Class: GdsApi::AccountApi

Inherits:
Base
  • Object
show all
Defined in:
lib/gds_api/account_api.rb

Overview

Adapter for the Account API

See Also:

Constant Summary collapse

AUTH_HEADER_NAME = 
"GOVUK-Account-Session".freeze

Instance Attribute Summary

Attributes inherited from Base

#options

Instance Method Summary collapse

Methods inherited from Base

#client, #create_client, #get_list, #initialize, #url_for_slug

Constructor Details

This class inherits a constructor from GdsApi::Base

Instance Method Details

#check_for_email_subscription(govuk_account_session:) ⇒ Hash

Check if a user has an email subscription for the Transition Checker

Parameters:

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    Whether the user has a subscription, and a new session header



73
74
75
 
# File 'lib/gds_api/account_api.rb', line 73

def check_for_email_subscription(govuk_account_session:)
  get_json("#{endpoint}/api/transition-checker-email-subscription", auth_headers())
end

#create_registration_state(attributes:) ⇒ Hash

Register some initial state, to pass to get_sign_in_url, which is used to initialise the account if the user signs up

Parameters:

  • attributes (Hash, nil)

    Initial attributes to store

Returns:

  • (Hash)

    The state ID to pass to get_sign_in_url



44
45
46
 
# File 'lib/gds_api/account_api.rb', line 44

def create_registration_state(attributes:)
  post_json("#{endpoint}/api/oauth2/state", attributes: attributes)
end

#delete_saved_page(page_path:, govuk_account_session:) ⇒ GdsApi::Response

Delete a single saved page entry from a users account

Parameters:

  • the (String)

    path of a page to check

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (GdsApi::Response)

    A status code of 204 indicates the saved page has been successfully deleted. A status code of 404 indicates there is no saved page with this path.



155
156
157
 
# File 'lib/gds_api/account_api.rb', line 155

def delete_saved_page(page_path:, govuk_account_session:)
  delete_json("#{endpoint}/api/saved-pages/#{CGI.escape(page_path)}", {}, auth_headers())
end

#get_attributes(attributes:, govuk_account_session:) ⇒ Hash

Look up the values of a user’s attributes

Parameters:

  • attributes (String)

    Names of the attributes to check

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    The attribute values (if present), and a new session header



93
94
95
96
 
# File 'lib/gds_api/account_api.rb', line 93

def get_attributes(attributes:, govuk_account_session:)
  querystring = nested_query_string({ attributes: attributes }.compact)
  get_json("#{endpoint}/api/attributes?#{querystring}", auth_headers())
end

#get_attributes_names(attributes:, govuk_account_session:) ⇒ Hash

Look up the names of a user’s attributes

Parameters:

  • attributes (String)

    Names of the attributes to check

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    The attribute names (if present), and a new session header



114
115
116
117
 
# File 'lib/gds_api/account_api.rb', line 114

def get_attributes_names(attributes:, govuk_account_session:)
  querystring = nested_query_string({ attributes: attributes }.compact)
  get_json("#{endpoint}/api/attributes/names?#{querystring}", auth_headers())
end

#get_saved_page(page_path:, govuk_account_session:) ⇒ Hash

Return a single page by unique URL

Parameters:

  • the (String)

    path of a page to check

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    containing :saved_page, a hash of a single saved page value



134
135
136
 
# File 'lib/gds_api/account_api.rb', line 134

def get_saved_page(page_path:, govuk_account_session:)
  get_json("#{endpoint}/api/saved-pages/#{CGI.escape(page_path)}", auth_headers())
end

#get_saved_pages(govuk_account_session:) ⇒ Hash

Look up all pages saved by a user in their Account

Parameters:

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    containing :saved_pages, an array of single saved page hashes def get_saved_pages(govuk_account_session:)



124
125
126
 
# File 'lib/gds_api/account_api.rb', line 124

def get_saved_pages(govuk_account_session:)
  get_json("#{endpoint}/api/saved-pages", auth_headers())
end

#get_sign_in_url(redirect_path: nil, state_id: nil, level_of_authentication: nil) ⇒ Hash

Get an OAuth sign-in URL to redirect the user to

Parameters:

  • redirect_path (String, nil) (defaults to: nil)

    path on GOV.UK to send the user to after authentication

  • state_id (String, nil) (defaults to: nil)

    identifier originally returned by #create_registration_state

  • level_of_authentication (String, nil) (defaults to: nil)

    either “level1” (require MFA) or “level0” (do not require MFA)

Returns:

  • (Hash)

    An authentication URL and the OAuth state parameter (for CSRF protection)



18
19
20
21
22
23
24
25
26
27
 
# File 'lib/gds_api/account_api.rb', line 18

def (redirect_path: nil, state_id: nil, level_of_authentication: nil)
  querystring = nested_query_string(
    {
      redirect_path: redirect_path,
      state_id: state_id,
      level_of_authentication: level_of_authentication,
    }.compact,
  )
  get_json("#{endpoint}/api/oauth2/sign-in?#{querystring}")
end

#get_user(govuk_account_session:) ⇒ Hash

Get all the information about a user needed to render the account home page

Parameters:

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    Information about the user and the services they’ve used, and a new session header



53
54
55
 
# File 'lib/gds_api/account_api.rb', line 53

def get_user(govuk_account_session:)
  get_json("#{endpoint}/api/user", auth_headers())
end

#save_page(page_path:, govuk_account_session:) ⇒ Hash

Upsert a single saved page entry in a users account

Parameters:

  • the (String)

    path of a page to check

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    A single saved page value (if sucessful)



144
145
146
 
# File 'lib/gds_api/account_api.rb', line 144

def save_page(page_path:, govuk_account_session:)
  put_json("#{endpoint}/api/saved-pages/#{CGI.escape(page_path)}", {}, auth_headers())
end

#set_attributes(attributes:, govuk_account_session:) ⇒ Hash

Create or update attributes for a user

Parameters:

  • attributes (String)

    Hash of new attribute values

  • govuk_account_session (String)

    Value of the session header

Returns:

  • (Hash)

    A new session header



104
105
106
 
# File 'lib/gds_api/account_api.rb', line 104

def set_attributes(attributes:, govuk_account_session:)
  patch_json("#{endpoint}/api/attributes", { attributes: attributes }, auth_headers())
end

#set_email_subscription(govuk_account_session:, slug:) ⇒ Hash

Create or update a user’s email subscription for the Transition Checker

Parameters:

  • govuk_account_session (String)

    Value of the session header

  • slug (String)

    The email topic slug

Returns:

  • (Hash)

    Whether the user has a subscription, and a new session header



83
84
85
 
# File 'lib/gds_api/account_api.rb', line 83

def set_email_subscription(govuk_account_session:, slug:)
  post_json("#{endpoint}/api/transition-checker-email-subscription", { slug: slug }, auth_headers())
end

#update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil) ⇒ Hash

Update the user record with privileged information from the auth service. Only the auth service will call this.

Parameters:

  • subject_identifier (String)

    The identifier of the user, shared between the auth service and GOV.UK.

  • email (String, nil) (defaults to: nil)

    The new email address

  • email_verified (Boolean, nil) (defaults to: nil)

    Whether the new email address is verified

Returns:

  • (Hash)

    The user’s subject identifier and email attributes



64
65
66
 
# File 'lib/gds_api/account_api.rb', line 64

def update_user_by_subject_identifier(subject_identifier:, email: nil, email_verified: nil)
  patch_json("#{endpoint}/api/oidc-users/#{subject_identifier}", { email: email, email_verified: email_verified }.compact)
end

#validate_auth_response(code:, state:) ⇒ Hash

Validate an OAuth authentication response

Parameters:

  • code (String)

    The OAuth code parameter, from the auth server.

  • state (String)

    The OAuth state parameter, from the auth server.

Returns:

  • (Hash)

    The value for the govuk_account_session header, the path to redirect the user to, and the GA client ID (if there is one)



35
36
37
 
# File 'lib/gds_api/account_api.rb', line 35

def validate_auth_response(code:, state:)
  post_json("#{endpoint}/api/oauth2/callback", code: code, state: state)
end