From 1895a11c7ed5c339de3cf6c7597355aa2b0be8cc Mon Sep 17 00:00:00 2001
From: Holash Chand <holash.c@beehyv.com>
Date: Tue, 8 Aug 2023 17:49:41 +0530
Subject: [PATCH] fixed esign validation for udpate and removed signed key
 check

---
 backend/donor-service/configs/config.js       |  2 +
 backend/donor-service/main.js                 | 68 +++++++++++++------
 .../donor-service/services/esign.consumer.js  |  7 +-
 docker-compose.yml                            |  1 +
 4 files changed, 54 insertions(+), 24 deletions(-)

diff --git a/backend/donor-service/configs/config.js b/backend/donor-service/configs/config.js
index 86ca2844..04befd45 100644
--- a/backend/donor-service/configs/config.js
+++ b/backend/donor-service/configs/config.js
@@ -34,6 +34,7 @@ let ESIGN_VALIDATION_EXPIRE_TIME = process.env.ESIGN_VALIDATION_EXPIRE_TIME || 2
 const ESIGN_VALIDATION_PREVENT_3RD_PARTY = process.env.ESIGN_VALIDATION_PREVENT_3RD_PARTY === "true" || false;
 const ESIGN_VALIDATION_KAFKA_TOPIC = process.env.ESIGN_VALIDATION_KAFKA_TOPIC || 'esign_topic';
 const ESIGN_VALIDATION_KAFKA_TOPIC_GROUP = process.env.ESIGN_VALIDATION_KAFKA_TOPIC_GROUP || 'dev_esign_group_1';
+const ESIGN_VALIDATION_CLIENT_ID = process.env.ESIGN_VALIDATION_CLIENT_ID || "dev-esign-client";
 try {
     ESIGN_VALIDATION_EXPIRE_TIME = parseInt(ESIGN_VALIDATION_EXPIRE_TIME, 10);
     if(isNaN(ESIGN_VALIDATION_EXPIRE_TIME)) {
@@ -74,4 +75,5 @@ module.exports = {
     ESIGN_VALIDATION_PREVENT_3RD_PARTY,
     ESIGN_VALIDATION_KAFKA_TOPIC,
     ESIGN_VALIDATION_KAFKA_TOPIC_GROUP,
+    ESIGN_VALIDATION_CLIENT_ID,
 }
diff --git a/backend/donor-service/main.js b/backend/donor-service/main.js
index afc7b8ea..c0d2706f 100644
--- a/backend/donor-service/main.js
+++ b/backend/donor-service/main.js
@@ -182,6 +182,19 @@ app.post('/register/:entityName', async(req, res) => {
         res.status(401).send({message: 'Abha number verification expired. Please refresh the page and restart registration'});
         return;
     }
+    if (config.ESIGN_VALIDATION_PREVENT_3RD_PARTY) {
+        const transactionID = await redis.getKey(getEsginKey(req?.body?.identificationDetails?.abha))
+        const storedTransaction = await redis.getHash(getEsignVerificationKey(transactionID));
+        if(storedTransaction?.esignStatus !== config.ESIGN_STATUS.SUCCESS.toString()) {
+            res.status(401).send({
+                message: 'Unable to validate e-sign',
+                ...(storedTransaction?.esignStatus === config.ESIGN_STATUS.FAILED.toString()) ? {
+                    errors: JSON.parse(storedTransaction?.esignErrors),
+                    } :  {},
+            })
+            return
+        }
+    }
     let profileFromReq = req.body;
     profileFromReq = JSON.parse(JSON.stringify(profileFromReq).replace(/\:null/gi, "\:\"\""));
     const profile = getProfileFromUserAndRedis(profileFromReq, profileFromRedis);
@@ -235,6 +248,19 @@ app.put('/register/:entityName/:entityId', async(req, res) => {
     profileFromReq = JSON.parse(JSON.stringify(profileFromReq).replace(/\:null/gi, "\:\"\""));
     const entityName = req.params.entityName;
     const entityId = req.params.entityId;
+    if (config.ESIGN_VALIDATION_PREVENT_3RD_PARTY) {
+        const transactionID = await redis.getKey(getEsginKey(req?.body?.identificationDetails?.abha))
+        const storedTransaction = await redis.getHash(getEsignVerificationKey(transactionID));
+        if(storedTransaction?.esignStatus !== config.ESIGN_STATUS.SUCCESS.toString()) {
+            res.status(401).send({
+                message: 'Unable to validate e-sign',
+                ...(storedTransaction?.esignStatus === config.ESIGN_STATUS.FAILED.toString()) ? {
+                    errors: JSON.parse(storedTransaction?.esignErrors),
+                } :  {},
+            })
+            return
+        }
+    }
     const userData = JSON.parse(await getUserData(getKeyBasedOnEntityName(entityName) + entityId, req));
     try {
         if(validateIfNonEditableFieldsPresent(profileFromReq, userData)) {
@@ -343,27 +369,7 @@ function validateEmergencyMobileNumberUpdated(profileFromReq, userData) {
 
 app.post('/esign/init', async (req, res) => {
     try {
-        // if (!'data' in req.query) {
-        //     res.status(400).send(new Error('Pledge data not available'));
-        // }
-        console.log(req.query)
-        // const pledge = JSON.parse(req.query.data)
-        const pledge = req.body.data;
-        const esignData = await getEsignData(pledge);
-        if (config.ESIGN_VALIDATION_PREVENT_3RD_PARTY) {
-            const verificationData = {
-                "firstName": R.pathOr("", ["personalDetails", "firstName"], pledge),
-                "middleName": R.pathOr("", ["personalDetails", "middleName"], pledge),
-                "lastName": R.pathOr("", ["personalDetails", "lastName"], pledge),
-                "dob": R.pathOr("", ["personalDetails", "dob"], pledge),
-                "pincode": R.pathOr("", ["addressDetails", "pincode"], pledge),
-                "esignStatus": config.ESIGN_STATUS.PENDING.toString()
-            };
-            for(const[key, value] of Object.entries(verificationData)) {
-                console.log(key, value)
-                await redis.storeHashWithExpiry(getEsignVerificationKey(esignData.txnId), key, value, config.ESIGN_VALIDATION_EXPIRE_TIME)
-            }
-        }
+        const esignData = await getEsignData(req.body.data);
         res.send({
             signUrl: esignData.espUrl,
             xmlContent: esignData.xmlContent,
@@ -442,10 +448,28 @@ const getEsignData = async(pledge) => {
         })
     });
     let xmlContent = apiResponse.data.espRequest;
-    await redis.storeKeyWithExpiry(getEsginKey(pledge.identificationDetails.abha), apiResponse.data.aspTxnId, config.EXPIRE_PROFILE)
+    await redis.storeKeyWithExpiry(getEsginKey(pledge.identificationDetails.abha), apiResponse.data.aspTxnId, config.EXPIRE_PROFILE);
+    await storeEsignTransaction(apiResponse?.data?.aspTxnId, pledge);
     return {xmlContent: xmlContent, txnId: apiResponse.data.aspTxnId, espUrl: apiResponse.data.espUrl};
 }
 
+const storeEsignTransaction = async (txnId, pledge) => {
+    if (config.ESIGN_VALIDATION_PREVENT_3RD_PARTY) {
+        const verificationData = {
+            "firstName": R.pathOr("", ["personalDetails", "firstName"], pledge),
+            "middleName": R.pathOr("", ["personalDetails", "middleName"], pledge),
+            "lastName": R.pathOr("", ["personalDetails", "lastName"], pledge),
+            "dob": R.pathOr("", ["personalDetails", "dob"], pledge),
+            "pincode": R.pathOr("", ["addressDetails", "pincode"], pledge),
+            "esignStatus": config.ESIGN_STATUS.PENDING.toString()
+        };
+        for(const[key, value] of Object.entries(verificationData)) {
+            console.log(key, value)
+            await redis.storeHashWithExpiry(getEsignVerificationKey(txnId), key, value, config.ESIGN_VALIDATION_EXPIRE_TIME)
+        }
+    }
+}
+
 const getUserData = async(key, req) => {
     let userData = await redis.getKey(key);
     if(userData !== null) {
diff --git a/backend/donor-service/services/esign.consumer.js b/backend/donor-service/services/esign.consumer.js
index 5294c35a..71f203c1 100644
--- a/backend/donor-service/services/esign.consumer.js
+++ b/backend/donor-service/services/esign.consumer.js
@@ -10,6 +10,7 @@ function getEsignVerificationKey(transactionId) {
 const initSubscription = async () => {
     try {
         const kafka = new Kafka ({
+            clientId: config.ESIGN_VALIDATION_CLIENT_ID,
             brokers: config.ESIGN_VALIDATION_KAFKA_BROKERS?.split(",")
         });
         consumer = kafka.consumer({groupId: config.ESIGN_VALIDATION_KAFKA_TOPIC_GROUP});
@@ -27,8 +28,11 @@ const initSubscription = async () => {
 const processEachMessage = async ({ message }) => {
     try {
         const esignData = JSON.parse(message.value.toString());
+        console.log("Received Kafka message: ", esignData);
         const esignVerificationKey = getEsignVerificationKey(esignData.transactionId.split('.')[0]);
-        const enteredData = await redis.getHash()
+        console.debug("Esign Verification Key: ", esignVerificationKey);
+        const enteredData = await redis.getHash(esignVerificationKey);
+        console.debug("Entered Data Was: ", enteredData);
         if(Object.keys(enteredData).length !== 0) {
             const status = getEsignDataMatchStatus(enteredData, esignData);
             if(status.errors.length > 0 ) {
@@ -49,7 +53,6 @@ const getEsignDataMatchStatus = (enteredData, esignData) => {
     const error = (msg, esignField, originalField) => {
         errors.push(`${msg}, esign '${esignField}' and original '${originalField}'`);
     }
-    if(!esignData?.signed) errors.push("Sign unsuccessful");
     if(enteredData.dob?.indexOf(esignData?.yob) < 0) error("Year of birth not matched", esignData?.yob, enteredData?.dob?.split("-")[0]);
     if(enteredData.pincode !== esignData.pincode) error("Pincode not matched", esignData?.pincode, enteredData?.pincode);
     if(!!esignData?.name) {
diff --git a/docker-compose.yml b/docker-compose.yml
index 87b1b97e..7576ab71 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -338,6 +338,7 @@ services:
       API_KEY: ${API_KEY}
       ESIGN_VALIDATION_PREVENT_3RD_PARTY: ${ESIGN_VALIDATION_PREVENT_3RD_PARTY}
       ESIGN_VALIDATION_EXPIRE_TIME: ${ESIGN_VALIDATION_EXPIRE_TIME}
+      ESIGN_VALIDATION_CLIENT_ID: ${ESIGN_VALIDATION_CLIENT_ID}
       ESIGN_VALIDATION_KAFKA_BROKERS: ${ESIGN_VALIDATION_KAFKA_BROKERS}
       ESIGN_VALIDATION_KAFKA_TOPIC: ${ESIGN_VALIDATION_KAFKA_TOPIC}
       ESIGN_VALIDATION_KAFKA_TOPIC_GROUP: ${ESIGN_VALIDATION_KAFKA_TOPIC_GROUP}