From c5966686d62d8698de577438a917ef87de834e35 Mon Sep 17 00:00:00 2001 From: colin-lamed <9568290+colin-lamed@users.noreply.github.com> Date: Thu, 25 Jul 2019 11:40:10 +0100 Subject: [PATCH] BDOG-237 Fix token forwarding --- .../actions/UmpAuthenticated.scala | 11 +++++++--- .../shuttering/ShutterConnector.scala | 20 +++++++++++-------- .../shuttering/ShutterService.scala | 11 +++++----- .../shuttering/ShutterServiceController.scala | 2 +- .../actions/ActionsSupport.scala | 5 +++-- 5 files changed, 30 insertions(+), 19 deletions(-) diff --git a/app/uk/gov/hmrc/cataloguefrontend/actions/UmpAuthenticated.scala b/app/uk/gov/hmrc/cataloguefrontend/actions/UmpAuthenticated.scala index 38c6438fe..5142df17a 100644 --- a/app/uk/gov/hmrc/cataloguefrontend/actions/UmpAuthenticated.scala +++ b/app/uk/gov/hmrc/cataloguefrontend/actions/UmpAuthenticated.scala @@ -23,12 +23,17 @@ import play.api.mvc._ import uk.gov.hmrc.cataloguefrontend.{ routes => appRoutes } import uk.gov.hmrc.cataloguefrontend.connector.UserManagementAuthConnector import uk.gov.hmrc.cataloguefrontend.connector.UserManagementAuthConnector.UmpToken +import uk.gov.hmrc.http.Token import uk.gov.hmrc.play.HeaderCarrierConverter import play.api.mvc.Results._ import uk.gov.hmrc.http.HeaderCarrier import scala.concurrent.{ExecutionContext, Future} +final case class UmpAuthenticatedRequest[A](request: Request[A], token: Token) + extends WrappedRequest(request) + + /** Creates an Action will only proceed to invoke the action body, if there is a valid [[UmpToken]] in session. * If there isn't, it will short circuit with a Redirect to SignIn page. * @@ -39,15 +44,15 @@ class UmpAuthenticated @Inject()( userManagementAuthConnector: UserManagementAuthConnector, cc : MessagesControllerComponents )(implicit val ec: ExecutionContext) - extends ActionBuilder[Request, AnyContent] { + extends ActionBuilder[UmpAuthenticatedRequest, AnyContent] { - def invokeBlock[A](request: Request[A], block: Request[A] => Future[Result]): Future[Result] = { + def invokeBlock[A](request: Request[A], block: UmpAuthenticatedRequest[A] => Future[Result]): Future[Result] = { implicit val hc: HeaderCarrier = HeaderCarrierConverter.fromHeadersAndSession(request.headers, Some(request.session)) OptionT( request.session.get(UmpToken.SESSION_KEY_NAME) .filterA(token => userManagementAuthConnector.isValid(UmpToken(token))) ) - .semiflatMap(_ => block(request)) + .semiflatMap(token => block(UmpAuthenticatedRequest(request, token = Token(token)))) .getOrElse(Redirect(appRoutes.AuthController.showSignInPage(targetUrl = Some(request.target.uriString).filter(_ => request.method == "GET")))) } diff --git a/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterConnector.scala b/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterConnector.scala index 5684e05d9..b3cce3771 100644 --- a/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterConnector.scala +++ b/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterConnector.scala @@ -18,10 +18,11 @@ package uk.gov.hmrc.cataloguefrontend.shuttering import javax.inject.{Inject, Singleton} import play.api.Logger -import play.api.libs.json.Reads -import uk.gov.hmrc.http.HeaderCarrier +import play.api.libs.json.{Reads, Writes} +import uk.gov.hmrc.http.{HeaderCarrier, HttpReads, Token} import uk.gov.hmrc.play.bootstrap.config.ServicesConfig import uk.gov.hmrc.play.bootstrap.http.HttpClient +import uk.gov.hmrc.http.HttpResponse import scala.concurrent.{ExecutionContext, Future} @@ -81,17 +82,20 @@ class ShutterConnector @Inject()( * Shutters/un-shutters the application in the given environment */ def updateShutterStatus( - appName : String + umpToken : Token + , appName : String , env : Environment , status : ShutterStatus )(implicit hc: HeaderCarrier): Future[Unit] = { implicit val isf = ShutterStatus.format - implicit val ur = new uk.gov.hmrc.http.HttpReads[Unit] { - def read(method: String, url: String, response: uk.gov.hmrc.http.HttpResponse): Unit = () - } - - http.PUT[ShutterStatus, Unit](s"$urlStates/$appName/${env.asString}", status) + http.PUT[ShutterStatus, HttpResponse](s"$urlStates/$appName/${env.asString}", status)( + implicitly[Writes[ShutterStatus]] + , implicitly[HttpReads[HttpResponse]] + , hc.copy(token = Some(umpToken)) + , implicitly[ExecutionContext] + ) + .map(_ => ()) } diff --git a/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterService.scala b/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterService.scala index 6440142ad..c5748d696 100644 --- a/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterService.scala +++ b/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterService.scala @@ -19,7 +19,7 @@ package uk.gov.hmrc.cataloguefrontend.shuttering import java.time.LocalDateTime import javax.inject.{Inject, Singleton} -import uk.gov.hmrc.http.HeaderCarrier +import uk.gov.hmrc.http.{HeaderCarrier, Token} import scala.concurrent.{ExecutionContext, Future} @@ -33,11 +33,12 @@ class ShutterService @Inject()( shutterConnector.shutterStates def updateShutterStatus( - serviceName: String - , env : Environment - , status : ShutterStatus + umpToken : Token + , serviceName: String + , env : Environment + , status : ShutterStatus )(implicit hc: HeaderCarrier): Future[Unit] = - shutterConnector.updateShutterStatus(serviceName, env, status) + shutterConnector.updateShutterStatus(umpToken, serviceName, env, status) def outagePageByAppAndEnv(serviceName: String, env: Environment)(implicit hc: HeaderCarrier): Future[Option[OutagePage]] = shutterConnector.outagePageByAppAndEnv(serviceName, env) diff --git a/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterServiceController.scala b/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterServiceController.scala index 563aa26b2..6862fa97e 100644 --- a/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterServiceController.scala +++ b/app/uk/gov/hmrc/cataloguefrontend/shuttering/ShutterServiceController.scala @@ -242,7 +242,7 @@ class ShutterServiceController @Inject()( _ <- step1Out.serviceNames.toList.traverse_[EitherT[Future, Result, ?], Unit] { serviceName => EitherT.right[Result] { shutterService - .updateShutterStatus(serviceName, step1Out.env, status) + .updateShutterStatus(request.token, serviceName, step1Out.env, status) } } } yield Redirect(appRoutes.ShutterServiceController.step4Get) diff --git a/test/uk/gov/hmrc/cataloguefrontend/actions/ActionsSupport.scala b/test/uk/gov/hmrc/cataloguefrontend/actions/ActionsSupport.scala index 20a3f7f45..7c85826bb 100644 --- a/test/uk/gov/hmrc/cataloguefrontend/actions/ActionsSupport.scala +++ b/test/uk/gov/hmrc/cataloguefrontend/actions/ActionsSupport.scala @@ -18,6 +18,7 @@ package uk.gov.hmrc.cataloguefrontend.actions import play.api.mvc.{MessagesControllerComponents, Request, Result} import uk.gov.hmrc.cataloguefrontend.connector.UserManagementAuthConnector +import uk.gov.hmrc.http.Token import scala.concurrent.{ExecutionContext, Future} @@ -28,8 +29,8 @@ trait ActionsSupport { umac: UserManagementAuthConnector, cc: MessagesControllerComponents ) extends UmpAuthenticated(umac, cc) { - override def invokeBlock[A](request: Request[A], block: Request[A] => Future[Result]): Future[Result] = - block(request) + override def invokeBlock[A](request: Request[A], block: UmpAuthenticatedRequest[A] => Future[Result]): Future[Result] = + block(UmpAuthenticatedRequest(request, token = Token("asdasdasd"))) } class VerifySignInStatusPassThrough(