From 2fc142b0abb9e7e7328ad634ff3aabf1c7df78db Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Wed, 18 Sep 2024 14:54:07 +0100 Subject: [PATCH 01/14] MLPAB-2433 request low confidence vot --- Makefile | 4 +- go.sum | 81 +------------------------------- internal/onelogin/client.go | 2 +- internal/onelogin/client_test.go | 2 +- 4 files changed, 6 insertions(+), 83 deletions(-) diff --git a/Makefile b/Makefile index 7cc569ac69..907b61988e 100644 --- a/Makefile +++ b/Makefile @@ -158,8 +158,8 @@ set-uploads-infected: ##@events calls emit-object-tags-added-with-virus for all key=$$k $(MAKE) emit-object-tags-added-with-virus ; \ done -logs: ##@app tails logs for all containers running - docker compose -f docker/docker-compose.yml -f docker/docker-compose.dev.yml logs -f +logs: ##@app tails logs for app mock-notify, events-lambda, mock-onelogin, mock-lpa-store and mock-uid and filters out noisy runner logs + docker compose --ansi=always -f docker/docker-compose.yml -f docker/docker-compose.dev.yml logs app mock-notify events-lambda mock-onelogin mock-lpa-store mock-uid -f | grep -v 'runner' terraform-update-docs: ##@terraform updates all terraform-docs managed documentation terraform-docs --config terraform/environment/.terraform-docs.yml ./terraform/environment diff --git a/go.sum b/go.sum index fd933342d0..55bc1d8a19 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,5 @@ -github.com/MicahParks/jwkset v0.5.18 h1:WLdyMngF7rCrnstQxA7mpRoxeaWqGzPM/0z40PJUK4w= -github.com/MicahParks/jwkset v0.5.18/go.mod h1:q8ptTGn/Z9c4MwbcfeCDssADeVQb3Pk7PnVxrvi+2QY= github.com/MicahParks/jwkset v0.5.20 h1:gTIKx9AofTqQJ0srd8AL7ty9NeadP5WUXSPOZadTpOI= github.com/MicahParks/jwkset v0.5.20/go.mod h1:q8ptTGn/Z9c4MwbcfeCDssADeVQb3Pk7PnVxrvi+2QY= -github.com/MicahParks/keyfunc/v3 v3.3.3 h1:c6j9oSu1YUo0k//KwF1miIQlEMtqNlj7XBFLB8jtEmY= -github.com/MicahParks/keyfunc/v3 v3.3.3/go.mod h1:f/UMyXdKfkZzmBeBFUeYk+zu066J1Fcl48f7Wnl5Z48= github.com/MicahParks/keyfunc/v3 v3.3.5 h1:7ceAJLUAldnoueHDNzF8Bx06oVcQ5CfJnYwNt1U3YYo= github.com/MicahParks/keyfunc/v3 v3.3.5/go.mod h1:SdCCyMJn/bYqWDvARspC6nCT8Sk74MjuAY22C7dCST8= github.com/aws/aws-lambda-go v1.47.0 h1:0H8s0vumYx/YKs4sE7YM0ktwL2eWse+kfopsRI1sXVI= @@ -12,18 +8,10 @@ github.com/aws/aws-sdk-go-v2 v1.30.5 h1:mWSRTwQAb0aLE17dSzztCVJWI9+cRMgqebndjwDy github.com/aws/aws-sdk-go-v2 v1.30.5/go.mod h1:CT+ZPWXbYrci8chcARI3OmI/qgd+f6WtuLOoaIA8PR0= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4 h1:70PVAiL15/aBMh5LThwgXdSQorVr91L127ttckI9QQU= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4/go.mod h1:/MQxMqci8tlqDH+pjmoLu1i0tbWCUP1hhyMRuFxpQCw= -github.com/aws/aws-sdk-go-v2/config v1.27.33 h1:Nof9o/MsmH4oa0s2q9a0k7tMz5x/Yj5k06lDODWz3BU= -github.com/aws/aws-sdk-go-v2/config v1.27.33/go.mod h1:kEqdYzRb8dd8Sy2pOdEbExTTF5v7ozEXX0McgPE7xks= github.com/aws/aws-sdk-go-v2/config v1.27.35 h1:jeFgiWYNV0vrgdZqB4kZBjYNdy0IKkwrAjr2fwpHIig= github.com/aws/aws-sdk-go-v2/config v1.27.35/go.mod h1:qnpEvTq8ZfjrCqmJGRfWZuF+lGZ/vG8LK2K0L/TY1gQ= -github.com/aws/aws-sdk-go-v2/credentials v1.17.32 h1:7Cxhp/BnT2RcGy4VisJ9miUPecY+lyE9I8JvcZofn9I= -github.com/aws/aws-sdk-go-v2/credentials v1.17.32/go.mod h1:P5/QMF3/DCHbXGEGkdbilXHsyTBX5D3HSwcrSc9p20I= github.com/aws/aws-sdk-go-v2/credentials v1.17.33 h1:lBHAQQznENv0gLHAZ73ONiTSkCtr8q3pSqWrpbBBZz0= github.com/aws/aws-sdk-go-v2/credentials v1.17.33/go.mod h1:MBuqCUOT3ChfLuxNDGyra67eskx7ge9e3YKYBce7wpI= -github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.2 h1:ss2pLhKcLRqzzWR08Z3arJN1R/9gcjDbzlYHyYNZ/F0= -github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.2/go.mod h1:luXuuIR1T/EQo8PO3rkxKajO0hMRa7NYUhComrBpgW0= -github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.3 h1:/BPXKQ6n1cDWPmc5FWF6fCSaUtK+dWkWd0x9dI4dgaI= -github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.3/go.mod h1:qabLXChRlJREypX5RN/Z47GU+RaMsjotNCZfZ85oD0M= github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.4 h1:m7h6UwsHIyx0L8K7T17aYeDcevwd6hGrbQiAid2XyKA= github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.4/go.mod h1:Hkre8GbTJ7Y6IKDVMoWRD12pIHQ6GH4JNEwzKiz6xyw= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 h1:pfQ2sqNpMVK6xz2RbqLEL0GH87JOwSxPV2rzm8Zsb74= @@ -36,18 +24,10 @@ github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvK github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.17 h1:Roo69qTpfu8OlJ2Tb7pAYVuF0CpuUMB0IYWwYP/4DZM= github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.17/go.mod h1:NcWPxQzGM1USQggaTVwz6VpqMZPX1CvDJLDh6jnOCa4= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.34.8 h1:XTz8pSCsPiM9FpT+gTPIL6ryiu/T4Z3dpR/FBtPaBXA= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.34.8/go.mod h1:N3YdUYxyxhiuAelUgCpSVBuBI1klobJxZrDtL+olu10= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.34.9 h1:jbqgtdKfAXebx2/l2UhDEe/jmmCIhaCO3HFK71M7VzM= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.34.9/go.mod h1:N3YdUYxyxhiuAelUgCpSVBuBI1klobJxZrDtL+olu10= github.com/aws/aws-sdk-go-v2/service/dynamodb v1.34.10 h1:ozHHSE9Hflrf2DZmJEoqIO+bK6E6rAfID8PSCv2rgG8= github.com/aws/aws-sdk-go-v2/service/dynamodb v1.34.10/go.mod h1:N3YdUYxyxhiuAelUgCpSVBuBI1klobJxZrDtL+olu10= -github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.22.7 h1:VTBHXWkSeFgT3sfYB4U92qMgzHl0nz9H1tYNHHutLg0= -github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.22.7/go.mod h1:F/ybU7YfgFcktSp+biKgiHjyscGhlZxOz4QFFQqHXGw= github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.22.8 h1:lje864O92lma0+TnDNHAMpiehauR02sTo+xfoSsw3DE= github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.22.8/go.mod h1:F/ybU7YfgFcktSp+biKgiHjyscGhlZxOz4QFFQqHXGw= -github.com/aws/aws-sdk-go-v2/service/eventbridge v1.33.7 h1:q+xiPu+Dk5MFC20ZjdGGhbihD39Xsih98epvVjnOjyE= -github.com/aws/aws-sdk-go-v2/service/eventbridge v1.33.7/go.mod h1:iQCsmx9LyBMyMEkLCBVqnIAz+rfo6/ss3oLcYn26+no= github.com/aws/aws-sdk-go-v2/service/eventbridge v1.33.8 h1:qsJCjuhYMhVL6rheYWYBUwrZY9SGRQIG7rrTzPByef0= github.com/aws/aws-sdk-go-v2/service/eventbridge v1.33.8/go.mod h1:iQCsmx9LyBMyMEkLCBVqnIAz+rfo6/ss3oLcYn26+no= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 h1:KypMCbLPPHEmf9DgMGw51jMj77VfGPAN2Kv4cfhlfgI= @@ -60,32 +40,18 @@ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 h1:rfprUlsd github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19/go.mod h1:SCWkEdRq8/7EK60NcvvQ6NXKuTcchAD4ROAsC37VEZE= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.17 h1:u+EfGmksnJc/x5tq3A+OD7LrMbSSR/5TrKLvkdy/fhY= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.17/go.mod h1:VaMx6302JHax2vHJWgRo+5n9zvbacs3bLU/23DNQrTY= -github.com/aws/aws-sdk-go-v2/service/s3 v1.61.2 h1:Kp6PWAlXwP1UvIflkIP6MFZYBNDCa4mFCGtxrpICVOg= -github.com/aws/aws-sdk-go-v2/service/s3 v1.61.2/go.mod h1:5FmD/Dqq57gP+XwaUnd5WFPipAuzrf0HmupX27Gvjvc= github.com/aws/aws-sdk-go-v2/service/s3 v1.62.0 h1:rd/aA3iDq1q7YsL5sc4dEwChutH7OZF9Ihfst6pXQzI= github.com/aws/aws-sdk-go-v2/service/s3 v1.62.0/go.mod h1:5FmD/Dqq57gP+XwaUnd5WFPipAuzrf0HmupX27Gvjvc= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.8 h1:HNXhQReFG2fbucvPRxDabbIGQf/6dieOfTnzoGPEqXI= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.8/go.mod h1:BYr9P/rrcLNJ8A36nT15p8tpoVDZ5lroHuMn/njecBw= github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.9 h1:croIrE67fpV6wff+0M8jbrJZpKSlrqVGrCnqNU5rtoI= github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.9/go.mod h1:BYr9P/rrcLNJ8A36nT15p8tpoVDZ5lroHuMn/njecBw= -github.com/aws/aws-sdk-go-v2/service/sqs v1.34.8 h1:t3TzmBX0lpDNtLhl7vY97VMvLtxp/KTvjjj2X3s6SUQ= -github.com/aws/aws-sdk-go-v2/service/sqs v1.34.8/go.mod h1:zn0Oy7oNni7XIGoAd6bHBTVtX06OrnpvT1kww8jxyi8= github.com/aws/aws-sdk-go-v2/service/sqs v1.34.9 h1:soISVWbRSqWplczJaEYxj26UrGULnptybx/eA3aGo90= github.com/aws/aws-sdk-go-v2/service/sqs v1.34.9/go.mod h1:zn0Oy7oNni7XIGoAd6bHBTVtX06OrnpvT1kww8jxyi8= -github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 h1:pIaGg+08llrP7Q5aiz9ICWbY8cqhTkyy+0SHvfzQpTc= -github.com/aws/aws-sdk-go-v2/service/sso v1.22.7/go.mod h1:eEygMHnTKH/3kNp9Jr1n3PdejuSNcgwLe1dWgQtO0VQ= github.com/aws/aws-sdk-go-v2/service/sso v1.22.8 h1:JRwuL+S1Qe1owZQoxblV7ORgRf2o0SrtzDVIbaVCdQ0= github.com/aws/aws-sdk-go-v2/service/sso v1.22.8/go.mod h1:eEygMHnTKH/3kNp9Jr1n3PdejuSNcgwLe1dWgQtO0VQ= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 h1:/Cfdu0XV3mONYKaOt1Gr0k1KvQzkzPyiKUdlWJqy+J4= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7/go.mod h1:bCbAxKDqNvkHxRaIMnyVPXPo+OaPRwvmgzMxbz1VKSA= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.8 h1:+HpGETD9463PFSj7lX5+eq7aLDs85QUIA+NBkeAsscA= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.8/go.mod h1:bCbAxKDqNvkHxRaIMnyVPXPo+OaPRwvmgzMxbz1VKSA= -github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 h1:NKTa1eqZYw8tiHSRGpP0VtTdub/8KNk8sDkNPFaOKDE= -github.com/aws/aws-sdk-go-v2/service/sts v1.30.7/go.mod h1:NXi1dIAGteSaRLqYgarlhP/Ij0cFT+qmCwiJqWh/U5o= github.com/aws/aws-sdk-go-v2/service/sts v1.30.8 h1:bAi+4p5EKnni+jrfcAhb7iHFQ24bthOAV9t0taf3DCE= github.com/aws/aws-sdk-go-v2/service/sts v1.30.8/go.mod h1:NXi1dIAGteSaRLqYgarlhP/Ij0cFT+qmCwiJqWh/U5o= -github.com/aws/smithy-go v1.20.4 h1:2HK1zBdPgRbjFOHlfeQZfpC4r72MOb9bZkiFwggKO+4= -github.com/aws/smithy-go v1.20.4/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/aws/smithy-go v1.21.0 h1:H7L8dtDRk0P1Qm6y0ji7MCYMQObJ5R9CRpyPhRUkLYA= github.com/aws/smithy-go v1.21.0/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/brunoscheufler/aws-ecs-metadata-go v0.0.0-20221221133751-67e37ae746cd h1:C0dfBzAdNMqxokqWUysk2KTJSMmqvh9cNW1opdy5+0Q= @@ -163,10 +129,6 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/ministryofjustice/opg-go-common v1.11.0 h1:g5V74jaSgh5CU3GYTgABrPfKiHsj6zT5u/KnGOj8hw8= -github.com/ministryofjustice/opg-go-common v1.11.0/go.mod h1:XP3OcyjKCq/96SDIjUDFsX8ueo6PCikXjwVfxwEz7gU= -github.com/ministryofjustice/opg-go-common v1.12.0 h1:Pff20aIQ9BfGR+rjIhj9s0R0eKAwFoI+TKB7JT6bLwY= -github.com/ministryofjustice/opg-go-common v1.12.0/go.mod h1:kRnEdw9l9S7Ihb8AbfRUbnh4y79r+uukvLrFxRe+y28= github.com/ministryofjustice/opg-go-common v1.15.0 h1:xJn847V/UB+Syqu6wFZNacSLB/C66aNvMrKbkJYo4Lw= github.com/ministryofjustice/opg-go-common v1.15.0/go.mod h1:w8HICh7iztYmI5OVFtA2aC36DHdt45cIADJ0iNtKhvw= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= @@ -228,9 +190,7 @@ github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4= github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY= github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28= -github.com/vektra/mockery/v2 v2.45.0 h1:TDKO9y0CPv+/gm7KVBOJfzMcBeK7Y044jvaNdgBBVik= -github.com/vektra/mockery/v2 v2.45.0/go.mod h1:XNTE9RIu3deGAGQRVjP1VZxGpQNm0YedZx4oDs3prr8= -github.com/vektra/mockery/v2 v2.45.1/go.mod h1:XNTE9RIu3deGAGQRVjP1VZxGpQNm0YedZx4oDs3prr8= +github.com/vektra/mockery/v2 v2.46.0 h1:DKIFj6hAPGwmOYiWfWzdsQtBgU8ozPXo3Bwbmf+Ku80= github.com/vektra/mockery/v2 v2.46.0/go.mod h1:XNTE9RIu3deGAGQRVjP1VZxGpQNm0YedZx4oDs3prr8= github.com/wI2L/jsondiff v0.6.0 h1:zrsH3FbfVa3JO9llxrcDy/XLkYPLgoMX6Mz3T2PP2AI= github.com/wI2L/jsondiff v0.6.0/go.mod h1:D6aQ5gKgPF9g17j+E9N7aasmU1O+XvfmWm1y8UMmNpw= @@ -240,44 +200,24 @@ github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHo github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= -go.opentelemetry.io/contrib/detectors/aws/ecs v1.29.0 h1:IgPZK3rwSFzQwAvlHFYn5NLo+V+008PWO34t9Y1fRzY= -go.opentelemetry.io/contrib/detectors/aws/ecs v1.29.0/go.mod h1:MxiZZB92HEa02+p+EpvG95qyKsVyYAYGBHnNz3mv2Go= go.opentelemetry.io/contrib/detectors/aws/ecs v1.30.0 h1:tyAMwh9XYbINOpW62iYo2k7ZlPgjEulbEFudzlY8H1I= go.opentelemetry.io/contrib/detectors/aws/ecs v1.30.0/go.mod h1:NuMawOvkflSsTZAu3iF3ydeF4spFQUnf8DYjK8YdqYI= -go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws v0.54.0 h1:By10h8DrrjRcZjy10wBEkRdwhe4kOFuNTfprm8RXQQk= -go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws v0.54.0/go.mod h1:EtfcBqee4PFJSl+TXvfhg8ADvLWGFXwwX7SYNHG/VGM= go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws v0.55.0 h1:MnAevUB0SFfKALzF5ApgrArdvHZduRT3/e59L/lNYKE= go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws v0.55.0/go.mod h1:MHPbT1EvQOZMGbKeuCovYWcyM9iaxcltRf7+GsU8ziE= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 h1:TT4fX+nBOA/+LUkobKGW1ydGcn+G3vRw9+g5HwCphpk= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0/go.mod h1:L7UH0GbB0p47T4Rri3uHjbpCFYrVrwc1I25QhNPiGK8= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.55.0 h1:ZIg3ZT/aQ7AfKqdwp7ECpOK6vHqquXXuyTjIO8ZdmPs= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.55.0/go.mod h1:DQAwmETtZV00skUwgD6+0U89g80NKsJE3DCKeLLPQMI= -go.opentelemetry.io/contrib/propagators/aws v1.29.0 h1:mqadbdNBhn/MVOcNx0dEZAaOaomKKdnsM0QNBmFegiI= -go.opentelemetry.io/contrib/propagators/aws v1.29.0/go.mod h1:3RCUqtGbLbVr6REZv3pQbtqql9GNEpvyB7GiTJhP/nk= go.opentelemetry.io/contrib/propagators/aws v1.30.0 h1:zgdTJFAOV7Hz8Qj2WyFn9dcKY5lGzzbzjZwVyb3hLpQ= go.opentelemetry.io/contrib/propagators/aws v1.30.0/go.mod h1:91m2Z4jJlILKAJmqRD/AeNiJrTNquB0m/o6dV15WMiI= -go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw= -go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8= go.opentelemetry.io/otel v1.30.0 h1:F2t8sK4qf1fAmY9ua4ohFS/K+FUuOPemHUIXHtktrts= go.opentelemetry.io/otel v1.30.0/go.mod h1:tFw4Br9b7fOS+uEao81PJjVMjW/5fvNCbpsDIXqP0pc= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.29.0 h1:dIIDULZJpgdiHz5tXrTgKIMLkus6jEFa7x5SOKcyR7E= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.29.0/go.mod h1:jlRVBe7+Z1wyxFSUs48L6OBQZ5JwH2Hg/Vbl+t9rAgI= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.30.0 h1:lsInsfvhVIfOI6qHVyysXMNDnjO9Npvl7tlDPJFBVd4= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.30.0/go.mod h1:KQsVNh4OjgjTG0G6EiNi1jVpnaeeKsKMRwbLN+f1+8M= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.29.0 h1:nSiV3s7wiCam610XcLbYOmMfJxB9gO4uK3Xgv5gmTgg= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.29.0/go.mod h1:hKn/e/Nmd19/x1gvIHwtOwVWM+VhuITSWip3JUDghj0= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.30.0 h1:m0yTiGDLUvVYaTFbAvCkVYIYcvwKt3G7OLoN77NUs/8= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.30.0/go.mod h1:wBQbT4UekBfegL2nx0Xk1vBcnzyBPsIVm9hRG4fYcr4= -go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc= -go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8= go.opentelemetry.io/otel/metric v1.30.0 h1:4xNulvn9gjzo4hjg+wzIKG7iNFEaBMX00Qd4QIZs7+w= go.opentelemetry.io/otel/metric v1.30.0/go.mod h1:aXTfST94tswhWEb+5QjlSqG+cZlmyXy/u8jFpor3WqQ= -go.opentelemetry.io/otel/sdk v1.29.0 h1:vkqKjk7gwhS8VaWb0POZKmIEDimRCMsopNYnriHyryo= -go.opentelemetry.io/otel/sdk v1.29.0/go.mod h1:pM8Dx5WKnvxLCb+8lG1PRNIDxu9g9b9g59Qr7hfAAok= go.opentelemetry.io/otel/sdk v1.30.0 h1:cHdik6irO49R5IysVhdn8oaiR9m8XluDaJAs4DfOrYE= go.opentelemetry.io/otel/sdk v1.30.0/go.mod h1:p14X4Ok8S+sygzblytT1nqG98QG2KYKv++HE0LY/mhg= -go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4= -go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ= go.opentelemetry.io/otel/trace v1.30.0 h1:7UBkkYzeg3C7kQX8VAidWh2biiQbtAKjyIML8dQ9wmc= go.opentelemetry.io/otel/trace v1.30.0/go.mod h1:5EyKqTzzmyqB9bwtCCq6pDLktPK6fmGf/Dph+8VI02o= go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= @@ -292,8 +232,6 @@ golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRj golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= -golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= @@ -302,35 +240,20 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= -golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= -golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= +golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= -golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= -golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= -golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= -golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE= golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg= -google.golang.org/genproto/googleapis/api v0.0.0-20240822170219-fc7c04adadcd h1:BBOTEWLuuEGQy9n1y9MhVJ9Qt0BDu21X8qZs71/uPZo= -google.golang.org/genproto/googleapis/api v0.0.0-20240822170219-fc7c04adadcd/go.mod h1:fO8wJzT2zbQbAjbIoos1285VfEIYKDDY+Dt+WpTkh6g= google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 h1:hjSy6tcFQZ171igDaN5QHOw2n6vx40juYbC/x67CEhc= google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:qpvKtACPCQhAdu3PyQgV4l3LMXZEtft7y8QcarRsp9I= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240822170219-fc7c04adadcd h1:6TEm2ZxXoQmFWFlt1vNxvVOa1Q0dXFQD1m/rYjXmS0E= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240822170219-fc7c04adadcd/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ= google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= -google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c= -google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= -google.golang.org/grpc v1.66.1 h1:hO5qAXR19+/Z44hmvIM4dQFMSYX9XcWsByfoxutBpAM= -google.golang.org/grpc v1.66.1/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= google.golang.org/grpc v1.66.2 h1:3QdXkuq3Bkh7w+ywLdLvM56cmGvQHUMZpiCzt6Rqaoo= google.golang.org/grpc v1.66.2/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= diff --git a/internal/onelogin/client.go b/internal/onelogin/client.go index d2c3e4c3d6..9c4aa5400e 100644 --- a/internal/onelogin/client.go +++ b/internal/onelogin/client.go @@ -66,7 +66,7 @@ func (c *Client) AuthCodeURL(state, nonce, locale string, identity bool) (string } if identity { - q.Add("vtr", `["Cl.Cm.P2"]`) + q.Add("vtr", `["Cl.Cm.P1"]`) q.Add("claims", `{"userinfo":{"https://vocab.account.gov.uk/v1/coreIdentityJWT": null,"https://vocab.account.gov.uk/v1/returnCode": null,"https://vocab.account.gov.uk/v1/address": null}}`) } diff --git a/internal/onelogin/client_test.go b/internal/onelogin/client_test.go index d5d292a51e..4f1ae35552 100644 --- a/internal/onelogin/client_test.go +++ b/internal/onelogin/client_test.go @@ -28,7 +28,7 @@ func TestAuthCodeURL(t *testing.T) { } func TestAuthCodeURLForIdentity(t *testing.T) { - expected := "http://auth?claims=%7B%22userinfo%22%3A%7B%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FcoreIdentityJWT%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FreturnCode%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2Faddress%22%3A+null%7D%7D&client_id=123&nonce=nonce&redirect_uri=http%3A%2F%2Fredirect&response_type=code&scope=openid+email&state=state&ui_locales=cy&vtr=%5B%22Cl.Cm.P2%22%5D" + expected := "http://auth?claims=%7B%22userinfo%22%3A%7B%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FcoreIdentityJWT%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FreturnCode%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2Faddress%22%3A+null%7D%7D&client_id=123&nonce=nonce&redirect_uri=http%3A%2F%2Fredirect&response_type=code&scope=openid+email&state=state&ui_locales=cy&vtr=%5B%22Cl.Cm.P1%22%5D" c := &Client{ redirectURL: "http://redirect", From df4c220c9f9e30605c3f5d0f0c94ab23889ca138 Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 10:55:55 +0100 Subject: [PATCH 02/14] MLPAB-2433 enable low confidence feature flag for donor identity --- .../donorpage/identity_with_one_login.go | 4 ++ .../donorpage/identity_with_one_login_test.go | 29 ++++++++- .../donorpage/mock_OneLoginClient_test.go | 46 ++++++++++++++ internal/donor/donorpage/register.go | 1 + internal/onelogin/client.go | 24 ++++++++ internal/onelogin/client_test.go | 61 +++++++++++++++++++ 6 files changed, 163 insertions(+), 2 deletions(-) diff --git a/internal/donor/donorpage/identity_with_one_login.go b/internal/donor/donorpage/identity_with_one_login.go index efe8c4310f..60bf672810 100644 --- a/internal/donor/donorpage/identity_with_one_login.go +++ b/internal/donor/donorpage/identity_with_one_login.go @@ -12,6 +12,10 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, provided *donordata.Provided) error { + if err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context()); err != nil { + return err + } + locale := "" if appData.Lang == localize.Cy { locale = "cy" diff --git a/internal/donor/donorpage/identity_with_one_login_test.go b/internal/donor/donorpage/identity_with_one_login_test.go index 0aae25f0cc..af9e86c7c2 100644 --- a/internal/donor/donorpage/identity_with_one_login_test.go +++ b/internal/donor/donorpage/identity_with_one_login_test.go @@ -19,6 +19,9 @@ func TestIdentityWithOneLogin(t *testing.T) { r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) + client.EXPECT(). + EnableLowConfidenceFeatureFlag(r.Context()). + Return(nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) @@ -36,13 +39,32 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } +func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(expectedError) + + err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} + func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { w := httptest.NewRecorder() r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) client.EXPECT(). - AuthCodeURL("i am random", "i am random", "", true). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(nil) + client.EXPECT(). + AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return("http://auth?locale=en", expectedError) err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) @@ -58,7 +80,10 @@ func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { client := newMockOneLoginClient(t) client.EXPECT(). - AuthCodeURL("i am random", "i am random", "", true). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(nil) + client.EXPECT(). + AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return("http://auth?locale=en", nil) sessionStore := newMockSessionStore(t) diff --git a/internal/donor/donorpage/mock_OneLoginClient_test.go b/internal/donor/donorpage/mock_OneLoginClient_test.go index 4d2f52ebef..25e7800760 100644 --- a/internal/donor/donorpage/mock_OneLoginClient_test.go +++ b/internal/donor/donorpage/mock_OneLoginClient_test.go @@ -83,6 +83,52 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } +// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx +func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context) error { + ret := _m.Called(ctx) + + if len(ret) == 0 { + panic("no return value specified for EnableLowConfidenceFeatureFlag") + } + + var r0 error + if rf, ok := ret.Get(0).(func(context.Context) error); ok { + r0 = rf(ctx) + } else { + r0 = ret.Error(0) + } + + return r0 +} + +// mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' +type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { + *mock.Call +} + +// EnableLowConfidenceFeatureFlag is a helper method to define mock.On call +// - ctx context.Context +func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx)} +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context)) + }) + return _c +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context) error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(run) + return _c +} + // Exchange provides a mock function with given fields: ctx, code, nonce func (_m *mockOneLoginClient) Exchange(ctx context.Context, code string, nonce string) (string, string, error) { ret := _m.Called(ctx, code, nonce) diff --git a/internal/donor/donorpage/register.go b/internal/donor/donorpage/register.go index 02e398934d..7ff29384bd 100644 --- a/internal/donor/donorpage/register.go +++ b/internal/donor/donorpage/register.go @@ -90,6 +90,7 @@ type ShareCodeSender interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) + EnableLowConfidenceFeatureFlag(ctx context.Context) error Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) diff --git a/internal/onelogin/client.go b/internal/onelogin/client.go index 9c4aa5400e..db6edfb164 100644 --- a/internal/onelogin/client.go +++ b/internal/onelogin/client.go @@ -5,8 +5,10 @@ import ( "context" "crypto/ecdsa" "errors" + "fmt" "net/http" "net/url" + "strings" "github.com/ministryofjustice/opg-modernising-lpa/internal/random" ) @@ -103,3 +105,25 @@ func (c *Client) CheckHealth(ctx context.Context) error { return resp.Body.Close() } + +func (c *Client) EnableLowConfidenceFeatureFlag(ctx context.Context) error { + if strings.Contains(c.redirectURL, "localhost") { + return nil + } + + req, err := http.NewRequestWithContext(ctx, "GET", "https://identity.integration.account.gov.uk/ipv/useFeatureSet?featureSet=p1Journeys", nil) + if err != nil { + return err + } + + resp, err := c.httpClient.Do(req) + if err != nil { + return err + } + + if resp.StatusCode != http.StatusOK { + return fmt.Errorf("unexpected status code from feature flag endpoint: %d", resp.StatusCode) + } + + return nil +} diff --git a/internal/onelogin/client_test.go b/internal/onelogin/client_test.go index 4f1ae35552..12c74310e6 100644 --- a/internal/onelogin/client_test.go +++ b/internal/onelogin/client_test.go @@ -7,6 +7,7 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" ) func TestAuthCodeURL(t *testing.T) { @@ -104,3 +105,63 @@ func TestCheckHealthWhenError(t *testing.T) { assert.NotNil(t, c.CheckHealth(context.Background())) } + +func TestEnableLowConfidenceFeatureFlag(t *testing.T) { + req, _ := http.NewRequestWithContext(ctx, "GET", "https://identity.integration.account.gov.uk/ipv/useFeatureSet?featureSet=p1Journeys", nil) + + doer := newMockDoer(t) + doer.EXPECT(). + Do(req). + Return(&http.Response{StatusCode: http.StatusOK}, nil) + + c := &Client{ + httpClient: doer, + redirectURL: "https://exmaple.com", + } + + err := c.EnableLowConfidenceFeatureFlag(context.Background()) + + assert.Nil(t, err) +} + +func TestEnableLowConfidenceFeatureFlagWhenRedirectIsLocalhost(t *testing.T) { + c := &Client{ + redirectURL: "https://localhost:5050", + } + + err := c.EnableLowConfidenceFeatureFlag(context.Background()) + + assert.Nil(t, err) +} + +func TestEnableLowConfidenceFeatureFlagErrors(t *testing.T) { + testcases := map[string]func() *mockDoer{ + "doer error": func() *mockDoer { + doer := newMockDoer(t) + doer.EXPECT(). + Do(mock.Anything). + Return(&http.Response{}, expectedError) + return doer + }, + "non OK status": func() *mockDoer { + doer := newMockDoer(t) + doer.EXPECT(). + Do(mock.Anything). + Return(&http.Response{StatusCode: http.StatusBadRequest}, nil) + return doer + }, + } + + for name, doer := range testcases { + t.Run(name, func(t *testing.T) { + c := &Client{ + httpClient: doer(), + redirectURL: "https://exmaple.com", + } + + err := c.EnableLowConfidenceFeatureFlag(context.Background()) + + assert.Error(t, err) + }) + } +} From ba6f12fd92001c3cfa5390b3b5c338c4c31560ba Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 10:57:42 +0100 Subject: [PATCH 03/14] MLPAB-2433 upate cypress weighting --- cypress/parallel-weights.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cypress/parallel-weights.json b/cypress/parallel-weights.json index 7cfb7b4ca8..d40887e5af 100644 --- a/cypress/parallel-weights.json +++ b/cypress/parallel-weights.json @@ -1 +1 @@ -{"cypress/e2e/accessibility/data-loss-warning.cy.js":{"time":2823,"weight":4},"cypress/e2e/attorney/confirm-your-details.cy.js":{"time":2036,"weight":3},"cypress/e2e/attorney/language-preferences.cy.js":{"time":1275,"weight":2},"cypress/e2e/attorney/legal-rights-and-responsibilities.cy.js":{"time":644,"weight":1},"cypress/e2e/attorney/opt-out.cy.js":{"time":1545,"weight":2},"cypress/e2e/attorney/phone-number.cy.js":{"time":2149,"weight":3},"cypress/e2e/attorney/progress.cy.js":{"time":1542,"weight":2},"cypress/e2e/attorney/read-the-lpa.cy.js":{"time":480,"weight":0},"cypress/e2e/attorney/sign.cy.js":{"time":4364,"weight":7},"cypress/e2e/attorney/start.cy.js":{"time":273,"weight":0},"cypress/e2e/attorney/task-list.cy.js":{"time":3343,"weight":5},"cypress/e2e/attorney/trust-corporation.cy.js":{"time":11570,"weight":20},"cypress/e2e/attorney/what-happens-when-you-sign-the-lpa.cy.js":{"time":1157,"weight":2},"cypress/e2e/certificate-provider/certificate-provided.cy.js":{"time":865,"weight":1},"cypress/e2e/certificate-provider/choose-not-to-be-a-certificate-provider.cy.js":{"time":2649,"weight":4},"cypress/e2e/certificate-provider/confirm-your-details.cy.js":{"time":5749,"weight":9},"cypress/e2e/certificate-provider/confirm-your-identity.cy.js":{"time":5799,"weight":10},"cypress/e2e/certificate-provider/enter-date-of-birth.cy.js":{"time":6261,"weight":10},"cypress/e2e/certificate-provider/enter-reference-number.cy.js":{"time":3514,"weight":6},"cypress/e2e/certificate-provider/language-preferences.cy.js":{"time":2810,"weight":4},"cypress/e2e/certificate-provider/provide-certificate.cy.js":{"time":2929,"weight":5},"cypress/e2e/certificate-provider/read-the-lpa.cy.js":{"time":1639,"weight":2},"cypress/e2e/certificate-provider/start.cy.js":{"time":270,"weight":0},"cypress/e2e/certificate-provider/task-list.cy.js":{"time":571,"weight":0},"cypress/e2e/certificate-provider/what-is-your-home-address.cy.js":{"time":8555,"weight":14},"cypress/e2e/certificate-provider/who-is-eligible.cy.js":{"time":803,"weight":1},"cypress/e2e/dev-features.cy.js":{"time":341,"weight":0},"cypress/e2e/donor/add-correspondent.cy.js":{"time":6933,"weight":12},"cypress/e2e/donor/can-you-sign-your-lpa.cy.js":{"time":1503,"weight":2},"cypress/e2e/donor/certificate-provider.cy.js":{"time":16899,"weight":29},"cypress/e2e/donor/check-your-details.cy.js":{"time":2126,"weight":3},"cypress/e2e/donor/check-your-lpa.cy.js":{"time":10541,"weight":18},"cypress/e2e/donor/choose-attorneys-address.cy.js":{"time":9903,"weight":17},"cypress/e2e/donor/choose-attorneys-summary.cy.js":{"time":9301,"weight":16},"cypress/e2e/donor/choose-attorneys-task.cy.js":{"time":16566,"weight":28},"cypress/e2e/donor/choose-attorneys.cy.js":{"time":14086,"weight":24},"cypress/e2e/donor/choose-people-to-notify-address.cy.js":{"time":4245,"weight":7},"cypress/e2e/donor/choose-replacement-attorneys-address.cy.js":{"time":8190,"weight":14},"cypress/e2e/donor/choose-replacement-attorneys-summary.cy.js":{"time":7315,"weight":12},"cypress/e2e/donor/choose-replacement-attorneys-task.cy.js":{"time":120341,"weight":208},"cypress/e2e/donor/choose-replacement-attorneys.cy.js":{"time":10501,"weight":18},"cypress/e2e/donor/confirm-person-allowed-to-vouch.cy.js":{"time":3934,"weight":6},"cypress/e2e/donor/confirm-your-certificate-provider-is-not-related.cy.js":{"time":2121,"weight":3},"cypress/e2e/donor/confirm-your-identity-and-sign.cy.js":{"time":23650,"weight":40},"cypress/e2e/donor/dashboard.cy.js":{"time":3965,"weight":6},"cypress/e2e/donor/delete-lpa.cy.js":{"time":930,"weight":1},"cypress/e2e/donor/enter-access-code.cy.js":{"time":835,"weight":1},"cypress/e2e/donor/enter-replacement-trust-corporation-address.cy.js":{"time":10919,"weight":18},"cypress/e2e/donor/enter-replacement-trust-corporation.cy.js":{"time":2543,"weight":4},"cypress/e2e/donor/enter-trust-corporation-address.cy.js":{"time":10886,"weight":18},"cypress/e2e/donor/enter-trust-corporation.cy.js":{"time":2362,"weight":4},"cypress/e2e/donor/enter-voucher.cy.js":{"time":2589,"weight":4},"cypress/e2e/donor/how-should-attorneys-make-decisions.cy.js":{"time":3161,"weight":5},"cypress/e2e/donor/how-should-replacement-attorneys-make-decisions.cy.js":{"time":1925,"weight":3},"cypress/e2e/donor/how-should-replacement-attorneys-step-in.cy.js":{"time":1979,"weight":3},"cypress/e2e/donor/language-preferences.cy.js":{"time":1089,"weight":1},"cypress/e2e/donor/life-sustaining-treatment.cy.js":{"time":2426,"weight":4},"cypress/e2e/donor/lpa-progress.cy.js":{"time":957,"weight":1},"cypress/e2e/donor/lpa-type.cy.js":{"time":3515,"weight":6},"cypress/e2e/donor/make-a-new-lpa.cy.js":{"time":5304,"weight":9},"cypress/e2e/donor/payment.cy.js":{"time":31399,"weight":54},"cypress/e2e/donor/people-to-notify.cy.js":{"time":9348,"weight":16},"cypress/e2e/donor/previous-application-number.cy.js":{"time":2886,"weight":4},"cypress/e2e/donor/provide-your-details.cy.js":{"time":4530,"weight":7},"cypress/e2e/donor/remove-replacement-trust-corporation.cy.js":{"time":1217,"weight":2},"cypress/e2e/donor/remove-trust-corporation.cy.js":{"time":781,"weight":1},"cypress/e2e/donor/restrictions.cy.js":{"time":742,"weight":1},"cypress/e2e/donor/signing-on-behalf.cy.js":{"time":4099,"weight":7},"cypress/e2e/donor/start.cy.js":{"time":540,"weight":0},"cypress/e2e/donor/task-list.cy.js":{"time":449,"weight":0},"cypress/e2e/donor/want-replacement-attorneys.cy.js":{"time":2348,"weight":4},"cypress/e2e/donor/what-is-vouching.cy.js":{"time":769,"weight":1},"cypress/e2e/donor/what-you-can-do-now.cy.js":{"time":4750,"weight":8},"cypress/e2e/donor/when-can-the-lpa-be-used.cy.js":{"time":723,"weight":1},"cypress/e2e/donor/withdraw-lpa.cy.js":{"time":1819,"weight":3},"cypress/e2e/donor/you-cannot-sign-your-lpa-yet.cy.js":{"time":3731,"weight":6},"cypress/e2e/donor/your-address.cy.js":{"time":7651,"weight":13},"cypress/e2e/donor/your-authorised-signatory.cy.js":{"time":4206,"weight":7},"cypress/e2e/donor/your-date-of-birth.cy.js":{"time":4434,"weight":7},"cypress/e2e/donor/your-independent-witness-address.cy.js":{"time":10554,"weight":18},"cypress/e2e/donor/your-independent-witness-mobile.cy.js":{"time":2018,"weight":3},"cypress/e2e/donor/your-independent-witness.cy.js":{"time":3470,"weight":6},"cypress/e2e/donor/your-name.cy.js":{"time":2490,"weight":4},"cypress/e2e/error-pages.cy.js":{"time":1367,"weight":2},"cypress/e2e/supporter/add-correspondent.cy.js":{"time":11262,"weight":19},"cypress/e2e/supporter/dashboard.cy.js":{"time":11995,"weight":20},"cypress/e2e/supporter/donor-access.cy.js":{"time":5552,"weight":9},"cypress/e2e/supporter/edit-member.cy.js":{"time":7671,"weight":13},"cypress/e2e/supporter/enter-organisation-name.cy.js":{"time":2061,"weight":3},"cypress/e2e/supporter/invite-member.cy.js":{"time":4781,"weight":8},"cypress/e2e/supporter/manage-organisation.cy.js":{"time":5055,"weight":8},"cypress/e2e/supporter/manage-team-members.cy.js":{"time":1974,"weight":3},"cypress/e2e/supporter/start.cy.js":{"time":1786,"weight":3},"cypress/e2e/supporter/suspended.cy.js":{"time":386,"weight":0},"cypress/e2e/supporter/view-lpa.cy.js":{"time":7245,"weight":12},"cypress/e2e/voucher/confirm-your-identity.cy.js":{"time":2488,"weight":4},"cypress/e2e/voucher/confirm-your-name.cy.js":{"time":2565,"weight":4},"cypress/e2e/voucher/enter-reference-number.cy.js":{"time":3331,"weight":5},"cypress/e2e/voucher/verify-donor-details.cy.js":{"time":2415,"weight":4},"cypress/e2e/voucher/your-declaration.cy.js":{"time":920,"weight":1}} +{"cypress/e2e/accessibility/data-loss-warning.cy.js":{"time":2779,"weight":4},"cypress/e2e/attorney/confirm-your-details.cy.js":{"time":1488,"weight":2},"cypress/e2e/attorney/language-preferences.cy.js":{"time":2843,"weight":5},"cypress/e2e/attorney/legal-rights-and-responsibilities.cy.js":{"time":738,"weight":1},"cypress/e2e/attorney/opt-out.cy.js":{"time":1771,"weight":3},"cypress/e2e/attorney/phone-number.cy.js":{"time":2083,"weight":3},"cypress/e2e/attorney/progress.cy.js":{"time":3098,"weight":5},"cypress/e2e/attorney/read-the-lpa.cy.js":{"time":904,"weight":1},"cypress/e2e/attorney/sign.cy.js":{"time":3874,"weight":6},"cypress/e2e/attorney/start.cy.js":{"time":244,"weight":0},"cypress/e2e/attorney/task-list.cy.js":{"time":836,"weight":1},"cypress/e2e/attorney/trust-corporation.cy.js":{"time":12475,"weight":22},"cypress/e2e/attorney/what-happens-when-you-sign-the-lpa.cy.js":{"time":1220,"weight":2},"cypress/e2e/certificate-provider/certificate-provided.cy.js":{"time":2216,"weight":3},"cypress/e2e/certificate-provider/choose-not-to-be-a-certificate-provider.cy.js":{"time":2303,"weight":4},"cypress/e2e/certificate-provider/confirm-your-details.cy.js":{"time":4781,"weight":8},"cypress/e2e/certificate-provider/confirm-your-identity.cy.js":{"time":5471,"weight":9},"cypress/e2e/certificate-provider/enter-date-of-birth.cy.js":{"time":6964,"weight":12},"cypress/e2e/certificate-provider/enter-reference-number.cy.js":{"time":4311,"weight":7},"cypress/e2e/certificate-provider/language-preferences.cy.js":{"time":2183,"weight":3},"cypress/e2e/certificate-provider/provide-certificate.cy.js":{"time":2456,"weight":4},"cypress/e2e/certificate-provider/read-the-lpa.cy.js":{"time":1617,"weight":2},"cypress/e2e/certificate-provider/start.cy.js":{"time":333,"weight":0},"cypress/e2e/certificate-provider/task-list.cy.js":{"time":670,"weight":1},"cypress/e2e/certificate-provider/what-is-your-home-address.cy.js":{"time":8871,"weight":15},"cypress/e2e/certificate-provider/who-is-eligible.cy.js":{"time":759,"weight":1},"cypress/e2e/dev-features.cy.js":{"time":320,"weight":0},"cypress/e2e/donor/add-correspondent.cy.js":{"time":6344,"weight":11},"cypress/e2e/donor/can-you-sign-your-lpa.cy.js":{"time":1002,"weight":1},"cypress/e2e/donor/certificate-provider.cy.js":{"time":16909,"weight":30},"cypress/e2e/donor/check-your-details.cy.js":{"time":2589,"weight":4},"cypress/e2e/donor/check-your-lpa.cy.js":{"time":10535,"weight":18},"cypress/e2e/donor/choose-attorneys-address.cy.js":{"time":10026,"weight":17},"cypress/e2e/donor/choose-attorneys-summary.cy.js":{"time":7724,"weight":13},"cypress/e2e/donor/choose-attorneys-task.cy.js":{"time":16572,"weight":29},"cypress/e2e/donor/choose-attorneys.cy.js":{"time":10799,"weight":19},"cypress/e2e/donor/choose-people-to-notify-address.cy.js":{"time":4323,"weight":7},"cypress/e2e/donor/choose-replacement-attorneys-address.cy.js":{"time":8581,"weight":15},"cypress/e2e/donor/choose-replacement-attorneys-summary.cy.js":{"time":7142,"weight":12},"cypress/e2e/donor/choose-replacement-attorneys-task.cy.js":{"time":110110,"weight":197},"cypress/e2e/donor/choose-replacement-attorneys.cy.js":{"time":12156,"weight":21},"cypress/e2e/donor/confirm-person-allowed-to-vouch.cy.js":{"time":3787,"weight":6},"cypress/e2e/donor/confirm-your-certificate-provider-is-not-related.cy.js":{"time":2370,"weight":4},"cypress/e2e/donor/confirm-your-identity-and-sign.cy.js":{"time":19599,"weight":35},"cypress/e2e/donor/dashboard.cy.js":{"time":5604,"weight":10},"cypress/e2e/donor/delete-lpa.cy.js":{"time":2573,"weight":4},"cypress/e2e/donor/enter-access-code.cy.js":{"time":1133,"weight":2},"cypress/e2e/donor/enter-replacement-trust-corporation-address.cy.js":{"time":9543,"weight":17},"cypress/e2e/donor/enter-replacement-trust-corporation.cy.js":{"time":2787,"weight":4},"cypress/e2e/donor/enter-trust-corporation-address.cy.js":{"time":9941,"weight":17},"cypress/e2e/donor/enter-trust-corporation.cy.js":{"time":2438,"weight":4},"cypress/e2e/donor/enter-voucher.cy.js":{"time":3405,"weight":6},"cypress/e2e/donor/how-should-attorneys-make-decisions.cy.js":{"time":3124,"weight":5},"cypress/e2e/donor/how-should-replacement-attorneys-make-decisions.cy.js":{"time":2809,"weight":5},"cypress/e2e/donor/how-should-replacement-attorneys-step-in.cy.js":{"time":2299,"weight":4},"cypress/e2e/donor/language-preferences.cy.js":{"time":937,"weight":1},"cypress/e2e/donor/life-sustaining-treatment.cy.js":{"time":1509,"weight":2},"cypress/e2e/donor/lpa-progress.cy.js":{"time":2331,"weight":4},"cypress/e2e/donor/lpa-type.cy.js":{"time":3416,"weight":6},"cypress/e2e/donor/make-a-new-lpa.cy.js":{"time":4946,"weight":8},"cypress/e2e/donor/payment.cy.js":{"time":24859,"weight":44},"cypress/e2e/donor/people-to-notify.cy.js":{"time":10220,"weight":18},"cypress/e2e/donor/previous-application-number.cy.js":{"time":2086,"weight":3},"cypress/e2e/donor/provide-your-details.cy.js":{"time":4771,"weight":8},"cypress/e2e/donor/remove-replacement-trust-corporation.cy.js":{"time":1170,"weight":2},"cypress/e2e/donor/remove-trust-corporation.cy.js":{"time":1118,"weight":2},"cypress/e2e/donor/restrictions.cy.js":{"time":758,"weight":1},"cypress/e2e/donor/signing-on-behalf.cy.js":{"time":3791,"weight":6},"cypress/e2e/donor/start.cy.js":{"time":525,"weight":0},"cypress/e2e/donor/task-list.cy.js":{"time":388,"weight":0},"cypress/e2e/donor/want-replacement-attorneys.cy.js":{"time":3117,"weight":5},"cypress/e2e/donor/what-is-vouching.cy.js":{"time":645,"weight":1},"cypress/e2e/donor/what-you-can-do-now.cy.js":{"time":7979,"weight":14},"cypress/e2e/donor/when-can-the-lpa-be-used.cy.js":{"time":1341,"weight":2},"cypress/e2e/donor/withdraw-lpa.cy.js":{"time":1309,"weight":2},"cypress/e2e/donor/you-cannot-sign-your-lpa-yet.cy.js":{"time":3047,"weight":5},"cypress/e2e/donor/your-address.cy.js":{"time":8367,"weight":14},"cypress/e2e/donor/your-authorised-signatory.cy.js":{"time":2151,"weight":3},"cypress/e2e/donor/your-date-of-birth.cy.js":{"time":4491,"weight":8},"cypress/e2e/donor/your-independent-witness-address.cy.js":{"time":10224,"weight":18},"cypress/e2e/donor/your-independent-witness-mobile.cy.js":{"time":2077,"weight":3},"cypress/e2e/donor/your-independent-witness.cy.js":{"time":2018,"weight":3},"cypress/e2e/donor/your-name.cy.js":{"time":2438,"weight":4},"cypress/e2e/error-pages.cy.js":{"time":1334,"weight":2},"cypress/e2e/navigation.cy.js":{"time":801,"weight":1},"cypress/e2e/supporter/add-correspondent.cy.js":{"time":13377,"weight":23},"cypress/e2e/supporter/dashboard.cy.js":{"time":12647,"weight":22},"cypress/e2e/supporter/donor-access.cy.js":{"time":4560,"weight":8},"cypress/e2e/supporter/edit-member.cy.js":{"time":8660,"weight":15},"cypress/e2e/supporter/enter-organisation-name.cy.js":{"time":1581,"weight":2},"cypress/e2e/supporter/invite-member.cy.js":{"time":4497,"weight":8},"cypress/e2e/supporter/manage-organisation.cy.js":{"time":5119,"weight":9},"cypress/e2e/supporter/manage-team-members.cy.js":{"time":1987,"weight":3},"cypress/e2e/supporter/start.cy.js":{"time":1436,"weight":2},"cypress/e2e/supporter/suspended.cy.js":{"time":430,"weight":0},"cypress/e2e/supporter/view-lpa.cy.js":{"time":5841,"weight":10},"cypress/e2e/voucher/confirm-your-identity.cy.js":{"time":5545,"weight":9},"cypress/e2e/voucher/confirm-your-name.cy.js":{"time":4410,"weight":7},"cypress/e2e/voucher/enter-reference-number.cy.js":{"time":3826,"weight":6},"cypress/e2e/voucher/verify-donor-details.cy.js":{"time":742,"weight":1},"cypress/e2e/voucher/your-declaration.cy.js":{"time":831,"weight":1}} From 863cfd1d6418b5108144315d8dad7e231626ddfc Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 11:00:27 +0100 Subject: [PATCH 04/14] MLPAB-2433 enable low confidence journey for voucher --- .../voucherpage/identity_with_one_login.go | 4 ++ .../identity_with_one_login_test.go | 29 +++++++++++- .../voucherpage/mock_OneLoginClient_test.go | 46 +++++++++++++++++++ internal/voucher/voucherpage/register.go | 1 + 4 files changed, 78 insertions(+), 2 deletions(-) diff --git a/internal/voucher/voucherpage/identity_with_one_login.go b/internal/voucher/voucherpage/identity_with_one_login.go index 8f792b3917..8d6b8cb0e1 100644 --- a/internal/voucher/voucherpage/identity_with_one_login.go +++ b/internal/voucher/voucherpage/identity_with_one_login.go @@ -12,6 +12,10 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *voucherdata.Provided) error { + if err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context()); err != nil { + return err + } + locale := "" if appData.Lang == localize.Cy { locale = "cy" diff --git a/internal/voucher/voucherpage/identity_with_one_login_test.go b/internal/voucher/voucherpage/identity_with_one_login_test.go index 8785a77d28..14d098aff2 100644 --- a/internal/voucher/voucherpage/identity_with_one_login_test.go +++ b/internal/voucher/voucherpage/identity_with_one_login_test.go @@ -18,6 +18,9 @@ func TestIdentityWithOneLogin(t *testing.T) { r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) + client.EXPECT(). + EnableLowConfidenceFeatureFlag(r.Context()). + Return(nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) @@ -35,13 +38,32 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } +func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(expectedError) + + err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} + func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { w := httptest.NewRecorder() r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) client.EXPECT(). - AuthCodeURL("i am random", "i am random", "", true). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(nil) + client.EXPECT(). + AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return("http://auth?locale=en", expectedError) err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) @@ -57,7 +79,10 @@ func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { client := newMockOneLoginClient(t) client.EXPECT(). - AuthCodeURL("i am random", "i am random", "", true). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(nil) + client.EXPECT(). + AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return("http://auth?locale=en", nil) sessionStore := newMockSessionStore(t) diff --git a/internal/voucher/voucherpage/mock_OneLoginClient_test.go b/internal/voucher/voucherpage/mock_OneLoginClient_test.go index 40f61a6116..6e54f2a436 100644 --- a/internal/voucher/voucherpage/mock_OneLoginClient_test.go +++ b/internal/voucher/voucherpage/mock_OneLoginClient_test.go @@ -83,6 +83,52 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } +// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx +func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context) error { + ret := _m.Called(ctx) + + if len(ret) == 0 { + panic("no return value specified for EnableLowConfidenceFeatureFlag") + } + + var r0 error + if rf, ok := ret.Get(0).(func(context.Context) error); ok { + r0 = rf(ctx) + } else { + r0 = ret.Error(0) + } + + return r0 +} + +// mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' +type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { + *mock.Call +} + +// EnableLowConfidenceFeatureFlag is a helper method to define mock.On call +// - ctx context.Context +func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx)} +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context)) + }) + return _c +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context) error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(run) + return _c +} + // Exchange provides a mock function with given fields: ctx, code, nonce func (_m *mockOneLoginClient) Exchange(ctx context.Context, code string, nonce string) (string, string, error) { ret := _m.Called(ctx, code, nonce) diff --git a/internal/voucher/voucherpage/register.go b/internal/voucher/voucherpage/register.go index a5f26a5119..448f9b1700 100644 --- a/internal/voucher/voucherpage/register.go +++ b/internal/voucher/voucherpage/register.go @@ -65,6 +65,7 @@ type SessionStore interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) + EnableLowConfidenceFeatureFlag(ctx context.Context) error Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) From 162a332c590db37f140a78c0868746ef2e5a1ead Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 11:03:49 +0100 Subject: [PATCH 05/14] MLPAB-2433 enable low confidence feature flag for cp --- .../identity_with_one_login.go | 4 ++ .../identity_with_one_login_test.go | 29 +++++++++++- .../mock_OneLoginClient_test.go | 46 +++++++++++++++++++ .../certificateproviderpage/register.go | 1 + 4 files changed, 78 insertions(+), 2 deletions(-) diff --git a/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go b/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go index 06f33ab96d..c776189277 100644 --- a/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go +++ b/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go @@ -12,6 +12,10 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *certificateproviderdata.Provided) error { + if err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context()); err != nil { + return err + } + locale := "" if appData.Lang == localize.Cy { locale = "cy" diff --git a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go index b90585b8a0..4dd384d303 100644 --- a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go +++ b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go @@ -18,6 +18,9 @@ func TestIdentityWithOneLogin(t *testing.T) { r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) + client.EXPECT(). + EnableLowConfidenceFeatureFlag(r.Context()). + Return(nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) @@ -35,13 +38,32 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } +func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(expectedError) + + err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} + func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { w := httptest.NewRecorder() r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) client.EXPECT(). - AuthCodeURL("i am random", "i am random", "", true). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(nil) + client.EXPECT(). + AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return("http://auth?locale=en", expectedError) err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) @@ -57,7 +79,10 @@ func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { client := newMockOneLoginClient(t) client.EXPECT(). - AuthCodeURL("i am random", "i am random", "", true). + EnableLowConfidenceFeatureFlag(mock.Anything). + Return(nil) + client.EXPECT(). + AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return("http://auth?locale=en", nil) sessionStore := newMockSessionStore(t) diff --git a/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go b/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go index ea8b669ece..2504b6fef4 100644 --- a/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go +++ b/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go @@ -83,6 +83,52 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } +// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx +func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context) error { + ret := _m.Called(ctx) + + if len(ret) == 0 { + panic("no return value specified for EnableLowConfidenceFeatureFlag") + } + + var r0 error + if rf, ok := ret.Get(0).(func(context.Context) error); ok { + r0 = rf(ctx) + } else { + r0 = ret.Error(0) + } + + return r0 +} + +// mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' +type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { + *mock.Call +} + +// EnableLowConfidenceFeatureFlag is a helper method to define mock.On call +// - ctx context.Context +func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx)} +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context)) + }) + return _c +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context) error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(run) + return _c +} + // Exchange provides a mock function with given fields: ctx, code, nonce func (_m *mockOneLoginClient) Exchange(ctx context.Context, code string, nonce string) (string, string, error) { ret := _m.Called(ctx, code, nonce) diff --git a/internal/certificateprovider/certificateproviderpage/register.go b/internal/certificateprovider/certificateproviderpage/register.go index 417fa89513..41f8922a1c 100644 --- a/internal/certificateprovider/certificateproviderpage/register.go +++ b/internal/certificateprovider/certificateproviderpage/register.go @@ -48,6 +48,7 @@ type CertificateProviderStore interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) + EnableLowConfidenceFeatureFlag(ctx context.Context) error Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) From aae81b6e499d7868004a2aa1f009fc8fea67aac5 Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 11:30:30 +0100 Subject: [PATCH 06/14] MLPAB-2433 amend logs make command so it runs --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 907b61988e..75a736185a 100644 --- a/Makefile +++ b/Makefile @@ -158,7 +158,7 @@ set-uploads-infected: ##@events calls emit-object-tags-added-with-virus for all key=$$k $(MAKE) emit-object-tags-added-with-virus ; \ done -logs: ##@app tails logs for app mock-notify, events-lambda, mock-onelogin, mock-lpa-store and mock-uid and filters out noisy runner logs +tail-logs: ##@app tails logs for app mock-notify, events-lambda, mock-onelogin, mock-lpa-store and mock-uid and filters out noisy runner logs docker compose --ansi=always -f docker/docker-compose.yml -f docker/docker-compose.dev.yml logs app mock-notify events-lambda mock-onelogin mock-lpa-store mock-uid -f | grep -v 'runner' terraform-update-docs: ##@terraform updates all terraform-docs managed documentation From 98d2aae6af1da11a07509b6f16aaca10dea9b960 Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 13:38:13 +0100 Subject: [PATCH 07/14] MLPAB-2433 try saving cookies --- .../identity_with_one_login.go | 2 +- .../identity_with_one_login_test.go | 121 +++++++++--------- .../mock_OneLoginClient_test.go | 44 ++++--- .../certificateproviderpage/register.go | 2 +- .../donorpage/identity_with_one_login.go | 3 +- .../donorpage/identity_with_one_login_test.go | 121 +++++++++--------- .../donorpage/mock_OneLoginClient_test.go | 44 ++++--- internal/donor/donorpage/register.go | 2 +- internal/onelogin/client.go | 21 +-- internal/onelogin/client_test.go | 119 +++++++++-------- .../voucherpage/identity_with_one_login.go | 2 +- .../identity_with_one_login_test.go | 121 +++++++++--------- .../voucherpage/mock_OneLoginClient_test.go | 44 ++++--- internal/voucher/voucherpage/register.go | 2 +- 14 files changed, 345 insertions(+), 303 deletions(-) diff --git a/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go b/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go index c776189277..9f7626c326 100644 --- a/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go +++ b/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go @@ -12,7 +12,7 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *certificateproviderdata.Provided) error { - if err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context()); err != nil { + if _, err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context(), w); err != nil { return err } diff --git a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go index 4dd384d303..70e9a96c9b 100644 --- a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go +++ b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go @@ -10,7 +10,6 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/localize" "github.com/ministryofjustice/opg-modernising-lpa/internal/sesh" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" ) func TestIdentityWithOneLogin(t *testing.T) { @@ -19,8 +18,8 @@ func TestIdentityWithOneLogin(t *testing.T) { client := newMockOneLoginClient(t) client.EXPECT(). - EnableLowConfidenceFeatureFlag(r.Context()). - Return(nil) + EnableLowConfidenceFeatureFlag(r.Context(), w). + Return(w, nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) @@ -38,61 +37,61 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } -func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(expectedError) - - err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} - -func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(nil) - client.EXPECT(). - AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). - Return("http://auth?locale=en", expectedError) - - err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} - -func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(nil) - client.EXPECT(). - AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). - Return("http://auth?locale=en", nil) - - sessionStore := newMockSessionStore(t) - sessionStore.EXPECT(). - SetOneLogin(r, w, mock.Anything). - Return(expectedError) - - err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} +//func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(expectedError) +// +// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} +// +//func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(nil) +// client.EXPECT(). +// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). +// Return("http://auth?locale=en", expectedError) +// +// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} +// +//func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(nil) +// client.EXPECT(). +// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). +// Return("http://auth?locale=en", nil) +// +// sessionStore := newMockSessionStore(t) +// sessionStore.EXPECT(). +// SetOneLogin(r, w, mock.Anything). +// Return(expectedError) +// +// err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} diff --git a/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go b/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go index 2504b6fef4..022a06cd91 100644 --- a/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go +++ b/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go @@ -4,6 +4,7 @@ package certificateproviderpage import ( context "context" + http "net/http" identity "github.com/ministryofjustice/opg-modernising-lpa/internal/identity" mock "github.com/stretchr/testify/mock" @@ -83,22 +84,34 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } -// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx -func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context) error { - ret := _m.Called(ctx) +// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx, w +func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { + ret := _m.Called(ctx, w) if len(ret) == 0 { panic("no return value specified for EnableLowConfidenceFeatureFlag") } - var r0 error - if rf, ok := ret.Get(0).(func(context.Context) error); ok { - r0 = rf(ctx) + var r0 http.ResponseWriter + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)); ok { + return rf(ctx, w) + } + if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) http.ResponseWriter); ok { + r0 = rf(ctx, w) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(http.ResponseWriter) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, http.ResponseWriter) error); ok { + r1 = rf(ctx, w) } else { - r0 = ret.Error(0) + r1 = ret.Error(1) } - return r0 + return r0, r1 } // mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' @@ -108,23 +121,24 @@ type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { // EnableLowConfidenceFeatureFlag is a helper method to define mock.On call // - ctx context.Context -func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx)} +// - w http.ResponseWriter +func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}, w interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx, w)} } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context, w http.ResponseWriter)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { _c.Call.Run(func(args mock.Arguments) { - run(args[0].(context.Context)) + run(args[0].(context.Context), args[1].(http.ResponseWriter)) }) return _c } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(_a0) +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 http.ResponseWriter, _a1 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(_a0, _a1) return _c } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context) error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { _c.Call.Return(run) return _c } diff --git a/internal/certificateprovider/certificateproviderpage/register.go b/internal/certificateprovider/certificateproviderpage/register.go index 41f8922a1c..4fa0e6a882 100644 --- a/internal/certificateprovider/certificateproviderpage/register.go +++ b/internal/certificateprovider/certificateproviderpage/register.go @@ -48,7 +48,7 @@ type CertificateProviderStore interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) - EnableLowConfidenceFeatureFlag(ctx context.Context) error + EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) diff --git a/internal/donor/donorpage/identity_with_one_login.go b/internal/donor/donorpage/identity_with_one_login.go index 60bf672810..ef827094ba 100644 --- a/internal/donor/donorpage/identity_with_one_login.go +++ b/internal/donor/donorpage/identity_with_one_login.go @@ -12,7 +12,8 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, provided *donordata.Provided) error { - if err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context()); err != nil { + var err error + if w, err = oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context(), w); err != nil { return err } diff --git a/internal/donor/donorpage/identity_with_one_login_test.go b/internal/donor/donorpage/identity_with_one_login_test.go index af9e86c7c2..9383037300 100644 --- a/internal/donor/donorpage/identity_with_one_login_test.go +++ b/internal/donor/donorpage/identity_with_one_login_test.go @@ -11,7 +11,6 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/localize" "github.com/ministryofjustice/opg-modernising-lpa/internal/sesh" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" ) func TestIdentityWithOneLogin(t *testing.T) { @@ -20,8 +19,8 @@ func TestIdentityWithOneLogin(t *testing.T) { client := newMockOneLoginClient(t) client.EXPECT(). - EnableLowConfidenceFeatureFlag(r.Context()). - Return(nil) + EnableLowConfidenceFeatureFlag(r.Context(), w). + Return(w, nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) @@ -39,61 +38,61 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } -func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(expectedError) - - err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} - -func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(nil) - client.EXPECT(). - AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). - Return("http://auth?locale=en", expectedError) - - err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} - -func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(nil) - client.EXPECT(). - AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). - Return("http://auth?locale=en", nil) - - sessionStore := newMockSessionStore(t) - sessionStore.EXPECT(). - SetOneLogin(r, w, mock.Anything). - Return(expectedError) - - err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} +//func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(expectedError) +// +// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} +// +//func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(nil) +// client.EXPECT(). +// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). +// Return("http://auth?locale=en", expectedError) +// +// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} +// +//func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(nil) +// client.EXPECT(). +// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). +// Return("http://auth?locale=en", nil) +// +// sessionStore := newMockSessionStore(t) +// sessionStore.EXPECT(). +// SetOneLogin(r, w, mock.Anything). +// Return(expectedError) +// +// err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} diff --git a/internal/donor/donorpage/mock_OneLoginClient_test.go b/internal/donor/donorpage/mock_OneLoginClient_test.go index 25e7800760..4a31cce406 100644 --- a/internal/donor/donorpage/mock_OneLoginClient_test.go +++ b/internal/donor/donorpage/mock_OneLoginClient_test.go @@ -4,6 +4,7 @@ package donorpage import ( context "context" + http "net/http" identity "github.com/ministryofjustice/opg-modernising-lpa/internal/identity" mock "github.com/stretchr/testify/mock" @@ -83,22 +84,34 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } -// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx -func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context) error { - ret := _m.Called(ctx) +// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx, w +func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { + ret := _m.Called(ctx, w) if len(ret) == 0 { panic("no return value specified for EnableLowConfidenceFeatureFlag") } - var r0 error - if rf, ok := ret.Get(0).(func(context.Context) error); ok { - r0 = rf(ctx) + var r0 http.ResponseWriter + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)); ok { + return rf(ctx, w) + } + if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) http.ResponseWriter); ok { + r0 = rf(ctx, w) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(http.ResponseWriter) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, http.ResponseWriter) error); ok { + r1 = rf(ctx, w) } else { - r0 = ret.Error(0) + r1 = ret.Error(1) } - return r0 + return r0, r1 } // mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' @@ -108,23 +121,24 @@ type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { // EnableLowConfidenceFeatureFlag is a helper method to define mock.On call // - ctx context.Context -func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx)} +// - w http.ResponseWriter +func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}, w interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx, w)} } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context, w http.ResponseWriter)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { _c.Call.Run(func(args mock.Arguments) { - run(args[0].(context.Context)) + run(args[0].(context.Context), args[1].(http.ResponseWriter)) }) return _c } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(_a0) +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 http.ResponseWriter, _a1 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(_a0, _a1) return _c } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context) error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { _c.Call.Return(run) return _c } diff --git a/internal/donor/donorpage/register.go b/internal/donor/donorpage/register.go index 7ff29384bd..7d754d33b8 100644 --- a/internal/donor/donorpage/register.go +++ b/internal/donor/donorpage/register.go @@ -90,7 +90,7 @@ type ShareCodeSender interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) - EnableLowConfidenceFeatureFlag(ctx context.Context) error + EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) diff --git a/internal/onelogin/client.go b/internal/onelogin/client.go index db6edfb164..14710c271f 100644 --- a/internal/onelogin/client.go +++ b/internal/onelogin/client.go @@ -8,7 +8,6 @@ import ( "fmt" "net/http" "net/url" - "strings" "github.com/ministryofjustice/opg-modernising-lpa/internal/random" ) @@ -106,24 +105,28 @@ func (c *Client) CheckHealth(ctx context.Context) error { return resp.Body.Close() } -func (c *Client) EnableLowConfidenceFeatureFlag(ctx context.Context) error { - if strings.Contains(c.redirectURL, "localhost") { - return nil - } +func (c *Client) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { + //if strings.Contains(c.redirectURL, "localhost") { + // return w, nil + //} req, err := http.NewRequestWithContext(ctx, "GET", "https://identity.integration.account.gov.uk/ipv/useFeatureSet?featureSet=p1Journeys", nil) if err != nil { - return err + return w, err } resp, err := c.httpClient.Do(req) if err != nil { - return err + return w, err } if resp.StatusCode != http.StatusOK { - return fmt.Errorf("unexpected status code from feature flag endpoint: %d", resp.StatusCode) + return w, fmt.Errorf("unexpected status code from feature flag endpoint: %d", resp.StatusCode) + } + + for _, cookie := range resp.Cookies() { + http.SetCookie(w, cookie) } - return nil + return w, nil } diff --git a/internal/onelogin/client_test.go b/internal/onelogin/client_test.go index 12c74310e6..0194c658f0 100644 --- a/internal/onelogin/client_test.go +++ b/internal/onelogin/client_test.go @@ -7,7 +7,6 @@ import ( "testing" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" ) func TestAuthCodeURL(t *testing.T) { @@ -106,62 +105,62 @@ func TestCheckHealthWhenError(t *testing.T) { assert.NotNil(t, c.CheckHealth(context.Background())) } -func TestEnableLowConfidenceFeatureFlag(t *testing.T) { - req, _ := http.NewRequestWithContext(ctx, "GET", "https://identity.integration.account.gov.uk/ipv/useFeatureSet?featureSet=p1Journeys", nil) - - doer := newMockDoer(t) - doer.EXPECT(). - Do(req). - Return(&http.Response{StatusCode: http.StatusOK}, nil) - - c := &Client{ - httpClient: doer, - redirectURL: "https://exmaple.com", - } - - err := c.EnableLowConfidenceFeatureFlag(context.Background()) - - assert.Nil(t, err) -} - -func TestEnableLowConfidenceFeatureFlagWhenRedirectIsLocalhost(t *testing.T) { - c := &Client{ - redirectURL: "https://localhost:5050", - } - - err := c.EnableLowConfidenceFeatureFlag(context.Background()) - - assert.Nil(t, err) -} - -func TestEnableLowConfidenceFeatureFlagErrors(t *testing.T) { - testcases := map[string]func() *mockDoer{ - "doer error": func() *mockDoer { - doer := newMockDoer(t) - doer.EXPECT(). - Do(mock.Anything). - Return(&http.Response{}, expectedError) - return doer - }, - "non OK status": func() *mockDoer { - doer := newMockDoer(t) - doer.EXPECT(). - Do(mock.Anything). - Return(&http.Response{StatusCode: http.StatusBadRequest}, nil) - return doer - }, - } - - for name, doer := range testcases { - t.Run(name, func(t *testing.T) { - c := &Client{ - httpClient: doer(), - redirectURL: "https://exmaple.com", - } - - err := c.EnableLowConfidenceFeatureFlag(context.Background()) - - assert.Error(t, err) - }) - } -} +//func TestEnableLowConfidenceFeatureFlag(t *testing.T) { +// req, _ := http.NewRequestWithContext(ctx, "GET", "https://identity.integration.account.gov.uk/ipv/useFeatureSet?featureSet=p1Journeys", nil) +// +// doer := newMockDoer(t) +// doer.EXPECT(). +// Do(req). +// Return(&http.Response{StatusCode: http.StatusOK}, nil) +// +// c := &Client{ +// httpClient: doer, +// redirectURL: "https://exmaple.com", +// } +// +// err := c.EnableLowConfidenceFeatureFlag(context.Background()) +// +// assert.Nil(t, err) +//} +// +//func TestEnableLowConfidenceFeatureFlagWhenRedirectIsLocalhost(t *testing.T) { +// c := &Client{ +// redirectURL: "https://localhost:5050", +// } +// +// err := c.EnableLowConfidenceFeatureFlag(context.Background()) +// +// assert.Nil(t, err) +//} +// +//func TestEnableLowConfidenceFeatureFlagErrors(t *testing.T) { +// testcases := map[string]func() *mockDoer{ +// "doer error": func() *mockDoer { +// doer := newMockDoer(t) +// doer.EXPECT(). +// Do(mock.Anything). +// Return(&http.Response{}, expectedError) +// return doer +// }, +// "non OK status": func() *mockDoer { +// doer := newMockDoer(t) +// doer.EXPECT(). +// Do(mock.Anything). +// Return(&http.Response{StatusCode: http.StatusBadRequest}, nil) +// return doer +// }, +// } +// +// for name, doer := range testcases { +// t.Run(name, func(t *testing.T) { +// c := &Client{ +// httpClient: doer(), +// redirectURL: "https://exmaple.com", +// } +// +// err := c.EnableLowConfidenceFeatureFlag(context.Background()) +// +// assert.Error(t, err) +// }) +// } +//} diff --git a/internal/voucher/voucherpage/identity_with_one_login.go b/internal/voucher/voucherpage/identity_with_one_login.go index 8d6b8cb0e1..db093c34eb 100644 --- a/internal/voucher/voucherpage/identity_with_one_login.go +++ b/internal/voucher/voucherpage/identity_with_one_login.go @@ -12,7 +12,7 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *voucherdata.Provided) error { - if err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context()); err != nil { + if _, err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context(), w); err != nil { return err } diff --git a/internal/voucher/voucherpage/identity_with_one_login_test.go b/internal/voucher/voucherpage/identity_with_one_login_test.go index 14d098aff2..9fc355b01f 100644 --- a/internal/voucher/voucherpage/identity_with_one_login_test.go +++ b/internal/voucher/voucherpage/identity_with_one_login_test.go @@ -10,7 +10,6 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/sesh" "github.com/ministryofjustice/opg-modernising-lpa/internal/voucher" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" ) func TestIdentityWithOneLogin(t *testing.T) { @@ -19,8 +18,8 @@ func TestIdentityWithOneLogin(t *testing.T) { client := newMockOneLoginClient(t) client.EXPECT(). - EnableLowConfidenceFeatureFlag(r.Context()). - Return(nil) + EnableLowConfidenceFeatureFlag(r.Context(), w). + Return(w, nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) @@ -38,61 +37,61 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } -func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(expectedError) - - err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} - -func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(nil) - client.EXPECT(). - AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). - Return("http://auth?locale=en", expectedError) - - err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} - -func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(mock.Anything). - Return(nil) - client.EXPECT(). - AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). - Return("http://auth?locale=en", nil) - - sessionStore := newMockSessionStore(t) - sessionStore.EXPECT(). - SetOneLogin(r, w, mock.Anything). - Return(expectedError) - - err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) - resp := w.Result() - - assert.Equal(t, expectedError, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} +//func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(expectedError) +// +// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} +// +//func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(nil) +// client.EXPECT(). +// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). +// Return("http://auth?locale=en", expectedError) +// +// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} +// +//func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { +// w := httptest.NewRecorder() +// r, _ := http.NewRequest(http.MethodGet, "/", nil) +// +// client := newMockOneLoginClient(t) +// client.EXPECT(). +// EnableLowConfidenceFeatureFlag(mock.Anything). +// Return(nil) +// client.EXPECT(). +// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). +// Return("http://auth?locale=en", nil) +// +// sessionStore := newMockSessionStore(t) +// sessionStore.EXPECT(). +// SetOneLogin(r, w, mock.Anything). +// Return(expectedError) +// +// err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) +// resp := w.Result() +// +// assert.Equal(t, expectedError, err) +// assert.Equal(t, http.StatusOK, resp.StatusCode) +//} diff --git a/internal/voucher/voucherpage/mock_OneLoginClient_test.go b/internal/voucher/voucherpage/mock_OneLoginClient_test.go index 6e54f2a436..69be0bf327 100644 --- a/internal/voucher/voucherpage/mock_OneLoginClient_test.go +++ b/internal/voucher/voucherpage/mock_OneLoginClient_test.go @@ -4,6 +4,7 @@ package voucherpage import ( context "context" + http "net/http" identity "github.com/ministryofjustice/opg-modernising-lpa/internal/identity" mock "github.com/stretchr/testify/mock" @@ -83,22 +84,34 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } -// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx -func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context) error { - ret := _m.Called(ctx) +// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx, w +func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { + ret := _m.Called(ctx, w) if len(ret) == 0 { panic("no return value specified for EnableLowConfidenceFeatureFlag") } - var r0 error - if rf, ok := ret.Get(0).(func(context.Context) error); ok { - r0 = rf(ctx) + var r0 http.ResponseWriter + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)); ok { + return rf(ctx, w) + } + if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) http.ResponseWriter); ok { + r0 = rf(ctx, w) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(http.ResponseWriter) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, http.ResponseWriter) error); ok { + r1 = rf(ctx, w) } else { - r0 = ret.Error(0) + r1 = ret.Error(1) } - return r0 + return r0, r1 } // mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' @@ -108,23 +121,24 @@ type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { // EnableLowConfidenceFeatureFlag is a helper method to define mock.On call // - ctx context.Context -func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx)} +// - w http.ResponseWriter +func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}, w interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx, w)} } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context, w http.ResponseWriter)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { _c.Call.Run(func(args mock.Arguments) { - run(args[0].(context.Context)) + run(args[0].(context.Context), args[1].(http.ResponseWriter)) }) return _c } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(_a0) +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 http.ResponseWriter, _a1 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { + _c.Call.Return(_a0, _a1) return _c } -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context) error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { +func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { _c.Call.Return(run) return _c } diff --git a/internal/voucher/voucherpage/register.go b/internal/voucher/voucherpage/register.go index 448f9b1700..3d288999f1 100644 --- a/internal/voucher/voucherpage/register.go +++ b/internal/voucher/voucherpage/register.go @@ -65,7 +65,7 @@ type SessionStore interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) - EnableLowConfidenceFeatureFlag(ctx context.Context) error + EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) From 0b7710a4120d948e54039489a1afbe82ffdc6cbd Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 14:42:50 +0100 Subject: [PATCH 08/14] MLPAB-2433 try setting domain --- internal/onelogin/client.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/onelogin/client.go b/internal/onelogin/client.go index 14710c271f..f5c2cad62d 100644 --- a/internal/onelogin/client.go +++ b/internal/onelogin/client.go @@ -125,6 +125,7 @@ func (c *Client) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.Resp } for _, cookie := range resp.Cookies() { + cookie.Domain = ".integration.account.gov.uk" http.SetCookie(w, cookie) } From 4a1257aa108640a085782b816f5f9258f9aac9dc Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 15:07:15 +0100 Subject: [PATCH 09/14] MLPAB-2433 try SameSite None --- internal/onelogin/client.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/internal/onelogin/client.go b/internal/onelogin/client.go index f5c2cad62d..832f6112ff 100644 --- a/internal/onelogin/client.go +++ b/internal/onelogin/client.go @@ -126,6 +126,8 @@ func (c *Client) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.Resp for _, cookie := range resp.Cookies() { cookie.Domain = ".integration.account.gov.uk" + cookie.SameSite = http.SameSiteNoneMode + cookie.Secure = true http.SetCookie(w, cookie) } From 61538c6e562eabd6083ad1fe545626996b616ecf Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 16:21:44 +0100 Subject: [PATCH 10/14] MLPAB-2433 rely on env var for low confidence --- cmd/mlpa/main.go | 5 +- docker/docker-compose.yml | 1 + internal/app/app.go | 4 ++ .../identity_with_one_login.go | 4 -- .../prove_your_identity.go | 25 ++++++++ .../certificateproviderpage/register.go | 4 +- .../donorpage/identity_with_one_login.go | 5 -- .../donor/donorpage/prove_your_identity.go | 25 ++++++++ internal/donor/donorpage/register.go | 4 +- internal/onelogin/client.go | 63 ++++++------------- internal/onelogin/client_test.go | 60 ------------------ .../voucherpage/confirm_your_identity.go | 25 ++++++++ .../voucherpage/identity_with_one_login.go | 4 -- internal/voucher/voucherpage/register.go | 4 +- .../environment/region/modules/app/ecs.tf | 6 +- terraform/environment/terraform.tfvars.json | 24 ++++--- .../prove_your_identity.gohtml | 10 ++- web/template/donor/prove_your_identity.gohtml | 10 ++- .../voucher/confirm_your_identity.gohtml | 8 +++ 19 files changed, 157 insertions(+), 134 deletions(-) create mode 100644 internal/certificateprovider/certificateproviderpage/prove_your_identity.go create mode 100644 internal/donor/donorpage/prove_your_identity.go create mode 100644 internal/voucher/voucherpage/confirm_your_identity.go diff --git a/cmd/mlpa/main.go b/cmd/mlpa/main.go index f731637c25..9771a960d5 100644 --- a/cmd/mlpa/main.go +++ b/cmd/mlpa/main.go @@ -116,6 +116,7 @@ func run(ctx context.Context, logger *slog.Logger) error { searchIndexName = cmp.Or(os.Getenv("SEARCH_INDEX_NAME"), "lpas") searchIndexingEnabled = os.Getenv("SEARCH_INDEXING_DISABLED") != "1" scheduledRunnerPeriod = cmp.Or(os.Getenv("SCHEDULED_RUNNER_PERIOD"), "6h") + lowConfidenceEnabled = os.Getenv("LOW_CONFIDENCE_ENABLED") == "1" ) scheduledRunnerPeriodDur, err := time.ParseDuration(scheduledRunnerPeriod) @@ -243,7 +244,7 @@ func run(ctx context.Context, logger *slog.Logger) error { redirectURL := authRedirectBaseURL + page.PathAuthRedirect.Format() - oneloginClient := onelogin.New(ctx, logger, httpClient, secretsClient, issuer, identityURL, clientID, redirectURL) + oneloginClient := onelogin.New(ctx, logger, httpClient, secretsClient, issuer, identityURL, clientID, redirectURL, lowConfidenceEnabled) payApiKey, err := secretsClient.Secret(ctx, secrets.GovUkPay) if err != nil { @@ -311,6 +312,7 @@ func run(ctx context.Context, logger *slog.Logger) error { eventClient, lpaStoreClient, searchClient, + lowConfidenceEnabled, ))) mux.Handle("/", app.App( @@ -335,6 +337,7 @@ func run(ctx context.Context, logger *slog.Logger) error { eventClient, lpaStoreClient, searchClient, + lowConfidenceEnabled, )) var handler http.Handler = mux diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 4609204660..6a5dfcc6b6 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -28,6 +28,7 @@ services: - SEARCH_INDEXING_ENABLED=1 - DEV_MODE=1 - SCHEDULED_RUNNER_PERIOD=1m + - LOW_CONFIDENCE_ENABLED=1 event-logger: build: diff --git a/internal/app/app.go b/internal/app/app.go index ac93fa5696..c107447a72 100644 --- a/internal/app/app.go +++ b/internal/app/app.go @@ -97,6 +97,7 @@ func App( eventClient *event.Client, lpaStoreClient *lpastore.Client, searchClient *search.Client, + lowConfidenceEnabled bool, ) http.Handler { documentStore := document.NewStore(lpaDynamoClient, s3Client, eventClient) @@ -171,6 +172,7 @@ func App( notifyClient, appPublicURL, donorStore, + lowConfidenceEnabled, ) supporterpage.Register( @@ -209,6 +211,7 @@ func App( lpaStoreResolvingService, donorStore, appPublicURL, + lowConfidenceEnabled, ) attorneypage.Register( @@ -252,6 +255,7 @@ func App( progressTracker, lpaStoreResolvingService, scheduledStore, + lowConfidenceEnabled, ) return withAppData(page.ValidateCsrf(rootMux, sessionStore, random.String, errorHandler), localizer, lang) diff --git a/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go b/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go index 9f7626c326..06f33ab96d 100644 --- a/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go +++ b/internal/certificateprovider/certificateproviderpage/identity_with_one_login.go @@ -12,10 +12,6 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *certificateproviderdata.Provided) error { - if _, err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context(), w); err != nil { - return err - } - locale := "" if appData.Lang == localize.Cy { locale = "cy" diff --git a/internal/certificateprovider/certificateproviderpage/prove_your_identity.go b/internal/certificateprovider/certificateproviderpage/prove_your_identity.go new file mode 100644 index 0000000000..e541fa9c57 --- /dev/null +++ b/internal/certificateprovider/certificateproviderpage/prove_your_identity.go @@ -0,0 +1,25 @@ +package certificateproviderpage + +import ( + "net/http" + + "github.com/ministryofjustice/opg-go-common/template" + "github.com/ministryofjustice/opg-modernising-lpa/internal/appcontext" + "github.com/ministryofjustice/opg-modernising-lpa/internal/certificateprovider/certificateproviderdata" + "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" +) + +type proveYourIdentity struct { + App appcontext.Data + Errors validation.List + LowConfidenceEnabled bool +} + +func ProveYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { + return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, certificateProvider *certificateproviderdata.Provided) error { + return tmpl(w, &proveYourIdentity{ + App: appData, + LowConfidenceEnabled: lowConfidenceEnabled, + }) + } +} diff --git a/internal/certificateprovider/certificateproviderpage/register.go b/internal/certificateprovider/certificateproviderpage/register.go index 4fa0e6a882..6fbb000814 100644 --- a/internal/certificateprovider/certificateproviderpage/register.go +++ b/internal/certificateprovider/certificateproviderpage/register.go @@ -48,7 +48,6 @@ type CertificateProviderStore interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) - EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) @@ -124,6 +123,7 @@ func Register( lpaStoreResolvingService LpaStoreResolvingService, donorStore DonorStore, appPublicURL string, + lowConfidenceEnabled bool, ) { handleRoot := makeHandle(rootMux, errorHandler) @@ -158,7 +158,7 @@ func Register( Guidance(tmpls.Get("your_role.gohtml"), lpaStoreResolvingService)) handleCertificateProvider(certificateprovider.PathProveYourIdentity, page.None, - Guidance(tmpls.Get("prove_your_identity.gohtml"), nil)) + ProveYourIdentity(tmpls.Get("prove_your_identity.gohtml"), lowConfidenceEnabled)) handleCertificateProvider(certificateprovider.PathIdentityWithOneLogin, page.None, IdentityWithOneLogin(oneLoginClient, sessionStore, random.String)) handleCertificateProvider(certificateprovider.PathIdentityWithOneLoginCallback, page.None, diff --git a/internal/donor/donorpage/identity_with_one_login.go b/internal/donor/donorpage/identity_with_one_login.go index ef827094ba..efe8c4310f 100644 --- a/internal/donor/donorpage/identity_with_one_login.go +++ b/internal/donor/donorpage/identity_with_one_login.go @@ -12,11 +12,6 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, provided *donordata.Provided) error { - var err error - if w, err = oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context(), w); err != nil { - return err - } - locale := "" if appData.Lang == localize.Cy { locale = "cy" diff --git a/internal/donor/donorpage/prove_your_identity.go b/internal/donor/donorpage/prove_your_identity.go new file mode 100644 index 0000000000..7bb366284b --- /dev/null +++ b/internal/donor/donorpage/prove_your_identity.go @@ -0,0 +1,25 @@ +package donorpage + +import ( + "net/http" + + "github.com/ministryofjustice/opg-go-common/template" + "github.com/ministryofjustice/opg-modernising-lpa/internal/appcontext" + "github.com/ministryofjustice/opg-modernising-lpa/internal/donor/donordata" + "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" +) + +type proveYourIdentity struct { + App appcontext.Data + Errors validation.List + LowConfidenceEnabled bool +} + +func ProveYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { + return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, provided *donordata.Provided) error { + return tmpl(w, &proveYourIdentity{ + App: appData, + LowConfidenceEnabled: lowConfidenceEnabled, + }) + } +} diff --git a/internal/donor/donorpage/register.go b/internal/donor/donorpage/register.go index 7d754d33b8..448725e04c 100644 --- a/internal/donor/donorpage/register.go +++ b/internal/donor/donorpage/register.go @@ -90,7 +90,6 @@ type ShareCodeSender interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) - EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) @@ -194,6 +193,7 @@ func Register( progressTracker ProgressTracker, lpaStoreResolvingService LpaStoreResolvingService, scheduledStore ScheduledStore, + lowConfidenceEnabled bool, ) { payer := Pay(logger, sessionStore, donorStore, payClient, random.String, appPublicURL) @@ -388,7 +388,7 @@ func Register( handleWithDonor(donor.PathHowToConfirmYourIdentityAndSign, page.None, Guidance(tmpls.Get("how_to_confirm_your_identity_and_sign.gohtml"))) handleWithDonor(donor.PathProveYourIdentity, page.CanGoBack, - Guidance(tmpls.Get("prove_your_identity.gohtml"))) + ProveYourIdentity(tmpls.Get("prove_your_identity.gohtml"), lowConfidenceEnabled)) handleWithDonor(donor.PathIdentityWithOneLogin, page.CanGoBack, IdentityWithOneLogin(oneLoginClient, sessionStore, random.String)) handleWithDonor(donor.PathIdentityWithOneLoginCallback, page.CanGoBack, diff --git a/internal/onelogin/client.go b/internal/onelogin/client.go index 832f6112ff..01bbe62953 100644 --- a/internal/onelogin/client.go +++ b/internal/onelogin/client.go @@ -5,7 +5,6 @@ import ( "context" "crypto/ecdsa" "errors" - "fmt" "net/http" "net/url" @@ -37,21 +36,23 @@ type Client struct { randomString func(int) string didClient *didClient - clientID string - redirectURL string + clientID string + redirectURL string + lowConfidenceEnabled bool } -func New(ctx context.Context, logger Logger, httpClient *http.Client, secretsClient SecretsClient, issuer, identityURL, clientID, redirectURL string) *Client { +func New(ctx context.Context, logger Logger, httpClient *http.Client, secretsClient SecretsClient, issuer, identityURL, clientID, redirectURL string, lowConfidenceEnabled bool) *Client { return &Client{ - ctx: ctx, - logger: logger, - httpClient: httpClient, - secretsClient: secretsClient, - randomString: random.String, - clientID: clientID, - redirectURL: redirectURL, - openidConfiguration: getConfiguration(ctx, logger, httpClient, issuer), - didClient: getDID(ctx, logger, httpClient, identityURL), + ctx: ctx, + logger: logger, + httpClient: httpClient, + secretsClient: secretsClient, + randomString: random.String, + clientID: clientID, + redirectURL: redirectURL, + openidConfiguration: getConfiguration(ctx, logger, httpClient, issuer), + didClient: getDID(ctx, logger, httpClient, identityURL), + lowConfidenceEnabled: lowConfidenceEnabled, } } @@ -67,7 +68,12 @@ func (c *Client) AuthCodeURL(state, nonce, locale string, identity bool) (string } if identity { - q.Add("vtr", `["Cl.Cm.P1"]`) + vtr := `["Cl.Cm.P2"]` + if c.lowConfidenceEnabled { + vtr = `["Cl.Cm.P1"]` + } + + q.Add("vtr", vtr) q.Add("claims", `{"userinfo":{"https://vocab.account.gov.uk/v1/coreIdentityJWT": null,"https://vocab.account.gov.uk/v1/returnCode": null,"https://vocab.account.gov.uk/v1/address": null}}`) } @@ -104,32 +110,3 @@ func (c *Client) CheckHealth(ctx context.Context) error { return resp.Body.Close() } - -func (c *Client) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { - //if strings.Contains(c.redirectURL, "localhost") { - // return w, nil - //} - - req, err := http.NewRequestWithContext(ctx, "GET", "https://identity.integration.account.gov.uk/ipv/useFeatureSet?featureSet=p1Journeys", nil) - if err != nil { - return w, err - } - - resp, err := c.httpClient.Do(req) - if err != nil { - return w, err - } - - if resp.StatusCode != http.StatusOK { - return w, fmt.Errorf("unexpected status code from feature flag endpoint: %d", resp.StatusCode) - } - - for _, cookie := range resp.Cookies() { - cookie.Domain = ".integration.account.gov.uk" - cookie.SameSite = http.SameSiteNoneMode - cookie.Secure = true - http.SetCookie(w, cookie) - } - - return w, nil -} diff --git a/internal/onelogin/client_test.go b/internal/onelogin/client_test.go index 0194c658f0..4f1ae35552 100644 --- a/internal/onelogin/client_test.go +++ b/internal/onelogin/client_test.go @@ -104,63 +104,3 @@ func TestCheckHealthWhenError(t *testing.T) { assert.NotNil(t, c.CheckHealth(context.Background())) } - -//func TestEnableLowConfidenceFeatureFlag(t *testing.T) { -// req, _ := http.NewRequestWithContext(ctx, "GET", "https://identity.integration.account.gov.uk/ipv/useFeatureSet?featureSet=p1Journeys", nil) -// -// doer := newMockDoer(t) -// doer.EXPECT(). -// Do(req). -// Return(&http.Response{StatusCode: http.StatusOK}, nil) -// -// c := &Client{ -// httpClient: doer, -// redirectURL: "https://exmaple.com", -// } -// -// err := c.EnableLowConfidenceFeatureFlag(context.Background()) -// -// assert.Nil(t, err) -//} -// -//func TestEnableLowConfidenceFeatureFlagWhenRedirectIsLocalhost(t *testing.T) { -// c := &Client{ -// redirectURL: "https://localhost:5050", -// } -// -// err := c.EnableLowConfidenceFeatureFlag(context.Background()) -// -// assert.Nil(t, err) -//} -// -//func TestEnableLowConfidenceFeatureFlagErrors(t *testing.T) { -// testcases := map[string]func() *mockDoer{ -// "doer error": func() *mockDoer { -// doer := newMockDoer(t) -// doer.EXPECT(). -// Do(mock.Anything). -// Return(&http.Response{}, expectedError) -// return doer -// }, -// "non OK status": func() *mockDoer { -// doer := newMockDoer(t) -// doer.EXPECT(). -// Do(mock.Anything). -// Return(&http.Response{StatusCode: http.StatusBadRequest}, nil) -// return doer -// }, -// } -// -// for name, doer := range testcases { -// t.Run(name, func(t *testing.T) { -// c := &Client{ -// httpClient: doer(), -// redirectURL: "https://exmaple.com", -// } -// -// err := c.EnableLowConfidenceFeatureFlag(context.Background()) -// -// assert.Error(t, err) -// }) -// } -//} diff --git a/internal/voucher/voucherpage/confirm_your_identity.go b/internal/voucher/voucherpage/confirm_your_identity.go new file mode 100644 index 0000000000..4b688ac547 --- /dev/null +++ b/internal/voucher/voucherpage/confirm_your_identity.go @@ -0,0 +1,25 @@ +package voucherpage + +import ( + "net/http" + + "github.com/ministryofjustice/opg-go-common/template" + "github.com/ministryofjustice/opg-modernising-lpa/internal/appcontext" + "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" + "github.com/ministryofjustice/opg-modernising-lpa/internal/voucher/voucherdata" +) + +type confirmYourIdentity struct { + App appcontext.Data + Errors validation.List + LowConfidenceEnabled bool +} + +func ConfirmYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { + return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *voucherdata.Provided) error { + return tmpl(w, &confirmYourIdentity{ + App: appData, + LowConfidenceEnabled: lowConfidenceEnabled, + }) + } +} diff --git a/internal/voucher/voucherpage/identity_with_one_login.go b/internal/voucher/voucherpage/identity_with_one_login.go index db093c34eb..8f792b3917 100644 --- a/internal/voucher/voucherpage/identity_with_one_login.go +++ b/internal/voucher/voucherpage/identity_with_one_login.go @@ -12,10 +12,6 @@ import ( func IdentityWithOneLogin(oneLoginClient OneLoginClient, sessionStore SessionStore, randomString func(int) string) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *voucherdata.Provided) error { - if _, err := oneLoginClient.EnableLowConfidenceFeatureFlag(r.Context(), w); err != nil { - return err - } - locale := "" if appData.Lang == localize.Cy { locale = "cy" diff --git a/internal/voucher/voucherpage/register.go b/internal/voucher/voucherpage/register.go index 3d288999f1..c495260866 100644 --- a/internal/voucher/voucherpage/register.go +++ b/internal/voucher/voucherpage/register.go @@ -65,7 +65,6 @@ type SessionStore interface { type OneLoginClient interface { AuthCodeURL(state, nonce, locale string, identity bool) (string, error) - EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) Exchange(ctx context.Context, code, nonce string) (idToken, accessToken string, err error) UserInfo(ctx context.Context, accessToken string) (onelogin.UserInfo, error) ParseIdentityClaim(ctx context.Context, userInfo onelogin.UserInfo) (identity.UserData, error) @@ -102,6 +101,7 @@ func Register( notifyClient NotifyClient, appPublicURL string, donorStore DonorStore, + lowConfidenceEnabled bool, ) { handleRoot := makeHandle(rootMux, sessionStore, errorHandler) @@ -132,7 +132,7 @@ func Register( Guidance(tmpls.Get("donor_details_do_not_match.gohtml"), lpaStoreResolvingService)) handleVoucher(voucher.PathConfirmYourIdentity, None, - Guidance(tmpls.Get("confirm_your_identity.gohtml"), lpaStoreResolvingService)) + ConfirmYourIdentity(tmpls.Get("confirm_your_identity.gohtml"), lowConfidenceEnabled)) handleVoucher(voucher.PathIdentityWithOneLogin, None, IdentityWithOneLogin(oneLoginClient, sessionStore, random.String)) handleVoucher(voucher.PathIdentityWithOneLoginCallback, None, diff --git a/terraform/environment/region/modules/app/ecs.tf b/terraform/environment/region/modules/app/ecs.tf index 5b822943b8..ca577fe1dd 100644 --- a/terraform/environment/region/modules/app/ecs.tf +++ b/terraform/environment/region/modules/app/ecs.tf @@ -492,7 +492,11 @@ locals { { name = "JWT_KEY_SECRET_ARN", value = data.aws_secretsmanager_secret.lpa_store_jwt_key.arn - } + }, + { + name = "LOW_CONFIDENCE_ENABLED", + value = var.app_env_vars.low_confidence_enabled + }, ] } ) diff --git a/terraform/environment/terraform.tfvars.json b/terraform/environment/terraform.tfvars.json index 9e9a5d484c..d34e82482d 100644 --- a/terraform/environment/terraform.tfvars.json +++ b/terraform/environment/terraform.tfvars.json @@ -13,7 +13,8 @@ "auth_redirect_base_url": "https://demo.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1" + "dev_mode": "1", + "low_confidence_enabled": "1" }, "autoscaling": { "minimum": 1, @@ -98,7 +99,8 @@ "auth_redirect_base_url": "https://demo.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1" + "dev_mode": "1", + "low_confidence_enabled": "1" }, "autoscaling": { "minimum": 1, @@ -183,7 +185,8 @@ "auth_redirect_base_url": "https://demo.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1" + "dev_mode": "1", + "low_confidence_enabled": "0" }, "autoscaling": { "minimum": 1, @@ -268,7 +271,8 @@ "auth_redirect_base_url": "https://codesign.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1" + "dev_mode": "1", + "low_confidence_enabled": "0" }, "autoscaling": { "minimum": 1, @@ -353,7 +357,8 @@ "auth_redirect_base_url": "https://ur.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1" + "dev_mode": "1", + "low_confidence_enabled": "0" }, "autoscaling": { "minimum": 1, @@ -438,7 +443,8 @@ "auth_redirect_base_url": "https://ur2.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1" + "dev_mode": "1", + "low_confidence_enabled": "0" }, "autoscaling": { "minimum": 1, @@ -523,7 +529,8 @@ "auth_redirect_base_url": "https://preproduction.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "1", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "" + "dev_mode": "", + "low_confidence_enabled": "1" }, "autoscaling": { "minimum": 1, @@ -608,7 +615,8 @@ "auth_redirect_base_url": "https://app.modernising.opg.service.justice.gov.uk", "notify_is_production": "1", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "" + "dev_mode": "", + "low_confidence_enabled": "1" }, "autoscaling": { "minimum": 1, diff --git a/web/template/certificateprovider/prove_your_identity.gohtml b/web/template/certificateprovider/prove_your_identity.gohtml index 943af19f84..e219922bb6 100644 --- a/web/template/certificateprovider/prove_your_identity.gohtml +++ b/web/template/certificateprovider/prove_your_identity.gohtml @@ -8,9 +8,17 @@

{{ tr .App "proveYourIdentity" }}

{{ tr .App "beforeYouCanProvideYourCertificateForThisLpa" }}

- + {{ trHtml .App "proveYourIdentityContent" }} + {{ if .LowConfidenceEnabled }} +

+ + {{ tr .App "Click here before pressing continue to enable low confidence feature flag (opens in a new window)" }} + +

+ {{ end }} + {{ template "buttons" (button .App "continue" "link" (global.Paths.CertificateProvider.IdentityWithOneLogin.Format .App.LpaID)) }} {{ end }} diff --git a/web/template/donor/prove_your_identity.gohtml b/web/template/donor/prove_your_identity.gohtml index 048a26c890..9ebb0d9906 100644 --- a/web/template/donor/prove_your_identity.gohtml +++ b/web/template/donor/prove_your_identity.gohtml @@ -8,9 +8,17 @@

{{ tr .App "proveYourIdentity" }}

{{ tr .App "beforeYouSignYourLpa" }}

- + {{ trHtml .App "proveYourIdentityContent" }} + {{ if .LowConfidenceEnabled }} +

+ + {{ tr .App "Click here before pressing continue to enable low confidence feature flag (opens in a new window)" }} + +

+ {{ end }} + {{ template "buttons" (button .App "continue" "link" (global.Paths.IdentityWithOneLogin.Format .App.LpaID)) }} diff --git a/web/template/voucher/confirm_your_identity.gohtml b/web/template/voucher/confirm_your_identity.gohtml index be67813c20..317e84fc8f 100644 --- a/web/template/voucher/confirm_your_identity.gohtml +++ b/web/template/voucher/confirm_your_identity.gohtml @@ -10,6 +10,14 @@ {{ trFormatHtml .App "voucherConfirmYourIdentityContent" "DonorFullName" .Lpa.Donor.FullName }} + {{ if .LowConfidenceEnabled }} +

+ + {{ tr .App "Click here before pressing continue to enable low confidence feature flag (opens in a new window)" }} + +

+ {{ end }} + {{ template "button" (button .App "continue" "link" (global.Paths.Voucher.IdentityWithOneLogin.Format .App.LpaID)) }} From 361b38990fe4a54d3ab3ad485e742994101f9562 Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 16:36:44 +0100 Subject: [PATCH 11/14] MLPAB-2433 test fix --- internal/app/app_test.go | 2 +- .../identity_with_one_login_test.go | 3 - .../mock_OneLoginClient_test.go | 60 ------------------- .../prove_your_identity.go | 4 +- .../prove_your_identity_test.go | 55 +++++++++++++++++ .../certificateproviderpage/register_test.go | 2 +- .../donorpage/identity_with_one_login_test.go | 3 - .../donorpage/mock_OneLoginClient_test.go | 60 ------------------- .../donor/donorpage/prove_your_identity.go | 4 +- .../donorpage/prove_your_identity_test.go | 55 +++++++++++++++++ internal/donor/donorpage/register_test.go | 2 +- internal/onelogin/client_test.go | 37 ++++++++---- .../voucherpage/confirm_your_identity.go | 4 +- .../voucherpage/confirm_your_identity_test.go | 55 +++++++++++++++++ .../identity_with_one_login_test.go | 3 - .../voucherpage/mock_OneLoginClient_test.go | 60 ------------------- internal/voucher/voucherpage/register_test.go | 2 +- 17 files changed, 199 insertions(+), 212 deletions(-) create mode 100644 internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go create mode 100644 internal/donor/donorpage/prove_your_identity_test.go create mode 100644 internal/voucher/voucherpage/confirm_your_identity_test.go diff --git a/internal/app/app_test.go b/internal/app/app_test.go index 2f6bae297d..eb0a4c3d12 100644 --- a/internal/app/app_test.go +++ b/internal/app/app_test.go @@ -94,7 +94,7 @@ func (m *mockDynamoClient) ExpectOneByPK(ctx, pk, data interface{}, err error) { } func TestApp(t *testing.T) { - app := App(true, &slog.Logger{}, &localize.Localizer{}, localize.En, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, nil, nil, "http://public.url", &pay.Client{}, ¬ify.Client{}, &place.Client{}, &onelogin.Client{}, nil, nil, nil, &search.Client{}) + app := App(true, &slog.Logger{}, &localize.Localizer{}, localize.En, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, nil, nil, "http://public.url", &pay.Client{}, ¬ify.Client{}, &place.Client{}, &onelogin.Client{}, nil, nil, nil, &search.Client{}, true) assert.Implements(t, (*http.Handler)(nil), app) } diff --git a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go index 70e9a96c9b..544a877418 100644 --- a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go +++ b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go @@ -17,9 +17,6 @@ func TestIdentityWithOneLogin(t *testing.T) { r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(r.Context(), w). - Return(w, nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) diff --git a/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go b/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go index 022a06cd91..ea8b669ece 100644 --- a/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go +++ b/internal/certificateprovider/certificateproviderpage/mock_OneLoginClient_test.go @@ -4,7 +4,6 @@ package certificateproviderpage import ( context "context" - http "net/http" identity "github.com/ministryofjustice/opg-modernising-lpa/internal/identity" mock "github.com/stretchr/testify/mock" @@ -84,65 +83,6 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } -// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx, w -func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { - ret := _m.Called(ctx, w) - - if len(ret) == 0 { - panic("no return value specified for EnableLowConfidenceFeatureFlag") - } - - var r0 http.ResponseWriter - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)); ok { - return rf(ctx, w) - } - if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) http.ResponseWriter); ok { - r0 = rf(ctx, w) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(http.ResponseWriter) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, http.ResponseWriter) error); ok { - r1 = rf(ctx, w) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' -type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { - *mock.Call -} - -// EnableLowConfidenceFeatureFlag is a helper method to define mock.On call -// - ctx context.Context -// - w http.ResponseWriter -func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}, w interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx, w)} -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context, w http.ResponseWriter)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Run(func(args mock.Arguments) { - run(args[0].(context.Context), args[1].(http.ResponseWriter)) - }) - return _c -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 http.ResponseWriter, _a1 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(run) - return _c -} - // Exchange provides a mock function with given fields: ctx, code, nonce func (_m *mockOneLoginClient) Exchange(ctx context.Context, code string, nonce string) (string, string, error) { ret := _m.Called(ctx, code, nonce) diff --git a/internal/certificateprovider/certificateproviderpage/prove_your_identity.go b/internal/certificateprovider/certificateproviderpage/prove_your_identity.go index e541fa9c57..d1a11bb1d2 100644 --- a/internal/certificateprovider/certificateproviderpage/prove_your_identity.go +++ b/internal/certificateprovider/certificateproviderpage/prove_your_identity.go @@ -9,7 +9,7 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" ) -type proveYourIdentity struct { +type proveYourIdentityData struct { App appcontext.Data Errors validation.List LowConfidenceEnabled bool @@ -17,7 +17,7 @@ type proveYourIdentity struct { func ProveYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, certificateProvider *certificateproviderdata.Provided) error { - return tmpl(w, &proveYourIdentity{ + return tmpl(w, &proveYourIdentityData{ App: appData, LowConfidenceEnabled: lowConfidenceEnabled, }) diff --git a/internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go b/internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go new file mode 100644 index 0000000000..7602a1f148 --- /dev/null +++ b/internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go @@ -0,0 +1,55 @@ +package certificateproviderpage + +import ( + "fmt" + "net/http" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" +) + +func TestConfirmYourIdentity(t *testing.T) { + testcases := []bool{ + true, false, + } + + for _, enabled := range testcases { + t.Run(fmt.Sprintf("enabled=%t", enabled), func(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + template := newMockTemplate(t) + template.EXPECT(). + Execute(w, &proveYourIdentityData{ + App: testAppData, + Errors: nil, + LowConfidenceEnabled: enabled, + }). + Return(nil) + + err := ProveYourIdentity(template.Execute, enabled)(testAppData, w, r, nil) + resp := w.Result() + + assert.Nil(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) + }) + } +} + +func TestConfirmYourIdentityTemplateError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + template := newMockTemplate(t) + template.EXPECT(). + Execute(mock.Anything, mock.Anything). + Return(expectedError) + + err := ProveYourIdentity(template.Execute, true)(testAppData, w, r, nil) + resp := w.Result() + + assert.Error(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} diff --git a/internal/certificateprovider/certificateproviderpage/register_test.go b/internal/certificateprovider/certificateproviderpage/register_test.go index a3d256bd05..6bec685b96 100644 --- a/internal/certificateprovider/certificateproviderpage/register_test.go +++ b/internal/certificateprovider/certificateproviderpage/register_test.go @@ -24,7 +24,7 @@ import ( func TestRegister(t *testing.T) { mux := http.NewServeMux() - Register(mux, &slog.Logger{}, template.Templates{}, template.Templates{}, nil, &onelogin.Client{}, nil, nil, nil, &place.Client{}, ¬ify.Client{}, nil, &mockDashboardStore{}, &lpastore.Client{}, &lpastore.ResolvingService{}, &mockDonorStore{}, "publicURL") + Register(mux, &slog.Logger{}, template.Templates{}, template.Templates{}, nil, &onelogin.Client{}, nil, nil, nil, &place.Client{}, ¬ify.Client{}, nil, &mockDashboardStore{}, &lpastore.Client{}, &lpastore.ResolvingService{}, &mockDonorStore{}, "publicURL", true) assert.Implements(t, (*http.Handler)(nil), mux) } diff --git a/internal/donor/donorpage/identity_with_one_login_test.go b/internal/donor/donorpage/identity_with_one_login_test.go index 9383037300..978483c2d4 100644 --- a/internal/donor/donorpage/identity_with_one_login_test.go +++ b/internal/donor/donorpage/identity_with_one_login_test.go @@ -18,9 +18,6 @@ func TestIdentityWithOneLogin(t *testing.T) { r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(r.Context(), w). - Return(w, nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) diff --git a/internal/donor/donorpage/mock_OneLoginClient_test.go b/internal/donor/donorpage/mock_OneLoginClient_test.go index 4a31cce406..4d2f52ebef 100644 --- a/internal/donor/donorpage/mock_OneLoginClient_test.go +++ b/internal/donor/donorpage/mock_OneLoginClient_test.go @@ -4,7 +4,6 @@ package donorpage import ( context "context" - http "net/http" identity "github.com/ministryofjustice/opg-modernising-lpa/internal/identity" mock "github.com/stretchr/testify/mock" @@ -84,65 +83,6 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } -// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx, w -func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { - ret := _m.Called(ctx, w) - - if len(ret) == 0 { - panic("no return value specified for EnableLowConfidenceFeatureFlag") - } - - var r0 http.ResponseWriter - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)); ok { - return rf(ctx, w) - } - if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) http.ResponseWriter); ok { - r0 = rf(ctx, w) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(http.ResponseWriter) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, http.ResponseWriter) error); ok { - r1 = rf(ctx, w) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' -type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { - *mock.Call -} - -// EnableLowConfidenceFeatureFlag is a helper method to define mock.On call -// - ctx context.Context -// - w http.ResponseWriter -func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}, w interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx, w)} -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context, w http.ResponseWriter)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Run(func(args mock.Arguments) { - run(args[0].(context.Context), args[1].(http.ResponseWriter)) - }) - return _c -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 http.ResponseWriter, _a1 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(run) - return _c -} - // Exchange provides a mock function with given fields: ctx, code, nonce func (_m *mockOneLoginClient) Exchange(ctx context.Context, code string, nonce string) (string, string, error) { ret := _m.Called(ctx, code, nonce) diff --git a/internal/donor/donorpage/prove_your_identity.go b/internal/donor/donorpage/prove_your_identity.go index 7bb366284b..7edc6f6f12 100644 --- a/internal/donor/donorpage/prove_your_identity.go +++ b/internal/donor/donorpage/prove_your_identity.go @@ -9,7 +9,7 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" ) -type proveYourIdentity struct { +type proveYourIdentityData struct { App appcontext.Data Errors validation.List LowConfidenceEnabled bool @@ -17,7 +17,7 @@ type proveYourIdentity struct { func ProveYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, provided *donordata.Provided) error { - return tmpl(w, &proveYourIdentity{ + return tmpl(w, &proveYourIdentityData{ App: appData, LowConfidenceEnabled: lowConfidenceEnabled, }) diff --git a/internal/donor/donorpage/prove_your_identity_test.go b/internal/donor/donorpage/prove_your_identity_test.go new file mode 100644 index 0000000000..0662ad4404 --- /dev/null +++ b/internal/donor/donorpage/prove_your_identity_test.go @@ -0,0 +1,55 @@ +package donorpage + +import ( + "fmt" + "net/http" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" +) + +func TestConfirmYourIdentity(t *testing.T) { + testcases := []bool{ + true, false, + } + + for _, enabled := range testcases { + t.Run(fmt.Sprintf("enabled=%t", enabled), func(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + template := newMockTemplate(t) + template.EXPECT(). + Execute(w, &proveYourIdentityData{ + App: testAppData, + Errors: nil, + LowConfidenceEnabled: enabled, + }). + Return(nil) + + err := ProveYourIdentity(template.Execute, enabled)(testAppData, w, r, nil) + resp := w.Result() + + assert.Nil(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) + }) + } +} + +func TestConfirmYourIdentityTemplateError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + template := newMockTemplate(t) + template.EXPECT(). + Execute(mock.Anything, mock.Anything). + Return(expectedError) + + err := ProveYourIdentity(template.Execute, true)(testAppData, w, r, nil) + resp := w.Result() + + assert.Error(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} diff --git a/internal/donor/donorpage/register_test.go b/internal/donor/donorpage/register_test.go index 004b298fa9..e4443889db 100644 --- a/internal/donor/donorpage/register_test.go +++ b/internal/donor/donorpage/register_test.go @@ -27,7 +27,7 @@ import ( func TestRegister(t *testing.T) { mux := http.NewServeMux() - Register(mux, &slog.Logger{}, template.Templates{}, &mockSessionStore{}, &mockDonorStore{}, &onelogin.Client{}, &place.Client{}, "http://example.org", &pay.Client{}, &mockShareCodeSender{}, &mockWitnessCodeSender{}, nil, &mockCertificateProviderStore{}, &mockNotifyClient{}, &mockEvidenceReceivedStore{}, &mockDocumentStore{}, &mockEventClient{}, &mockDashboardStore{}, &mockLpaStoreClient{}, &mockShareCodeStore{}, &mockProgressTracker{}, &lpastore.ResolvingService{}, &mockScheduledStore{}) + Register(mux, &slog.Logger{}, template.Templates{}, &mockSessionStore{}, &mockDonorStore{}, &onelogin.Client{}, &place.Client{}, "http://example.org", &pay.Client{}, &mockShareCodeSender{}, &mockWitnessCodeSender{}, nil, &mockCertificateProviderStore{}, &mockNotifyClient{}, &mockEvidenceReceivedStore{}, &mockDocumentStore{}, &mockEventClient{}, &mockDashboardStore{}, &mockLpaStoreClient{}, &mockShareCodeStore{}, &mockProgressTracker{}, &lpastore.ResolvingService{}, &mockScheduledStore{}, true) assert.Implements(t, (*http.Handler)(nil), mux) } diff --git a/internal/onelogin/client_test.go b/internal/onelogin/client_test.go index 4f1ae35552..114a76c938 100644 --- a/internal/onelogin/client_test.go +++ b/internal/onelogin/client_test.go @@ -2,6 +2,7 @@ package onelogin import ( "context" + "fmt" "net/http" "net/http/httptest" "testing" @@ -28,21 +29,31 @@ func TestAuthCodeURL(t *testing.T) { } func TestAuthCodeURLForIdentity(t *testing.T) { - expected := "http://auth?claims=%7B%22userinfo%22%3A%7B%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FcoreIdentityJWT%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FreturnCode%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2Faddress%22%3A+null%7D%7D&client_id=123&nonce=nonce&redirect_uri=http%3A%2F%2Fredirect&response_type=code&scope=openid+email&state=state&ui_locales=cy&vtr=%5B%22Cl.Cm.P1%22%5D" - - c := &Client{ - redirectURL: "http://redirect", - clientID: "123", - openidConfiguration: &configurationClient{ - currentConfiguration: &openidConfiguration{ - AuthorizationEndpoint: "http://auth", - }, - }, + testcases := map[bool]string{ + true: "vtr=%5B%22Cl.Cm.P1%22%5D", + false: "vtr=%5B%22Cl.Cm.P2%22%5D", } - actual, err := c.AuthCodeURL("state", "nonce", "cy", true) - assert.Nil(t, err) - assert.Equal(t, expected, actual) + for lowConfidenceEnabled, expectedVTR := range testcases { + t.Run(fmt.Sprintf("lowConfidenceEnabled=%t", lowConfidenceEnabled), func(t *testing.T) { + expected := "http://auth?claims=%7B%22userinfo%22%3A%7B%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FcoreIdentityJWT%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FreturnCode%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2Faddress%22%3A+null%7D%7D&client_id=123&nonce=nonce&redirect_uri=http%3A%2F%2Fredirect&response_type=code&scope=openid+email&state=state&ui_locales=cy&" + expectedVTR + + c := &Client{ + redirectURL: "http://redirect", + clientID: "123", + openidConfiguration: &configurationClient{ + currentConfiguration: &openidConfiguration{ + AuthorizationEndpoint: "http://auth", + }, + }, + lowConfidenceEnabled: lowConfidenceEnabled, + } + actual, err := c.AuthCodeURL("state", "nonce", "cy", true) + + assert.Nil(t, err) + assert.Equal(t, expected, actual) + }) + } } func TestAuthCodeURLWhenConfigurationMissing(t *testing.T) { diff --git a/internal/voucher/voucherpage/confirm_your_identity.go b/internal/voucher/voucherpage/confirm_your_identity.go index 4b688ac547..1af2d6bfac 100644 --- a/internal/voucher/voucherpage/confirm_your_identity.go +++ b/internal/voucher/voucherpage/confirm_your_identity.go @@ -9,7 +9,7 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/voucher/voucherdata" ) -type confirmYourIdentity struct { +type confirmYourIdentityData struct { App appcontext.Data Errors validation.List LowConfidenceEnabled bool @@ -17,7 +17,7 @@ type confirmYourIdentity struct { func ConfirmYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *voucherdata.Provided) error { - return tmpl(w, &confirmYourIdentity{ + return tmpl(w, &confirmYourIdentityData{ App: appData, LowConfidenceEnabled: lowConfidenceEnabled, }) diff --git a/internal/voucher/voucherpage/confirm_your_identity_test.go b/internal/voucher/voucherpage/confirm_your_identity_test.go new file mode 100644 index 0000000000..2ae615f274 --- /dev/null +++ b/internal/voucher/voucherpage/confirm_your_identity_test.go @@ -0,0 +1,55 @@ +package voucherpage + +import ( + "fmt" + "net/http" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" +) + +func TestConfirmYourIdentity(t *testing.T) { + testcases := []bool{ + true, false, + } + + for _, enabled := range testcases { + t.Run(fmt.Sprintf("enabled=%t", enabled), func(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + template := newMockTemplate(t) + template.EXPECT(). + Execute(w, &confirmYourIdentityData{ + App: testAppData, + Errors: nil, + LowConfidenceEnabled: enabled, + }). + Return(nil) + + err := ConfirmYourIdentity(template.Execute, enabled)(testAppData, w, r, nil) + resp := w.Result() + + assert.Nil(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) + }) + } +} + +func TestConfirmYourIdentityTemplateError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + template := newMockTemplate(t) + template.EXPECT(). + Execute(mock.Anything, mock.Anything). + Return(expectedError) + + err := ConfirmYourIdentity(template.Execute, true)(testAppData, w, r, nil) + resp := w.Result() + + assert.Error(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} diff --git a/internal/voucher/voucherpage/identity_with_one_login_test.go b/internal/voucher/voucherpage/identity_with_one_login_test.go index 9fc355b01f..ec65b0ad08 100644 --- a/internal/voucher/voucherpage/identity_with_one_login_test.go +++ b/internal/voucher/voucherpage/identity_with_one_login_test.go @@ -17,9 +17,6 @@ func TestIdentityWithOneLogin(t *testing.T) { r, _ := http.NewRequest(http.MethodGet, "/", nil) client := newMockOneLoginClient(t) - client.EXPECT(). - EnableLowConfidenceFeatureFlag(r.Context(), w). - Return(w, nil) client.EXPECT(). AuthCodeURL("i am random", "i am random", "cy", true). Return("http://auth", nil) diff --git a/internal/voucher/voucherpage/mock_OneLoginClient_test.go b/internal/voucher/voucherpage/mock_OneLoginClient_test.go index 69be0bf327..40f61a6116 100644 --- a/internal/voucher/voucherpage/mock_OneLoginClient_test.go +++ b/internal/voucher/voucherpage/mock_OneLoginClient_test.go @@ -4,7 +4,6 @@ package voucherpage import ( context "context" - http "net/http" identity "github.com/ministryofjustice/opg-modernising-lpa/internal/identity" mock "github.com/stretchr/testify/mock" @@ -84,65 +83,6 @@ func (_c *mockOneLoginClient_AuthCodeURL_Call) RunAndReturn(run func(string, str return _c } -// EnableLowConfidenceFeatureFlag provides a mock function with given fields: ctx, w -func (_m *mockOneLoginClient) EnableLowConfidenceFeatureFlag(ctx context.Context, w http.ResponseWriter) (http.ResponseWriter, error) { - ret := _m.Called(ctx, w) - - if len(ret) == 0 { - panic("no return value specified for EnableLowConfidenceFeatureFlag") - } - - var r0 http.ResponseWriter - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)); ok { - return rf(ctx, w) - } - if rf, ok := ret.Get(0).(func(context.Context, http.ResponseWriter) http.ResponseWriter); ok { - r0 = rf(ctx, w) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(http.ResponseWriter) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, http.ResponseWriter) error); ok { - r1 = rf(ctx, w) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnableLowConfidenceFeatureFlag' -type mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call struct { - *mock.Call -} - -// EnableLowConfidenceFeatureFlag is a helper method to define mock.On call -// - ctx context.Context -// - w http.ResponseWriter -func (_e *mockOneLoginClient_Expecter) EnableLowConfidenceFeatureFlag(ctx interface{}, w interface{}) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - return &mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call{Call: _e.mock.On("EnableLowConfidenceFeatureFlag", ctx, w)} -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Run(run func(ctx context.Context, w http.ResponseWriter)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Run(func(args mock.Arguments) { - run(args[0].(context.Context), args[1].(http.ResponseWriter)) - }) - return _c -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) Return(_a0 http.ResponseWriter, _a1 error) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call) RunAndReturn(run func(context.Context, http.ResponseWriter) (http.ResponseWriter, error)) *mockOneLoginClient_EnableLowConfidenceFeatureFlag_Call { - _c.Call.Return(run) - return _c -} - // Exchange provides a mock function with given fields: ctx, code, nonce func (_m *mockOneLoginClient) Exchange(ctx context.Context, code string, nonce string) (string, string, error) { ret := _m.Called(ctx, code, nonce) diff --git a/internal/voucher/voucherpage/register_test.go b/internal/voucher/voucherpage/register_test.go index 639abf4430..07c5497119 100644 --- a/internal/voucher/voucherpage/register_test.go +++ b/internal/voucher/voucherpage/register_test.go @@ -19,7 +19,7 @@ import ( func TestRegister(t *testing.T) { mux := http.NewServeMux() - Register(mux, &mockLogger{}, template.Templates{}, &mockSessionStore{}, &mockVoucherStore{}, &mockOneLoginClient{}, &mockShareCodeStore{}, &mockDashboardStore{}, nil, &mockLpaStoreResolvingService{}, &mockNotifyClient{}, "http://app", &mockDonorStore{}) + Register(mux, &mockLogger{}, template.Templates{}, &mockSessionStore{}, &mockVoucherStore{}, &mockOneLoginClient{}, &mockShareCodeStore{}, &mockDashboardStore{}, nil, &mockLpaStoreResolvingService{}, &mockNotifyClient{}, "http://app", &mockDonorStore{}, true) assert.Implements(t, (*http.Handler)(nil), mux) } From 1ac27081be6ffdebe303242c99b0c9a5cd8e3bad Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 16:55:50 +0100 Subject: [PATCH 12/14] MLPAB-2433 more test fix --- .../voucherpage/confirm_your_identity.go | 10 +++++- .../voucherpage/confirm_your_identity_test.go | 34 +++++++++++++++++-- internal/voucher/voucherpage/register.go | 2 +- 3 files changed, 42 insertions(+), 4 deletions(-) diff --git a/internal/voucher/voucherpage/confirm_your_identity.go b/internal/voucher/voucherpage/confirm_your_identity.go index 1af2d6bfac..02ab5cd93c 100644 --- a/internal/voucher/voucherpage/confirm_your_identity.go +++ b/internal/voucher/voucherpage/confirm_your_identity.go @@ -5,6 +5,7 @@ import ( "github.com/ministryofjustice/opg-go-common/template" "github.com/ministryofjustice/opg-modernising-lpa/internal/appcontext" + "github.com/ministryofjustice/opg-modernising-lpa/internal/lpastore/lpadata" "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" "github.com/ministryofjustice/opg-modernising-lpa/internal/voucher/voucherdata" ) @@ -13,13 +14,20 @@ type confirmYourIdentityData struct { App appcontext.Data Errors validation.List LowConfidenceEnabled bool + Lpa *lpadata.Lpa } -func ConfirmYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { +func ConfirmYourIdentity(tmpl template.Template, lowConfidenceEnabled bool, lpaStoreResolvingService LpaStoreResolvingService) Handler { return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *voucherdata.Provided) error { + lpa, err := lpaStoreResolvingService.Get(r.Context()) + if err != nil { + return err + } + return tmpl(w, &confirmYourIdentityData{ App: appData, LowConfidenceEnabled: lowConfidenceEnabled, + Lpa: lpa, }) } } diff --git a/internal/voucher/voucherpage/confirm_your_identity_test.go b/internal/voucher/voucherpage/confirm_your_identity_test.go index 2ae615f274..72ddecb362 100644 --- a/internal/voucher/voucherpage/confirm_your_identity_test.go +++ b/internal/voucher/voucherpage/confirm_your_identity_test.go @@ -6,6 +6,7 @@ import ( "net/http/httptest" "testing" + "github.com/ministryofjustice/opg-modernising-lpa/internal/lpastore/lpadata" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" ) @@ -20,16 +21,24 @@ func TestConfirmYourIdentity(t *testing.T) { w := httptest.NewRecorder() r, _ := http.NewRequest(http.MethodGet, "/", nil) + lpa := &lpadata.Lpa{LpaID: "lpa-id"} + + resolvingService := newMockLpaStoreResolvingService(t) + resolvingService.EXPECT(). + Get(r.Context()). + Return(lpa, nil) + template := newMockTemplate(t) template.EXPECT(). Execute(w, &confirmYourIdentityData{ App: testAppData, Errors: nil, LowConfidenceEnabled: enabled, + Lpa: lpa, }). Return(nil) - err := ConfirmYourIdentity(template.Execute, enabled)(testAppData, w, r, nil) + err := ConfirmYourIdentity(template.Execute, enabled, resolvingService)(testAppData, w, r, nil) resp := w.Result() assert.Nil(t, err) @@ -38,16 +47,37 @@ func TestConfirmYourIdentity(t *testing.T) { } } +func TestConfirmYourIdentityResolvingServiceError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + resolvingService := newMockLpaStoreResolvingService(t) + resolvingService.EXPECT(). + Get(r.Context()). + Return(nil, expectedError) + + err := ConfirmYourIdentity(nil, true, resolvingService)(testAppData, w, r, nil) + resp := w.Result() + + assert.Error(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} + func TestConfirmYourIdentityTemplateError(t *testing.T) { w := httptest.NewRecorder() r, _ := http.NewRequest(http.MethodGet, "/", nil) + resolvingService := newMockLpaStoreResolvingService(t) + resolvingService.EXPECT(). + Get(r.Context()). + Return(nil, nil) + template := newMockTemplate(t) template.EXPECT(). Execute(mock.Anything, mock.Anything). Return(expectedError) - err := ConfirmYourIdentity(template.Execute, true)(testAppData, w, r, nil) + err := ConfirmYourIdentity(template.Execute, true, resolvingService)(testAppData, w, r, nil) resp := w.Result() assert.Error(t, err) diff --git a/internal/voucher/voucherpage/register.go b/internal/voucher/voucherpage/register.go index c495260866..43008ccf9b 100644 --- a/internal/voucher/voucherpage/register.go +++ b/internal/voucher/voucherpage/register.go @@ -132,7 +132,7 @@ func Register( Guidance(tmpls.Get("donor_details_do_not_match.gohtml"), lpaStoreResolvingService)) handleVoucher(voucher.PathConfirmYourIdentity, None, - ConfirmYourIdentity(tmpls.Get("confirm_your_identity.gohtml"), lowConfidenceEnabled)) + ConfirmYourIdentity(tmpls.Get("confirm_your_identity.gohtml"), lowConfidenceEnabled, lpaStoreResolvingService)) handleVoucher(voucher.PathIdentityWithOneLogin, None, IdentityWithOneLogin(oneLoginClient, sessionStore, random.String)) handleVoucher(voucher.PathIdentityWithOneLoginCallback, None, From 396a660eccd3b8703bb23ada5a09de4e42d86583 Mon Sep 17 00:00:00 2001 From: Alex Saunders Date: Thu, 19 Sep 2024 17:19:29 +0100 Subject: [PATCH 13/14] MLPAB-2433 define low_confidence_enabled --- terraform/environment/variables.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/environment/variables.tf b/terraform/environment/variables.tf index 3d918fe47a..99cb1ac240 100644 --- a/terraform/environment/variables.tf +++ b/terraform/environment/variables.tf @@ -39,6 +39,7 @@ variable "environments" { notify_is_production = string onelogin_url = string dev_mode = string + low_confidence_enabled = string }) autoscaling = object({ minimum = number From 592af91a0c47e44e1fb38faabc358dc238b837e2 Mon Sep 17 00:00:00 2001 From: Joshua Hawxwell Date: Fri, 20 Sep 2024 15:04:31 +0100 Subject: [PATCH 14/14] Remove feature flagging --- cmd/mlpa/main.go | 5 +- docker/docker-compose.yml | 1 - internal/app/app.go | 4 - internal/app/app_test.go | 2 +- .../identity_with_one_login_test.go | 95 ++++++++----------- .../prove_your_identity.go | 25 ----- .../prove_your_identity_test.go | 55 ----------- .../certificateproviderpage/register.go | 3 +- .../certificateproviderpage/register_test.go | 2 +- .../donorpage/identity_with_one_login_test.go | 95 ++++++++----------- .../donor/donorpage/prove_your_identity.go | 25 ----- .../donorpage/prove_your_identity_test.go | 55 ----------- internal/donor/donorpage/register.go | 3 +- internal/donor/donorpage/register_test.go | 2 +- internal/onelogin/client.go | 33 +++---- internal/onelogin/client_test.go | 37 +++----- .../voucherpage/confirm_your_identity.go | 33 ------- .../voucherpage/confirm_your_identity_test.go | 85 ----------------- .../identity_with_one_login_test.go | 95 ++++++++----------- internal/voucher/voucherpage/register.go | 3 +- internal/voucher/voucherpage/register_test.go | 2 +- .../environment/region/modules/app/ecs.tf | 4 - terraform/environment/terraform.tfvars.json | 24 ++--- terraform/environment/variables.tf | 1 - .../prove_your_identity.gohtml | 10 +- web/template/donor/prove_your_identity.gohtml | 10 +- .../voucher/confirm_your_identity.gohtml | 8 -- 27 files changed, 155 insertions(+), 562 deletions(-) delete mode 100644 internal/certificateprovider/certificateproviderpage/prove_your_identity.go delete mode 100644 internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go delete mode 100644 internal/donor/donorpage/prove_your_identity.go delete mode 100644 internal/donor/donorpage/prove_your_identity_test.go delete mode 100644 internal/voucher/voucherpage/confirm_your_identity.go delete mode 100644 internal/voucher/voucherpage/confirm_your_identity_test.go diff --git a/cmd/mlpa/main.go b/cmd/mlpa/main.go index 9771a960d5..f731637c25 100644 --- a/cmd/mlpa/main.go +++ b/cmd/mlpa/main.go @@ -116,7 +116,6 @@ func run(ctx context.Context, logger *slog.Logger) error { searchIndexName = cmp.Or(os.Getenv("SEARCH_INDEX_NAME"), "lpas") searchIndexingEnabled = os.Getenv("SEARCH_INDEXING_DISABLED") != "1" scheduledRunnerPeriod = cmp.Or(os.Getenv("SCHEDULED_RUNNER_PERIOD"), "6h") - lowConfidenceEnabled = os.Getenv("LOW_CONFIDENCE_ENABLED") == "1" ) scheduledRunnerPeriodDur, err := time.ParseDuration(scheduledRunnerPeriod) @@ -244,7 +243,7 @@ func run(ctx context.Context, logger *slog.Logger) error { redirectURL := authRedirectBaseURL + page.PathAuthRedirect.Format() - oneloginClient := onelogin.New(ctx, logger, httpClient, secretsClient, issuer, identityURL, clientID, redirectURL, lowConfidenceEnabled) + oneloginClient := onelogin.New(ctx, logger, httpClient, secretsClient, issuer, identityURL, clientID, redirectURL) payApiKey, err := secretsClient.Secret(ctx, secrets.GovUkPay) if err != nil { @@ -312,7 +311,6 @@ func run(ctx context.Context, logger *slog.Logger) error { eventClient, lpaStoreClient, searchClient, - lowConfidenceEnabled, ))) mux.Handle("/", app.App( @@ -337,7 +335,6 @@ func run(ctx context.Context, logger *slog.Logger) error { eventClient, lpaStoreClient, searchClient, - lowConfidenceEnabled, )) var handler http.Handler = mux diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 6a5dfcc6b6..4609204660 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -28,7 +28,6 @@ services: - SEARCH_INDEXING_ENABLED=1 - DEV_MODE=1 - SCHEDULED_RUNNER_PERIOD=1m - - LOW_CONFIDENCE_ENABLED=1 event-logger: build: diff --git a/internal/app/app.go b/internal/app/app.go index c107447a72..ac93fa5696 100644 --- a/internal/app/app.go +++ b/internal/app/app.go @@ -97,7 +97,6 @@ func App( eventClient *event.Client, lpaStoreClient *lpastore.Client, searchClient *search.Client, - lowConfidenceEnabled bool, ) http.Handler { documentStore := document.NewStore(lpaDynamoClient, s3Client, eventClient) @@ -172,7 +171,6 @@ func App( notifyClient, appPublicURL, donorStore, - lowConfidenceEnabled, ) supporterpage.Register( @@ -211,7 +209,6 @@ func App( lpaStoreResolvingService, donorStore, appPublicURL, - lowConfidenceEnabled, ) attorneypage.Register( @@ -255,7 +252,6 @@ func App( progressTracker, lpaStoreResolvingService, scheduledStore, - lowConfidenceEnabled, ) return withAppData(page.ValidateCsrf(rootMux, sessionStore, random.String, errorHandler), localizer, lang) diff --git a/internal/app/app_test.go b/internal/app/app_test.go index eb0a4c3d12..2f6bae297d 100644 --- a/internal/app/app_test.go +++ b/internal/app/app_test.go @@ -94,7 +94,7 @@ func (m *mockDynamoClient) ExpectOneByPK(ctx, pk, data interface{}, err error) { } func TestApp(t *testing.T) { - app := App(true, &slog.Logger{}, &localize.Localizer{}, localize.En, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, nil, nil, "http://public.url", &pay.Client{}, ¬ify.Client{}, &place.Client{}, &onelogin.Client{}, nil, nil, nil, &search.Client{}, true) + app := App(true, &slog.Logger{}, &localize.Localizer{}, localize.En, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, template.Templates{}, nil, nil, "http://public.url", &pay.Client{}, ¬ify.Client{}, &place.Client{}, &onelogin.Client{}, nil, nil, nil, &search.Client{}) assert.Implements(t, (*http.Handler)(nil), app) } diff --git a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go index 544a877418..b90585b8a0 100644 --- a/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go +++ b/internal/certificateprovider/certificateproviderpage/identity_with_one_login_test.go @@ -10,6 +10,7 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/localize" "github.com/ministryofjustice/opg-modernising-lpa/internal/sesh" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" ) func TestIdentityWithOneLogin(t *testing.T) { @@ -34,61 +35,39 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } -//func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(expectedError) -// -// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} -// -//func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(nil) -// client.EXPECT(). -// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). -// Return("http://auth?locale=en", expectedError) -// -// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} -// -//func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(nil) -// client.EXPECT(). -// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). -// Return("http://auth?locale=en", nil) -// -// sessionStore := newMockSessionStore(t) -// sessionStore.EXPECT(). -// SetOneLogin(r, w, mock.Anything). -// Return(expectedError) -// -// err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} +func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + AuthCodeURL("i am random", "i am random", "", true). + Return("http://auth?locale=en", expectedError) + + err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} + +func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + AuthCodeURL("i am random", "i am random", "", true). + Return("http://auth?locale=en", nil) + + sessionStore := newMockSessionStore(t) + sessionStore.EXPECT(). + SetOneLogin(r, w, mock.Anything). + Return(expectedError) + + err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} diff --git a/internal/certificateprovider/certificateproviderpage/prove_your_identity.go b/internal/certificateprovider/certificateproviderpage/prove_your_identity.go deleted file mode 100644 index d1a11bb1d2..0000000000 --- a/internal/certificateprovider/certificateproviderpage/prove_your_identity.go +++ /dev/null @@ -1,25 +0,0 @@ -package certificateproviderpage - -import ( - "net/http" - - "github.com/ministryofjustice/opg-go-common/template" - "github.com/ministryofjustice/opg-modernising-lpa/internal/appcontext" - "github.com/ministryofjustice/opg-modernising-lpa/internal/certificateprovider/certificateproviderdata" - "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" -) - -type proveYourIdentityData struct { - App appcontext.Data - Errors validation.List - LowConfidenceEnabled bool -} - -func ProveYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { - return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, certificateProvider *certificateproviderdata.Provided) error { - return tmpl(w, &proveYourIdentityData{ - App: appData, - LowConfidenceEnabled: lowConfidenceEnabled, - }) - } -} diff --git a/internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go b/internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go deleted file mode 100644 index 7602a1f148..0000000000 --- a/internal/certificateprovider/certificateproviderpage/prove_your_identity_test.go +++ /dev/null @@ -1,55 +0,0 @@ -package certificateproviderpage - -import ( - "fmt" - "net/http" - "net/http/httptest" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" -) - -func TestConfirmYourIdentity(t *testing.T) { - testcases := []bool{ - true, false, - } - - for _, enabled := range testcases { - t.Run(fmt.Sprintf("enabled=%t", enabled), func(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - template := newMockTemplate(t) - template.EXPECT(). - Execute(w, &proveYourIdentityData{ - App: testAppData, - Errors: nil, - LowConfidenceEnabled: enabled, - }). - Return(nil) - - err := ProveYourIdentity(template.Execute, enabled)(testAppData, w, r, nil) - resp := w.Result() - - assert.Nil(t, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) - }) - } -} - -func TestConfirmYourIdentityTemplateError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - template := newMockTemplate(t) - template.EXPECT(). - Execute(mock.Anything, mock.Anything). - Return(expectedError) - - err := ProveYourIdentity(template.Execute, true)(testAppData, w, r, nil) - resp := w.Result() - - assert.Error(t, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} diff --git a/internal/certificateprovider/certificateproviderpage/register.go b/internal/certificateprovider/certificateproviderpage/register.go index 6fbb000814..417fa89513 100644 --- a/internal/certificateprovider/certificateproviderpage/register.go +++ b/internal/certificateprovider/certificateproviderpage/register.go @@ -123,7 +123,6 @@ func Register( lpaStoreResolvingService LpaStoreResolvingService, donorStore DonorStore, appPublicURL string, - lowConfidenceEnabled bool, ) { handleRoot := makeHandle(rootMux, errorHandler) @@ -158,7 +157,7 @@ func Register( Guidance(tmpls.Get("your_role.gohtml"), lpaStoreResolvingService)) handleCertificateProvider(certificateprovider.PathProveYourIdentity, page.None, - ProveYourIdentity(tmpls.Get("prove_your_identity.gohtml"), lowConfidenceEnabled)) + Guidance(tmpls.Get("prove_your_identity.gohtml"), nil)) handleCertificateProvider(certificateprovider.PathIdentityWithOneLogin, page.None, IdentityWithOneLogin(oneLoginClient, sessionStore, random.String)) handleCertificateProvider(certificateprovider.PathIdentityWithOneLoginCallback, page.None, diff --git a/internal/certificateprovider/certificateproviderpage/register_test.go b/internal/certificateprovider/certificateproviderpage/register_test.go index 6bec685b96..a3d256bd05 100644 --- a/internal/certificateprovider/certificateproviderpage/register_test.go +++ b/internal/certificateprovider/certificateproviderpage/register_test.go @@ -24,7 +24,7 @@ import ( func TestRegister(t *testing.T) { mux := http.NewServeMux() - Register(mux, &slog.Logger{}, template.Templates{}, template.Templates{}, nil, &onelogin.Client{}, nil, nil, nil, &place.Client{}, ¬ify.Client{}, nil, &mockDashboardStore{}, &lpastore.Client{}, &lpastore.ResolvingService{}, &mockDonorStore{}, "publicURL", true) + Register(mux, &slog.Logger{}, template.Templates{}, template.Templates{}, nil, &onelogin.Client{}, nil, nil, nil, &place.Client{}, ¬ify.Client{}, nil, &mockDashboardStore{}, &lpastore.Client{}, &lpastore.ResolvingService{}, &mockDonorStore{}, "publicURL") assert.Implements(t, (*http.Handler)(nil), mux) } diff --git a/internal/donor/donorpage/identity_with_one_login_test.go b/internal/donor/donorpage/identity_with_one_login_test.go index 978483c2d4..0aae25f0cc 100644 --- a/internal/donor/donorpage/identity_with_one_login_test.go +++ b/internal/donor/donorpage/identity_with_one_login_test.go @@ -11,6 +11,7 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/localize" "github.com/ministryofjustice/opg-modernising-lpa/internal/sesh" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" ) func TestIdentityWithOneLogin(t *testing.T) { @@ -35,61 +36,39 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } -//func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(expectedError) -// -// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} -// -//func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(nil) -// client.EXPECT(). -// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). -// Return("http://auth?locale=en", expectedError) -// -// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} -// -//func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(nil) -// client.EXPECT(). -// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). -// Return("http://auth?locale=en", nil) -// -// sessionStore := newMockSessionStore(t) -// sessionStore.EXPECT(). -// SetOneLogin(r, w, mock.Anything). -// Return(expectedError) -// -// err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} +func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + AuthCodeURL("i am random", "i am random", "", true). + Return("http://auth?locale=en", expectedError) + + err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} + +func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + AuthCodeURL("i am random", "i am random", "", true). + Return("http://auth?locale=en", nil) + + sessionStore := newMockSessionStore(t) + sessionStore.EXPECT(). + SetOneLogin(r, w, mock.Anything). + Return(expectedError) + + err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, &donordata.Provided{}) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} diff --git a/internal/donor/donorpage/prove_your_identity.go b/internal/donor/donorpage/prove_your_identity.go deleted file mode 100644 index 7edc6f6f12..0000000000 --- a/internal/donor/donorpage/prove_your_identity.go +++ /dev/null @@ -1,25 +0,0 @@ -package donorpage - -import ( - "net/http" - - "github.com/ministryofjustice/opg-go-common/template" - "github.com/ministryofjustice/opg-modernising-lpa/internal/appcontext" - "github.com/ministryofjustice/opg-modernising-lpa/internal/donor/donordata" - "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" -) - -type proveYourIdentityData struct { - App appcontext.Data - Errors validation.List - LowConfidenceEnabled bool -} - -func ProveYourIdentity(tmpl template.Template, lowConfidenceEnabled bool) Handler { - return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, provided *donordata.Provided) error { - return tmpl(w, &proveYourIdentityData{ - App: appData, - LowConfidenceEnabled: lowConfidenceEnabled, - }) - } -} diff --git a/internal/donor/donorpage/prove_your_identity_test.go b/internal/donor/donorpage/prove_your_identity_test.go deleted file mode 100644 index 0662ad4404..0000000000 --- a/internal/donor/donorpage/prove_your_identity_test.go +++ /dev/null @@ -1,55 +0,0 @@ -package donorpage - -import ( - "fmt" - "net/http" - "net/http/httptest" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" -) - -func TestConfirmYourIdentity(t *testing.T) { - testcases := []bool{ - true, false, - } - - for _, enabled := range testcases { - t.Run(fmt.Sprintf("enabled=%t", enabled), func(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - template := newMockTemplate(t) - template.EXPECT(). - Execute(w, &proveYourIdentityData{ - App: testAppData, - Errors: nil, - LowConfidenceEnabled: enabled, - }). - Return(nil) - - err := ProveYourIdentity(template.Execute, enabled)(testAppData, w, r, nil) - resp := w.Result() - - assert.Nil(t, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) - }) - } -} - -func TestConfirmYourIdentityTemplateError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - template := newMockTemplate(t) - template.EXPECT(). - Execute(mock.Anything, mock.Anything). - Return(expectedError) - - err := ProveYourIdentity(template.Execute, true)(testAppData, w, r, nil) - resp := w.Result() - - assert.Error(t, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} diff --git a/internal/donor/donorpage/register.go b/internal/donor/donorpage/register.go index 448725e04c..02e398934d 100644 --- a/internal/donor/donorpage/register.go +++ b/internal/donor/donorpage/register.go @@ -193,7 +193,6 @@ func Register( progressTracker ProgressTracker, lpaStoreResolvingService LpaStoreResolvingService, scheduledStore ScheduledStore, - lowConfidenceEnabled bool, ) { payer := Pay(logger, sessionStore, donorStore, payClient, random.String, appPublicURL) @@ -388,7 +387,7 @@ func Register( handleWithDonor(donor.PathHowToConfirmYourIdentityAndSign, page.None, Guidance(tmpls.Get("how_to_confirm_your_identity_and_sign.gohtml"))) handleWithDonor(donor.PathProveYourIdentity, page.CanGoBack, - ProveYourIdentity(tmpls.Get("prove_your_identity.gohtml"), lowConfidenceEnabled)) + Guidance(tmpls.Get("prove_your_identity.gohtml"))) handleWithDonor(donor.PathIdentityWithOneLogin, page.CanGoBack, IdentityWithOneLogin(oneLoginClient, sessionStore, random.String)) handleWithDonor(donor.PathIdentityWithOneLoginCallback, page.CanGoBack, diff --git a/internal/donor/donorpage/register_test.go b/internal/donor/donorpage/register_test.go index e4443889db..004b298fa9 100644 --- a/internal/donor/donorpage/register_test.go +++ b/internal/donor/donorpage/register_test.go @@ -27,7 +27,7 @@ import ( func TestRegister(t *testing.T) { mux := http.NewServeMux() - Register(mux, &slog.Logger{}, template.Templates{}, &mockSessionStore{}, &mockDonorStore{}, &onelogin.Client{}, &place.Client{}, "http://example.org", &pay.Client{}, &mockShareCodeSender{}, &mockWitnessCodeSender{}, nil, &mockCertificateProviderStore{}, &mockNotifyClient{}, &mockEvidenceReceivedStore{}, &mockDocumentStore{}, &mockEventClient{}, &mockDashboardStore{}, &mockLpaStoreClient{}, &mockShareCodeStore{}, &mockProgressTracker{}, &lpastore.ResolvingService{}, &mockScheduledStore{}, true) + Register(mux, &slog.Logger{}, template.Templates{}, &mockSessionStore{}, &mockDonorStore{}, &onelogin.Client{}, &place.Client{}, "http://example.org", &pay.Client{}, &mockShareCodeSender{}, &mockWitnessCodeSender{}, nil, &mockCertificateProviderStore{}, &mockNotifyClient{}, &mockEvidenceReceivedStore{}, &mockDocumentStore{}, &mockEventClient{}, &mockDashboardStore{}, &mockLpaStoreClient{}, &mockShareCodeStore{}, &mockProgressTracker{}, &lpastore.ResolvingService{}, &mockScheduledStore{}) assert.Implements(t, (*http.Handler)(nil), mux) } diff --git a/internal/onelogin/client.go b/internal/onelogin/client.go index 01bbe62953..9c4aa5400e 100644 --- a/internal/onelogin/client.go +++ b/internal/onelogin/client.go @@ -36,23 +36,21 @@ type Client struct { randomString func(int) string didClient *didClient - clientID string - redirectURL string - lowConfidenceEnabled bool + clientID string + redirectURL string } -func New(ctx context.Context, logger Logger, httpClient *http.Client, secretsClient SecretsClient, issuer, identityURL, clientID, redirectURL string, lowConfidenceEnabled bool) *Client { +func New(ctx context.Context, logger Logger, httpClient *http.Client, secretsClient SecretsClient, issuer, identityURL, clientID, redirectURL string) *Client { return &Client{ - ctx: ctx, - logger: logger, - httpClient: httpClient, - secretsClient: secretsClient, - randomString: random.String, - clientID: clientID, - redirectURL: redirectURL, - openidConfiguration: getConfiguration(ctx, logger, httpClient, issuer), - didClient: getDID(ctx, logger, httpClient, identityURL), - lowConfidenceEnabled: lowConfidenceEnabled, + ctx: ctx, + logger: logger, + httpClient: httpClient, + secretsClient: secretsClient, + randomString: random.String, + clientID: clientID, + redirectURL: redirectURL, + openidConfiguration: getConfiguration(ctx, logger, httpClient, issuer), + didClient: getDID(ctx, logger, httpClient, identityURL), } } @@ -68,12 +66,7 @@ func (c *Client) AuthCodeURL(state, nonce, locale string, identity bool) (string } if identity { - vtr := `["Cl.Cm.P2"]` - if c.lowConfidenceEnabled { - vtr = `["Cl.Cm.P1"]` - } - - q.Add("vtr", vtr) + q.Add("vtr", `["Cl.Cm.P1"]`) q.Add("claims", `{"userinfo":{"https://vocab.account.gov.uk/v1/coreIdentityJWT": null,"https://vocab.account.gov.uk/v1/returnCode": null,"https://vocab.account.gov.uk/v1/address": null}}`) } diff --git a/internal/onelogin/client_test.go b/internal/onelogin/client_test.go index 114a76c938..4f1ae35552 100644 --- a/internal/onelogin/client_test.go +++ b/internal/onelogin/client_test.go @@ -2,7 +2,6 @@ package onelogin import ( "context" - "fmt" "net/http" "net/http/httptest" "testing" @@ -29,31 +28,21 @@ func TestAuthCodeURL(t *testing.T) { } func TestAuthCodeURLForIdentity(t *testing.T) { - testcases := map[bool]string{ - true: "vtr=%5B%22Cl.Cm.P1%22%5D", - false: "vtr=%5B%22Cl.Cm.P2%22%5D", - } + expected := "http://auth?claims=%7B%22userinfo%22%3A%7B%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FcoreIdentityJWT%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FreturnCode%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2Faddress%22%3A+null%7D%7D&client_id=123&nonce=nonce&redirect_uri=http%3A%2F%2Fredirect&response_type=code&scope=openid+email&state=state&ui_locales=cy&vtr=%5B%22Cl.Cm.P1%22%5D" - for lowConfidenceEnabled, expectedVTR := range testcases { - t.Run(fmt.Sprintf("lowConfidenceEnabled=%t", lowConfidenceEnabled), func(t *testing.T) { - expected := "http://auth?claims=%7B%22userinfo%22%3A%7B%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FcoreIdentityJWT%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2FreturnCode%22%3A+null%2C%22https%3A%2F%2Fvocab.account.gov.uk%2Fv1%2Faddress%22%3A+null%7D%7D&client_id=123&nonce=nonce&redirect_uri=http%3A%2F%2Fredirect&response_type=code&scope=openid+email&state=state&ui_locales=cy&" + expectedVTR - - c := &Client{ - redirectURL: "http://redirect", - clientID: "123", - openidConfiguration: &configurationClient{ - currentConfiguration: &openidConfiguration{ - AuthorizationEndpoint: "http://auth", - }, - }, - lowConfidenceEnabled: lowConfidenceEnabled, - } - actual, err := c.AuthCodeURL("state", "nonce", "cy", true) - - assert.Nil(t, err) - assert.Equal(t, expected, actual) - }) + c := &Client{ + redirectURL: "http://redirect", + clientID: "123", + openidConfiguration: &configurationClient{ + currentConfiguration: &openidConfiguration{ + AuthorizationEndpoint: "http://auth", + }, + }, } + actual, err := c.AuthCodeURL("state", "nonce", "cy", true) + + assert.Nil(t, err) + assert.Equal(t, expected, actual) } func TestAuthCodeURLWhenConfigurationMissing(t *testing.T) { diff --git a/internal/voucher/voucherpage/confirm_your_identity.go b/internal/voucher/voucherpage/confirm_your_identity.go deleted file mode 100644 index 02ab5cd93c..0000000000 --- a/internal/voucher/voucherpage/confirm_your_identity.go +++ /dev/null @@ -1,33 +0,0 @@ -package voucherpage - -import ( - "net/http" - - "github.com/ministryofjustice/opg-go-common/template" - "github.com/ministryofjustice/opg-modernising-lpa/internal/appcontext" - "github.com/ministryofjustice/opg-modernising-lpa/internal/lpastore/lpadata" - "github.com/ministryofjustice/opg-modernising-lpa/internal/validation" - "github.com/ministryofjustice/opg-modernising-lpa/internal/voucher/voucherdata" -) - -type confirmYourIdentityData struct { - App appcontext.Data - Errors validation.List - LowConfidenceEnabled bool - Lpa *lpadata.Lpa -} - -func ConfirmYourIdentity(tmpl template.Template, lowConfidenceEnabled bool, lpaStoreResolvingService LpaStoreResolvingService) Handler { - return func(appData appcontext.Data, w http.ResponseWriter, r *http.Request, _ *voucherdata.Provided) error { - lpa, err := lpaStoreResolvingService.Get(r.Context()) - if err != nil { - return err - } - - return tmpl(w, &confirmYourIdentityData{ - App: appData, - LowConfidenceEnabled: lowConfidenceEnabled, - Lpa: lpa, - }) - } -} diff --git a/internal/voucher/voucherpage/confirm_your_identity_test.go b/internal/voucher/voucherpage/confirm_your_identity_test.go deleted file mode 100644 index 72ddecb362..0000000000 --- a/internal/voucher/voucherpage/confirm_your_identity_test.go +++ /dev/null @@ -1,85 +0,0 @@ -package voucherpage - -import ( - "fmt" - "net/http" - "net/http/httptest" - "testing" - - "github.com/ministryofjustice/opg-modernising-lpa/internal/lpastore/lpadata" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" -) - -func TestConfirmYourIdentity(t *testing.T) { - testcases := []bool{ - true, false, - } - - for _, enabled := range testcases { - t.Run(fmt.Sprintf("enabled=%t", enabled), func(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - lpa := &lpadata.Lpa{LpaID: "lpa-id"} - - resolvingService := newMockLpaStoreResolvingService(t) - resolvingService.EXPECT(). - Get(r.Context()). - Return(lpa, nil) - - template := newMockTemplate(t) - template.EXPECT(). - Execute(w, &confirmYourIdentityData{ - App: testAppData, - Errors: nil, - LowConfidenceEnabled: enabled, - Lpa: lpa, - }). - Return(nil) - - err := ConfirmYourIdentity(template.Execute, enabled, resolvingService)(testAppData, w, r, nil) - resp := w.Result() - - assert.Nil(t, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) - }) - } -} - -func TestConfirmYourIdentityResolvingServiceError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - resolvingService := newMockLpaStoreResolvingService(t) - resolvingService.EXPECT(). - Get(r.Context()). - Return(nil, expectedError) - - err := ConfirmYourIdentity(nil, true, resolvingService)(testAppData, w, r, nil) - resp := w.Result() - - assert.Error(t, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} - -func TestConfirmYourIdentityTemplateError(t *testing.T) { - w := httptest.NewRecorder() - r, _ := http.NewRequest(http.MethodGet, "/", nil) - - resolvingService := newMockLpaStoreResolvingService(t) - resolvingService.EXPECT(). - Get(r.Context()). - Return(nil, nil) - - template := newMockTemplate(t) - template.EXPECT(). - Execute(mock.Anything, mock.Anything). - Return(expectedError) - - err := ConfirmYourIdentity(template.Execute, true, resolvingService)(testAppData, w, r, nil) - resp := w.Result() - - assert.Error(t, err) - assert.Equal(t, http.StatusOK, resp.StatusCode) -} diff --git a/internal/voucher/voucherpage/identity_with_one_login_test.go b/internal/voucher/voucherpage/identity_with_one_login_test.go index ec65b0ad08..8785a77d28 100644 --- a/internal/voucher/voucherpage/identity_with_one_login_test.go +++ b/internal/voucher/voucherpage/identity_with_one_login_test.go @@ -10,6 +10,7 @@ import ( "github.com/ministryofjustice/opg-modernising-lpa/internal/sesh" "github.com/ministryofjustice/opg-modernising-lpa/internal/voucher" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" ) func TestIdentityWithOneLogin(t *testing.T) { @@ -34,61 +35,39 @@ func TestIdentityWithOneLogin(t *testing.T) { assert.Equal(t, "http://auth", resp.Header.Get("Location")) } -//func TestIdentityWithOneLoginWhenFeatureFlagError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(expectedError) -// -// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} -// -//func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(nil) -// client.EXPECT(). -// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). -// Return("http://auth?locale=en", expectedError) -// -// err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} -// -//func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { -// w := httptest.NewRecorder() -// r, _ := http.NewRequest(http.MethodGet, "/", nil) -// -// client := newMockOneLoginClient(t) -// client.EXPECT(). -// EnableLowConfidenceFeatureFlag(mock.Anything). -// Return(nil) -// client.EXPECT(). -// AuthCodeURL(mock.Anything, mock.Anything, mock.Anything, mock.Anything). -// Return("http://auth?locale=en", nil) -// -// sessionStore := newMockSessionStore(t) -// sessionStore.EXPECT(). -// SetOneLogin(r, w, mock.Anything). -// Return(expectedError) -// -// err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) -// resp := w.Result() -// -// assert.Equal(t, expectedError, err) -// assert.Equal(t, http.StatusOK, resp.StatusCode) -//} +func TestIdentityWithOneLoginWhenAuthCodeURLError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + AuthCodeURL("i am random", "i am random", "", true). + Return("http://auth?locale=en", expectedError) + + err := IdentityWithOneLogin(client, nil, func(int) string { return "i am random" })(testAppData, w, r, nil) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} + +func TestIdentityWithOneLoginWhenStoreSaveError(t *testing.T) { + w := httptest.NewRecorder() + r, _ := http.NewRequest(http.MethodGet, "/", nil) + + client := newMockOneLoginClient(t) + client.EXPECT(). + AuthCodeURL("i am random", "i am random", "", true). + Return("http://auth?locale=en", nil) + + sessionStore := newMockSessionStore(t) + sessionStore.EXPECT(). + SetOneLogin(r, w, mock.Anything). + Return(expectedError) + + err := IdentityWithOneLogin(client, sessionStore, func(int) string { return "i am random" })(testAppData, w, r, nil) + resp := w.Result() + + assert.Equal(t, expectedError, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) +} diff --git a/internal/voucher/voucherpage/register.go b/internal/voucher/voucherpage/register.go index 43008ccf9b..a5f26a5119 100644 --- a/internal/voucher/voucherpage/register.go +++ b/internal/voucher/voucherpage/register.go @@ -101,7 +101,6 @@ func Register( notifyClient NotifyClient, appPublicURL string, donorStore DonorStore, - lowConfidenceEnabled bool, ) { handleRoot := makeHandle(rootMux, sessionStore, errorHandler) @@ -132,7 +131,7 @@ func Register( Guidance(tmpls.Get("donor_details_do_not_match.gohtml"), lpaStoreResolvingService)) handleVoucher(voucher.PathConfirmYourIdentity, None, - ConfirmYourIdentity(tmpls.Get("confirm_your_identity.gohtml"), lowConfidenceEnabled, lpaStoreResolvingService)) + Guidance(tmpls.Get("confirm_your_identity.gohtml"), lpaStoreResolvingService)) handleVoucher(voucher.PathIdentityWithOneLogin, None, IdentityWithOneLogin(oneLoginClient, sessionStore, random.String)) handleVoucher(voucher.PathIdentityWithOneLoginCallback, None, diff --git a/internal/voucher/voucherpage/register_test.go b/internal/voucher/voucherpage/register_test.go index 07c5497119..639abf4430 100644 --- a/internal/voucher/voucherpage/register_test.go +++ b/internal/voucher/voucherpage/register_test.go @@ -19,7 +19,7 @@ import ( func TestRegister(t *testing.T) { mux := http.NewServeMux() - Register(mux, &mockLogger{}, template.Templates{}, &mockSessionStore{}, &mockVoucherStore{}, &mockOneLoginClient{}, &mockShareCodeStore{}, &mockDashboardStore{}, nil, &mockLpaStoreResolvingService{}, &mockNotifyClient{}, "http://app", &mockDonorStore{}, true) + Register(mux, &mockLogger{}, template.Templates{}, &mockSessionStore{}, &mockVoucherStore{}, &mockOneLoginClient{}, &mockShareCodeStore{}, &mockDashboardStore{}, nil, &mockLpaStoreResolvingService{}, &mockNotifyClient{}, "http://app", &mockDonorStore{}) assert.Implements(t, (*http.Handler)(nil), mux) } diff --git a/terraform/environment/region/modules/app/ecs.tf b/terraform/environment/region/modules/app/ecs.tf index ca577fe1dd..dc754c7612 100644 --- a/terraform/environment/region/modules/app/ecs.tf +++ b/terraform/environment/region/modules/app/ecs.tf @@ -493,10 +493,6 @@ locals { name = "JWT_KEY_SECRET_ARN", value = data.aws_secretsmanager_secret.lpa_store_jwt_key.arn }, - { - name = "LOW_CONFIDENCE_ENABLED", - value = var.app_env_vars.low_confidence_enabled - }, ] } ) diff --git a/terraform/environment/terraform.tfvars.json b/terraform/environment/terraform.tfvars.json index d34e82482d..9e9a5d484c 100644 --- a/terraform/environment/terraform.tfvars.json +++ b/terraform/environment/terraform.tfvars.json @@ -13,8 +13,7 @@ "auth_redirect_base_url": "https://demo.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1", - "low_confidence_enabled": "1" + "dev_mode": "1" }, "autoscaling": { "minimum": 1, @@ -99,8 +98,7 @@ "auth_redirect_base_url": "https://demo.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1", - "low_confidence_enabled": "1" + "dev_mode": "1" }, "autoscaling": { "minimum": 1, @@ -185,8 +183,7 @@ "auth_redirect_base_url": "https://demo.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1", - "low_confidence_enabled": "0" + "dev_mode": "1" }, "autoscaling": { "minimum": 1, @@ -271,8 +268,7 @@ "auth_redirect_base_url": "https://codesign.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1", - "low_confidence_enabled": "0" + "dev_mode": "1" }, "autoscaling": { "minimum": 1, @@ -357,8 +353,7 @@ "auth_redirect_base_url": "https://ur.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1", - "low_confidence_enabled": "0" + "dev_mode": "1" }, "autoscaling": { "minimum": 1, @@ -443,8 +438,7 @@ "auth_redirect_base_url": "https://ur2.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "1", - "low_confidence_enabled": "0" + "dev_mode": "1" }, "autoscaling": { "minimum": 1, @@ -529,8 +523,7 @@ "auth_redirect_base_url": "https://preproduction.app.modernising.opg.service.justice.gov.uk", "notify_is_production": "1", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "", - "low_confidence_enabled": "1" + "dev_mode": "" }, "autoscaling": { "minimum": 1, @@ -615,8 +608,7 @@ "auth_redirect_base_url": "https://app.modernising.opg.service.justice.gov.uk", "notify_is_production": "1", "onelogin_url": "https://home.integration.account.gov.uk", - "dev_mode": "", - "low_confidence_enabled": "1" + "dev_mode": "" }, "autoscaling": { "minimum": 1, diff --git a/terraform/environment/variables.tf b/terraform/environment/variables.tf index 99cb1ac240..3d918fe47a 100644 --- a/terraform/environment/variables.tf +++ b/terraform/environment/variables.tf @@ -39,7 +39,6 @@ variable "environments" { notify_is_production = string onelogin_url = string dev_mode = string - low_confidence_enabled = string }) autoscaling = object({ minimum = number diff --git a/web/template/certificateprovider/prove_your_identity.gohtml b/web/template/certificateprovider/prove_your_identity.gohtml index e219922bb6..943af19f84 100644 --- a/web/template/certificateprovider/prove_your_identity.gohtml +++ b/web/template/certificateprovider/prove_your_identity.gohtml @@ -8,17 +8,9 @@

{{ tr .App "proveYourIdentity" }}

{{ tr .App "beforeYouCanProvideYourCertificateForThisLpa" }}

- + {{ trHtml .App "proveYourIdentityContent" }} - {{ if .LowConfidenceEnabled }} -

- - {{ tr .App "Click here before pressing continue to enable low confidence feature flag (opens in a new window)" }} - -

- {{ end }} - {{ template "buttons" (button .App "continue" "link" (global.Paths.CertificateProvider.IdentityWithOneLogin.Format .App.LpaID)) }} {{ end }} diff --git a/web/template/donor/prove_your_identity.gohtml b/web/template/donor/prove_your_identity.gohtml index 9ebb0d9906..048a26c890 100644 --- a/web/template/donor/prove_your_identity.gohtml +++ b/web/template/donor/prove_your_identity.gohtml @@ -8,17 +8,9 @@

{{ tr .App "proveYourIdentity" }}

{{ tr .App "beforeYouSignYourLpa" }}

- + {{ trHtml .App "proveYourIdentityContent" }} - {{ if .LowConfidenceEnabled }} -

- - {{ tr .App "Click here before pressing continue to enable low confidence feature flag (opens in a new window)" }} - -

- {{ end }} - {{ template "buttons" (button .App "continue" "link" (global.Paths.IdentityWithOneLogin.Format .App.LpaID)) }} diff --git a/web/template/voucher/confirm_your_identity.gohtml b/web/template/voucher/confirm_your_identity.gohtml index 317e84fc8f..be67813c20 100644 --- a/web/template/voucher/confirm_your_identity.gohtml +++ b/web/template/voucher/confirm_your_identity.gohtml @@ -10,14 +10,6 @@ {{ trFormatHtml .App "voucherConfirmYourIdentityContent" "DonorFullName" .Lpa.Donor.FullName }} - {{ if .LowConfidenceEnabled }} -

- - {{ tr .App "Click here before pressing continue to enable low confidence feature flag (opens in a new window)" }} - -

- {{ end }} - {{ template "button" (button .App "continue" "link" (global.Paths.Voucher.IdentityWithOneLogin.Format .App.LpaID)) }}