Facilitate FTS redirect to co-sirsi app

Frontend/CO.CDP.OrganisationApp.Tests/HelperTests.cs

@@ -0,0 +1,22 @@
+using FluentAssertions;
+
+namespace CO.CDP.OrganisationApp.Tests;
+
+public class HelperTests
+{
+    [Theory]
+    [InlineData("/relative/path", true)]        // Valid relative URI
+    [InlineData("relative/path", true)]         // Valid relative URI without a leading slash
+    [InlineData("", false)]                    // Empty string
+    [InlineData(null, false)]                  // Null value
+    [InlineData(" ", false)]                   // Whitespace
+    [InlineData("http://example.com", false)]  // Absolute URI (not relative)
+    [InlineData("/path/with spaces", true)]    // Relative URI with spaces
+
+    public void ValidRelativeUri_ShouldReturnExpectedResults(string? input, bool expected)
+    {
+        var result = Helper.ValidRelativeUri(input);
+
+        result.Should().Be(expected);
+    }
+}

Frontend/CO.CDP.OrganisationApp.Tests/Pages/OneLoginTest.cs

@@ -37,6 +37,17 @@ public async Task OnGetSignIn_ShouldReturnAuthChallange()
             .Which.Properties!.RedirectUri.Should().Be("/one-login/user-info");
     }
 
+    [Fact]
+    public async Task OnGetSignIn_WhenRedirectUrlProvides_ShouldReturnAuthChallangeWithRedirectUrlQueryString()
+    {
+        var model = GivenOneLoginCallbackModel();
+
+        var results = await model.OnGet("sign-in", "/org/1");
+
+        results.Should().BeOfType<ChallengeResult>()
+            .Which.Properties!.RedirectUri.Should().Be("/one-login/user-info?redirectUri=%2Forg%2F1");
+    }
+
     [Fact]
     public async Task OnGetUserInfo_OnSuccessfulAuthentication_ShouldRetrieveUserProfile()
     {
@@ -92,6 +103,34 @@ public async Task OnGetUserInfo_WhenPersonAlreadyRegistered_ShouldRedirectToOrga
             .Which.PageName.Should().Be("OrganisationSelection");
     }
 
+    [Fact]
+    public async Task OnGetUserInfo_WhenPersonAlreadyRegisteredAndRelativeRedirectUrlProvided_ShouldRedirectToRedirectUrl()
+    {
+        var model = GivenOneLoginCallbackModel();
+
+        personClientMock.Setup(t => t.LookupPersonAsync(It.IsAny<string>()))
+            .ReturnsAsync(dummyPerson);
+
+        var results = await model.OnGet("user-info", "/org/1");
+
+        results.Should().BeOfType<RedirectResult>()
+            .Which.Url.Should().Be("/org/1");
+    }
+
+    [Fact]
+    public async Task OnGetUserInfo_WhenPersonAlreadyRegisteredAndAbsoluteRedirectUrlProvided_ShouldRedirectToOrganisationDetailsPageWithoutRedirectUrlQueryString()
+    {
+        var model = GivenOneLoginCallbackModel();
+
+        personClientMock.Setup(t => t.LookupPersonAsync(It.IsAny<string>()))
+            .ReturnsAsync(dummyPerson);
+
+        var results = await model.OnGet("user-info", "http://test-domain/org/1");
+
+        results.Should().BeOfType<RedirectToPageResult>()
+            .Which.PageName.Should().Be("OrganisationSelection");
+    }
+
     [Fact]
     public async Task OnGetUserInfo_WhenPersonNotRegistered_ShouldRedirectToPrivacyPolicyPage()
     {
@@ -107,22 +146,33 @@ public async Task OnGetUserInfo_WhenPersonNotRegistered_ShouldRedirectToPrivacyP
     }
 
     [Fact]
-    public async Task OnGetUserInfo_WhenPersonInviteId_ShouldRedirectToClaimOrganisationInvitePage()
+    public async Task OnGetUserInfo_WhenPersonNotRegisteredAndRelativeRedirectUrlProvided_ShouldRedirectToPrivacyPolicyPageWithRedirectUrlQueryString()
     {
         var model = GivenOneLoginCallbackModel();
 
         personClientMock.Setup(t => t.LookupPersonAsync(It.IsAny<string>()))
-            .ReturnsAsync(dummyPerson);
+            .ThrowsAsync(new ApiException("Unexpected error", 404, "", default, null));
 
-        var personInviteId = Guid.NewGuid();
+        var results = await model.OnGet("user-info", "/org/1");
 
-        sessionMock.Setup(s => s.Get<Guid?>("PersonInviteId"))
-            .Returns(personInviteId);
+        var redirectToPageResult = results.Should().BeOfType<RedirectToPageResult>();
+        redirectToPageResult.Which.PageName.Should().Be("PrivacyPolicy");
+        redirectToPageResult.Which.RouteValues.Should().BeEquivalentTo(new Dictionary<string, string> { { "RedirectUri", "/org/1" } });
+    }
 
-        var results = await model.OnGet("user-info");
+    [Fact]
+    public async Task OnGetUserInfo_WhenPersonNotRegisteredAndAbsoluteRedirectUrlProvided_ShouldRedirectToPrivacyPolicyPageWithoutRedirectUrlQueryString()
+    {
+        var model = GivenOneLoginCallbackModel();
 
-        results.Should().BeOfType<RedirectToPageResult>()
-            .Which.PageName.Should().Be("ClaimOrganisationInvite");
+        personClientMock.Setup(t => t.LookupPersonAsync(It.IsAny<string>()))
+            .ThrowsAsync(new ApiException("Unexpected error", 404, "", default, null));
+
+        var results = await model.OnGet("user-info", "http://test-domain/org/1");
+
+        var redirectToPageResult = results.Should().BeOfType<RedirectToPageResult>();
+        redirectToPageResult.Which.PageName.Should().Be("PrivacyPolicy");
+        redirectToPageResult.Which.RouteValues.Should().BeEquivalentTo(new Dictionary<string, string?> { { "RedirectUri", default } });
     }
 
     [Fact]

Frontend/CO.CDP.OrganisationApp.Tests/Pages/PrivacyPolicyTest.cs

@@ -41,6 +41,32 @@ public void Model_WhenAgreeToPrivacyPolicySetTrue_ShouldRedirectToTourDetailsPag
             .Which.PageName.Should().Be("YourDetails");
     }
 
+    [Fact]
+    public void Model_WhenAgreeToPrivacyPolicySetTrueAndRelativeRedirectUrlProvided_ShouldRedirectToTourDetailsPageWithRedirectUrlQueryString()
+    {
+        var model = GivenPrivacyPolicyModel();
+        model.AgreeToPrivacy = true;
+
+        var results = model.OnPost("/org/1");
+
+        var redirectToPageResult = results.Should().BeOfType<RedirectToPageResult>();
+        redirectToPageResult.Which.PageName.Should().Be("YourDetails");
+        redirectToPageResult.Which.RouteValues.Should().BeEquivalentTo(new Dictionary<string, string> { { "RedirectUri", "/org/1" } });
+    }
+
+    [Fact]
+    public void Model_WhenAgreeToPrivacyPolicySetTrueAndAbsoluteRedirectUrlProvided_ShouldRedirectToTourDetailsPageWithoutRedirectUrlQueryString()
+    {
+        var model = GivenPrivacyPolicyModel();
+        model.AgreeToPrivacy = true;
+
+        var results = model.OnPost("http://test-domain/org/1");
+
+        var redirectToPageResult = results.Should().BeOfType<RedirectToPageResult>();
+        redirectToPageResult.Which.PageName.Should().Be("YourDetails");
+        redirectToPageResult.Which.RouteValues.Should().BeEquivalentTo(new Dictionary<string, string?> { { "RedirectUri", default } });
+    }
+
     private PrivacyPolicyModel GivenPrivacyPolicyModel()
     {
         return new PrivacyPolicyModel(sessionMock.Object);

Frontend/CO.CDP.OrganisationApp.Tests/Pages/Users/ClaimOrganisationInviteModelTests.cs

@@ -0,0 +1,59 @@
+using CO.CDP.OrganisationApp.Models;
+using CO.CDP.OrganisationApp.Pages.Users;
+using CO.CDP.Person.WebApiClient;
+using FluentAssertions;
+using Microsoft.AspNetCore.Mvc;
+using Moq;
+using ProblemDetails = CO.CDP.Person.WebApiClient.ProblemDetails;
+
+namespace CO.CDP.OrganisationApp.Tests.Pages.Users;
+
+public class ClaimOrganisationInviteModelTests
+{
+    private readonly Mock<IPersonClient> personClientMock;
+    private readonly Mock<ISession> sessionMock;
+    private readonly ClaimOrganisationInviteModel model;
+    private const string UsreUrn = "urn:test";
+    private readonly Guid PersonId = Guid.NewGuid();
+
+    public ClaimOrganisationInviteModelTests()
+    {
+        var person = new Person.WebApiClient.Person("test@test", "F1", PersonId, "L1");
+        personClientMock = new Mock<IPersonClient>();
+        personClientMock.Setup(pc => pc.LookupPersonAsync(UsreUrn)).ReturnsAsync(person);
+
+        sessionMock = new Mock<ISession>();
+        sessionMock.Setup(session => session.Get<UserDetails>(Session.UserDetailsKey))
+            .Returns(new UserDetails { UserUrn = UsreUrn });
+
+        model = new ClaimOrganisationInviteModel(personClientMock.Object, sessionMock.Object);
+    }
+
+    [Fact]
+    public async Task OnGet_ShouldRedirectToOrganisationSelection_WhenPersonAndInviteClaimedSuccessfully()
+    {
+        var personInviteId = Guid.NewGuid();
+        var claimPersonInvite = new ClaimPersonInvite(personInviteId);
+        personClientMock.Setup(pc => pc.ClaimPersonInviteAsync(PersonId, claimPersonInvite)).Returns(Task.CompletedTask);
+
+        var result = await model.OnGet(personInviteId);
+
+        result.Should().BeOfType<RedirectToPageResult>()
+            .Which.PageName.Should().Be("OrganisationSelection");
+        personClientMock.Verify(pc => pc.LookupPersonAsync(UsreUrn), Times.Once);
+        personClientMock.Verify(pc => pc.ClaimPersonInviteAsync(PersonId, claimPersonInvite), Times.Once);
+    }
+
+    [Fact]
+    public async Task OnGet_ShouldThrowForOtherApiErrors()
+    {
+        var personInviteId = Guid.NewGuid();
+        var problemDetails = new ProblemDetails("", "", null, "", "") { AdditionalProperties = { { "code", "SOME_OTHER_ERROR" } } };
+        personClientMock.Setup(pc => pc.ClaimPersonInviteAsync(PersonId, new ClaimPersonInvite(personInviteId)))
+            .ThrowsAsync(new ApiException<ProblemDetails>("Some other error", 400, "", null, problemDetails, null));
+
+        Func<Task> act = async () => await model.OnGet(personInviteId);
+
+        await act.Should().ThrowAsync<ApiException<ProblemDetails>>();
+    }
+}

Frontend/CO.CDP.OrganisationApp.Tests/Pages/Users/OrganisationInviteTest.cs

@@ -0,0 +1,19 @@
+using CO.CDP.OrganisationApp.Pages.Users;
+using FluentAssertions;
+using Microsoft.AspNetCore.Mvc;
+
+namespace CO.CDP.OrganisationApp.Tests.Pages.Users;
+
+public class OrganisationInviteModelTests
+{
+    [Fact]
+    public void OnGet_RedirectsToOneLoginWithRedirectUriQuerystring()
+    {
+        var personInviteId = Guid.NewGuid();
+
+        var result = new OrganisationInviteModel().OnGet(personInviteId);
+
+        result.Should().BeOfType<RedirectResult>()
+            .Which.Url.Should().Be($"/one-login/sign-in?redirecturi=%2Fclaim-organisation-invite%2F{personInviteId}");
+    }
+}

Frontend/CO.CDP.OrganisationApp.Tests/Pages/Users/UserCheckAnswersTests.cs

@@ -3,8 +3,9 @@
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using CO.CDP.Organisation.WebApiClient;
 using CO.CDP.OrganisationApp.Constants;
+using CO.CDP.OrganisationApp.Pages.Users;
 
-namespace CO.CDP.OrganisationApp.Pages.Users;
+namespace CO.CDP.OrganisationApp.Tests.Pages.Users;
 
 public class UserCheckAnswersModelTests
 {

Frontend/CO.CDP.OrganisationApp.Tests/Pages/Users/UserRemoveConfirmationTests.cs

@@ -1,10 +1,11 @@
 using CO.CDP.Organisation.WebApiClient;
 using CO.CDP.OrganisationApp.Models;
+using CO.CDP.OrganisationApp.Pages.Users;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Moq;
 
-namespace CO.CDP.OrganisationApp.Pages.Users;
+namespace CO.CDP.OrganisationApp.Tests.Pages.Users;
 
 public class UserRemoveConfirmationModelTests
 {

Frontend/CO.CDP.OrganisationApp.Tests/Pages/Users/UserSummaryTests.cs

@@ -1,10 +1,11 @@
 using CO.CDP.Organisation.WebApiClient;
 using CO.CDP.OrganisationApp.Models;
+using CO.CDP.OrganisationApp.Pages.Users;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Moq;
 
-namespace CO.CDP.OrganisationApp.Pages.Users;
+namespace CO.CDP.OrganisationApp.Tests.Pages.Users;
 
 public class UserSummaryModelTests
 {

Frontend/CO.CDP.OrganisationApp.Tests/Pages/YourDetailsModelTest.cs

@@ -161,6 +161,36 @@ public async Task OnPost_WhenValidModel_ShouldRegisterPerson()
             .Which.PageName.Should().Be("OrganisationSelection");
     }
 
+    [Fact]
+    public async Task OnPost_WhenValidModelAndRelativeRedirectUrlProvided_ShouldRedirectToRedirectUrl()
+    {
+        var model = GivenYourDetailsModel();
+
+        sessionMock.Setup(s => s.Get<UserDetails>(Session.UserDetailsKey))
+            .Returns(new UserDetails { UserUrn = "urn:fdc:gov.uk:2022:bad51" });
+        personClientMock.Setup(s => s.CreatePersonAsync(It.IsAny<NewPerson>())).ReturnsAsync(dummyPerson);
+
+        var actionResult = await model.OnPost("/org/1");
+
+        actionResult.Should().BeOfType<RedirectResult>()
+            .Which.Url.Should().Be("/org/1");
+    }
+
+    [Fact]
+    public async Task OnPost_WhenValidModelAndAbsoluteRedirectUrlProvided_ShouldRedirectToOrganisationDetailsPageWithoutRedirectUrlQueryString()
+    {
+        var model = GivenYourDetailsModel();
+
+        sessionMock.Setup(s => s.Get<UserDetails>(Session.UserDetailsKey))
+            .Returns(new UserDetails { UserUrn = "urn:fdc:gov.uk:2022:bad51" });
+        personClientMock.Setup(s => s.CreatePersonAsync(It.IsAny<NewPerson>())).ReturnsAsync(dummyPerson);
+
+        var actionResult = await model.OnPost("http://test-domain/org/1");
+
+        actionResult.Should().BeOfType<RedirectToPageResult>()
+            .Which.PageName.Should().Be("OrganisationSelection");
+    }
+
     [Fact]
     public async Task OnPost_WhenErrorInRegisteringPerson_ShouldReturnPageWithError()
     {

Frontend/CO.CDP.OrganisationApp/Helper.cs

@@ -0,0 +1,7 @@
+namespace CO.CDP.OrganisationApp;
+
+public static class Helper
+{
+    public static bool ValidRelativeUri(string? redirectUri)
+        => !string.IsNullOrWhiteSpace(redirectUri) && Uri.TryCreate(redirectUri, UriKind.Relative, out var _);
+}