feat: add separate env var for webhook enabled

Author: dragosp1011

packages/auth/jest.env.js

@@ -4,4 +4,5 @@ process.env.IDENTITY_SERVER_SECRET =
   '2pEcn2kkCclbOHQiGNEwhJ0rucATZhrA807HTm2rNXE='
 process.env.AUTH_SERVER_URL = 'http://localhost:3006'
 process.env.IDENTITY_SERVER_URL = 'http://localhost:3030/mock-idp/'
+process.env.WEBHOOK_ENABLED = 'true'
 process.env.WEBHOOK_URL = 'http://127.0.0.1:4001/webhook'

packages/auth/src/app.ts

@@ -146,7 +146,7 @@ export class App {
       }
 
       // if webhookUrl is not set, webhook events are not saved or processed
-      if (this.config.webhookUrl) {
+      if (this.config.webhookEnabled) {
         for (let i = 0; i < this.config.webhookWorkers; i++) {
           process.nextTick(() => this.processWebhook())
         }

packages/auth/src/config/app.ts

@@ -83,7 +83,11 @@ export const Config = {
   signatureSecret: process.env.SIGNATURE_SECRET, // optional
   signatureVersion: envInt('SIGNATURE_VERSION', 1),
 
-  webhookUrl: process.env.WEBHOOK_URL, // optional
+  webhookEnabled: envBool('WEBHOOK_ENABLED', false),
+  webhookUrl:
+    process.env.WEBHOOK_ENABLED === 'true'
+      ? envString('WEBHOOK_URL')
+      : undefined, //  required only when WEBHOOK_ENABLED is true
   webhookWorkers: envInt('WEBHOOK_WORKERS', 1),
   webhookWorkerIdle: envInt('WEBHOOK_WORKER_IDLE', 200), // milliseconds
   webhookTimeout: envInt('WEBHOOK_TIMEOUT', 2000), // milliseconds

packages/auth/src/grant/service.test.ts

@@ -24,6 +24,7 @@ import { AccessToken } from '../accessToken/model'
 import { Interaction, InteractionState } from '../interaction/model'
 import { Pagination, SortOrder } from '../shared/baseModel'
 import { getPageTests } from '../shared/baseModel.test'
+import { WebhookEvent } from '../webhook/model'
 
 describe('Grant Service', (): void => {
   let deps: IocContract<AppServices>
@@ -366,11 +367,51 @@ describe('Grant Service', (): void => {
             updatedAt: expect.any(Date)
           }
         ])
+        expect(
+          WebhookEvent.query().where({ grantId: grant.id })
+        ).resolves.toHaveLength(1)
       })
 
       test('Can "revoke" unknown grant', async (): Promise<void> => {
         await expect(grantService.revokeGrant(v4())).resolves.toEqual(false)
       })
+
+      describe('revoke with webhook disabled', (): void => {
+        beforeAll(async (): Promise<void> => {
+          Config.webhookEnabled = false
+        })
+
+        afterAll(async (): Promise<void> => {
+          Config.webhookEnabled = true
+        })
+
+        test('Can revoke a grant and not save webhook event', async (): Promise<void> => {
+          await expect(grantService.revokeGrant(grant.id)).resolves.toEqual(
+            true
+          )
+
+          const revokedGrant = await Grant.query(knex).findById(grant.id)
+          expect(revokedGrant?.state).toEqual(GrantState.Finalized)
+          expect(revokedGrant?.finalizationReason).toEqual(
+            GrantFinalization.Revoked
+          )
+          expect(Access.query().where({ grantId: grant.id })).resolves.toEqual([
+            { ...access, limits: null }
+          ])
+          expect(
+            AccessToken.query().where({ grantId: grant.id })
+          ).resolves.toEqual([
+            {
+              ...accessToken,
+              revokedAt: expect.any(Date),
+              updatedAt: expect.any(Date)
+            }
+          ])
+          expect(
+            WebhookEvent.query().where({ grantId: grant.id })
+          ).resolves.toHaveLength(0)
+        })
+      })
     })
 
     describe('lock', (): void => {

packages/auth/src/grant/service.ts

@@ -201,7 +201,7 @@ async function revokeGrant(
 
     const revokedAt = await accessTokenService.revokeByGrantId(grant.id, trx)
 
-    if (deps.config.webhookUrl) {
+    if (deps.config.webhookEnabled) {
       await GrantEvent.query(trx).insert({
         type: GrantEventType.GrantRevoked,
         grantId: grant.id,