CCM-11602: Get enpoint safe header check

Author: simonlabarere

lambdas/api-handler/src/handlers/__tests__/get-letters.test.ts

@@ -76,7 +76,7 @@ describe('API Lambda handler', () => {
     });
   });
 
-  it('returns 400 for missing supplier ID', async () => {
+  it('returns 400 for missing supplier ID (empty headers)', async () => {
     const event = makeApiGwEvent({ path: "/letters", headers: {} });
     const context = mockDeep<Context>();
     const callback = jest.fn();
@@ -87,4 +87,16 @@ describe('API Lambda handler', () => {
       body: 'Bad Request: Missing supplier ID',
     });
   });
+
+  it('returns 400 for missing supplier ID (undefined headers)', async () => {
+    const event = makeApiGwEvent({ path: "/letters", headers: undefined });
+    const context = mockDeep<Context>();
+    const callback = jest.fn();
+    const result = await getLetters(event, context, callback);
+
+    expect(result).toEqual({
+      statusCode: 400,
+      body: 'Bad Request: Missing supplier ID',
+    });
+  });
 });

lambdas/api-handler/src/handlers/__tests__/utils/test-utils.ts

@@ -8,7 +8,7 @@ export function makeApiGwEvent(
     path: '/',
     httpMethod: 'GET',
     headers: {
-      'nhsd-supplier-id': 'supplier1'
+      'NHSD-Supplier-ID': 'supplier1'
     },
     multiValueHeaders: {},
     queryStringParameters: null,

lambdas/api-handler/src/handlers/get-letters.ts

@@ -7,7 +7,7 @@ const letterRepo = createLetterRepository();
 
 export const getLetters: APIGatewayProxyHandler = async (event) => {
   if (event.path === "/letters") {
-    const supplierId = event.headers["nhsd-supplier-id"];
+    const supplierId = event.headers ? event.headers["NHSD-Supplier-ID"] : undefined;
 
     if (!supplierId) {
       return {