diff --git a/app/uk/gov/hmrc/helptosavetestadminfrontend/config/AppConfig.scala b/app/uk/gov/hmrc/helptosavetestadminfrontend/config/AppConfig.scala index bc18f96..ba7dc11 100644 --- a/app/uk/gov/hmrc/helptosavetestadminfrontend/config/AppConfig.scala +++ b/app/uk/gov/hmrc/helptosavetestadminfrontend/config/AppConfig.scala @@ -28,20 +28,4 @@ class AppConfig @Inject()(val runModeConfiguration: Configuration, environment: private def loadConfig(key: String) = runModeConfiguration.getString(key).getOrElse(throw new Exception(s"Missing configuration key: $key")) lazy val assetsPrefix = loadConfig("assets.url") + loadConfig("assets.version") - - val host: String = getString("microservice.services.host") - - val apiHost: String = baseUrl("api") - - val oauthURL: String = baseUrl("oauth-frontend") - - val clientId: String = getString("microservice.services.oauth-frontend.client_id") - val clientSecret: String = getString("microservice.services.oauth-frontend.client_secret") - - def oAuthRedirectUrl(htsUrl: String): String = - s"/oauth/authorize?client_id=$clientId&response_type=code&scope=read:help-to-save&redirect_uri=$htsUrl" - - val eligibilityAuthorizeCallback = s"$host/help-to-save-test-admin-frontend/eligibility-authorize-callback" - - val oauthTokenCallback = s"$host/help-to-save-test-admin-frontend/handle-oauth-token-callback" } \ No newline at end of file diff --git a/app/uk/gov/hmrc/helptosavetestadminfrontend/controllers/HelpToSaveApiController.scala b/app/uk/gov/hmrc/helptosavetestadminfrontend/controllers/HelpToSaveApiController.scala index 0326ec5..d79b27d 100644 --- a/app/uk/gov/hmrc/helptosavetestadminfrontend/controllers/HelpToSaveApiController.scala +++ b/app/uk/gov/hmrc/helptosavetestadminfrontend/controllers/HelpToSaveApiController.scala @@ -31,20 +31,40 @@ import scala.concurrent.Future class HelpToSaveApiController @Inject()(http: WSHttp)(implicit override val appConfig: AppConfig, val messageApi: MessagesApi) extends AdminFrontendController(messageApi, appConfig) with I18nSupport with Logging { - var accessToken = "" + val clientId: String = appConfig.getString("microservice.services.oauth-frontend.client_id") + val clientSecret: String = appConfig.getString("microservice.services.oauth-frontend.client_secret") - def authLoginStubCallback: Action[AnyContent] = Action.async { implicit request => - Future.successful(SeeOther(appConfig.oAuthRedirectUrl(appConfig.eligibilityAuthorizeCallback))) + val adminFrontendHost: String = appConfig.getString("microservice.services.host") + + val eligibilityAuthorizeCallback = s"$adminFrontendHost/help-to-save-test-admin-frontend/eligibility-authorize-callback" + + val createAccountAuthorizeCallback = s"$adminFrontendHost/help-to-save-test-admin-frontend/create-account-authorize-callback" + + val apiHost: String = appConfig.baseUrl("api") + + val oauthURL: String = appConfig.baseUrl("oauth-frontend") + + val oauthTokenCallback = s"$adminFrontendHost/help-to-save-test-admin-frontend/handle-oauth-token-callback" + + val eligibilityScope = "read:help-to-save" + val createAccountScope = "write:help-to-save" + + var eligibilityAccessToken = "" + var createAccountAccessToken = "" + + def authLoginStubEligibilityCallback: Action[AnyContent] = Action.async { implicit request => + val url = s"/oauth/authorize?client_id=$clientId&response_type=code&scope=$eligibilityScope&redirect_uri=$eligibilityAuthorizeCallback" + Future.successful(SeeOther(url)) } - def eligibilityAuthorizeCallback: Action[AnyContent] = Action.async { implicit request => - val b = body(request.queryString.get("code")) - http.post(s"${appConfig.oauthURL}/oauth/token", Json.parse(b), Map("Content-Type" -> "application/json")) + def handleEligibilityAuthorizeCallback: Action[AnyContent] = Action.async { implicit request => + val b = eligibilityBody(request.queryString.get("code")) + http.post(s"$oauthURL/oauth/token", Json.parse(b), Map("Content-Type" -> "application/json")) .map { response => response.status match { case OK | CREATED => - accessToken = (response.json \ "access_token").as[String] + eligibilityAccessToken = (response.json \ "access_token").as[String] Ok("saved access_token") case other: Int => logger.warn(s"got $other status during get access_token, body=${response.body}") @@ -53,41 +73,110 @@ class HelpToSaveApiController @Inject()(http: WSHttp)(implicit override val appC } } - def handleOauthTokenCallback(): Action[AnyContent] = Action.async { implicit request => - Future.successful(Ok("success")) + def handleEligibilityOauthTokenCallback(): Action[AnyContent] = Action.async { implicit request => + + val url = + s""" + |curl -v -X GET + |-H "Content-Type: application/json" + |-H "Accept: application/vnd.hmrc.2.0+json" + |-H "Gov-Client-User-ID: PROVIDE_NINO" + |-H "Gov-Client-Timezone: UTC" + |-H "Gov-Vendor-Version: 1.3" + |-H "Gov-Vendor-Instance-ID: ${UUID.randomUUID().toString}" + |-H "Authorization: Bearer $eligibilityAccessToken" + |-H "Cache-Control: no-cache" + |-H "Postman-Token: ${UUID.randomUUID().toString}" + | -d '{ + | "header": { + | "version": "1.0", + | "createdTimestamp": "2017-11-22 23:11:09 GMT", + | "clientCode": "KCOM", + | "requestCorrelationId": "${UUID.randomUUID().toString}" + | }}' "$apiHost/individuals/help-to-save/eligibility/PROVIDE_NINO_HERE" + | + """.stripMargin + Future.successful(Ok(url)) } - def body(maybeCode: Option[Seq[String]]): String = + def eligibilityBody(maybeCode: Option[Seq[String]]): String = s"""{ - "client_secret":"${appConfig.clientSecret}", - "client_id":"${appConfig.clientId}", + "client_secret":"$clientSecret", + "client_id":"$clientId", "grant_type":"authorization_code", - "redirect_uri":"${appConfig.eligibilityAuthorizeCallback}", + "redirect_uri":"$adminFrontendHost/help-to-save-test-admin-frontend/eligibility-authorize-callback", "code":"${maybeCode.getOrElse(Seq("")).head}" }""" - def checkEligibility(nino: String): Action[AnyContent] = Action.async { implicit request => - logger.info("inside checkEligibility") - val headers = Map("Content-Type" -> "application/json", - "Accept" -> "application/vnd.hmrc.2.0+json", - "Gov-Client-User-ID" -> "EL069651A", - "Gov-Client-Timezone" -> "UTC", - "Gov-Vendor-Version" -> "1.3", - "Gov-Vendor-Instance-ID" -> UUID.randomUUID().toString, - "Authorization" -> s"Bearer $accessToken", - "Cache-Control" -> "no-cache", - "Postman-Token" -> UUID.randomUUID().toString - ) - - http.get(s"${appConfig.apiHost}/individuals/help-to-save/eligibility/$nino", headers) + + + + def authLoginStubCreateAccountCallback: Action[AnyContent] = Action.async { implicit request => + val url = s"/oauth/authorize?client_id=$clientId&response_type=code&scope=$createAccountScope&redirect_uri=$createAccountAuthorizeCallback" + Future.successful(SeeOther(url)) + } + + def handleCreateAccountAuthorizeCallback: Action[AnyContent] = Action.async { implicit request => + val b = createAccountBody(request.queryString.get("code")) + http.post(s"$oauthURL/oauth/token", Json.parse(b), Map("Content-Type" -> "application/json")) .map { response => response.status match { - case OK => Ok(response.body) + case OK | CREATED => + createAccountAccessToken = (response.json \ "access_token").as[String] + Ok("saved access_token") case other: Int => - logger.warn(s"got $other status during get eligibility_check, body=${response.body}") + logger.warn(s"got $other status during get access_token for create_account, body=${response.body}") InternalServerError } } } + + def handleCreateAccountOauthTokenCallback(): Action[AnyContent] = Action.async { implicit request => + + val url = + s""" + |curl -v -X POST + |-H "Content-Type: application/json" + |-H "Accept: application/vnd.hmrc.1.0+json" + |-H "Gov-Client-User-ID: EL069651A" + |-H "Gov-Client-Timezone: UTC" + |-H "Gov-Vendor-Version: 1.3" + |-H "Gov-Vendor-Instance-ID: ${UUID.randomUUID().toString}" + |-H "Authorization: Bearer $createAccountAccessToken" + |-H "Cache-Control: no-cache" + | -d '{ + | "header": { + | "version": "1.0", + | "createdTimestamp": "2018-01-22 23:11:09 GMT", + | "clientCode": "KCOM", + | "requestCorrelationId": "${UUID.randomUUID().toString}" + | }, + | "body": { + | "nino": "PROVIDE_NINO", + | "forename": "Alex", + | "surname": "Lillitwinkle", + | "dateOfBirth": "19920423", + | "contactDetails": { + | "address1": "86 Ashopton Road", + | "address2": "Blackpool", + | "postcode": "FY43 1FB", + | "countryCode": "GB", + | "communicationPreference": "00" + | }, + | "registrationChannel": "callCentre" + | } + | }' "$apiHost/individuals/help-to-save/account" + """.stripMargin + Future.successful(Ok(url)) + } + + def createAccountBody(maybeCode: Option[Seq[String]]): String = + s"""{ + "client_secret":"$clientSecret", + "client_id":"$clientId", + "grant_type":"authorization_code", + "redirect_uri":"$adminFrontendHost/help-to-save-test-admin-frontend/create-account-authorize-callback", + "code":"${maybeCode.getOrElse(Seq("")).head}" + }""" } diff --git a/conf/app.routes b/conf/app.routes index e671eb1..a33dcba 100644 --- a/conf/app.routes +++ b/conf/app.routes @@ -1,15 +1,19 @@ # microservice specific routes -GET / @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.specifyEmailsToDelete -POST /delete-emails @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.deleteVerifiedEmails +GET / @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.specifyEmailsToDelete +POST /delete-emails @uk.gov.hmrc.helptosavetestadminfrontend.controllers.VerifiedEmailsController.deleteVerifiedEmails -GET /forbidden @uk.gov.hmrc.helptosavetestadminfrontend.controllers.ForbiddenController.forbidden +GET /forbidden @uk.gov.hmrc.helptosavetestadminfrontend.controllers.ForbiddenController.forbidden -GET /check-eligibility/:nino @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.checkEligibility(nino: String) +GET /auth-login-stub-eligibility-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.authLoginStubEligibilityCallback -GET /auth-login-stub-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.authLoginStubCallback +GET /eligibility-authorize-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleEligibilityAuthorizeCallback -GET /eligibility-authorize-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.eligibilityAuthorizeCallback +GET /handle-eligibility-oauth-token-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleEligibilityOauthTokenCallback -GET /handle-oauth-token-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleOauthTokenCallback +GET /auth-login-stub-create-account-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.authLoginStubCreateAccountCallback + +GET /create-account-authorize-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleCreateAccountAuthorizeCallback + +GET /handle-create-account-oauth-token-callback @uk.gov.hmrc.helptosavetestadminfrontend.controllers.HelpToSaveApiController.handleCreateAccountOauthTokenCallback