Update makefile command and ignore some tests

NHSDigital · Sep 26, 2023 · bfd18f8 · bfd18f8
1 parent 065368e
commit bfd18f8
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 17 deletions.
diff --git a/Makefile b/Makefile
@@ -68,4 +68,4 @@ smoketest: pytest-guards
 	poetry run pytest -v --junitxml=smoketest-report.xml -s -m smoketest
 
 e2etest: pytest-guards
-	poetry run pytest -v --junitxml=e2e-report.xml -s -m e2e
+	poetry run pytest -v --junitxml=e2e-report.xml -s -m e2e --api-name=$$API_NAME --proxy-name=$$PROXY_NAME
diff --git a/azure/components/run-e2e-tests.yml b/azure/components/run-e2e-tests.yml
@@ -6,7 +6,7 @@ steps:
       export SERVICE_BASE_PATH="$(SERVICE_BASE_PATH)"
       export STATUS_ENDPOINT_API_KEY="$(status-endpoint-api-key)"
       export APIGEE_PRODUCT="$(FULLY_QUALIFIED_SERVICE_NAME)"
-      export OAUTH_PROXY="oauth2"
+      export OAUTH_PROXY="oauth2-mock"
       export OAUTH_BASE_URI="https://$(ENVIRONMENT).api.service.nhs.uk"
       export JWT_PRIVATE_KEY_ABSOLUTE_PATH="$(Pipeline.Workspace)/secrets/$(JWT_TESTING_PRIVATE_KEY)"
       export ID_TOKEN_NHS_LOGIN_PRIVATE_KEY_ABSOLUTE_PATH="$(Pipeline.Workspace)/secrets/$(ID_TOKEN_NHS_LOGIN_PRIVATE_KEY)"

diff --git a/manifest_template.yml b/manifest_template.yml
@@ -4,6 +4,7 @@ DESCRIPTION: Immunisation history API
 APIGEE_ENVIRONMENTS:
   - name: internal-dev
     display_name: Internal Development
+    has_mock_auth: true
   - name: internal-dev-sandbox
     display_name: Internal Development Sandbox
   - name: internal-qa
@@ -71,6 +72,9 @@ apigee:
         proxies:
           - immunisation-history-{{ ENV.name }}
           - identity-service-{{ ENV.name }}
+{% if ENV.has_mock_auth | default(false) %}
+          - identity-service-mock-{{ ENV.name }}
+{% endif %}
         scopes: {{ MODE.scopes }}
         quota: {{ ENV.quota | default('300') }}
         quotaInterval: '1'
@@ -89,4 +93,4 @@ apigee:
         visibility: true
         specId: immunisation-history-{{ ENV.name }}
 {% endfor %}
-{% endfor %}
+{% endfor %}
diff --git a/tests/api_tests.py b/tests/api_tests.py
@@ -10,6 +10,8 @@
 
 TARGET_COMBINATIONS = [["COVID19"], ["HPV", "COVID19"]]
 
+NHS_LOGIN_ID_BY_IDENTITY_PROOFING_LEVEL = {"P0": "9912003073", "P5": "9912003072", "P9": "9912003071"}
+
 
 def dict_path(raw, path: List[str]):
     if not raw:
@@ -151,12 +153,20 @@ async def test_immunization_no_auth_bearer_token_provided(
 
 @pytest.mark.e2e
 @pytest.mark.asyncio
-@pytest.mark.nhsd_apim_authorization(
-    access="patient",
-    level="P9",
-    login_form={"username": "9912003071"}
+@pytest.mark.parametrize(
+    "immunisatin_history_app",
+    _add_authorised_targets_to_request_params(
+        [
+            {
+                "suffixes": ["-user-restricted"],
+                "requested_proofing_level": "P9",
+                "identity_proofing_level": "P9",
+            }
+        ]
+    ),
+    indirect=True,
 )
-async def test_bad_nhs_number(service_url, _nhsd_apim_auth_token_data):
+async def test_bad_nhs_number(immunisation_history_app, service_url, _nhsd_apim_auth_token_data):
     await asyncio.sleep(1)  # Add delay to tests to avoid 429 on service callout
 
     token = _nhsd_apim_auth_token_data["access_token"]
@@ -238,7 +248,8 @@ def test_correlation_id_mirrored_in_resp_when_error(service_url):
 )
 def test_token_exchange_happy_path(immunisation_history_app, service_url, environment, _keycloak_client_credentials,
                                    _jwt_keys):
-    nhs_login_id = "9912003071"
+    nhs_login_id = NHS_LOGIN_ID_BY_IDENTITY_PROOFING_LEVEL.get(
+        immunisation_history_app["request_params"]["identity_proofing_level"])
     token_response = conftest.get_token_nhs_login_token_exchange(
         immunisation_history_app, environment=environment, _keycloak_client_credentials=_keycloak_client_credentials,
         _jwt_keys=_jwt_keys, nhs_login_id=nhs_login_id
@@ -343,9 +354,10 @@ async def test_user_restricted_access_not_permitted(test_product_and_app, servic
     indirect=True,
 )
 def test_token_exchange_invalid_identity_proofing_level_scope(test_product_and_app, service_url, environment,
-                                                              _keycloak_client_credentials, _jwt_keys, nhs_login_id):
+                                                              _keycloak_client_credentials, _jwt_keys):
     test_product, test_app = test_product_and_app
 
+    nhs_login_id = NHS_LOGIN_ID_BY_IDENTITY_PROOFING_LEVEL.get(test_app.request_params["identity_proofing_level"])
     token_response = conftest.get_token_nhs_login_token_exchange(
         app=test_app, environment=environment, _keycloak_client_credentials=_keycloak_client_credentials,
         _jwt_keys=_jwt_keys, nhs_login_id=nhs_login_id

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -56,12 +56,10 @@ def nhs_login_id_token(environment: str, _keycloak_client_credentials, nhs_login
 def get_token(
     app, environment: str, _jwt_keys
 ):
-    credentials = app["credentials"][0]
-
     client_credentials_config = ClientCredentialsConfig(
         environment=environment,
         identity_service_base_url=f"https://{environment}.api.service.nhs.uk/oauth2-mock",
-        client_id=credentials["consumerKey"],
+        client_id=app["credentials"][0]["consumerKey"],
         jwt_private_key=_jwt_keys["private_key_pem"],
         jwt_kid="test-1",
     )
@@ -180,12 +178,12 @@ def service_url(environment):
 
 
 @pytest.fixture()
-def immunisation_history_app(client: ApigeeClient, request):
+def immunisation_history_app(client: ApigeeClient, jwt_public_key_url, request):
     """Setup & Teardown an app-restricted app for this api"""
     request_params = request.param
 
     custom_attributes = {
-        "jwks-resource-url": "https://raw.githubusercontent.com/NHSDigital/identity-service-jwks/main/jwks/internal-dev/9baed6f4-1361-4a8e-8531-1f8426e3aba8.json",
+        "jwks-resource-url": jwt_public_key_url,
         "nhs-login-allowed-proofing-level": request_params.get(
             "requested_proofing_level", ""
         ),
@@ -202,12 +200,12 @@ def immunisation_history_app(client: ApigeeClient, request):
         custom_attributes["use_strict_authorised_targets"] = strict_mode
 
     api_products = get_product_names(request_params["suffixes"])
+
     app_name = f"apim-auto-{uuid4()}"
 
     developer_apps_api = DeveloperAppsAPI(client=client)
     app = developer_apps_api.create_app(email=APP_EMAIL, body=_create_app_body(app_name=app_name, products=api_products,
                                                                                custom_attributes=custom_attributes))
-    print(f"CREATED APP NAME: {app_name}")
 
     app["request_params"] = request_params
     yield app
@@ -256,7 +254,6 @@ def test_product_and_app(client: ApigeeClient, environment: str, service_name: s
     app = developer_apps_api.create_app(email=APP_EMAIL,
                                         body=_create_app_body(app_name=app_name, products=[product_name],
                                                               custom_attributes=custom_attributes))
-    print(f"CREATED APP NAME: {app_name}")
 
     app["request_params"] = request_params
     yield product, app