From ab0a2695ab02355fab5c889ec3bc115ba8cf195f Mon Sep 17 00:00:00 2001 From: Athif Wulandana Date: Tue, 26 Mar 2024 13:47:18 -0500 Subject: [PATCH] Authorized Ping Endpoint for Travel Pay API (#16089) * Add authorized_ping endpoint to BTSSS API * Adds specs for authorized ping endpoint, cleanup and bug fixes * Fixes for rubocop * Adds line comment --------- Co-authored-by: Athif Wulandana --- .../travel_pay/pings_controller.rb | 11 ++++++ .../app/services/travel_pay/client.rb | 16 ++++++++ modules/travel_pay/config/routes.rb | 1 + .../spec/controllers/pings_controller_spec.rb | 38 +++++++++++++++++-- .../travel_pay/spec/services/client_spec.rb | 17 +++++++++ 5 files changed, 80 insertions(+), 3 deletions(-) diff --git a/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb b/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb index 5f5e9332e4e..8529b72d842 100644 --- a/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb +++ b/modules/travel_pay/app/controllers/travel_pay/pings_controller.rb @@ -10,6 +10,17 @@ def ping render json: { data: "Received ping from upstream server with status #{btsss_ping_response.status}." } end + def authorized_ping + vagov_token = request.headers['Authorization'].split[1] + veis_token = client.request_veis_token + btsss_token = client.request_btsss_token(veis_token, vagov_token) + + btsss_authorized_ping_response = client.authorized_ping(veis_token, btsss_token) + render json: { + data: "Received authorized ping from upstream server with status #{btsss_authorized_ping_response.status}." + } + end + def client TravelPay::Client.new end diff --git a/modules/travel_pay/app/services/travel_pay/client.rb b/modules/travel_pay/app/services/travel_pay/client.rb index 40e2f461a28..79424725b3a 100644 --- a/modules/travel_pay/app/services/travel_pay/client.rb +++ b/modules/travel_pay/app/services/travel_pay/client.rb @@ -52,6 +52,22 @@ def ping(veis_token) end end + ## + # HTTP GET call to the BTSSS 'authorized-ping' endpoint to test liveness + # + # @return [Faraday::Response] + # + def authorized_ping(veis_token, btsss_token) + btsss_url = Settings.travel_pay.base_url + api_key = Settings.travel_pay.subscription_key + + connection(server_url: btsss_url).get('api/v1/Sample/authorized-ping') do |req| + req.headers['Authorization'] = "Bearer #{veis_token}" + req.headers['BTSSS-Access-Token'] = btsss_token + req.headers['Ocp-Apim-Subscription-Key'] = api_key + end + end + ## # HTTP GET call to the BTSSS 'claims' endpoint # API responds with travel pay claims including status diff --git a/modules/travel_pay/config/routes.rb b/modules/travel_pay/config/routes.rb index a0751ec089e..0f62badc5ae 100644 --- a/modules/travel_pay/config/routes.rb +++ b/modules/travel_pay/config/routes.rb @@ -2,5 +2,6 @@ TravelPay::Engine.routes.draw do get '/pings/ping', to: 'pings#ping' + get '/pings/authorized_ping', to: 'pings#authorized_ping' resources :claims end diff --git a/modules/travel_pay/spec/controllers/pings_controller_spec.rb b/modules/travel_pay/spec/controllers/pings_controller_spec.rb index 33dd8a9a537..750a96600bf 100644 --- a/modules/travel_pay/spec/controllers/pings_controller_spec.rb +++ b/modules/travel_pay/spec/controllers/pings_controller_spec.rb @@ -8,9 +8,7 @@ before do allow(TravelPay::Client).to receive(:new).and_return(client) - veis_response = double - allow(veis_response).to receive(:body).and_return('sample_token') - allow(client).to receive(:request_veis_token).and_return(veis_response) + allow(client).to receive(:request_veis_token).and_return('sample_token') btsss_ping_response = double allow(btsss_ping_response).to receive(:status).and_return(200) @@ -45,4 +43,38 @@ end end end + + describe '#authorized_ping' do + before do + btsss_authorized_ping_response = double + allow(btsss_authorized_ping_response).to receive(:status).and_return(200) + allow(client) + .to receive(:request_btsss_token) + .and_return('sample_btsss_token') + allow(client) + .to receive(:authorized_ping) + .with('sample_token', 'sample_btsss_token') + .and_return(btsss_authorized_ping_response) + end + + context 'the feature switch is enabled' do + before do + Flipper.enable :travel_pay_power_switch + end + + it 'requests a token and sends a ping to BTSSS' do + expect(client).to receive(:authorized_ping) + get '/travel_pay/pings/authorized_ping', headers: { 'Authorization' => 'Bearer vagov_token' } + expect(response.body).to include('authorized ping') + end + end + + context 'the feature switch is disabled' do + it 'raises the proper error' do + get '/travel_pay/pings/authorized_ping', headers: { 'Authorization' => 'Bearer vagov_token' } + expect(response).to have_http_status(:service_unavailable) + expect(response.body).to include('This feature has been temporarily disabled') + end + end + end end diff --git a/modules/travel_pay/spec/services/client_spec.rb b/modules/travel_pay/spec/services/client_spec.rb index c88cb9d230e..2fe2c43d5ed 100644 --- a/modules/travel_pay/spec/services/client_spec.rb +++ b/modules/travel_pay/spec/services/client_spec.rb @@ -77,6 +77,23 @@ actual_claim_ids = claims.pluck(:id) expect(actual_claim_ids).to eq(expected_ordered_ids) + end + end + + context 'authorized_ping' do + it 'receives response from authorized-ping endpoint' do + allow(Settings.travel_pay.veis).to receive(:auth_url).and_return('sample_url') + allow(Settings.travel_pay.veis).to receive(:tenant_id).and_return('sample_id') + @stubs.get('/api/v1/Sample/authorized-ping') do + [ + 200, + { 'Content-Type': 'application/json' } + ] + end + client = TravelPay::Client.new + response = client.authorized_ping('veis_token', 'btsss_token') + + expect(response).to be_success @stubs.verify_stubbed_calls end end