gds-api-adapters 71.4.0 → 71.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d1bcd6f2192952444f80e49762cc4d1e2820c767162d194de9ce6c0f1b78ad2c
-  data.tar.gz: cc96d6dc6f18b3ec2a58187977147b8be0bf6025e7a47c4b55671f2ab900c78f
+  metadata.gz: 8670645ff0ca90d1b259b0607aca69f3164d91330b33f3d05f2e741fbbd334e6
+  data.tar.gz: 7ac9e476e7ab01e1ad992bb9fd6dcb0fc4e494fcf05400e0df5cdc3a6b201a2e
 SHA512:
-  metadata.gz: 2b0911632959b5c61c22ca3c5f208bd69d8cd6db5984fe83c4912251d38f1e895f8a90eda372de721a9f85a59af4931517eb468c3a23d554d9d3a9e4ecd24734
-  data.tar.gz: 1ed0f2a61ed3833a05283684a443ae148324ae22e92daa49e14982af4e908ea5e4f96cda2f74ad20bedae96fdad3d4641fee09c01b958fd63e53190e319b7357
+  metadata.gz: fb5bdf29581b987c5be58ffc9ccba0e5f950194a3e8f26d2ec9eb83b87db370a618716fb1d9a9cfd7db6049309e7d136ae2815cdc365205392a6634603583f5d
+  data.tar.gz: 7f37ede40200371ead2740f89d44c4a588a0b488c0ae3516232370d6d65234b99e30a31c7fe36524b20ce19ebdcd222f81d72549627cb7182673389c030443eb

data/lib/gds_api/account_api.rb

@@ -57,12 +57,19 @@ class GdsApi::AccountApi < GdsApi::Base
   # Update the user record with privileged information from the auth service.  Only the auth service will call this.
   #
   # @param [String] subject_identifier The identifier of the user, shared between the auth service and GOV.UK.
-  # @param [String, nil] email The new email address
-  # @param [Boolean, nil] email_verified Whether the new email address is verified
+  # @param [String, nil] email The user's current
+  # @param [Boolean, nil] email_verified Whether the user's current email address is verified
+  # @param [Boolean, nil] has_unconfirmed_email Whether the user has a new, pending, email address
   #
   # @return [Hash] The user's subject identifier and email attributes
-  def update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil)
-    patch_json("#{endpoint}/api/oidc-users/#{subject_identifier}", { email: email, email_verified: email_verified }.compact)
+  def update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil, has_unconfirmed_email: nil)
+    params = {
+      email: email,
+      email_verified: email_verified,
+      has_unconfirmed_email: has_unconfirmed_email,
+    }.compact
+
+    patch_json("#{endpoint}/api/oidc-users/#{subject_identifier}", params)
   end
 
   # Check if a user has an email subscription for the Transition Checker
@@ -116,11 +123,40 @@ class GdsApi::AccountApi < GdsApi::Base
     get_json("#{endpoint}/api/attributes/names?#{querystring}", auth_headers(govuk_account_session))
   end
 
+  # Get the details of an account-linked email subscription.
+  #
+  # @param [String] name Name of the subscription
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] Details of the subscription, if it exists.
+  def get_email_subscription(name:, govuk_account_session:)
+    get_json("#{endpoint}/api/email-subscriptions/#{CGI.escape(name)}", auth_headers(govuk_account_session))
+  end
+
+  # Create or update an account-linked email subscription.
+  #
+  # @param [String] name Name of the subscription
+  # @param [String] topic_slug The email-alert-api topic slug to subscribe to
+  # @param [String] govuk_account_session Value of the session header
+  #
+  # @return [Hash] Details of the newly created subscription.
+  def put_email_subscription(name:, topic_slug:, govuk_account_session:)
+    put_json("#{endpoint}/api/email-subscriptions/#{CGI.escape(name)}", { topic_slug: topic_slug }, auth_headers(govuk_account_session))
+  end
+
+  # Unsubscribe and delete an account-linked email subscription.
+  #
+  # @param [String] name Name of the subscription
+  # @param [String] govuk_account_session Value of the session header
+  def delete_email_subscription(name:, govuk_account_session:)
+    delete_json("#{endpoint}/api/email-subscriptions/#{CGI.escape(name)}", {}, auth_headers(govuk_account_session))
+  end
+
   # Look up all pages saved by a user in their Account
   #
   # @param [String] govuk_account_session Value of the session header
   #
-  # @return [Hash] containing :saved_pages, an array of single saved page hashes  def get_saved_pages(govuk_account_session:)
+  # @return [Hash] containing :saved_pages, an array of single saved page hashes
   def get_saved_pages(govuk_account_session:)
     get_json("#{endpoint}/api/saved-pages", auth_headers(govuk_account_session))
   end

data/lib/gds_api/email_alert_api.rb

@@ -156,10 +156,10 @@ class GdsApi::EmailAlertApi < GdsApi::Base
   # @param [string] Subscriber new_address
   #
   # @return [Hash] subscriber
-  def change_subscriber(id:, new_address:)
+  def change_subscriber(id:, new_address:, on_conflict: nil)
     patch_json(
       "#{endpoint}/subscribers/#{uri_encode(id)}",
-      new_address: new_address,
+      { new_address: new_address, on_conflict: on_conflict }.compact,
     )
   end
 
@@ -176,6 +176,44 @@ class GdsApi::EmailAlertApi < GdsApi::Base
     )
   end
 
+  # Verify a GOV.UK Account-holder has a corresponding subscriber
+  #
+  # @param [string] govuk_account_session The request's session identifier
+  #
+  # @return [Hash] subscriber
+  def authenticate_subscriber_by_govuk_account(govuk_account_session:)
+    post_json(
+      "#{endpoint}/subscribers/govuk-account",
+      govuk_account_session: govuk_account_session,
+    )
+  end
+
+  # Mark a subscriber as "linked" to its corresponding GOV.UK Account.
+  # In practice "linking" will mean that email-alert-frontend and
+  # account-api will treat the subscriber specially (eg, only allowing
+  # address changes via the account).
+  #
+  # @param [string] govuk_account_session The request's session identifier
+  #
+  # @return [Hash] subscriber
+  def link_subscriber_to_govuk_account(govuk_account_session:)
+    post_json(
+      "#{endpoint}/subscribers/govuk-account/link",
+      govuk_account_session: govuk_account_session,
+    )
+  end
+
+  # Find a subscriber which has been "linked" to a GOV.UK Account.
+  #
+  # @param [String] govuk_account_id An ID for the account.
+  #
+  # @return [Hash] subscriber
+  def find_subscriber_by_govuk_account(govuk_account_id:)
+    get_json(
+      "#{endpoint}/subscribers/govuk-account/#{govuk_account_id}",
+    )
+  end
+
   # Verify a subscriber has control of a provided email
   #
   # @param [string]       address       Address to send verification email to

data/lib/gds_api/test_helpers/account_api.rb

@@ -5,6 +5,20 @@ module GdsApi
     module AccountApi
       ACCOUNT_API_ENDPOINT = Plek.find("account-api")
 
+      def stub_account_api_request(method, path, with: {}, response_status: 200, response_body: {}, govuk_account_session: nil, new_govuk_account_session: nil)
+        with.merge!(headers: { GdsApi::AccountApi::AUTH_HEADER_NAME => govuk_account_session }) if govuk_account_session
+        new_govuk_account_session = nil if response_status >= 400
+        to_return = { status: response_status, body: response_body.merge(govuk_account_session: new_govuk_account_session).compact.to_json }
+        if with.empty?
+          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").to_return(**to_return)
+        else
+          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").with(**with).to_return(**to_return)
+        end
+      end
+
+      #########################
+      # GET /api/oauth2/sign-in
+      #########################
       def stub_account_api_get_sign_in_url(redirect_path: nil, state_id: nil, level_of_authentication: nil, auth_uri: "http://auth/provider", state: "state")
         querystring = Rack::Utils.build_nested_query({ redirect_path: redirect_path, state_id: state_id, level_of_authentication: level_of_authentication }.compact)
         stub_request(:get, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/sign-in?#{querystring}")
@@ -14,12 +28,15 @@ module GdsApi
           )
       end
 
-      def stub_account_api_validates_auth_response(code: nil, state: nil, govuk_account_session: "govuk-account-session", redirect_path: "/", ga_client_id: "ga-client-id")
+      ###########################
+      # POST /api/oauth2/callback
+      ###########################
+      def stub_account_api_validates_auth_response(code: nil, state: nil, govuk_account_session: "govuk-account-session", redirect_path: "/", ga_client_id: "ga-client-id", cookie_consent: false)
         stub_request(:post, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/callback")
           .with(body: hash_including({ code: code, state: state }.compact))
           .to_return(
             status: 200,
-            body: { govuk_account_session: govuk_account_session, redirect_path: redirect_path, ga_client_id: ga_client_id }.to_json,
+            body: { govuk_account_session: govuk_account_session, redirect_path: redirect_path, ga_client_id: ga_client_id, cookie_consent: cookie_consent }.to_json,
           )
       end
 
@@ -29,6 +46,9 @@ module GdsApi
           .to_return(status: 401)
       end
 
+      ########################
+      # POST /api/oauth2/state
+      ########################
       def stub_account_api_create_registration_state(attributes: nil, state_id: "state-id")
         stub_request(:post, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/state")
           .with(body: hash_including({ attributes: attributes }.compact))
@@ -38,14 +58,19 @@ module GdsApi
           )
       end
 
-      def stub_account_api_user_info(level_of_authentication: "level0", email: "email@example.com", email_verified: true, services: {}, **options)
+      ###############
+      # GET /api/user
+      ###############
+      def stub_account_api_user_info(id: "user-id", level_of_authentication: "level0", email: "email@example.com", email_verified: true, has_unconfirmed_email: false, services: {}, **options)
         stub_account_api_request(
           :get,
           "/api/user",
           response_body: {
+            id: id,
             level_of_authentication: level_of_authentication,
             email: email,
             email_verified: email_verified,
+            has_unconfirmed_email: has_unconfirmed_email,
             services: services,
           },
           **options,
@@ -69,19 +94,120 @@ module GdsApi
         )
       end
 
-      def stub_update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil, old_email: nil, old_email_verified: nil)
+      ###########################################
+      # PATCH /api/oidc-users/:subject_identifier
+      ###########################################
+      def stub_update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil, has_unconfirmed_email: nil, old_email: nil, old_email_verified: nil, old_has_unconfirmed_email: nil)
         stub_account_api_request(
           :patch,
           "/api/oidc-users/#{subject_identifier}",
-          with: { body: hash_including({ email: email, email_verified: email_verified }.compact) },
+          with: { body: hash_including({ email: email, email_verified: email_verified, has_unconfirmed_email: has_unconfirmed_email }.compact) },
           response_body: {
             sub: subject_identifier,
             email: email || old_email,
             email_verified: email_verified || old_email_verified,
+            has_unconfirmed_email: has_unconfirmed_email || old_has_unconfirmed_email,
+          },
+        )
+      end
+
+      ####################################
+      # GET /api/email-subscriptions/:name
+      ####################################
+      def stub_account_api_get_email_subscription(name:, topic_slug: "slug", email_alert_api_subscription_id: "12345", **options)
+        stub_account_api_request(
+          :get,
+          "/api/email-subscriptions/#{name}",
+          response_body: {
+            email_subscription: {
+              name: name,
+              topic_slug: topic_slug,
+              email_alert_api_subscription_id: email_alert_api_subscription_id,
+            },
+          },
+          **options,
+        )
+      end
+
+      def stub_account_api_get_email_subscription_does_not_exist(name:, **options)
+        stub_account_api_request(
+          :get,
+          "/api/email-subscriptions/#{name}",
+          response_status: 404,
+          **options,
+        )
+      end
+
+      def stub_account_api_get_email_subscription_unauthorized(name:, **options)
+        stub_account_api_request(
+          :get,
+          "/api/email-subscriptions/#{name}",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      ####################################
+      # PUT /api/email-subscriptions/:name
+      ####################################
+      def stub_account_api_put_email_subscription(name:, topic_slug: nil, **options)
+        stub_account_api_request(
+          :put,
+          "/api/email-subscriptions/#{name}",
+          with: { body: hash_including({ topic_slug: topic_slug }.compact) },
+          response_body: {
+            email_subscription: {
+              name: name,
+              topic_slug: topic_slug || "slug",
+            },
           },
+          **options,
+        )
+      end
+
+      def stub_account_api_unauthorized_put_email_subscription(name:, topic_slug: nil, **options)
+        stub_account_api_request(
+          :put,
+          "/api/email-subscriptions/#{name}",
+          with: { body: hash_including({ topic_slug: topic_slug }.compact) },
+          response_status: 401,
+          **options,
         )
       end
 
+      #######################################
+      # DELETE /api/email-subscriptions/:name
+      #######################################
+      def stub_account_api_delete_email_subscription(name:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/email-subscriptions/#{name}",
+          response_status: 204,
+          **options,
+        )
+      end
+
+      def stub_account_api_delete_email_subscription_does_not_exist(name:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/email-subscriptions/#{name}",
+          response_status: 404,
+          **options,
+        )
+      end
+
+      def stub_account_api_unauthorized_delete_email_subscription(name:, **options)
+        stub_account_api_request(
+          :delete,
+          "/api/email-subscriptions/#{name}",
+          response_status: 401,
+          **options,
+        )
+      end
+
+      ################################################
+      # GET /api/transition-checker-email-subscription
+      ################################################
       def stub_account_api_has_email_subscription(**options)
         stub_account_api_request(
           :get,
@@ -119,6 +245,9 @@ module GdsApi
         )
       end
 
+      #################################################
+      # POST /api/transition-checker-email-subscription
+      #################################################
       def stub_account_api_set_email_subscription(slug: nil, **options)
         stub_account_api_request(
           :post,
@@ -149,6 +278,9 @@ module GdsApi
         )
       end
 
+      #####################
+      # GET /api/attributes
+      #####################
       def stub_account_api_has_attributes(attributes: [], values: {}, **options)
         querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
         stub_account_api_request(
@@ -180,6 +312,9 @@ module GdsApi
         )
       end
 
+      #######################
+      # PATCH /api/attributes
+      #######################
       def stub_account_api_set_attributes(attributes: nil, **options)
         stub_account_api_request(
           :patch,
@@ -210,6 +345,9 @@ module GdsApi
         )
       end
 
+      ###########################
+      # GET /api/attributes/names
+      ###########################
       def stub_account_api_get_attributes_names(attributes: [], **options)
         querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
         stub_account_api_request(
@@ -241,17 +379,6 @@ module GdsApi
         )
       end
 
-      def stub_account_api_request(method, path, with: {}, response_status: 200, response_body: {}, govuk_account_session: nil, new_govuk_account_session: nil)
-        with.merge!(headers: { GdsApi::AccountApi::AUTH_HEADER_NAME => govuk_account_session }) if govuk_account_session
-        new_govuk_account_session = nil if response_status >= 400
-        to_return = { status: response_status, body: response_body.merge(govuk_account_session: new_govuk_account_session).compact.to_json }
-        if with.empty?
-          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").to_return(**to_return)
-        else
-          stub_request(method, "#{ACCOUNT_API_ENDPOINT}#{path}").with(**with).to_return(**to_return)
-        end
-      end
-
       ######################
       # GET /api/saved-pages
       ######################

data/lib/gds_api/test_helpers/email_alert_api.rb

@@ -6,11 +6,11 @@ module GdsApi
     module EmailAlertApi
       EMAIL_ALERT_API_ENDPOINT = Plek.find("email-alert-api")
 
-      def stub_email_alert_api_has_updated_subscriber(id, new_address)
+      def stub_email_alert_api_has_updated_subscriber(id, new_address, govuk_account_id: nil)
         stub_request(:patch, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/#{id}")
           .to_return(
             status: 200,
-            body: get_subscriber_response(id, new_address).to_json,
+            body: get_subscriber_response(id, new_address, govuk_account_id).to_json,
           )
       end
 
@@ -265,11 +265,11 @@ module GdsApi
           ).to_return(status: 422)
       end
 
-      def stub_email_alert_api_sends_subscriber_verification_email(subscriber_id, address)
+      def stub_email_alert_api_sends_subscriber_verification_email(subscriber_id, address, govuk_account_id: nil)
         stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/auth-token")
           .to_return(
             status: 201,
-            body: get_subscriber_response(subscriber_id, address).to_json,
+            body: get_subscriber_response(subscriber_id, address, govuk_account_id).to_json,
           )
       end
 
@@ -283,6 +283,102 @@ module GdsApi
           .to_return(status: 404)
       end
 
+      def stub_email_alert_api_subscriber_verification_email_linked_to_govuk_account
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/auth-token")
+          .to_return(status: 403)
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account(govuk_account_session, subscriber_id, address, govuk_account_id: "user-id", new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 200,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.merge(get_subscriber_response(subscriber_id, address, govuk_account_id)).to_json,
+          )
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account_session_invalid(govuk_account_session)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 401,
+          )
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account_email_unverified(govuk_account_session, new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 403,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.to_json,
+          )
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account_no_subscriber(govuk_account_session, new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 404,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.to_json,
+          )
+      end
+
+      def stub_email_alert_api_link_subscriber_to_govuk_account(govuk_account_session, subscriber_id, address, govuk_account_id: "user-id", new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/link")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 200,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.merge(get_subscriber_response(subscriber_id, address, govuk_account_id)).to_json,
+          )
+      end
+
+      def stub_email_alert_api_link_subscriber_to_govuk_account_session_invalid(govuk_account_session)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/link")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 401,
+          )
+      end
+
+      def stub_email_alert_api_link_subscriber_to_govuk_account_email_unverified(govuk_account_session, new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/link")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 403,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.to_json,
+          )
+      end
+
+      def stub_email_alert_api_find_subscriber_by_govuk_account(govuk_account_id, subscriber_id, address)
+        stub_request(:get, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/#{govuk_account_id}")
+          .to_return(
+            status: 200,
+            body: get_subscriber_response(subscriber_id, address, govuk_account_id).to_json,
+          )
+      end
+
+      def stub_email_alert_api_find_subscriber_by_govuk_account_no_subscriber(govuk_account_id)
+        stub_request(:get, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/#{govuk_account_id}")
+          .to_return(status: 404)
+      end
+
       def assert_unsubscribed(uuid)
         assert_requested(:post, "#{EMAIL_ALERT_API_ENDPOINT}/unsubscribe/#{uuid}", times: 1)
       end
@@ -314,11 +410,12 @@ module GdsApi
 
     private
 
-      def get_subscriber_response(id, address)
+      def get_subscriber_response(id, address, govuk_account_id)
         {
           "subscriber" => {
             "id" => id,
             "address" => address,
+            "govuk_account_id" => govuk_account_id,
           },
         }
       end

data/lib/gds_api/version.rb

@@ -1,3 +1,3 @@
 module GdsApi
-  VERSION = "71.4.0".freeze
+  VERSION = "71.9.0".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gds-api-adapters
 version: !ruby/object:Gem::Version
-  version: 71.4.0
+  version: 71.9.0
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-10 00:00:00.000000000 Z
+date: 2021-07-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable