Skip to content

Commit

Permalink
Merge pull request #2080 from govuk-one-login/BAU/multi-channel-switch
Browse files Browse the repository at this point in the history
DFC-663: Read 'channel' claim if SUPPORT_MULTI_CHANNEL is switched-on
  • Loading branch information
dbes-gds authored Sep 24, 2024
2 parents b03ffcc + bae2a3f commit b08dcbc
Show file tree
Hide file tree
Showing 10 changed files with 130 additions and 0 deletions.
8 changes: 8 additions & 0 deletions ci/terraform/ecs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,14 @@ locals {
name = "SUPPORT_CHECK_EMAIL_FRAUD"
value = var.support_check_email_fraud
},
{
name = "SUPPORT_MULTI_CHANNEL"
value = var.support_multi_channel
},
{
name = "DEFAULT_CHANNEL"
value = var.default_channel
},
{
name = "LANGUAGE_TOGGLE_ENABLED"
value = var.language_toggle_enabled
Expand Down
12 changes: 12 additions & 0 deletions ci/terraform/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -272,6 +272,18 @@ variable "support_check_email_fraud" {
default = "1"
}

variable "support_multi_channel" {
description = "Enables different UI rendering per channel"
type = string
default = "0"
}

variable "default_channel" {
description = "To set the default channel."
type = string
default = "web"
}

variable "prove_identity_welcome_enabled" {
description = "Do not show the prove identity welcome screen when disabled"
type = string
Expand Down
4 changes: 4 additions & 0 deletions cloudformation/deploy/template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -568,6 +568,10 @@ Resources:
Value: 1
- Name: SUPPORT_CHECK_EMAIL_FRAUD
Value: 1
- Name: SUPPORT_MULTI_CHANNEL
Value: 0
- Name: DEFAULT_CHANNEL
Value: web
- Name: LANGUAGE_TOGGLE_ENABLED
Value: 1
- Name: PROVE_IDENTITY_WELCOME_ENABLED
Expand Down
1 change: 1 addition & 0 deletions scripts/_create_env_file.py
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ class EnvFileSection(TypedDict):
"SUPPORT_REAUTHENTICATION": 1,
"SUPPORT_2HR_LOCKOUT": 1,
"SUPPORT_CHECK_EMAIL_FRAUD": 1,
"SUPPORT_MULTI_CHANNEL": 0,
"NO_PHOTO_ID_CONTACT_FORMS": 1,
"LANGUAGE_TOGGLE_ENABLED": 1,
"SUPPORT_NEW_IPV_SPINNER": 1,
Expand Down
5 changes: 5 additions & 0 deletions src/app.constants.ts
Original file line number Diff line number Diff line change
Expand Up @@ -231,6 +231,11 @@ export enum JOURNEY_TYPE {
REAUTHENTICATION = "REAUTHENTICATION",
}

export enum CHANNEL {
WEB = "web",
STRATEGIC_APP = "strategic_app",
}

export const ENVIRONMENT_NAME = {
PROD: "production",
DEV: "development",
Expand Down
8 changes: 8 additions & 0 deletions src/components/authorize/authorize-controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@ import {
getOrchToAuthExpectedClientId,
supportReauthentication,
proveIdentityWelcomeEnabled,
supportMultiChannel,
isValidChannel,
getDefaultChannel,
} from "../../config";
import { logger } from "../../utils/logger";
import { Claims } from "./claims-config";
Expand Down Expand Up @@ -186,6 +189,11 @@ function setSessionDataFromClaims(req: Request, claims: Claims) {
req.session.user.reauthenticate = supportReauthentication()
? claims.reauthenticate
: null;
req.session.user.channel =
supportMultiChannel() && isValidChannel(claims.channel)
? claims.channel
: getDefaultChannel();
logger.info(`Channel is set to: ${req.session.user.channel}`);
}

function setSessionDataFromAuthResponse(
Expand Down
1 change: 1 addition & 0 deletions src/components/authorize/claims-config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ export type Claims = {
claim?: string;
previous_session_id?: string;
previous_govuk_signin_journey_id: string;
channel?: string;
};

export const requiredClaimsKeys = [
Expand Down
71 changes: 71 additions & 0 deletions src/components/authorize/tests/authorize-controller.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -558,6 +558,77 @@ describe("authorize controller", () => {
.to.eventually.be.rejectedWith("Client ID value is incorrect")
.and.be.an.instanceOf(BadRequestError);
});

it("should set session channel session field from jwt claims when claim is present", async () => {
process.env.SUPPORT_MULTI_CHANNEL = "1";
req.query.request = "JWE";
mockClaims.channel = "strategic_app";

await authorizeGet(
fakeAuthorizeService,
fakeCookieConsentService,
fakeKmsDecryptionService,
fakeJwtService
)(req as Request, res as Response);
expect(req.session.user.channel).to.equal(mockClaims.channel);
});

it("should set session channel session field to default when claim is not present", async () => {
process.env.SUPPORT_MULTI_CHANNEL = "1";
req.query.request = "JWE";
mockClaims.channel = undefined;

await authorizeGet(
fakeAuthorizeService,
fakeCookieConsentService,
fakeKmsDecryptionService,
fakeJwtService
)(req as Request, res as Response);
expect(req.session.user.channel).to.eq("web");
});

it("should set session channel session field to default when switch is off", async () => {
process.env.SUPPORT_MULTI_CHANNEL = "0";
req.query.request = "JWE";
mockClaims.channel = "strategic_app";

await authorizeGet(
fakeAuthorizeService,
fakeCookieConsentService,
fakeKmsDecryptionService,
fakeJwtService
)(req as Request, res as Response);
expect(req.session.user.channel).to.eq("web");
});

it("should set session channel session field to the configured default when switch is off", async () => {
process.env.SUPPORT_MULTI_CHANNEL = "0";
process.env.DEFAULT_CHANNEL = "strategic_app";
req.query.request = "JWE";
mockClaims.channel = "web";

await authorizeGet(
fakeAuthorizeService,
fakeCookieConsentService,
fakeKmsDecryptionService,
fakeJwtService
)(req as Request, res as Response);
expect(req.session.user.channel).to.eq("strategic_app");
});
});

it("should set session channel session field to default when claim is invalid channel", async () => {
process.env.SUPPORT_MULTI_CHANNEL = "1";
req.query.request = "JWE";
mockClaims.channel = "invalid_channel";

await authorizeGet(
fakeAuthorizeService,
fakeCookieConsentService,
fakeKmsDecryptionService,
fakeJwtService
)(req as Request, res as Response);
expect(req.session.user.channel).to.eq("web");
});

function mockAuthService(authResponseData: any): AuthorizeServiceInterface {
Expand Down
19 changes: 19 additions & 0 deletions src/config.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
import { CHANNEL } from "./app.constants";

export function getLogLevel(): string {
return process.env.LOGS_LEVEL || "debug";
}
Expand Down Expand Up @@ -146,6 +148,19 @@ export function supportCheckEmailFraud(): boolean {
return process.env.SUPPORT_CHECK_EMAIL_FRAUD === "1";
}

export function supportMultiChannel(): boolean {
return process.env.SUPPORT_MULTI_CHANNEL === "1";
}

export function getDefaultChannel(): string {
const configuredChannel = process.env.DEFAULT_CHANNEL;
if (isValidChannel(configuredChannel)) {
return configuredChannel;
} else {
return CHANNEL.WEB;
}
}

export function getLanguageToggleEnabled(): boolean {
return process.env.LANGUAGE_TOGGLE_ENABLED === "1";
}
Expand Down Expand Up @@ -179,3 +194,7 @@ export function supportNewIpvSpinner(): boolean {
export function supportHttpKeepAlive(): boolean {
return process.env.SUPPORT_HTTP_KEEP_ALIVE === "1";
}

export function isValidChannel(channel: string): boolean {
return channel === CHANNEL.WEB || channel === CHANNEL.STRATEGIC_APP;
}
1 change: 1 addition & 0 deletions src/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ export interface UserSession {
isPasswordResetJourney?: boolean;
isSignInJourney?: boolean;
isVerifyEmailCodeResendRequired?: boolean;
channel?: string;
}

export interface UserSessionClient {
Expand Down

0 comments on commit b08dcbc

Please sign in to comment.