Merge pull request #60 from NHSDigital/NPA-2777_Update_Sandbox

NPA-2797 Update Sandbox for All Errors Have Correct Mime Type

Author: JackPlowman

proxies/sandbox/apiproxy/policies/AssignMessage.SetMimeType.xml

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<AssignMessage async="false" continueOnError="false" enabled="true" name="SetMimeType">
+    <DisplayName>Set Mime Type</DisplayName>
+    <Set>
+        <Headers>
+            <Header name="Content-Type">application/fhir+json</Header>
+        </Headers>
+    </Set>
+    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
+    <AssignTo createNew="false" transport="http" type="response"/>
+</AssignMessage>

proxies/sandbox/apiproxy/policies/RaiseFault.400BadRequest.xml

@@ -1,13 +1,44 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ This policy raises a 401 error response for an invalid or missing access token.
+
+ Raisefault policies stop the execution of the current flow and move to the error flow, which returns the error response defined here to the requesting application.
+
+ For more information on RaiseFault policies within Apigee see the following resource:
+    * https://docs.apigee.com/api-platform/reference/policies/raise-fault-policy
+-->
 <RaiseFault async="false" continueOnError="false" enabled="true" name="RaiseFault.401Unauthorized">
     <DisplayName>RaiseFault.401Unauthorized</DisplayName>
     <Properties/>
     <FaultResponse>
         <Set>
-            <Headers/>
-            <Payload contentType="text/plain"/>
+            <Headers>
+              <Header name="Content-Type">application/fhir+json</Header>
+            </Headers>
             <StatusCode>401</StatusCode>
-            <ReasonPhrase>Access Denied</ReasonPhrase>
+            <ReasonPhrase>Unauthorized</ReasonPhrase>
+            <Payload>
+                {
+                  "issue": [
+                    {
+                      "code": "forbidden",
+                      "details": {
+                        "coding": [
+                          {
+                            "code": "ACCESS_DENIED",
+                            "display": "Missing or invalid OAuth 2.0 bearer token in request.",
+                            "system": "https://fhir.nhs.uk/R4/CodeSystem/ValidatedRelationships-ErrorOrWarningCode",
+                            "version": "1"
+                          }
+                        ]
+                      },
+                      "diagnostics": "Invalid access token - Access Denied.",
+                      "severity": "error"
+                    }
+                  ],
+                  "resourceType": "OperationOutcome"
+                }
+            </Payload>
         </Set>
     </FaultResponse>
     <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>

proxies/sandbox/apiproxy/policies/RaiseFault.401Unauthorized.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ This policy raises when an error occurs in the AWS Application.
+
+ Raisefault policies stop the execution of the current flow and move to the error flow, which returns the error response defined here to the requesting application.
+
+ For more information on RaiseFault policies within Apigee see the following resource:
+    * https://docs.apigee.com/api-platform/reference/policies/raise-fault-policy
+-->
+<RaiseFault async="false" continueOnError="false" enabled="true" name="RaiseFault.DefaultError">
+    <DisplayName>RaiseFault.DefaultError</DisplayName>
+    <Properties/>
+    <FaultResponse>
+        <Set>
+            <Headers>
+              <Header name="Content-Type">application/fhir+json</Header>
+            </Headers>
+        </Set>
+    </FaultResponse>
+    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
+</RaiseFault>

proxies/sandbox/apiproxy/policies/RaiseFault.DefaultError.xml

@@ -3,8 +3,11 @@
     <FaultRules/>
     <Flows/>
     <PostFlow name="PostFlow">
-        <Request/>
-        <Response/>
+        <Response>
+            <Step>
+                <Name>SetMimeType</Name>
+            </Step>
+        </Response>
     </PostFlow>
     <PreFlow name="PreFlow">
         <Request/>
@@ -17,6 +20,12 @@
           </Step>
         </Response>
     </PreFlow>
+    <DefaultFaultRule name="DefaultFaultRule">
+      <Step>
+        <Name>RaiseFault.DefaultError</Name>
+      </Step>
+      <AlwaysEnforce>true</AlwaysEnforce>
+    </DefaultFaultRule>
     <HTTPTargetConnection>
       {{ HOSTED_TARGET_CONNECTION }}
     </HTTPTargetConnection>