feat(backend): redirect to webpage when querying payment pointer in browser (#3298)

* feat(backend): redirect to webpage when querying payment pointer in browser

* feat(backend): change redirect code to 302

* feat(backend): make redirect optional

* feat(backend): move wallet redirect to middlware

* feat(backend): trim redirect ending slashes

* feat(backend): add test for trim trailing slashes on redirect page

* chore(deps): update axios

Author: cozminu

localenv/mock-account-servicing-entity/package.json

@@ -17,7 +17,7 @@
     "@remix-run/serve": "^2.15.3",
     "@types/node": "^18.7.12",
     "@types/uuid": "^9.0.8",
-    "axios": "^1.7.9",
+    "axios": "^1.8.2",
     "class-variance-authority": "^0.7.1",
     "graphql": "^16.8.1",
     "json-canonicalize": "^1.0.6",

packages/auth/package.json

@@ -35,7 +35,7 @@
     "@koa/cors": "^5.0.0",
     "@koa/router": "^12.0.2",
     "ajv": "^8.12.0",
-    "axios": "^1.7.9",
+    "axios": "^1.8.2",
     "dotenv": "^16.4.7",
     "graphql": "^16.8.1",
     "ioredis": "^5.3.2",

packages/backend/package.json

@@ -73,7 +73,7 @@
     "@opentelemetry/sdk-node": "^0.52.1",
     "@opentelemetry/sdk-trace-node": "^1.25.1",
     "ajv": "^8.12.0",
-    "axios": "1.7.9",
+    "axios": "1.8.2",
     "base64url": "^3.0.1",
     "dotenv": "^16.4.7",
     "extensible-error": "^1.0.2",

packages/backend/src/app.ts

@@ -94,7 +94,8 @@ import {
   getWalletAddressUrlFromQuote,
   getWalletAddressUrlFromRequestBody,
   getWalletAddressForSubresource,
-  getWalletAddressUrlFromPath
+  getWalletAddressUrlFromPath,
+  redirectIfBrowserAcceptsHtml
 } from './open_payments/wallet_address/middleware'
 
 import { LoggingPlugin } from './graphql/plugin'
@@ -673,6 +674,7 @@ export class App {
     router.get(
       WALLET_ADDRESS_PATH,
       getWalletAddressUrlFromPath,
+      redirectIfBrowserAcceptsHtml,
       createSpspMiddleware(this.config.enableSpspPaymentPointers),
       createValidatorMiddleware(
         walletAddressServerSpec,

packages/backend/src/config/app.ts

@@ -192,6 +192,7 @@ export const Config = {
     'MAX_OUTGOING_PAYMENT_RETRY_ATTEMPTS',
     5
   ),
+  walletAddressRedirectHtmlPage: process.env.WALLET_ADDRESS_REDIRECT_HTML_PAGE,
   localCacheDuration: envInt('LOCAL_CACHE_DURATION_MS', 15_000)
 }
 

packages/backend/src/open_payments/wallet_address/middleware.test.ts

@@ -5,7 +5,8 @@ import {
   getWalletAddressUrlFromIncomingPayment,
   getWalletAddressUrlFromQuote,
   getWalletAddressUrlFromOutgoingPayment,
-  getWalletAddressUrlFromPath
+  getWalletAddressUrlFromPath,
+  redirectIfBrowserAcceptsHtml
 } from './middleware'
 import { Config } from '../../config/app'
 import { IocContract } from '@adonisjs/fold'
@@ -382,4 +383,85 @@ describe('Wallet Address Middleware', (): void => {
       expect(ctx.walletAddress).toEqual(walletAddress)
     })
   })
+
+  describe('redirectWalletAddress', () => {
+    let ctx: WalletAddressContext
+    let next: jest.MockedFunction<() => Promise<void>>
+    const walletAddressPath = 'ilp.wallet/test'
+    const walletAddressUrl = `https://${walletAddressPath}`
+    const walletAddressRedirectHtmlPage = 'https://ilp.dev'
+
+    beforeEach((): void => {
+      ctx = createContext({}, {})
+
+      next = jest.fn()
+    })
+
+    test('redirects to wallet address url', async (): Promise<void> => {
+      ctx.container = initIocContainer({
+        ...Config,
+        walletAddressRedirectHtmlPage
+      })
+      ctx.walletAddressUrl = walletAddressUrl
+      ctx.request.headers.accept = 'text/html'
+
+      await expect(
+        redirectIfBrowserAcceptsHtml(ctx, next)
+      ).resolves.toBeUndefined()
+
+      expect(ctx.response.status).toBe(302)
+      expect(ctx.response.get('Location')).toBe(
+        `${walletAddressRedirectHtmlPage}/${walletAddressPath}`
+      )
+      expect(next).not.toHaveBeenCalled()
+    })
+
+    test('no redirect to wallet address url if env is not set', async (): Promise<void> => {
+      ctx.container = initIocContainer({
+        ...Config,
+        walletAddressRedirectHtmlPage: undefined
+      })
+      ctx.walletAddressUrl = walletAddressUrl
+      ctx.request.headers.accept = 'text/html'
+
+      await expect(
+        redirectIfBrowserAcceptsHtml(ctx, next)
+      ).resolves.toBeUndefined()
+
+      expect(next).toHaveBeenCalled()
+    })
+
+    test('no redirect to wallet address url if accept is not text/html', async (): Promise<void> => {
+      ctx.container = initIocContainer({
+        ...Config,
+        walletAddressRedirectHtmlPage
+      })
+      ctx.walletAddressUrl = walletAddressUrl
+
+      await expect(
+        redirectIfBrowserAcceptsHtml(ctx, next)
+      ).resolves.toBeUndefined()
+
+      expect(next).toHaveBeenCalled()
+    })
+
+    it('should trim trailing slashes from redirectHtmlPage', async (): Promise<void> => {
+      ctx.container = initIocContainer({
+        ...Config,
+        walletAddressRedirectHtmlPage: 'https://ilp.dev/'
+      })
+      ctx.walletAddressUrl = `${walletAddressUrl}`
+      ctx.request.headers.accept = 'text/html'
+
+      await expect(
+        redirectIfBrowserAcceptsHtml(ctx, next)
+      ).resolves.toBeUndefined()
+
+      expect(ctx.response.status).toBe(302)
+      expect(ctx.response.get('Location')).toBe(
+        `${walletAddressRedirectHtmlPage}/${walletAddressPath}`
+      )
+      expect(next).not.toHaveBeenCalled()
+    })
+  })
 })

packages/backend/src/open_payments/wallet_address/middleware.ts

@@ -117,3 +117,27 @@ export async function getWalletAddressForSubresource(
 
   await next()
 }
+
+export async function redirectIfBrowserAcceptsHtml(
+  ctx: WalletAddressUrlContext,
+  next: () => Promise<void>
+) {
+  const config = await ctx.container.use('config')
+
+  if (
+    config.walletAddressRedirectHtmlPage &&
+    ctx.request.header['accept']?.includes('text/html')
+  ) {
+    const walletAddressPath = ctx.walletAddressUrl.replace('https://', '')
+    const redirectHtmlPage = config.walletAddressRedirectHtmlPage.replace(
+      /\/+$/,
+      ''
+    )
+
+    ctx.set('Location', `${redirectHtmlPage}/${walletAddressPath}`)
+    ctx.status = 302
+    return
+  }
+
+  await next()
+}

packages/frontend/package.json

@@ -20,7 +20,7 @@
     "@remix-run/node": "^2.15.3",
     "@remix-run/react": "^2.15.3",
     "@remix-run/serve": "^2.15.3",
-    "axios": "^1.7.9",
+    "axios": "^1.8.2",
     "class-variance-authority": "^0.7.1",
     "graphql": "^16.8.1",
     "ilp-packet": "3.1.4-alpha.2",

packages/token-introspection/package.json

@@ -27,7 +27,7 @@
   "dependencies": {
     "@interledger/open-payments": "6.13.2",
     "@interledger/openapi": "2.0.2",
-    "axios": "^1.7.9",
+    "axios": "^1.8.2",
     "pino": "^8.19.0"
   }
 }