Merge pull request #113 from hmrc/individual-auth

Add individual auth check functionality
hmrc · Apr 17, 2018 · 09b3f96 · 09b3f96
2 parents 7369ce5 + 99b6dda
commit 09b3f96
Show file tree

Hide file tree

Showing 7 changed files with 51 additions and 319 deletions.
diff --git a/...ov/hmrc/vatapi/contexts/AuthContext.scala → ...uk/gov/hmrc/vatapi/auth/AuthContext.scala b/...ov/hmrc/vatapi/contexts/AuthContext.scala → ...uk/gov/hmrc/vatapi/auth/AuthContext.scala
@@ -14,7 +14,9 @@
  * limitations under the License.
  */
 
-package uk.gov.hmrc.vatapi.contexts
+package uk.gov.hmrc.vatapi.auth
+import uk.gov.hmrc.auth.core.AffinityGroup
+import AuthConstants._
 
 sealed trait AuthContext {
   val affinityGroup: String
@@ -24,16 +26,37 @@ sealed trait AuthContext {
 }
 
 case object Organisation extends AuthContext {
-  override val affinityGroup: String = "organisation"
+  override val affinityGroup: String = ORGANISATION
   override val agentCode: Option[String] = None
   override val agentReference: Option[String] = None
   override val userType = "OrgVatPayer"
 }
 
+case object Individual extends AuthContext {
+  override val affinityGroup: String = INDIVIDUAL
+  override val agentCode: Option[String] = None
+  override val agentReference: Option[String] = None
+  override val userType = "IndVatPayer"
+}
+
 case class Agent(override val agentCode: Option[String], override val agentReference: Option[String]) extends AuthContext {
   override val affinityGroup: String = "agent"
   override val userType = "Agent"
 }
 
 case class VATAuthEnrolments(enrolmentToken: String, identifier: String, authRule: Option[String] = None)
 
+object AffinityGroupToAuthContext {
+  def authContext(affinityGroup: AffinityGroup) = {
+    affinityGroup.getClass.getSimpleName.dropRight(1) match {
+      case ORGANISATION => Organisation
+      case INDIVIDUAL => Individual
+    }
+  }
+}
+
+object AuthConstants {
+  val ORGANISATION = "Organisation"
+  val INDIVIDUAL = "Individual"
+}
+
diff --git a/app/uk/gov/hmrc/vatapi/config/AppContext.scala b/app/uk/gov/hmrc/vatapi/config/AppContext.scala
@@ -19,7 +19,7 @@ package uk.gov.hmrc.vatapi.config
 import play.api.Configuration
 import play.api.Play._
 import uk.gov.hmrc.play.config.ServicesConfig
-import uk.gov.hmrc.vatapi.contexts.VATAuthEnrolments
+import uk.gov.hmrc.vatapi.auth.VATAuthEnrolments
 
 object AppContext extends ServicesConfig {
   private lazy val config = current.configuration

diff --git a/app/uk/gov/hmrc/vatapi/resources/BaseResource.scala b/app/uk/gov/hmrc/vatapi/resources/BaseResource.scala
@@ -22,8 +22,8 @@ import play.api.libs.concurrent.Execution.Implicits._
 import play.api.mvc.{ActionBuilder, _}
 import uk.gov.hmrc.domain.Vrn
 import uk.gov.hmrc.play.microservice.controller.BaseController
+import uk.gov.hmrc.vatapi.auth.{AuthContext, Organisation}
 import uk.gov.hmrc.vatapi.config.{AppContext, FeatureSwitch}
-import uk.gov.hmrc.vatapi.contexts.{AuthContext, Organisation}
 import uk.gov.hmrc.vatapi.services.AuthorisationService
 
 import scala.concurrent.Future

diff --git a/app/uk/gov/hmrc/vatapi/services/AuthorisationService.scala b/app/uk/gov/hmrc/vatapi/services/AuthorisationService.scala
@@ -26,9 +26,9 @@ import uk.gov.hmrc.auth.core.retrieve.{Retrievals, ~}
 import uk.gov.hmrc.auth.core.{Enrolment, Enrolments, _}
 import uk.gov.hmrc.domain.Vrn
 import uk.gov.hmrc.http.HeaderCarrier
-import uk.gov.hmrc.vatapi.auth.APIAuthorisedFunctions
+import uk.gov.hmrc.vatapi.auth.AffinityGroupToAuthContext._
+import uk.gov.hmrc.vatapi.auth.{APIAuthorisedFunctions, AffinityGroupToAuthContext, AuthContext}
 import uk.gov.hmrc.vatapi.config.AppContext
-import uk.gov.hmrc.vatapi.contexts.{AuthContext, Organisation}
 import uk.gov.hmrc.vatapi.models.Errors
 import uk.gov.hmrc.vatapi.models.Errors.ClientOrAgentNotAuthorized
 
@@ -62,10 +62,11 @@ trait AuthorisationService {
     aPIAuthorisedFunctions.authorised(
       RawJsonPredicate(JsArray.apply(Seq(Json.toJson(Enrolment(vatAuthEnrolments.enrolmentToken).withIdentifier(vatAuthEnrolments.identifier, vrn.vrn))))))
       .retrieve(Retrievals.affinityGroup and Retrievals.authorisedEnrolments) {
-        case Some(AffinityGroup.Organisation) ~ enrolments =>
-          logger.debug(s"[AuthorisationService] [authoriseAsClient] Authorisation succeeded as fully-authorised organisation " +
+        case retrieval@Some(AffinityGroup.Organisation|AffinityGroup.Individual) ~ enrolments =>
+          val authAffinityGroup = retrieval.a.get
+          logger.debug(s"[AuthorisationService] [authoriseAsClient] Authorisation succeeded as fully-authorised ${authContext(authAffinityGroup).affinityGroup} " +
             s"for VRN ${getClientReference(enrolments).getOrElse("")}.")
-          Future.successful(Right(Organisation))
+          Future.successful(Right(authContext(authAffinityGroup)))
         case _ => logger.error(s"[AuthorisationService] [authoriseAsClient] Authorisation failed due to unsupported affinity group.")
           Future.successful(Left(Forbidden(toJson(ClientOrAgentNotAuthorized))))
       } recoverWith unauthorisedError
@@ -83,5 +84,4 @@ trait AuthorisationService {
       Future.successful(Left(InternalServerError(toJson(
       Errors.InternalServerError("An internal server error occurred")))))
   }
-
 }