Merge pull request #59 from DFE-Digital/nw/add-health-endpoint

Add health check endpoint to API
DFE-Digital · May 17, 2024 · 1f1b6ae · 1f1b6ae
2 parents ed80817 + 49de2e5
commit 1f1b6ae
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 19 deletions.
diff --git a/Dfe.Identifiers.Api.Test/Middleware/ApiKeyMiddlewareTests.cs b/Dfe.Identifiers.Api.Test/Middleware/ApiKeyMiddlewareTests.cs
@@ -53,7 +53,7 @@ public async Task No_ApiKey_Returns_NotAuthorized()
     {
         using var server = await SetupTestServer();
 
-        var request = new HttpRequestMessage(HttpMethod.Get, "/");
+        var request = new HttpRequestMessage(HttpMethod.Get, "/api");
 
         var context = await server.SendAsync(request);
 
@@ -67,7 +67,7 @@ public async Task Random_ApiKey_Returns_NotAuthorized()
     {
         using var server = await SetupTestServer();
 
-        var request = new HttpRequestMessage(HttpMethod.Get, "/");
+        var request = new HttpRequestMessage(HttpMethod.Get, "/api");
         request.Headers.Add(AuthenticationConstants.APIKEYNAME, "random key");
 
         var context = await server.SendAsync(request);
@@ -82,13 +82,37 @@ public async Task Correct_ApiKey_Returns_NotFound()
     {
         using var server = await SetupTestServer();
 
-        var request = new HttpRequestMessage(HttpMethod.Get, "/");
+        var request = new HttpRequestMessage(HttpMethod.Get, "/api");
         request.Headers.Add(AuthenticationConstants.APIKEYNAME, validUser.ApiKey);
 
         var context = await server.SendAsync(request);
 
         context.StatusCode.Should().Be(HttpStatusCode.NotFound);
-        var content = await context.Content.ReadAsStringAsync();
-        content.Should().Be("");
+    }
+
+    [Fact]
+    public async Task No_ApiKey_without_ApiRoute_Returns_Unauthorized()
+    {
+        using var server = await SetupTestServer();
+
+        var request = new HttpRequestMessage(HttpMethod.Get, "/");
+
+        var context = await server.SendAsync(request);
+
+        context.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
+    }
+
+    [Fact]
+    public async Task No_ApiKey_with_healthRoute_Returns_NotFound()
+    {
+        using var server = await SetupTestServer();
+
+        var request = new HttpRequestMessage(HttpMethod.Get, "/health");
+
+        var context = await server.SendAsync(request);
+
+        // Look for not found as we don't have the health endpoint setup
+        // 404 proves that we don't need auth to reach the endpoint
+        context.StatusCode.Should().Be(HttpStatusCode.NotFound);
     }
 }
diff --git a/Dfe.Identifiers.Api/Middleware/ApiKeyMiddleware.cs b/Dfe.Identifiers.Api/Middleware/ApiKeyMiddleware.cs
@@ -9,25 +9,33 @@ public class ApiKeyMiddleware(RequestDelegate next, ILogger<ApiKeyMiddleware> lo
 
     public async Task InvokeAsync(HttpContext context, IApiKeyService apiKeyService)
     {
-        if (!context.Request.Headers.TryGetValue(AuthenticationConstants.APIKEYNAME, out var extractedApiKey))
+        // Exclude the health endpoint from API key authentication
+        if (context.Request.Path.StartsWithSegments("/health"))
         {
-            context.Response.StatusCode = 401;
-            await context.Response.WriteAsync("Api Key was not provided.");
-            return;
-        }
-
-        var user = apiKeyService.Execute(extractedApiKey!);
-
-        if (user is null)
-        {
-            context.Response.StatusCode = 401;
-            await context.Response.WriteAsync("Unauthorized client.");
+            await next(context);
         }
         else
         {
-            using (_logger.BeginScope("requester: {requester}", user.UserName))
+            if (!context.Request.Headers.TryGetValue(AuthenticationConstants.APIKEYNAME, out var extractedApiKey))
+            {
+                context.Response.StatusCode = 401;
+                await context.Response.WriteAsync("Api Key was not provided.");
+                return;
+            }
+
+            var user = apiKeyService.Execute(extractedApiKey!);
+
+            if (user is null)
+            {
+                context.Response.StatusCode = 401;
+                await context.Response.WriteAsync("Unauthorized client.");
+            }
+            else
             {
-                await next(context);
+                using (_logger.BeginScope("requester: {requester}", user.UserName))
+                {
+                    await next(context);
+                }
             }
         }
     }

diff --git a/Dfe.Identifiers.Api/Program.cs b/Dfe.Identifiers.Api/Program.cs
@@ -18,6 +18,8 @@
 
 app.UseHttpsRedirection();
 
+app.MapHealthChecks("/health");
+
 app.UseMiddleware<ApiKeyMiddleware>();
 
 app.UseAuthorization();

diff --git a/Dfe.Identifiers.Api/Startup.cs b/Dfe.Identifiers.Api/Startup.cs
@@ -17,6 +17,7 @@ public void ConfigureServices(IServiceCollection services)
         services.AddApplicationInsightsTelemetry();
         services.AddControllers();
         services.AddEndpointsApiExplorer();
+        services.AddHealthChecks();
         services.AddSwaggerGen(c =>
         {
             c.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme