Adding nonce into AuthZRequest tpye

apps/authz/src/app/app.controller.ts

@@ -54,6 +54,9 @@ export class AppController {
       result
     })
 
-    return result
+    return {
+      request: fakeRequest,
+      result,
+    }
   }
 }

apps/authz/src/app/app.module.ts

@@ -1,10 +1,11 @@
 import { PersistenceModule } from '@app/authz/shared/module/persistence/persistence.module'
-import { Logger, Module, OnApplicationBootstrap } from '@nestjs/common'
+import { Logger, Module, OnApplicationBootstrap, ValidationPipe } from '@nestjs/common'
 import { ConfigModule } from '@nestjs/config'
 import { load } from './app.config'
 import { AppController } from './app.controller'
 import { AppService } from './app.service'
 import { OpaService } from './opa/opa.service'
+import { APP_PIPE } from '@nestjs/core'
 
 @Module({
   imports: [
@@ -14,7 +15,14 @@ import { OpaService } from './opa/opa.service'
     PersistenceModule
   ],
   controllers: [AppController],
-  providers: [AppService, OpaService]
+  providers: [
+    AppService,
+    OpaService,
+    {
+      provide: APP_PIPE,
+      useClass: ValidationPipe
+    }
+  ]
 })
 export class AppModule implements OnApplicationBootstrap {
   private logger = new Logger(AppModule.name)

apps/authz/src/app/evaluation-request.dto.ts

@@ -25,6 +25,11 @@ export class BaseRequestDataDto {
     enum: Action
   })
   action: Action
+
+  @IsString()
+  @IsDefined()
+  @ApiProperty()
+  nonce: string
 }
 
 export class TransactionRequestDto {
@@ -142,7 +147,9 @@ export class EvaluationRequestDto {
 
   @ValidateNested()
   @Type((opts) => {
-    return opts?.object.action === Action.SIGN_TRANSACTION ? TransactionRequestDto : SignMessageRequestDataDto
+    return opts?.object.request.action === Action.SIGN_TRANSACTION
+      ? SignTransactionRequestDataDto
+      : SignMessageRequestDataDto
   })
   @IsDefined()
   @ApiProperty({

apps/authz/src/main.ts

@@ -1,19 +1,37 @@
-import { Logger } from '@nestjs/common'
+import { INestApplication, Logger, ValidationPipe } from '@nestjs/common'
 import { ConfigService } from '@nestjs/config'
 import { NestFactory } from '@nestjs/core'
 import { AppModule } from './app/app.module'
+import { lastValueFrom, map, of, switchMap } from 'rxjs'
+
+/**
+ * Adds global pipes to the application.
+ *
+ * @param app - The INestApplication instance.
+ * @returns The modified INestApplication instance.
+ */
+const withGlobalPipes = (app: INestApplication): INestApplication => {
+  app.useGlobalPipes(new ValidationPipe())
+
+  return app
+}
 
 async function bootstrap() {
   const logger = new Logger('AuthorizationNodeBootstrap')
-  const app = await NestFactory.create(AppModule)
-  const configService = app.get(ConfigService)
+  const application = await NestFactory.create(AppModule)
+  const configService = application.get(ConfigService)
   const port = configService.get('PORT')
 
   if (!port) {
     throw new Error('Missing PORT environment variable')
   }
 
-  await app.listen(port)
+    await lastValueFrom(
+      of(application).pipe(
+        map(withGlobalPipes),
+        switchMap((app) => app.listen(port))
+      )
+    )
 
   logger.log(`AuthZ is running on port ${port}`)
 }

apps/authz/src/shared/module/persistence/mock_data.ts

@@ -312,6 +312,7 @@ export const generateInboundRequest = async (): Promise<AuthZRequestPayload> =>
   const txRequest = ERC20_TRANSFER_TX_REQUEST
   const request = {
     action: Action.SIGN_TRANSACTION,
+    nonce: 'random-nonce-111',
     transactionRequest: txRequest,
     resourceId: TREASURY_WALLET_X.uid
   }

apps/authz/src/shared/types/domain.type.ts

@@ -65,6 +65,7 @@ export type HistoricalTransfer = {
  */
 export type AuthZRequest = {
   action: Action
+  nonce: string // A unique nonce for this request, to prevent replay attacks
   resourceId?: string
   transactionRequest?: TransactionRequest // for signTransaction
   message?: string // for signMessage