From 8ace80de741b980fd7d0d043c9b5e319832c7f30 Mon Sep 17 00:00:00 2001
From: "saito.k" <saito.k@nds-tyo.co.jp>
Date: Thu, 26 Oct 2023 01:37:35 +0000
Subject: [PATCH] =?UTF-8?q?Merged=20PR=20517:=20API=20IF=E5=AE=9F=E8=A3=85?=
 =?UTF-8?q?=EF=BC=88=E4=BB=A3=E8=A1=8C=E6=93=8D=E4=BD=9C=E7=94=A8=E3=83=88?=
 =?UTF-8?q?=E3=83=BC=E3=82=AF=E3=83=B3=E7=94=9F=E6=88=90=EF=BC=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

## 概要
[Task2904: API IF](https://paruru.nds-tyo.co.jp:8443/tfs/ReciproCollection/fa4924a4-d079-4fab-9fb5-a9a11eb205f0/_workitems/edit/2904)

- 以下のAPIのIF実装
  - POST /api/auth/delegation-token
  - POST /api/auth/delegation-access-token
- OpenApiを生成
- 不要なas変換を削除

## レビューポイント
- リクエスト・レスポンスの型は認識通りか
  - 代行操作用トークン生成APIの引数のパラメータ名はよさそうか（delegatedAccountId）
- アクセストークン再生成APIについてはガードを付けず、service内で引数に受け取ったリフレッシュトークンを検証し、正しいロール、階層かチェックする方向でよさそうか（通常のアクセストークン再生成と同様に）

## 動作確認状況
- ローカルで確認

## 補足
- 相談、参考資料などがあれば
---
 dictation_server/src/api/odms/openapi.json    | 136 +++++++++++++++++-
 .../features/accounts/accounts.controller.ts  |  40 +++---
 .../src/features/accounts/types/types.ts      |  18 +--
 .../src/features/auth/auth.controller.ts      | 101 ++++++++++++-
 .../src/features/auth/types/types.ts          |  16 +++
 .../features/licenses/licenses.controller.ts  |  10 +-
 .../src/features/tasks/tasks.controller.ts    |  12 +-
 .../src/features/tasks/types/types.ts         |  12 +-
 .../src/features/users/types/types.ts         |  26 ++--
 .../src/features/users/users.controller.ts    |  14 +-
 .../src/features/workflows/types/types.ts     |  12 +-
 11 files changed, 317 insertions(+), 80 deletions(-)

diff --git a/dictation_server/src/api/odms/openapi.json b/dictation_server/src/api/odms/openapi.json
index 76bf8c9..c316181 100644
--- a/dictation_server/src/api/odms/openapi.json
+++ b/dictation_server/src/api/odms/openapi.json
@@ -88,6 +88,100 @@
         "security": [{ "bearer": [] }]
       }
     },
+    "/auth/delegation/token": {
+      "post": {
+        "operationId": "delegationToken",
+        "summary": "",
+        "description": "代行操作用のリフレッシュトークン・アクセストークンを生成します",
+        "parameters": [],
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/DelegationTokenRequest"
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "成功時のレスポンス",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/DelegationTokenResponse"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "指定したアカウントが代行操作を許可していない場合",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ErrorResponse" }
+              }
+            }
+          },
+          "401": {
+            "description": "認証エラー",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ErrorResponse" }
+              }
+            }
+          },
+          "500": {
+            "description": "想定外のサーバーエラー",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ErrorResponse" }
+              }
+            }
+          }
+        },
+        "tags": ["auth"],
+        "security": [{ "bearer": [] }]
+      }
+    },
+    "/auth/delegation/access-token": {
+      "post": {
+        "operationId": "delegationAccessToken",
+        "summary": "",
+        "description": "代行操作用のアクセストークンを再生成します",
+        "parameters": [],
+        "responses": {
+          "200": {
+            "description": "成功時のレスポンス",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/DelegationAccessTokenResponse"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "認証エラー",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ErrorResponse" }
+              }
+            }
+          },
+          "500": {
+            "description": "想定外のサーバーエラー",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ErrorResponse" }
+              }
+            }
+          }
+        },
+        "tags": ["auth"],
+        "security": [{ "bearer": [] }]
+      }
+    },
     "/accounts": {
       "post": {
         "operationId": "createAccount",
@@ -3399,6 +3493,40 @@
         "properties": { "accessToken": { "type": "string" } },
         "required": ["accessToken"]
       },
+      "DelegationTokenRequest": {
+        "type": "object",
+        "properties": {
+          "delegatedAccountId": {
+            "type": "number",
+            "description": "代行操作対象のアカウントID"
+          }
+        },
+        "required": ["delegatedAccountId"]
+      },
+      "DelegationTokenResponse": {
+        "type": "object",
+        "properties": {
+          "refreshToken": {
+            "type": "string",
+            "description": "代行操作用のリフレッシュトークン"
+          },
+          "accessToken": {
+            "type": "string",
+            "description": "代行操作用のアクセストークン"
+          }
+        },
+        "required": ["refreshToken", "accessToken"]
+      },
+      "DelegationAccessTokenResponse": {
+        "type": "object",
+        "properties": {
+          "accessToken": {
+            "type": "string",
+            "description": "代行操作用のアクセストークン"
+          }
+        },
+        "required": ["accessToken"]
+      },
       "CreateAccountRequest": {
         "type": "object",
         "properties": {
@@ -3680,13 +3808,7 @@
           "poNumber": { "type": "string", "description": "POナンバー" },
           "status": { "type": "string", "description": "注文状態" }
         },
-        "required": [
-          "orderDate",
-          "issueDate",
-          "numberOfOrder",
-          "poNumber",
-          "status"
-        ]
+        "required": ["orderDate", "numberOfOrder", "poNumber", "status"]
       },
       "GetOrderHistoriesResponse": {
         "type": "object",
diff --git a/dictation_server/src/features/accounts/accounts.controller.ts b/dictation_server/src/features/accounts/accounts.controller.ts
index cba3bb2..241a72a 100644
--- a/dictation_server/src/features/accounts/accounts.controller.ts
+++ b/dictation_server/src/features/accounts/accounts.controller.ts
@@ -200,7 +200,7 @@ export class AccountsController {
   @UseGuards(RoleGuard.requireds({ roles: [ADMIN_ROLES.ADMIN] }))
   @Get('me')
   async getMyAccount(@Req() req: Request): Promise<GetMyAccountResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -249,7 +249,7 @@ export class AccountsController {
   @UseGuards(RoleGuard.requireds({ roles: [ADMIN_ROLES.ADMIN] }))
   @Get('authors')
   async getAuthors(@Req() req: Request): Promise<GetAuthorsResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -295,7 +295,7 @@ export class AccountsController {
   @UseGuards(AuthGuard)
   @Get('typists')
   async getTypists(@Req() req: Request): Promise<GetTypistsResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -340,7 +340,7 @@ export class AccountsController {
   @UseGuards(AuthGuard)
   @Get('typist-groups')
   async getTypistGroups(@Req() req: Request): Promise<GetTypistGroupsResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -398,7 +398,7 @@ export class AccountsController {
 
     // アクセストークン取得
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -461,7 +461,7 @@ export class AccountsController {
     const { typistGroupName, typistIds } = body;
     // アクセストークン取得
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -525,7 +525,7 @@ export class AccountsController {
 
     // アクセストークン取得
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -590,7 +590,7 @@ export class AccountsController {
   ): Promise<CreatePartnerAccountResponse> {
     const { companyName, country, email, adminName } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -731,7 +731,7 @@ export class AccountsController {
   ): Promise<IssueLicenseResponse> {
     const { orderedAccountId, poNumber } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -812,7 +812,7 @@ export class AccountsController {
     @Req() req: Request,
     @Body() body: CancelIssueRequest,
   ): Promise<CancelIssueResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -860,7 +860,7 @@ export class AccountsController {
   @UseGuards(AuthGuard)
   @UseGuards(RoleGuard.requireds({ roles: [ADMIN_ROLES.ADMIN] }))
   async getWorktypes(@Req() req: Request): Promise<GetWorktypesResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -913,7 +913,7 @@ export class AccountsController {
   ): Promise<CreateWorktypeResponse> {
     const { worktypeId, description } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -973,7 +973,7 @@ export class AccountsController {
     const { worktypeId, description } = body;
     const { id } = param;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -1033,7 +1033,7 @@ export class AccountsController {
   ): Promise<DeleteWorktypeResponse> {
     const { id } = param;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -1086,7 +1086,7 @@ export class AccountsController {
   ): Promise<GetOptionItemsResponse> {
     const { id } = param;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -1146,7 +1146,7 @@ export class AccountsController {
     const { optionItems } = body;
     const { id } = param;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -1205,7 +1205,7 @@ export class AccountsController {
   ): Promise<PostActiveWorktypeResponse> {
     const { id } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -1263,7 +1263,7 @@ export class AccountsController {
   ): Promise<GetPartnersResponse> {
     const { limit, offset } = query;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -1330,7 +1330,7 @@ export class AccountsController {
       secondryAdminUserId,
     } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -1390,7 +1390,7 @@ export class AccountsController {
   ): Promise<DeleteAccountResponse> {
     const { accountId } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
diff --git a/dictation_server/src/features/accounts/types/types.ts b/dictation_server/src/features/accounts/types/types.ts
index ccb45d9..921bd10 100644
--- a/dictation_server/src/features/accounts/types/types.ts
+++ b/dictation_server/src/features/accounts/types/types.ts
@@ -34,7 +34,7 @@ export class CreateAccountRequest {
   @ApiProperty({ required: false })
   @IsInt()
   @IsOptional()
-  dealerAccountId?: number | undefined;
+  dealerAccountId?: number;
   @ApiProperty()
   adminName: string;
   @ApiProperty()
@@ -116,19 +116,19 @@ export class Account {
   country: string;
 
   @ApiProperty({ required: false })
-  parentAccountId?: number | undefined;
+  parentAccountId?: number;
 
   @ApiProperty()
   delegationPermission: boolean;
 
   @ApiProperty({ required: false })
-  primaryAdminUserId?: number | undefined;
+  primaryAdminUserId?: number;
 
   @ApiProperty({ required: false })
-  secondryAdminUserId?: number | undefined;
+  secondryAdminUserId?: number;
 
   @ApiProperty({ required: false })
-  parentAccountName?: string | undefined;
+  parentAccountName?: string;
 }
 
 export class GetMyAccountResponse {
@@ -394,7 +394,7 @@ export class GetWorktypesResponse {
     required: false,
     description: 'Active WorktypeIDに設定されているWorkTypeの内部ID',
   })
-  active?: number | undefined;
+  active?: number;
 }
 
 export class CreateWorktypesRequest {
@@ -516,7 +516,7 @@ export class PostActiveWorktypeRequest {
   @Type(() => Number)
   @IsInt()
   @Min(0)
-  id?: number | undefined;
+  id?: number;
 }
 
 export class PostActiveWorktypeResponse {}
@@ -571,14 +571,14 @@ export type PartnerInfoFromDb = {
 export class UpdateAccountInfoRequest {
   @ApiProperty({ description: '親アカウントのID', required: false })
   @IsOptional()
-  parentAccountId?: number | undefined;
+  parentAccountId?: number;
   @ApiProperty({ description: '代行操作許可' })
   delegationPermission: boolean;
   @ApiProperty({ description: 'プライマリ管理者ID' })
   primaryAdminUserId: number;
   @ApiProperty({ description: 'セカンダリ管理者ID', required: false })
   @IsOptional()
-  secondryAdminUserId?: number | undefined;
+  secondryAdminUserId?: number;
 }
 
 export class UpdateAccountInfoResponse {}
diff --git a/dictation_server/src/features/auth/auth.controller.ts b/dictation_server/src/features/auth/auth.controller.ts
index 4d8d33b..aa82fc2 100644
--- a/dictation_server/src/features/auth/auth.controller.ts
+++ b/dictation_server/src/features/auth/auth.controller.ts
@@ -5,6 +5,7 @@ import {
   HttpStatus,
   Post,
   Req,
+  UseGuards,
 } from '@nestjs/common';
 import {
   ApiResponse,
@@ -19,10 +20,17 @@ import {
   AccessTokenResponse,
   TokenRequest,
   TokenResponse,
+  DelegationTokenRequest,
+  DelegationTokenResponse,
+  DelegationAccessTokenResponse,
 } from './types/types';
 import { retrieveAuthorizationToken } from '../../common/http/helper';
 import { makeContext } from '../../common/log';
 import { v4 as uuidv4 } from 'uuid';
+import { Request } from 'express';
+import { AuthGuard } from '../../common/guards/auth/authguards';
+import { RoleGuard } from '../../common/guards/role/roleguards';
+import { ADMIN_ROLES, TIERS } from '../../constants';
 
 @ApiTags('auth')
 @Controller('auth')
@@ -117,7 +125,7 @@ export class AuthController {
     operationId: 'accessToken',
     description: 'リフレッシュトークンを元にアクセストークンを再生成します',
   })
-  async accessToken(@Req() req): Promise<AccessTokenResponse> {
+  async accessToken(@Req() req: Request): Promise<AccessTokenResponse> {
     const refreshToken = retrieveAuthorizationToken(req);
 
     if (!refreshToken) {
@@ -135,4 +143,95 @@ export class AuthController {
     );
     return { accessToken };
   }
+
+  @Post('delegation/token')
+  @ApiBearerAuth()
+  @ApiResponse({
+    status: HttpStatus.OK,
+    type: DelegationTokenResponse,
+    description: '成功時のレスポンス',
+  })
+  @ApiResponse({
+    status: HttpStatus.UNAUTHORIZED,
+    description: '認証エラー',
+    type: ErrorResponse,
+  })
+  @ApiResponse({
+    status: HttpStatus.BAD_REQUEST,
+    description: '指定したアカウントが代行操作を許可していない場合',
+    type: ErrorResponse,
+  })
+  @ApiResponse({
+    status: HttpStatus.INTERNAL_SERVER_ERROR,
+    description: '想定外のサーバーエラー',
+    type: ErrorResponse,
+  })
+  @ApiOperation({
+    operationId: 'delegationToken',
+    description:
+      '代行操作用のリフレッシュトークン・アクセストークンを生成します',
+  })
+  @UseGuards(AuthGuard)
+  @UseGuards(
+    RoleGuard.requireds({
+      roles: [ADMIN_ROLES.ADMIN],
+      tiers: [TIERS.TIER4],
+    }),
+  )
+  async delegationToken(
+    @Req() req: Request,
+    @Body() body: DelegationTokenRequest,
+  ): Promise<DelegationTokenResponse> {
+    const { delegatedAccountId } = body;
+    const refreshToken = retrieveAuthorizationToken(req);
+
+    if (!refreshToken) {
+      throw new HttpException(
+        makeErrorResponse('E000107'),
+        HttpStatus.UNAUTHORIZED,
+      );
+    }
+
+    const context = makeContext(uuidv4());
+
+    return { accessToken: '', refreshToken: '' };
+  }
+
+  @Post('delegation/access-token')
+  @ApiBearerAuth()
+  @ApiResponse({
+    status: HttpStatus.OK,
+    type: DelegationAccessTokenResponse,
+    description: '成功時のレスポンス',
+  })
+  @ApiResponse({
+    status: HttpStatus.UNAUTHORIZED,
+    description: '認証エラー',
+    type: ErrorResponse,
+  })
+  @ApiResponse({
+    status: HttpStatus.INTERNAL_SERVER_ERROR,
+    description: '想定外のサーバーエラー',
+    type: ErrorResponse,
+  })
+  @ApiOperation({
+    operationId: 'delegationAccessToken',
+    description: '代行操作用のアクセストークンを再生成します',
+  })
+  async delegationAccessToken(
+    @Req() req: Request,
+  ): Promise<DelegationAccessTokenResponse> {
+    const refreshToken = retrieveAuthorizationToken(req);
+
+    if (!refreshToken) {
+      throw new HttpException(
+        makeErrorResponse('E000107'),
+        HttpStatus.UNAUTHORIZED,
+      );
+    }
+
+    const context = makeContext(uuidv4());
+
+    return { accessToken: '' };
+  }
 }
diff --git a/dictation_server/src/features/auth/types/types.ts b/dictation_server/src/features/auth/types/types.ts
index a5250bc..7528fa7 100644
--- a/dictation_server/src/features/auth/types/types.ts
+++ b/dictation_server/src/features/auth/types/types.ts
@@ -25,3 +25,19 @@ export type TermsCheckInfo = {
   latestEulaVersion: string;
   latestDpaVersion: string;
 };
+
+export class DelegationTokenRequest {
+  @ApiProperty({ description: '代行操作対象のアカウントID' })
+  delegatedAccountId: number;
+}
+export class DelegationTokenResponse {
+  @ApiProperty({ description: '代行操作用のリフレッシュトークン' })
+  refreshToken: string;
+  @ApiProperty({ description: '代行操作用のアクセストークン' })
+  accessToken: string;
+}
+
+export class DelegationAccessTokenResponse {
+  @ApiProperty({ description: '代行操作用のアクセストークン' })
+  accessToken: string;
+}
diff --git a/dictation_server/src/features/licenses/licenses.controller.ts b/dictation_server/src/features/licenses/licenses.controller.ts
index fac9163..ae47eb1 100644
--- a/dictation_server/src/features/licenses/licenses.controller.ts
+++ b/dictation_server/src/features/licenses/licenses.controller.ts
@@ -75,7 +75,7 @@ export class LicensesController {
     @Req() req: Request,
     @Body() body: CreateOrdersRequest,
   ): Promise<CreateOrdersResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -126,7 +126,7 @@ export class LicensesController {
     @Req() req: Request,
     @Body() body: IssueCardLicensesRequest,
   ): Promise<IssueCardLicensesResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -182,7 +182,7 @@ export class LicensesController {
     @Req() req: Request,
     @Body() body: ActivateCardLicensesRequest,
   ): Promise<ActivateCardLicensesResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -235,7 +235,7 @@ export class LicensesController {
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
     @Req() req: Request,
   ): Promise<GetAllocatableLicensesResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -296,7 +296,7 @@ export class LicensesController {
     @Req() req: Request,
     @Body() body: CancelOrderRequest,
   ): Promise<CancelOrderResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
diff --git a/dictation_server/src/features/tasks/tasks.controller.ts b/dictation_server/src/features/tasks/tasks.controller.ts
index 49fbe9e..72bd402 100644
--- a/dictation_server/src/features/tasks/tasks.controller.ts
+++ b/dictation_server/src/features/tasks/tasks.controller.ts
@@ -84,7 +84,7 @@ export class TasksController {
     @Req() req,
     @Query() body: TasksRequest,
   ): Promise<TasksResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -204,7 +204,7 @@ export class TasksController {
   ): Promise<ChangeStatusResponse> {
     // AuthGuardでチェック済みなのでここでのアクセストークンチェックはしない
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -274,7 +274,7 @@ export class TasksController {
     const { audioFileId } = params;
     // AuthGuardでチェック済みなのでここでのアクセストークンチェックはしない
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -341,7 +341,7 @@ export class TasksController {
     const { audioFileId } = params;
     // AuthGuardでチェック済みなのでここでのアクセストークンチェックはしない
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -410,7 +410,7 @@ export class TasksController {
     const { audioFileId } = params;
     // AuthGuardでチェック済みなのでここでのアクセストークンチェックはしない
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -560,7 +560,7 @@ export class TasksController {
   ): Promise<PostCheckoutPermissionResponse> {
     const { assignees } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
diff --git a/dictation_server/src/features/tasks/types/types.ts b/dictation_server/src/features/tasks/types/types.ts
index ac11e1b..4e07f73 100644
--- a/dictation_server/src/features/tasks/types/types.ts
+++ b/dictation_server/src/features/tasks/types/types.ts
@@ -77,7 +77,7 @@ export class Assignee {
   @IsInt()
   @Min(1)
   @IsOptional()
-  typistUserId?: number | undefined;
+  typistUserId?: number;
   @ApiProperty({
     required: false,
     description: 'TypistGroupID（TypistGroupIDかTypistIDのどちらかに値が入る）',
@@ -85,7 +85,7 @@ export class Assignee {
   @IsInt()
   @Min(1)
   @IsOptional()
-  typistGroupId?: number | undefined;
+  typistGroupId?: number;
   @ApiProperty({ description: 'Typist名 / TypistGroup名' })
   typistName: string;
 }
@@ -143,7 +143,7 @@ export class Task {
     required: false,
     description: '割り当てられたユーザー',
   })
-  typist?: Typist | undefined;
+  typist?: Typist;
   @ApiProperty({
     type: [Assignee],
     description:
@@ -159,12 +159,12 @@ export class Task {
     required: false,
     description: '文字起こし開始日時（yyyy-mm-ddThh:mm:ss.sss）',
   })
-  transcriptionStartedDate?: string | undefined;
+  transcriptionStartedDate?: string;
   @ApiProperty({
     required: false,
     description: '文字起こし終了日時（yyyy-mm-ddThh:mm:ss.sss）',
   })
-  transcriptionFinishedDate?: string | undefined;
+  transcriptionFinishedDate?: string;
 }
 
 export class TasksResponse {
@@ -198,7 +198,7 @@ export class AudioNextResponse {
     required: false,
     description: 'ODMS Cloud上の次の音声ファイルID（存在しなければundefind）',
   })
-  nextFileId?: number | undefined;
+  nextFileId?: number;
 }
 
 export class ChangeStatusRequest {
diff --git a/dictation_server/src/features/users/types/types.ts b/dictation_server/src/features/users/types/types.ts
index b75b6b6..b30b637 100644
--- a/dictation_server/src/features/users/types/types.ts
+++ b/dictation_server/src/features/users/types/types.ts
@@ -30,7 +30,7 @@ export class User {
   role: string;
 
   @ApiProperty({ required: false })
-  authorId?: string | undefined;
+  authorId?: string;
 
   @ApiProperty()
   typistGroupName: string[];
@@ -57,10 +57,10 @@ export class User {
   prompt: boolean;
 
   @ApiProperty({ required: false })
-  expiration?: string | undefined;
+  expiration?: string;
 
   @ApiProperty({ required: false })
-  remaining?: number | undefined;
+  remaining?: number;
 
   @ApiProperty({
     description: `${Object.values(USER_LICENSE_STATUS).join('/')}`,
@@ -86,7 +86,7 @@ export class SignupRequest {
 
   @ApiProperty({ required: false })
   @IsRoleAuthorDataValid()
-  authorId?: string | undefined;
+  authorId?: string;
 
   @ApiProperty()
   email: string;
@@ -102,16 +102,16 @@ export class SignupRequest {
 
   @ApiProperty({ required: false })
   @IsRoleAuthorDataValid()
-  encryption?: boolean | undefined;
+  encryption?: boolean;
 
   @ApiProperty({ required: false })
   @IsPasswordvalid()
   @IsEncryptionPasswordPresent()
-  encryptionPassword?: string | undefined;
+  encryptionPassword?: string;
 
   @ApiProperty({ required: false })
   @IsRoleAuthorDataValid()
-  prompt?: boolean | undefined;
+  prompt?: boolean;
 }
 
 export class SignupResponse {}
@@ -162,7 +162,7 @@ export class GetRelationsResponse {
     description: 'ユーザーが暗号化を掛ける場合のパスワード',
     required: false,
   })
-  encryptionPassword?: string | undefined;
+  encryptionPassword?: string;
   @ApiProperty({
     description:
       'アカウントがデフォルトで利用するWorkTypeID（アカウントに紐づくWorkTypeIDから一つ指定。activeWorktypeがなければ空文字を返却する）',
@@ -215,7 +215,7 @@ export class PostUpdateUserRequest {
 
   @ApiProperty({ required: false })
   @IsRoleAuthorDataValid()
-  authorId?: string | undefined;
+  authorId?: string;
 
   @ApiProperty()
   autoRenew: boolean;
@@ -228,15 +228,15 @@ export class PostUpdateUserRequest {
 
   @ApiProperty({ required: false })
   @IsRoleAuthorDataValid()
-  encryption?: boolean | undefined;
+  encryption?: boolean;
 
   @ApiProperty({ required: false })
   @IsPasswordvalid()
-  encryptionPassword?: string | undefined;
+  encryptionPassword?: string;
 
   @ApiProperty({ required: false })
   @IsRoleAuthorDataValid()
-  prompt?: boolean | undefined;
+  prompt?: boolean;
 }
 
 export class PostUpdateUserResponse {}
@@ -263,7 +263,7 @@ export class UpdateAcceptedVersionRequest {
   @ApiProperty({ description: '更新バージョン（EULA）' })
   acceptedEULAVersion: string;
   @ApiProperty({ description: '更新バージョン（DPA）', required: false })
-  acceptedDPAVersion?: string | undefined;
+  acceptedDPAVersion?: string;
 }
 
 export class UpdateAcceptedVersionResponse {}
diff --git a/dictation_server/src/features/users/users.controller.ts b/dictation_server/src/features/users/users.controller.ts
index cee1a78..c0e4330 100644
--- a/dictation_server/src/features/users/users.controller.ts
+++ b/dictation_server/src/features/users/users.controller.ts
@@ -132,7 +132,7 @@ export class UsersController {
   @UseGuards(RoleGuard.requireds({ roles: [ADMIN_ROLES.ADMIN] }))
   @Get()
   async getUsers(@Req() req: Request): Promise<GetUsersResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -194,7 +194,7 @@ export class UsersController {
       prompt,
     } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -253,7 +253,7 @@ export class UsersController {
   @UseGuards(AuthGuard)
   @Get('relations')
   async getRelations(@Req() req: Request): Promise<GetRelationsResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -307,7 +307,7 @@ export class UsersController {
   ): Promise<PostSortCriteriaResponse> {
     const { direction, paramName } = body;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -365,7 +365,7 @@ export class UsersController {
   ): Promise<GetSortCriteriaResponse> {
     const {} = query;
 
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -499,7 +499,7 @@ export class UsersController {
     @Body() body: AllocateLicenseRequest,
     @Req() req: Request,
   ): Promise<AllocateLicenseResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
@@ -558,7 +558,7 @@ export class UsersController {
     @Body() body: DeallocateLicenseRequest,
     @Req() req: Request,
   ): Promise<DeallocateLicenseResponse> {
-    const accessToken = retrieveAuthorizationToken(req) as string;
+    const accessToken = retrieveAuthorizationToken(req);
     if (!accessToken) {
       throw new HttpException(
         makeErrorResponse('E000107'),
diff --git a/dictation_server/src/features/workflows/types/types.ts b/dictation_server/src/features/workflows/types/types.ts
index ced5b59..87f77c0 100644
--- a/dictation_server/src/features/workflows/types/types.ts
+++ b/dictation_server/src/features/workflows/types/types.ts
@@ -44,9 +44,9 @@ export class GetWorkflowsResponse {
 
 export class WorkflowTypist {
   @ApiProperty({ description: 'タイピストユーザーの内部ID', required: false })
-  typistId?: number | undefined;
+  typistId?: number;
   @ApiProperty({ description: 'タイピストグループの内部ID', required: false })
-  typistGroupId?: number | undefined;
+  typistGroupId?: number;
 }
 
 export class CreateWorkflowsRequest {
@@ -60,13 +60,13 @@ export class CreateWorkflowsRequest {
   @Type(() => Number)
   @IsInt()
   @Min(0)
-  worktypeId?: number | undefined;
+  worktypeId?: number;
   @ApiProperty({ description: 'テンプレートの内部ID', required: false })
   @IsOptional()
   @Type(() => Number)
   @IsInt()
   @Min(0)
-  templateId?: number | undefined;
+  templateId?: number;
   @ApiProperty({
     description: 'ルーティング候補のタイピストユーザー/タイピストグループ',
     type: [WorkflowTypist],
@@ -99,13 +99,13 @@ export class UpdateWorkflowRequest {
   @Type(() => Number)
   @IsInt()
   @Min(0)
-  worktypeId?: number | undefined;
+  worktypeId?: number;
   @ApiProperty({ description: 'テンプレートの内部ID', required: false })
   @IsOptional()
   @Type(() => Number)
   @IsInt()
   @Min(0)
-  templateId?: number | undefined;
+  templateId?: number;
   @ApiProperty({
     description: 'ルーティング候補のタイピストユーザー/タイピストグループ',
     type: [WorkflowTypist],