From 55992ea089089bd26abebb33473f66bfeb20d67f Mon Sep 17 00:00:00 2001
From: Helen Brown <helen.brown116@nhs.net>
Date: Thu, 28 Sep 2023 15:00:29 +0100
Subject: [PATCH] Revert back to using mock

---
 azure/components/run-smoke-tests.yml | 36 ++++++++++++++--------------
 manifest_template.yml                |  2 +-
 tests/api_tests.py                   |  4 +---
 tests/conftest.py                    | 17 ++++++-------
 4 files changed, 29 insertions(+), 30 deletions(-)

diff --git a/azure/components/run-smoke-tests.yml b/azure/components/run-smoke-tests.yml
index a7e208d9..b239836d 100644
--- a/azure/components/run-smoke-tests.yml
+++ b/azure/components/run-smoke-tests.yml
@@ -1,20 +1,20 @@
 steps:
-  - bash: |
-      export RELEASE_RELEASEID=$(Build.BuildId)
-      export SOURCE_COMMIT_ID=$(Build.SourceVersion)
-      export APIGEE_ENVIRONMENT="$(ENVIRONMENT)"
-      export SERVICE_BASE_PATH="$(SERVICE_BASE_PATH)"
-      export STATUS_ENDPOINT_API_KEY="$(status-endpoint-api-key)"
-      export APIGEE_PRODUCT="$(FULLY_QUALIFIED_SERVICE_NAME)"
-      export OAUTH_PROXY="oauth2"
-      export OAUTH_BASE_URI="https://$(ENVIRONMENT).api.service.nhs.uk"
-      make smoketest
-    workingDirectory: $(Pipeline.Workspace)/s/$(SERVICE_NAME)/$(SERVICE_ARTIFACT_NAME)
-    displayName: run smoketests
+    -   bash: |
+            export RELEASE_RELEASEID=$(Build.BuildId)
+            export SOURCE_COMMIT_ID=$(Build.SourceVersion)
+            export APIGEE_ENVIRONMENT="$(ENVIRONMENT)"
+            export SERVICE_BASE_PATH="$(SERVICE_BASE_PATH)"
+            export STATUS_ENDPOINT_API_KEY="$(status-endpoint-api-key)"
+            export APIGEE_PRODUCT="$(FULLY_QUALIFIED_SERVICE_NAME)"
+            export OAUTH_PROXY="oauth2-mock"
+            export OAUTH_BASE_URI="https://$(ENVIRONMENT).api.service.nhs.uk"
+            make smoketest
+        workingDirectory: $(Pipeline.Workspace)/s/$(SERVICE_NAME)/$(SERVICE_ARTIFACT_NAME)
+        displayName: run smoketests
 
-  - task: PublishTestResults@2
-    displayName: 'Publish smoketest results'
-    condition: always()
-    inputs:
-      testResultsFiles: '$(Pipeline.Workspace)/s/$(SERVICE_NAME)/$(SERVICE_ARTIFACT_NAME)/smoketest-report.xml'
-      failTaskOnFailedTests: true
\ No newline at end of file
+    -   task: PublishTestResults@2
+        displayName: 'Publish smoketest results'
+        condition: always()
+        inputs:
+            testResultsFiles: '$(Pipeline.Workspace)/s/$(SERVICE_NAME)/$(SERVICE_ARTIFACT_NAME)/smoketest-report.xml'
+            failTaskOnFailedTests: true
diff --git a/manifest_template.yml b/manifest_template.yml
index 58b53397..28bfd146 100644
--- a/manifest_template.yml
+++ b/manifest_template.yml
@@ -4,7 +4,7 @@ DESCRIPTION: Immunisation history API
 APIGEE_ENVIRONMENTS:
   - name: internal-dev
     display_name: Internal Development
-    has_mock_auth: false
+    has_mock_auth: true
   - name: internal-dev-sandbox
     display_name: Internal Development Sandbox
   - name: internal-qa
diff --git a/tests/api_tests.py b/tests/api_tests.py
index 9b14171b..69571544 100644
--- a/tests/api_tests.py
+++ b/tests/api_tests.py
@@ -305,8 +305,7 @@ def test_token_exchange_sad_path(immunisation_history_app: Dict, environment: st
     )
 
 
-# TODO Fix
-@pytest.mark.skip(reason="Focussing on other broken tests")
+# TODO FIX
 @pytest.mark.e2e
 @pytest.mark.asyncio
 @pytest.mark.parametrize(
@@ -356,7 +355,6 @@ async def test_user_restricted_access_not_permitted(test_product_and_app, servic
 
 
 # TODO Fix
-@pytest.mark.skip(reason="Focussing on other broken tests")
 @pytest.mark.e2e
 @pytest.mark.parametrize(
     "test_product_and_app",
diff --git a/tests/conftest.py b/tests/conftest.py
index 9e10042f..38c89005 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -26,6 +26,7 @@
 )
 
 APP_EMAIL = "apm-testing-internal-dev@nhs.net"
+ID_TOKEN_ISSUER = "https://identity.ptl.api.platform.nhs.uk/auth/realms/NHS-Login-mock-internal-dev"
 
 
 def get_env(variable_name: str) -> str:
@@ -68,8 +69,8 @@ def nhs_login_id_token(
         "id_status": "verified",
         "token_use": "id",
         "auth_time": 1616600683,
-        "iss": "https://internal-dev.api.service.nhs.uk",  # Points to internal dev -> testing JWKS
-        "sub": "https://internal-dev.api.service.nhs.uk",
+        "iss": ID_TOKEN_ISSUER,
+        "sub": ID_TOKEN_ISSUER,
         "exp": expires + 300,
         "iat": expires - 10,
         "vtm": "https://auth.sandpit.signin.nhs.uk/trustmark/auth.sandpit.signin.nhs.uk",
@@ -86,7 +87,7 @@ def nhs_login_id_token(
     if id_token_claims is not None:
         default_id_token_claims = {**default_id_token_claims, **id_token_claims}
 
-    default_id_token_headers = {"kid": "nhs-login", "typ": "JWT", "alg": "RS512"}
+    default_id_token_headers = {"kid": "B86zGrfcoloO13rnjKYDyAJcqj2iZAMrS49jyleL0Fo", "typ": "JWT", "alg": "RS512"}
 
     if id_token_headers is not None:
         default_id_token_headers = {**default_id_token_headers, **id_token_headers}
@@ -103,7 +104,7 @@ def get_token(
 ):
     client_credentials_config = ClientCredentialsConfig(
         environment=environment,
-        identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2",
+        identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2-mock",
         client_id=app["credentials"][0]["consumerKey"],
         jwt_private_key=app["app_jwt_private_key"],
         jwt_kid="kid-1",
@@ -124,7 +125,7 @@ def check_for_unauthorised_headers(client_app: Dict, environment: str):
     with pytest.raises(RuntimeError) as exc_info:
         client_credentials_config = ClientCredentialsConfig(
             environment=environment,
-            identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2",
+            identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2-mock",
             client_id=client_app["credentials"][0]["consumerKey"],
             jwt_private_key=client_app["app_jwt_private_key"],
             jwt_kid="kid-1",
@@ -157,7 +158,7 @@ def get_token_nhs_login_token_exchange(
     # When
     config = TokenExchangeConfig(
         environment=environment,
-        identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2",
+        identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2-mock",
         client_id=test_app["credentials"][0]["consumerKey"],
         jwt_private_key=test_app["app_jwt_private_key"],
         jwt_kid="kid-1",
@@ -190,7 +191,7 @@ def check_for_unauthorised_token_exchange(
     # When
     config = TokenExchangeConfig(
         environment=environment,
-        identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2",
+        identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2-mock",
         client_id=test_app["credentials"][0]["consumerKey"],
         jwt_private_key=test_app["app_jwt_private_key"],
         jwt_kid="kid-1",
@@ -305,7 +306,7 @@ def test_product_and_app(client: ApigeeClient, request):
     products_api = ApiProductsAPI(client=client)
     developer_apps_api = DeveloperAppsAPI(client=client)
 
-    proxies = [f"identity-service-{environment}"]
+    proxies = [f"identity-service-mock-{environment}"]
 
     if service_name is not None:
         proxies.append(service_name)