Merge pull request #389 from NHSDigital/amend-api-client-env-var-keys

Amend notifications env var keys

Author: steventux

manage_breast_screening/notifications/services/api_client.py

@@ -19,7 +19,7 @@ class OAuthError(Exception):
 class ApiClient:
     def send_message_batch(self, message_batch: MessageBatch) -> requests.Response:
         response = requests.post(
-            os.getenv("API_MESSAGE_BATCH_URL"),
+            os.getenv("NHS_NOTIFY_API_MESSAGE_BATCH_URL"),
             headers=self.headers(),
             json=self.message_batch_request_body(message_batch),
             timeout=10,
@@ -59,19 +59,19 @@ def headers(self) -> dict:
     def bearer_token(self) -> str:
         auth_jwt = jwt.encode(
             {
-                "sub": os.getenv("OAUTH_API_KEY"),
-                "iss": os.getenv("OAUTH_API_KEY"),
+                "sub": os.getenv("API_OAUTH_API_KEY"),
+                "iss": os.getenv("API_OAUTH_API_KEY"),
                 "jti": str(uuid.uuid4()),
-                "aud": os.getenv("OAUTH_TOKEN_URL"),
+                "aud": os.getenv("API_OAUTH_TOKEN_URL"),
                 "exp": int(time.time()) + (EXPIRES_IN_MINUTES * 60),
             },
-            os.getenv("PRIVATE_KEY"),
+            os.getenv("API_OAUTH_PRIVATE_KEY"),
             "RS512",
-            {"alg": "RS512", "typ": "JWT", "kid": os.getenv("OAUTH_API_KID")},
+            {"alg": "RS512", "typ": "JWT", "kid": os.getenv("API_OAUTH_API_KID")},
         )
 
         response = requests.post(
-            os.getenv("OAUTH_TOKEN_URL"),
+            os.getenv("API_OAUTH_TOKEN_URL"),
             data={
                 "grant_type": "client_credentials",
                 "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",

manage_breast_screening/notifications/tests/integration/test_api_client_can_call_notify_api.py

@@ -16,12 +16,12 @@ class TestApiClient:
     @pytest.fixture(autouse=True)
     def setup(self, monkeypatch):
         monkeypatch.setenv(
-            "API_MESSAGE_BATCH_URL", "http://localhost:8888/message/batch"
+            "NHS_NOTIFY_API_MESSAGE_BATCH_URL", "http://localhost:8888/message/batch"
         )
-        monkeypatch.setenv("OAUTH_TOKEN_URL", "http://localhost:8888/token")
-        monkeypatch.setenv("OAUTH_API_KEY", "a1b2c3d4")
-        monkeypatch.setenv("OAUTH_API_KID", "test-1")
-        monkeypatch.setenv("PRIVATE_KEY", "test-key")
+        monkeypatch.setenv("API_OAUTH_TOKEN_URL", "http://localhost:8888/token")
+        monkeypatch.setenv("API_OAUTH_API_KEY", "a1b2c3d4")
+        monkeypatch.setenv("API_OAUTH_API_KID", "test-1")
+        monkeypatch.setenv("API_OAUTH_PRIVATE_KEY", "test-key")
 
     @pytest.fixture
     def routing_plan_id(self):

manage_breast_screening/notifications/tests/integration/test_retry_message_batches_from_queue.py

@@ -24,12 +24,12 @@ class TestRetryMessageBatchesFromQueue:
     @pytest.fixture(autouse=True)
     def setup(self, monkeypatch):
         monkeypatch.setenv(
-            "API_MESSAGE_BATCH_URL", "http://localhost:8888/message/batch"
+            "NHS_NOTIFY_API_MESSAGE_BATCH_URL", "http://localhost:8888/message/batch"
         )
-        monkeypatch.setenv("OAUTH_TOKEN_URL", "http://localhost:8888/token")
-        monkeypatch.setenv("OAUTH_API_KEY", "a1b2c3d4")
-        monkeypatch.setenv("OAUTH_API_KID", "test-1")
-        monkeypatch.setenv("PRIVATE_KEY", "test-key")
+        monkeypatch.setenv("API_OAUTH_TOKEN_URL", "http://localhost:8888/token")
+        monkeypatch.setenv("API_OAUTH_API_KEY", "a1b2c3d4")
+        monkeypatch.setenv("API_OAUTH_API_KID", "test-1")
+        monkeypatch.setenv("API_OAUTH_PRIVATE_KEY", "test-key")
 
     @pytest.fixture
     def routing_plan_id(self):

manage_breast_screening/notifications/tests/integration/test_send_message_batches_for_episode_types.py

@@ -24,12 +24,12 @@ class TestSendMessageBatch:
     @pytest.fixture(autouse=True)
     def setup(self, monkeypatch):
         monkeypatch.setenv(
-            "API_MESSAGE_BATCH_URL", "http://localhost:8888/message/batch"
+            "NHS_NOTIFY_API_MESSAGE_BATCH_URL", "http://localhost:8888/message/batch"
         )
-        monkeypatch.setenv("OAUTH_TOKEN_URL", "http://localhost:8888/token")
-        monkeypatch.setenv("OAUTH_API_KEY", "a1b2c3d4")
-        monkeypatch.setenv("OAUTH_API_KID", "test-1")
-        monkeypatch.setenv("PRIVATE_KEY", "test-key")
+        monkeypatch.setenv("API_OAUTH_TOKEN_URL", "http://localhost:8888/token")
+        monkeypatch.setenv("API_OAUTH_API_KEY", "a1b2c3d4")
+        monkeypatch.setenv("API_OAUTH_API_KID", "test-1")
+        monkeypatch.setenv("API_OAUTH_PRIVATE_KEY", "test-key")
 
     @pytest.mark.django_db
     def test_message_batch_is_sent_for_all_routing_plans(

manage_breast_screening/notifications/tests/services/test_api_client.py

@@ -23,12 +23,12 @@ def routing_plan_id(self):
     @pytest.fixture(autouse=True)
     def setup(self, monkeypatch):
         monkeypatch.setenv(
-            "API_MESSAGE_BATCH_URL", "http://api.example.com/message/batch"
+            "NHS_NOTIFY_API_MESSAGE_BATCH_URL", "http://api.example.com/message/batch"
         )
-        monkeypatch.setenv("OAUTH_TOKEN_URL", "http://oauth.example.com/token")
-        monkeypatch.setenv("OAUTH_API_KEY", "a1b2c3d4")
-        monkeypatch.setenv("OAUTH_API_KID", "test-1")
-        monkeypatch.setenv("PRIVATE_KEY", "test-key")
+        monkeypatch.setenv("API_OAUTH_TOKEN_URL", "http://oauth.example.com/token")
+        monkeypatch.setenv("API_OAUTH_API_KEY", "a1b2c3d4")
+        monkeypatch.setenv("API_OAUTH_API_KID", "test-1")
+        monkeypatch.setenv("API_OAUTH_PRIVATE_KEY", "test-key")
 
     @pytest.mark.django_db
     def test_send_message_batch(self, mock_jwt_encode, routing_plan_id):

manage_breast_screening/notifications/tests/test_views.py

@@ -12,8 +12,8 @@
 
 @pytest.fixture(autouse=True)
 def setup(monkeypatch):
-    monkeypatch.setenv("APPLICATION_ID", "application_id")
-    monkeypatch.setenv("NOTIFY_API_KEY", "api_key")
+    monkeypatch.setenv("NHS_NOTIFY_APPLICATION_ID", "application_id")
+    monkeypatch.setenv("NHS_NOTIFY_API_KEY", "api_key")
 
 
 def test_create_message_status_with_valid_request():

manage_breast_screening/notifications/tests/validators/test_request_validator.py

@@ -15,8 +15,8 @@ class TestRequestValidator:
     @pytest.fixture(autouse=True)
     def setup(self, monkeypatch):
         """Set up environment variables for tests."""
-        monkeypatch.setenv("APPLICATION_ID", "application_id")
-        monkeypatch.setenv("NOTIFY_API_KEY", "api_key")
+        monkeypatch.setenv("NHS_NOTIFY_APPLICATION_ID", "application_id")
+        monkeypatch.setenv("NHS_NOTIFY_API_KEY", "api_key")
 
     def mock_request(self, headers={}, body="{}"):
         req = MagicMock()
@@ -74,7 +74,7 @@ def test_valid_with_invalid_api_key(self):
     def test_valid(self):
         """Test that valid API key and signature headers pass verification."""
         body = '{"this": "that"}'
-        secret = f"{os.getenv('APPLICATION_ID')}.{os.getenv('NOTIFY_API_KEY')}"
+        secret = f"{os.getenv('NHS_NOTIFY_APPLICATION_ID')}.{os.getenv('NHS_NOTIFY_API_KEY')}"
         signature = self.create_digest(secret, body)
 
         headers = {

manage_breast_screening/notifications/validators/request_validator.py

@@ -26,7 +26,9 @@ def verify_headers(self) -> tuple[bool, str]:
         if self.headers.get(self.API_KEY_HEADER_NAME) is None:
             return False, "Missing API key header"
 
-        if self.headers.get(self.API_KEY_HEADER_NAME) != os.getenv("NOTIFY_API_KEY"):
+        if self.headers.get(self.API_KEY_HEADER_NAME) != os.getenv(
+            "NHS_NOTIFY_API_KEY"
+        ):
             return False, "Invalid API key"
 
         if self.headers.get(self.SIGNATURE_HEADER_NAME) is None:
@@ -35,7 +37,7 @@ def verify_headers(self) -> tuple[bool, str]:
         return True, ""
 
     def verify_signature(self) -> bool:
-        secret = f"{os.getenv('APPLICATION_ID')}.{os.getenv('NOTIFY_API_KEY')}"
+        secret = f"{os.getenv('NHS_NOTIFY_APPLICATION_ID')}.{os.getenv('NHS_NOTIFY_API_KEY')}"
         expected_signature = hmac.new(
             bytes(secret, self.ENCODING),
             msg=bytes(self.body, self.ENCODING),