Prmdr 168 Back Channel Logout (#103)

* BCL handler and test files * Use CIS2 public key to validate logout token * Change error messages to JSON according to CIS2 spec * Reduce duplicate code * Use CIS2s published key to validate the logout token * Add new lambda to sandbox deployment workflow * Correction to file name * Correction to file name two * Pwease work * Deploy new lambda for other workflows * Alter imports on BCL handler * Extract request body before looking for token * PRMDR-168 Fix for docs not being downloaded * Code tidy up * PRMDR-168 Added fix to ensure environment variable exists * Return POST response for BCL * Issue deconstructing request * Issue deconstructing request * PRMDR-168 Adding debug code * Issue deconstructing request * PRMDR-168 Adding debug code and fixing json load * Fix divergent branches * PRMDR-168 Removing debug code Adding in variable HTTP method to decorator classes to ensure it's returning GET or POST as appropriate adding http methods to every test case * PRMDR-168 fixes for tests and adding another test back * PRMDR-168 All tests uncommented and passing * PRMDR-168 Removing unused imports and variable * PRMDR-168 Adding debug line for testing * PRMDR-168 Fix for event loading using JSON * PRMDR-168 Adding _package and it's files to .gitignore * PRMDR-168 ensuring AUTH_DYNAMODB_NAME variable exists before processing * PRMDR-168 Changing internal eror code to 500 from 400 * PRMDR-168 Fix for deploying as a part of pull request --------- Co-authored-by: AlexHerbertNHS <alexandra.herbert1@nhs.net>
nhsconnect · Oct 20, 2023 · 9c387e1 · 9c387e1
1 parent 3f6f1ca
commit 9c387e1
Show file tree

Hide file tree

Showing 20 changed files with 656 additions and 156 deletions.
diff --git a/.github/workflows/full-lambdas-dispatch-deploy.yml b/.github/workflows/full-lambdas-dispatch-deploy.yml
@@ -4,7 +4,6 @@ on:
   repository_dispatch:
     types: lambda-dispatch-deploy
 
-
 permissions:
   pull-requests: write
   id-token: write # This is required for requesting the JWT
@@ -13,8 +12,7 @@ permissions:
 jobs:
   view_action_parameters:
     runs-on: ubuntu-latest
-    steps: 
-
+    steps:
       - name: Display client passed variables
         run: |
           echo Environement Equals: ${{ github.event.client_payload.environment }}
@@ -37,9 +35,9 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Make virtual environment
-        run: | 
+        run: |
           make env
-      
+
       - name: Start virtual environment
         run: |
           source ./lambdas/venv/bin/activate
@@ -58,7 +56,7 @@ jobs:
     environment: ${{ github.event.client_payload.environment }}
     strategy:
       matrix:
-        python-version: [ "3.11" ]
+        python-version: ["3.11"]
     needs: ["python_lambdas_test"]
 
     steps:
@@ -71,7 +69,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Make virtual environment
-        run: | 
+        run: |
           make env
 
       - name: Configure AWS Credentials
@@ -84,21 +82,21 @@ jobs:
       - name: Create release package for Create Document Reference
         run: |
           make lambda_name=create_document_reference_handler zip
-    
+
       - name: Upload Lambda Function for CreateDocRefLambda
         uses: appleboy/lambda-action@master
         with:
           aws_region: ${{ vars.AWS_REGION }}
           function_name: ${{ github.event.client_payload.sandbox }}_CreateDocRefLambda
           zip_file: package_lambdas_create_document_reference_handler.zip
-        
+
   python_deploy_search_patient_details_lambda:
     runs-on: ubuntu-latest
     environment: ${{ github.event.client_payload.environment }}
     strategy:
       matrix:
-        python-version: [ "3.11" ]
-    needs: [ "python_lambdas_test" ]
+        python-version: ["3.11"]
+    needs: ["python_lambdas_test"]
 
     steps:
       - name: Checkout
@@ -138,8 +136,8 @@ jobs:
     environment: ${{ github.event.client_payload.environment }}
     strategy:
       matrix:
-        python-version: [ "3.11" ]
-    needs: [ "python_lambdas_test" ]
+        python-version: ["3.11"]
+    needs: ["python_lambdas_test"]
 
     steps:
       - name: Checkout
@@ -211,4 +209,43 @@ jobs:
         with:
           aws_region: ${{ vars.AWS_REGION }}
           function_name: ${{ github.event.client_payload.sandbox }}_LloydGeorgeStitchLambda
-          zip_file: package_lambdas_lloyd_george_record_stitch_handler.zip
+          zip_file: package_lambdas_lloyd_george_record_stitch_handler.zip
+
+  python_deploy_back_channel_logout_lambda:
+    runs-on: ubuntu-latest
+    environment: development
+    needs: ["python_lambdas_test"]
+    strategy:
+      matrix:
+        python-version: ["3.11"]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Make virtual environment
+        run: |
+          make env
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
+          role-skip-session-tagging: true
+          aws-region: ${{ vars.AWS_REGION }}
+
+      - name: Create release package for Back Channel Logout Lambda
+        run: |
+          make lambda_name=back_channel_logout_handler zip
+
+      - name: Upload Lambda Function for Back Channel Logout Lambda
+        uses: appleboy/lambda-action@master
+        with:
+          aws_region: ${{ vars.AWS_REGION }}
+          function_name: ${{ github.event.inputs.sandboxWorkspace}}_BackChannelLogoutHandler
+          zip_file: package_lambdas_back_channel_logout_handler.zip
diff --git a/.github/workflows/lambdas-deploy-feature-to-sandbox.yml b/.github/workflows/lambdas-deploy-feature-to-sandbox.yml
@@ -37,9 +37,9 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Make virtual environment
-        run: | 
+        run: |
           make env
-      
+
       - name: Start virtual environment
         run: |
           source ./lambdas/venv/bin/activate
@@ -58,7 +58,7 @@ jobs:
     environment: development
     strategy:
       matrix:
-        python-version: [ "3.11" ]
+        python-version: ["3.11"]
     needs: ["python_lambdas_test"]
 
     steps:
@@ -73,7 +73,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Make virtual environment
-        run: | 
+        run: |
           make env
 
       - name: Configure AWS Credentials
@@ -86,21 +86,21 @@ jobs:
       - name: Create release package for Create Document Reference
         run: |
           make lambda_name=create_document_reference_handler zip
-    
+
       - name: Upload Lambda Function for CreateDocRefLambda
         uses: appleboy/lambda-action@master
         with:
           aws_region: ${{ vars.AWS_REGION }}
           function_name: ${{ github.event.inputs.sandboxWorkspace}}_CreateDocRefLambda
           zip_file: package_lambdas_create_document_reference_handler.zip
-        
+
   python_deploy_search_patient_details_lambda:
     runs-on: ubuntu-latest
     environment: development
     strategy:
       matrix:
-        python-version: [ "3.11" ]
-    needs: [ "python_lambdas_test" ]
+        python-version: ["3.11"]
+    needs: ["python_lambdas_test"]
 
     steps:
       - name: Checkout
@@ -140,8 +140,8 @@ jobs:
     environment: development
     strategy:
       matrix:
-        python-version: [ "3.11" ]
-    needs: [ "python_lambdas_test" ]
+        python-version: ["3.11"]
+    needs: ["python_lambdas_test"]
 
     steps:
       - name: Checkout
@@ -254,7 +254,6 @@ jobs:
           function_name: ${{ github.event.inputs.sandboxWorkspace}}_LoginRedirectHandler
           zip_file: package_lambdas_login_redirect_handler.zip
 
-
   python_deploy_authoriser_lambda:
     runs-on: ubuntu-latest
     environment: test
@@ -294,7 +293,6 @@ jobs:
           function_name: ${{ github.event.inputs.sandboxWorkspace}}_AuthoriserLambda
           zip_file: package_lambdas_authoriser_handler.zip
 
-
   python_deploy_token_request_lambda:
     runs-on: ubuntu-latest
     environment: test
@@ -411,7 +409,6 @@ jobs:
           function_name: ${{ github.event.inputs.sandboxWorkspace}}_LloydGeorgeStitchLambda
           zip_file: package_lambdas_lloyd_george_record_stitch_handler.zip
 
-
   python_deploy_bulk_upload_metadata_lambda:
     runs-on: ubuntu-latest
     environment: development
@@ -488,4 +485,43 @@ jobs:
         with:
           aws_region: ${{ vars.AWS_REGION }}
           function_name: ${{ github.event.inputs.sandboxWorkspace}}_BulkUploadLambda
-          zip_file: package_lambdas_bulk_upload_handler.zip
+          zip_file: package_lambdas_bulk_upload_handler.zip
+
+  python_deploy_back_channel_logout_lambda:
+    runs-on: ubuntu-latest
+    environment: development
+    needs: ["python_lambdas_test"]
+    strategy:
+      matrix:
+        python-version: ["3.11"]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Make virtual environment
+        run: |
+          make env
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
+          role-skip-session-tagging: true
+          aws-region: ${{ vars.AWS_REGION }}
+
+      - name: Create release package for Back Channel Logout Lambda
+        run: |
+          make lambda_name=back_channel_logout_handler zip
+
+      - name: Upload Lambda Function for Back Channel Logout Lambda
+        uses: appleboy/lambda-action@master
+        with:
+          aws_region: ${{ vars.AWS_REGION }}
+          function_name: ${{ github.event.inputs.sandboxWorkspace}}_BackChannelLogoutHandler
+          zip_file: package_lambdas_back_channel_logout_handler.zip