feat: add auth to healthcheck

controllers/front/apiHealthCheck.php

@@ -2,32 +2,41 @@
 
 use PrestaShop\Module\PsEventbus\Config\Config;
 use PrestaShop\Module\PsEventbus\Controller\AbstractApiController;
+use PrestaShop\Module\PsEventbus\Exception\UnauthorizedException;
 use PrestaShop\Module\PsEventbus\Repository\ServerInformationRepository;
 
 class ps_EventbusApiHealthCheckModuleFrontController extends AbstractApiController
 {
     public $type = Config::COLLECTION_SHOPS;
 
+    private $isAuthentifiedCall = true;
+
     /**
-     * Override default method from AbstractApiController: skip jobId verification
+     * Override default method from AbstractApiController
+     * Get another behavior for healthcheck
      *
      * @return void
      */
     public function init()
     {
+        try {
+            parent::init();
+        } catch (UnauthorizedException $exception) {
+            $this->isAuthentifiedCall = false;
+        }
     }
 
     /**
      * @return void
      *
-     * @throws\PrestaShopException
+     * @throws \PrestaShopException
      */
     public function postProcess()
     {
         /** @var ServerInformationRepository $serverInformationRepository */
         $serverInformationRepository = $this->module->getService(ServerInformationRepository::class);
 
-        $status = $serverInformationRepository->getHealthCheckData();
+        $status = $serverInformationRepository->getHealthCheckData($this->isAuthentifiedCall);
 
         $this->exitWithResponse($status);
     }

src/Controller/AbstractApiController.php

@@ -6,6 +6,7 @@
 use PrestaShop\Module\PsEventbus\Exception\EnvVarException;
 use PrestaShop\Module\PsEventbus\Exception\FirebaseException;
 use PrestaShop\Module\PsEventbus\Exception\QueryParamsException;
+use PrestaShop\Module\PsEventbus\Exception\UnauthorizedException;
 use PrestaShop\Module\PsEventbus\Handler\ErrorHandler\ErrorHandler;
 use PrestaShop\Module\PsEventbus\Provider\PaginatedApiDataProviderInterface;
 use PrestaShop\Module\PsEventbus\Repository\EventbusSyncRepository;
@@ -99,23 +100,31 @@ public function __construct()
     }
 
     /**
-     * @return void
+     * @return bool|void
      */
     public function init()
     {
         $this->startTime = time();
 
         try {
             $this->authorize();
-        } catch (\PrestaShopDatabaseException $exception) {
-            $this->errorHandler->handle($exception);
-            $this->exitWithExceptionMessage($exception);
-        } catch (EnvVarException $exception) {
-            $this->errorHandler->handle($exception);
-            $this->exitWithExceptionMessage($exception);
-        } catch (FirebaseException $exception) {
-            $this->errorHandler->handle($exception);
-            $this->exitWithExceptionMessage($exception);
+        } catch (\Exception $exception) {
+            // For ApiHealthCheck, handle the error, and throw UnauthorizedException directly, to catch-up at top level.
+            if (str_contains($this->page_name, 'apiHealthCheck')) {
+                $this->errorHandler->handle($exception);
+                throw new UnauthorizedException('You are not allowed to access to this resource');
+            }
+
+            if ($exception instanceof \PrestaShopDatabaseException) {
+                $this->errorHandler->handle($exception);
+                $this->exitWithExceptionMessage($exception);
+            } elseif ($exception instanceof EnvVarException) {
+                $this->errorHandler->handle($exception);
+                $this->exitWithExceptionMessage($exception);
+            } elseif ($exception instanceof FirebaseException) {
+                $this->errorHandler->handle($exception);
+                $this->exitWithExceptionMessage($exception);
+            }
         }
     }
 

src/Repository/ServerInformationRepository.php

@@ -126,7 +126,7 @@ public function getServerInformation($langIso = '')
     /**
      * @return array
      */
-    public function getHealthCheckData()
+    public function getHealthCheckData(bool $isAuthentifiedCall)
     {
         $tokenValid = false;
         $tokenIsSet = true;
@@ -171,11 +171,15 @@ public function getHealthCheckData()
             $phpVersion = (string) explode('-', (string) phpversion())[0];
         }
 
-        return [
+        $sensibleInformation = [
             'prestashop_version' => _PS_VERSION_,
             'ps_eventbus_version' => \Ps_eventbus::VERSION,
             'ps_accounts_version' => defined('Ps_accounts::VERSION') ? \Ps_accounts::VERSION : false, /* @phpstan-ignore-line */
             'php_version' => $phpVersion,
+            'shop_id' => $this->psAccountsAdapterService->getShopUuid(),
+        ];
+
+        $serverInformation = [
             'ps_account' => $tokenIsSet,
             'is_valid_jwt' => $tokenValid,
             'ps_eventbus' => $allTablesInstalled,
@@ -185,6 +189,12 @@ public function getHealthCheckData()
                 'EVENT_BUS_LIVE_SYNC_API_URL' => isset($this->configuration['EVENT_BUS_LIVE_SYNC_API_URL']) ? $this->configuration['EVENT_BUS_LIVE_SYNC_API_URL'] : null,
             ],
         ];
+
+        if ($isAuthentifiedCall) {
+            $serverInformation = array_merge($sensibleInformation, $serverInformation);
+        }
+
+        return $serverInformation;
     }
 
     /**