Uml 3122 one login api exception handling (#2436)

* UML-3122 add exception handling to one login api * add linting fixes to exception files
ministryofjustice · Nov 17, 2023 · 464d965 · 464d965
1 parent 3b45dda
commit 464d965
Show file tree

Hide file tree

Showing 6 changed files with 96 additions and 13 deletions.
diff --git a/service-api/app/src/App/src/Exception/ActorCodeMarkAsUsedException.php b/service-api/app/src/App/src/Exception/ActorCodeMarkAsUsedException.php
@@ -4,13 +4,11 @@
 
 namespace App\Exception;
 
+use Exception;
+
 /**
- * Class ActorCodeMarkAsUsedException
- *
  * Thrown when an upstream service fails to mark an actor code as used.
- *
- * @package App\Exception
  */
-class ActorCodeMarkAsUsedException extends \Exception
+class ActorCodeMarkAsUsedException extends Exception
 {
 }
diff --git a/service-api/app/src/App/src/Exception/ActorCodeValidationException.php b/service-api/app/src/App/src/Exception/ActorCodeValidationException.php
@@ -4,13 +4,11 @@
 
 namespace App\Exception;
 
+use Exception;
+
 /**
- * Class ActorCodeValidationException
- *
  * Thrown when a set of actor code credentials (incl. DoB and LPA uId) fail to validate.
- *
- * @package App\Exception
  */
-class ActorCodeValidationException extends \Exception
+class ActorCodeValidationException extends Exception
 {
 }
diff --git a/service-api/app/src/App/src/Exception/AuthorisationServiceException.php b/service-api/app/src/App/src/Exception/AuthorisationServiceException.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exception;
+
+use Exception;
+
+/**
+ * Thrown when our OIDC Authorisation library encounters an error
+ */
+class AuthorisationServiceException extends Exception
+{
+}
diff --git a/service-api/app/src/App/src/Service/Authentication/AuthorisationService.php b/service-api/app/src/App/src/Service/Authentication/AuthorisationService.php
@@ -0,0 +1,40 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Service\Authentication;
+
+use App\Exception\AuthorisationServiceException;
+use Facile\OpenIDClient\Client\ClientInterface as OpenIDClient;
+use Facile\OpenIDClient\Service\AuthorizationService as FacileAuthorisationService;
+use JsonException;
+
+/**
+ * Decorator class for Facile AuthorizationService
+ *
+ * @codeCoverageIgnore
+ */
+class AuthorisationService
+{
+    public function __construct(private FacileAuthorisationService $authorisationService)
+    {
+    }
+
+    /**
+     * Decorates the return of FacileAuthorisationService::getAuthorisationUri()
+     *
+     * @throws AuthorisationServiceException
+     */
+    public function getAuthorisationUri(OpenIDClient $client, array $params = []): string
+    {
+        try {
+            return $this->authorisationService->getAuthorizationUri($client, $params);
+        } catch (JsonException $e) {
+            throw new AuthorisationServiceException(
+                'JSON error encountered when fetching authorisation uri',
+                500,
+                $e
+            );
+        }
+    }
+}
diff --git a/service-api/app/src/App/src/Service/Authentication/AuthorisationServiceBuilder.php b/service-api/app/src/App/src/Service/Authentication/AuthorisationServiceBuilder.php
@@ -0,0 +1,30 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Service\Authentication;
+
+use Facile\OpenIDClient\Service\Builder\AuthorizationServiceBuilder as FacileAuthorizationServiceBuilder;
+
+/**
+ * Decorator class for Facile AuthorizationServiceBuilder
+ *
+ * @codeCoverageIgnore
+ */
+class AuthorisationServiceBuilder
+{
+    private FacileAuthorizationServiceBuilder $authorizationServiceBuilder;
+
+    public function __construct()
+    {
+        $this->authorizationServiceBuilder = new FacileAuthorizationServiceBuilder();
+    }
+
+    /**
+     * Decorates the return of FacileAuthorizationServiceBuilder::build()
+     */
+    public function build(): AuthorisationService
+    {
+        return new AuthorisationService($this->authorizationServiceBuilder->build());
+    }
+}
diff --git a/service-api/app/src/App/src/Service/Authentication/OneLoginAuthenticationRequestService.php b/service-api/app/src/App/src/Service/Authentication/OneLoginAuthenticationRequestService.php
@@ -4,12 +4,12 @@
 
 namespace App\Service\Authentication;
 
+use App\Exception\AuthorisationServiceException;
 use App\Service\Cache\CacheFactory;
 use Facile\OpenIDClient\Client\ClientBuilder;
 use Facile\OpenIDClient\Client\Metadata\ClientMetadata;
 use Facile\OpenIDClient\Issuer\IssuerBuilderInterface;
 use Facile\OpenIDClient\Issuer\Metadata\Provider\MetadataProviderBuilder;
-use Facile\OpenIDClient\Service\Builder\AuthorizationServiceBuilder;
 
 use function Facile\OpenIDClient\base64url_encode;
 
@@ -22,6 +22,9 @@ public function __construct(
     ) {
     }
 
+    /**
+    * @throws AuthorisationServiceException
+     */
     public function createAuthenticationRequest(string $uiLocale, string $redirectURL): array
     {
 
@@ -50,11 +53,11 @@ public function createAuthenticationRequest(string $uiLocale, string $redirectUR
             ->setClientMetadata($clientMetadata)
             ->build();
 
-        $authorisationService = (new AuthorizationServiceBuilder())->build();
+        $authorisationService = (new AuthorisationServiceBuilder())->build();
 
         $state                   = base64url_encode(random_bytes(12));
         $nonce                   = openssl_digest(random_bytes(24), 'sha256');
-        $authorisationRequestUrl = $authorisationService->getAuthorizationUri(
+        $authorisationRequestUrl = $authorisationService->getAuthorisationUri(
             $client,
             [
                 'scope'        => 'openid email',