Jmax/lg 15676 passport api health check infrastructure

app/services/analytics_events.rb

@@ -6232,6 +6232,20 @@ def otp_phone_validation_failed(error:, message:, context:, country:, **extra)
     )
   end
 
+  # Tracks the health of the DoS Passports API
+  # @param [Boolean] success Whether the passport api health check succeeded.
+  # @param [Hash] body The health check body, if present.
+  # @param [String] error Any additional error information we have
+  def passport_api_health_check(success:, body: nil, error: nil, **extra)
+    track_event(
+      :passport_api_health_check,
+      success:,
+      body:,
+      error:,
+      **extra,
+    )
+  end
+
   # @param [Boolean] success Whether form validation was successful
   # @param [Hash] error_details Details for errors that occurred in unsuccessful submission
   # @param [Boolean] active_profile_present Whether active profile existed at time of change

app/services/doc_auth/dos/requests/general_health_check_request.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module DocAuth
+  module Dos
+    module Requests
+      class GeneralHealthCheckRequest
+        def fetch(analytics)
+          begin
+            faraday_response = connection.get
+            response = Responses::HealthCheckSuccess.new(faraday_response)
+          rescue Faraday::Error => faraday_error
+            response = Responses::HealthCheckFailure.new(faraday_error)
+          end
+        ensure
+          analytics.passport_api_health_check(
+            success: response.success?,
+            **response.extra,
+          )
+        end
+
+        private
+
+        attr_reader :analytics
+
+        def connection
+          @connection ||= Faraday::Connection.new(
+            url: IdentityConfig.store.passports_api_health_check_endpoint,
+          ) do |builder|
+            builder.response :raise_error
+          end
+        end
+      end
+    end
+  end
+end

app/services/doc_auth/dos/responses/health_check_failure.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module DocAuth
+  module Dos
+    module Responses
+      class HealthCheckFailure < DocAuth::Response
+        def initialize(faraday_error)
+          errors =
+            if faraday_error.respond_to?(:status) # some subclasses don't
+              { network: faraday_error.status }
+            else
+              { network: true }
+            end
+
+          super(
+            success: false,
+            errors:,
+            exception: faraday_error,
+            extra: { error: faraday_error.inspect }
+          )
+        end
+      end
+    end
+  end
+end

app/services/doc_auth/dos/responses/health_check_success.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module DocAuth
+  module Dos
+    module Responses
+      class HealthCheckSuccess < DocAuth::Response
+        def initialize(faraday_response)
+          extra =
+            if faraday_response.body && !faraday_response.body.empty?
+              { body: faraday_response.body }
+            else
+              {}
+            end
+
+          super(
+            success: faraday_response.success?,
+            extra:
+          )
+        end
+      end
+    end
+  end
+end

config/application.yml.default

@@ -285,6 +285,7 @@ outbound_connection_check_retry_count: 2
 outbound_connection_check_timeout: 5
 outbound_connection_check_url: 'https://checkip.amazonaws.com'
 participate_in_dap: false
+passports_api_health_check_endpoint: 'https://caapinpe.state.gov/api/passport-match-prc-api/v1/html'
 password_max_attempts: 3
 password_pepper:
 personal_key_retired: true

lib/identity_config.rb

@@ -313,6 +313,7 @@ def self.store
     config.add(:outbound_connection_check_timeout, type: :integer)
     config.add(:outbound_connection_check_url)
     config.add(:participate_in_dap, type: :boolean)
+    config.add(:passports_api_health_check_endpoint, type: :string)
     config.add(:password_max_attempts, type: :integer)
     config.add(:password_pepper, type: :string)
     config.add(:personal_key_retired, type: :boolean)

spec/services/doc_auth/dos/requests/general_health_check_request_spec.rb

@@ -0,0 +1,95 @@
+require 'rails_helper'
+
+RSpec.describe DocAuth::Dos::Requests::GeneralHealthCheckRequest do
+  include PassportApiHelpers
+
+  subject(:health_check_request) { described_class.new }
+
+  let(:analytics) { FakeAnalytics.new }
+
+  let(:health_check_endpoint) do
+    IdentityConfig.store.passports_api_health_check_endpoint
+  end
+
+  describe '#fetch' do
+    let(:result) { health_check_request.fetch(analytics) }
+
+    context 'happy path' do
+      before do
+        stub_api_up
+      end
+
+      it 'hits the endpoint' do
+        result
+        expect(WebMock).to have_requested(:get, health_check_endpoint)
+      end
+
+      it 'logs the request' do
+        result
+        expect(analytics).to have_logged_event(
+          :passport_api_health_check,
+          success: true,
+          body: successful_api_health_check_body.to_json,
+        )
+      end
+
+      describe 'the #fetch result' do
+        it 'succeeds' do
+          expect(result).to be_success
+        end
+      end
+    end
+
+    context 'when Faraday raises an error' do
+      before do
+        stub_request(:get, health_check_endpoint).to_raise(Faraday::Error)
+      end
+
+      it 'hits the endpoint' do
+        result
+        expect(WebMock).to have_requested(:get, health_check_endpoint)
+      end
+
+      it 'logs the request' do
+        result
+        expect(analytics).to have_logged_event(
+          :passport_api_health_check,
+          success: false,
+          error: /Faraday::Error/,
+        )
+      end
+
+      describe 'the #fetch result' do
+        it 'does not succeed' do
+          expect(result).not_to be_success
+        end
+      end
+    end
+
+    context 'when Faraday returns an HTTP error' do
+      before do
+        stub_request(:get, health_check_endpoint).to_return(status: 500)
+      end
+
+      it 'hits the endpoint' do
+        result
+        expect(WebMock).to have_requested(:get, health_check_endpoint)
+      end
+
+      it 'logs the request' do
+        result
+        expect(analytics).to have_logged_event(
+          :passport_api_health_check,
+          success: false,
+          error: /Faraday::ServerError/,
+        )
+      end
+
+      describe 'the #fetch result' do
+        it 'does not succeed' do
+          expect(result).not_to be_success
+        end
+      end
+    end
+  end
+end

spec/services/doc_auth/dos/responses/general_health_check_success_spec.rb

@@ -0,0 +1,69 @@
+require 'rails_helper'
+
+RSpec.describe DocAuth::Dos::Responses::HealthCheckSuccess do
+  subject(:health_check_result) { described_class.new(faraday_result) }
+
+  let(:faraday_result) do
+    Faraday.get(health_check_endpoint)
+  end
+
+  let(:health_check_endpoint) do
+    IdentityConfig.store.passports_api_health_check_endpoint
+  end
+
+  context 'when initialized from a successful request' do
+    let(:body) do
+      {
+        name: 'Passport Match Process API',
+        status: 'Up',
+        environment: 'dev-share',
+        comments: 'Ok',
+      }.to_json
+    end
+
+    before do
+      stub_request(:get, health_check_endpoint).to_return(body:)
+    end
+
+    it 'is successful' do
+      expect(health_check_result).to be_success
+    end
+
+    it 'has the body in the extra event parameters' do
+      expect(health_check_result.extra[:body]).to eq(body)
+    end
+  end
+
+  # should not happen, because the connection options in
+  # GeneralHealthCheckRequest prevent it, but let's stay sane if it does.
+  # 403 is an arbitrary choice.
+  context 'when initialized from an HTTP error response' do
+    context 'with no body' do
+      before do
+        stub_request(:get, health_check_endpoint).to_return(status: 403)
+      end
+
+      it 'is not successful' do
+        expect(health_check_result).not_to be_success
+      end
+
+      it 'does not include the body: key in the extras' do
+        expect(health_check_result.extra).not_to have_key(:body)
+      end
+    end
+
+    context 'with a body' do
+      before do
+        stub_request(:get, health_check_endpoint).to_return(status: 403, body: 'a 403 body')
+      end
+
+      it 'is not successful' do
+        expect(health_check_result).not_to be_success
+      end
+
+      it 'includes the body in the extras' do
+        expect(health_check_result.extra[:body]).to eq('a 403 body')
+      end
+    end
+  end
+end

spec/services/doc_auth/dos/responses/health_check_failure_spec.rb

@@ -0,0 +1,36 @@
+require 'rails_helper'
+
+RSpec.describe DocAuth::Dos::Responses::HealthCheckFailure do
+  subject(:health_check_result) { described_class.new(faraday_error) }
+
+  let(:health_check_endpoint) do
+    IdentityConfig.store.passports_api_health_check_endpoint
+  end
+
+  def make_faraday_error(status:)
+    stub_request(:get, health_check_endpoint).to_return(status:)
+    begin
+      Faraday.get(health_check_endpoint)
+    rescue FaradayError => faraday_error
+      faraday_error
+    end
+  end
+
+  [403, 404, 500].each do |http_status|
+    context "when initialized from an HTTP #{http_status} error" do
+      let(:faraday_error) { make_faraday_error(status: http_status) }
+
+      it 'is not successful' do
+        expect(health_check_result).not_to be_success
+      end
+
+      it 'has the correct errors hash' do
+        expect(health_check_result.errors).to eq({ network: http_status })
+      end
+
+      it 'has the faraday exception' do
+        expect(health_check_result.exception).to eq(faraday_error)
+      end
+    end
+  end
+end

spec/support/passport_api_helpers.rb

@@ -0,0 +1,15 @@
+module PassportApiHelpers
+  def successful_api_health_check_body = {
+    name: 'Passport Match Process API',
+    status: 'Up',
+    environment: 'dev-share',
+    comments: 'Ok',
+  }
+
+  def stub_api_up
+    stub_request(:get, health_check_endpoint)
+      .to_return_json(
+        body: successful_api_health_check_body,
+      )
+  end
+end