Skip to content

Commit

Permalink
Create STS authenticated TOU current_status route
Browse files Browse the repository at this point in the history
  • Loading branch information
rileyanderson committed Sep 6, 2024
1 parent 047887a commit 82bbe76
Show file tree
Hide file tree
Showing 3 changed files with 104 additions and 3 deletions.
23 changes: 23 additions & 0 deletions app/controllers/sign_in/terms_of_use_controller.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# frozen_string_literal: true

module SignIn
class TermsOfUseController < ServiceAccountApplicationController
service_tag 'identity'
before_action :set_current_terms_of_use_agreement, only: %i[current_status]

def current_status
Rails.logger.info('[SignIn][TermsOfUseController] current_status success', icn:)
render json: { agreement_status: @current_terms_of_use_agreement&.response }, status: :ok
end

private

def set_current_terms_of_use_agreement
@current_terms_of_use_agreement = TermsOfUseAgreement.joins(:user_account).where(user_account: { icn: }).last
end

def icn
@service_account_access_token.user_attributes['icn']
end
end
end
7 changes: 4 additions & 3 deletions config/routes.rb
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,11 @@
get '/v0/sign_in/logingov_logout_proxy', to: 'v0/sign_in#logingov_logout_proxy'
get '/v0/sign_in/revoke_all_sessions', to: 'v0/sign_in#revoke_all_sessions'

get '/sign_in/openid_connect/certs' => 'sign_in/openid_connect_certificates#index'
namespace :sign_in do
get '/openid_connect/certs', to: 'openid_connect_certificates#index'
get '/terms_of_use/current_status', to: 'terms_of_use#current_status'

unless Settings.vsp_environment == 'production'
namespace :sign_in do
unless Settings.vsp_environment == 'production'
resources :client_configs, param: :client_id
resources :service_account_configs, param: :service_account_id
end
Expand Down
77 changes: 77 additions & 0 deletions spec/controllers/sign_in/terms_of_use_controller_spec.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
# frozen_string_literal: true

require 'rails_helper'

RSpec.describe SignIn::TermsOfUseController, type: :controller do
let(:service_account_config) { create(:service_account_config, scopes:) }
let(:service_account_id) { service_account_config.service_account_id }
let(:scopes) { ['http://www.example.com/sign_in/terms_of_use'] }
let(:service_account_access_token) do
create(:service_account_access_token, service_account_id:, scopes:, user_attributes: { icn: })
end
let(:sts_token) do
SignIn::ServiceAccountAccessTokenJwtEncoder.new(service_account_access_token:).perform
end
let!(:current_terms_of_use_agreement) { create(:terms_of_use_agreement, user_account:) }
let!(:user_account) { create(:user_account) }
let(:icn) { user_account&.icn }
let(:response_body) { JSON.parse(response.body) }
let(:expected_log_message) { '[SignIn][TermsOfUseController] current_status success' }

before do
controller.request.headers['Authorization'] = "Bearer #{sts_token}"
allow(Rails.logger).to receive(:info)
end

describe 'GET #current_status' do
before { get :current_status }

context 'when authenticated' do
shared_examples 'logs a success message' do
it 'logs a success message' do
expect(Rails.logger).to have_received(:info).with(expected_log_message, icn:)
end
end

context 'with an existing terms of use agreement' do
it 'returns a success response with the agreement status' do
expect(response).to be_successful
expect(response_body['agreement_status']).to eq(current_terms_of_use_agreement.response)
end

include_examples 'logs a success message'
end

context 'without an existing terms of use agreement' do
let(:current_terms_of_use_agreement) { nil }

it 'returns a success response with a nil agreement status' do
expect(response).to be_successful
expect(response_body['agreement_status']).to be_nil
end

include_examples 'logs a success message'
end

context 'when user account does not exist' do
let(:user_account) { nil }
let(:current_terms_of_use_agreement) { nil }

it 'returns a success response with a nil agreement status' do
expect(response).to be_successful
expect(response_body['agreement_status']).to be_nil
end

include_examples 'logs a success message'
end
end

context 'when not authenticated' do
let(:sts_token) { 'invalid_token' }

it 'returns an unauthorized response' do
expect(response).to have_http_status(:unauthorized)
end
end
end
end

0 comments on commit 82bbe76

Please sign in to comment.