def test_valid_ods(self):
# Given
debug_session = ApigeeDebugApi(REASONABLE_ADJUSTMENTS_PROXY_NAME)
expected_ods = 'D82106'
# When
Utils.send_request(self)
# Then
actual_ods = debug_session.get_apigee_variable(
'verifyapikey.VerifyAPIKey.CustomAttributes.ods')
assert_that(expected_ods).is_equal_to(actual_ods)
def test_x_request_id_equals_nhsd_request_id(self):
# Given
debug_session = ApigeeDebugApi(
config.REASONABLE_ADJUSTMENTS_PROXY_NAME)
# When
Utils.send_request(self)
# Then
trace_id = debug_session.get_apigee_header('NHSD-Request-ID')
x_request_id = debug_session.get_apigee_header('x-request-id')
assert_that(trace_id).is_equal_to(x_request_id)
def test_jwt(self):
# Given
debug_session = ApigeeDebugApi(REASONABLE_ADJUSTMENTS_PROXY_NAME)
expected_jwt_claims = {
'reason_for_request': 'directcare',
'scope': 'user/Consent.read',
'requesting_organization':
'https://fhir.nhs.uk/Id/ods-organization-code|D82106',
'requesting_system':
'https://fhir.nhs.uk/Id/accredited-system|200000001390',
'requesting_user':
f'https://fhir.nhs.uk/Id/sds-role-profile-id|{config.TEST_NHSD_SESSION_URID}',
'sub':
f'https://fhir.nhs.uk/Id/sds-role-profile-id|{config.TEST_NHSD_SESSION_URID}',
'iss': 'http://api.service.nhs.uk',
'aud': f'/{REASONABLE_ADJUSTMENTS_PROXY_PATH}/Consent'
}
# When
Utils.send_request(self)
# Then
# We should pull Authorization header instead but Apigee mask that value so we get spineJwt variable instead
actual_jwt = debug_session.get_apigee_variable('spineJwt')
# We manually decode jwt because, jwt library requires all three segments but we only have two (no signature).
jwt_segments = actual_jwt.split('.')
actual_jwt_claims = json.loads(base64.b64decode(jwt_segments[1]))
assert_that(expected_jwt_claims['reason_for_request']
).is_equal_to_ignoring_case(
actual_jwt_claims['reason_for_request'])
assert_that(expected_jwt_claims['scope']).is_equal_to_ignoring_case(
actual_jwt_claims['scope'])
assert_that(expected_jwt_claims['requesting_organization']
).is_equal_to_ignoring_case(
actual_jwt_claims['requesting_organization'])
assert_that(expected_jwt_claims['requesting_system']
).is_equal_to_ignoring_case(
actual_jwt_claims['requesting_system'])
assert_that(
expected_jwt_claims['requesting_user']).is_equal_to_ignoring_case(
actual_jwt_claims['requesting_user'])
assert_that(expected_jwt_claims['sub']).is_equal_to_ignoring_case(
actual_jwt_claims['sub'])
assert_that(expected_jwt_claims['iss']).is_equal_to_ignoring_case(
actual_jwt_claims['iss'])
assert_that(expected_jwt_claims['aud']).is_equal_to_ignoring_case(
actual_jwt_claims['aud'])
def test_ASID_fetch(self):
# Given
debug_session = ApigeeDebugApi(
config.REASONABLE_ADJUSTMENTS_PROXY_NAME)
expected_value = '200000001390'
# When
Utils.send_request(self)
# Then
actual_asid = debug_session.get_apigee_variable(
'verifyapikey.VerifyAPIKey.CustomAttributes.asid')
assert_that(expected_value).is_equal_to(actual_asid)
actual_header_value = debug_session.get_apigee_header('NHSD-ASID')
assert_that(expected_value).is_equal_to(actual_header_value)
def test_outgoing_request_contains_nhsd_correlation_id_header(self):
# Given
debug_session = ApigeeDebugApi(
config.REASONABLE_ADJUSTMENTS_PROXY_NAME)
# When
Utils.send_request(self)
# Then
apigee_message_id = debug_session.get_apigee_variable('messageid')
x_correlation_id_header = debug_session.get_apigee_header(
'x-correlation-id')
x_request_id_header = debug_session.get_apigee_header('x-request-id')
nhsd_correlation_id_header = debug_session.get_apigee_header(
'NHSD-Correlation-ID')
expected_correlation_id_header = x_request_id_header + '.' + x_correlation_id_header + '.' + apigee_message_id
assert_that(expected_correlation_id_header).is_equal_to(
nhsd_correlation_id_header)
def test_missing_asid(self):
# Given
expected_status_code = 500
expected_response = {
'resourceType':
'OperationOutcome',
'issue': [{
'severity':
'error',
'code':
'value',
'details': {
'coding': [{
'system':
'https://fhir.nhs.uk/R4/CodeSystem/Spine-ErrorOrWarningCode',
'version': '1',
'code': 'INTERNAL_SERVER_ERROR',
'display': 'Unexpected internal server error'
}]
},
'diagnostics':
'An internal server error occurred. Missing ASID. Contact us for assistance diagnosing this issue: https://digital.nhs.uk/developer/help-and-support quoting Message ID'
}]
}
# When
response = Utils.send_request(self)
actual_response = json.loads(response.text)
# Then
assert_that(expected_status_code).is_equal_to(response.status_code)
# assert_that(actual_response['message_id']).is_not_empty()
assert_that(
expected_response['resourceType']).is_equal_to_ignoring_case(
actual_response['resourceType'])
assert_that(
expected_response['issue'][0]['code']).is_equal_to_ignoring_case(
actual_response['issue'][0]['code'])
assert_that(
expected_response['issue'][0]['details']['coding'][0]
['code']).is_equal_to_ignoring_case(
actual_response['issue'][0]['details']['coding'][0]['code'])
assert_that(
expected_response['issue'][0]['details']['coding'][0]
['display']).is_equal_to_ignoring_case(
actual_response['issue'][0]['details']['coding'][0]['display'])
assert_that(expected_response['issue'][0]
['diagnostics']).is_equal_to_ignoring_case(
actual_response['issue'][0]['diagnostics'])
def test_missing_ods(self):
# Given
expected_status_code = 500
expected_response = {
'error':
'missing ODS',
'error_description':
'An internal server error occurred. Missing ODS. Contact us for assistance diagnosing this issue: https://digital.nhs.uk/developer/help-and-support quoting Message ID',
}
# When
response = Utils.send_request(self)
actual_response = json.loads(response.text)
# Then
assert_that(expected_status_code).is_equal_to(response.status_code)
assert_that(actual_response['message_id']).is_not_empty()
assert_that(expected_response['error']).is_equal_to_ignoring_case(
actual_response['error'])
assert_that(
expected_response['error_description']).is_equal_to_ignoring_case(
actual_response['error_description'])