diff --git a/authorisation/middleware.go b/authorisation/middleware.go index 9a6d248..0097578 100644 --- a/authorisation/middleware.go +++ b/authorisation/middleware.go @@ -3,10 +3,11 @@ package authorisation import ( "context" "errors" + "fmt" "net/http" "strings" - "github.com/ONSdigital/dp-api-clients-go/headers" + "github.com/ONSdigital/dp-api-clients-go/v2/headers" "github.com/ONSdigital/dp-authorisation/v2/identityclient" "github.com/ONSdigital/dp-authorisation/v2/jwt" "github.com/ONSdigital/dp-authorisation/v2/permissions" @@ -200,15 +201,21 @@ func (m PermissionCheckMiddleware) Parse(token string) (*permsdk.EntityData, err } // GetCollectionIdAttribute provides an implementation of GetAttributesFromRequest. Retrieves and returns -// header 'Collection-Id' from the request if it exists, otherwise returns an empty map. Never returns an -// error as the header is not mandatory +// header 'Collection-Id' from the request if it exists, otherwise returns an empty map. +// It may return an error only if the header cannot be retrieved by some other reason (e.g. nil request). func GetCollectionIDAttribute(req *http.Request) (map[string]string, error) { attributes := make(map[string]string, 0) - collectionIDAttribute, _ := headers.GetCollectionID(req) - if collectionIDAttribute != "" { - attributes[collectionIDAttributeKey] = collectionIDAttribute + collectionIDAttribute, err := headers.GetCollectionID(req) + if err != nil { + if err == headers.ErrHeaderNotFound { + // empty header is allowed (no value returned in attributes map for CollectionID) + return attributes, nil + } + // any other error must be returned + return nil, fmt.Errorf("error getting Collection-Id header from request: %w", err) } + attributes[collectionIDAttributeKey] = collectionIDAttribute return attributes, nil } diff --git a/authorisation/middleware_test.go b/authorisation/middleware_test.go index 4268025..097a76f 100644 --- a/authorisation/middleware_test.go +++ b/authorisation/middleware_test.go @@ -456,6 +456,19 @@ func TestGetCollectionIdAttribute_NoCollectionIdHeader(t *testing.T) { }) }) }) + + Convey("Given a nil request", t, func() { + var request *http.Request = nil + + Convey("When the function is called", func() { + _, err := authorisation.GetCollectionIDAttribute(request) + + Convey("Then the expected error is returned", func() { + So(err, ShouldNotBeNil) + So(err.Error(), ShouldResemble, "error getting Collection-Id header from request: error setting request header request was nil") + }) + }) + }) } func TestMiddleware_NewMiddlewareFromConfig_JWTKeys(t *testing.T) { diff --git a/go.mod b/go.mod index 5e3e3e8..b31c160 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,6 @@ module github.com/ONSdigital/dp-authorisation/v2 go 1.19 require ( - github.com/ONSdigital/dp-api-clients-go v1.43.0 github.com/ONSdigital/dp-api-clients-go/v2 v2.159.1 github.com/ONSdigital/dp-healthcheck v1.3.0 github.com/ONSdigital/dp-net v1.4.1 @@ -17,6 +16,7 @@ require ( ) require ( + github.com/ONSdigital/dp-api-clients-go v1.43.0 // indirect github.com/aws/aws-sdk-go v1.44.75 // indirect github.com/fatih/color v1.13.0 // indirect github.com/gopherjs/gopherjs v1.17.2 // indirect