feat(auth)!: Decouple AuthModule from express-openid-connect by forcing consumers to import the auth middleware themselves and hand it over to this package

Author: spuxx-dev

apps/nest/src/main.ts

@@ -2,7 +2,7 @@ import { Logger } from '@nestjs/common';
 import { NestFactory } from '@nestjs/core';
 import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
 import { CustomLogger, AuthModule } from '@spuxx/nest-utils';
-
+import { auth } from 'express-openid-connect';
 import { AppModule } from './app.module';
 import { authConfig } from './auth/auth.config';
 import { EnvModule } from './env/env.module';
@@ -15,7 +15,7 @@ async function bootstrap() {
     logger,
   });
 
-  await AuthModule.bootstrap(app as never, authConfig);
+  await AuthModule.bootstrap(app as never, auth, authConfig);
 
   const config = new DocumentBuilder()
     .setTitle('apps/nest')

packages/nest-utils/src/auth/auth.module.ts

@@ -4,14 +4,17 @@ import { AuthController } from './controllers/auth.controller';
 import { AuthService } from './providers/auth.service';
 import { deepMerge } from '@spuxx/js-utils';
 import { AuthOptionsProvider } from './providers/auth-options.provider';
+import { type ConfigParams } from 'express-openid-connect';
+import { RequestHandler } from 'express';
 
 /**
  * The authentication module. This module is responsible for handling authentication and
- * authorization. It is based on the `express-openid-connect?` library and is intended
+ * authorization. It is based on the `express-openid-connect` library and is intended
  * for use with an OIDC provider.
  * @example
  * // main.ts
  * import { AuthModule, AuthOptions } from '@nestjs-oidc/core';
+ * import { auth } from "express-openid-connect";
  * const authConfig: AuthOptions = {
  *   // This is the minimum set of options you need to provide
  *   roles: {
@@ -27,7 +30,7 @@ import { AuthOptionsProvider } from './providers/auth-options.provider';
  *     secret: 'session-secret',
  *   }
  * }
- * await AuthModule.bootstrap(app, authConfig);
+ * await AuthModule.bootstrap(app, auth, authConfig);
  *
  * // app.module.ts
  * import { AuthModule } from '@nestjs-oidc/core';
@@ -41,16 +44,20 @@ export class AuthModule {
   /**
    * Bootstraps authentication. This must be called during application bootstrapping.
    * @param app The Nest application instance.
+   * @param auth The `auth` middleware function provided by `express-openid-connect`.
    * @param options The authentication options.
    */
-  static async bootstrap(app: INestApplication, options: AuthOptions) {
+  static async bootstrap(
+    app: INestApplication,
+    auth: (params?: ConfigParams) => RequestHandler,
+    options: AuthOptions,
+  ) {
     const mergedOptions = this.mergeOptionsWithDefaultValues(options);
     const { disable, oidc } = mergedOptions;
     if (disable) {
       Logger.warn('Authentication is disabled. All routes will be accessible.', AuthModule.name);
       return;
     }
-    const { auth } = await import('express-openid-connect');
     app.use(auth(oidc));
     Logger.log(
       `Authentication is enabled and will be handled by issuer at '${oidc.issuerBaseURL}'.`,

packages/nest-utils/src/testing/container/private/mock-oidc.ts

@@ -39,12 +39,3 @@ export class MockOidcModule implements NestModule {
     consumer.apply(MockOidcMiddleware).forRoutes('*');
   }
 }
-
-export function mockExpressOidcPackage() {
-  vitest.doMock('express-openid-connect', () => {
-    return {
-      auth: vitest.fn(() => (_req: Request, _res: Response, next: NextFunction) => next()),
-      requiresAuth: vitest.fn(() => (_req: Request, _res: Response, next: NextFunction) => next()),
-    };
-  });
-}

packages/nest-utils/src/testing/container/test-container.ts

@@ -5,9 +5,10 @@ import { AuthOptions } from '../../auth';
 import { AuthModule } from '../../auth/auth.module';
 import { Supertest } from '../supertest';
 import { createEndToEndNestApplication } from './private/end-to-end';
-import { mockExpressOidcPackage, MockOidcModule } from './private/mock-oidc';
+import { MockOidcModule } from './private/mock-oidc';
 import { TestContainerOptions } from './types';
 import { MappingModule } from '../../mapping/mapping.module';
+import { NextFunction } from 'express';
 
 /**
  * `TestContainer` provides an abstraction of `Nest.createTestContainer()`, offering
@@ -76,8 +77,6 @@ export class TestContainer {
       ...options,
     };
 
-    mockExpressOidcPackage();
-
     // Auto-add non-conditional components
     imports.push(MappingModule);
 
@@ -106,7 +105,8 @@ export class TestContainer {
     let supertest: Supertest | undefined;
     if (enableEndToEnd) {
       app = await createEndToEndNestApplication(module);
-      await AuthModule.bootstrap(app, authOptions as AuthOptions);
+      const auth = () => (_req: Request, _res: Response, next: NextFunction) => next();
+      await AuthModule.bootstrap(app, auth as never, authOptions as AuthOptions);
       supertest = new Supertest(app, options.session);
     }