ministryofjustice · psoleckimoj · May 18, 2022 · May 17, 2022 · May 17, 2022 · May 17, 2022
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -10,7 +10,7 @@ feature_branch: &feature_branch
 version: 2.1
 
 orbs:
-  hmpps: ministryofjustice/hmpps@3.14
+  hmpps: ministryofjustice/hmpps@5.1
   slack: circleci/[email protected]
 
 parameters:
@@ -105,7 +105,7 @@ jobs:
 
   integration_test:
     executor:
-      name: hmpps/node_redis_cimg
+      name: hmpps/node_redis
       node_tag: << pipeline.parameters.node-version >>
       redis_tag: "6.2"
     steps:
@@ -157,7 +157,7 @@ workflows:
             - build
       - hmpps/helm_lint:
           name: helm_lint
-      - hmpps/build_docker:
+      - hmpps/build_multiplatform_docker:
           name: build_docker
       - request_dev_approval:
           <<: *feature_branch

diff --git a/docker-compose-test.yml b/docker-compose-test.yml
@@ -2,16 +2,14 @@ version: '3.1'
 services:
 
   redis:
-    image: 'bitnami/redis:5.0'
+    image: 'redis:6.2'
     networks:
       - hmpps_int
-    environment:
-      - ALLOW_EMPTY_PASSWORD=yes
     ports:
       - '6379:6379'
 
   wiremock:
-    image: rodolpheche/wiremock
+    image: wiremock/wiremock
     networks:
     - hmpps_int
     container_name: wiremock

diff --git a/helm_deploy/book-a-prison-visit-staff-ui/values.yaml b/helm_deploy/book-a-prison-visit-staff-ui/values.yaml
@@ -27,6 +27,7 @@ generic-service:
     NODE_ENV: "production"
     REDIS_TLS_ENABLED: "true"
     TOKEN_VERIFICATION_ENABLED: "true"
+    APPLICATIONINSIGHTS_CONNECTION_STRING: "InstrumentationKey=$(APPINSIGHTS_INSTRUMENTATIONKEY);IngestionEndpoint=https://northeurope-0.in.applicationinsights.azure.com/;LiveEndpoint=https://northeurope.livediagnostics.monitor.azure.com/"
 
   # Pre-existing kubernetes secrets to load as environment variables in the deployment.
   # namespace_secrets:

diff --git a/integration_tests/mockApis/auth.ts b/integration_tests/mockApis/auth.ts
@@ -157,8 +157,8 @@ const stubUserRoles = () =>
 
 export default {
   getSignInUrl,
-  stubPing: (): Promise<[Response, Response]> => Promise.all([ping(), tokenVerification.stubPing()]),
+  stubAuthPing: ping,
   stubSignIn: (): Promise<[Response, Response, Response, Response, Response, Response]> =>
     Promise.all([favicon(), redirect(), signOut(), manageDetails(), token(), tokenVerification.stubVerifyToken()]),
-  stubUser: (): Promise<[Response, Response]> => Promise.all([stubUser(), stubUserRoles()]),
+  stubAuthUser: (): Promise<[Response, Response]> => Promise.all([stubUser(), stubUserRoles()]),
 }
diff --git a/integration_tests/mockApis/tokenVerification.ts b/integration_tests/mockApis/tokenVerification.ts
@@ -2,8 +2,8 @@ import { SuperAgentRequest } from 'superagent'
 import { stubFor } from './wiremock'
 
 export default {
-  stubPing: (): SuperAgentRequest => {
-    return stubFor({
+  stubTokenVerificationPing: (): SuperAgentRequest =>
+    stubFor({
       request: {
         method: 'GET',
         urlPattern: '/verification/health/ping',
@@ -13,10 +13,9 @@ export default {
         headers: { 'Content-Type': 'application/json;charset=UTF-8' },
         jsonBody: { status: 'UP' },
       },
-    })
-  },
-  stubVerifyToken: (): SuperAgentRequest => {
-    return stubFor({
+    }),
+  stubVerifyToken: (): SuperAgentRequest =>
+    stubFor({
       request: {
         method: 'POST',
         urlPattern: '/verification/token/verify',
@@ -26,6 +25,5 @@ export default {
         headers: { 'Content-Type': 'application/json;charset=UTF-8' },
         jsonBody: { active: 'true' },
       },
-    })
-  },
+    }),
 }
diff --git a/integration_tests/plugins/index.ts b/integration_tests/plugins/index.ts
@@ -14,14 +14,8 @@ import { Visit } from '../../server/data/visitSchedulerApiTypes'
 export default (on: (string, Record) => void): void => {
   on('task', {
     reset: resetStubs,
-
-    getSignInUrl: auth.getSignInUrl,
-    stubSignIn: auth.stubSignIn,
-
-    stubAuthUser: auth.stubUser,
-    stubAuthPing: auth.stubPing,
-
-    stubTokenVerificationPing: tokenVerification.stubPing,
+    ...auth,
+    ...tokenVerification,
 
     stubGetPrisonerSocialContacts: (offenderNo: string) =>
       prisonerContactRegistry.getPrisonerSocialContacts(offenderNo),

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -120,7 +120,6 @@
     "@types/compression": "^1.7.2",
     "@types/connect-flash": "0.0.37",
     "@types/connect-redis": "^0.0.18",
-    "@types/cookie-session": "^2.0.44",
     "@types/csurf": "^1.11.2",
     "@types/express-session": "^1.17.4",
     "@types/http-errors": "^1.8.2",

diff --git a/server/data/hmppsAuthClient.ts b/server/data/hmppsAuthClient.ts
@@ -1,7 +1,7 @@
 import superagent from 'superagent'
-import querystring from 'querystring'
-import type TokenStore from './tokenStore'
+import { URLSearchParams } from 'url'
 
+import type TokenStore from './tokenStore'
 import logger from '../../logger'
 import config from '../config'
 import generateOauthClientToken from '../authentication/clientCredentials'
@@ -16,19 +16,18 @@ function getSystemClientTokenFromHmppsAuth(username?: string): Promise<superagen
     config.apis.hmppsAuth.systemClientSecret
   )
 
-  const authRequest = username
-    ? querystring.stringify({ grant_type: 'client_credentials', username })
-    : querystring.stringify({ grant_type: 'client_credentials' })
+  const grantRequest = new URLSearchParams({
+    grant_type: 'client_credentials',
+    ...(username && { username }),
+  }).toString()
 
-  logger.info(
-    `HMPPS Auth request '${authRequest}' for client id '${config.apis.hmppsAuth.systemClientId}' and user '${username}'`
-  )
+  logger.info(`${grantRequest} HMPPS Auth request for client id '${config.apis.hmppsAuth.systemClientId}''`)
 
   return superagent
     .post(`${hmppsAuthUrl}/oauth/token`)
     .set('Authorization', clientToken)
     .set('content-type', 'application/x-www-form-urlencoded')
-    .send(authRequest)
+    .send(grantRequest)
     .timeout(timeoutSpec)
 }
 
@@ -44,17 +43,17 @@ export interface UserRole {
 export default class HmppsAuthClient {
   constructor(private readonly tokenStore: TokenStore) {}
 
-  private restClient(token: string): RestClient {
+  private static restClient(token: string): RestClient {
     return new RestClient('HMPPS Auth Client', config.apis.hmppsAuth, token)
   }
 
   getUser(token: string): Promise<User> {
     logger.info(`Getting user details: calling HMPPS Auth`)
-    return this.restClient(token).get({ path: '/api/user/me' }) as Promise<User>
+    return HmppsAuthClient.restClient(token).get({ path: '/api/user/me' }) as Promise<User>
   }
 
   getUserRoles(token: string): Promise<string[]> {
-    return this.restClient(token)
+    return HmppsAuthClient.restClient(token)
       .get({ path: '/api/user/me/roles' })
       .then(roles => (<UserRole[]>roles).map(role => role.roleCode)) as Promise<string[]>
   }

diff --git a/server/routes/index.ts b/server/routes/index.ts
@@ -3,7 +3,7 @@ import type { RequestHandler, Router } from 'express'
 import asyncMiddleware from '../middleware/asyncMiddleware'
 
 export default function routes(router: Router): Router {
-  const get = (path: string, handler: RequestHandler) => router.get(path, asyncMiddleware(handler))
+  const get = (path: string | string[], handler: RequestHandler) => router.get(path, asyncMiddleware(handler))
 
   get('/', (req, res, next) => {
     res.render('pages/index')