Skip to content

Commit

Permalink
Merge pull request #2067 from govuk-one-login/AUT-3601/send-reauth-in…
Browse files Browse the repository at this point in the history
…fo-to-auth-code

AUT-3601: Add is reauth journey to auth code request
  • Loading branch information
BeckaL authored Sep 18, 2024
2 parents ac53106 + 6db54e6 commit 6a53505
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 2 deletions.
11 changes: 9 additions & 2 deletions src/components/auth-code/auth-code-service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,11 @@ import {
Http,
} from "../../utils/http";
import { AuthCodeResponse, AuthCodeServiceInterface } from "./types";
import { getApiBaseUrl, getFrontendApiBaseUrl } from "../../config";
import {
getApiBaseUrl,
getFrontendApiBaseUrl,
supportReauthentication,
} from "../../config";
import { AxiosResponse } from "axios";
import { Request } from "express";
export function authCodeService(axios: Http = http): AuthCodeServiceInterface {
Expand Down Expand Up @@ -39,14 +43,17 @@ export function authCodeService(axios: Http = http): AuthCodeServiceInterface {
let response: AxiosResponse;

if (useOrchAuthCode) {
const body = {
let body: any = {
claims: clientSession.claim,
state: clientSession.state,
"redirect-uri": clientSession.redirectUri,
"rp-sector-uri": clientSession.rpSectorHost,
"is-new-account": userSession?.isAccountCreationJourney ?? false,
"password-reset-time": userSession?.passwordResetTime,
};
if (supportReauthentication() && userSession.reauthenticate) {
body = { ...body, "is-reauth-journey": true };
}
response = await axios.client.post(path, body, config);
} else {
response = await axios.client.get(path, config);
Expand Down
59 changes: 59 additions & 0 deletions src/components/auth-code/tests/auth-code-service.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ describe("authentication auth code service", () => {
afterEach(() => {
getStub.reset();
postStub.reset();
delete process.env.SUPPORT_REAUTHENTICATION;
});

describe("with auth orch split feature flag on", () => {
Expand Down Expand Up @@ -124,6 +125,64 @@ describe("authentication auth code service", () => {
expect(result.data.location).to.deep.eq(redirectUriReturnedFromResponse);
});

it("it should make a post request to the orch auth endpoint with is reauthenticate journey true for a reauthentication journey", async () => {
process.env.SUPPORT_REAUTHENTICATION = "1";

const req = createMockRequest(PATH_NAMES.AUTH_CODE);
req.ip = sourceIp;
req.headers = {
"txma-audit-encoded": auditEncodedString,
"x-forwarded-for": sourceIp,
};
const claim = ["phone_number", "phone_number_verified"];
const state = "state";
const sessionClient = {
claim: claim,
state: state,
redirectUri: redirectUriSentToAuth,
rpSectorHost: rpSectorHostSentToAuth,
};

const userSessionClient = {
isAccountCreationJourney: isAccountCreationJourneyUserSession,
passwordResetTime: passwordResetTime,
reauthenticate: "123456",
};

const result = await service.getAuthCode(
sessionId,
clientSessionId,
persistentSessionId,
sessionClient,
userSessionClient,
req
);

const expectedBody = {
claims: claim,
state: state,
"redirect-uri": redirectUriSentToAuth,
"rp-sector-uri": rpSectorHostSentToAuth,
"is-new-account": isAccountCreationJourneyUserSession,
"password-reset-time": passwordResetTime,
"is-reauth-journey": true,
};

expect(
postStub.calledOnceWithExactly(
API_ENDPOINTS.ORCH_AUTH_CODE,
expectedBody,
{
headers: expectedHeaders,
proxy: sinon.match.bool,
baseURL: frontendBaseUrl,
}
)
).to.be.true;
expect(getStub.notCalled).to.be.true;
expect(result.data.location).to.deep.eq(redirectUriReturnedFromResponse);
});

it("should make a request for an RP auth code following the prove identity callback page", async () => {
const req = createMockRequest(PATH_NAMES.AUTH_CODE);
req.ip = sourceIp;
Expand Down

0 comments on commit 6a53505

Please sign in to comment.