CM-758 | Adding generic implementation for /auth/confirm (#496)

* CM-758 | Neeraj/Sangita | Adding generic implementation for /auth/confirm api

* CM-758 | imported missing import

* CM-758 | Adding test cases

* CM-758 | Adding test for confirmAuthFor

Co-authored-by: Neeraj Kumar Mishra <Nexengineer@users.noreply.github.com>

Author: avghadsangita

consent/src/main/java/in/projecteka/consentmanager/SecurityConfiguration.java

@@ -56,6 +56,7 @@
 import static in.projecteka.consentmanager.user.Constants.APP_PATH_RESET_PIN;
 import static in.projecteka.consentmanager.user.Constants.BASE_PATH_PATIENTS_APIS;
 import static in.projecteka.consentmanager.user.Constants.PATH_FIND_PATIENT;
+import static in.projecteka.consentmanager.user.Constants.USERS_AUTH_CONFIRM;
 import static in.projecteka.library.clients.model.ClientError.unAuthorized;
 import static in.projecteka.library.common.Role.GATEWAY;
 import static java.util.stream.Collectors.toList;
@@ -83,7 +84,8 @@ public class SecurityConfiguration {
             PATH_HEALTH_INFORMATION_NOTIFY,
             PATH_HIP_CONSENT_ON_NOTIFY,
             PATH_HIP_ADD_CONTEXTS,
-            PATH_HIP_LINK_USER_AUTH_INIT
+            PATH_HIP_LINK_USER_AUTH_INIT,
+            USERS_AUTH_CONFIRM
     };
 
     static {
@@ -106,7 +108,7 @@ public class SecurityConfiguration {
         SERVICE_ONLY_URLS.add(Map.entry(PATH_HEALTH_INFORMATION_ON_REQUEST, HttpMethod.POST));
         SERVICE_ONLY_URLS.add(Map.entry(PATH_HIP_CONSENT_ON_NOTIFY, HttpMethod.POST));
         SERVICE_ONLY_URLS.add(Map.entry(PATH_HIP_ADD_CONTEXTS, HttpMethod.POST));
-
+        SERVICE_ONLY_URLS.add(Map.entry(USERS_AUTH_CONFIRM, HttpMethod.POST));
         RequestMatcher approveMatcher = new RequestMatcher("/consent-requests/**/approve",
                 HttpMethod.POST,
                 SCOPE_CONSENT_APPROVE);

consent/src/main/java/in/projecteka/consentmanager/user/Constants.java

@@ -27,4 +27,5 @@ public class Constants {
     public static final String APP_PATH_CREATE_USER = "/profile";
     public static final String APP_PATH_INTERNAL_FIND_USER_BY_USERNAME = "/internal/users/{userName}";
     public static final String APP_PATH_RESET_PASSWORD = "/profile/reset-password";
+    public static final String USERS_AUTH_CONFIRM = CURRENT_VERSION + "/users/auth/confirm";
 }

consent/src/main/java/in/projecteka/consentmanager/user/UserController.java

@@ -5,9 +5,12 @@
 import in.projecteka.consentmanager.user.model.SignUpSession;
 import in.projecteka.consentmanager.user.model.Token;
 import in.projecteka.consentmanager.user.model.User;
+import in.projecteka.consentmanager.user.model.UserAuthConfirmRequest;
 import in.projecteka.consentmanager.user.model.UserSignUpEnquiry;
 import in.projecteka.library.clients.model.ClientError;
 import in.projecteka.library.common.RequestValidator;
+
+
 import lombok.AllArgsConstructor;
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -21,6 +24,7 @@
 import javax.validation.Valid;
 
 import static in.projecteka.consentmanager.user.Constants.PATH_FIND_PATIENT;
+import static org.springframework.http.HttpStatus.ACCEPTED;
 import static org.springframework.http.HttpStatus.CREATED;
 
 @RestController
@@ -65,4 +69,17 @@ public Mono<Token> permitOtp(@RequestBody OtpVerification request) {
     public Mono<User> internalUserWith(@PathVariable String userName) {
         return userService.userWith(userName);
     }
+
+    @ResponseStatus(ACCEPTED)
+    @PostMapping(Constants.USERS_AUTH_CONFIRM)
+    public Mono<Void> authOnConfirm(@RequestBody UserAuthConfirmRequest request) {
+        return Mono.just(request)
+                .filterWhen(req -> validator.validate(request.getRequestId(), request.getTimestamp()))
+                .switchIfEmpty(Mono.error(ClientError.tooManyRequests()))
+                .doOnSuccess(validatedRequest -> Mono.defer(() -> {
+                    validator.put(request.getRequestId(), request.getTimestamp());
+                    return userService.confirmAuthFor(validatedRequest);
+                }))
+                .then();
+    }
 }

consent/src/main/java/in/projecteka/consentmanager/user/UserService.java

@@ -25,6 +25,7 @@
 import in.projecteka.consentmanager.user.model.UpdatePasswordRequest;
 import in.projecteka.consentmanager.user.model.UpdateUserRequest;
 import in.projecteka.consentmanager.user.model.User;
+import in.projecteka.consentmanager.user.model.UserAuthConfirmRequest;
 import in.projecteka.consentmanager.user.model.UserSignUpEnquiry;
 import in.projecteka.library.clients.IdentityServiceClient;
 import in.projecteka.library.clients.OtpServiceClient;
@@ -394,4 +395,8 @@ public Mono<User> getPatientByDetails(InitiateCmIdRecoveryRequest request) {
     private Mono<User> getDistinctUser(List<User> rows) {
         return rows.size() == 1 ? Mono.just(rows.get(0)) : Mono.empty();
     }
+
+    public Mono<Void> confirmAuthFor(UserAuthConfirmRequest request) {
+        return Mono.empty();
+    }
 }

consent/src/main/java/in/projecteka/consentmanager/user/model/AuthCredentialDetail.java

@@ -0,0 +1,10 @@
+package in.projecteka.consentmanager.user.model;
+
+import lombok.Data;
+
+@Data
+public class AuthCredentialDetail {
+    private final String token;
+    private final DemographicDetail demographic;
+}
+

consent/src/main/java/in/projecteka/consentmanager/user/model/DemographicDetail.java

@@ -0,0 +1,11 @@
+package in.projecteka.consentmanager.user.model;
+
+import lombok.Data;
+
+@Data
+public class DemographicDetail {
+    private final String name;
+    private final Gender gender;
+    private final String dateOfBirth;
+    private final Identifier identifier;
+}

consent/src/main/java/in/projecteka/consentmanager/user/model/UserAuthConfirmRequest.java

@@ -0,0 +1,17 @@
+package in.projecteka.consentmanager.user.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+
+import java.time.LocalDateTime;
+
+@Data
+@Builder
+@AllArgsConstructor
+public class UserAuthConfirmRequest {
+    private final String requestId;
+    private final LocalDateTime timestamp;
+    private final String transactionId;
+    private final AuthCredentialDetail credential;
+}

consent/src/test/java/in/projecteka/consentmanager/user/TestBuilders.java

@@ -11,6 +11,7 @@
 import in.projecteka.consentmanager.user.model.SignUpRequest;
 import in.projecteka.consentmanager.user.model.UpdatePasswordRequest;
 import in.projecteka.consentmanager.user.model.User;
+import in.projecteka.consentmanager.user.model.UserAuthConfirmRequest;
 import in.projecteka.consentmanager.user.model.UserSignUpEnquiry;
 import org.jeasy.random.EasyRandom;
 import org.jeasy.random.EasyRandomParameters;
@@ -77,4 +78,8 @@ public static PatientName.PatientNameBuilder patientName(){
     public static DateOfBirth.DateOfBirthBuilder dateOfBirth(){
         return easyRandom.nextObject(DateOfBirth.DateOfBirthBuilder.class);
     }
+
+    public static UserAuthConfirmRequest.UserAuthConfirmRequestBuilder userAuthConfirmRequest() {
+        return easyRandom.nextObject(UserAuthConfirmRequest.UserAuthConfirmRequestBuilder.class);
+    }
 }

consent/src/test/java/in/projecteka/consentmanager/user/UserControllerTest.java

@@ -8,10 +8,13 @@
 import in.projecteka.consentmanager.consent.HipConsentNotificationListener;
 import in.projecteka.consentmanager.consent.HiuConsentNotificationListener;
 import in.projecteka.consentmanager.dataflow.DataFlowBroadcastListener;
+import in.projecteka.consentmanager.user.model.AuthCredentialDetail;
+import in.projecteka.consentmanager.user.model.DemographicDetail;
 import in.projecteka.consentmanager.user.model.OtpVerification;
 import in.projecteka.consentmanager.user.model.RequesterDetail;
 import in.projecteka.consentmanager.user.model.SignUpSession;
 import in.projecteka.consentmanager.user.model.Token;
+import in.projecteka.consentmanager.user.model.UserAuthConfirmRequest;
 import in.projecteka.consentmanager.user.model.UserSignUpEnquiry;
 import in.projecteka.library.common.Authenticator;
 import in.projecteka.library.common.Caller;
@@ -20,6 +23,7 @@
 import in.projecteka.library.common.ServiceCaller;
 import org.junit.jupiter.api.Test;
 import org.junit.runner.RunWith;
+import org.mockito.ArgumentMatchers;
 import org.mockito.Mockito;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.reactive.AutoConfigureWebTestClient;
@@ -32,12 +36,15 @@
 import reactor.core.publisher.Mono;
 
 import java.time.LocalDateTime;
+import java.time.ZoneOffset;
 import java.util.List;
 
 import static in.projecteka.consentmanager.user.Constants.PATH_FIND_PATIENT;
+import static in.projecteka.consentmanager.user.Constants.USERS_AUTH_CONFIRM;
 import static in.projecteka.consentmanager.user.TestBuilders.patientRequest;
 import static in.projecteka.consentmanager.user.TestBuilders.string;
 import static in.projecteka.consentmanager.user.TestBuilders.user;
+import static in.projecteka.consentmanager.user.TestBuilders.userAuthConfirmRequest;
 import static in.projecteka.library.common.Role.GATEWAY;
 import static java.lang.String.format;
 import static org.mockito.ArgumentMatchers.any;
@@ -198,5 +205,45 @@ void shouldFailWithTooManyRequestsErrorForInvalidRequest() {
                 .expectStatus()
                 .is4xxClientError();
     }
+
+    @Test
+    void shouldReturnAcceptedForUserAuthConfirmRequest() {
+        var token = string();
+        var userAuthConfirmRequest = userAuthConfirmRequest().build();
+        var caller = ServiceCaller.builder().clientId("Client_ID").roles(List.of(GATEWAY)).build();
+
+        when(validator.put(anyString(), any(LocalDateTime.class))).thenReturn(Mono.empty());
+        when(validator.validate(anyString(), any(LocalDateTime.class))).thenReturn(Mono.just(Boolean.TRUE));
+        when(gatewayTokenVerifier.verify(token)).thenReturn(just(caller));
+        when(userService.confirmAuthFor(userAuthConfirmRequest)).thenReturn(empty());
+
+        webClient.post()
+                .uri(USERS_AUTH_CONFIRM)
+                .accept(MediaType.APPLICATION_JSON)
+                .header(AUTHORIZATION, token)
+                .body(BodyInserters.fromValue(userAuthConfirmRequest))
+                .exchange()
+                .expectStatus()
+                .isAccepted();
+    }
+
+    @Test
+    void shouldThrowTooManyRequestErrorForInvalidAuthConfirmRequest() {
+        var token = string();
+        var caller = ServiceCaller.builder().clientId("Client_ID").roles(List.of(GATEWAY)).build();
+        var userAuthConfirmRequest = userAuthConfirmRequest().build();
+
+        when(validator.validate(anyString(), any(LocalDateTime.class))).thenReturn(Mono.empty());
+        when(gatewayTokenVerifier.verify(token)).thenReturn(just(caller));
+
+        webClient.post()
+                .uri(USERS_AUTH_CONFIRM)
+                .accept(MediaType.APPLICATION_JSON)
+                .header(AUTHORIZATION, token)
+                .bodyValue(userAuthConfirmRequest)
+                .exchange()
+                .expectStatus()
+                .is4xxClientError();
+    }
 }
 

consent/src/test/java/in/projecteka/consentmanager/user/UserServiceTest.java

@@ -64,6 +64,7 @@
 import static in.projecteka.consentmanager.user.TestBuilders.string;
 import static in.projecteka.consentmanager.user.TestBuilders.updatePasswordRequest;
 import static in.projecteka.consentmanager.user.TestBuilders.user;
+import static in.projecteka.consentmanager.user.TestBuilders.userAuthConfirmRequest;
 import static in.projecteka.consentmanager.user.TestBuilders.userSignUpEnquiry;
 import static in.projecteka.consentmanager.user.model.Requester.HIU;
 import static org.assertj.core.api.Assertions.assertThat;
@@ -779,4 +780,12 @@ void shouldVerifyOTPForForgetConsentPin() {
                 .assertNext(response -> assertThat(response.getTemporaryToken()).isEqualTo(token))
                 .verifyComplete();
     }
-}
+
+    @Test
+    void shouldReturnMonoEmpty() {
+        Mono<Void> returnResult = userService.confirmAuthFor(userAuthConfirmRequest().build());
+        StepVerifier.create(returnResult)
+                .verifyComplete();
+        assertThat(returnResult).isEqualTo(Mono.empty());
+    }
+}