From 5de1b773008837c8328f77e5b252fdb966c37251 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Mon, 17 Jul 2023 12:57:02 +0100 Subject: [PATCH 01/29] Adding S2S token for service request update url --- .../reform/civil/config/SecurityConfiguration.java | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java index b768e973f22..c52287c4228 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java @@ -17,6 +17,8 @@ import org.springframework.security.oauth2.jwt.JwtTimestampValidator; import org.springframework.security.oauth2.jwt.NimbusJwtDecoder; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter; +import org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter; +import uk.gov.hmcts.reform.authorisation.filters.ServiceAuthFilter; import uk.gov.hmcts.reform.civil.security.JwtGrantedAuthoritiesConverter; import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS; @@ -49,8 +51,6 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { "/", "/loggers/**", "/assignment/**", - "/service-request-update", - "/service-request-update-claim-issued", "/case/document/**" }; @@ -62,8 +62,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { private final JwtAuthenticationConverter jwtAuthenticationConverter; + private final ServiceAuthFilter serviceAuthFilter; + @Autowired - public SecurityConfiguration(final JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter) { + public SecurityConfiguration(final JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter, + final ServiceAuthFilter serviceAuthFilter) { + this.serviceAuthFilter = serviceAuthFilter; jwtAuthenticationConverter = new JwtAuthenticationConverter(); jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwtGrantedAuthoritiesConverter); } @@ -76,6 +80,7 @@ public void configure(WebSecurity web) throws Exception { @Override protected void configure(HttpSecurity http) throws Exception { http + .addFilterBefore(serviceAuthFilter, BearerTokenAuthenticationFilter.class) .sessionManagement().sessionCreationPolicy(STATELESS).and() .csrf().disable() .formLogin().disable() From 702ca441910ff9e0e85b7683eeeb7787beacea0b Mon Sep 17 00:00:00 2001 From: KumarSam Date: Wed, 19 Jul 2023 09:23:08 +0100 Subject: [PATCH 02/29] Adding S2S token for service request update url --- build.gradle | 2 +- src/main/resources/application.yaml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index cd3110b2724..881f5e7b36f 100644 --- a/build.gradle +++ b/build.gradle @@ -360,7 +360,7 @@ dependencies { implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.1.6' implementation group: 'org.springframework.cloud', name: 'spring-cloud-openfeign-core', version: '3.1.6' implementation group: 'uk.gov.hmcts.reform', name: 'properties-volume-spring-boot-starter', version: '0.1.0' - implementation group: 'uk.gov.hmcts.reform', name: 'service-auth-provider-client', version: '4.0.0' + implementation group: 'uk.gov.hmcts.reform', name: 'service-auth-provider-client', version: '4.0.3' implementation group: 'io.github.openfeign', name: 'feign-httpclient', version: '11.10' implementation group: 'org.springframework.retry', name: 'spring-retry' diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index 6d9024a49a2..11649111989 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -120,6 +120,8 @@ payments: idam: s2s-auth: microservice: civil_service + s2s-authorised: + services: civil_service, fake-service-auth-provider-api document_management: userRoles: "caseworker-civil,caseworker-civil-solicitor" From bbd10f7f7d30698284270f7df56e545b3ab22922 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 21 Jul 2023 09:08:46 +0100 Subject: [PATCH 03/29] Adding S2S token for service request update url --- .../controllers/BaseIntegrationTest.java | 6 +++++ ...dateClaimIssuedCallbackControllerTest.java | 6 ++++- .../hmcts/reform/civil/helpers/S2SHelper.java | 25 +++++++++++++++++++ src/main/resources/application.yaml | 2 +- 4 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java index 139b311e778..42fee068f52 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java @@ -22,6 +22,7 @@ import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.ResultActions; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; +import uk.gov.hmcts.reform.authorisation.ServiceAuthorisationApi; import uk.gov.hmcts.reform.civil.Application; import uk.gov.hmcts.reform.civil.TestIdamConfiguration; import uk.gov.hmcts.reform.civil.service.UserService; @@ -61,6 +62,9 @@ public abstract class BaseIntegrationTest { .roles(of("caseworker-civil-solicitor")) .build(); + private static final String s2sToken = "s2s AuthToken"; + @MockBean + private ServiceAuthorisationApi serviceAuthorisationApi; @MockBean protected UserService userService; @MockBean @@ -83,6 +87,7 @@ public void setUpBase() { when(securityContext.getAuthentication()).thenReturn(authentication); SecurityContextHolder.setContext(securityContext); setSecurityAuthorities(authentication); + when(serviceAuthorisationApi.getServiceName(any())).thenReturn("payment_app"); when(jwtDecoder.decode(anyString())).thenReturn(getJwt()); } @@ -114,6 +119,7 @@ protected ResultActions doPost(String auth, T content, String urlTemplate, O return mockMvc.perform( MockMvcRequestBuilders.post(urlTemplate, uriVars) .header(HttpHeaders.AUTHORIZATION, auth) + .header("ServiceAuthorization", s2sToken) .contentType(MediaType.APPLICATION_JSON) .content(toJson(content))); } diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java index 673f90234a5..8adbb2af125 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java @@ -4,6 +4,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.springframework.boot.test.mock.mockito.MockBean; +import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.test.web.servlet.ResultActions; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; @@ -31,7 +32,6 @@ class ServiceRequestUpdateClaimIssuedCallbackControllerTest extends BaseIntegrat private static final String PAID = "Paid"; private static final String REFERENCE = "reference"; private static final String ACCOUNT_NUMBER = "123445555"; - @MockBean CoreCaseDataApi coreCaseDataApi; @@ -94,6 +94,8 @@ private ServiceRequestUpdateDto buildServiceDto() { protected ResultActions doPut(T content, String urlTemplate, Object... uriVars) { return mockMvc.perform( MockMvcRequestBuilders.put(urlTemplate, uriVars) + .header(HttpHeaders.AUTHORIZATION, BEARER_TOKEN) + .header("ServiceAuthorization", "s2s AuthToken") .contentType(MediaType.APPLICATION_JSON) .content(toJson(content))); } @@ -102,6 +104,8 @@ protected ResultActions doPut(T content, String urlTemplate, Object... uriVa protected ResultActions doPost(T content, String urlTemplate, Object... uriVars) { return mockMvc.perform( MockMvcRequestBuilders.post(urlTemplate, uriVars) + .header(HttpHeaders.AUTHORIZATION, BEARER_TOKEN) + .header("ServiceAuthorization", "s2s AuthToken") .contentType(MediaType.APPLICATION_JSON) .content(toJson(content))); } diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java new file mode 100644 index 00000000000..39c1f193ed7 --- /dev/null +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java @@ -0,0 +1,25 @@ +package uk.gov.hmcts.reform.civil.helpers; + +import feign.Feign; +import feign.jackson.JacksonEncoder; +import org.springframework.cloud.openfeign.support.SpringMvcContract; +import uk.gov.hmcts.reform.authorisation.ServiceAuthorisationApi; +import uk.gov.hmcts.reform.authorisation.generators.ServiceAuthTokenGenerator; + +public class S2SHelper { + + private final ServiceAuthTokenGenerator tokenGenerator; + + public S2SHelper(final String s2sUrl, final String secret, final String microservice) { + final ServiceAuthorisationApi serviceAuthorisationApi = Feign.builder() + .encoder(new JacksonEncoder()) + .contract(new SpringMvcContract()) + .target(ServiceAuthorisationApi.class, s2sUrl); + + this.tokenGenerator = new ServiceAuthTokenGenerator(secret, microservice, serviceAuthorisationApi); + } + + public String getToken() { + return tokenGenerator.generate(); + } +} diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index a605279bbf0..b7e75225290 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -121,7 +121,7 @@ idam: s2s-auth: microservice: civil_service s2s-authorised: - services: civil_service, fake-service-auth-provider-api + services: civil_service, payment_app document_management: userRoles: "caseworker-civil,caseworker-civil-solicitor" From d4340ce95728eb1ee4e4a5d40513fc788d0d5505 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 21 Jul 2023 12:45:24 +0100 Subject: [PATCH 04/29] Adding S2S token for service request update url --- .../gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java index 42fee068f52..7a6d95481f8 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java @@ -138,6 +138,7 @@ protected ResultActions doGet(String auth, String urlTemplate, Object... uri return mockMvc.perform( MockMvcRequestBuilders.get(urlTemplate, uriVars) .header(HttpHeaders.AUTHORIZATION, auth) + .header("ServiceAuthorization", s2sToken) .contentType(MediaType.APPLICATION_JSON)); } From cc07f28f9fad2a9b2e98ff086ebc8d49f617e12f Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 21 Jul 2023 13:19:24 +0100 Subject: [PATCH 05/29] Adding S2S token for service request update url --- .../fees/ServiceRequestUpdateCallbackControllerTest.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java index 32dc02b549e..c447559467d 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java @@ -4,6 +4,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.springframework.boot.test.mock.mockito.MockBean; +import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.test.web.servlet.ResultActions; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; @@ -96,6 +97,8 @@ private ServiceRequestUpdateDto buildServiceDto() { protected ResultActions doPut(T content, String urlTemplate, Object... uriVars) { return mockMvc.perform( MockMvcRequestBuilders.put(urlTemplate, uriVars) + .header(HttpHeaders.AUTHORIZATION, BEARER_TOKEN) + .header("ServiceAuthorization", "s2s AuthToken") .contentType(MediaType.APPLICATION_JSON) .content(toJson(content))); } @@ -104,6 +107,8 @@ protected ResultActions doPut(T content, String urlTemplate, Object... uriVa protected ResultActions doPost(T content, String urlTemplate, Object... uriVars) { return mockMvc.perform( MockMvcRequestBuilders.post(urlTemplate, uriVars) + .header(HttpHeaders.AUTHORIZATION, BEARER_TOKEN) + .header("ServiceAuthorization", "s2s AuthToken") .contentType(MediaType.APPLICATION_JSON) .content(toJson(content))); } From c8e7bfd3d950c967174f199f3d6d7997bbbaa548 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 21 Jul 2023 13:31:47 +0100 Subject: [PATCH 06/29] Adding S2S token for service request update url --- .../gov/hmcts/reform/civil/config/SecurityConfiguration.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java index c52287c4228..b1b7495c787 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java @@ -17,7 +17,7 @@ import org.springframework.security.oauth2.jwt.JwtTimestampValidator; import org.springframework.security.oauth2.jwt.NimbusJwtDecoder; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter; -import org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter; +import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter; import uk.gov.hmcts.reform.authorisation.filters.ServiceAuthFilter; import uk.gov.hmcts.reform.civil.security.JwtGrantedAuthoritiesConverter; @@ -80,7 +80,7 @@ public void configure(WebSecurity web) throws Exception { @Override protected void configure(HttpSecurity http) throws Exception { http - .addFilterBefore(serviceAuthFilter, BearerTokenAuthenticationFilter.class) + .addFilterBefore(serviceAuthFilter, AbstractPreAuthenticatedProcessingFilter.class) .sessionManagement().sessionCreationPolicy(STATELESS).and() .csrf().disable() .formLogin().disable() From d383c8cbe4c889709d96a44f02471ff9904572c7 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 21 Jul 2023 14:10:06 +0100 Subject: [PATCH 07/29] Adding S2S token for service request update url --- .../hmcts/reform/civil/helpers/S2SHelper.java | 25 ------------------- 1 file changed, 25 deletions(-) delete mode 100644 src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java deleted file mode 100644 index 39c1f193ed7..00000000000 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/helpers/S2SHelper.java +++ /dev/null @@ -1,25 +0,0 @@ -package uk.gov.hmcts.reform.civil.helpers; - -import feign.Feign; -import feign.jackson.JacksonEncoder; -import org.springframework.cloud.openfeign.support.SpringMvcContract; -import uk.gov.hmcts.reform.authorisation.ServiceAuthorisationApi; -import uk.gov.hmcts.reform.authorisation.generators.ServiceAuthTokenGenerator; - -public class S2SHelper { - - private final ServiceAuthTokenGenerator tokenGenerator; - - public S2SHelper(final String s2sUrl, final String secret, final String microservice) { - final ServiceAuthorisationApi serviceAuthorisationApi = Feign.builder() - .encoder(new JacksonEncoder()) - .contract(new SpringMvcContract()) - .target(ServiceAuthorisationApi.class, s2sUrl); - - this.tokenGenerator = new ServiceAuthTokenGenerator(secret, microservice, serviceAuthorisationApi); - } - - public String getToken() { - return tokenGenerator.generate(); - } -} From 121d40064b347e4828defcb503455ca8eb4a41b1 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Mon, 24 Jul 2023 08:52:17 +0100 Subject: [PATCH 08/29] Adding S2S token for service request update url --- Jenkinsfile_CNP | 2 +- charts/civil-service/values.yaml | 1 + src/main/resources/application.yaml | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP index 23a3e5bae93..d0e29aa8486 100644 --- a/Jenkinsfile_CNP +++ b/Jenkinsfile_CNP @@ -8,7 +8,7 @@ import uk.gov.hmcts.contino.GithubAPI def type = "java" def product = "civil" def component = "service" -def ccdBranch = "master" +def ccdBranch = "CIV-0000-adds2stoken" def camundaBranch = "master" def yarnBuilder = new uk.gov.hmcts.contino.YarnBuilder(this) diff --git a/charts/civil-service/values.yaml b/charts/civil-service/values.yaml index ff91603a2fb..f47c1bd0664 100644 --- a/charts/civil-service/values.yaml +++ b/charts/civil-service/values.yaml @@ -73,6 +73,7 @@ java: ASYNC_HANDLER_CORE_POOL_SIZE: 7 ASYNC_HANDLER_MAX_POOL_SIZE: 42 ASYNC_HANDLER_QUEUE_CAPACITY: 10 + S2S_AUTHORISED_SERVICES: payment_app,ccd_data,civil_service,civil-citizen-ui keyVaults: civil: diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index b7e75225290..d0b0d5aa052 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -121,7 +121,7 @@ idam: s2s-auth: microservice: civil_service s2s-authorised: - services: civil_service, payment_app + services: ${S2S_AUTHORISED_SERVICES:payment_app} document_management: userRoles: "caseworker-civil,caseworker-civil-solicitor" From 6f53ae05847daa611c2f62b7f9d433ae15fb7362 Mon Sep 17 00:00:00 2001 From: hmcts-jenkins-a-to-c <62422075+hmcts-jenkins-a-to-c[bot]@users.noreply.github.com> Date: Mon, 24 Jul 2023 08:16:47 +0000 Subject: [PATCH 09/29] Bumping chart version/ fixing aliases --- charts/civil-service/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/civil-service/Chart.yaml b/charts/civil-service/Chart.yaml index 211625fdec0..52a2023cbd2 100644 --- a/charts/civil-service/Chart.yaml +++ b/charts/civil-service/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 description: A Helm chart for civil-service App name: civil-service home: https://github.com/hmcts/civil-service -version: 0.0.48 +version: 0.0.49 maintainers: - name: HMCTS Civil team From 18c5f39d74f75da7683a4b7a086a2b4fae26b3e0 Mon Sep 17 00:00:00 2001 From: sampankumar Date: Wed, 16 Aug 2023 09:32:53 +0100 Subject: [PATCH 10/29] Update Jenkinsfile_CNP --- Jenkinsfile_CNP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP index d0e29aa8486..23a3e5bae93 100644 --- a/Jenkinsfile_CNP +++ b/Jenkinsfile_CNP @@ -8,7 +8,7 @@ import uk.gov.hmcts.contino.GithubAPI def type = "java" def product = "civil" def component = "service" -def ccdBranch = "CIV-0000-adds2stoken" +def ccdBranch = "master" def camundaBranch = "master" def yarnBuilder = new uk.gov.hmcts.contino.YarnBuilder(this) From 765a45ad112f9cc44beac9058e83d8010a53950e Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 18 Aug 2023 12:24:32 +0100 Subject: [PATCH 11/29] Pointing to a branch --- Jenkinsfile_CNP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP index 23a3e5bae93..d0e29aa8486 100644 --- a/Jenkinsfile_CNP +++ b/Jenkinsfile_CNP @@ -8,7 +8,7 @@ import uk.gov.hmcts.contino.GithubAPI def type = "java" def product = "civil" def component = "service" -def ccdBranch = "master" +def ccdBranch = "CIV-0000-adds2stoken" def camundaBranch = "master" def yarnBuilder = new uk.gov.hmcts.contino.YarnBuilder(this) From 52a3ba0c8f8ff58f1c197f9094e6b9f78f897b7f Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 13 Oct 2023 13:40:35 +0100 Subject: [PATCH 12/29] CIV-0000 - Add service Auth for payment --- charts/civil-service/values.yaml | 2 +- .../controllers/BaseIntegrationTest.java | 6 +- ...ceRequestUpdateCallbackControllerTest.java | 31 +++++++ .../civil/config/SecurityConfiguration.java | 12 +-- ...erviceRequestUpdateCallbackController.java | 14 ++- .../civil/service/AuthorisationService.java | 71 +++++++++++++++ src/main/resources/application.yaml | 4 +- .../service/AuthorisationServiceTest.java | 88 +++++++++++++++++++ 8 files changed, 212 insertions(+), 16 deletions(-) create mode 100644 src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java create mode 100644 src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java diff --git a/charts/civil-service/values.yaml b/charts/civil-service/values.yaml index f47c1bd0664..22c6f027766 100644 --- a/charts/civil-service/values.yaml +++ b/charts/civil-service/values.yaml @@ -73,7 +73,7 @@ java: ASYNC_HANDLER_CORE_POOL_SIZE: 7 ASYNC_HANDLER_MAX_POOL_SIZE: 42 ASYNC_HANDLER_QUEUE_CAPACITY: 10 - S2S_AUTHORISED_SERVICES: payment_app,ccd_data,civil_service,civil-citizen-ui + CIVIL_S2S_AUTHORISED_SERVICES: payment_app,ccd_data,civil_service,civil-citizen-ui keyVaults: civil: diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java index 7a6d95481f8..a844c3a91fc 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/BaseIntegrationTest.java @@ -25,6 +25,7 @@ import uk.gov.hmcts.reform.authorisation.ServiceAuthorisationApi; import uk.gov.hmcts.reform.civil.Application; import uk.gov.hmcts.reform.civil.TestIdamConfiguration; +import uk.gov.hmcts.reform.civil.service.AuthorisationService; import uk.gov.hmcts.reform.civil.service.UserService; import uk.gov.hmcts.reform.idam.client.models.UserInfo; @@ -73,6 +74,8 @@ public abstract class BaseIntegrationTest { protected SecurityContext securityContext; @MockBean protected JwtDecoder jwtDecoder; + @MockBean + public AuthorisationService authorisationService; @Autowired protected ObjectMapper objectMapper; @@ -82,6 +85,7 @@ public abstract class BaseIntegrationTest { @BeforeEach public void setUpBase() { + when(authorisationService.isServiceAuthorized(any())).thenReturn(true); when(userService.getAccessToken(any(), any())).thenReturn("arbitrary access token"); when(userService.getUserInfo(anyString())).thenReturn(USER_INFO); when(securityContext.getAuthentication()).thenReturn(authentication); @@ -119,7 +123,6 @@ protected ResultActions doPost(String auth, T content, String urlTemplate, O return mockMvc.perform( MockMvcRequestBuilders.post(urlTemplate, uriVars) .header(HttpHeaders.AUTHORIZATION, auth) - .header("ServiceAuthorization", s2sToken) .contentType(MediaType.APPLICATION_JSON) .content(toJson(content))); } @@ -138,7 +141,6 @@ protected ResultActions doGet(String auth, String urlTemplate, Object... uri return mockMvc.perform( MockMvcRequestBuilders.get(urlTemplate, uriVars) .header(HttpHeaders.AUTHORIZATION, auth) - .header("ServiceAuthorization", s2sToken) .contentType(MediaType.APPLICATION_JSON)); } diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java index c447559467d..fdb17b86b17 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java @@ -18,11 +18,14 @@ import uk.gov.hmcts.reform.civil.model.ServiceRequestUpdateDto; import uk.gov.hmcts.reform.payments.client.models.PaymentDto; +import javax.servlet.ServletException; import java.math.BigDecimal; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.BDDMockito.given; +import static org.mockito.Mockito.when; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; class ServiceRequestUpdateCallbackControllerTest extends BaseIntegrationTest { @@ -32,6 +35,7 @@ class ServiceRequestUpdateCallbackControllerTest extends BaseIntegrationTest { private static final String PAID = "Paid"; private static final String REFERENCE = "reference"; private static final String ACCOUNT_NUMBER = "123445555"; + private static final String s2sToken = "s2s AuthToken"; @MockBean CoreCaseDataApi coreCaseDataApi; @@ -52,6 +56,33 @@ void bareMinimumToMakeAPositiveRequest() { given(coreCaseDataApi.submitEventForCaseWorker(any(), any(), any(), any(), any(), any(), anyBoolean(), any())).willReturn(caseDetails); } + @Test + public void whenValidPaymentCallbackIsReceivedReturnSuccess() throws Exception { + doPut(buildServiceDto(), PAYMENT_CALLBACK_URL, "") + .andExpect(status().isOk()); + } + + @Test + public void whenPaymentCallbackIsReceivedWithoutServiceAuthorisationReturn400() throws Exception { + mockMvc.perform( + MockMvcRequestBuilders.put(PAYMENT_CALLBACK_URL, "") + .contentType(MediaType.APPLICATION_JSON) + .content(toJson(buildServiceDto()))).andExpect(status().isBadRequest()); + } + + @Test + public void whenPaymentCallbackIsReceivedWithServiceAuthorisationButreturnsfalseReturn400() throws Exception { + when(authorisationService.isServiceAuthorized(any())).thenReturn(false); + Exception e = assertThrows( + ServletException.class, + () -> mockMvc.perform( + MockMvcRequestBuilders.put(PAYMENT_CALLBACK_URL, "") + .header("ServiceAuthorization", s2sToken) + .contentType(MediaType.APPLICATION_JSON) + .content(toJson(buildServiceDto()))).andExpect(status().isBadRequest())); + + } + @Test public void whenInvalidTypeOfRequestMade_ReturnMethodNotAllowed() throws Exception { diff --git a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java index b1b7495c787..8c225867f8f 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java @@ -17,8 +17,6 @@ import org.springframework.security.oauth2.jwt.JwtTimestampValidator; import org.springframework.security.oauth2.jwt.NimbusJwtDecoder; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter; -import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter; -import uk.gov.hmcts.reform.authorisation.filters.ServiceAuthFilter; import uk.gov.hmcts.reform.civil.security.JwtGrantedAuthoritiesConverter; import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS; @@ -51,7 +49,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { "/", "/loggers/**", "/assignment/**", - "/case/document/**" + "/case/document/**", + "/service-request-update", }; @Value("${spring.security.oauth2.client.provider.oidc.issuer-uri}") @@ -62,12 +61,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { private final JwtAuthenticationConverter jwtAuthenticationConverter; - private final ServiceAuthFilter serviceAuthFilter; - @Autowired - public SecurityConfiguration(final JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter, - final ServiceAuthFilter serviceAuthFilter) { - this.serviceAuthFilter = serviceAuthFilter; + public SecurityConfiguration(final JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter) { jwtAuthenticationConverter = new JwtAuthenticationConverter(); jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwtGrantedAuthoritiesConverter); } @@ -80,7 +75,6 @@ public void configure(WebSecurity web) throws Exception { @Override protected void configure(HttpSecurity http) throws Exception { http - .addFilterBefore(serviceAuthFilter, AbstractPreAuthenticatedProcessingFilter.class) .sessionManagement().sessionCreationPolicy(STATELESS).and() .csrf().disable() .formLogin().disable() diff --git a/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackController.java b/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackController.java index 02faefda690..9c6bae36e15 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackController.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackController.java @@ -7,10 +7,12 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RestController; import uk.gov.hmcts.reform.civil.enums.FeeType; import uk.gov.hmcts.reform.civil.exceptions.InternalServerErrorException; import uk.gov.hmcts.reform.civil.model.ServiceRequestUpdateDto; +import uk.gov.hmcts.reform.civil.service.AuthorisationService; import uk.gov.hmcts.reform.civil.service.PaymentRequestUpdateCallbackService; import static javax.ws.rs.core.MediaType.APPLICATION_JSON; @@ -22,6 +24,8 @@ public class ServiceRequestUpdateCallbackController { private final PaymentRequestUpdateCallbackService requestUpdateCallbackService; + private final AuthorisationService authorisationService; + @PutMapping(path = "/service-request-update", consumes = APPLICATION_JSON, produces = APPLICATION_JSON) @Operation(summary = "Ways to pay will call this API and send the status of payment with other details") @ApiResponses(value = { @@ -29,9 +33,15 @@ public class ServiceRequestUpdateCallbackController { @ApiResponse(responseCode = "400", description = "Bad Request"), @ApiResponse(responseCode = "500", description = "Internal Server Error") }) - public void serviceRequestUpdate(@RequestBody ServiceRequestUpdateDto serviceRequestUpdateDto) { + public void serviceRequestUpdate( + @RequestHeader("ServiceAuthorization") String s2sToken, + @RequestBody ServiceRequestUpdateDto serviceRequestUpdateDto) { try { - requestUpdateCallbackService.processCallback(serviceRequestUpdateDto, FeeType.HEARING.name()); + if (authorisationService.isServiceAuthorized(s2sToken)) { + requestUpdateCallbackService.processCallback(serviceRequestUpdateDto, FeeType.HEARING.name()); + } else { + throw (new RuntimeException("Invalid Client")); + } } catch (Exception ex) { log.error( "Payment callback is unsuccessful for the CaseID: {}", diff --git a/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java new file mode 100644 index 00000000000..a4cb81a905c --- /dev/null +++ b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java @@ -0,0 +1,71 @@ +package uk.gov.hmcts.reform.civil.service; + +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Service; +import uk.gov.hmcts.reform.authorisation.ServiceAuthorisationApi; +import uk.gov.hmcts.reform.idam.client.IdamClient; +import uk.gov.hmcts.reform.idam.client.models.UserInfo; + +import java.util.Arrays; + +@Service +@Slf4j +@RequiredArgsConstructor(onConstructor = @__(@Autowired)) +public class AuthorisationService { + + private final ServiceAuthorisationApi serviceAuthorisationApi; + + @Value("${civil.authorised-services}") + private String s2sAuthorisedServices; + + private final IdamClient idamClient; + + private UserInfo userInfo; + + public Boolean authoriseService(String serviceAuthHeader) { + String callingService; + try { + String bearerJwt = serviceAuthHeader.startsWith("Bearer ") ? serviceAuthHeader : "Bearer " + serviceAuthHeader; + callingService = serviceAuthorisationApi.getServiceName(bearerJwt); + log.info("Calling Service... {}", callingService); + if (callingService != null && Arrays.asList(s2sAuthorisedServices.split(",")) + .contains(callingService)) { + + return true; + } + } catch (Exception ex) { + //do nothing + log.error("S2S token is not authorised" + ex); + } + return false; + } + + public Boolean authoriseUser(String authorisation) { + try { + userInfo = idamClient.getUserInfo(authorisation); + if (null != userInfo) { + return true; + } + } catch (Exception ex) { + //do nothing + log.error("User token is invalid"); + } + return false; + } + + public UserInfo getUserInfo() { + return this.userInfo; + } + + public boolean isServiceAndUserAuthorized(String authorisation, String s2sToken) { + return Boolean.TRUE.equals(authoriseUser(authorisation)) + && Boolean.TRUE.equals(authoriseService(s2sToken)); + } + + public boolean isServiceAuthorized(String s2sToken) { + return Boolean.TRUE.equals(authoriseService(s2sToken)); + } +} diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index 971eee9351c..37624b6cc30 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -126,8 +126,7 @@ payments: idam: s2s-auth: microservice: civil_service - s2s-authorised: - services: ${S2S_AUTHORISED_SERVICES:payment_app} + document_management: userRoles: "caseworker-civil,caseworker-civil-solicitor" @@ -158,6 +157,7 @@ civil: test-user: username: ${TEST_USERNAME:test@example.com} password: ${TEST_PASSWORD:Password12!} + authorised-services: ${CIVIL_S2S_AUTHORISED_SERVICES:payment_app,ccd_data,civil_service,civil-citizen-ui} core_case_data: api: diff --git a/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java new file mode 100644 index 00000000000..4653d615240 --- /dev/null +++ b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java @@ -0,0 +1,88 @@ +package uk.gov.hmcts.reform.civil.service; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.junit.jupiter.MockitoExtension; +import org.springframework.test.util.ReflectionTestUtils; +import uk.gov.hmcts.reform.authorisation.ServiceAuthorisationApi; +import uk.gov.hmcts.reform.idam.client.IdamClient; +import uk.gov.hmcts.reform.idam.client.models.UserInfo; + +import java.util.UUID; + +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +@ExtendWith(MockitoExtension.class) +public class AuthorisationServiceTest { + + @InjectMocks + AuthorisationService authorisationService; + + @Mock + ServiceAuthorisationApi serviceAuthorisationApi; + + @Mock + IdamClient idamClient; + + @BeforeEach + public void setup() { + ReflectionTestUtils.setField(authorisationService, "s2sAuthorisedServices", "payment_app"); + } + + @Test + public void authoriseWhenTheServiceIsCalledFromPayment() { + + when(serviceAuthorisationApi.getServiceName(any())).thenReturn("payment_app"); + assertTrue(authorisationService.authoriseService("Bearer abcasda")); + + } + + @Test + public void doNotAuthoriseWhenTheServiceIsCalledFromUnknownApi() { + when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); + assertFalse(authorisationService.authoriseService("Bearer abc")); + + } + + @Test + public void throwUnAuthorisedExceptionWhenS2sTokenIsMalformed() { + assertFalse(authorisationService.authoriseService("Bearer malformed")); + } + + @Test + public void authoriseUserTheServiceIsCalledWithValidToken() { + when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); + assertTrue(authorisationService.authoriseUser("Bearer abcasda")); + } + + @Test + public void doNotAuthoriseUserWhenCalledWithInvalidToken() { + assertFalse(authorisationService.authoriseUser("Bearer malformed")); + } + + @Test + public void checkIsAuthorizedForUserAndServiceReturnTrue() { + when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); + when(serviceAuthorisationApi.getServiceName(any())).thenReturn("payment_app"); + assertTrue(authorisationService.isServiceAndUserAuthorized("Bearer abcasda", "s2s token")); + } + + @Test + public void checkIsAuthorizedForUserAndServiceReturnFalse() { + when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); + when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); + assertFalse(authorisationService.isServiceAndUserAuthorized("Bearer abcasda", "s2s token")); + } + + @Test + public void checkIsAuthorizedForServiceReturnFalse() { + when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); + assertFalse(authorisationService.isServiceAuthorized("s2s token")); + } +} From 8660f5fc3e8201b8d7b97a71cefc44efee7fd5c4 Mon Sep 17 00:00:00 2001 From: hmcts-jenkins-a-to-c <62422075+hmcts-jenkins-a-to-c[bot]@users.noreply.github.com> Date: Fri, 13 Oct 2023 12:42:55 +0000 Subject: [PATCH 13/29] Bumping chart version/ fixing aliases --- charts/civil-service/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/civil-service/Chart.yaml b/charts/civil-service/Chart.yaml index 9df053da889..111021b0a37 100644 --- a/charts/civil-service/Chart.yaml +++ b/charts/civil-service/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 description: A Helm chart for civil-service App name: civil-service home: https://github.com/hmcts/civil-service -version: 0.0.49 +version: 0.0.50 maintainers: - name: HMCTS Civil team From f388e8c012b1ed4b286422a8c280fcbb19943150 Mon Sep 17 00:00:00 2001 From: hmcts-jenkins-a-to-c <62422075+hmcts-jenkins-a-to-c[bot]@users.noreply.github.com> Date: Tue, 31 Oct 2023 10:50:12 +0000 Subject: [PATCH 14/29] Bumping chart version/ fixing aliases --- charts/civil-service/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/civil-service/Chart.yaml b/charts/civil-service/Chart.yaml index c43cc04eb52..dbf0c702042 100644 --- a/charts/civil-service/Chart.yaml +++ b/charts/civil-service/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 description: A Helm chart for civil-service App name: civil-service home: https://github.com/hmcts/civil-service -version: 0.0.51 +version: 0.0.52 maintainers: - name: HMCTS Civil team From cd4ac00a415b82d8b5290f2cfefbf117f1d45531 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Tue, 31 Oct 2023 11:59:09 +0000 Subject: [PATCH 15/29] Fixing unit tests --- ...dateClaimIssuedCallbackControllerTest.java | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java index 8adbb2af125..dfdad4cc417 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java @@ -20,9 +20,11 @@ import java.math.BigDecimal; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.BDDMockito.given; +import static org.mockito.Mockito.when; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; class ServiceRequestUpdateClaimIssuedCallbackControllerTest extends BaseIntegrationTest { @@ -40,6 +42,7 @@ class ServiceRequestUpdateClaimIssuedCallbackControllerTest extends BaseIntegrat @BeforeEach void bareMinimumToMakeAPositiveRequest() { + when(authorisationService.isServiceAuthorized(any())).thenReturn(true); CaseData caseData = CaseData.builder().businessProcess(BusinessProcess.builder().processInstanceId("instance").camundaEvent("camunda event").build()).build(); CaseDetails caseDetails = CaseDetails.builder().build(); @@ -77,6 +80,30 @@ public void whenServiceRequestUpdateRequestButUnexpectedErrorOccurs_thenHttp5xx( .andExpect(status().is5xxServerError()); } + @Test + public void whenValidPaymentCallbackIsReceivedReturnSuccess() throws Exception { + doPut(buildServiceDto(), PAYMENT_CALLBACK_URL, "") + .andExpect(status().isOk()); + } + + @Test + public void whenPaymentCallbackIsReceivedWithoutServiceAuthorisationReturn400() throws Exception { + mockMvc.perform( + MockMvcRequestBuilders.put(PAYMENT_CALLBACK_URL, "") + .contentType(MediaType.APPLICATION_JSON) + .content(toJson(buildServiceDto()))).andExpect(status().isBadRequest()); + } + + @Test + public void whenPaymentCallbackIsReceivedWithServiceAuthorisationButreturnsfalseReturn400() throws Exception { + when(authorisationService.isServiceAuthorized(any())).thenReturn(false); + + doPut(buildServiceDto(), PAYMENT_CALLBACK_URL, "") + // Then: the result status must be an HTTP-4xx + .andExpect(status().is4xxClientError()); + + } + private ServiceRequestUpdateDto buildServiceDto() { return ServiceRequestUpdateDto.builder() .ccdCaseNumber(CCD_CASE_NUMBER) From 28c10b5394bafc493185e286445a1be46318a2b4 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Tue, 31 Oct 2023 12:23:01 +0000 Subject: [PATCH 16/29] Fixing unit tests --- .../ServiceRequestUpdateClaimIssuedCallbackControllerTest.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java index dfdad4cc417..9e79cfb8f99 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java @@ -20,7 +20,6 @@ import java.math.BigDecimal; -import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.BDDMockito.given; From 6df7c5855c22ac08242bdb75799307bc460a8229 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Tue, 31 Oct 2023 13:28:29 +0000 Subject: [PATCH 17/29] Fixing unit tests --- ...erviceRequestUpdateCallbackControllerTest.java | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java index fdb17b86b17..f389e55eda7 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java @@ -18,10 +18,8 @@ import uk.gov.hmcts.reform.civil.model.ServiceRequestUpdateDto; import uk.gov.hmcts.reform.payments.client.models.PaymentDto; -import javax.servlet.ServletException; import java.math.BigDecimal; -import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.BDDMockito.given; @@ -73,14 +71,11 @@ public void whenPaymentCallbackIsReceivedWithoutServiceAuthorisationReturn400() @Test public void whenPaymentCallbackIsReceivedWithServiceAuthorisationButreturnsfalseReturn400() throws Exception { when(authorisationService.isServiceAuthorized(any())).thenReturn(false); - Exception e = assertThrows( - ServletException.class, - () -> mockMvc.perform( - MockMvcRequestBuilders.put(PAYMENT_CALLBACK_URL, "") - .header("ServiceAuthorization", s2sToken) - .contentType(MediaType.APPLICATION_JSON) - .content(toJson(buildServiceDto()))).andExpect(status().isBadRequest())); - + mockMvc.perform( + MockMvcRequestBuilders.put(PAYMENT_CALLBACK_URL, "") + .header("ServiceAuthorization", s2sToken) + .contentType(MediaType.APPLICATION_JSON) + .content(toJson(buildServiceDto()))).andExpect(status().is5xxServerError()); } @Test From a921c60801d9018e8d2287bf111a18f2a2953b58 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Tue, 31 Oct 2023 14:09:26 +0000 Subject: [PATCH 18/29] Fixing unit tests --- .../fees/ServiceRequestUpdateCallbackControllerTest.java | 2 +- .../ServiceRequestUpdateClaimIssuedCallbackControllerTest.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java index f389e55eda7..35e19e40ff5 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java @@ -65,7 +65,7 @@ public void whenPaymentCallbackIsReceivedWithoutServiceAuthorisationReturn400() mockMvc.perform( MockMvcRequestBuilders.put(PAYMENT_CALLBACK_URL, "") .contentType(MediaType.APPLICATION_JSON) - .content(toJson(buildServiceDto()))).andExpect(status().isBadRequest()); + .content(toJson(buildServiceDto()))).andExpect(status().is4xxClientError()); } @Test diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java index 9e79cfb8f99..0dc67f598d3 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java @@ -90,7 +90,7 @@ public void whenPaymentCallbackIsReceivedWithoutServiceAuthorisationReturn400() mockMvc.perform( MockMvcRequestBuilders.put(PAYMENT_CALLBACK_URL, "") .contentType(MediaType.APPLICATION_JSON) - .content(toJson(buildServiceDto()))).andExpect(status().isBadRequest()); + .content(toJson(buildServiceDto()))).andExpect(status().is4xxClientError()); } @Test From d062c82f080bbbba9b84b7b8bb6fffce276a6ed4 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Tue, 31 Oct 2023 15:20:40 +0000 Subject: [PATCH 19/29] Fixing unit tests --- ...eRequestUpdateClaimIssuedCallbackController.java | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackController.java b/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackController.java index 9627d311f54..8230424a778 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackController.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackController.java @@ -7,10 +7,12 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RestController; import uk.gov.hmcts.reform.civil.enums.FeeType; import uk.gov.hmcts.reform.civil.exceptions.InternalServerErrorException; import uk.gov.hmcts.reform.civil.model.ServiceRequestUpdateDto; +import uk.gov.hmcts.reform.civil.service.AuthorisationService; import uk.gov.hmcts.reform.civil.service.PaymentRequestUpdateCallbackService; import static javax.ws.rs.core.MediaType.APPLICATION_JSON; @@ -22,14 +24,21 @@ public class ServiceRequestUpdateClaimIssuedCallbackController { private final PaymentRequestUpdateCallbackService requestUpdateCallbackService; + private final AuthorisationService authorisationService; + @PutMapping(path = "/service-request-update-claim-issued", consumes = APPLICATION_JSON, produces = APPLICATION_JSON) @Operation(summary = "Ways to pay will call this API and send the status of payment with other details") @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Callback processed."), @ApiResponse(responseCode = "400", description = "Bad Request")}) - public void serviceRequestUpdate(@RequestBody ServiceRequestUpdateDto serviceRequestUpdateDto) { + public void serviceRequestUpdate(@RequestHeader("ServiceAuthorization") String s2sToken, + @RequestBody ServiceRequestUpdateDto serviceRequestUpdateDto) { try { - requestUpdateCallbackService.processCallback(serviceRequestUpdateDto, FeeType.CLAIMISSUED.name()); + if (authorisationService.isServiceAuthorized(s2sToken)) { + requestUpdateCallbackService.processCallback(serviceRequestUpdateDto, FeeType.CLAIMISSUED.name()); + } else { + throw (new RuntimeException("Invalid Client")); + } } catch (Exception ex) { log.error( "Payment callback is unsuccessful for the CaseID: {}", From 425b81ff8f36a82b9638b1954f5ce9c45d9b6954 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Tue, 31 Oct 2023 15:47:05 +0000 Subject: [PATCH 20/29] Fixing unit tests --- .../fees/ServiceRequestUpdateCallbackControllerTest.java | 1 + .../ServiceRequestUpdateClaimIssuedCallbackControllerTest.java | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java index 35e19e40ff5..6db03a393c0 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateCallbackControllerTest.java @@ -43,6 +43,7 @@ class ServiceRequestUpdateCallbackControllerTest extends BaseIntegrationTest { @BeforeEach void bareMinimumToMakeAPositiveRequest() { + when(authorisationService.isServiceAuthorized(any())).thenReturn(true); CaseData caseData = CaseData.builder().businessProcess(BusinessProcess.builder().processInstanceId("instance").camundaEvent("camunda event").build()).build(); CaseDetails caseDetails = CaseDetails.builder().build(); caseDetails.setData(caseData.toMap(objectMapper)); diff --git a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java index 0dc67f598d3..b64ef4426bb 100644 --- a/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java +++ b/src/integrationTest/java/uk/gov/hmcts/reform/civil/controllers/fees/ServiceRequestUpdateClaimIssuedCallbackControllerTest.java @@ -99,7 +99,7 @@ public void whenPaymentCallbackIsReceivedWithServiceAuthorisationButreturnsfalse doPut(buildServiceDto(), PAYMENT_CALLBACK_URL, "") // Then: the result status must be an HTTP-4xx - .andExpect(status().is4xxClientError()); + .andExpect(status().is5xxServerError()); } From 848d7426d3a6e7beab404b3d21d0853f645a2ee8 Mon Sep 17 00:00:00 2001 From: hmcts-jenkins-a-to-c <62422075+hmcts-jenkins-a-to-c[bot]@users.noreply.github.com> Date: Tue, 31 Oct 2023 19:27:16 +0000 Subject: [PATCH 21/29] Bumping chart version/ fixing aliases --- charts/civil-service/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/civil-service/Chart.yaml b/charts/civil-service/Chart.yaml index dbf0c702042..bc3f1ae9b6c 100644 --- a/charts/civil-service/Chart.yaml +++ b/charts/civil-service/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 description: A Helm chart for civil-service App name: civil-service home: https://github.com/hmcts/civil-service -version: 0.0.52 +version: 0.0.53 maintainers: - name: HMCTS Civil team From 40e448a13d0675a58c16b0ea358ecf72c9785781 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Wed, 15 Nov 2023 14:07:27 +0000 Subject: [PATCH 22/29] Adding service-request-update-claim-issued --- .../uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java index 8c225867f8f..b86bdbb8df6 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/config/SecurityConfiguration.java @@ -51,6 +51,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { "/assignment/**", "/case/document/**", "/service-request-update", + "/service-request-update-claim-issued" }; @Value("${spring.security.oauth2.client.provider.oidc.issuer-uri}") From 98ab590d05571df6ed6721b5af7e30b13770d899 Mon Sep 17 00:00:00 2001 From: sampankumar Date: Thu, 16 Nov 2023 08:20:10 +0000 Subject: [PATCH 23/29] Update Jenkinsfile_CNP --- Jenkinsfile_CNP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP index 808bea47ad9..b7c16bf6c94 100644 --- a/Jenkinsfile_CNP +++ b/Jenkinsfile_CNP @@ -8,7 +8,7 @@ import uk.gov.hmcts.contino.GithubAPI def type = "java" def product = "civil" def component = "service" -def ccdBranch = "CIV-0000-adds2stoken" +def ccdBranch = "master" def camundaBranch = "master" def yarnBuilder = new uk.gov.hmcts.contino.YarnBuilder(this) From 3f756039becb6fca80023a89dfe26126317f5b7a Mon Sep 17 00:00:00 2001 From: KumarSam Date: Thu, 16 Nov 2023 13:57:07 +0000 Subject: [PATCH 24/29] converting to List --- .../civil/service/AuthorisationService.java | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java index a4cb81a905c..a3773b9e177 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java @@ -10,6 +10,7 @@ import uk.gov.hmcts.reform.idam.client.models.UserInfo; import java.util.Arrays; +import java.util.List; @Service @Slf4j @@ -19,7 +20,7 @@ public class AuthorisationService { private final ServiceAuthorisationApi serviceAuthorisationApi; @Value("${civil.authorised-services}") - private String s2sAuthorisedServices; + private List s2sAuthorisedServices; private final IdamClient idamClient; @@ -31,29 +32,23 @@ public Boolean authoriseService(String serviceAuthHeader) { String bearerJwt = serviceAuthHeader.startsWith("Bearer ") ? serviceAuthHeader : "Bearer " + serviceAuthHeader; callingService = serviceAuthorisationApi.getServiceName(bearerJwt); log.info("Calling Service... {}", callingService); - if (callingService != null && Arrays.asList(s2sAuthorisedServices.split(",")) - .contains(callingService)) { - - return true; - } + return (callingService != null && s2sAuthorisedServices.contains(callingService)); } catch (Exception ex) { //do nothing log.error("S2S token is not authorised" + ex); + return false; } - return false; } public Boolean authoriseUser(String authorisation) { try { userInfo = idamClient.getUserInfo(authorisation); - if (null != userInfo) { - return true; - } + return (null != userInfo); } catch (Exception ex) { //do nothing log.error("User token is invalid"); + return false; } - return false; } public UserInfo getUserInfo() { From 60972ae80b64588f7be37acbbd93a877fad6e578 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Thu, 16 Nov 2023 13:57:37 +0000 Subject: [PATCH 25/29] Checkstyle error --- .../uk/gov/hmcts/reform/civil/service/AuthorisationService.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java index a3773b9e177..eff379ddd51 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java @@ -9,7 +9,6 @@ import uk.gov.hmcts.reform.idam.client.IdamClient; import uk.gov.hmcts.reform.idam.client.models.UserInfo; -import java.util.Arrays; import java.util.List; @Service From 5e55fd49c5a4cb20e2355a0521b96322d81b5541 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Thu, 16 Nov 2023 14:36:07 +0000 Subject: [PATCH 26/29] converting to List --- .../hmcts/reform/civil/service/AuthorisationServiceTest.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java index 4653d615240..114fba10c5d 100644 --- a/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java +++ b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java @@ -11,6 +11,7 @@ import uk.gov.hmcts.reform.idam.client.IdamClient; import uk.gov.hmcts.reform.idam.client.models.UserInfo; +import java.util.Arrays; import java.util.UUID; import static org.junit.jupiter.api.Assertions.assertFalse; @@ -32,7 +33,7 @@ public class AuthorisationServiceTest { @BeforeEach public void setup() { - ReflectionTestUtils.setField(authorisationService, "s2sAuthorisedServices", "payment_app"); + ReflectionTestUtils.setField(authorisationService, "s2sAuthorisedServices", Arrays.asList("payment_app")); } @Test From 222500f2431a3749e48cb76a1bc21d0ea39002e1 Mon Sep 17 00:00:00 2001 From: KumarSam Date: Fri, 17 Nov 2023 09:58:35 +0000 Subject: [PATCH 27/29] converting to List --- .../gov/hmcts/reform/civil/service/AuthorisationService.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java index eff379ddd51..b50f8c1f597 100644 --- a/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java +++ b/src/main/java/uk/gov/hmcts/reform/civil/service/AuthorisationService.java @@ -35,8 +35,8 @@ public Boolean authoriseService(String serviceAuthHeader) { } catch (Exception ex) { //do nothing log.error("S2S token is not authorised" + ex); - return false; } + return false; } public Boolean authoriseUser(String authorisation) { @@ -46,8 +46,8 @@ public Boolean authoriseUser(String authorisation) { } catch (Exception ex) { //do nothing log.error("User token is invalid"); - return false; } + return false; } public UserInfo getUserInfo() { From 8e0de90aedec3f9448863116eab3ab12e0e3eb6f Mon Sep 17 00:00:00 2001 From: KumarSam Date: Mon, 20 Nov 2023 06:58:06 +0000 Subject: [PATCH 28/29] Fixing Sonar failures --- .../service/AuthorisationServiceTest.java | 30 ++++++++++++------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java index 114fba10c5d..3f1205d4e5f 100644 --- a/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java +++ b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java @@ -20,7 +20,7 @@ import static org.mockito.Mockito.when; @ExtendWith(MockitoExtension.class) -public class AuthorisationServiceTest { +class AuthorisationServiceTest { @InjectMocks AuthorisationService authorisationService; @@ -32,12 +32,12 @@ public class AuthorisationServiceTest { IdamClient idamClient; @BeforeEach - public void setup() { + void setup() { ReflectionTestUtils.setField(authorisationService, "s2sAuthorisedServices", Arrays.asList("payment_app")); } @Test - public void authoriseWhenTheServiceIsCalledFromPayment() { + private void authoriseWhenTheServiceIsCalledFromPayment() { when(serviceAuthorisationApi.getServiceName(any())).thenReturn("payment_app"); assertTrue(authorisationService.authoriseService("Bearer abcasda")); @@ -45,44 +45,54 @@ public void authoriseWhenTheServiceIsCalledFromPayment() { } @Test - public void doNotAuthoriseWhenTheServiceIsCalledFromUnknownApi() { + private void authoriseWhenTheServiceAuthHeaderIsNull() { + assertFalse(authorisationService.authoriseService(null)); + } + + @Test + private void doNotAuthoriseWhenTheServiceIsCalledFromUnknownApi() { when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); assertFalse(authorisationService.authoriseService("Bearer abc")); } @Test - public void throwUnAuthorisedExceptionWhenS2sTokenIsMalformed() { + private void throwUnAuthorisedExceptionWhenS2sTokenIsMalformed() { assertFalse(authorisationService.authoriseService("Bearer malformed")); } @Test - public void authoriseUserTheServiceIsCalledWithValidToken() { + private void authoriseUserTheServiceIsCalledWithValidToken() { when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); assertTrue(authorisationService.authoriseUser("Bearer abcasda")); } @Test - public void doNotAuthoriseUserWhenCalledWithInvalidToken() { + private void authoriseUserTheServiceIsCalledWithNullToken() { + assertFalse(authorisationService.authoriseUser(null)); + } + + @Test + private void doNotAuthoriseUserWhenCalledWithInvalidToken() { assertFalse(authorisationService.authoriseUser("Bearer malformed")); } @Test - public void checkIsAuthorizedForUserAndServiceReturnTrue() { + private void checkIsAuthorizedForUserAndServiceReturnTrue() { when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); when(serviceAuthorisationApi.getServiceName(any())).thenReturn("payment_app"); assertTrue(authorisationService.isServiceAndUserAuthorized("Bearer abcasda", "s2s token")); } @Test - public void checkIsAuthorizedForUserAndServiceReturnFalse() { + private void checkIsAuthorizedForUserAndServiceReturnFalse() { when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); assertFalse(authorisationService.isServiceAndUserAuthorized("Bearer abcasda", "s2s token")); } @Test - public void checkIsAuthorizedForServiceReturnFalse() { + private void checkIsAuthorizedForServiceReturnFalse() { when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); assertFalse(authorisationService.isServiceAuthorized("s2s token")); } From 51fd2f686e80ce04cbabbf9b26a86b3ec605d25a Mon Sep 17 00:00:00 2001 From: KumarSam Date: Mon, 20 Nov 2023 07:12:41 +0000 Subject: [PATCH 29/29] Fixing Sonar failures --- .../service/AuthorisationServiceTest.java | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java index 3f1205d4e5f..1a7680539bf 100644 --- a/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java +++ b/src/test/java/uk/gov/hmcts/reform/civil/service/AuthorisationServiceTest.java @@ -20,7 +20,7 @@ import static org.mockito.Mockito.when; @ExtendWith(MockitoExtension.class) -class AuthorisationServiceTest { +public class AuthorisationServiceTest { @InjectMocks AuthorisationService authorisationService; @@ -32,12 +32,12 @@ class AuthorisationServiceTest { IdamClient idamClient; @BeforeEach - void setup() { + public void setup() { ReflectionTestUtils.setField(authorisationService, "s2sAuthorisedServices", Arrays.asList("payment_app")); } @Test - private void authoriseWhenTheServiceIsCalledFromPayment() { + public void authoriseWhenTheServiceIsCalledFromPayment() { when(serviceAuthorisationApi.getServiceName(any())).thenReturn("payment_app"); assertTrue(authorisationService.authoriseService("Bearer abcasda")); @@ -45,54 +45,54 @@ private void authoriseWhenTheServiceIsCalledFromPayment() { } @Test - private void authoriseWhenTheServiceAuthHeaderIsNull() { + public void authoriseWhenTheServiceAuthHeaderIsNull() { assertFalse(authorisationService.authoriseService(null)); } @Test - private void doNotAuthoriseWhenTheServiceIsCalledFromUnknownApi() { + public void doNotAuthoriseWhenTheServiceIsCalledFromUnknownApi() { when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); assertFalse(authorisationService.authoriseService("Bearer abc")); } @Test - private void throwUnAuthorisedExceptionWhenS2sTokenIsMalformed() { + public void throwUnAuthorisedExceptionWhenS2sTokenIsMalformed() { assertFalse(authorisationService.authoriseService("Bearer malformed")); } @Test - private void authoriseUserTheServiceIsCalledWithValidToken() { + public void authoriseUserTheServiceIsCalledWithValidToken() { when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); assertTrue(authorisationService.authoriseUser("Bearer abcasda")); } @Test - private void authoriseUserTheServiceIsCalledWithNullToken() { + public void authoriseUserTheServiceIsCalledWithNullToken() { assertFalse(authorisationService.authoriseUser(null)); } @Test - private void doNotAuthoriseUserWhenCalledWithInvalidToken() { + public void doNotAuthoriseUserWhenCalledWithInvalidToken() { assertFalse(authorisationService.authoriseUser("Bearer malformed")); } @Test - private void checkIsAuthorizedForUserAndServiceReturnTrue() { + public void checkIsAuthorizedForUserAndServiceReturnTrue() { when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); when(serviceAuthorisationApi.getServiceName(any())).thenReturn("payment_app"); assertTrue(authorisationService.isServiceAndUserAuthorized("Bearer abcasda", "s2s token")); } @Test - private void checkIsAuthorizedForUserAndServiceReturnFalse() { + public void checkIsAuthorizedForUserAndServiceReturnFalse() { when(idamClient.getUserInfo(any())).thenReturn(UserInfo.builder().uid(UUID.randomUUID().toString()).build()); when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); assertFalse(authorisationService.isServiceAndUserAuthorized("Bearer abcasda", "s2s token")); } @Test - private void checkIsAuthorizedForServiceReturnFalse() { + public void checkIsAuthorizedForServiceReturnFalse() { when(serviceAuthorisationApi.getServiceName(any())).thenReturn("unknown_api"); assertFalse(authorisationService.isServiceAuthorized("s2s token")); }