Skip to content

Commit

Permalink
feat: Read govpay secrets from table
Browse files Browse the repository at this point in the history
  • Loading branch information
DafyddLlyr committed Feb 14, 2024
1 parent 9326be8 commit 0d2a72f
Show file tree
Hide file tree
Showing 5 changed files with 47 additions and 12 deletions.
1 change: 1 addition & 0 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -107,4 +107,5 @@ GOV_UK_PAY_TOKEN_GLOUCESTER=👻
GOV_UK_PAY_TOKEN_MEDWAY=👻

## End-to-end test team (borrows Lambeth's details)
GOV_UK_PAY_SECRET_E2E=👻
GOV_UK_PAY_TOKEN_E2E=👻
3 changes: 3 additions & 0 deletions api.planx.uk/modules/pay/controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ export const makePaymentViaProxy: PaymentProxyController = async (
),
},
req,
res,
)(req, res, next);
};

Expand Down Expand Up @@ -101,6 +102,7 @@ export const makeInviteToPayPaymentViaProxy: PaymentRequestProxyController = (
}),
},
req,
res,
)(req, res, next);
};

Expand Down Expand Up @@ -151,6 +153,7 @@ export function fetchPaymentViaProxyWithCallback(
}),
},
req,
res,
)(req, res, next);
};
}
Expand Down
17 changes: 12 additions & 5 deletions api.planx.uk/modules/pay/middleware.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,26 @@ import { ServerError } from "../../errors";

/**
* Confirm that this local authority (aka team) has a pay token
* TODO: Check this against a DB value instead of env vars?
*/
export const isTeamUsingGovPay: RequestHandler = (req, _res, next) => {
const isSupported =
process.env[`GOV_UK_PAY_TOKEN_${req.params.localAuthority.toUpperCase()}`];
export const isTeamUsingGovPay: RequestHandler = async (req, res, next) => {
const env =
process.env.APP_ENVIRONMENT === "production" ? "production" : "staging";

if (!isSupported) {
const { govPayToken } = await $api.team.getIntegrations({
env,
slug: req.params.localAuthority,
encryptionKey: process.env.ENCRYPTION_KEY!,
});

if (!govPayToken) {
return next({
status: 400,
message: `GOV.UK Pay is not enabled for this local authority (${req.params.localAuthority})`,
});
}

res.locals.govPayToken = govPayToken;

next();
};

Expand Down
10 changes: 3 additions & 7 deletions api.planx.uk/modules/pay/proxy.ts
Original file line number Diff line number Diff line change
@@ -1,19 +1,15 @@
import { Request } from "express";
import { Response, Request } from "express";
import { fixRequestBody, Options } from "http-proxy-middleware";
import { useProxy } from "../../shared/middleware/proxy";

export const usePayProxy = (options: Partial<Options>, req: Request) => {
export const usePayProxy = (options: Partial<Options>, req: Request, res: Response) => {
return useProxy({
target: "https://publicapi.payments.service.gov.uk/v1/payments",
onProxyReq: fixRequestBody,
headers: {
...(req.headers as NodeJS.Dict<string | string[]>),
"content-type": "application/json",
Authorization: `Bearer ${
process.env[
`GOV_UK_PAY_TOKEN_${req.params.localAuthority}`.toUpperCase()
]
}`,
Authorization: `Bearer ${res.locals.govPayToken}`,
},
...options,
});
Expand Down
28 changes: 28 additions & 0 deletions e2e/tests/ui-driven/src/context.ts
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,8 @@ export async function setUpTestContext(
publisherId: context.user!.id!,
});
}
await setupGovPaySecret($admin, context);

return context;
}

Expand Down Expand Up @@ -327,3 +329,29 @@ async function deleteTeam(adminGQLClient: GraphQLClient, context: Context) {
}
}
}

async function setupGovPaySecret($admin: CoreDomainClient, context: Context) {
try {
await $admin.client.request(
gql`
mutation SetupGovPaySecret(
$team_id: Int
$staging_govpay_secret: String
) {
update_team_integrations(
where: { team_id: { _eq: $team_id } }
_set: { staging_govpay_secret: $staging_govpay_secret }
) {
affected_rows
}
}
`,
{
team_id: context.team.id,
staging_govpay_secret: process.env.GOV_UK_PAY_SECRET_E2E,
},
);
} catch (error) {
throw Error("Failed to setup GovPay secret for E2E team");
}
}

0 comments on commit 0d2a72f

Please sign in to comment.