp/spcp.errors'
-import {getOidcService} from '../../spcp/spcp.oidc.service'
-import {getRedirectTargetSpcpOidc, validateSpcpForm,} from '../../spcp/spcp.util'
-import {generateHashedSubmitterId} from '../../submission/submission.utils'
+import {
+  SgidInvalidJwtError,
+  SgidMalformedMyInfoCookieError,
+  SgidVerifyJwtError,
+} from '../../sgid/sgid.errors'
+import { SgidService } from '../../sgid/sgid.service'
+import { validateSgidForm } from '../../sgid/sgid.util'
+import { InvalidJwtError, VerifyJwtError } from '../../spcp/spcp.errors'
+import { getOidcService } from '../../spcp/spcp.oidc.service'
+import {
+  getRedirectTargetSpcpOidc,
+  validateSpcpForm,
+} from '../../spcp/spcp.util'
+import { generateHashedSubmitterId } from '../../submission/submission.utils'
 import {
   AuthTypeMismatchError,
   FormRespondentNotWhitelistedError,
@@ -57,7 +68,7 @@ import {
 import * as FormService from '../form.service'
 
 import * as PublicFormService from './public-form.service'
-import {mapFormAuthError, mapRouteError} from './public-form.utils'
+import { mapFormAuthError, mapRouteError } from './public-form.utils'
 
 const logger = createLoggerWithLabel(module)
 
@@ -117,7 +128,7 @@ export const handleGetPublicForm: ControllerHandler<
   const form = formResult.value
   const publicForm = form.getPublicView() as PublicFormDto
 
-  const { authType } = form
+  let authType = form.authType
   const isIntranetUser = FormService.checkIsIntranetFormAccess(
     getRequestIp(req),
     form,
@@ -127,6 +138,14 @@ export const handleGetPublicForm: ControllerHandler<
     return res.json({ form: publicForm, isIntranetUser })
   }
 
+  if (req?.growthbook?.isOn(featureFlags.useFormsgMyinfo) && [
+    FormAuthType.SP,
+    FormAuthType.SGID,
+    FormAuthType.SGID_MyInfo,
+  ].includes(authType)) {
+    authType = FormAuthType.MyInfo
+  }
+
   let spcpSession
   let myInfoFields
 
@@ -657,29 +676,43 @@ export const _handleFormAuthRedirect: ControllerHandler<
   // NOTE: Using retrieveFullForm instead of retrieveForm to ensure authType always exists
   return FormService.retrieveFullFormById(formId)
     .andThen((form) => {
-      if (req.growthbook?.isOn(featureFlags.useFormsgMyinfo)) {
-        form.authType = FormAuthType.MyInfo
+      if (
+        req.growthbook?.isOn(featureFlags.useFormsgMyinfo) &&
+        [FormAuthType.SP, FormAuthType.SGID, FormAuthType.SGID_MyInfo].includes(
+          form.authType,
+        )
+      ) {
+        logger.info({
+          message: `Using FormSG MyInfo flag, setting authType to MyInfo`,
+          meta: {
+            previousAuthType: form.authType,
+            forceAuthType: FormAuthType.MyInfo,
+            ...logMeta,
+          },
+        })
+        formAuthType = FormAuthType.MyInfo
+      } else {
+        formAuthType = form.authType
       }
       return ok(form)
     })
     .andThen((form) => {
-      formAuthType = form.authType
-      const useFormsgEsrvcId = req.growthbook?.isOn(
-        featureFlags.useFormsgEsrvcId,
-      )
-      switch (form.authType) {
+      switch (formAuthType) {
         case FormAuthType.MyInfo:
-          return getMyInfoEserviceIdInForm(form, useFormsgEsrvcId).andThen(
-            ([form, eserviceId]) =>
-              MyInfoService.createRedirectURL({
-                formEsrvcId: eserviceId,
-                formId,
-                requestedAttributes: form.getUniqueMyInfoAttrs(),
-                encodedQuery,
-              }),
+          logger.info({ message: 'MyInfo form', meta: logMeta })
+          return getMyInfoEserviceIdInForm(form, {
+            growthbook: req.growthbook,
+          }).andThen(([form, eserviceId]) =>
+            MyInfoService.createRedirectURL({
+              formEsrvcId: eserviceId,
+              formId,
+              requestedAttributes: form.getUniqueMyInfoAttrs(),
+              encodedQuery,
+            }),
           )
         case FormAuthType.SP: {
           return validateSpcpForm(form).asyncAndThen((form) => {
+            logger.info({ message: 'SP form', meta: logMeta })
             const target = getRedirectTargetSpcpOidc(
               formId,
               FormAuthType.SP,

src/app/modules/myinfo/myinfo.controller.ts

@@ -1,7 +1,6 @@
 import { celebrate, Joi, Segments } from 'celebrate'
 import { StatusCodes } from 'http-status-codes'
 
-import { featureFlags } from '../../../../shared/constants'
 import { Environment } from '../../../types'
 import config from '../../config/config'
 import { createLoggerWithLabel } from '../../config/logger'
@@ -48,9 +47,10 @@ export const respondWithRedirectURL: ControllerHandler<
   { formId: string; encodedQuery?: string }
 > = async (req, res) => {
   const { formId, encodedQuery } = req.query
-  const useFormsgEsrvcId = req.growthbook?.isOn(featureFlags.useFormsgEsrvcId)
   return FormService.retrieveFormById(formId)
-    .andThen((form) => getMyInfoEserviceIdInForm(form, useFormsgEsrvcId))
+    .andThen((form) =>
+      getMyInfoEserviceIdInForm(form, { growthbook: req.growthbook }),
+    )
     .andThen(([form, eserviceId]) =>
       MyInfoService.createRedirectURL({
         formEsrvcId: eserviceId,

src/app/modules/myinfo/myinfo.util.ts

@@ -1,3 +1,4 @@
+import { GrowthBook } from '@growthbook/growthbook'
 import bcrypt from 'bcrypt'
 import { StatusCodes } from 'http-status-codes'
 import jwt from 'jsonwebtoken'
@@ -6,6 +7,7 @@ import mongoose, { FlattenMaps } from 'mongoose'
 import { err, ok, Result } from 'neverthrow'
 import { v4 as uuidv4, validate as validateUUID } from 'uuid'
 
+import { featureFlags } from '../../../../shared/constants'
 import {
   myInfoCountries,
   myInfoDialects,
@@ -38,6 +40,7 @@ import {
 } from '../../../types'
 import { spcpMyInfoConfig } from '../../config/features/spcp-myinfo.config'
 import { createLoggerWithLabel } from '../../config/logger'
+import Growthbook from '../../loaders/express/growthbook'
 import { DatabaseError } from '../core/core.errors'
 import {
   AuthTypeMismatchError,
@@ -316,15 +319,18 @@ export const createRelayState = (
 /**
  * returns form with an e-service ID if form is a MyInfo form
  * @param form Form to validate
+ * @param ctx Optional context containing request information
  */
 export const getMyInfoEserviceIdInForm = <T extends IFormSchema>(
   form: T,
-  useFormsgEsrvcId?: boolean,
+  ctx?: { growthbook?: GrowthBook },
 ): Result<
-  [MyInfoForm<T>, string],
+  [MyInfoForm<T> | IFormSchema, string],
   FormAuthNoEsrvcIdError | AuthTypeMismatchError
 > => {
-  if (isMyInfoForm(form)) {
+  const useFormsgEsrvcId = ctx?.growthbook?.isOn(featureFlags.useFormsgEsrvcId)
+  const useFormsgMyinfo = ctx?.growthbook?.isOn(featureFlags.useFormsgMyinfo)
+  if (isMyInfoForm(form) || useFormsgMyinfo) {
     const esrvcId = useFormsgEsrvcId
       ? spcpMyInfoConfig.spEsrvcId
       : form.esrvcId || spcpMyInfoConfig.spEsrvcId