Merge pull request #30 from NHSDigital/NPA-2166-spec-compliant-401-error

chris-young-12-nhs · web-flow · commit 5a748b7be82f · 2024-03-12T07:49:46.000Z
NPA-2166: Added FHIR compliant response for missing bearer token
diff --git a/proxies/live/apiproxy/policies/RaiseFault.401Unauthorized.xml b/proxies/live/apiproxy/policies/RaiseFault.401Unauthorized.xml
@@ -1,14 +1,43 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ This policy raises a 401 error response for an invalid or missing access token.
+
+ Raisefault policies stop the execution of the current flow and move to the error flow, which returns the error response defined here to the requesting application.
+
+ For more information on RaiseFault policies within Apigee see the following resource:
+    * https://docs.apigee.com/api-platform/reference/policies/raise-fault-policy
+-->
 <RaiseFault async="false" continueOnError="false" enabled="true" name="RaiseFault.401Unauthorized">
     <DisplayName>RaiseFault.401Unauthorized</DisplayName>
     <Properties/>
     <FaultResponse>
         <Set>
             <Headers/>
-            <Payload contentType="text/plain"/>
             <StatusCode>401</StatusCode>
-            <ReasonPhrase>Access Denied</ReasonPhrase>
+            <ReasonPhrase>Unauthorized</ReasonPhrase>
+            <Payload>
+                {
+                  "issue": [
+                    {
+                      "code": "forbidden",
+                      "details": {
+                        "coding": [
+                          {
+                            "code": "ACCESS_DENIED",
+                            "display": "Missing or invalid OAuth 2.0 bearer token in request.",
+                            "system": "https://fhir.nhs.uk/R4/CodeSystem/ValidatedRelationships-ErrorOrWarningCode",
+                            "version": "1"
+                          }
+                        ]
+                      },
+                      "diagnostics": "Invalid access token - Access Denied.",
+                      "severity": "error"
+                    }
+                  ],
+                  "resourceType": "OperationOutcome"
+                }          
+            </Payload>
         </Set>
     </FaultResponse>
     <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
-</RaiseFault>
+</RaiseFault>
diff --git a/proxies/live/apiproxy/targets/target.xml b/proxies/live/apiproxy/targets/target.xml
@@ -16,6 +16,14 @@
     </Request>
   </PreFlow>
   <FaultRules>
+    <FaultRule name="unauthorized">
+        <Step>
+            <Name>RaiseFault.401Unauthorized</Name>
+              <Condition>
+              oauthV2.OauthV2.VerifyAccessToken.failed = true or fault.name = "invalid_access_token" or fault.name = "InvalidAccessToken" or fault.name = "access_token_not_approved" or fault.name = "apiresource_doesnot_exist" or fault.name = "InvalidAPICallAsNo" or fault.name = "ApiProductMatchFound"
+              </Condition>
+        </Step>
+    </FaultRule>
     <FaultRule name="access_token_expired">
       <Step>
         <Name>ExtractVariables.OAuthErrorFaultString</Name>
