This repository contains an API for retrieving application form data from the admin and user service database, which is part of the FindOpenApiGateway ecosystem.
The GAP Find Open Data API serves as an interface for retrieving application form data from the admin database and interacting alsow with the user service database to retrieve users info. The request to this API are forwarded from the API Gateway after receiving the Allow policy from the gap-find-open-data-authoriser lambda. The request will have a header 'jwt' with a token containing the funder ID of the api-key used in the request.
- Data Retrieval: Allows retrieval of application form data from the admin database.
- Integration with FindOpenApiGateway: Requests to this API are forwarded from the API Gateway after receiving an Allow policy from the
gap-find-open-data-authorizerLambda function. - JWT Token Authentication: Requests to the API must include a 'jwt' header containing a token with the funder ID of the API key used in the request.
To use the GAP Find Open Data API, make HTTP requests to the appropriate endpoints. Ensure that the requests include the required 'jwt' header with a valid JWT token containing the funder ID associated with the API key.
Requests to the API must include a 'jwt' header with a JWT token containing the funder ID associated with the API key. This token is generated by the gap-find-open-data-authorizer Lambda function.
- You would need to set up the admin database as per gap-find-admin-backend
- From root go to the mockUserService folder and run
docker compose up -dto run the user-service mock (Needed to grab the user email) - You would need to comment out in src/main/java/gov/cabinetoffice/api/security/JwtAuthorisationFilter.java from line 32 to 49.
- In src/main/java/gov/cabinetoffice/api/security/JwtAuthorisationFilter.java line 51 replace funderId.asString() with a string containing a funding_id present in the database that you want to test.
- Run
mvn spring-boot:run - The service will now be ready to receive request without the presence of the jwt header, and will return filtered result based on the funding_id set in the previous step.