DTSAM-611 Fix RAS FTA issue with XUI S2S token (#2385)

[DTSAM-611](https://tools.hmcts.net/jira/browse/DTSAM-611) Refactor S2S token secrets and environment variables used in FTAs.
hmcts · Nov 18, 2024 · 8128096 · 8128096
1 parent 740d4ac
commit 8128096
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 59 deletions.
diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP
@@ -35,7 +35,9 @@ def secrets = [
   's2s-${env}': [
     secret('microservicekey-am-role-assignment-service', 'AM_ROLE_ASSIGNMENT_SERVICE_SECRET'),
     secret('microservicekey-am-role-assignment-service', 'BEFTA_S2S_CLIENT_SECRET'),
-    secret('microservicekey-am-org-role-mapping-service', 'AM_ORG_S2S_SECRET')
+    secret('microservicekey-am-org-role-mapping-service', 'BEFTA_S2S_CLIENT_SECRET_OF_AM_ORG_ROLE_MAPPING_SERVICE'),
+    secret('microservicekey-ccd-data', 'BEFTA_S2S_CLIENT_SECRET_OF_CCD_DATA'),
+    secret('microservicekey-xui-webapp', 'BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP')
   ],
   'am-${env}': [
       secret('role-assignment-service-IDAM-CLIENT-SECRET', 'ROLE_ASSIGNMENT_IDAM_CLIENT_SECRET'),
@@ -44,12 +46,6 @@ def secrets = [
       secret('test-am-user2-befta-pwd', 'TEST_AM_USER2_BEFTA_PWD'),
       secret('test-am-user3-befta-pwd', 'TEST_AM_USER3_BEFTA_PWD'),
       secret('role-assignment-service-IDAM-CLIENT-SECRET', 'OAUTH2_CLIENT_SECRET')
-  ],
-  'ccd-${env}': [
-      secret('ccd-data-s2s-secret', 'CCD_DATA_S2S_SECRET')
-  ],
-  'rpx-${env}': [
-    secret('xui-webapp', 'XUI_WEBAPP_S2S_SECRET')
   ]
 ]
 
@@ -64,6 +60,9 @@ env.DEFINITION_STORE_HOST = "http://ccd-definition-store-api-aat.service.core-co
 env.DEFINITION_STORE_URL_BASE = "http://ccd-definition-store-api-aat.service.core-compute-aat.internal"
 env.CCD_DATA_STORE_URL = "http://ccd-data-store-api-aat.service.core-compute-aat.internal"
 env.BEFTA_S2S_CLIENT_ID = "am_role_assignment_service"
+env.BEFTA_S2S_CLIENT_ID_OF_AM_ORG_ROLE_MAPPING_SERVICE = "am_org_role_mapping_service"
+env.BEFTA_S2S_CLIENT_ID_OF_CCD_DATA = "ccd_data"
+env.BEFTA_S2S_CLIENT_ID_OF_XUI_WEBAPP = "xui_webapp"
 env.OAUTH2_CLIENT_ID = "am_role_assignment"
 env.OAUTH2_REDIRECT_URI = "http://am-role-assignment-service-aat.service.core-compute-aat.internal/oauth2redirect"
 env.OAUTH2_ACCESS_TOKEN_TYPE = "OIDC"

diff --git a/Jenkinsfile_nightly b/Jenkinsfile_nightly
@@ -19,9 +19,12 @@ def component = "role-assignment-service"
 
 def secrets = [
   's2s-${env}': [
+    secret('microservicekey-am-role-assignment-service', 'AM_ROLE_ASSIGNMENT_SERVICE_SECRET'),
     secret('microservicekey-am-role-assignment-service', 'BEFTA_S2S_CLIENT_SECRET'),
     secret('microservicekey-am-role-assignment-service', 'S2S_SECRET'),
-    secret('microservicekey-am-org-role-mapping-service', 'AM_ORG_S2S_SECRET')
+    secret('microservicekey-am-org-role-mapping-service', 'BEFTA_S2S_CLIENT_SECRET_OF_AM_ORG_ROLE_MAPPING_SERVICE'),
+    secret('microservicekey-ccd-data', 'BEFTA_S2S_CLIENT_SECRET_OF_CCD_DATA'),
+    secret('microservicekey-xui-webapp', 'BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP')
   ],
   'am-${env}': [
     secret('role-assignment-service-IDAM-CLIENT-SECRET', 'ROLE_ASSIGNMENT_IDAM_CLIENT_SECRET'),
@@ -30,12 +33,6 @@ def secrets = [
     secret('test-am-user2-befta-pwd', 'TEST_AM_USER2_BEFTA_PWD'),
     secret('test-am-user3-befta-pwd', 'TEST_AM_USER3_BEFTA_PWD'),
     secret('role-assignment-service-IDAM-CLIENT-SECRET', 'OAUTH2_CLIENT_SECRET')
-  ],
-  'ccd-${env}': [
-    secret('ccd-data-s2s-secret', 'CCD_DATA_S2S_SECRET')
-  ],
-  'rpx-${env}': [
-    secret('xui-webapp', 'XUI_WEBAPP_S2S_SECRET')
   ]
 ]
 
@@ -70,6 +67,9 @@ withNightlyPipeline(type, product, component) {
   env.S2S_URL = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
   env.S2S_URL_BASE = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
   env.BEFTA_S2S_CLIENT_ID = "am_role_assignment_service"
+  env.BEFTA_S2S_CLIENT_ID_OF_AM_ORG_ROLE_MAPPING_SERVICE = "am_org_role_mapping_service"
+  env.BEFTA_S2S_CLIENT_ID_OF_CCD_DATA = "ccd_data"
+  env.BEFTA_S2S_CLIENT_ID_OF_XUI_WEBAPP = "xui_webapp"
   env.DEFINITION_STORE_HOST = "http://ccd-definition-store-api-aat.service.core-compute-aat.internal"
   env.DEFINITION_STORE_URL_BASE = "http://ccd-definition-store-api-aat.service.core-compute-aat.internal"
   env.CCD_DATA_STORE_URL = "http://ccd-data-store-api-aat.service.core-compute-aat.internal"

diff --git a/...st/java/uk/gov/hmcts/reform/roleassignment/befta/RoleAssignmentTestAutomationAdapter.java b/...st/java/uk/gov/hmcts/reform/roleassignment/befta/RoleAssignmentTestAutomationAdapter.java
@@ -3,9 +3,6 @@
 import lombok.extern.slf4j.Slf4j;
 import uk.gov.hmcts.befta.DefaultTestAutomationAdapter;
 import uk.gov.hmcts.befta.player.BackEndFunctionalTestScenarioContext;
-import uk.gov.hmcts.reform.roleassignment.befta.utils.TokenUtils;
-import uk.gov.hmcts.reform.roleassignment.befta.utils.UserTokenProviderConfig;
-import uk.gov.hmcts.reform.roleassignment.util.EnvironmentVariableUtils;
 
 import java.time.LocalDate;
 import java.util.Date;
@@ -17,25 +14,16 @@ public class RoleAssignmentTestAutomationAdapter extends DefaultTestAutomationAd
 
     @Override
     public Object calculateCustomValue(BackEndFunctionalTestScenarioContext scenarioContext, Object key) {
-        //the docAMUrl is is referring the self link in PR
-        switch (key.toString()) {
-            case ("generateUUID"):
-                return UUID.randomUUID();
-            case ("generateCaseId"):
-                return generateCaseId();
-            case ("generateS2STokenForCcd"):
-                return new TokenUtils().generateServiceToken(buildCcdSpecificConfig());
-            case ("generateS2STokenForXui"):
-                return new TokenUtils().generateServiceToken(buildXuiSpecificConfig());
-            case ("generateS2STokenForOrm"):
-                return new TokenUtils().generateServiceToken(buildOrmSpecificConfig());
-            case ("tomorrow"):
-                return LocalDate.now().plusDays(1);
-            case ("today"):
-                return LocalDate.now();
-            default:
-                return super.calculateCustomValue(scenarioContext, key);
-        }
+        return switch (key.toString()) {
+            case ("generateUUID") -> UUID.randomUUID();
+            case ("generateCaseId") -> generateCaseId();
+            case ("generateS2STokenForCcd") -> super.getNewS2SToken("ccd_data");
+            case ("generateS2STokenForOrm") -> super.getNewS2SToken("am_org_role_mapping_service");
+            case ("generateS2STokenForXui") -> super.getNewS2SToken("xui_webapp");
+            case ("tomorrow") -> LocalDate.now().plusDays(1);
+            case ("today") -> LocalDate.now();
+            default -> super.calculateCustomValue(scenarioContext, key);
+        };
     }
 
     private Object generateCaseId() {
@@ -44,27 +32,4 @@ private Object generateCaseId() {
         return time + ("0000000000000000".substring(time.length()));
     }
 
-    private UserTokenProviderConfig buildCcdSpecificConfig() {
-        UserTokenProviderConfig config = new UserTokenProviderConfig();
-        config.setMicroService("ccd_data");
-        config.setSecret(System.getenv("CCD_DATA_S2S_SECRET"));
-        config.setS2sUrl(EnvironmentVariableUtils.getRequiredVariable("IDAM_S2S_URL"));
-        return config;
-    }
-
-    private UserTokenProviderConfig buildXuiSpecificConfig() {
-        UserTokenProviderConfig config = new UserTokenProviderConfig();
-        config.setMicroService("xui_webapp");
-        config.setSecret(System.getenv("XUI_WEBAPP_S2S_SECRET"));
-        config.setS2sUrl(EnvironmentVariableUtils.getRequiredVariable("IDAM_S2S_URL"));
-        return config;
-    }
-
-    private UserTokenProviderConfig buildOrmSpecificConfig() {
-        UserTokenProviderConfig config = new UserTokenProviderConfig();
-        config.setMicroService("am_org_role_mapping_service");
-        config.setSecret(System.getenv("AM_ORG_S2S_SECRET"));
-        config.setS2sUrl(EnvironmentVariableUtils.getRequiredVariable("IDAM_S2S_URL"));
-        return config;
-    }
 }