Merge pull request #16 from hmrc/version

burns238 · web-flow · commit a59547f12019 · 2026-02-19T15:15:53.000Z
Update versions and fix issue with parsing
diff --git a/app/controllers/UserAllowListCheckController.scala b/app/controllers/UserAllowListCheckController.scala
@@ -24,7 +24,7 @@ import play.api.i18n.{I18nSupport, Messages}
 import play.api.mvc.{Action, AnyContent, MessagesControllerComponents}
 import uk.gov.hmrc.internalauth.client.*
 import uk.gov.hmrc.internalauth.client.Predicate.Permission
-import uk.gov.hmrc.play.bootstrap.frontend.controller.FrontendBaseController
+import uk.gov.hmrc.play.bootstrap.frontend.controller.{FrontendBaseController, FrontendController}
 import views.html.UserAllowListCheckView
 
 import javax.inject.{Inject, Singleton}
@@ -37,7 +37,7 @@ class UserAllowListCheckController @Inject()(
                                              view: UserAllowListCheckView,
                                              formProvider: AllowListEntryFormProvider,
                                              connector: UserAllowListConnector
-                                           )(implicit ec: ExecutionContext) extends FrontendBaseController with I18nSupport {
+                                           )(implicit ec: ExecutionContext) extends FrontendController(controllerComponents) with I18nSupport {
 
   private def form: Form[AllowListEntry] = formProvider()
 
@@ -61,8 +61,8 @@ class UserAllowListCheckController @Inject()(
       Ok(view(form, service))
     }
 
-  def onSubmit(service: String): Action[AnyContent] =
-    authorised(service).async { implicit request =>
+  def onSubmit(service: String): Action[Map[String, Seq[String]]] =
+    authorised(service).async(parse.formUrlEncoded) { implicit request =>
       form.bindFromRequest().fold(
         formWithErrors =>
           Future.successful(BadRequest(view(formWithErrors, service))),
diff --git a/app/controllers/UserAllowListClearController.scala b/app/controllers/UserAllowListClearController.scala
@@ -60,8 +60,8 @@ class UserAllowListClearController @Inject()(
       Ok(view(form, service))
     }
 
-  def onSubmit(service: String): Action[AnyContent] =
-    authorised(service).async { implicit request =>
+  def onSubmit(service: String): Action[Map[String, Seq[String]]] =
+    authorised(service).async(parse.formUrlEncoded) { implicit request =>
       form.bindFromRequest().fold(
         formWithErrors =>
           Future.successful(BadRequest(view(formWithErrors, service))),
diff --git a/app/controllers/UserAllowListDeleteController.scala b/app/controllers/UserAllowListDeleteController.scala
@@ -61,8 +61,8 @@ class UserAllowListDeleteController @Inject()(
       Ok(view(form, service))
     }
 
-  def onSubmit(service: String): Action[AnyContent] =
-    authorised(service).async { implicit request =>
+  def onSubmit(service: String): Action[Map[String, Seq[String]]] =
+    authorised(service).async(parse.formUrlEncoded) { implicit request =>
       form.bindFromRequest().fold(
         formWithErrors =>
           Future.successful(BadRequest(view(formWithErrors, service))),
diff --git a/app/controllers/UserAllowListSetController.scala b/app/controllers/UserAllowListSetController.scala
@@ -61,8 +61,8 @@ class UserAllowListSetController @Inject() (
       Ok(view(form, service))
     }
 
-  def onSubmit(service: String): Action[AnyContent] =
-    authorised(service).async { implicit request =>
+  def onSubmit(service: String): Action[Map[String, Seq[String]]] =
+    authorised(service).async(parse.formUrlEncoded) { implicit request =>
       form.bindFromRequest().fold(
         formWithErrors =>
           Future.successful(BadRequest(view(formWithErrors, service))),
diff --git a/build.sbt b/build.sbt
@@ -1,7 +1,7 @@
 import uk.gov.hmrc.DefaultBuildSettings
 
 ThisBuild / majorVersion := 0
-ThisBuild / scalaVersion := "3.3.3"
+ThisBuild / scalaVersion := "3.3.6"
 
 lazy val microservice = Project("user-allow-list-admin-frontend", file("."))
   .enablePlugins(play.sbt.PlayScala, SbtDistributablesPlugin)
diff --git a/project/AppDependencies.scala b/project/AppDependencies.scala
@@ -2,12 +2,12 @@ import sbt._
 
 object AppDependencies {
 
-  private val bootstrapVersion = "9.12.0"
+  private val bootstrapVersion = "10.5.0"
   
   val compile = Seq(
     "uk.gov.hmrc"             %% "bootstrap-frontend-play-30"   % bootstrapVersion,
-    "uk.gov.hmrc"             %% "play-frontend-hmrc-play-30"   % "12.1.0",
-    "uk.gov.hmrc"             %% "internal-auth-client-play-30" % "4.0.0"
+    "uk.gov.hmrc"             %% "play-frontend-hmrc-play-30"   % "12.31.0",
+    "uk.gov.hmrc"             %% "internal-auth-client-play-30" % "4.3.0"
   )
 
   val test = Seq(
diff --git a/project/plugins.sbt b/project/plugins.sbt
@@ -4,7 +4,7 @@ resolvers += Resolver.typesafeRepo("releases")
 
 addSbtPlugin("uk.gov.hmrc"        % "sbt-auto-build"     % "3.24.0")
 addSbtPlugin("uk.gov.hmrc"        % "sbt-distributables" % "2.6.0")
-addSbtPlugin("org.playframework"  % "sbt-plugin"         % "3.0.7")
+addSbtPlugin("org.playframework"  % "sbt-plugin"         % "3.0.9")
 addSbtPlugin("org.scoverage"      % "sbt-scoverage"      % "2.3.1")
-addSbtPlugin("com.typesafe.sbt"   % "sbt-gzip"           % "1.0.2")
+addSbtPlugin("com.github.sbt"     % "sbt-gzip"           % "2.0.0")
 addSbtPlugin("io.github.irundaia" % "sbt-sassify"        % "1.5.2")
diff --git a/test/controllers/UserAllowListCheckControllerSpec.scala b/test/controllers/UserAllowListCheckControllerSpec.scala
@@ -38,7 +38,8 @@ import views.html.UserAllowListCheckView
 import scala.concurrent.ExecutionContext.global
 import scala.concurrent.Future
 
-class UserAllowListCheckControllerSpec extends AnyFreeSpec with Matchers with ScalaFutures with MockitoSugar with BeforeAndAfterEach with OptionValues {
+class UserAllowListCheckControllerSpec extends AnyFreeSpec with Matchers with ScalaFutures with MockitoSugar with BeforeAndAfterEach with OptionValues
+{
 
   override def beforeEach(): Unit = {
     super.beforeEach()
@@ -110,6 +111,7 @@ class UserAllowListCheckControllerSpec extends AnyFreeSpec with Matchers with Sc
             "feature" -> "feature",
             "value" -> "a"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         status(result) mustBe SEE_OTHER
         redirectLocation(result).value mustEqual routes.UserAllowListCheckController.onPageLoad("service").url
@@ -127,6 +129,7 @@ class UserAllowListCheckControllerSpec extends AnyFreeSpec with Matchers with Sc
             "feature" -> "feature",
             "value" -> "a"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         status(result) mustBe SEE_OTHER
         redirectLocation(result).value mustEqual routes.UserAllowListCheckController.onPageLoad("service").url
@@ -160,7 +163,9 @@ class UserAllowListCheckControllerSpec extends AnyFreeSpec with Matchers with Sc
     }
 
     "must fail when the user is not authenticated" in {
-      val request = FakeRequest(POST, routes.UserAllowListCheckController.onSubmit("service").url) // no auth token
+      val request = FakeRequest(POST, routes.UserAllowListCheckController.onSubmit("service").url)
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
+      // no auth token
       val result = route(app, request).value
       status(result) mustBe SEE_OTHER
     }
@@ -169,6 +174,7 @@ class UserAllowListCheckControllerSpec extends AnyFreeSpec with Matchers with Sc
       when(mockStubBehaviour.stubAuth[String](any(), any())).thenReturn(Future.failed(new RuntimeException()))
       val request = FakeRequest(POST, routes.UserAllowListCheckController.onSubmit("service").url)
         .withSession("authToken" -> "Token some-token")
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
       route(app, request).value.failed.futureValue
     }
   }
diff --git a/test/controllers/UserAllowListClearControllerSpec.scala b/test/controllers/UserAllowListClearControllerSpec.scala
@@ -110,6 +110,7 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc
           .withFormUrlEncodedBody(
             "feature" -> "feature"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         status(result) mustBe SEE_OTHER
         redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url
@@ -124,6 +125,7 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc
         val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url)
           .withSession("authToken" -> "Token some-token")
           .withFormUrlEncodedBody()
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         val view = app.injector.instanceOf[UserAllowListClearView]
         status(result) mustBe BAD_REQUEST
@@ -139,12 +141,14 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc
           .withFormUrlEncodedBody(
             "feature" -> "feature"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         route(app, request).value.failed.futureValue
       }
     }
 
     "must fail when the user is not authenticated" in {
-      val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url) // no auth token
+      val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url)
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded") // no auth token
       val result = route(app, request).value
       status(result) mustBe SEE_OTHER
     }
@@ -153,6 +157,7 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc
       when(mockStubBehaviour.stubAuth[String](any(), any())).thenReturn(Future.failed(new RuntimeException()))
       val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url)
         .withSession("authToken" -> "Token some-token")
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
       route(app, request).value.failed.futureValue
     }
   }
diff --git a/test/controllers/UserAllowListDeleteControllerSpec.scala b/test/controllers/UserAllowListDeleteControllerSpec.scala
@@ -111,6 +111,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S
             "feature" -> "feature",
             "values" -> "a,b"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         status(result) mustBe SEE_OTHER
         redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url
@@ -128,6 +129,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S
             "feature" -> "feature",
             "values" -> "a"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         status(result) mustBe SEE_OTHER
         redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url
@@ -140,6 +142,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S
         val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url)
           .withSession("authToken" -> "Token some-token")
           .withFormUrlEncodedBody()
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         val view = app.injector.instanceOf[UserAllowListDeleteView]
         status(result) mustBe BAD_REQUEST
@@ -156,12 +159,14 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S
             "feature" -> "feature",
             "values" -> "a,b"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         route(app, request).value.failed.futureValue
       }
     }
 
     "must fail when the user is not authenticated" in {
-      val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url) // no auth token
+      val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url)
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")// no auth token
       val result = route(app, request).value
       status(result) mustBe SEE_OTHER
     }
@@ -170,6 +175,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S
       when(mockStubBehaviour.stubAuth[String](any(), any())).thenReturn(Future.failed(new RuntimeException()))
       val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url)
         .withSession("authToken" -> "Token some-token")
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
       route(app, request).value.failed.futureValue
     }
   }
diff --git a/test/controllers/UserAllowListSetControllerSpec.scala b/test/controllers/UserAllowListSetControllerSpec.scala
@@ -111,6 +111,7 @@ class UserAllowListSetControllerSpec extends AnyFreeSpec with Matchers with Scal
             "feature" -> "feature",
             "values" -> "a,b"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         status(result) mustBe SEE_OTHER
         redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url
@@ -128,6 +129,7 @@ class UserAllowListSetControllerSpec extends AnyFreeSpec with Matchers with Scal
             "feature" -> "feature",
             "values" -> "a"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         status(result) mustBe SEE_OTHER
         redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url
@@ -140,6 +142,7 @@ class UserAllowListSetControllerSpec extends AnyFreeSpec with Matchers with Scal
         val request = FakeRequest(POST, routes.UserAllowListSetController.onSubmit("service").url)
           .withSession("authToken" -> "Token some-token")
           .withFormUrlEncodedBody()
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         val result = route(app, request).value
         val view = app.injector.instanceOf[UserAllowListSetView]
         status(result) mustBe BAD_REQUEST
@@ -156,12 +159,14 @@ class UserAllowListSetControllerSpec extends AnyFreeSpec with Matchers with Scal
             "feature" -> "feature",
             "values" -> "a,b"
           )
+          .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
         route(app, request).value.failed.futureValue
       }
     }
 
     "must fail when the user is not authenticated" in {
-      val request = FakeRequest(POST, routes.UserAllowListSetController.onSubmit("service").url) // no auth token
+      val request = FakeRequest(POST, routes.UserAllowListSetController.onSubmit("service").url)
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")// no auth token
       val result = route(app, request).value
       status(result) mustBe SEE_OTHER
     }
@@ -170,6 +175,7 @@ class UserAllowListSetControllerSpec extends AnyFreeSpec with Matchers with Scal
       when(mockStubBehaviour.stubAuth[String](any(), any())).thenReturn(Future.failed(new RuntimeException()))
       val request = FakeRequest(POST, routes.UserAllowListSetController.onSubmit("service").url)
         .withSession("authToken" -> "Token some-token")
+        .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")
       route(app, request).value.failed.futureValue
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -110,6 +110,7 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc`
`110`	`110`	`.withFormUrlEncodedBody(`
`111`	`111`	`"feature" -> "feature"`
`112`	`112`	`)`
	`113`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`113`	`114`	`val result = route(app, request).value`
`114`	`115`	`status(result) mustBe SEE_OTHER`
`115`	`116`	`redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url`
`@@ -124,6 +125,7 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc`
`124`	`125`	`val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url)`
`125`	`126`	`.withSession("authToken" -> "Token some-token")`
`126`	`127`	`.withFormUrlEncodedBody()`
	`128`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`127`	`129`	`val result = route(app, request).value`
`128`	`130`	`val view = app.injector.instanceOf[UserAllowListClearView]`
`129`	`131`	`status(result) mustBe BAD_REQUEST`
`@@ -139,12 +141,14 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc`
`139`	`141`	`.withFormUrlEncodedBody(`
`140`	`142`	`"feature" -> "feature"`
`141`	`143`	`)`
	`144`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`142`	`145`	`route(app, request).value.failed.futureValue`
`143`	`146`	`}`
`144`	`147`	`}`
`145`	`148`
`146`	`149`	`"must fail when the user is not authenticated" in {`
`147`		`- val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url) // no auth token`
	`150`	`+ val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url)`
	`151`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded") // no auth token`
`148`	`152`	`val result = route(app, request).value`
`149`	`153`	`status(result) mustBe SEE_OTHER`
`150`	`154`	`}`
`@@ -153,6 +157,7 @@ class UserAllowListClearControllerSpec extends AnyFreeSpec with Matchers with Sc`
`153`	`157`	`when(mockStubBehaviour.stubAuth[String](any(), any())).thenReturn(Future.failed(new RuntimeException()))`
`154`	`158`	`val request = FakeRequest(POST, routes.UserAllowListClearController.onSubmit("service").url)`
`155`	`159`	`.withSession("authToken" -> "Token some-token")`
	`160`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`156`	`161`	`route(app, request).value.failed.futureValue`
`157`	`162`	`}`
`158`	`163`	`}`
Original file line number	Diff line number	Diff line change
`@@ -111,6 +111,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S`
`111`	`111`	`"feature" -> "feature",`
`112`	`112`	`"values" -> "a,b"`
`113`	`113`	`)`
	`114`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`114`	`115`	`val result = route(app, request).value`
`115`	`116`	`status(result) mustBe SEE_OTHER`
`116`	`117`	`redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url`
`@@ -128,6 +129,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S`
`128`	`129`	`"feature" -> "feature",`
`129`	`130`	`"values" -> "a"`
`130`	`131`	`)`
	`132`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`131`	`133`	`val result = route(app, request).value`
`132`	`134`	`status(result) mustBe SEE_OTHER`
`133`	`135`	`redirectLocation(result).value mustEqual routes.ServiceSummaryController.onPageLoad("service").url`
`@@ -140,6 +142,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S`
`140`	`142`	`val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url)`
`141`	`143`	`.withSession("authToken" -> "Token some-token")`
`142`	`144`	`.withFormUrlEncodedBody()`
	`145`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`143`	`146`	`val result = route(app, request).value`
`144`	`147`	`val view = app.injector.instanceOf[UserAllowListDeleteView]`
`145`	`148`	`status(result) mustBe BAD_REQUEST`
`@@ -156,12 +159,14 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S`
`156`	`159`	`"feature" -> "feature",`
`157`	`160`	`"values" -> "a,b"`
`158`	`161`	`)`
	`162`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`159`	`163`	`route(app, request).value.failed.futureValue`
`160`	`164`	`}`
`161`	`165`	`}`
`162`	`166`
`163`	`167`	`"must fail when the user is not authenticated" in {`
`164`		`- val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url) // no auth token`
	`168`	`+ val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url)`
	`169`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")// no auth token`
`165`	`170`	`val result = route(app, request).value`
`166`	`171`	`status(result) mustBe SEE_OTHER`
`167`	`172`	`}`
`@@ -170,6 +175,7 @@ class UserAllowListDeleteControllerSpec extends AnyFreeSpec with Matchers with S`
`170`	`175`	`when(mockStubBehaviour.stubAuth[String](any(), any())).thenReturn(Future.failed(new RuntimeException()))`
`171`	`176`	`val request = FakeRequest(POST, routes.UserAllowListDeleteController.onSubmit("service").url)`
`172`	`177`	`.withSession("authToken" -> "Token some-token")`
	`178`	`+ .withHeaders("Content-Type" -> "application/x-www-form-urlencoded")`
`173`	`179`	`route(app, request).value.failed.futureValue`
`174`	`180`	`}`
`175`	`181`	`}`