ci: docker_tag=ext chore(back): v1.0.5 token claims + validation profile_idn

2025-09-19 08:17:39 +00:00 · 2025-09-19 08:17:39 +00:00 · 58f2dfab52
commit 58f2dfab52
parent 6a0c1ce817
3 changed files with 20 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -36,3 +36,8 @@
    - `getUserData`
    - `getOfficeLocationData`
 - Objectif: faciliter le diagnostic des environnements et des bases URL.
+
+## v1.0.5
+
+- IdNot: logs supplémentaires des claims du token (`sub`, `entity_idn`, `profile_idn`) et contrôle explicite de `profile_idn`.
+- Effet: en cas d’absence de `profile_idn`, retour 400 (ValidationError) au lieu d’un 502.
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "lecoffre-back-mini",
-  "version": "1.0.4",
+  "version": "1.0.5",
  "description": "Mini serveur avec une route /api/ping",
  "main": "dist/server.js",
  "scripts": {
--- a/src/controllers/idnot.controller.ts
+++ b/src/controllers/idnot.controller.ts
@ -101,6 +101,19 @@ export class IdNotController {
      // Decode JWT payload
      const payload = JSON.parse(Buffer.from(jwt.split('.') [1], 'base64').toString('utf8'));

+      // Log non-sensible claims for diagnostics
+      Logger.info('IdNot token payload summary', {
+        keys: Object.keys(payload || {}),
+        sub: payload?.sub,
+        entity_idn: payload?.entity_idn,
+        profile_idn: payload?.profile_idn
+      });
+
+      // Validate essential claim
+      if (!payload?.profile_idn || typeof payload.profile_idn !== 'string') {
+        throw new ValidationError('Missing profile_idn in IdNot token');
+      }
+
      // Get user data
      const userData = await IdNotService.getUserData(payload.profile_idn);