A pact between GDS API Adapters and Account API

Requests from GDS API Adapters to Account API

Interactions

Given there is a valid user session, with '/guidance/some-govuk-guidance' saved, upon receiving a DELETE saved-page/:page_path request from GDS API Adapters, with

{
  "method": "delete",
  "path": "/api/saved-pages/%2Fguidance%2Fsome-govuk-guidance",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 204
}

Given there is a valid user session, upon receiving a DELETE saved-page/:page_path request from GDS API Adapters, with

{
  "method": "delete",
  "path": "/api/saved-pages/%2Fguidance%2Fsome-govuk-guidance",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 404
}

Given there is a valid user session, with a 'wizard-news' email subscription, upon receiving a delete-subscription request for 'wizard-news' from GDS API Adapters, with

{
  "method": "delete",
  "path": "/api/email-subscriptions/wizard-news",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 204
}

Given there is a valid user session, upon receiving a delete-subscription request for 'wizard-news' from GDS API Adapters, with

{
  "method": "delete",
  "path": "/api/email-subscriptions/wizard-news",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 404
}

Upon receiving a delete-user request from GDS API Adapters, with

{
  "method": "delete",
  "path": "/api/oidc-users/the-subject-identifier",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 404
}

Given there is a user with subject identifier 'the-subject-identifier', upon receiving a delete-user request for 'the-subject-identifier' from GDS API Adapters, with

{
  "method": "delete",
  "path": "/api/oidc-users/the-subject-identifier",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 204
}

Given there is a valid user session, with '/guidance/some-govuk-guidance' saved, upon receiving a GET saved-page/:page_path request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/saved-pages/%2Fguidance%2Fsome-govuk-guidance",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "saved_page": {
      "page_path": "/guidance/some-govuk-guidance",
      "content_id": "6e0e144a-9e59-4ac8-af3b-d87e8ff30a47",
      "title": "Some GOV.UK Guidance"
    }
  }
}

Given there is a valid user session, upon receiving a GET saved-page/:page_path request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/saved-pages/%2Fguidance%2Fsome-govuk-guidance",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 404
}

Given there is a valid user session, upon receiving a GET saved_pages request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/saved-pages",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "saved_pages": [

    ]
  }
}

Given there is a valid user session, with saved pages, upon receiving a GET saved_pages request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/saved-pages",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "saved_pages": [
      {
        "page_path": "/page-path/1",
        "content_id": "7b7b77b0-257a-467d-84c9-c5167781d05c",
        "title": "Page #1"
      },
      {
        "page_path": "/page-path/2",
        "content_id": "7b7b77b0-257a-467d-84c9-c5167781d05c",
        "title": "Page #1"
      }
    ]
  }
}

Given there is a valid user session, upon receiving a get-attributes request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/attributes",
  "query": "attributes[]=test_attribute_1",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "values": {
    }
  }
}

Given there is a valid user session, with an attribute called 'test_attribute_1', upon receiving a get-attributes request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/attributes",
  "query": "attributes[]=test_attribute_1",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "values": {
      "test_attribute_1": {
        "bar": "baz"
      }
    }
  }
}

Given there is a valid user session, upon receiving a get-user request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/user",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "id": "user-id",
    "mfa": true,
    "email": "user@example.com",
    "email_verified": true,
    "has_unconfirmed_email": true,
    "services": {
      "transition_checker": "no",
      "saved_pages": "no"
    }
  }
}

Given there is a valid user session, with /guidance/some-govuk-guidance saved, upon receiving a get-user request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/user",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "services": {
      "saved_pages": "yes"
    }
  }
}

Given there is a valid user session, upon receiving a PUT saved-page/:page_path request from GDS API Adapters, with

{
  "method": "put",
  "path": "/api/saved-pages/%2Fguidance%2Fsome-govuk-guidance",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "saved_page": {
      "page_path": "/guidance/some-govuk-guidance",
      "content_id": "6e0e144a-9e59-4ac8-af3b-d87e8ff30a47",
      "title": "Some GOV.UK Guidance"
    }
  }
}

Given there is a valid user session, with '/guidance/some-govuk-guidance' saved, upon receiving a PUT saved-page/:page_path request from GDS API Adapters, with

{
  "method": "put",
  "path": "/api/saved-pages/%2Fguidance%2Fsome-govuk-guidance",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "saved_page": {
      "page_path": "/guidance/some-govuk-guidance",
      "content_id": "6e0e144a-9e59-4ac8-af3b-d87e8ff30a47",
      "title": "Some GOV.UK Guidance"
    }
  }
}

Given there is a valid user session, upon receiving a put-subscription request for 'wizard-news' from GDS API Adapters, with

{
  "method": "put",
  "path": "/api/email-subscriptions/wizard-news",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "Content-Type": "application/json",
    "GOVUK-Account-Session": "logged-in-user-session"
  },
  "body": {
    "topic_slug": "wizard-news-topic-slug"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "email_subscription": {
      "name": "wizard-news",
      "topic_slug": "wizard-news-topic-slug"
    }
  }
}

Given there is a valid user session, with a 'wizard-news' email subscription, upon receiving a put-subscription request for 'wizard-news' from GDS API Adapters, with

{
  "method": "put",
  "path": "/api/email-subscriptions/wizard-news",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "Content-Type": "application/json",
    "GOVUK-Account-Session": "logged-in-user-session"
  },
  "body": {
    "topic_slug": "wizard-news-topic-slug"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "email_subscription": {
      "name": "wizard-news",
      "topic_slug": "wizard-news-topic-slug"
    }
  }
}

Given there is a valid user session, upon receiving a set-attributes request from GDS API Adapters, with

{
  "method": "patch",
  "path": "/api/attributes",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "Content-Type": "application/json",
    "GOVUK-Account-Session": "logged-in-user-session"
  },
  "body": {
    "attributes": {
      "test_attribute_1": [
        1,
        2,
        3
      ],
      "test_attribute_2": {
        "nested": "json"
      }
    }
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id"
  }
}

Given there is a valid user session, with a 'wizard-news' email subscription, upon receiving a show-subscription request for 'wizard-news' from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/email-subscriptions/wizard-news",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "email_subscription": {
      "name": "wizard-news",
      "topic_slug": "wizard-news-topic-slug"
    }
  }
}

Given there is a valid user session, upon receiving a show-subscription request for 'wizard-news' from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/email-subscriptions/wizard-news",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "GOVUK-Account-Session": "logged-in-user-session"
  }
}

Account API will respond with:

{
  "status": 404
}

Upon receiving a sign-in request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/oauth2/sign-in",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "auth_uri": "http://authentication-provider/some/oauth/url",
    "state": "value-to-use-for-csrf-prevention"
  }
}

Given there is a valid OAuth response, upon receiving a validation request from GDS API Adapters, with

{
  "method": "post",
  "path": "/api/oauth2/callback",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "Content-Type": "application/json"
  },
  "body": {
    "code": "code",
    "state": "state"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id"
  }
}

Given there is a valid OAuth response, with cookie consent 'true', upon receiving a validation request from GDS API Adapters, with

{
  "method": "post",
  "path": "/api/oauth2/callback",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "Content-Type": "application/json"
  },
  "body": {
    "code": "code",
    "state": "state"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "cookie_consent": true
  }
}

Given there is a valid OAuth response, with the redirect path '/some-arbitrary-path', upon receiving a validation request from GDS API Adapters, with

{
  "method": "post",
  "path": "/api/oauth2/callback",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "Content-Type": "application/json"
  },
  "body": {
    "code": "code",
    "state": "state"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "govuk_account_session": "user-session-id",
    "redirect_path": "/some-arbitrary-path"
  }
}

Upon receiving a validation request from GDS API Adapters, with

{
  "method": "post",
  "path": "/api/oauth2/callback",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()",
    "Content-Type": "application/json"
  },
  "body": {
    "code": "code",
    "state": "state"
  }
}

Account API will respond with:

{
  "status": 401
}

Upon receiving an end-session request from GDS API Adapters, with

{
  "method": "get",
  "path": "/api/oauth2/end-session",
  "headers": {
    "Accept": "application/json",
    "User-Agent": "gds-api-adapters/73.1.0 ()"
  }
}

Account API will respond with:

{
  "status": 200,
  "headers": {
    "Content-Type": "application/json; charset=utf-8"
  },
  "body": {
    "end_session_uri": "http://authentication-provider/some/end/session/url"
  }
}