More work

stevebux · stevebux · commit 58c38cf55895 · 2026-04-14T09:18:34.000+01:00
diff --git a/.github/actions/acceptance-tests/action.yml b/.github/actions/acceptance-tests/action.yml
@@ -104,7 +104,7 @@ runs:
       run: |
         echo "$SUPPLIER_API_PRIVATE_KEY" > "${GITHUB_WORKSPACE}/internal-dev-test-1.pem"
         chmod 600 "${GITHUB_WORKSPACE}/internal-dev-test-1.pem"
-        BASE_PROXY_NAME=nhs-notify-supplier--internal-dev--nhs-notify-supplier
+
         export API_ENVIRONMENT=internal-dev
         if [[ -z "$PR_NUMBER" ]]; then
           export PROXY_NAME="${BASE_PROXY_NAME}"
diff --git a/tests/e2e-tests/api/data/test_get_letter_data.py b/tests/e2e-tests/api/data/test_get_letter_data.py
@@ -10,8 +10,8 @@
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_200_get_letter_status(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_200_get_letter_status(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}/", headers=headers)
 
     letter_id = get_letter_id.json().get("data")[0].get("id")
@@ -25,8 +25,8 @@ def test_200_get_letter_status(url, bearer_token):
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_404_letter_does_not_exist(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_404_letter_does_not_exist(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_message_response = requests.get(f"{url}/{LETTERS_ENDPOINT}/xx", headers=headers)
 
     ErrorHandler.handle_retry(get_message_response)
@@ -37,11 +37,23 @@ def test_404_letter_does_not_exist(url, bearer_token):
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_404_letter_does_not_exist(url, bearer_token):
+def test_404_letter_does_not_exist(url, authentication_secret):
     letter_id = uuid.uuid4().hex
-    headers = Generators.generate_valid_headers(bearer_token.value)
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_message_response = requests.get(f"{url}/{LETTERS_ENDPOINT}/{letter_id}/data", headers=headers)
 
     ErrorHandler.handle_retry(get_message_response)
     assert get_message_response.status_code == 404
     assert get_message_response.json().get("errors")[0].get("detail") == "No resource found with that ID"
+
+@pytest.mark.test
+@pytest.mark.devtest
+@pytest.mark.inttest
+@pytest.mark.prodtest
+def test_500_letter_does_not_exist(url, authentication_secret):
+    letter_id = "00000000-0000-0000-0000-000000000000"
+    headers = Generators.generate_valid_headers(authentication_secret)
+    get_message_response = requests.get(f"{url}/{LETTERS_ENDPOINT}/{letter_id}/data", headers=headers)
+
+    ErrorHandler.handle_retry(get_message_response)
+    assert get_message_response.status_code == 500
diff --git a/tests/e2e-tests/api/headers/test_x_request_id.py b/tests/e2e-tests/api/headers/test_x_request_id.py
@@ -17,10 +17,10 @@ def test_header_letters_endpoint(
     url,
     method,
     endpoints,
-    bearer_token
+    authentication_secret
 ):
     resp = getattr(requests, method)(f"{url}/{endpoints}", headers={
-        "Authorization": bearer_token.value,
+        "Authorization": authentication_secret.value,
         "X-Request-ID": None
     })
 
@@ -33,10 +33,10 @@ def test_header_letters_endpoint(
 @pytest.mark.prodtest
 def test_header_mi_endpoint(
     url,
-    bearer_token
+    authentication_secret
 ):
     resp = getattr(requests, "post")(f"{url}/{MI_ENDPOINT}", headers={
-        "Authorization": bearer_token.value,
+        "Authorization": authentication_secret.value,
         "X-Request-ID": ""
     })
 
diff --git a/tests/e2e-tests/api/letters/test_get_letter_status.py b/tests/e2e-tests/api/letters/test_get_letter_status.py
@@ -9,8 +9,8 @@
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_200_get_letter_status(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_200_get_letter_status(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letters = requests.get(f"{url}/{LETTERS_ENDPOINT}/", headers=headers)
 
     letter_id = get_letters.json().get("data")[0].get("id")
@@ -24,8 +24,8 @@ def test_200_get_letter_status(url, bearer_token):
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_404_letter_does_not_exist(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_404_letter_does_not_exist(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_message_response = requests.get(f"{url}/{LETTERS_ENDPOINT}/xx", headers=headers)
 
     ErrorHandler.handle_retry(get_message_response)
diff --git a/tests/e2e-tests/api/letters/test_get_list_of_letters.py b/tests/e2e-tests/api/letters/test_get_list_of_letters.py
@@ -9,8 +9,8 @@
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_200_get_letters(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_200_get_letters(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
 
     get_message_response = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=1", headers=headers)
 
diff --git a/tests/e2e-tests/api/letters/test_multiple_letter_status.py b/tests/e2e-tests/api/letters/test_multiple_letter_status.py
@@ -11,8 +11,8 @@
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_202_with_valid_headers(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_202_with_valid_headers(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=2", headers=headers)
 
     ids = [item.get("id") for item in get_letter_id.json().get("data", [])]
@@ -35,8 +35,8 @@ def test_202_with_valid_headers(url, bearer_token):
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_400_duplicates_in_request_body(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_400_duplicates_in_request_body(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=2", headers=headers)
 
     ids = [item.get("id") for item in get_letter_id.json().get("data", [])]
@@ -60,8 +60,8 @@ def test_400_duplicates_in_request_body(url, bearer_token):
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_400_invalid_status_in_request_body(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_400_invalid_status_in_request_body(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=3", headers=headers)
 
     ids = [item.get("id") for item in get_letter_id.json().get("data", [])]
diff --git a/tests/e2e-tests/api/letters/test_update_letter_status.py b/tests/e2e-tests/api/letters/test_update_letter_status.py
@@ -11,8 +11,8 @@
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_202_with_valid_headers(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_202_with_valid_headers(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=1", headers=headers)
 
     letter_id = get_letter_id.json().get("data")[0].get("id")
@@ -27,8 +27,8 @@ def test_202_with_valid_headers(url, bearer_token):
     ErrorHandler.handle_retry(update_letter_status)
     assert update_letter_status.status_code == 202, f"Response: {update_letter_status.status_code}: {update_letter_status.text}"
 
-def test_202_with_rejected_status(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_202_with_rejected_status(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=1", headers=headers)
 
     letter_id = get_letter_id.json().get("data")[0].get("id")
@@ -47,8 +47,8 @@ def test_202_with_rejected_status(url, bearer_token):
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_400_with_invalid_status(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_400_with_invalid_status(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=1", headers=headers)
 
     letter_id = get_letter_id.json().get("data")[0].get("id")
@@ -67,8 +67,8 @@ def test_400_with_invalid_status(url, bearer_token):
 @pytest.mark.devtest
 @pytest.mark.inttest
 @pytest.mark.prodtest
-def test_400_id_mismatch_with_request(url, bearer_token):
-    headers = Generators.generate_valid_headers(bearer_token.value)
+def test_400_id_mismatch_with_request(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
     get_letter_id = requests.get(f"{url}/{LETTERS_ENDPOINT}?limit=1", headers=headers)
 
     letter_id = get_letter_id.json().get("data")[0].get("id")
diff --git a/tests/e2e-tests/api/test_endpoint.py b/tests/e2e-tests/api/test_endpoint.py
@@ -2,6 +2,7 @@
 import requests
 from lib.errorhandler import ErrorHandler
 from lib.fixtures import *  # NOSONAR
+from lib.generators import Generators
 
 @pytest.mark.smoketest
 def test_ping(url):
@@ -11,10 +12,9 @@ def test_ping(url):
 @pytest.mark.smoketest
 @pytest.mark.sandboxtest
 @pytest.mark.devtest
-def test_status(url, status_endpoint_api_key):
-    resp = requests.get(
-        f"{url}/_status", headers={"apikey": status_endpoint_api_key}
-    )
+def test_status(url, authentication_secret):
+    headers = Generators.generate_valid_headers(authentication_secret)
+    resp = requests.get(f"{url}/_status", headers=headers)
 
     ErrorHandler.handle_retry(resp)
     assert resp.status_code == 200
diff --git a/tests/e2e-tests/lib/authentication.py b/tests/e2e-tests/lib/authentication.py
@@ -56,14 +56,22 @@ def generate_authentication(self, env, base_url):
         else:
             raise ValueError("Unknown value: ", env)
 
+        if "-PR-" in base_url:
+            # PR environments use AAL0 - authentication is the API key passed directly
+            return Secret(api_key, auth_type="apikey")
+
+        if base_url.ends_with("/_status"):
+            # Special case - the status endpoint uses a different API key
+            api_key = os.environ.get("STATUS_ENDPOINT_API_KEY")
+
         _, latest_token_expiry = self.tokens.get(env, (None, 0))
 
         # Generate new token if latest token will expire in 15 seconds
         if env not in self.tokens or latest_token_expiry < int(time()) + 15:
             self.tokens[env] = self.generate_and_test_new_token(api_key, private_key, url, kid, test_url)
 
-        bearer_token = self.tokens[env][0]
-        return Secret(bearer_token)
+        authentication_secret = self.tokens[env][0]
+        return Secret(authentication_secret)
 
     def generate_and_test_new_token(self, api_key, private_key, url, kid, test_url):
         new_token = None
diff --git a/tests/e2e-tests/lib/fixtures.py b/tests/e2e-tests/lib/fixtures.py
@@ -52,15 +52,8 @@ def authentication_cache():
     return AuthenticationCache()
 
 @pytest.fixture()
-def bearer_token(authentication_cache):
+def authentication_secret(url, authentication_cache):
     environment = os.environ['API_ENVIRONMENT']
-    if environment == "prod":
-        url = "https://api.service.nhs.uk/nhs-notify-supplier"
-    # the ref2 url is structured slightly differently so it needs to be explicitly called out here
-    elif environment == "ref":
-        url = "https://internal-dev.api.service.nhs.uk/nhs-notify-supplier"
-    else:
-        url = f"https://{environment}.api.service.nhs.uk/nhs-notify-supplier"
     return authentication_cache.generate_authentication(environment, url)
 
 @pytest.fixture(scope='session')
diff --git a/tests/e2e-tests/lib/generators.py b/tests/e2e-tests/lib/generators.py
@@ -13,8 +13,12 @@ def generate_valid_create_message_body(environment="sandbox"):
 
     @staticmethod
     def generate_valid_headers(auth):
+        if auth.auth_type == "apikey":
+            auth_header = {"apikey": auth.value}
+        else:
+            auth_header = {"Authorization": auth.value}
         return {
-            "Authorization": auth,
+            **auth_header,
             "X-Request-ID":"123e4567-e89b-12d3-a456-426614174000",
         }
 
diff --git a/tests/e2e-tests/lib/secret.py b/tests/e2e-tests/lib/secret.py
@@ -1,6 +1,7 @@
 class Secret:
-    def __init__(self, value):
+    def __init__(self, value, auth_type="bearer"):
         self.value = value
+        self.auth_type = auth_type
 
     def __repr__(self):
         return "Secret(********)"
