[ERSSUP-89806]-[]-[Re-added old AUTHORISED_APPLICATION business function to user restricted validation]-[JW]

Author: nhsd-jack-wainwright

proxies/live/apiproxy/targets/ers-target.xml

@@ -154,9 +154,9 @@
     <Flows>
         <Flow name="user-restricted-flow">
             <Condition>(accesstoken.auth_type == "user")</Condition>
-            <Request><!--AUTHORISED_APPLICATION business function is not supported in user restricted flow --><Step>
+            <Request><!--AUTHORISED_APPLICATION business functions are not supported in user restricted flow --><Step>
                     <Name>RaiseFault.403Forbidden</Name>
-                    <Condition>(request.header.nhsd-ers-business-function == "PROVIDER_AUTHORISED_APPLICATION") or (request.header.nhsd-ers-business-function == "REFERRER_AUTHORISED_APPLICATION")</Condition>
+                    <Condition>(request.header.nhsd-ers-business-function == "PROVIDER_AUTHORISED_APPLICATION") or (request.header.nhsd-ers-business-function == "REFERRER_AUTHORISED_APPLICATION") or (request.header.nhsd-ers-business-function == "AUTHORISED_APPLICATION")</Condition>
                 </Step> <Step>
                     <Name>AssignMessage.Set.x-ers-access-mode-header-user-restricted</Name>
                 </Step> <Step>

tests/integration/test_headers.py

@@ -76,7 +76,11 @@ async def test_headers_on_echo_target(
     @pytest.mark.asyncio
     @pytest.mark.parametrize(
         "business_function",
-        ["PROVIDER_AUTHORISED_APPLICATION", "REFERRER_AUTHORISED_APPLICATION"],
+        [
+            "PROVIDER_AUTHORISED_APPLICATION",
+            "REFERRER_AUTHORISED_APPLICATION",
+            "AUTHORISED_APPLICATION",
+        ],
     )
     async def test_headers_on_echo_target_with_app_restricted_business_function(
         self, business_function, authenticate_user, service_url