HTS-1083: wip

app/uk/gov/hmrc/helptosavetestadminfrontend/config/AppConfig.scala

@@ -28,20 +28,4 @@ class AppConfig @Inject()(val runModeConfiguration: Configuration, environment:
   private def loadConfig(key: String) = runModeConfiguration.getString(key).getOrElse(throw new Exception(s"Missing configuration key: $key"))
 
   lazy val assetsPrefix = loadConfig("assets.url") + loadConfig("assets.version")
-
-  val host: String = getString("microservice.services.host")
-
-  val apiHost: String = baseUrl("api")
-
-  val oauthURL: String = baseUrl("oauth-frontend")
-
-  val clientId: String = getString("microservice.services.oauth-frontend.client_id")
-  val clientSecret: String = getString("microservice.services.oauth-frontend.client_secret")
-
-  def oAuthRedirectUrl(htsUrl: String): String =
-    s"/oauth/authorize?client_id=$clientId&response_type=code&scope=read:help-to-save&redirect_uri=$htsUrl"
-
-  val eligibilityAuthorizeCallback = s"$host/help-to-save-test-admin-frontend/eligibility-authorize-callback"
-
-  val oauthTokenCallback = s"$host/help-to-save-test-admin-frontend/handle-oauth-token-callback"
 }

app/uk/gov/hmrc/helptosavetestadminfrontend/controllers/HelpToSaveApiController.scala

@@ -31,20 +31,40 @@ import scala.concurrent.Future
 class HelpToSaveApiController @Inject()(http: WSHttp)(implicit override val appConfig: AppConfig, val messageApi: MessagesApi)
   extends AdminFrontendController(messageApi, appConfig) with I18nSupport with Logging {
 
-  var accessToken = ""
+  val clientId: String = appConfig.getString("microservice.services.oauth-frontend.client_id")
+  val clientSecret: String = appConfig.getString("microservice.services.oauth-frontend.client_secret")
 
-  def authLoginStubCallback: Action[AnyContent] = Action.async { implicit request =>
-    Future.successful(SeeOther(appConfig.oAuthRedirectUrl(appConfig.eligibilityAuthorizeCallback)))
+  val adminFrontendHost: String = appConfig.getString("microservice.services.host")
+
+  val eligibilityAuthorizeCallback = s"$adminFrontendHost/help-to-save-test-admin-frontend/eligibility-authorize-callback"
+
+  val createAccountAuthorizeCallback = s"$adminFrontendHost/help-to-save-test-admin-frontend/create-account-authorize-callback"
+
+  val apiHost: String = appConfig.baseUrl("api")
+
+  val oauthURL: String = appConfig.baseUrl("oauth-frontend")
+
+  val oauthTokenCallback = s"$adminFrontendHost/help-to-save-test-admin-frontend/handle-oauth-token-callback"
+
+  val eligibilityScope = "read:help-to-save"
+  val createAccountScope = "write:help-to-save"
+
+  var eligibilityAccessToken = ""
+  var createAccountAccessToken = ""
+
+  def authLoginStubEligibilityCallback: Action[AnyContent] = Action.async { implicit request =>
+    val url = s"/oauth/authorize?client_id=$clientId&response_type=code&scope=$eligibilityScope&redirect_uri=$eligibilityAuthorizeCallback"
+    Future.successful(SeeOther(url))
   }
 
-  def eligibilityAuthorizeCallback: Action[AnyContent] = Action.async { implicit request =>
-    val b = body(request.queryString.get("code"))
-    http.post(s"${appConfig.oauthURL}/oauth/token", Json.parse(b), Map("Content-Type" -> "application/json"))
+  def handleEligibilityAuthorizeCallback: Action[AnyContent] = Action.async { implicit request =>
+    val b = eligibilityBody(request.queryString.get("code"))
+    http.post(s"$oauthURL/oauth/token", Json.parse(b), Map("Content-Type" -> "application/json"))
       .map {
         response =>
           response.status match {
             case OK | CREATED =>
-              accessToken = (response.json \ "access_token").as[String]
+              eligibilityAccessToken = (response.json \ "access_token").as[String]
               Ok("saved access_token")
             case other: Int =>
               logger.warn(s"got $other status during get access_token, body=${response.body}")
@@ -53,41 +73,110 @@ class HelpToSaveApiController @Inject()(http: WSHttp)(implicit override val appC
       }
   }
 
-  def handleOauthTokenCallback(): Action[AnyContent] = Action.async { implicit request =>
-    Future.successful(Ok("success"))
+  def handleEligibilityOauthTokenCallback(): Action[AnyContent] = Action.async { implicit request =>
+
+    val url =
+      s"""
+         |curl -v -X GET
+         |-H "Content-Type: application/json"
+         |-H "Accept: application/vnd.hmrc.2.0+json"
+         |-H "Gov-Client-User-ID: PROVIDE_NINO"
+         |-H "Gov-Client-Timezone: UTC"
+         |-H "Gov-Vendor-Version: 1.3"
+         |-H "Gov-Vendor-Instance-ID: ${UUID.randomUUID().toString}"
+         |-H "Authorization: Bearer $eligibilityAccessToken"
+         |-H "Cache-Control: no-cache"
+         |-H "Postman-Token: ${UUID.randomUUID().toString}"
+         | -d '{
+         |  "header": {
+         |    "version": "1.0",
+         |    "createdTimestamp": "2017-11-22 23:11:09 GMT",
+         |    "clientCode": "KCOM",
+         |    "requestCorrelationId": "${UUID.randomUUID().toString}"
+         |  }}' "$apiHost/individuals/help-to-save/eligibility/PROVIDE_NINO_HERE"
+         |
+       """.stripMargin
+    Future.successful(Ok(url))
   }
 
-  def body(maybeCode: Option[Seq[String]]): String =
+  def eligibilityBody(maybeCode: Option[Seq[String]]): String =
     s"""{
-          "client_secret":"${appConfig.clientSecret}",
-          "client_id":"${appConfig.clientId}",
+          "client_secret":"$clientSecret",
+          "client_id":"$clientId",
           "grant_type":"authorization_code",
-          "redirect_uri":"${appConfig.eligibilityAuthorizeCallback}",
+          "redirect_uri":"$adminFrontendHost/help-to-save-test-admin-frontend/eligibility-authorize-callback",
           "code":"${maybeCode.getOrElse(Seq("")).head}"
       }"""
 
-  def checkEligibility(nino: String): Action[AnyContent] = Action.async { implicit request =>
-    logger.info("inside checkEligibility")
-    val headers = Map("Content-Type" -> "application/json",
-      "Accept" -> "application/vnd.hmrc.2.0+json",
-      "Gov-Client-User-ID" -> "EL069651A",
-      "Gov-Client-Timezone" -> "UTC",
-      "Gov-Vendor-Version" -> "1.3",
-      "Gov-Vendor-Instance-ID" -> UUID.randomUUID().toString,
-      "Authorization" -> s"Bearer $accessToken",
-      "Cache-Control" -> "no-cache",
-      "Postman-Token" -> UUID.randomUUID().toString
-    )
-
-    http.get(s"${appConfig.apiHost}/individuals/help-to-save/eligibility/$nino", headers)
+
+
+
+  def authLoginStubCreateAccountCallback: Action[AnyContent] = Action.async { implicit request =>
+    val url = s"/oauth/authorize?client_id=$clientId&response_type=code&scope=$createAccountScope&redirect_uri=$createAccountAuthorizeCallback"
+    Future.successful(SeeOther(url))
+  }
+
+  def handleCreateAccountAuthorizeCallback: Action[AnyContent] = Action.async { implicit request =>
+    val b = createAccountBody(request.queryString.get("code"))
+    http.post(s"$oauthURL/oauth/token", Json.parse(b), Map("Content-Type" -> "application/json"))
       .map {
         response =>
           response.status match {
-            case OK => Ok(response.body)
+            case OK | CREATED =>
+              createAccountAccessToken = (response.json \ "access_token").as[String]
+              Ok("saved access_token")
             case other: Int =>
-              logger.warn(s"got $other status during get eligibility_check, body=${response.body}")
+              logger.warn(s"got $other status during get access_token for create_account, body=${response.body}")
               InternalServerError
           }
       }
   }
+
+  def handleCreateAccountOauthTokenCallback(): Action[AnyContent] = Action.async { implicit request =>
+
+    val url =
+      s"""
+         |curl -v -X POST
+         |-H "Content-Type: application/json"
+         |-H "Accept: application/vnd.hmrc.1.0+json"
+         |-H "Gov-Client-User-ID: EL069651A"
+         |-H "Gov-Client-Timezone: UTC"
+         |-H "Gov-Vendor-Version: 1.3"
+         |-H "Gov-Vendor-Instance-ID: ${UUID.randomUUID().toString}"
+         |-H "Authorization: Bearer $createAccountAccessToken"
+         |-H "Cache-Control: no-cache"
+         | -d '{
+         |  "header": {
+         |     "version": "1.0",
+         |     "createdTimestamp": "2018-01-22 23:11:09 GMT",
+         |     "clientCode": "KCOM",
+         |     "requestCorrelationId": "${UUID.randomUUID().toString}"
+         |    },
+         |  "body": {
+         |     "nino": "PROVIDE_NINO",
+         |     "forename": "Alex",
+         |     "surname": "Lillitwinkle",
+         |     "dateOfBirth": "19920423",
+         |     "contactDetails": {
+         |         "address1": "86 Ashopton Road",
+         |         "address2": "Blackpool",
+         |         "postcode": "FY43 1FB",
+         |         "countryCode": "GB",
+         |         "communicationPreference": "00"
+         |       },
+         |     "registrationChannel": "callCentre"
+         |   }
+         | }' "$apiHost/individuals/help-to-save/account"
+       """.stripMargin
+    Future.successful(Ok(url))
+  }
+
+  def createAccountBody(maybeCode: Option[Seq[String]]): String =
+    s"""{
+          "client_secret":"$clientSecret",
+          "client_id":"$clientId",
+          "grant_type":"authorization_code",
+          "redirect_uri":"$adminFrontendHost/help-to-save-test-admin-frontend/create-account-authorize-callback",
+          "code":"${maybeCode.getOrElse(Seq("")).head}"
+      }"""
 }

conf/app.routes

@@ -1,15 +1,19 @@
 # microservice specific routes
 
-GET        /                            @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.specifyEmailsToDelete
-POST       /delete-emails               @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.deleteVerifiedEmails
+GET        /                                           @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.specifyEmailsToDelete
+POST       /delete-emails                              @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.deleteVerifiedEmails
 
-GET        /forbidden                   @uk.gov.hmrc.helptosavetestadminfrontend.controllers.ForbiddenController.forbidden
+GET        /forbidden                                  @uk.gov.hmrc.helptosavetestadminfrontend.controllers.ForbiddenController.forbidden
 
-GET        /check-eligibility/:nino           @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.checkEligibility(nino: String)
+GET        /auth-login-stub-eligibility-callback       @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.authLoginStubEligibilityCallback
 
-GET        /auth-login-stub-callback        @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.authLoginStubCallback
+GET        /eligibility-authorize-callback             @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleEligibilityAuthorizeCallback
 
-GET        /eligibility-authorize-callback   @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.eligibilityAuthorizeCallback
+GET        /handle-eligibility-oauth-token-callback    @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleEligibilityOauthTokenCallback
 
-GET        /handle-oauth-token-callback    @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleOauthTokenCallback
 
+GET        /auth-login-stub-create-account-callback       @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.authLoginStubCreateAccountCallback
+
+GET        /create-account-authorize-callback             @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleCreateAccountAuthorizeCallback
+
+GET        /handle-create-account-oauth-token-callback    @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleCreateAccountOauthTokenCallback