fix: project tokens type bug fix (#3734)

<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->
Cherry picks the change transforming the token type to lowercase
## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>

src/lib/db/api-token-store.ts

@@ -39,7 +39,7 @@ const tokenRowReducer = (acc, tokenRow) => {
         acc[tokenRow.secret] = {
             secret: token.secret,
             username: token.username,
-            type: token.type,
+            type: token.type.toLowerCase(),
             project: ALL,
             projects: [ALL],
             environment: token.environment ? token.environment : ALL,

src/lib/routes/admin-api/project/api-token.ts

@@ -31,6 +31,7 @@ import Controller from '../../controller';
 import { Logger } from '../../../logger';
 import { Response } from 'express';
 import { timingSafeEqual } from 'crypto';
+import { createApiToken } from '../../../schema/api-token-schema';
 
 interface ProjectTokenParam {
     token: string;
@@ -143,7 +144,7 @@ export class ProjectApiTokenController extends Controller {
         req: IAuthRequest,
         res: Response<ApiTokenSchema>,
     ): Promise<any> {
-        const createToken = req.body;
+        const createToken = await createApiToken.validateAsync(req.body);
         const { projectId } = req.params;
         if (!createToken.project) {
             createToken.project = projectId;

src/test/e2e/api/admin/project/api-token.e2e.test.ts

@@ -0,0 +1,48 @@
+import dbInit from '../../../helpers/database-init';
+import { setupAppWithCustomConfig } from '../../../helpers/test-helper';
+import getLogger from '../../../../fixtures/no-logger';
+import { ApiTokenStore } from '../../../../../lib/db/api-token-store';
+
+let app;
+let db;
+
+let apiTokenStore: ApiTokenStore;
+
+beforeAll(async () => {
+    db = await dbInit('projects_api_serial', getLogger);
+    app = await setupAppWithCustomConfig(db.stores, {
+        experimental: {
+            flags: {
+                strictSchemaValidation: true,
+            },
+        },
+    });
+    apiTokenStore = db.stores.apiTokenStore;
+});
+
+afterAll(async () => {
+    await app.destroy();
+    await db.destroy();
+});
+
+test('Should always return token type in lowercase', async () => {
+    await apiTokenStore.insert({
+        environment: '*',
+        alias: 'some-alias',
+        secret: 'some-secret',
+        type: 'FRONTEND' as any,
+        projects: ['default'],
+        username: 'some-username',
+    });
+
+    const storedToken = await apiTokenStore.get('some-secret');
+    expect(storedToken.type).toBe('frontend');
+
+    const { body } = await app.request
+        .get('/api/admin/projects/default/api-tokens')
+        .expect(200)
+        .expect('Content-Type', /json/);
+
+    expect(body.tokens).toHaveLength(1);
+    expect(body.tokens[0].type).toBe('frontend');
+});