AUT-2164: Create new service to check for fraudulent emails

src/app.constants.ts

@@ -115,6 +115,7 @@ export const API_ENDPOINTS = {
   VERIFY_MFA_CODE: "/verify-mfa-code",
   ACCOUNT_RECOVERY: "/account-recovery",
   CHECK_REAUTH_USER: "/check-reauth-user",
+  CHECK_EMAIL_FRAUD_BLOCK: "/check-email-fraud-block",
 };
 
 export const ERROR_MESSAGES = {

src/components/check-email-fraud-block/checkEmailFraudBlockService.ts

@@ -0,0 +1,41 @@
+import {
+  createApiResponse,
+  getRequestConfig,
+  Http,
+  http,
+} from "../../utils/http";
+import { API_ENDPOINTS } from "../../app.constants";
+import { ApiResponseResult } from "../../types";
+import {
+  CheckEmailFraudBlockInterface,
+  CheckEmailFraudBlockResponse,
+} from "./types";
+
+export function checkEmailFraudBlockService(
+  axios: Http = http
+): CheckEmailFraudBlockInterface {
+  const checkEmailFraudBlock = async function (
+    email: string,
+    sessionId: string,
+    sourceIp: string,
+    clientSessionId: string,
+    persistentSessionId: string
+  ): Promise<ApiResponseResult<CheckEmailFraudBlockResponse>> {
+    const response = await axios.client.post<CheckEmailFraudBlockResponse>(
+      API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK,
+      {
+        email: email.toLowerCase(),
+      },
+      getRequestConfig({
+        sessionId: sessionId,
+        sourceIp: sourceIp,
+        clientSessionId: clientSessionId,
+        persistentSessionId: persistentSessionId,
+      })
+    );
+    return createApiResponse<CheckEmailFraudBlockResponse>(response);
+  };
+  return {
+    checkEmailFraudBlock,
+  };
+}

src/components/check-email-fraud-block/types.ts

@@ -0,0 +1,16 @@
+import { ApiResponseResult, DefaultApiResponse } from "../../types";
+
+export interface CheckEmailFraudBlockInterface {
+  checkEmailFraudBlock: (
+    email: string,
+    sessionId: string,
+    sourceIp: string,
+    clientSessionId: string,
+    persistentSessionId: string
+  ) => Promise<ApiResponseResult<CheckEmailFraudBlockResponse>>;
+}
+
+export interface CheckEmailFraudBlockResponse extends DefaultApiResponse {
+  email: string;
+  isBlockedStatus: string;
+}

src/components/enter-email/enter-email-controller.ts

@@ -31,6 +31,9 @@ import {
   timestampNMinutesFromNow,
   timestampNSecondsFromNow,
 } from "../../utils/lock-helper";
+import { checkEmailFraudBlockService } from "../check-email-fraud-block/checkEmailFraudBlockService";
+import { CheckEmailFraudBlockInterface } from "../check-email-fraud-block/types";
+import { logger } from "../../utils/logger";
 
 export const RE_ENTER_EMAIL_TEMPLATE =
   "enter-email/index-re-enter-email-account.njk";
@@ -59,7 +62,8 @@ export function enterEmailCreateGet(req: Request, res: Response): void {
 
 export function enterEmailPost(
   service: EnterEmailServiceInterface = enterEmailService(),
-  checkReauthService: CheckReauthServiceInterface = checkReauthUsersService()
+  checkReauthService: CheckReauthServiceInterface = checkReauthUsersService(),
+  checkEmailFraudService: CheckEmailFraudBlockInterface = checkEmailFraudBlockService()
 ): ExpressRouteFunc {
   return async function (req: Request, res: Response) {
     const email = req.body.email;
@@ -126,6 +130,17 @@ export function enterEmailPost(
       result.data.lockoutInformation.length > 0
     )
       setUpAuthAppLocks(req, result.data.lockoutInformation);
+
+    const checkEmailFraudResponse =
+      await checkEmailFraudService.checkEmailFraudBlock(
+        email,
+        sessionId,
+        req.ip,
+        clientSessionId,
+        persistentSessionId
+      );
+    logger.info(`checkEmailFraudResponse: ${checkEmailFraudResponse.data}`);
+
     req.session.user.enterEmailMfaType = result.data.mfaMethodType;
     req.session.user.redactedPhoneNumber = result.data.phoneNumberLastThree;
     const nextState = result.data.doesUserExist

src/components/enter-email/tests/enter-email-integration.test.ts

@@ -1,18 +1,14 @@
 import request from "supertest";
 import { describe } from "mocha";
 import { expect, sinon } from "../../../../test/utils/test-utils";
-import nock = require("nock");
 import * as cheerio from "cheerio";
 import decache from "decache";
-import {
-  API_ENDPOINTS,
-  HTTP_STATUS_CODES,
-  PATH_NAMES,
-} from "../../../app.constants";
+import { API_ENDPOINTS, HTTP_STATUS_CODES, PATH_NAMES } from "../../../app.constants";
 import { CheckReauthServiceInterface } from "../../check-reauth-users/types";
 import { AxiosResponse } from "axios";
 import { createApiResponse } from "../../../utils/http";
 import { DefaultApiResponse } from "../../../types";
+import nock = require("nock");
 
 describe("Integration::enter email", () => {
   let token: string | string[];
@@ -167,6 +163,13 @@ describe("Integration::enter email", () => {
         email: "[email protected]",
         doesUserExist: true,
       });
+    nock(baseApi)
+      .post(API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK)
+      .once()
+      .reply(HTTP_STATUS_CODES.OK, {
+        email: "[email protected]",
+        isBlockedStatus: "Pending",
+      });
 
     request(app)
       .post(PATH_NAMES.ENTER_EMAIL_SIGN_IN)
@@ -185,6 +188,13 @@ describe("Integration::enter email", () => {
       email: "[email protected]",
       doesUserExist: false,
     });
+    nock(baseApi)
+      .post(API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK)
+      .once()
+      .reply(HTTP_STATUS_CODES.OK, {
+        email: "[email protected]",
+        isBlockedStatus: "Pending",
+      });
 
     request(app)
       .post(PATH_NAMES.ENTER_EMAIL_SIGN_IN)
@@ -236,6 +246,14 @@ describe("Integration::enter email", () => {
         doesUserExist: true,
       });
 
+    nock(baseApi)
+      .post(API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK)
+      .once()
+      .reply(HTTP_STATUS_CODES.OK, {
+        email: "[email protected]",
+        isBlockedStatus: "Pending",
+      });
+
     request(app)
       .post(PATH_NAMES.ENTER_EMAIL_SIGN_IN)
       .type("form")