From 01f3bcdb61163bc112306423e5e7a0e0a9d227a1 Mon Sep 17 00:00:00 2001 From: Dan Hinze Date: Wed, 17 Apr 2024 12:42:09 -0500 Subject: [PATCH] BTSSS-77372 Add mocked responses for BTSSS (#16231) * Revert to original token URL in service * Add authorized ping mock, too * Handle Bearer Token parsing failures gracefully * Clean up services config * Revert some accidental deletions * Final bit of cleanup * Switch to correct file path * Move authorize method to a before_action * Update mockdata paths * Fix some linting errors --- config/betamocks/services_config.yml | 16 ++++++++++++++++ config/settings.yml | 1 + .../travel_pay/application_controller.rb | 10 ++++++++++ .../controllers/travel_pay/claims_controller.rb | 3 ++- .../controllers/travel_pay/pings_controller.rb | 2 ++ .../travel_pay/app/services/travel_pay/client.rb | 6 +++--- 6 files changed, 34 insertions(+), 4 deletions(-) diff --git a/config/betamocks/services_config.yml b/config/betamocks/services_config.yml index d0d17e6763f..0c8d6f0e546 100644 --- a/config/betamocks/services_config.yml +++ b/config/betamocks/services_config.yml @@ -9,6 +9,18 @@ :path: <%= "/#{Settings.ask_va_api.crm_api.veis_api_path}/ping" %> :file_path: "/ask_va/dynamics_api" :response_delay: 15 + - :method: :get + :path: "/veis/api/btsss/travelclaim/api/v1/Sample/ping" + :file_path: "/travel_pay/ping/default" + :response_delay: 0.3 + - :method: :get + :path: "/veis/api/btsss/travelclaim/api/v1/Sample/authorized-ping" + :file_path: "/travel_pay/ping/default" + :response_delay: 0.3 + - :method: :post + :path: "/veis/api/btsss/travelclaim/api/v1/Auth/access-token" + :file_path: "/travel_pay/token/default" + :response_delay: 0.3 - :method: :post :path: <%= "/#{Settings.ask_va_api.crm_api.veis_api_path}/inquiries/new" %> :file_path: "/ask_va/crm_api/post_inquiries/default" @@ -22,6 +34,10 @@ :path: <%= "/#{Settings.ask_va_api.crm_api.tenant_id}/oauth2/v2.0/token" %> :file_path: "/ask_va/token/default" :response_delay: 0.3 + - :method: :post + :path: <%= "/#{Settings.travel_pay.veis.tenant_id}/oauth2/token" %> + :file_path: "/travel_pay/token/default" + :response_delay: 0.3 - :name: 'carma' :base_uri: <%= "#{URI(Settings['salesforce-carma'].url).host}:#{URI(Settings['salesforce-carma'].url).port}" %> diff --git a/config/settings.yml b/config/settings.yml index 88fac504297..c2aecf2c853 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -1666,6 +1666,7 @@ brd: travel_pay: + mock: true veis: client_id: ~ client_secret: ~ diff --git a/modules/travel_pay/app/controllers/travel_pay/application_controller.rb b/modules/travel_pay/app/controllers/travel_pay/application_controller.rb index 7e522c1a4a1..ae4696eb0a0 100644 --- a/modules/travel_pay/app/controllers/travel_pay/application_controller.rb +++ b/modules/travel_pay/app/controllers/travel_pay/application_controller.rb @@ -38,6 +38,16 @@ def after_logger logger.info('travel-pay') { Utils::Logger.build(self).after } end + def authorize + auth_header = request.headers['Authorization'] + raise_unauthorized('Missing Authorization header') if auth_header.nil? + raise_unauthorized('Authorization header missing Bearer token') unless auth_header.start_with?('Bearer ') + end + + def raise_unauthorized(detail) + raise Common::Exceptions::Unauthorized.new(detail:) + end + # Blocks requests from being handled if feature flag is disabled def block_if_flag_disabled unless Flipper.enabled?(:travel_pay_power_switch, @current_user) diff --git a/modules/travel_pay/app/controllers/travel_pay/claims_controller.rb b/modules/travel_pay/app/controllers/travel_pay/claims_controller.rb index 413d9ea4a68..18136f9f7e6 100644 --- a/modules/travel_pay/app/controllers/travel_pay/claims_controller.rb +++ b/modules/travel_pay/app/controllers/travel_pay/claims_controller.rb @@ -2,9 +2,10 @@ module TravelPay class ClaimsController < ApplicationController + before_action :authorize + def index veis_token = client.request_veis_token - # Non-intuitive Ruby behavior: #split splits a string on space by default vagov_token = request.headers['Authorization'].split[1] btsss_token = client.request_btsss_token(veis_token, vagov_token) diff --git a/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb b/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb index 8529b72d842..c0d12814307 100644 --- a/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb +++ b/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb @@ -2,6 +2,8 @@ module TravelPay class PingsController < ApplicationController + before_action :authorize, only: [:authorized_ping] + def ping veis_token = client.request_veis_token diff --git a/modules/travel_pay/app/services/travel_pay/client.rb b/modules/travel_pay/app/services/travel_pay/client.rb index 7cafe4a677f..e48b5f52c3a 100644 --- a/modules/travel_pay/app/services/travel_pay/client.rb +++ b/modules/travel_pay/app/services/travel_pay/client.rb @@ -112,7 +112,7 @@ def connection(server_url:) Faraday.new(url: server_url) do |conn| conn.use :breakers conn.response :raise_error, error_prefix: service_name, include_request: true - conn.response :betamocks if use_fakes? + conn.response :betamocks if mock_enabled? conn.response :json conn.request :json @@ -123,8 +123,8 @@ def connection(server_url:) ## # Syntactic sugar for determining if the client should use # fake api responses or actually connect to the BTSSS API - def use_fakes? - Settings.useFakes + def mock_enabled? + Settings.travel_pay.mock end end end