gds-api-adapters 71.6.0 → 72.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ecea9412cb0ad1e32c5b4eac37fd53699b06e7b9612a7033eb23f989e1a013d2
-  data.tar.gz: 311fc8a8a2dc36fc389dd7d0166943dfab092690d5e1ea504b9395fd44a5f2b6
+  metadata.gz: 1f884f8a2e2cd91ddec2d467ae503ae442ce852b033a5dfc3cf7d374f8fd60a0
+  data.tar.gz: aa34f87913d8ff559a85b99dd5c1fecf82bfddffad74fa2fea19fefbc3f2128d
 SHA512:
-  metadata.gz: 255c6879512abcd1c8383d1f4b24799bc408ce04cce55e1cfd1db7365e5e17189d196fa26917283ff411c93b568c824fda237ea683bc9d5d6e56e397c43aaa54
-  data.tar.gz: 1bc48d079cba0ee202697442fd3646718100df7c5e870ff5c17b38ca32802a11fd4f833f424d12dcf6270a98d3be7fd9a067525c0432dc986c771448be91053c
+  metadata.gz: d6ca46bd2cd504c1a434d6fbf7f91399b4542beb2ddc996452236e429abf66530f43ddf00b6078630fc034b9f533f91ae8ca59ba4937a9b31dcb2aea936dc0ea
+  data.tar.gz: d31a33695afd0f60cdedc7cd70babbc0f01db7fa4abda227d7d0de8f0e5d237ee260e47a0e528ac90db220de1a4ebc1ab9ba6a3dd62a1c86272cf9fc4ddcf7a5

data/lib/gds_api/account_api.rb

@@ -11,15 +11,13 @@ class GdsApi::AccountApi < GdsApi::Base
   # Get an OAuth sign-in URL to redirect the user to
   #
   # @param [String, nil] redirect_path path on GOV.UK to send the user to after authentication
-  # @param [String, nil] state_id identifier originally returned by #create_registration_state
   # @param [String, nil] level_of_authentication either "level1" (require MFA) or "level0" (do not require MFA)
   #
   # @return [Hash] An authentication URL and the OAuth state parameter (for CSRF protection)
-  def get_sign_in_url(redirect_path: nil, state_id: nil, level_of_authentication: nil)
+  def get_sign_in_url(redirect_path: nil, level_of_authentication: nil)
     querystring = nested_query_string(
       {
         redirect_path: redirect_path,
-        state_id: state_id,
         level_of_authentication: level_of_authentication,
       }.compact,
     )
@@ -36,15 +34,6 @@ class GdsApi::AccountApi < GdsApi::Base
     post_json("#{endpoint}/api/oauth2/callback", code: code, state: state)
   end
 
-  # Register some initial state, to pass to get_sign_in_url, which is used to initialise the account if the user signs up
-  #
-  # @param [Hash, nil] attributes Initial attributes to store
-  #
-  # @return [Hash] The state ID to pass to get_sign_in_url
-  def create_registration_state(attributes:)
-    post_json("#{endpoint}/api/oauth2/state", attributes: attributes)
-  end
-
   # Get all the information about a user needed to render the account home page
   #
   # @param [String] govuk_account_session Value of the session header
@@ -72,25 +61,6 @@ class GdsApi::AccountApi < GdsApi::Base
     patch_json("#{endpoint}/api/oidc-users/#{subject_identifier}", params)
   end
 
-  # Check if a user has an email subscription for the Transition Checker
-  #
-  # @param [String] govuk_account_session Value of the session header
-  #
-  # @return [Hash] Whether the user has a subscription, and a new session header
-  def check_for_email_subscription(govuk_account_session:)
-    get_json("#{endpoint}/api/transition-checker-email-subscription", auth_headers(govuk_account_session))
-  end
-
-  # Create or update a user's email subscription for the Transition Checker
-  #
-  # @param [String] govuk_account_session Value of the session header
-  # @param [String] slug The email topic slug
-  #
-  # @return [Hash] Whether the user has a subscription, and a new session header
-  def set_email_subscription(govuk_account_session:, slug:)
-    post_json("#{endpoint}/api/transition-checker-email-subscription", { slug: slug }, auth_headers(govuk_account_session))
-  end
-
   # Look up the values of a user's attributes
   #
   # @param [String] attributes Names of the attributes to check

data/lib/gds_api/email_alert_api.rb

@@ -156,10 +156,10 @@ class GdsApi::EmailAlertApi < GdsApi::Base
   # @param [string] Subscriber new_address
   #
   # @return [Hash] subscriber
-  def change_subscriber(id:, new_address:)
+  def change_subscriber(id:, new_address:, on_conflict: nil)
     patch_json(
       "#{endpoint}/subscribers/#{uri_encode(id)}",
-      new_address: new_address,
+      { new_address: new_address, on_conflict: on_conflict }.compact,
     )
   end
 
@@ -188,6 +188,32 @@ class GdsApi::EmailAlertApi < GdsApi::Base
     )
   end
 
+  # Mark a subscriber as "linked" to its corresponding GOV.UK Account.
+  # In practice "linking" will mean that email-alert-frontend and
+  # account-api will treat the subscriber specially (eg, only allowing
+  # address changes via the account).
+  #
+  # @param [string] govuk_account_session The request's session identifier
+  #
+  # @return [Hash] subscriber
+  def link_subscriber_to_govuk_account(govuk_account_session:)
+    post_json(
+      "#{endpoint}/subscribers/govuk-account/link",
+      govuk_account_session: govuk_account_session,
+    )
+  end
+
+  # Find a subscriber which has been "linked" to a GOV.UK Account.
+  #
+  # @param [String] govuk_account_id An ID for the account.
+  #
+  # @return [Hash] subscriber
+  def find_subscriber_by_govuk_account(govuk_account_id:)
+    get_json(
+      "#{endpoint}/subscribers/govuk-account/#{govuk_account_id}",
+    )
+  end
+
   # Verify a subscriber has control of a provided email
   #
   # @param [string]       address       Address to send verification email to

data/lib/gds_api/exceptions.rb

@@ -3,7 +3,7 @@ module GdsApi
   class BaseError < StandardError
     # Give Sentry extra context about this event
     # https://docs.sentry.io/clients/ruby/context/
-    def raven_context
+    def sentry_context
       {
         # Make Sentry group exceptions by type instead of message, so all
         # exceptions like `GdsApi::TimedOutException` will get grouped as one

data/lib/gds_api/test_helpers/account_api.rb

@@ -19,8 +19,8 @@ module GdsApi
       #########################
       # GET /api/oauth2/sign-in
       #########################
-      def stub_account_api_get_sign_in_url(redirect_path: nil, state_id: nil, level_of_authentication: nil, auth_uri: "http://auth/provider", state: "state")
-        querystring = Rack::Utils.build_nested_query({ redirect_path: redirect_path, state_id: state_id, level_of_authentication: level_of_authentication }.compact)
+      def stub_account_api_get_sign_in_url(redirect_path: nil, level_of_authentication: nil, auth_uri: "http://auth/provider", state: "state")
+        querystring = Rack::Utils.build_nested_query({ redirect_path: redirect_path, level_of_authentication: level_of_authentication }.compact)
         stub_request(:get, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/sign-in?#{querystring}")
           .to_return(
             status: 200,
@@ -31,12 +31,12 @@ module GdsApi
       ###########################
       # POST /api/oauth2/callback
       ###########################
-      def stub_account_api_validates_auth_response(code: nil, state: nil, govuk_account_session: "govuk-account-session", redirect_path: "/", ga_client_id: "ga-client-id")
+      def stub_account_api_validates_auth_response(code: nil, state: nil, govuk_account_session: "govuk-account-session", redirect_path: "/", ga_client_id: "ga-client-id", cookie_consent: false)
         stub_request(:post, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/callback")
           .with(body: hash_including({ code: code, state: state }.compact))
           .to_return(
             status: 200,
-            body: { govuk_account_session: govuk_account_session, redirect_path: redirect_path, ga_client_id: ga_client_id }.to_json,
+            body: { govuk_account_session: govuk_account_session, redirect_path: redirect_path, ga_client_id: ga_client_id, cookie_consent: cookie_consent }.to_json,
           )
       end
 
@@ -46,26 +46,15 @@ module GdsApi
           .to_return(status: 401)
       end
 
-      ########################
-      # POST /api/oauth2/state
-      ########################
-      def stub_account_api_create_registration_state(attributes: nil, state_id: "state-id")
-        stub_request(:post, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/state")
-          .with(body: hash_including({ attributes: attributes }.compact))
-          .to_return(
-            status: 200,
-            body: { state_id: state_id }.to_json,
-          )
-      end
-
       ###############
       # GET /api/user
       ###############
-      def stub_account_api_user_info(level_of_authentication: "level0", email: "email@example.com", email_verified: true, has_unconfirmed_email: false, services: {}, **options)
+      def stub_account_api_user_info(id: "user-id", level_of_authentication: "level0", email: "email@example.com", email_verified: true, has_unconfirmed_email: false, services: {}, **options)
         stub_account_api_request(
           :get,
           "/api/user",
           response_body: {
+            id: id,
             level_of_authentication: level_of_authentication,
             email: email,
             email_verified: email_verified,
@@ -137,7 +126,7 @@ module GdsApi
         )
       end
 
-      def stub_account_api_get_email_subscription_unauthorized(name:, **options)
+      def stub_account_api_unauthorized_get_email_subscription(name:, **options)
         stub_account_api_request(
           :get,
           "/api/email-subscriptions/#{name}",
@@ -204,79 +193,6 @@ module GdsApi
         )
       end
 
-      ################################################
-      # GET /api/transition-checker-email-subscription
-      ################################################
-      def stub_account_api_has_email_subscription(**options)
-        stub_account_api_request(
-          :get,
-          "/api/transition-checker-email-subscription",
-          response_body: { has_subscription: true },
-          **options,
-        )
-      end
-
-      def stub_account_api_does_not_have_email_subscription(**options)
-        stub_account_api_request(
-          :get,
-          "/api/transition-checker-email-subscription",
-          response_body: { has_subscription: false },
-          **options,
-        )
-      end
-
-      def stub_account_api_unauthorized_get_email_subscription(**options)
-        stub_account_api_request(
-          :get,
-          "/api/transition-checker-email-subscription",
-          response_status: 401,
-          **options,
-        )
-      end
-
-      def stub_account_api_forbidden_get_email_subscription(needed_level_of_authentication: "level1", **options)
-        stub_account_api_request(
-          :get,
-          "/api/transition-checker-email-subscription",
-          response_status: 403,
-          response_body: { needed_level_of_authentication: needed_level_of_authentication },
-          **options,
-        )
-      end
-
-      #################################################
-      # POST /api/transition-checker-email-subscription
-      #################################################
-      def stub_account_api_set_email_subscription(slug: nil, **options)
-        stub_account_api_request(
-          :post,
-          "/api/transition-checker-email-subscription",
-          with: { body: hash_including({ slug: slug }.compact) },
-          **options,
-        )
-      end
-
-      def stub_account_api_unauthorized_set_email_subscription(slug: nil, **options)
-        stub_account_api_request(
-          :post,
-          "/api/transition-checker-email-subscription",
-          with: { body: hash_including({ slug: slug }.compact) },
-          response_status: 401,
-          **options,
-        )
-      end
-
-      def stub_account_api_forbidden_set_email_subscription(slug: nil, needed_level_of_authentication: "level1", **options)
-        stub_account_api_request(
-          :post,
-          "/api/transition-checker-email-subscription",
-          with: { body: hash_including({ slug: slug }.compact) },
-          response_status: 403,
-          response_body: { needed_level_of_authentication: needed_level_of_authentication },
-          **options,
-        )
-      end
-
       #####################
       # GET /api/attributes
       #####################
@@ -506,7 +422,7 @@ module GdsApi
         )
       end
 
-      def stub_account_api_delete_saved_page_unauthorised(page_path:, **options)
+      def stub_account_api_unauthorized_delete_saved_page(page_path:, **options)
         stub_account_api_request(
           :delete,
           "/api/saved-pages/#{CGI.escape(page_path)}",

data/lib/gds_api/test_helpers/email_alert_api.rb

@@ -6,11 +6,11 @@ module GdsApi
     module EmailAlertApi
       EMAIL_ALERT_API_ENDPOINT = Plek.find("email-alert-api")
 
-      def stub_email_alert_api_has_updated_subscriber(id, new_address)
+      def stub_email_alert_api_has_updated_subscriber(id, new_address, govuk_account_id: nil)
         stub_request(:patch, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/#{id}")
           .to_return(
             status: 200,
-            body: get_subscriber_response(id, new_address).to_json,
+            body: get_subscriber_response(id, new_address, govuk_account_id).to_json,
           )
       end
 
@@ -265,11 +265,11 @@ module GdsApi
           ).to_return(status: 422)
       end
 
-      def stub_email_alert_api_sends_subscriber_verification_email(subscriber_id, address)
+      def stub_email_alert_api_sends_subscriber_verification_email(subscriber_id, address, govuk_account_id: nil)
         stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/auth-token")
           .to_return(
             status: 201,
-            body: get_subscriber_response(subscriber_id, address).to_json,
+            body: get_subscriber_response(subscriber_id, address, govuk_account_id).to_json,
           )
       end
 
@@ -283,7 +283,12 @@ module GdsApi
           .to_return(status: 404)
       end
 
-      def stub_email_alert_api_authenticate_subscriber_by_govuk_account(govuk_account_session, subscriber_id, address, new_govuk_account_session: nil)
+      def stub_email_alert_api_subscriber_verification_email_linked_to_govuk_account
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/auth-token")
+          .to_return(status: 403)
+      end
+
+      def stub_email_alert_api_authenticate_subscriber_by_govuk_account(govuk_account_session, subscriber_id, address, govuk_account_id: "user-id", new_govuk_account_session: nil)
         stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account")
           .with(
             body: { govuk_account_session: govuk_account_session }.to_json,
@@ -291,7 +296,7 @@ module GdsApi
             status: 200,
             body: {
               govuk_account_session: new_govuk_account_session,
-            }.compact.merge(get_subscriber_response(subscriber_id, address)).to_json,
+            }.compact.merge(get_subscriber_response(subscriber_id, address, govuk_account_id)).to_json,
           )
       end
 
@@ -328,6 +333,52 @@ module GdsApi
           )
       end
 
+      def stub_email_alert_api_link_subscriber_to_govuk_account(govuk_account_session, subscriber_id, address, govuk_account_id: "user-id", new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/link")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 200,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.merge(get_subscriber_response(subscriber_id, address, govuk_account_id)).to_json,
+          )
+      end
+
+      def stub_email_alert_api_link_subscriber_to_govuk_account_session_invalid(govuk_account_session)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/link")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 401,
+          )
+      end
+
+      def stub_email_alert_api_link_subscriber_to_govuk_account_email_unverified(govuk_account_session, new_govuk_account_session: nil)
+        stub_request(:post, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/link")
+          .with(
+            body: { govuk_account_session: govuk_account_session }.to_json,
+          ).to_return(
+            status: 403,
+            body: {
+              govuk_account_session: new_govuk_account_session,
+            }.compact.to_json,
+          )
+      end
+
+      def stub_email_alert_api_find_subscriber_by_govuk_account(govuk_account_id, subscriber_id, address)
+        stub_request(:get, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/#{govuk_account_id}")
+          .to_return(
+            status: 200,
+            body: get_subscriber_response(subscriber_id, address, govuk_account_id).to_json,
+          )
+      end
+
+      def stub_email_alert_api_find_subscriber_by_govuk_account_no_subscriber(govuk_account_id)
+        stub_request(:get, "#{EMAIL_ALERT_API_ENDPOINT}/subscribers/govuk-account/#{govuk_account_id}")
+          .to_return(status: 404)
+      end
+
       def assert_unsubscribed(uuid)
         assert_requested(:post, "#{EMAIL_ALERT_API_ENDPOINT}/unsubscribe/#{uuid}", times: 1)
       end
@@ -359,11 +410,12 @@ module GdsApi
 
     private
 
-      def get_subscriber_response(id, address)
+      def get_subscriber_response(id, address, govuk_account_id)
         {
           "subscriber" => {
             "id" => id,
             "address" => address,
+            "govuk_account_id" => govuk_account_id,
           },
         }
       end

data/lib/gds_api/version.rb

@@ -1,3 +1,3 @@
 module GdsApi
-  VERSION = "71.6.0".freeze
+  VERSION = "72.0.0".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gds-api-adapters
 version: !ruby/object:Gem::Version
-  version: 71.6.0
+  version: 72.0.0
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-23 00:00:00.000000000 Z
+date: 2021-07-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable