feat(testitall): Update the test starter-kit (#237)

jnxyp · web-flow · commit 028bd04a5cf7 · 2024-03-01T10:17:54.000-05:00
Update OpenAPI spec to use relative URL
Remove hosted server info
Update Mock server to support patch test
Update `AlmostTooLarge` context test limit to 130KB
Renamed `securitySchemes` in OpenAPI spec to v2 standard
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/.dockerignore b/integrations/extensions/starter-kits/testitall/mock-server/.dockerignore
@@ -1,4 +1,3 @@
 node_modules
 npm-debug.log
 package-lock.json
-.env
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/.env-sample b/integrations/extensions/starter-kits/testitall/mock-server/.env-sample
@@ -1,7 +1,7 @@
 API_SERVER_PORT=4000
 
-# The response size limit for WA extensions, in bytes; Used by the Context too large tests. Default is 102400 (100KB).
-RESPONSE_SIZE_LIMIT=102400
+# The response size limit for WA extensions, in bytes; Used by the Context too large tests. Default is 133120 (130KB).
+RESPONSE_SIZE_LIMIT=133120
 
 # [Authentication Credentials]
 # Basic Authentication
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/Dockerfile b/integrations/extensions/starter-kits/testitall/mock-server/Dockerfile
@@ -10,8 +10,6 @@ RUN npm install --only=production
 
 # Bundle app source
 COPY . .
-# Copy .env-sample to .env
-COPY .env-sample .env
 
 EXPOSE 4000
 
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/delay-controller.js b/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/delay-controller.js
@@ -9,10 +9,8 @@ export async function delay(req, res) {
   });
 }
 
-async function sleep(milliseconds) {
-  const promise = new Promise();
-  setTimeout(() => {
-    promise.resolve();
-  }, milliseconds);
-  return promise;
-}
+function sleep(milliseconds) {
+  return new Promise((resolve) => {
+    setTimeout(resolve, milliseconds);
+  });
+}
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/auth-code.js b/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/auth-code.js
@@ -8,7 +8,7 @@ function issueAccessToken() {
   const accessToken = Math.random().toString(36).slice(-8)
   const accessExpireTime = Date.now() + 1000 * parseInt(process.env.OAUTH_ACCESS_TOKEN_EXPIRES, 10)
   accessTokensAuthCode.set(accessToken, accessExpireTime)
-  console.log('[auth code] Issuing token:', accessToken)
+  console.log(`[auth code] Issuing token: ${accessToken}, expires: ${new Date(accessExpireTime)}`)
 
   return accessToken
 }
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/client-cred.js b/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/client-cred.js
@@ -8,7 +8,7 @@ function issueAccessToken() {
   const accessToken = Math.random().toString(36).slice(-8)
   const accessExpireTime = Date.now() + 1000 * parseInt(process.env.OAUTH_ACCESS_TOKEN_EXPIRES, 10)
   accessTokensClientCred.set(accessToken, accessExpireTime)
-  console.log('[client cred] Issuing token:', accessToken)
+  console.log(`[client cred] Issuing token: ${accessToken}, expires: ${new Date(accessExpireTime)}`)
 
   return accessToken
 }
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/custom-apikey.js b/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/custom-apikey.js
@@ -10,7 +10,7 @@ function issueAccessToken() {
   const accessExpireTime = Date.now() + 1000 * parseInt(process.env.OAUTH_ACCESS_TOKEN_EXPIRES, 10)
   accessTokensCustomApikey.set(accessToken, accessExpireTime)
 
-  console.log('[custom apikey] Issuing token:', accessToken)
+  console.log(`[custom apikey] Issuing token: ${accessToken}, expires: ${new Date(accessExpireTime)}`)
   return accessToken
 }
 
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/password.js b/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/oauth-providers/password.js
@@ -6,7 +6,7 @@ function issueAccessToken() {
   const accessToken = Math.random().toString(36).slice(-8)
   const accessExpireTime = Date.now() + 1000 * parseInt(process.env.OAUTH_ACCESS_TOKEN_EXPIRES, 10)
   accessTokensPassword.set(accessToken, accessExpireTime)
-  console.log('[password] Issuing token:', accessToken)
+  console.log(`[password] Issuing token: ${accessToken}, expires: ${new Date(accessExpireTime)}`)
 
   return accessToken
 }
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/security-controller.js b/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/security-controller.js
@@ -27,10 +27,11 @@ export function basicTest(req, res) {
 // Bearer Auth Middleware
 export function bearerAuthMiddleware(req, res, next) {
   // parse login and password from headers
-  const token = (req.headers.authorization || '').split(' ')[1] || ''
+  const authHeader = req.headers.authorization || ''
+  const token = authHeader.split(' ')[1] || ''
 
   // Verify login and password are set and correct
-  if (req.headers.authorization.toLowerCase().startsWith("bearer") && token === process.env.AUTH_TOKEN) {
+  if (authHeader.toLowerCase().startsWith("bearer") && token === process.env.AUTH_TOKEN) {
     // Access granted...
     return next()
   }
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/test-controller.js b/integrations/extensions/starter-kits/testitall/mock-server/server/controllers/test-controller.js
@@ -32,15 +32,22 @@ export function postTest(req, res) {
   }
 }
 
+export function patchTest(req, res) {
+  return res.json({
+    status: 'PATCHED',
+  });
+}
+
 export function authHeaderTest(req, res) {
   return res.json({
     auth_header: req.header('Authorization') || 'No Authorization header provided',
   });
 }
 
 export function arraysInObjectTest(req, res) {
+  const my_array = req.body.my_array || [];
   return res.json({
-    my_chosen_item: req.body.item, reverse_array: req.body.my_array.reverse(), status: 'POST Array Object',
+    my_chosen_item: req.body.item, reverse_array: my_array.reverse(), status: 'POST Array Object',
   });
 }
 
@@ -59,7 +66,7 @@ export function errorTest(req, res) {
 
 
 export function contextTooLargeTest(req, res) {
-  const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) * 5); // Default: 500KB
+  const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) * 5); // Default: 130KB * 5 = 650KB
   const response = {
     data: fakeData
   }
@@ -68,7 +75,7 @@ export function contextTooLargeTest(req, res) {
 }
 
 export function contextAlmostTooLargeTest(req, res) {
-  const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) - 1024); // Default: 99KB
+  const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) - 1024); // Default: 130KB - 1KB = 129KB
 
   const response = {
     data: fakeData
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/routes/test-route.js b/integrations/extensions/starter-kits/testitall/mock-server/server/routes/test-route.js
@@ -9,6 +9,7 @@ router.delete('', testController.deleteTest);
 router.get('', testController.getTest);
 router.put('', testController.putTest);
 router.post('', testController.postTest);
+router.patch('', testController.patchTest);
 router.post('/error', testController.errorTest);
 router.post('/params/:path_param', testController.postTest);
 router.post('/auth_header', testController.authHeaderTest);
diff --git a/integrations/extensions/starter-kits/testitall/mock-server/server/server.js b/integrations/extensions/starter-kits/testitall/mock-server/server/server.js
@@ -23,7 +23,7 @@ const app = express();
 app.use(morgan('dev'));
 
 // enable parsing of http request body
-app.use(bodyParser.urlencoded({extended: false}));
+app.use(bodyParser.urlencoded({extended: true}));
 app.use(bodyParser.json());
 
 // access to static files
diff --git a/integrations/extensions/starter-kits/testitall/readme.md b/integrations/extensions/starter-kits/testitall/readme.md
@@ -26,87 +26,35 @@ Assistant:
 
 ## Mock API Server
 
-The custom extension requires a running API server to test the OpenAPI specification. We provide an existing mock 
-server or the ability to deploy your own.
-
-### Use IBM Hosted Mock API Server
-
-We provide a hosted mock API server for you to test the OpenAPI specification. To use that server, please select
-`https://custom-ext-testitall-ce.vkgqdtxxpfe.us-south.codeengine.appdomain.cloud` in the Servers dropdown on the Authentication tab
-while adding the extension to your Watson Assistant.
-
-### Deploy the Mock API Server by yourself
-
-1. Deploy the express.js application to your server.
-    - In a terminal, navigate to the `testitall/mock-server` folder.
-    - Run `npm install` to install the dependencies.
-    - Copy the `.env-sample` file to `.env`, and update the environment variables if needed.
-    - Run `npm start` to start the server at port `4000`.
-2. Update the server URLs in the OpenAPI specification file `testitall.openapi.json` to point to your server.
-    - Assume your API server is running at `https://myserver.com:4000`
-        - If you would like to test the OAuth2 related feature, then the API server must be running with HTTPS.
-          - This mock server doesn't come with HTTPS support by itself, please consider to deploy with reverse proxy or third-party proxy service (e.g. ngrok) to
-            enable HTTPS.
-        - The server URL should NOT contain the tailing slash.
-    - Update the `servers` section in the OpenAPI specification file to:
-      ```json
-      "servers": [
-        {
-          "url": "https://myserver.com:4000",
-          "description": "Your API server",
-          "variables": {}
-        }
-      ]
-      ```
-    - If you would like to test the OAuth2 related feature, update the `components/securitySchemes/OAuth2` section to:
-      ```json
-      "OAuth2": {
-        "type": "oauth2",
-        "flows": {
-          "authorizationCode": {
-            "authorizationUrl": "https://myserver.com:4000/oauth2-provider/auth-code/authorize",
-            "tokenUrl": "https://myserver.com:4000/oauth2-provider/auth-code/token",
-            "refreshUrl": "https://myserver.com:4000/oauth2-provider/auth-code/token",
-            "scopes": {
-              "read": "Read access to protected resources",
-              "custom": "Add your own scope"
-            }
-          },
-          "password": {
-            "tokenUrl": "https://myserver.com:4000/oauth2-provider/password/token",
-            "refreshUrl": "https://myserver.com:4000/oauth2-provider/password/token",
-            "scopes": {
-              "read": "Read access to protected resources",
-              "custom": "Add your own scope"
-            }
-          },
-          "clientCredentials": {
-            "tokenUrl": "https://myserver.com:4000/oauth2-provider/client-cred/token",
-            "refreshUrl": "https://myserver.com:4000/oauth2-provider/client-cred/token",
-            "scopes": {
-              "read": "Read access to protected resources",
-              "custom": "Add your own scope"
-            }
-          },
-          "x-apikey": {
-            "tokenUrl": "https://myserver.com:4000/oauth2-provider/custom-apikey/token",
-            "refreshUrl": "https://myserver.com:4000/oauth2-provider/custom-apikey/token",
-            "grantType": "custom_apikey",
-            "secretKeys": [
-              "apikey_secret"
-            ],
-            "scopes": {
-              "read": "Read access to protected resources",
-              "custom": "Add your own scope"
-            }
-          }
-        }
-      }
-        ```
-    - Upload the updated OpenAPI specification file to create a new custom extension, and add it to your Watson
-      Assistant.
-    - Upload actions to your Watson Assistant.
-    - After the actions were uploaded, **edit each action to use the extension**.
+The custom extension requires a running API server to test the OpenAPI specification.
+
+### Local Deployment
+
+1. Install [Node.js](https://nodejs.org/en/download/).
+2. Clone the repo and navigate to the `testitall/mock-server` folder.
+3. Run `npm install` to install the dependencies.
+4. Copy the `.env-sample` file to `.env`, and update the environment variables if needed.
+5. Run `npm start` to start the server at port `4000`.
+6. The server is now running at `http://localhost:4000`. You should see "The mock API server is up and running" when
+   open the URL in your browser.
+
+To allow Watson Assistant to access the API server, you need to expose the server to the internet. You can use tools
+like
+[ngrok](https://ngrok.com/) to do that. After installing ngrok, run `ngrok http 4000` to expose the server to the
+internet.
+
+### IBM Cloud Code Engine Deployment
+
+The server comes with the Dockerfile for Code Engine deployment. To deploy the server to Code Engine, please follow the
+steps below:
+
+1. Build the docker image
+    1. Copy the `.env-sample` file to `.env` and fill in the required information
+    2. Build the image with `docker build -t <image-name> .` The image name should follow the format
+       of `<registry>/<namespace>/<image-name>:<tag>`. For example, `us.icr.io/testitall_ns/testitall_server:latest`.
+2. Push the image to the container registry with `docker push <image-name>`
+3. Create a Code Engine project
+   and [deploy the image](https://cloud.ibm.com/docs/codeengine?topic=codeengine-deploy-app-crimage)
 
 ## WA Actions and corresponding OpenAPI Endpoints
 
@@ -118,10 +66,11 @@ The example provides a set of actions to test the specification:
 | Test HTTP POST                                               | "POST"                     | `/test`                          | Test HTTP POST.                                                                                                                                                                                                                                                                                              |
 | Test HTTP PUT                                                | "PUT"                      | `/test`                          | Test HTTP PUT.                                                                                                                                                                                                                                                                                               |
 | Test HTTP DELETE                                             | "DELETE"                   | `/test`                          | Test HTTP DELETE.                                                                                                                                                                                                                                                                                            |
+| Test HTTP PATCH                                              | "PATCH"                    | `/test`                          | Test HTTP PATCH.                                                                                                                                                                                                                                                                                             |
 | Test handle error in response                                | "Error"                    | `/test/error`                    | The API server will return a 404 error to test error handling in WA.                                                                                                                                                                                                                                         |
 | Test parse array inside object                               | "Arrays Object"            | `/test/arrays-object`            | The API server will reverse the array inside the object.                                                                                                                                                                                                                                                     |
-| Test handle an almost too large response                     | "Context Almost Too Large" | `/test/context-almost-too-large` | The API server will return a response that is almost too large (99KB). The extension call itself should succeed. The action will try to store the response into a session variable which will cause any following conversation to produce a 413 error.                                                       |
-| Test handle a too large response                             | "Context Too Large"        | `/test/context-too-large`        | The API server will return a response that is too large (500KB). The extension call should fail.                                                                                                                                                                                                             |
+| Test handle an almost too large response                     | "Context Almost Too Large" | `/test/context-almost-too-large` | The API server will return a response that is almost too large (129KB). The extension call itself should succeed. The action will try to store the response into a session variable which will cause any following conversation to produce a 413 error.                                                      |
+| Test handle a too large response                             | "Context Too Large"        | `/test/context-too-large`        | The API server will return a response that is too large (650KB). The extension call should fail.                                                                                                                                                                                                             |
 | Test set auth header with context variable                   | "Auth Header"              | `/test/auth-header`              | **Please make sure you've selected `No authentication` option in extension configuration, otherwise the auth header will be overridden.**<br/>The WA will set the Authorization header with the value provided by the user. The API server will echo the Authorization header in the response.               |
 | Test post with parameters                                    | "Params"                   | `/test/params/{path_param}`      | WA will send a POST request with parameters in the query string, header and URL path. The API server will echo the parameters in the response.                                                                                                                                                               |
 | Test response with a delay                                   | "Delay"                    | `/delay`                         | The API server will delay the response by the provided number of seconds (default: 3).                                                                                                                                                                                                                       |
@@ -169,7 +118,7 @@ Please first enter the Client ID:
 > Note: You don't need to manually copy the Redirect URL to your OAuth2 provider. The URL is sent together with the
 > request to the provider.
 
-Then, click the `Grant Access` button to authorize the extension to access your OAuth2 provider. You will be redirected 
+Then, click the `Grant Access` button to authorize the extension to access your OAuth2 provider. You will be redirected
 to the provider's authorization page, which will ask you to authorize the
 extension. After you authorize the extension, you will be redirected back to the Assistant, with the authorization code
 passed to the Watson Assistant.
@@ -210,7 +159,7 @@ steps below:
 1. Navigate to the `Environment` tab of your Watson Assistant instance.
 2. Select an environment, and click the gear icon beside the environment's name to open the environment configuration
    page.
-![Environment Configuration](./assets/webhook_env_config_1.png)
+   ![Environment Configuration](./assets/webhook_env_config_1.png)
 3. Select `Webhooks` > `Pre-Message Webhook` or `Post-Message Webhook` from the menu on the left.
 4. Enable the webhook by clicking the toggle switch.
 5. Enter the URL of the webhook.
@@ -219,4 +168,4 @@ steps below:
     - Post-message webhook: `https://myserver.com:4000/webhook/postwebhook`. For IBM hosted mock server, please use
       `https://custom-ext-testitall-ce.vkgqdtxxpfe.us-south.codeengine.appdomain.cloud/webhook/postwebhook`.
 6. Enter anything in the `Secret` field.
-![Webhook Configuration](./assets/webhook_env_config_2.png)
+   ![Webhook Configuration](./assets/webhook_env_config_2.png)
diff --git a/integrations/extensions/starter-kits/testitall/testitall.actions.json b/integrations/extensions/starter-kits/testitall/testitall.actions.json
diff --git a/integrations/extensions/starter-kits/testitall/testitall.openapi.json b/integrations/extensions/starter-kits/testitall/testitall.openapi.json

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@ function issueAccessToken() {`
`8`	`8`	`const accessToken = Math.random().toString(36).slice(-8)`
`9`	`9`	`const accessExpireTime = Date.now() + 1000 * parseInt(process.env.OAUTH_ACCESS_TOKEN_EXPIRES, 10)`
`10`	`10`	`accessTokensAuthCode.set(accessToken, accessExpireTime)`
`11`		`- console.log('[auth code] Issuing token:', accessToken)`
	`11`	+ console.log(`[auth code] Issuing token: ${accessToken}, expires: ${new Date(accessExpireTime)}`)
`12`	`12`
`13`	`13`	`return accessToken`
`14`	`14`	`}`
Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ function issueAccessToken() {`
`10`	`10`	`const accessExpireTime = Date.now() + 1000 * parseInt(process.env.OAUTH_ACCESS_TOKEN_EXPIRES, 10)`
`11`	`11`	`accessTokensCustomApikey.set(accessToken, accessExpireTime)`
`12`	`12`
`13`		`- console.log('[custom apikey] Issuing token:', accessToken)`
	`13`	+ console.log(`[custom apikey] Issuing token: ${accessToken}, expires: ${new Date(accessExpireTime)}`)
`14`	`14`	`return accessToken`
`15`	`15`	`}`
`16`	`16`
Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@ function issueAccessToken() {`
`6`	`6`	`const accessToken = Math.random().toString(36).slice(-8)`
`7`	`7`	`const accessExpireTime = Date.now() + 1000 * parseInt(process.env.OAUTH_ACCESS_TOKEN_EXPIRES, 10)`
`8`	`8`	`accessTokensPassword.set(accessToken, accessExpireTime)`
`9`		`- console.log('[password] Issuing token:', accessToken)`
	`9`	+ console.log(`[password] Issuing token: ${accessToken}, expires: ${new Date(accessExpireTime)}`)
`10`	`10`
`11`	`11`	`return accessToken`
`12`	`12`	`}`
Original file line number	Diff line number	Diff line change
`@@ -32,15 +32,22 @@ export function postTest(req, res) {`
`32`	`32`	`}`
`33`	`33`	`}`
`34`	`34`
	`35`	`+export function patchTest(req, res) {`
	`36`	`+ return res.json({`
	`37`	`+ status: 'PATCHED',`
	`38`	`+ });`
	`39`	`+}`
	`40`	`+`
`35`	`41`	`export function authHeaderTest(req, res) {`
`36`	`42`	`return res.json({`
`37`	`43`	`auth_header: req.header('Authorization') \|\| 'No Authorization header provided',`
`38`	`44`	`});`
`39`	`45`	`}`
`40`	`46`
`41`	`47`	`export function arraysInObjectTest(req, res) {`
	`48`	`+ const my_array = req.body.my_array \|\| [];`
`42`	`49`	`return res.json({`
`43`		`- my_chosen_item: req.body.item, reverse_array: req.body.my_array.reverse(), status: 'POST Array Object',`
	`50`	`+ my_chosen_item: req.body.item, reverse_array: my_array.reverse(), status: 'POST Array Object',`
`44`	`51`	`});`
`45`	`52`	`}`
`46`	`53`
`@@ -59,7 +66,7 @@ export function errorTest(req, res) {`
`59`	`66`
`60`	`67`
`61`	`68`	`export function contextTooLargeTest(req, res) {`
`62`		`- const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) * 5); // Default: 500KB`
	`69`	`+ const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) * 5); // Default: 130KB * 5 = 650KB`
`63`	`70`	`const response = {`
`64`	`71`	`data: fakeData`
`65`	`72`	`}`
`@@ -68,7 +75,7 @@ export function contextTooLargeTest(req, res) {`
`68`	`75`	`}`
`69`	`76`
`70`	`77`	`export function contextAlmostTooLargeTest(req, res) {`
`71`		`- const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) - 1024); // Default: 99KB`
	`78`	`+ const fakeData = 'x'.repeat(parseInt(process.env.RESPONSE_SIZE_LIMIT, 10) - 1024); // Default: 130KB - 1KB = 129KB`
`72`	`79`
`73`	`80`	`const response = {`
`74`	`81`	`data: fakeData`