From 971e5b4d5d5bd2d43d260cf6955d94c871a4d048 Mon Sep 17 00:00:00 2001
From: Tim van Oostrom <t.van.oostrom@amsterdam.nl>
Date: Wed, 18 Dec 2024 22:39:35 +0100
Subject: [PATCH] Validate profileType, move types

---
 src/mijnamsterdam.d.ts             |  4 ----
 src/server/auth/auth-helpers.ts    |  5 +++++
 src/server/services/cms-content.ts |  8 ++++++--
 src/universal/types/App.types.ts   | 13 +++++++++++++
 4 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/src/mijnamsterdam.d.ts b/src/mijnamsterdam.d.ts
index db2eb41cdc..16f1d978f0 100644
--- a/src/mijnamsterdam.d.ts
+++ b/src/mijnamsterdam.d.ts
@@ -22,10 +22,6 @@ type ReturnTypeAsync<T extends (...args: any) => any> = T extends (
     ? R
     : any;
 
-type ProfileType = 'private' | 'private-attributes' | 'commercial';
-
-type AuthMethod = 'digid' | 'eherkenning';
-
 type Optional<T, K extends keyof T> = Pick<Partial<T>, K> & Omit<T, K>;
 
 type Prettify<T> = {
diff --git a/src/server/auth/auth-helpers.ts b/src/server/auth/auth-helpers.ts
index 226a40d800..82b45b673e 100644
--- a/src/server/auth/auth-helpers.ts
+++ b/src/server/auth/auth-helpers.ts
@@ -19,6 +19,7 @@ import {
 } from './auth-types';
 import { FeatureToggle } from '../../universal/config/feature-toggles';
 import { AppRoutes } from '../../universal/config/routes';
+import { PROFILE_TYPES } from '../../universal/types/App.types';
 import { ExternalConsumerEndpoints } from '../routing/bff-routes';
 import { generateFullApiUrlBFF } from '../routing/route-helpers';
 import { captureException } from '../services/monitoring';
@@ -172,3 +173,7 @@ export function createLogoutHandler(
     return res.redirect(postLogoutRedirectUrl);
   };
 }
+
+export function isValidProfileType(profileType: unknown) {
+  return PROFILE_TYPES.includes(profileType as ProfileType);
+}
diff --git a/src/server/services/cms-content.ts b/src/server/services/cms-content.ts
index b6ef6c0b75..912819cfc6 100644
--- a/src/server/services/cms-content.ts
+++ b/src/server/services/cms-content.ts
@@ -15,6 +15,7 @@ import {
 } from '../../universal/helpers/api';
 import { hash } from '../../universal/helpers/utils';
 import { LinkProps } from '../../universal/types/App.types';
+import { isValidProfileType } from '../auth/auth-helpers';
 import FileCache from '../helpers/file-cache';
 import { getApiConfig } from '../helpers/source-api-helpers';
 import { requestData } from '../helpers/source-api-request';
@@ -285,10 +286,13 @@ async function fetchCmsBase(
   query?: QueryParamsCMSFooter
 ) {
   const forceRenew = query?.forceRenew === 'true';
-
+  const profileType =
+    query?.profileType && isValidProfileType(query?.profileType)
+      ? query.profileType
+      : undefined;
   const generalInfoPageRequest = getGeneralPage(
     requestID,
-    query?.profileType,
+    profileType,
     forceRenew
   );
 
diff --git a/src/universal/types/App.types.ts b/src/universal/types/App.types.ts
index 31a6b7015b..910c3f5182 100644
--- a/src/universal/types/App.types.ts
+++ b/src/universal/types/App.types.ts
@@ -122,3 +122,16 @@ export interface Match {
   path: string;
   url: string;
 }
+
+export const PROFILE_TYPES = [
+  'private',
+  'commercial',
+  'private-attributes',
+] as const;
+
+export const AUTH_METHODS = ['eherkenning', 'digid'] as const;
+
+declare global {
+  type ProfileType = (typeof PROFILE_TYPES)[number];
+  type AuthMethod = (typeof AUTH_METHODS)[number];
+}