Added application whitelisting

hmrc · Jul 6, 2017 · de4abe7 · de4abe7
1 parent 403c388
commit de4abe7
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 5 deletions.
diff --git a/app/uk/gov/hmrc/epayeapi/config/AppContext.scala b/app/uk/gov/hmrc/epayeapi/config/AppContext.scala
@@ -32,4 +32,5 @@ case class AppContext @Inject() (config: DefaultServicesConfig) {
   val apiContext: String = current.getString(s"api.context").getOrElse(throw new RuntimeException(s"Missing Key $env.api.context"))
   val apiStatus: String = current.getString("api.status").getOrElse(throw new RuntimeException(s"Missing Key $env.api.status"))
   val useSandboxConnectors: Boolean = current.getBoolean("useSandboxConnectors").getOrElse(false)
+  val whitelistedApplications: Seq[String] = current.getStringSeq("whitelistedApplications").getOrElse(Seq.empty[String])
 }
diff --git a/app/uk/gov/hmrc/epayeapi/controllers/Documentation.scala b/app/uk/gov/hmrc/epayeapi/controllers/Documentation.scala
@@ -37,7 +37,7 @@ case class Documentation @Inject() (
   startup.start()
 
   override def definition(): Action[AnyContent] = Action {
-    Ok(views.txt.definition(context.apiContext, context.apiStatus))
+    Ok(views.txt.definition(context.apiContext, context.apiStatus, context.whitelistedApplications))
       .as("application/json")
   }
 

diff --git a/app/views/definition.scala.txt b/app/views/definition.scala.txt
@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *@
-@(context : String, status: String)
+@(context : String, status: String, whitelistedApplications: Seq[String])
 {
   "scopes": [
     {
@@ -32,7 +32,11 @@
         "status": "@status",
         "access": {
           "type": "PRIVATE",
-          "whitelistedApplicationIds":[]
+          "whitelistedApplicationIds": [
+            @whitelistedApplications.map{ id =>
+              "@id"
+            }.mkString(",\n")
+          ]
         }
       }
     ]

diff --git a/test/uk/gov/hmrc/epayeapi/controllers/DocumentationSpec.scala b/test/uk/gov/hmrc/epayeapi/controllers/DocumentationSpec.scala
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2017 HM Revenue & Customs
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package uk.gov.hmrc.epayeapi.controllers
+
+import play.api.libs.json.{JsArray, JsString, JsSuccess}
+import play.api.test.FakeRequest
+import unit.AppSpec
+import play.api.test.Helpers._
+
+class DocumentationSpec extends AppSpec {
+  "The API definition endpoint" should {
+    "include whitelisted applications" in new App(builder.withConfig("whitelistedApplications" -> Seq("my-application-id", "my-other-application-id")).build) {
+      val result = contentAsJson(inject[Documentation].definition()(FakeRequest()))
+
+      val lookupResult = (result \\ "whitelistedApplicationIds" ).head
+      lookupResult shouldEqual JsArray(Seq(JsString("my-application-id"),
+                                           JsString("my-other-application-id")))
+    }
+    "work without whitelisted applications" in new App(builder.build) {
+      val result = contentAsJson(inject[Documentation].definition()(FakeRequest()))
+
+      val lookupResult = (result \\ "whitelistedApplicationIds" ).head
+      lookupResult shouldEqual JsArray()
+    }
+  }
+}
diff --git a/test/unit/AppSpec.scala b/test/unit/AppSpec.scala
@@ -29,7 +29,6 @@ import play.api.libs.streams.Accumulator
 import play.api.mvc.Result
 import uk.gov.hmrc.auth.core.AuthConnector
 
-
 import scala.concurrent.Future
 import scala.reflect.ClassTag
 
@@ -42,7 +41,7 @@ abstract class AppSpec
   with MixedFixtures
   with Eventually
   with IntegrationPatience
-  with WsScalaTestClient{
+  with WsScalaTestClient {
   def inject[A: ClassTag](implicit a: Application): A = a.injector.instanceOf[A]
 
   def build(auth: AuthConnector): Application =
@@ -54,7 +53,10 @@ abstract class AppSpec
     def update(fn: GuiceApplicationBuilder => GuiceApplicationBuilder): Builder = copy(fn(builder))
     def withAuth(connector: AuthConnector): Builder =
       update(_.overrides(bind(classOf[AuthConnector]).toInstance(connector)))
+    def withConfig(confs: (String, Any)*): Builder =
+      update(_.configure(confs: _*))
     def build: Application = builder.build()
+
   }
 
   def builder: Builder = Builder(GuiceApplicationBuilder())