Stop using identity-auth-play (#26986)

guardian · Mar 20, 2024 · 57051ef · 57051ef
1 parent 3ada26e
commit 57051ef
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 6 deletions.
diff --git a/build.sbt b/build.sbt
@@ -150,7 +150,7 @@ val identity = application("identity")
   .settings(
     libraryDependencies ++= Seq(
       filters,
-      identityAuthPlay,
+      identityAuthCore,
       slf4jExt,
       libPhoneNumber,
       supportInternationalisation,

diff --git a/identity/app/services/AuthenticationService.scala b/identity/app/services/AuthenticationService.scala
@@ -1,12 +1,12 @@
 package services
 
+import cats.effect.IO
 import com.gu.identity.auth.{IdapiAuthService, IdapiUserCredentials}
 import com.gu.identity.cookie.IdentityCookieService
 import com.gu.identity.model.User
-import com.gu.identity.play.IdapiPlayAuthService
 import idapiclient.{Auth, ScGuRp, ScGuU}
 import org.joda.time.Hours
-import play.api.mvc.{RequestHeader, Results}
+import play.api.mvc.{Cookie, RequestHeader, Results}
 import utils.SafeLogging
 
 import scala.language.implicitConversions
@@ -31,8 +31,24 @@ class AuthenticationService(
 
   /** User has SC_GU_U and GU_U cookies */
   def fullyAuthenticatedUser(request: RequestHeader): Option[AuthenticatedUser] = {
+
+    case class UserCredentialsMissingError(message: String) extends Exception {
+      override def getMessage: String = message
+    }
+
+    def getSCGUUCookieFromRequest(request: RequestHeader): IO[Cookie] =
+      IO.fromEither(request.cookies.get("SC_GU_U").toRight(UserCredentialsMissingError("SC_GU_U cookie not set")))
+
+    def getIdapiUserCredentialsFromRequest(
+        request: RequestHeader,
+    ): IO[IdapiUserCredentials] =
+      getSCGUUCookieFromRequest(request).redeemWith(
+        err => IO.raiseError[IdapiUserCredentials](err),
+        cookie => IO(IdapiUserCredentials.SCGUUCookie(cookie.value)),
+      )
+
     (for {
-      credentials <- IdapiPlayAuthService.getIdapiUserCredentialsFromRequest(request, None)
+      credentials <- getIdapiUserCredentialsFromRequest(request)
       user <- identityAuthService.getUserFromCredentials(credentials)
     } yield {
       // have to explicitly match the retrieved credentials to UserCredentials to see if it's an SCGUUCookie or CryptoAccessToken

diff --git a/project/Dependencies.scala b/project/Dependencies.scala
@@ -3,7 +3,7 @@ package com.gu
 import sbt._
 
 object Dependencies {
-  val identityLibVersion = "4.17"
+  val identityLibVersion = "4.22"
   val awsVersion = "1.12.638"
   val capiVersion = "25.0.0"
   val faciaVersion = "5.0.6"
@@ -48,7 +48,7 @@ object Dependencies {
     ExclusionRule("org.scala-lang.modules", "scala-xml_2.13")
   val identityModel = ("com.gu.identity" %% "identity-model" % identityLibVersion)
     .excludeAll(excludeDirectScalaXMLDependency)
-  val identityAuthPlay = ("com.gu.identity" %% "identity-auth-play" % identityLibVersion)
+  val identityAuthCore = ("com.gu.identity" %% "identity-auth-core" % identityLibVersion)
     .excludeAll(excludeDirectScalaXMLDependency)
 
   val mockWs = "de.leanovate.play-mockws" %% "play-mockws" % "2.6.2" % Test