gds-api-adapters 72.0.0 → 74.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/gds_api/account_api.rb +19 -14
  3. data/lib/gds_api/test_helpers/account_api.rb +46 -42
  4. data/lib/gds_api/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1f884f8a2e2cd91ddec2d467ae503ae442ce852b033a5dfc3cf7d374f8fd60a0
4
- data.tar.gz: aa34f87913d8ff559a85b99dd5c1fecf82bfddffad74fa2fea19fefbc3f2128d
3
+ metadata.gz: d0fc1bf1088a309b3cea4d2db1528092df0b5c0e87014f268333076cb1536766
4
+ data.tar.gz: 92932cee9d379fa3dff38449a43544a3b0a38165e34c382a38b8494ec39876bd
5
5
  SHA512:
6
- metadata.gz: d6ca46bd2cd504c1a434d6fbf7f91399b4542beb2ddc996452236e429abf66530f43ddf00b6078630fc034b9f533f91ae8ca59ba4937a9b31dcb2aea936dc0ea
7
- data.tar.gz: d31a33695afd0f60cdedc7cd70babbc0f01db7fa4abda227d7d0de8f0e5d237ee260e47a0e528ac90db220de1a4ebc1ab9ba6a3dd62a1c86272cf9fc4ddcf7a5
6
+ metadata.gz: 8c812eed0e923623c4225ba3a88a414c2b08b012656fd43f9bcf35b928c1a76a5874c03cf0f5debc6b170d5fdd35db7ab653d549e67236a52a0effdad0e61e3c
7
+ data.tar.gz: ce7406f091e64ca710e505b00134397b3769e1a51c038d197d643c32307cf993646e01be1a8eb8f8b7f6a942fe490bda586ffc1aab0fcf2af6e958f7c46d429c
data/lib/gds_api/account_api.rb CHANGED
@@ -11,14 +11,14 @@ class GdsApi::AccountApi < GdsApi::Base
11
11
  # Get an OAuth sign-in URL to redirect the user to
12
12
  #
13
13
  # @param [String, nil] redirect_path path on GOV.UK to send the user to after authentication
14
- # @param [String, nil] level_of_authentication either "level1" (require MFA) or "level0" (do not require MFA)
14
+ # @param [Boolean, nil] mfa whether to authenticate the user with MFA or not
15
15
  #
16
16
  # @return [Hash] An authentication URL and the OAuth state parameter (for CSRF protection)
17
- def get_sign_in_url(redirect_path: nil, level_of_authentication: nil)
17
+ def get_sign_in_url(redirect_path: nil, mfa: false)
18
18
  querystring = nested_query_string(
19
19
  {
20
20
  redirect_path: redirect_path,
21
- level_of_authentication: level_of_authentication,
21
+ mfa: mfa,
22
22
  }.compact,
23
23
  )
24
24
  get_json("#{endpoint}/api/oauth2/sign-in?#{querystring}")
@@ -34,6 +34,15 @@ class GdsApi::AccountApi < GdsApi::Base
34
34
  post_json("#{endpoint}/api/oauth2/callback", code: code, state: state)
35
35
  end
36
36
 
37
+ # Get an OIDC end-session URL to redirect the user to
38
+ #
39
+ # @param [String, nil] govuk_account_session Value of the session header
40
+ #
41
+ # @return [Hash] An end-session URL
42
+ def get_end_session_url(govuk_account_session: nil)
43
+ get_json("#{endpoint}/api/oauth2/end-session", auth_headers(govuk_account_session))
44
+ end
45
+
37
46
  # Get all the information about a user needed to render the account home page
38
47
  #
39
48
  # @param [String] govuk_account_session Value of the session header
@@ -43,6 +52,13 @@ class GdsApi::AccountApi < GdsApi::Base
43
52
  get_json("#{endpoint}/api/user", auth_headers(govuk_account_session))
44
53
  end
45
54
 
55
+ # Delete a users account
56
+ #
57
+ # @param [String] subject_identifier The identifier of the user, shared between the auth service and GOV.UK.
58
+ def delete_user_by_subject_identifier(subject_identifier:)
59
+ delete_json("#{endpoint}/api/oidc-users/#{subject_identifier}")
60
+ end
61
+
46
62
  # Update the user record with privileged information from the auth service. Only the auth service will call this.
47
63
  #
48
64
  # @param [String] subject_identifier The identifier of the user, shared between the auth service and GOV.UK.
@@ -82,17 +98,6 @@ class GdsApi::AccountApi < GdsApi::Base
82
98
  patch_json("#{endpoint}/api/attributes", { attributes: attributes }, auth_headers(govuk_account_session))
83
99
  end
84
100
 
85
- # Look up the names of a user's attributes
86
- #
87
- # @param [String] attributes Names of the attributes to check
88
- # @param [String] govuk_account_session Value of the session header
89
- #
90
- # @return [Hash] The attribute names (if present), and a new session header
91
- def get_attributes_names(attributes:, govuk_account_session:)
92
- querystring = nested_query_string({ attributes: attributes }.compact)
93
- get_json("#{endpoint}/api/attributes/names?#{querystring}", auth_headers(govuk_account_session))
94
- end
95
-
96
101
  # Get the details of an account-linked email subscription.
97
102
  #
98
103
  # @param [String] name Name of the subscription
data/lib/gds_api/test_helpers/account_api.rb CHANGED
@@ -19,8 +19,8 @@ module GdsApi
19
19
  #########################
20
20
  # GET /api/oauth2/sign-in
21
21
  #########################
22
- def stub_account_api_get_sign_in_url(redirect_path: nil, level_of_authentication: nil, auth_uri: "http://auth/provider", state: "state")
23
- querystring = Rack::Utils.build_nested_query({ redirect_path: redirect_path, level_of_authentication: level_of_authentication }.compact)
22
+ def stub_account_api_get_sign_in_url(redirect_path: nil, mfa: false, auth_uri: "http://auth/provider", state: "state")
23
+ querystring = Rack::Utils.build_nested_query({ redirect_path: redirect_path, mfa: mfa }.compact)
24
24
  stub_request(:get, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/sign-in?#{querystring}")
25
25
  .to_return(
26
26
  status: 200,
@@ -46,16 +46,36 @@ module GdsApi
46
46
  .to_return(status: 401)
47
47
  end
48
48
 
49
+ #############################
50
+ # GET /api/oauth2/end-session
51
+ #############################
52
+ def stub_account_api_get_end_session_url(govuk_account_session: nil, end_session_uri: "http://auth/provider")
53
+ if govuk_account_session
54
+ stub_request(:get, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/end-session")
55
+ .with(headers: { GdsApi::AccountApi::AUTH_HEADER_NAME => govuk_account_session })
56
+ .to_return(
57
+ status: 200,
58
+ body: { end_session_uri: end_session_uri }.to_json,
59
+ )
60
+ else
61
+ stub_request(:get, "#{ACCOUNT_API_ENDPOINT}/api/oauth2/end-session")
62
+ .to_return(
63
+ status: 200,
64
+ body: { end_session_uri: end_session_uri }.to_json,
65
+ )
66
+ end
67
+ end
68
+
49
69
  ###############
50
70
  # GET /api/user
51
71
  ###############
52
- def stub_account_api_user_info(id: "user-id", level_of_authentication: "level0", email: "email@example.com", email_verified: true, has_unconfirmed_email: false, services: {}, **options)
72
+ def stub_account_api_user_info(id: "user-id", mfa: false, email: "email@example.com", email_verified: true, has_unconfirmed_email: false, services: {}, **options)
53
73
  stub_account_api_request(
54
74
  :get,
55
75
  "/api/user",
56
76
  response_body: {
57
77
  id: id,
58
- level_of_authentication: level_of_authentication,
78
+ mfa: mfa,
59
79
  email: email,
60
80
  email_verified: email_verified,
61
81
  has_unconfirmed_email: has_unconfirmed_email,
@@ -82,6 +102,26 @@ module GdsApi
82
102
  )
83
103
  end
84
104
 
105
+ ############################################
106
+ # DELETE /api/oidc-users/:subject_identifier
107
+ ############################################
108
+
109
+ def stub_account_api_delete_user_by_subject_identifier(subject_identifier:)
110
+ stub_account_api_request(
111
+ :delete,
112
+ "/api/oidc-users/#{subject_identifier}",
113
+ response_status: 204,
114
+ )
115
+ end
116
+
117
+ def stub_account_api_delete_user_by_subject_identifier_does_not_exist(subject_identifier:)
118
+ stub_account_api_request(
119
+ :delete,
120
+ "/api/oidc-users/#{subject_identifier}",
121
+ response_status: 404,
122
+ )
123
+ end
124
+
85
125
  ###########################################
86
126
  # PATCH /api/oidc-users/:subject_identifier
87
127
  ###########################################
@@ -216,13 +256,12 @@ module GdsApi
216
256
  )
217
257
  end
218
258
 
219
- def stub_account_api_forbidden_has_attributes(attributes: [], needed_level_of_authentication: "level1", **options)
259
+ def stub_account_api_forbidden_has_attributes(attributes: [], **options)
220
260
  querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
221
261
  stub_account_api_request(
222
262
  :get,
223
263
  "/api/attributes?#{querystring}",
224
264
  response_status: 403,
225
- response_body: { needed_level_of_authentication: needed_level_of_authentication },
226
265
  **options,
227
266
  )
228
267
  end
@@ -249,47 +288,12 @@ module GdsApi
249
288
  )
250
289
  end
251
290
 
252
- def stub_account_api_forbidden_set_attributes(attributes: nil, needed_level_of_authentication: "level1", **options)
291
+ def stub_account_api_forbidden_set_attributes(attributes: nil, **options)
253
292
  stub_account_api_request(
254
293
  :patch,
255
294
  "/api/attributes",
256
295
  with: { body: hash_including({ attributes: attributes }.compact) },
257
296
  response_status: 403,
258
- response_body: { needed_level_of_authentication: needed_level_of_authentication },
259
- **options,
260
- )
261
- end
262
-
263
- ###########################
264
- # GET /api/attributes/names
265
- ###########################
266
- def stub_account_api_get_attributes_names(attributes: [], **options)
267
- querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
268
- stub_account_api_request(
269
- :get,
270
- "/api/attributes/names?#{querystring}",
271
- response_body: { values: attributes },
272
- **options,
273
- )
274
- end
275
-
276
- def stub_account_api_unauthorized_get_attributes_names(attributes: [], **options)
277
- querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
278
- stub_account_api_request(
279
- :get,
280
- "/api/attributes/names?#{querystring}",
281
- response_status: 401,
282
- **options,
283
- )
284
- end
285
-
286
- def stub_account_api_forbidden_get_attributes_names(attributes: [], needed_level_of_authentication: "level1", **options)
287
- querystring = Rack::Utils.build_nested_query({ attributes: attributes }.compact)
288
- stub_account_api_request(
289
- :get,
290
- "/api/attributes/names?#{querystring}",
291
- response_status: 403,
292
- response_body: { needed_level_of_authentication: needed_level_of_authentication },
293
297
  **options,
294
298
  )
295
299
  end
data/lib/gds_api/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module GdsApi
2
- VERSION = "72.0.0".freeze
2
+ VERSION = "74.0.0".freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gds-api-adapters
3
3
  version: !ruby/object:Gem::Version
4
- version: 72.0.0
4
+ version: 74.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - GOV.UK Dev
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-07-13 00:00:00.000000000 Z
11
+ date: 2021-09-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: addressable