diff --git a/.github/workflows/access.yml b/.github/workflows/access.yml
index 0b1e3b43c6..d5d603638d 100644
--- a/.github/workflows/access.yml
+++ b/.github/workflows/access.yml
@@ -38,6 +38,7 @@ on:
- '["resettlement-passport-and-delius"]'
- '["prison-education-and-delius"]'
- '["opd-and-delius"]'
+ - '["hmpps-auth-and-delius"]'
# ^ add new projects here
# GitHub Actions doesn't support dynamic choices, we must add each project here to enable manual deployments
# See https://github.com/community/community/discussions/11795
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 0d10d222ee..99bf332401 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -61,6 +61,7 @@ jobs:
- resettlement-passport-and-delius
- prison-education-and-delius
- opd-and-delius
+ - hmpps-auth-and-delius
# ^ add new projects here
# GitHub Actions doesn't support dynamic choices, we must add each project here to enable manual deployments
# See https://github.com/community/community/discussions/11795
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 3f4d7604d6..91004fc247 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -51,6 +51,7 @@ on:
- '["resettlement-passport-and-delius"]'
- '["prison-education-and-delius"]'
- '["opd-and-delius"]'
+ - '["hmpps-auth-and-delius"]'
# ^ add new projects here
# GitHub Actions doesn't support dynamic choices, we must add each project here to enable manual deployments
# See https://github.com/community/community/discussions/11795
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index 8586cf7e44..017899733d 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -44,6 +44,7 @@ on:
- '["resettlement-passport-and-delius"]'
- '["prison-education-and-delius"]'
- '["opd-and-delius"]'
+ - '["hmpps-auth-and-delius"]'
# ^ add new projects here
# GitHub Actions doesn't support dynamic choices, we must add each project here to enable manual deployments
# See https://github.com/community/community/discussions/11795
diff --git a/.github/workflows/end-to-end-tests.yml b/.github/workflows/end-to-end-tests.yml
index 8cd7856cdc..392b033703 100644
--- a/.github/workflows/end-to-end-tests.yml
+++ b/.github/workflows/end-to-end-tests.yml
@@ -65,6 +65,7 @@ on:
- '["resettlement-passport-and-delius"]'
- '["prison-education-and-delius"]'
- '["opd-and-delius"]'
+ - '["hmpps-auth-and-delius"]'
# ^ add new projects here
# GitHub Actions doesn't support dynamic choices, we must add each project here to enable manual deployments
# See https://github.com/community/community/discussions/11795
diff --git a/.github/workflows/suppress-trivy.yml b/.github/workflows/suppress-trivy.yml
index bc03027d6d..22c9739700 100644
--- a/.github/workflows/suppress-trivy.yml
+++ b/.github/workflows/suppress-trivy.yml
@@ -43,6 +43,7 @@ on:
- resettlement-passport-and-delius
- prison-education-and-delius
- opd-and-delius
+ - hmpps-auth-and-delius
# ^ add new projects here
# GitHub Actions doesn't support dynamic choices, we must add each project here to enable manual deployments
# See https://github.com/community/community/discussions/11795
diff --git a/.idea/runConfigurations/hmpps_auth_and_delius.xml b/.idea/runConfigurations/hmpps_auth_and_delius.xml
new file mode 100644
index 0000000000..dc8faa965d
--- /dev/null
+++ b/.idea/runConfigurations/hmpps_auth_and_delius.xml
@@ -0,0 +1,12 @@
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/doc/tech-docs/source/index.html.md.erb b/doc/tech-docs/source/index.html.md.erb
index fc8a640e7b..69208ce037 100644
--- a/doc/tech-docs/source/index.html.md.erb
+++ b/doc/tech-docs/source/index.html.md.erb
@@ -45,5 +45,6 @@ Follow these links to find out more about each of our integration services.
* [Resettlement Passport And Delius](https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/resettlement-passport-and-delius)
* [Prison Education And Delius](https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/prison-education-and-delius)
* [Opd And Delius](https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/opd-and-delius)
+* [Hmpps Auth And Delius](https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/hmpps-auth-and-delius)
^ add new projects here
diff --git a/projects/hmpps-auth-and-delius/.trivyignore b/projects/hmpps-auth-and-delius/.trivyignore
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/projects/hmpps-auth-and-delius/README.md b/projects/hmpps-auth-and-delius/README.md
new file mode 100644
index 0000000000..0598d2bd3e
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/README.md
@@ -0,0 +1,3 @@
+# hmpps-auth-and-delius
+
+// TODO Describe the service
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/applicationinsights.json b/projects/hmpps-auth-and-delius/applicationinsights.json
new file mode 100644
index 0000000000..b2317cf83f
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/applicationinsights.json
@@ -0,0 +1,62 @@
+{
+ "role": {
+ "name": "hmpps-auth-and-delius"
+ },
+ "customDimensions": {
+ "service.version": "${VERSION}",
+ "service.team": "probation-integration"
+ },
+ "instrumentation": {
+ "logging": {
+ "level": "DEBUG"
+ },
+ "springScheduling": {
+ "enabled": false
+ }
+ },
+ "selfDiagnostics": {
+ "destination": "console"
+ },
+ "sampling": {
+ "percentage": 100
+ },
+ "preview": {
+ "sampling": {
+ "overrides": [
+ {
+ "telemetryType": "request",
+ "attributes": [
+ {
+ "key": "http.url",
+ "value": "https?://[^/]+/health/?.*",
+ "matchType": "regexp"
+ }
+ ],
+ "percentage": 0
+ },
+ {
+ "telemetryType": "dependency",
+ "attributes": [
+ {
+ "key": "db.statement",
+ "value": ".*CLIENT_IDENTIFIER.*",
+ "matchType": "regexp"
+ }
+ ],
+ "percentage": 0
+ },
+ {
+ "telemetryType": "dependency",
+ "attributes": [
+ {
+ "key": "db.operation",
+ "value": "SELECT",
+ "matchType": "strict"
+ }
+ ],
+ "percentage": 10
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/build.gradle.kts b/projects/hmpps-auth-and-delius/build.gradle.kts
new file mode 100644
index 0000000000..687f79a7a0
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/build.gradle.kts
@@ -0,0 +1,37 @@
+import uk.gov.justice.digital.hmpps.extensions.ClassPathExtension
+
+apply(plugin = "com.google.cloud.tools.jib")
+
+dependencies {
+ implementation(project(":libs:audit"))
+ implementation(project(":libs:commons"))
+ implementation(project(":libs:oauth-client"))
+ implementation(project(":libs:oauth-server"))
+
+ implementation("org.springframework.boot:spring-boot-starter-actuator")
+ implementation("org.springframework.boot:spring-boot-starter-data-jpa")
+ implementation("org.springframework.boot:spring-boot-starter-security")
+ implementation("org.springframework.boot:spring-boot-starter-validation")
+ implementation("org.springframework.boot:spring-boot-starter-web")
+ implementation("org.jetbrains.kotlin:kotlin-reflect")
+ implementation("org.jetbrains.kotlin:kotlin-stdlib-jdk8")
+ implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
+ implementation(libs.springdoc)
+
+ dev(project(":libs:dev-tools"))
+ dev("com.h2database:h2")
+ dev("org.testcontainers:oracle-xe")
+
+ runtimeOnly("com.oracle.database.jdbc:ojdbc11")
+
+ testImplementation("org.springframework.boot:spring-boot-starter-test")
+ testImplementation(libs.bundles.mockito)
+}
+
+configure {
+ jacocoExclusions = listOf(
+ "**/config/**",
+ "**/entity/**",
+ "**/AppKt.class"
+ )
+}
diff --git a/projects/hmpps-auth-and-delius/deploy/Chart.yaml b/projects/hmpps-auth-and-delius/deploy/Chart.yaml
new file mode 100644
index 0000000000..a5e5be6efe
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/deploy/Chart.yaml
@@ -0,0 +1,13 @@
+apiVersion: v2
+appVersion: '1.0'
+description: A Helm chart for Kubernetes
+name: hmpps-auth-and-delius
+version: 1.0.0
+
+dependencies:
+ - name: generic-service
+ version: 2.6.0
+ repository: https://ministryofjustice.github.io/hmpps-helm-charts
+ - name: generic-prometheus-alerts
+ version: 1.3.2
+ repository: https://ministryofjustice.github.io/hmpps-helm-charts
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/deploy/database/access.yml b/projects/hmpps-auth-and-delius/deploy/database/access.yml
new file mode 100644
index 0000000000..421ca3c3cf
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/deploy/database/access.yml
@@ -0,0 +1,9 @@
+database:
+ access:
+ username_key: /hmpps-auth-and-delius/db-username
+ password_key: /hmpps-auth-and-delius/db-password
+
+ audit:
+ username: HmppsAuthAndDelius
+ forename: HMPPS Auth
+ surname: Service
diff --git a/projects/hmpps-auth-and-delius/deploy/values-dev.yml b/projects/hmpps-auth-and-delius/deploy/values-dev.yml
new file mode 100644
index 0000000000..fa92cd3434
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/deploy/values-dev.yml
@@ -0,0 +1,18 @@
+enabled: false # TODO set this to true when you're ready to deploy your service
+
+generic-service:
+ ingress:
+ host: hmpps-auth-and-delius-dev.hmpps.service.justice.gov.uk
+
+ scheduledDowntime:
+ enabled: true
+
+ env:
+ SENTRY_ENVIRONMENT: dev
+ SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI: https://sign-in-dev.hmpps.service.justice.gov.uk/auth/.well-known/jwks.json
+ SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: https://sign-in-dev.hmpps.service.justice.gov.uk/auth/issuer
+
+ LOGGING_LEVEL_UK_GOV_DIGITAL_JUSTICE_HMPPS: DEBUG
+
+generic-prometheus-alerts:
+ businessHoursOnly: true
diff --git a/projects/hmpps-auth-and-delius/deploy/values-preprod.yml b/projects/hmpps-auth-and-delius/deploy/values-preprod.yml
new file mode 100644
index 0000000000..7517ad6d63
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/deploy/values-preprod.yml
@@ -0,0 +1,16 @@
+enabled: false # TODO set this to true when you're ready to deploy your service
+
+generic-service:
+ ingress:
+ host: hmpps-auth-and-delius-preprod.hmpps.service.justice.gov.uk
+
+ scheduledDowntime:
+ enabled: true
+
+ env:
+ SENTRY_ENVIRONMENT: preprod
+ SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI: https://sign-in-preprod.hmpps.service.justice.gov.uk/auth/.well-known/jwks.json
+ SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: https://sign-in-preprod.hmpps.service.justice.gov.uk/auth/issuer
+
+generic-prometheus-alerts:
+ businessHoursOnly: true
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/deploy/values-prod.yml b/projects/hmpps-auth-and-delius/deploy/values-prod.yml
new file mode 100644
index 0000000000..868058c9fc
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/deploy/values-prod.yml
@@ -0,0 +1,10 @@
+enabled: false # TODO set this to true when you're ready to deploy your service
+
+generic-service:
+ ingress:
+ host: hmpps-auth-and-delius.hmpps.service.justice.gov.uk
+
+ env:
+ SENTRY_ENVIRONMENT: prod
+ SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI: https://sign-in.hmpps.service.justice.gov.uk/auth/.well-known/jwks.json
+ SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: https://sign-in.hmpps.service.justice.gov.uk/auth/issuer
diff --git a/projects/hmpps-auth-and-delius/deploy/values.yaml b/projects/hmpps-auth-and-delius/deploy/values.yaml
new file mode 100644
index 0000000000..f24d9badf8
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/deploy/values.yaml
@@ -0,0 +1,22 @@
+# Common values
+generic-service:
+ nameOverride: hmpps-auth-and-delius
+
+ image:
+ repository: ghcr.io/ministryofjustice/hmpps-probation-integration-services/hmpps-auth-and-delius
+
+ ingress:
+ tlsSecretName: hmpps-auth-and-delius-cert
+
+ namespace_secrets:
+ common:
+ SPRING_DATASOURCE_URL: DB_URL
+ hmpps-auth-and-delius-database:
+ SPRING_DATASOURCE_USERNAME: DB_USERNAME
+ SPRING_DATASOURCE_PASSWORD: DB_PASSWORD
+ hmpps-auth-and-delius-sentry:
+ SENTRY_DSN: SENTRY_DSN
+
+generic-prometheus-alerts:
+ targetApplication: hmpps-auth-and-delius
+
diff --git a/projects/hmpps-auth-and-delius/settings.gradle.kts b/projects/hmpps-auth-and-delius/settings.gradle.kts
new file mode 100644
index 0000000000..85edf25988
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/settings.gradle.kts
@@ -0,0 +1 @@
+rootProject.name = "hmpps-auth-and-delius"
diff --git a/projects/hmpps-auth-and-delius/src/dev/kotlin/uk/gov/justice/digital/hmpps/data/DataLoader.kt b/projects/hmpps-auth-and-delius/src/dev/kotlin/uk/gov/justice/digital/hmpps/data/DataLoader.kt
new file mode 100644
index 0000000000..f6ea94c9a7
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/dev/kotlin/uk/gov/justice/digital/hmpps/data/DataLoader.kt
@@ -0,0 +1,25 @@
+package uk.gov.justice.digital.hmpps.data
+
+import jakarta.annotation.PostConstruct
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.boot.context.event.ApplicationReadyEvent
+import org.springframework.context.ApplicationListener
+import org.springframework.stereotype.Component
+import uk.gov.justice.digital.hmpps.data.generator.UserGenerator
+import uk.gov.justice.digital.hmpps.user.AuditUserRepository
+
+@Component
+@ConditionalOnProperty("seed.database")
+class DataLoader(
+ private val auditUserRepository: AuditUserRepository
+) : ApplicationListener {
+
+ @PostConstruct
+ fun saveAuditUser() {
+ auditUserRepository.save(UserGenerator.AUDIT_USER)
+ }
+
+ override fun onApplicationEvent(are: ApplicationReadyEvent) {
+ // Perform dev/test database setup here, using JPA repositories and generator classes...
+ }
+}
diff --git a/projects/hmpps-auth-and-delius/src/dev/kotlin/uk/gov/justice/digital/hmpps/data/generator/UserGenerator.kt b/projects/hmpps-auth-and-delius/src/dev/kotlin/uk/gov/justice/digital/hmpps/data/generator/UserGenerator.kt
new file mode 100644
index 0000000000..bb06bf1530
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/dev/kotlin/uk/gov/justice/digital/hmpps/data/generator/UserGenerator.kt
@@ -0,0 +1,7 @@
+package uk.gov.justice.digital.hmpps.data.generator
+
+import uk.gov.justice.digital.hmpps.user.AuditUser
+
+object UserGenerator {
+ val AUDIT_USER = AuditUser(IdGenerator.getAndIncrement(), "HmppsAuthAndDelius")
+}
diff --git a/projects/hmpps-auth-and-delius/src/dev/resources/local-public-key.pub b/projects/hmpps-auth-and-delius/src/dev/resources/local-public-key.pub
new file mode 100644
index 0000000000..c0b70f3172
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/dev/resources/local-public-key.pub
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDo3hw1/oChbttEOxEH4NUDrH+Y
+n2x0DavAmDjMbhcSiQ6+/t8Nz/N03BauWzFOGBtftnQrHfnF+O7RAKj8zMjcbIq4
+QrYeXEpnaFCGEwTtOBpxvSEWPrLEpr1gCarBQZDp67ag+SYqrDgkn2Vme/dMvMUQ
+xUO3DT6jg9921J6TlwIDAQAB
+-----END PUBLIC KEY-----
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/src/dev/resources/simulations/__files/hmpps-auth-token-body.json b/projects/hmpps-auth-and-delius/src/dev/resources/simulations/__files/hmpps-auth-token-body.json
new file mode 100644
index 0000000000..33e1aa358c
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/dev/resources/simulations/__files/hmpps-auth-token-body.json
@@ -0,0 +1,10 @@
+{
+ "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJwcm9iYXRpb24taW50ZWdyYXRpb24tZGV2IiwiZ3JhbnRfdHlwZSI6ImNsaWVudF9jcmVkZW50aWFscyIsInVzZXJfbmFtZSI6InByb2JhdGlvbi1pbnRlZ3JhdGlvbi1kZXYiLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiYXV0aF9zb3VyY2UiOiJub25lIiwiaXNzIjoiaHR0cHM6Ly9zaWduLWluLWRldi5obXBwcy5zZXJ2aWNlLmp1c3RpY2UuZ292LnVrL2F1dGgvaXNzdWVyIiwiZXhwIjo5OTk5OTk5OTk5LCJhdXRob3JpdGllcyI6WyJST0xFX0VYQU1QTEUiLCJST0xFX1dPUktMT0FEX1JFQUQiLCJST0xFX0FMTE9DQVRJT05fQ09OVEVYVCJdLCJqdGkiOiIyNUR1Um4xLWh5SFpld0xjZEpKeHdWTDAzS1UiLCJjbGllbnRfaWQiOiJwcm9iYXRpb24taW50ZWdyYXRpb24tZGV2IiwiaWF0IjoxNjYzNzU3MzExfQ.5FTCUjA7QZMPxO_EMzkGNSM-IkPk2hfPXyzuNiAa7uuqYva_yCducrC5FdetAiC1W6XpUB7wfoMNDmbW2xepj5oRhcxDx18r92aLPYnKkxaA68hLQF90euMtTzfBzOPg-rKDTNIJKrUC-YoQlFKuCauw0Z5cw1XT6R9GIfi5Yx4",
+ "token_type": "bearer",
+ "expires_in": 9999999999,
+ "scope": "read write",
+ "sub": "probation-integration-dev",
+ "auth_source": "none",
+ "jti": "fN29JHJy1N7gcYvqe-8B_k5T0mA",
+ "iss": "https://sign-in-dev.hmpps.service.justice.gov.uk/auth/issuer"
+}
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/src/dev/resources/simulations/mappings/hmpps-auth.json b/projects/hmpps-auth-and-delius/src/dev/resources/simulations/mappings/hmpps-auth.json
new file mode 100644
index 0000000000..8a34b1316e
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/dev/resources/simulations/mappings/hmpps-auth.json
@@ -0,0 +1,13 @@
+{
+ "request": {
+ "method": "POST",
+ "urlPath": "/auth/oauth/token"
+ },
+ "response": {
+ "headers": {
+ "Content-Type": "application/json"
+ },
+ "status": 200,
+ "bodyFileName": "hmpps-auth-token-body.json"
+ }
+}
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/src/integrationTest/kotlin/uk/gov/justice/digital/hmpps/IntegrationTest.kt b/projects/hmpps-auth-and-delius/src/integrationTest/kotlin/uk/gov/justice/digital/hmpps/IntegrationTest.kt
new file mode 100644
index 0000000000..d2382a469a
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/integrationTest/kotlin/uk/gov/justice/digital/hmpps/IntegrationTest.kt
@@ -0,0 +1,31 @@
+package uk.gov.justice.digital.hmpps
+
+import com.github.tomakehurst.wiremock.WireMockServer
+import org.junit.jupiter.api.Test
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT
+import org.springframework.boot.test.mock.mockito.MockBean
+import org.springframework.test.web.servlet.MockMvc
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get
+import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
+import uk.gov.justice.digital.hmpps.security.withOAuth2Token
+import uk.gov.justice.digital.hmpps.telemetry.TelemetryService
+
+@AutoConfigureMockMvc
+@SpringBootTest(webEnvironment = RANDOM_PORT)
+internal class IntegrationTest {
+ @Autowired lateinit var mockMvc: MockMvc
+
+ @Autowired lateinit var wireMockServer: WireMockServer
+
+ @MockBean lateinit var telemetryService: TelemetryService
+
+ @Test
+ fun `API call retuns a success response`() {
+ mockMvc
+ .perform(get("/example/123").withOAuth2Token(wireMockServer))
+ .andExpect(status().is2xxSuccessful)
+ }
+}
diff --git a/projects/hmpps-auth-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/App.kt b/projects/hmpps-auth-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/App.kt
new file mode 100644
index 0000000000..c7faac5b26
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/App.kt
@@ -0,0 +1,11 @@
+package uk.gov.justice.digital.hmpps
+
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.runApplication
+
+@SpringBootApplication
+class App
+
+fun main(args: Array) {
+ runApplication(*args)
+}
diff --git a/projects/hmpps-auth-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/controller/ApiController.kt b/projects/hmpps-auth-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/controller/ApiController.kt
new file mode 100644
index 0000000000..e5f139965c
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/main/kotlin/uk/gov/justice/digital/hmpps/controller/ApiController.kt
@@ -0,0 +1,17 @@
+package uk.gov.justice.digital.hmpps.controller
+
+import org.springframework.security.access.prepost.PreAuthorize
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.PathVariable
+import org.springframework.web.bind.annotation.RestController
+
+@RestController
+class ApiController {
+ @PreAuthorize("hasRole('ROLE_EXAMPLE')")
+ @GetMapping(value = ["/example/{inputId}"])
+ fun handle(
+ @PathVariable("inputId") inputId: String
+ ) {
+ // TODO Not yet implemented
+ }
+}
diff --git a/projects/hmpps-auth-and-delius/src/main/resources/application.yml b/projects/hmpps-auth-and-delius/src/main/resources/application.yml
new file mode 100644
index 0000000000..9b219923e7
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/src/main/resources/application.yml
@@ -0,0 +1,72 @@
+# Default config
+spring:
+ jackson:
+ default-property-inclusion: non_null
+ jpa:
+ database-platform: org.hibernate.dialect.OracleDialect
+ hibernate.ddl-auto: validate
+ properties:
+ hibernate:
+ query.mutation_strategy: org.hibernate.query.sqm.mutation.internal.inline.InlineMutationStrategy
+ timezone.default_storage: NORMALIZE
+ hql.bulk_id_strategy:
+ persistent:
+ create_tables: false
+ drop_tables: false
+ global_temporary:
+ create_tables: false
+ drop_tables: false
+ security.oauth2.client:
+ registration:
+ hmpps-auth-and-delius:
+ provider: hmpps-auth
+ authorization-grant-type: client_credentials
+ client-id: hmpps-auth-and-delius
+ client-secret: hmpps-auth-and-delius
+ provider:
+ hmpps-auth:
+ token-uri: http://localhost:${wiremock.port}/auth/oauth/token
+springdoc.default-produces-media-type: application/json
+
+delius.db.username: HmppsAuthAndDelius # Should match value in [deploy/database/access.yml].
+
+management.endpoints.web:
+ base-path: /
+ exposure.include: [ "health", "info" ]
+
+---
+# Shared dev/test config
+spring.config.activate.on-profile: [ "dev", "integration-test" ]
+
+spring:
+ datasource.url: jdbc:h2:file:./dev;MODE=Oracle;DEFAULT_NULL_ORDERING=HIGH;AUTO_SERVER=true;AUTO_SERVER_PORT=9092
+ jpa.hibernate.ddl-auto: create-drop
+ security.oauth2.resourceserver.jwt.public-key-location: classpath:local-public-key.pub
+
+seed.database: true
+wiremock.enabled: true
+context.initializer.classes: uk.gov.justice.digital.hmpps.wiremock.WireMockInitialiser
+
+logging.level:
+ uk.gov.justice.digital.hmpps: DEBUG
+ org.hibernate.tool.schema: ERROR
+ org.apache.activemq: WARN
+
+---
+spring.config.activate.on-profile: integration-test
+spring.datasource.url: jdbc:h2:mem:./test;MODE=Oracle;DEFAULT_NULL_ORDERING=HIGH
+
+---
+spring.config.activate.on-profile: oracle
+spring.datasource.url: 'jdbc:tc:oracle:slim-faststart:///XEPDB1'
+
+---
+spring.config.activate.on-profile: delius-db
+spring:
+ datasource:
+ url: 'jdbc:oracle:thin:@//localhost:1521/XEPDB1'
+ username: delius_pool
+ password: NDelius1
+ jpa.hibernate.ddl-auto: validate
+seed.database: false
+delius.db.username: NationalUser
diff --git a/projects/hmpps-auth-and-delius/tech-docs/.gitignore b/projects/hmpps-auth-and-delius/tech-docs/.gitignore
new file mode 100644
index 0000000000..80d5de85a7
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/.gitignore
@@ -0,0 +1,20 @@
+# See http://help.github.com/ignore-files/ for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile ~/.gitignore_global
+
+# Ignore bundler config
+/.bundle
+
+# Ignore the build directory
+/build
+
+# Ignore cache
+/.sass-cache
+/.cache
+
+# Ignore .DS_store file
+.DS_Store
+
+Staticfile.auth
diff --git a/projects/hmpps-auth-and-delius/tech-docs/.template_version b/projects/hmpps-auth-and-delius/tech-docs/.template_version
new file mode 100644
index 0000000000..57ff8862e1
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/.template_version
@@ -0,0 +1,3 @@
+---
+:remote: https://github.com/alphagov/tech-docs-template.git
+:revision: b37e894
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/tech-docs/Gemfile b/projects/hmpps-auth-and-delius/tech-docs/Gemfile
new file mode 100644
index 0000000000..afef363c09
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/Gemfile
@@ -0,0 +1,12 @@
+# If you do not have OpenSSL installed, change
+# the following line to use 'http://'
+source 'https://rubygems.org'
+
+# For faster file watcher updates on Windows:
+gem 'wdm', '~> 0.1.0', platforms: [:mswin, :mingw, :x64_mingw]
+
+# Windows does not come with time zone data
+gem 'tzinfo-data', platforms: [:mswin, :mingw, :x64_mingw, :jruby]
+
+# Include the tech docs gem
+gem 'govuk_tech_docs'
diff --git a/projects/hmpps-auth-and-delius/tech-docs/Gemfile.lock b/projects/hmpps-auth-and-delius/tech-docs/Gemfile.lock
new file mode 100644
index 0000000000..a9ead249ac
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/Gemfile.lock
@@ -0,0 +1,177 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ activesupport (7.0.7.2)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 1.6, < 2)
+ minitest (>= 5.1)
+ tzinfo (~> 2.0)
+ addressable (2.8.4)
+ public_suffix (>= 2.0.2, < 6.0)
+ autoprefixer-rails (10.4.13.0)
+ execjs (~> 2)
+ backports (3.24.1)
+ chronic (0.10.2)
+ chunky_png (1.4.0)
+ coffee-script (2.4.1)
+ coffee-script-source
+ execjs
+ coffee-script-source (1.12.2)
+ commonmarker (0.23.10)
+ compass (1.0.3)
+ chunky_png (~> 1.2)
+ compass-core (~> 1.0.2)
+ compass-import-once (~> 1.0.5)
+ rb-fsevent (>= 0.9.3)
+ rb-inotify (>= 0.9)
+ sass (>= 3.3.13, < 3.5)
+ compass-core (1.0.3)
+ multi_json (~> 1.0)
+ sass (>= 3.3.0, < 3.5)
+ compass-import-once (1.0.5)
+ sass (>= 3.2, < 3.5)
+ concurrent-ruby (1.2.2)
+ contracts (0.17)
+ dotenv (2.8.1)
+ em-websocket (0.5.3)
+ eventmachine (>= 0.12.9)
+ http_parser.rb (~> 0)
+ erubis (2.7.0)
+ eventmachine (1.2.7)
+ execjs (2.8.1)
+ fast_blank (1.0.1)
+ fastimage (2.2.6)
+ ffi (1.15.5)
+ govuk_tech_docs (3.3.1)
+ autoprefixer-rails (~> 10.2)
+ chronic (~> 0.10.2)
+ middleman (~> 4.0)
+ middleman-autoprefixer (~> 2.10.0)
+ middleman-compass (>= 4.0.0)
+ middleman-livereload
+ middleman-search-gds
+ middleman-sprockets (~> 4.0.0)
+ middleman-syntax (~> 3.2.0)
+ nokogiri
+ openapi3_parser (~> 0.9.0)
+ redcarpet (~> 3.5.1)
+ haml (5.2.2)
+ temple (>= 0.8.0)
+ tilt
+ hamster (3.0.0)
+ concurrent-ruby (~> 1.0)
+ hashie (3.6.0)
+ http_parser.rb (0.8.0)
+ i18n (1.6.0)
+ concurrent-ruby (~> 1.0)
+ kramdown (2.4.0)
+ rexml
+ listen (3.8.0)
+ rb-fsevent (~> 0.10, >= 0.10.3)
+ rb-inotify (~> 0.9, >= 0.9.10)
+ memoist (0.16.2)
+ middleman (4.4.3)
+ coffee-script (~> 2.2)
+ haml (>= 4.0.5, < 6.0)
+ kramdown (>= 2.3.0)
+ middleman-cli (= 4.4.3)
+ middleman-core (= 4.4.3)
+ middleman-autoprefixer (2.10.0)
+ autoprefixer-rails (>= 9.1.4)
+ middleman-core (>= 3.3.3)
+ middleman-cli (4.4.3)
+ thor (>= 0.17.0, < 2.0)
+ middleman-compass (4.0.1)
+ compass (>= 1.0.0, < 2.0.0)
+ middleman-core (>= 4.0.0)
+ middleman-core (4.4.3)
+ activesupport (>= 6.1, < 7.1)
+ addressable (~> 2.4)
+ backports (~> 3.6)
+ bundler (~> 2.0)
+ contracts (~> 0.13)
+ dotenv
+ erubis
+ execjs (~> 2.0)
+ fast_blank
+ fastimage (~> 2.0)
+ hamster (~> 3.0)
+ hashie (~> 3.4)
+ i18n (~> 1.6.0)
+ listen (~> 3.0)
+ memoist (~> 0.14)
+ padrino-helpers (~> 0.15.0)
+ parallel
+ rack (>= 1.4.5, < 3)
+ sassc (~> 2.0)
+ servolux
+ tilt (~> 2.0.9)
+ toml
+ uglifier (~> 3.0)
+ webrick
+ middleman-livereload (3.4.7)
+ em-websocket (~> 0.5.1)
+ middleman-core (>= 3.3)
+ rack-livereload (~> 0.3.15)
+ middleman-search-gds (0.11.2)
+ execjs (~> 2.6)
+ middleman-core (>= 3.2)
+ nokogiri (~> 1.6)
+ middleman-sprockets (4.0.0)
+ middleman-core (~> 4.0)
+ sprockets (>= 3.0)
+ middleman-syntax (3.2.0)
+ middleman-core (>= 3.2)
+ rouge (~> 3.2)
+ minitest (5.18.0)
+ multi_json (1.15.0)
+ nokogiri (1.14.3-x86_64-linux)
+ racc (~> 1.4)
+ openapi3_parser (0.9.2)
+ commonmarker (~> 0.17)
+ padrino-helpers (0.15.3)
+ i18n (>= 0.6.7, < 2)
+ padrino-support (= 0.15.3)
+ tilt (>= 1.4.1, < 3)
+ padrino-support (0.15.3)
+ parallel (1.22.1)
+ parslet (2.0.0)
+ public_suffix (5.0.1)
+ racc (1.6.2)
+ rack (2.2.6.4)
+ rack-livereload (0.3.17)
+ rack
+ rb-fsevent (0.11.2)
+ rb-inotify (0.10.1)
+ ffi (~> 1.0)
+ redcarpet (3.5.1)
+ rexml (3.2.5)
+ rouge (3.30.0)
+ sass (3.4.25)
+ sassc (2.4.0)
+ ffi (~> 1.9)
+ servolux (0.13.0)
+ sprockets (4.2.0)
+ concurrent-ruby (~> 1.0)
+ rack (>= 2.2.4, < 4)
+ temple (0.10.0)
+ thor (1.2.1)
+ tilt (2.0.11)
+ toml (0.3.0)
+ parslet (>= 1.8.0, < 3.0.0)
+ tzinfo (2.0.6)
+ concurrent-ruby (~> 1.0)
+ uglifier (3.2.0)
+ execjs (>= 0.3.0, < 3)
+ webrick (1.8.1)
+
+PLATFORMS
+ x86_64-linux
+
+DEPENDENCIES
+ govuk_tech_docs
+ tzinfo-data
+ wdm (~> 0.1.0)
+
+BUNDLED WITH
+ 2.3.26
diff --git a/projects/hmpps-auth-and-delius/tech-docs/config.rb b/projects/hmpps-auth-and-delius/tech-docs/config.rb
new file mode 100644
index 0000000000..76c77d53dd
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/config.rb
@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require "govuk_tech_docs"
+
+GovukTechDocs.configure(self)
+
+activate :relative_assets
+set :relative_links, true
diff --git a/projects/hmpps-auth-and-delius/tech-docs/config/tech-docs.yml b/projects/hmpps-auth-and-delius/tech-docs/config/tech-docs.yml
new file mode 100644
index 0000000000..b7eec428a6
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/config/tech-docs.yml
@@ -0,0 +1,44 @@
+# Host to use for canonical URL generation (without trailing slash)
+host: https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/hmpps-auth-and-delius
+
+# Header-related options
+service_name: HMPPS Hmpps Auth And Delius
+service_link: https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/hmpps-auth-and-delius
+
+# Links to show on right-hand-side of header
+header_links:
+ Home: https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs
+ GitHub: https://github.com/ministryofjustice/hmpps-probation-integration-services#readme
+ Slack: https://mojdt.slack.com/archives/C02HQ4M2YQN # #probation-integration-tech channel
+
+# Enables search functionality. This indexes pages only and is not recommended for single-page sites.
+enable_search: true
+
+# Tracking ID from Google Analytics (e.g. UA-XXXX-Y)
+ga_tracking_id:
+
+# Enable multipage navigation in the sidebar
+multipage_nav: true
+
+# Enable collapsible navigation in the sidebar
+collapsible_nav: true
+
+# Table of contents depth – how many levels to include in the table of contents.
+# If your ToC is too long, reduce this number and we'll only show higher-level
+# headings.
+max_toc_heading_level: 2
+
+# Prevent robots from indexing (e.g. whilst in development)
+prevent_indexing: false
+
+# Contribution
+show_contribution_banner: true
+github_repo: ministryofjustice/hmpps-probation-integration-services
+github_branch: main
+
+# Slack
+owner_slack_workspace: mojdt
+default_owner_slack: '#probation-integration-tech'
+
+# OpenAPI
+api_path: https://hmpps-auth-and-delius-dev.hmpps.service.justice.gov.uk/v3/api-docs.yaml
diff --git a/projects/hmpps-auth-and-delius/tech-docs/source/api-reference.html.md.erb b/projects/hmpps-auth-and-delius/tech-docs/source/api-reference.html.md.erb
new file mode 100644
index 0000000000..df6e207e7b
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/source/api-reference.html.md.erb
@@ -0,0 +1,19 @@
+---
+title: API Reference
+source_url: 'https://github.com/ministryofjustice/hmpps-probation-integration-services/blob/main/projects/hmpps-auth-and-delius/tech-docs/source/api-reference.html.md.erb'
+weight: 20
+---
+
+
+
+
+The following documentation is also available in these formats:
+
+* [OpenAPI JSON](https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/hmpps-auth-and-delius/api-docs.json)
+* [OpenAPI YAML](https://ministryofjustice.github.io/hmpps-probation-integration-services/tech-docs/projects/hmpps-auth-and-delius/api-docs.yaml)
+* [Swagger UI](https://hmpps-auth-and-delius-dev.hmpps.service.justice.gov.uk/swagger-ui/index.html)
+
+api>
diff --git a/projects/hmpps-auth-and-delius/tech-docs/source/index.html.md.erb b/projects/hmpps-auth-and-delius/tech-docs/source/index.html.md.erb
new file mode 100644
index 0000000000..464be7aaef
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/source/index.html.md.erb
@@ -0,0 +1,7 @@
+---
+title: About
+source_url: 'https://github.com/ministryofjustice/hmpps-probation-integration-services/blob/main/projects/hmpps-auth-and-delius/tech-docs/source/index.html.md.erb'
+weight: 10
+---
+
+<%= URI.open('https://raw.githubusercontent.com/ministryofjustice/hmpps-probation-integration-services/main/projects/hmpps-auth-and-delius/README.md').read.gsub(/tech-docs\/source\//, "./") %>
\ No newline at end of file
diff --git a/projects/hmpps-auth-and-delius/tech-docs/source/javascripts/application.js b/projects/hmpps-auth-and-delius/tech-docs/source/javascripts/application.js
new file mode 100644
index 0000000000..8a5d80b842
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/source/javascripts/application.js
@@ -0,0 +1 @@
+//= require govuk_tech_docs
diff --git a/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/print.css.scss b/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/print.css.scss
new file mode 100644
index 0000000000..82b181c017
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/print.css.scss
@@ -0,0 +1,3 @@
+$is-print: true;
+
+@import "govuk_tech_docs";
diff --git a/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/screen-old-ie.css.scss b/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/screen-old-ie.css.scss
new file mode 100644
index 0000000000..da90cca5b0
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/screen-old-ie.css.scss
@@ -0,0 +1,4 @@
+$is-ie: true;
+$ie-version: 8;
+
+@import "govuk_tech_docs";
diff --git a/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/screen.css.scss b/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/screen.css.scss
new file mode 100644
index 0000000000..f0456338fd
--- /dev/null
+++ b/projects/hmpps-auth-and-delius/tech-docs/source/stylesheets/screen.css.scss
@@ -0,0 +1 @@
+@import "govuk_tech_docs";
diff --git a/settings.gradle.kts b/settings.gradle.kts
index c20dd7c683..88686a98f2 100644
--- a/settings.gradle.kts
+++ b/settings.gradle.kts
@@ -1,6 +1,7 @@
rootProject.name = "probation-integration-services"
include(
// ⌄ add new projects here
+ "hmpps-auth-and-delius",
"opd-and-delius",
"prison-education-and-delius",
"resettlement-passport-and-delius",