Modified identification request webhook

2025-07-28 05:26:17 +02:00 · 2024-10-15 14:13:04 +03:00 · 2024-10-15 14:13:04 +03:00 · 0085f99e02
commit 0085f99e02
parent d04622c49f
14 changed files with 292 additions and 19 deletions
--- a/test/integration/eeid/identification_requests_webhook_test.rb
+++ b/test/integration/eeid/identification_requests_webhook_test.rb
@ -11,6 +11,15 @@ class Eeid::IdentificationRequestsWebhookTest < ActionDispatch::IntegrationTest
    }
    @valid_hmac_signature = OpenSSL::HMAC.hexdigest('SHA256', @secret, payload.to_json)

+    stub_request(:post, %r{api/auth/v1/token})
+      .to_return(
+        status: 200,
+        body: { access_token: 'token', token_type: 'Bearer', expires_in: 100 }.to_json, headers: {}
+      )
+    pdf_content = File.read(Rails.root.join('test/fixtures/files/legaldoc.pdf'))
+    stub_request(:get, %r{api/ident/v1/identification_requests})
+      .to_return(status: 200, body: pdf_content, headers: { 'Content-Type' => 'application/pdf' })
+
    adapter = ENV['shunter_default_adapter'].constantize.new
    adapter&.clear!
  end
@ -22,6 +31,8 @@ class Eeid::IdentificationRequestsWebhookTest < ActionDispatch::IntegrationTest
    assert_response :ok
    assert_equal({ 'status' => 'success' }, JSON.parse(response.body))
    assert_not_nil @contact.reload.verified_at
+    assert_equal @contact.verification_id, '123'
+    assert_notify_registrar('Successful Contact Verification')
  end

  test 'should return unauthorized for invalid HMAC signature' do
@ -29,13 +40,15 @@ class Eeid::IdentificationRequestsWebhookTest < ActionDispatch::IntegrationTest

    assert_response :unauthorized
    assert_equal({ 'error' => 'Invalid HMAC signature' }, JSON.parse(response.body))
+    assert_emails 0
  end

  test 'should return unauthorized for missing parameters' do
    post '/eeid/webhooks/identification_requests', params: { reference: @contact.code }, as: :json, headers: { 'X-HMAC-Signature' => @valid_hmac_signature }

    assert_response :unauthorized
-    assert_equal({ 'error' => 'Invalid HMAC signature'  }, JSON.parse(response.body))
+    assert_equal({ 'error' => 'Invalid HMAC signature' }, JSON.parse(response.body))
+    assert_emails 0
  end

  test 'should handle internal server error gracefully' do
@ -44,10 +57,24 @@ class Eeid::IdentificationRequestsWebhookTest < ActionDispatch::IntegrationTest
      post '/eeid/webhooks/identification_requests', params: { identification_request_id: '123', reference: @contact.code }, as: :json, headers: { 'X-HMAC-Signature' => @valid_hmac_signature }

      assert_response :internal_server_error
-      assert_equal({ 'error' => 'Internal Server Error' }, JSON.parse(response.body))
+      assert_equal({ 'error' => 'Simulated error' }, JSON.parse(response.body))
+      assert_emails 0
    end
  end

+  test 'should handle error from ident response' do
+    stub_request(:get, %r{api/ident/v1/identification_requests})
+      .to_return(status: :not_found, body: { error: 'Proof of identity not found' }.to_json, headers: { 'Content-Type' => 'application/json' })
+
+    @contact.update!(ident_request_sent_at: Time.zone.now - 1.day)
+    post '/eeid/webhooks/identification_requests', params: { identification_request_id: '123', reference: @contact.code }, as: :json, headers: { 'X-HMAC-Signature' => @valid_hmac_signature }
+
+    assert_response :internal_server_error
+    assert_equal({ 'error' => 'Proof of identity not found' }, JSON.parse(response.body))
+    assert_emails 0
+    assert_nil @contact.reload.verified_at
+  end
+
  test 'returns error response if throttled' do
    ENV['shunter_default_threshold'] = '1'
    ENV['shunter_enabled'] = 'true'
@ -60,4 +87,15 @@ class Eeid::IdentificationRequestsWebhookTest < ActionDispatch::IntegrationTest
    ENV['shunter_default_threshold'] = '10000'
    ENV['shunter_enabled'] = 'false'
  end
+
+  private
+
+  def assert_notify_registrar(subject)
+    assert_emails 1
+    email = ActionMailer::Base.deliveries.last
+    assert_equal [@contact.registrar.email], email.to
+    assert_equal subject, email.subject
+    assert_equal 1, email.attachments.size
+    assert_equal 'proof_of_identity.pdf', email.attachments.first.filename
+  end
 end
--- a/test/integration/repp/v1/contacts/download_poi_test.rb
+++ b/test/integration/repp/v1/contacts/download_poi_test.rb
@ -0,0 +1,72 @@
+require 'test_helper'
+
+class ReppV1ContactsDownloadPoiTest < ActionDispatch::IntegrationTest
+  def setup
+    @contact = contacts(:john)
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+
+    adapter = ENV['shunter_default_adapter'].constantize.new
+    adapter&.clear!
+
+    stub_request(:post, %r{api/auth/v1/token})
+      .to_return(
+        status: 200,
+        body: { access_token: 'token', token_type: 'Bearer', expires_in: 100 }.to_json, headers: {}
+      )
+    pdf_content = File.read(Rails.root.join('test/fixtures/files/legaldoc.pdf'))
+    stub_request(:get, %r{api/ident/v1/identification_requests})
+      .to_return(status: 200, body: pdf_content, headers: { 'Content-Type' => 'application/pdf' })
+  end
+
+  def test_returns_error_when_not_found
+    get '/repp/v1/contacts/download_poi/nonexistant:code', headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+  def test_downloads_poi_for_contact
+    @contact.update!(verified_at: Time.zone.now - 1.day, verification_id: '123')
+    get "/repp/v1/contacts/download_poi/#{@contact.code}", headers: @auth_headers
+
+    assert_response :ok
+    assert_equal 'application/pdf', response.headers['Content-Type']
+    assert_equal "inline; filename=\"proof_of_identity_123.pdf\"; filename*=UTF-8''proof_of_identity_123.pdf", response.headers['Content-Disposition']
+    assert_not_empty response.body
+  end
+
+  def test_handles_non_epp_error
+    stub_request(:get, %r{api/ident/v1/identification_requests})
+      .to_return(
+        status: :not_found,
+        body: { error: 'Proof of identity not found' }.to_json,
+        headers: { 'Content-Type' => 'application/json' }
+      )
+    get "/repp/v1/contacts/download_poi/#{@contact.code}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Proof of identity not found', json[:message]
+  end
+
+  def test_returns_error_response_if_throttled
+    ENV['shunter_default_threshold'] = '1'
+    ENV['shunter_enabled'] = 'true'
+
+    get "/repp/v1/contacts/download_poi/#{@contact.code}", headers: @auth_headers
+    get "/repp/v1/contacts/download_poi/#{@contact.code}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV['shunter_default_threshold'] = '10000'
+    ENV['shunter_enabled'] = 'false'
+  end
+end
--- a/test/integration/repp/v1/contacts/verify_test.rb
+++ b/test/integration/repp/v1/contacts/verify_test.rb
@ -12,14 +12,18 @@ class ReppV1ContactsVerifyTest < ActionDispatch::IntegrationTest
    adapter = ENV['shunter_default_adapter'].constantize.new
    adapter&.clear!

-    stub_request(:post, %r{api/auth/v1/token}).to_return(status: 200, body: { access_token: 'token', token_type: 'Bearer', expires_in: 100 }.to_json, headers: {})
+    stub_request(:post, %r{api/auth/v1/token})
+      .to_return(
+        status: 200,
+        body: { access_token: 'token', token_type: 'Bearer', expires_in: 100 }.to_json, headers: {}
+      )
    stub_request(:post, %r{api/ident/v1/identification_requests})
      .with(
        body: {
          claims_required: [{ type: 'sub', value: "#{@contact.ident_country_code}#{@contact.ident}" }],
          reference: @contact.code
        }
-      ).to_return(status: 200, body: { id: '123' }.to_json, headers: {})
+      ).to_return(status: 200, body: { id: '123' }.to_json, headers: { 'Content-Type' => 'application/json' })
  end

  def test_returns_error_when_not_found
@ -43,6 +47,20 @@ class ReppV1ContactsVerifyTest < ActionDispatch::IntegrationTest
    assert contact.present?
    assert contact.ident_request_sent_at
    assert_nil contact.verified_at
+    assert_notify_contact('Identification requested')
+  end
+
+  def test_handles_non_epp_error
+    stub_request(:post, %r{api/ident/v1/identification_requests})
+      .to_return(status: :unprocessable_entity, body: { error: 'error' }.to_json, headers: { 'Content-Type' => 'application/json' })
+
+    post "/repp/v1/contacts/verify/#{@contact.code}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Sending identification request failed', json[:message]
+    assert_nil @contact.ident_request_sent_at
+    assert_emails 0
  end

  def test_does_not_verify_already_verified_contact
@ -68,4 +86,13 @@ class ReppV1ContactsVerifyTest < ActionDispatch::IntegrationTest
    ENV['shunter_default_threshold'] = '10000'
    ENV['shunter_enabled'] = 'false'
  end
+
+  private
+
+  def assert_notify_contact(subject)
+    assert_emails 1
+    email = ActionMailer::Base.deliveries.last
+    assert_equal [@contact.email], email.to
+    assert_equal subject, email.subject
+  end
 end