gds-api-adapters 71.1.0 → 71.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9324b0ac6cf23eff191016dbb952b2cc4507d1071a6d7d8e463ce389f1e38024
-  data.tar.gz: d5b157159178227c69d0d724f49f10e299937c7c855c9cc5b55019d9995e17f2
+  metadata.gz: ecea9412cb0ad1e32c5b4eac37fd53699b06e7b9612a7033eb23f989e1a013d2
+  data.tar.gz: 311fc8a8a2dc36fc389dd7d0166943dfab092690d5e1ea504b9395fd44a5f2b6
 SHA512:
-  metadata.gz: b24b9dec516dfbd48713c6bee798e1d4579def436e284077f89f649f3ec3dbd0fc88a3b59270c07f3d51f4e972058d6521168d571e263e037de785b4e48af9b7
-  data.tar.gz: 37dd29babe5be2b2f11d9fc26ea2d5b3d8e9414779b3d226f6282d533ad57ea9aed10cce07ee2725109ef30885e4707aec4d9c70e7ff818572f644a390bc3ce5
+  metadata.gz: 255c6879512abcd1c8383d1f4b24799bc408ce04cce55e1cfd1db7365e5e17189d196fa26917283ff411c93b568c824fda237ea683bc9d5d6e56e397c43aaa54
+  data.tar.gz: 1bc48d079cba0ee202697442fd3646718100df7c5e870ff5c17b38ca32802a11fd4f833f424d12dcf6270a98d3be7fd9a067525c0432dc986c771448be91053c

data/lib/gds_api/account_api.rb

@@ -45,6 +45,33 @@ class GdsApi::AccountApi < GdsApi::Base
     post_json("#{endpoint}/api/oauth2/state", attributes: attributes)
   end
 
+  # Get all the information about a user needed to render the account home page
+  #
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] Information about the user and the services they've used, and a new session header
+  def get_user(govuk_account_session:)
+    get_json("#{endpoint}/api/user", auth_headers(govuk_account_session))
+  end
+
+  # Update the user record with privileged information from the auth service.  Only the auth service will call this.
+  #
+  # @param [String] subject_identifier The identifier of the user, shared between the auth service and GOV.UK.
+  # @param [String, nil] email The user's current
+  # @param [Boolean, nil] email_verified Whether the user's current email address is verified
+  # @param [Boolean, nil] has_unconfirmed_email Whether the user has a new, pending, email address
+  #
+  # @return [Hash] The user's subject identifier and email attributes
+  def update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil, has_unconfirmed_email: nil)
+    params = {
+      email: email,
+      email_verified: email_verified,
+      has_unconfirmed_email: has_unconfirmed_email,
+    }.compact
+
+    patch_json("#{endpoint}/api/oidc-users/#{subject_identifier}", params)
+  end
+
   # Check if a user has an email subscription for the Transition Checker
   #
   # @param [String] govuk_account_session Value of the session header
@@ -96,6 +123,75 @@ class GdsApi::AccountApi < GdsApi::Base
     get_json("#{endpoint}/api/attributes/names?#{querystring}", auth_headers(govuk_account_session))
   end
 
+  # Get the details of an account-linked email subscription.
+  #
+  # @param [String] name Name of the subscription
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] Details of the subscription, if it exists.
+  def get_email_subscription(name:, govuk_account_session:)
+    get_json("#{endpoint}/api/email-subscriptions/#{CGI.escape(name)}", auth_headers(govuk_account_session))
+  end
+
+  # Create or update an account-linked email subscription.
+  #
+  # @param [String] name Name of the subscription
+  # @param [String] topic_slug The email-alert-api topic slug to subscribe to
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] Details of the newly created subscription.
+  def put_email_subscription(name:, topic_slug:, govuk_account_session:)
+    put_json("#{endpoint}/api/email-subscriptions/#{CGI.escape(name)}", { topic_slug: topic_slug }, auth_headers(govuk_account_session))
+  end
+
+  # Unsubscribe and delete an account-linked email subscription.
+  #
+  # @param [String] name Name of the subscription
+  # @param [String] govuk_account_session Value of the session header
+  def delete_email_subscription(name:, govuk_account_session:)
+    delete_json("#{endpoint}/api/email-subscriptions/#{CGI.escape(name)}", {}, auth_headers(govuk_account_session))
+  end
+
+  # Look up all pages saved by a user in their Account
+  #
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] containing :saved_pages, an array of single saved page hashes
+  def get_saved_pages(govuk_account_session:)
+    get_json("#{endpoint}/api/saved-pages", auth_headers(govuk_account_session))
+  end
+
+  # Return a single page by unique URL
+  #
+  # @param [String] the path of a page to check
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] containing :saved_page, a hash of a single saved page value
+  def get_saved_page(page_path:, govuk_account_session:)
+    get_json("#{endpoint}/api/saved-pages/#{CGI.escape(page_path)}", auth_headers(govuk_account_session))
+  end
+
+  # Upsert a single saved page entry in a users account
+  #
+  # @param [String] the path of a page to check
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] A single saved page value (if sucessful)
+  def save_page(page_path:, govuk_account_session:)
+    put_json("#{endpoint}/api/saved-pages/#{CGI.escape(page_path)}", {}, auth_headers(govuk_account_session))
+  end
+
+  # Delete a single saved page entry from a users account
+  #
+  # @param [String] the path of a page to check
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [GdsApi::Response] A status code of 204 indicates the saved page has been successfully deleted.
+  #                            A status code of 404 indicates there is no saved page with this path.
+  def delete_saved_page(page_path:, govuk_account_session:)
+    delete_json("#{endpoint}/api/saved-pages/#{CGI.escape(page_path)}", {}, auth_headers(govuk_account_session))
+  end
+
 private
 
   def nested_query_string(params)

data/lib/gds_api/email_alert_api.rb

@@ -176,6 +176,18 @@ class GdsApi::EmailAlertApi < GdsApi::Base
     )
   end
 
+  # Verify a GOV.UK Account-holder has a corresponding subscriber
+  #
+  # @param [string] govuk_account_session The request's session identifier
+  #
+  # @return [Hash] subscriber
+  def authenticate_subscriber_by_govuk_account(govuk_account_session:)
+    post_json(
+      "#{endpoint}/subscribers/govuk-account",
+      govuk_account_session: govuk_account_session,
+    )
+  end
+
   # Verify a subscriber has control of a provided email
   #
   # @param [string]       address       Address to send verification email to

data/lib/gds_api/json_client.rb

@@ -180,10 +180,10 @@ module GdsApi
       raise GdsApi::EndpointNotFound, "Could not connect to #{url}"
     rescue RestClient::Exceptions::Timeout => e
       logger.error loggable.merge(status: "timeout", error_message: e.message, error_class: e.class.name, end_time: Time.now.to_f).to_json
-      raise GdsApi::TimedOutException
+      raise GdsApi::TimedOutException, e.message
     rescue URI::InvalidURIError => e
       logger.error loggable.merge(status: "invalid_uri", error_message: e.message, error_class: e.class.name, end_time: Time.now.to_f).to_json
-      raise GdsApi::InvalidUrl
+      raise GdsApi::InvalidUrl, e.message
     rescue RestClient::Exception => e
       # Log the error here, since we have access to loggable, but raise the
       # exception up to the calling method to deal with
@@ -192,10 +192,10 @@ module GdsApi
       raise
     rescue Errno::ECONNRESET => e
       logger.error loggable.merge(status: "connection_reset", error_message: e.message, error_class: e.class.name, end_time: Time.now.to_f).to_json
-      raise GdsApi::TimedOutException
+      raise GdsApi::TimedOutException, e.message
     rescue SocketError => e
       logger.error loggable.merge(status: "socket_error", error_message: e.message, error_class: e.class.name, end_time: Time.now.to_f).to_json
-      raise GdsApi::SocketErrorException
+      raise GdsApi::SocketErrorException, e.message
     end
   end
 end

data/lib/gds_api/test_helpers/account_api.rb

@@ -5,6 +5,20 @@ module GdsApi
     module AccountApi
       ACCOUNT_API_ENDPOINT = Plek.find("account-api")
 
+      def stub_account_api_request(method, path, with: {}, response_status: 200, response_body: {}, govuk_account_session: nil, new_govuk_account_session: nil)
+        with.merge!(headers: { GdsApi::AccountApi::AUTH_HEADER_NAME => govuk_account_session }) if govuk_account_session
+        new_govuk_account_session = nil if response_status >= 400
+        to_return = { status: response_status, body: response_body.merge(govuk_account_session: new_govuk_account_session).compact.to_json }
+        if with.empty?
+          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").to_return(**to_return)
+        else
+          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").with(**with).to_return(**to_return)
+        end
+      end
+
+      #########################
+      # GET /api/oauth2/sign-in
+      #########################
       def stub_account_api_get_sign_in_url(redirect_path: nil, state_id: nil, level_of_authentication: nil, auth_uri: "http://auth/provider", state: "state")
         querystring = Rack::Utils.build_nested_query({ redirect_path: redirect_path, state_id: state_id, level_of_authentication: level_of_authentication }.compact)
         stub_request(:get, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/sign-in?#{querystring}")
@@ -14,6 +28,9 @@ module GdsApi
           )
       end
 
+      ###########################
+      # POST /api/oauth2/callback
+      ###########################
       def stub_account_api_validates_auth_response(code: nil, state: nil, govuk_account_session: "govuk-account-session", redirect_path: "/", ga_client_id: "ga-client-id")
         stub_request(:post, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/callback")
           .with(body: hash_including({ code: code, state: state }.compact))
@@ -29,6 +46,9 @@ module GdsApi
           .to_return(status: 401)
       end
 
+      ########################
+      # POST /api/oauth2/state
+      ########################
       def stub_account_api_create_registration_state(attributes: nil, state_id: "state-id")
         stub_request(:post, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/state")
           .with(body: hash_including({ attributes: attributes }.compact))
@@ -38,6 +58,155 @@ module GdsApi
           )
       end
 
+      ###############
+      # GET /api/user
+      ###############
+      def stub_account_api_user_info(level_of_authentication: "level0", email: "email@example.com", email_verified: true, has_unconfirmed_email: false, services: {}, **options)
+        stub_account_api_request(
+          :get,
+          "/api/user",
+          response_body: {
+            level_of_authentication: level_of_authentication,
+            email: email,
+            email_verified: email_verified,
+            has_unconfirmed_email: has_unconfirmed_email,
+            services: services,
+          },
+          **options,
+        )
+      end
+
+      def stub_account_api_user_info_service_state(service:, service_state: "yes", **options)
+        stub_account_api_user_info(
+          **options.merge(
+            services: options.fetch(:services, {}).merge(service => service_state),
+          ),
+        )
+      end
+
+      def stub_account_api_unauthorized_user_info(**options)
+        stub_account_api_request(
+          :get,
+          "/api/user",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      ###########################################
+      # PATCH /api/oidc-users/:subject_identifier
+      ###########################################
+      def stub_update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil, has_unconfirmed_email: nil, old_email: nil, old_email_verified: nil, old_has_unconfirmed_email: nil)
+        stub_account_api_request(
+          :patch,
+          "/api/oidc-users/#{subject_identifier}",
+          with: { body: hash_including({ email: email, email_verified: email_verified, has_unconfirmed_email: has_unconfirmed_email }.compact) },
+          response_body: {
+            sub: subject_identifier,
+            email: email || old_email,
+            email_verified: email_verified || old_email_verified,
+            has_unconfirmed_email: has_unconfirmed_email || old_has_unconfirmed_email,
+          },
+        )
+      end
+
+      ####################################
+      # GET /api/email-subscriptions/:name
+      ####################################
+      def stub_account_api_get_email_subscription(name:, topic_slug: "slug", email_alert_api_subscription_id: "12345", **options)
+        stub_account_api_request(
+          :get,
+          "/api/email-subscriptions/#{name}",
+          response_body: {
+            email_subscription: {
+              name: name,
+              topic_slug: topic_slug,
+              email_alert_api_subscription_id: email_alert_api_subscription_id,
+            },
+          },
+          **options,
+        )
+      end
+
+      def stub_account_api_get_email_subscription_does_not_exist(name:, **options)
+        stub_account_api_request(
+          :get,
+          "/api/email-subscriptions/#{name}",
+          response_status: 404,
+          **options,
+        )
+      end
+
+      def stub_account_api_get_email_subscription_unauthorized(name:, **options)
+        stub_account_api_request(
+          :get,
+          "/api/email-subscriptions/#{name}",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      ####################################
+      # PUT /api/email-subscriptions/:name
+      ####################################
+      def stub_account_api_put_email_subscription(name:, topic_slug: nil, **options)
+        stub_account_api_request(
+          :put,
+          "/api/email-subscriptions/#{name}",
+          with: { body: hash_including({ topic_slug: topic_slug }.compact) },
+          response_body: {
+            email_subscription: {
+              name: name,
+              topic_slug: topic_slug || "slug",
+            },
+          },
+          **options,
+        )
+      end
+
+      def stub_account_api_unauthorized_put_email_subscription(name:, topic_slug: nil, **options)
+        stub_account_api_request(
+          :put,
+          "/api/email-subscriptions/#{name}",
+          with: { body: hash_including({ topic_slug: topic_slug }.compact) },
+          response_status: 401,
+          **options,
+        )
+      end
+
+      #######################################
+      # DELETE /api/email-subscriptions/:name
+      #######################################
+      def stub_account_api_delete_email_subscription(name:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/email-subscriptions/#{name}",
+          response_status: 204,
+          **options,
+        )
+      end
+
+      def stub_account_api_delete_email_subscription_does_not_exist(name:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/email-subscriptions/#{name}",
+          response_status: 404,
+          **options,
+        )
+      end
+
+      def stub_account_api_unauthorized_delete_email_subscription(name:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/email-subscriptions/#{name}",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      ################################################
+      # GET /api/transition-checker-email-subscription
+      ################################################
       def stub_account_api_has_email_subscription(**options)
         stub_account_api_request(
           :get,
@@ -75,6 +244,9 @@ module GdsApi
         )
       end
 
+      #################################################
+      # POST /api/transition-checker-email-subscription
+      #################################################
       def stub_account_api_set_email_subscription(slug: nil, **options)
         stub_account_api_request(
           :post,
@@ -105,6 +277,9 @@ module GdsApi
         )
       end
 
+      #####################
+      # GET /api/attributes
+      #####################
       def stub_account_api_has_attributes(attributes: [], values: {}, **options)
         querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
         stub_account_api_request(
@@ -136,6 +311,9 @@ module GdsApi
         )
       end
 
+      #######################
+      # PATCH /api/attributes
+      #######################
       def stub_account_api_set_attributes(attributes: nil, **options)
         stub_account_api_request(
           :patch,
@@ -166,6 +344,9 @@ module GdsApi
         )
       end
 
+      ###########################
+      # GET /api/attributes/names
+      ###########################
       def stub_account_api_get_attributes_names(attributes: [], **options)
         querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
         stub_account_api_request(
@@ -197,15 +378,141 @@ module GdsApi
         )
       end
 
-      def stub_account_api_request(method, path, with: {}, response_status: 200, response_body: {}, govuk_account_session: nil, new_govuk_account_session: nil)
-        with.merge!(headers: { GdsApi::AccountApi::AUTH_HEADER_NAME => govuk_account_session }) if govuk_account_session
-        new_govuk_account_session = nil if response_status >= 400
-        to_return = { status: response_status, body: response_body.merge(govuk_account_session: new_govuk_account_session).compact.to_json }
-        if with.empty?
-          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").to_return(**to_return)
-        else
-          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").with(**with).to_return(**to_return)
-        end
+      ######################
+      # GET /api/saved-pages
+      ######################
+      def stub_account_api_returning_saved_pages(saved_pages: [], **options)
+        stub_account_api_request(
+          :get,
+          "/api/saved-pages",
+          response_body: { saved_pages: saved_pages },
+          **options,
+        )
+      end
+
+      def stub_account_api_unauthorized_get_saved_pages(**options)
+        stub_account_api_request(
+          :get,
+          "/api/saved-pages",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      #################################
+      # GET /api/saved_pages/:page_path
+      #################################
+      def stub_account_api_get_saved_page(page_path:, content_id: "46163ed2-1777-4ee6-bdd4-6a2007e49d8f", title: "Ministry of Magic", **options)
+        stub_account_api_request(
+          :get,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_body: {
+            saved_page: {
+              page_path: page_path,
+              content_id: content_id,
+              title: title,
+            },
+          },
+          **options,
+        )
+      end
+
+      def stub_account_api_does_not_have_saved_page(page_path:, **options)
+        stub_account_api_request(
+          :get,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_status: 404,
+          **options,
+        )
+      end
+
+      def stub_account_api_unauthorized_get_saved_page(page_path:, **options)
+        stub_account_api_request(
+          :get,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      #################################
+      # PUT /api/saved-pages/:page_path
+      #################################
+      def stub_account_api_save_page(page_path:, content_id: "c840bfa2-011a-42cc-ac7a-a6da990aff0b", title: "Ministry of Magic", **options)
+        stub_account_api_request(
+          :put,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_body: {
+            saved_page: {
+              page_path: page_path,
+              content_id: content_id,
+              title: title,
+            },
+          },
+          **options,
+        )
+      end
+
+      def stub_account_api_save_page_already_exists(page_path:, **options)
+        stub_account_api_save_page(page_path: page_path, **options)
+      end
+
+      def stub_account_api_save_page_cannot_save_page(page_path:, **options)
+        stub_account_api_request(
+          :put,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_status: 422,
+          response_body: cannot_save_page_problem_detail({ page_path: page_path }),
+          **options,
+        )
+      end
+
+      def stub_account_api_unauthorized_save_page(page_path:, **options)
+        stub_account_api_request(
+          :put,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      def cannot_save_page_problem_detail(option = {})
+        {
+          title: "Cannot save page",
+          detail: "Cannot save page with path #{option['page_path']}, check it is not blank, and is a well formatted url path.",
+          type: "https://github.com/alphagov/account-api/blob/main/docs/api.md#cannot-save-page",
+          **option,
+        }
+      end
+
+      ####################################
+      # DELETE /api/saved-pages/:page_path
+      ####################################
+      def stub_account_api_delete_saved_page(page_path:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_status: 204,
+          **options,
+        )
+      end
+
+      def stub_account_api_delete_saved_page_does_not_exist(page_path:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_status: 404,
+          **options,
+        )
+      end
+
+      def stub_account_api_delete_saved_page_unauthorised(page_path:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/saved-pages/#{CGI.escape(page_path)}",
+          response_status: 401,
+          **options,
+        )
       end
     end
   end

data/lib/gds_api/test_helpers/email_alert_api.rb

@@ -283,6 +283,51 @@ module GdsApi
           .to_return(status: 404)
       end
 
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account(govuk_account_session, subscriber_id, address, new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 200,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.merge(get_subscriber_response(subscriber_id, address)).to_json,
+          )
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account_session_invalid(govuk_account_session)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 401,
+          )
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account_email_unverified(govuk_account_session, new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 403,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.to_json,
+          )
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account_no_subscriber(govuk_account_session, new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 404,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.to_json,
+          )
+      end
+
       def assert_unsubscribed(uuid)
         assert_requested(:post, "#{EMAIL_ALERT_API_ENDPOINT}/unsubscribe/#{uuid}", times: 1)
       end

data/lib/gds_api/version.rb

@@ -1,3 +1,3 @@
 module GdsApi
-  VERSION = "71.1.0".freeze
+  VERSION = "71.6.0".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gds-api-adapters
 version: !ruby/object:Gem::Version
-  version: 71.1.0
+  version: 71.6.0
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-05-06 00:00:00.000000000 Z
+date: 2021-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -445,7 +445,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Adapters to work with GDS APIs