Skip to content

Commit

Permalink
Merge pull request #104 from anjumabbas5/API-7437
Browse files Browse the repository at this point in the history
API-7437 - failing to get scopes for some sessions
  • Loading branch information
ShaneTN authored Dec 12, 2023
2 parents c49397b + 0af92cc commit 6de107b
Show file tree
Hide file tree
Showing 7 changed files with 183 additions and 51 deletions.
4 changes: 2 additions & 2 deletions app/connectors/ThirdPartyDelegatedAuthorityConnector.scala
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@ import scala.util.control.NonFatal
class ThirdPartyDelegatedAuthorityConnector @Inject() (appContext: AppContext, http: HttpGet) {
val serviceUrl: String = appContext.thirdPartyDelegatedAuthorityUrl

def fetchScopes(authorizationTokens: String)(implicit hc: HeaderCarrier, ec: ExecutionContext): Future[Set[String]] = {
http.GET(s"$serviceUrl/delegated-authority", Nil, Seq("internal-auth-header" -> authorizationTokens))(readRaw, hc, ec) map { response =>
def fetchScopes(accessToken: String)(implicit hc: HeaderCarrier, ec: ExecutionContext): Future[Set[String]] = {
http.GET(s"$serviceUrl/delegated-authority", Nil, Seq("access-token" -> accessToken))(readRaw, hc, ec) map { response =>
if (response.status == Status.NOT_FOUND) {
Set[String]()
} else {
Expand Down
5 changes: 3 additions & 2 deletions app/controllers/UserInfoController.scala
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ import play.api.libs.json.Json
import play.api.mvc.{AnyContent, BodyParser, ControllerComponents}
import services.UserInfoService
import uk.gov.hmrc.api.controllers.HeaderValidator
import uk.gov.hmrc.http.{BadRequestException, UpstreamErrorResponse => UER}
import uk.gov.hmrc.http.{BadRequestException, UnauthorizedException, UpstreamErrorResponse => UER}
import uk.gov.hmrc.http.UpstreamErrorResponse.{Upstream4xxResponse, Upstream5xxResponse}
import uk.gov.hmrc.play.bootstrap.backend.controller.BackendBaseController

Expand Down Expand Up @@ -70,7 +70,8 @@ trait UserInfoController extends BackendBaseController with HeaderValidator {
case Upstream4xxResponse(UER(_, 401, _, _)) => Unauthorized(Json.toJson(ErrorUnauthorized()))
case Upstream4xxResponse(UER(msg4xx, _, _, _)) => BadGateway(Json.toJson(ErrorBadGateway(msg4xx)))
case Upstream5xxResponse(UER(msg5xx, _, _, _)) => BadGateway(Json.toJson(ErrorBadGateway(msg5xx)))
case bex: BadRequestException => BadRequest(Json.toJson(ErrorBadRequest(bex.getMessage)))
case bex: BadRequestException => BadRequest(Json.toJson(ErrorBadRequest(bex.getMessage)))
case uex: UnauthorizedException => Unauthorized(Json.toJson(ErrorUnauthorized(uex.getMessage)))
}
}
}
Expand Down
9 changes: 6 additions & 3 deletions app/services/UserInfoService.scala
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,12 @@ class LiveUserInfoService @Inject() (

override def fetchUserInfo(version: Version)(implicit hc: HeaderCarrier): Future[UserInfo] = {

val scopes = hc.authorization match {
case Some(authorisationTokens) => thirdPartyDelegatedAuthorityConnector.fetchScopes(authorisationTokens.value)
case None => Future.failed(new UnauthorizedException("Authorization token is required"))
val accessTokenHeaderName = "X-Client-Authorization-Token"
val accessTokenHeader = hc.otherHeaders.find(x => x._1 == accessTokenHeaderName)

val scopes = accessTokenHeader match {
case Some(accessTokenHeader) => thirdPartyDelegatedAuthorityConnector.fetchScopes(accessTokenHeader._2)
case None => Future.failed(new UnauthorizedException(s"$accessTokenHeaderName header is missing"))
}

scopes.flatMap { scopes =>
Expand Down
Loading

0 comments on commit 6de107b

Please sign in to comment.