github.com/companieshouse/lfp-pay-api@v0.0.0-20230203133422-0ca455cd79f9/handlers/register.go (about) 1 package handlers 2 3 import ( 4 "net/http" 5 6 "github.com/companieshouse/chs.go/authentication" 7 "github.com/companieshouse/chs.go/log" 8 "github.com/companieshouse/lfp-pay-api/config" 9 "github.com/companieshouse/lfp-pay-api/dao" 10 "github.com/companieshouse/lfp-pay-api/e5" 11 "github.com/companieshouse/lfp-pay-api/interceptors" 12 "github.com/companieshouse/lfp-pay-api/middleware" 13 "github.com/companieshouse/lfp-pay-api/service" 14 "github.com/gorilla/mux" 15 ) 16 17 var payableResourceService *service.PayableResourceService 18 var paymentDetailsService *service.PaymentDetailsService 19 20 // Register defines the route mappings for the main router and it's subrouters 21 func Register(mainRouter *mux.Router, cfg *config.Config, svc dao.Service) { 22 23 payableResourceService = &service.PayableResourceService{ 24 Config: cfg, 25 DAO: svc, 26 } 27 28 paymentDetailsService = &service.PaymentDetailsService{ 29 PayableResourceService: payableResourceService, 30 } 31 32 payableAuthInterceptor := interceptors.PayableAuthenticationInterceptor{ 33 Service: *payableResourceService, 34 } 35 36 // only oauth2 users can create payable resources 37 oauth2OnlyInterceptor := &authentication.OAuth2OnlyAuthenticationInterceptor{ 38 StrictPaths: map[string][]string{ 39 "/company/{company_number}/penalties/late-filing/payable": []string{http.MethodPost}, 40 }, 41 } 42 43 e5Client := e5.NewClient(cfg.E5Username, cfg.E5APIURL) 44 45 userAuthInterceptor := &authentication.UserAuthenticationInterceptor{ 46 AllowAPIKeyUser: true, 47 RequireElevatedAPIKeyPrivilege: true, 48 } 49 50 mainRouter.HandleFunc("/healthcheck", healthCheck).Methods(http.MethodGet).Name("healthcheck") 51 mainRouter.HandleFunc("/healthcheck/finance-system", HandleHealthCheckFinanceSystem).Methods(http.MethodGet).Name("healthcheck-finance-system") 52 53 appRouter := mainRouter.PathPrefix("/company/{company_number}/penalties/late-filing").Subrouter() 54 appRouter.HandleFunc("", HandleGetPenalties).Methods(http.MethodGet).Name("get-penalties") 55 appRouter.Handle("/payable", CreatePayableResourceHandler(svc)).Methods(http.MethodPost).Name("create-payable") 56 appRouter.Use( 57 oauth2OnlyInterceptor.OAuth2OnlyAuthenticationIntercept, 58 userAuthInterceptor.UserAuthenticationIntercept, 59 middleware.CompanyMiddleware, 60 ) 61 62 // sub router for handling interactions with existing payable resources to apply relevant 63 // PayableAuthenticationInterceptor 64 existingPayableRouter := appRouter.PathPrefix("/payable/{payable_id}").Subrouter() 65 existingPayableRouter.HandleFunc("", HandleGetPayableResource).Name("get-payable").Methods(http.MethodGet) 66 existingPayableRouter.HandleFunc("/payment", HandleGetPaymentDetails).Methods(http.MethodGet).Name("get-payment-details") 67 existingPayableRouter.Use(payableAuthInterceptor.PayableAuthenticationIntercept) 68 69 // separate router for the patch request so that we can apply the interceptor to it without interfering with 70 // other routes 71 payResourceRouter := appRouter.PathPrefix("/payable/{payable_id}/payment").Methods(http.MethodPatch).Subrouter() 72 payResourceRouter.Use(payableAuthInterceptor.PayableAuthenticationIntercept, authentication.ElevatedPrivilegesInterceptor) 73 payResourceRouter.Handle("", PayResourceHandler(payableResourceService, e5Client)).Name("mark-as-paid") 74 75 // Set middleware across all routers and sub routers 76 mainRouter.Use(log.Handler) 77 } 78 79 func healthCheck(w http.ResponseWriter, _ *http.Request) { 80 w.WriteHeader(http.StatusOK) 81 }