Request failed with status code 403 in test environment

Expected behavior

When I run an integration test which calls my Forest Admin backend to check if routes work, I should be able to call them correctly.

Actual behavior

Since we updated the forest-express-sequelize dependency in our Nodejs project from 8.2.8 to 8.4.7, these are broken we got a 403 error.
Despite of the error message below saying envSecret is missing, is actually wrong. I added a log in “forest-server-requester.js” (in the node_modules) to check if I didn’t make mistake to pass the env variable.

Failure Logs

[forest] 🌳🌳🌳  Permissions error: Cannot retrieve the data from the Forest server. Can you check that you properly copied the Forest envSecret in the Liana initializer?
 FAIL  test/integration/features/document.integration.spec.ts (18.089 s)
  Document
    ✓ should create document (851 ms)
    ✓ should update document (153 ms)
    Forest Display
      ✕ should get all Documents (210 ms)
      ✕ should get a single Document (151 ms)

  ● Document › Forest Display › should get all Documents

    Request failed with status code 403

      at createError (node_modules/axios/lib/core/createError.js:16:15)
      at settle (node_modules/axios/lib/core/settle.js:17:12)
      at IncomingMessage.handleStreamEnd (node_modules/axios/lib/adapters/http.js:260:11)

Context

// test.ts

describe("Forest Display", () => {
    let forestToken = "";

    beforeAll(async () => {
      forestToken = await getForestToken();
    });

    it("should get all Documents", async () => {
      const result = await callForestRoute("http://localhost:6009/forest/Document", forestToken);
      expect(result.data.data).toHaveLength(3);
    });

// utils.ts

export const getForestToken = async () => {
  const FOREST_AUTH_SECRET = env().FOREST_AUTH_SECRET;
  const user = {
    id: "44907",
    email: "toto.toto@swan.io",
    firstName: "toto",
    lastName: "toto",
    team: "Banking Operations",
    renderingId: 80198,
  };
  return jwt.sign(user, FOREST_AUTH_SECRET, {
    expiresIn: "30 minutes",
  });
};

export const callForestRoute = async (url: string, forestToken: string, params?: object) => {
  const config = {
    method: "get",
    url,
    headers: {
      "Content-Type": "application/json",
      Authorization: `Bearer ${forestToken}`,
    },
    params: {
      timezone: "Europe/Paris",
      ...params,
    },
  } as AxiosRequestConfig;

  return axios(config);
};

• Package Version: 8.4.7
• Express Version: 4.17.1
• Sequelize Version: 5.22.3
• Database Dialect: PG
• Database Version: 11
• Project Name: Swan backoffice

Hello @Mathieu_Breton

Thank you for reporting this, and sorry for the inconvenience.

I’m looking into the code changes now, but would you mind helping me by narrowing which intermediate version broke the test on your end?

Here is the full list of minor versions from 8.2.8 to 8.4.7:

• v8.2.8
• v8.2.9
• v8.3.0
• v8.3.1
• v8.3.2
• v8.3.3
• v8.4.0
• v8.4.1
• v8.4.2
• v8.4.3
• v8.4.4
• v8.4.5
• v8.4.6
• v8.4.7

Maybe try 8.3.0 and 8.4.0 first?

Thank you.

Hello,

Finally, I figured out the problem. It’s not related to the versions. The problem still occurred on v8.2.8.
By digging in the forest-express-sequelize code, we found the property role was mandatory in the JWT sent to the forest endpoints. So If I update the code shown before, the code looks like that:

export const getForestToken = async () => {
  const FOREST_AUTH_SECRET = env().FOREST_AUTH_SECRET;
  const user = {
    id: "44907",
    email: "toto.toto@swan.io",
    firstName: "toto",
    lastName: "toto",
    team: 62937,
    renderingId: 105033,
    role: 957,
  };
  return jwt.sign(user, FOREST_AUTH_SECRET, {
    expiresIn: "30 minutes",
  });
};

I don’t know why it appears now but it solved our problem.
You should update your doc : Run automated tests - Woodshop
It doesn’t mention this property.

Hi @Mathieu_Breton Thank a lot for your feedback
I will update the documentation.
Can I solved this thread ?

Yes, you can mark it as solved.