diff --git a/src/app.constants.ts b/src/app.constants.ts index d4ffe1e1ff..541a17632f 100644 --- a/src/app.constants.ts +++ b/src/app.constants.ts @@ -115,6 +115,7 @@ export const API_ENDPOINTS = { VERIFY_MFA_CODE: "/verify-mfa-code", ACCOUNT_RECOVERY: "/account-recovery", CHECK_REAUTH_USER: "/check-reauth-user", + CHECK_EMAIL_FRAUD_BLOCK: "/check-email-fraud-block", }; export const ERROR_MESSAGES = { diff --git a/src/components/check-email-fraud-block/checkEmailFraudBlockService.ts b/src/components/check-email-fraud-block/checkEmailFraudBlockService.ts new file mode 100644 index 0000000000..962df8f441 --- /dev/null +++ b/src/components/check-email-fraud-block/checkEmailFraudBlockService.ts @@ -0,0 +1,41 @@ +import { + createApiResponse, + getRequestConfig, + Http, + http, +} from "../../utils/http"; +import { API_ENDPOINTS } from "../../app.constants"; +import { ApiResponseResult } from "../../types"; +import { + CheckEmailFraudBlockInterface, + CheckEmailFraudBlockResponse, +} from "./types"; + +export function checkEmailFraudBlockService( + axios: Http = http +): CheckEmailFraudBlockInterface { + const checkEmailFraudBlock = async function ( + email: string, + sessionId: string, + sourceIp: string, + clientSessionId: string, + persistentSessionId: string + ): Promise> { + const response = await axios.client.post( + API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK, + { + email: email.toLowerCase(), + }, + getRequestConfig({ + sessionId: sessionId, + sourceIp: sourceIp, + clientSessionId: clientSessionId, + persistentSessionId: persistentSessionId, + }) + ); + return createApiResponse(response); + }; + return { + checkEmailFraudBlock, + }; +} diff --git a/src/components/check-email-fraud-block/types.ts b/src/components/check-email-fraud-block/types.ts new file mode 100644 index 0000000000..a4a4830dd0 --- /dev/null +++ b/src/components/check-email-fraud-block/types.ts @@ -0,0 +1,16 @@ +import { ApiResponseResult, DefaultApiResponse } from "../../types"; + +export interface CheckEmailFraudBlockInterface { + checkEmailFraudBlock: ( + email: string, + sessionId: string, + sourceIp: string, + clientSessionId: string, + persistentSessionId: string + ) => Promise>; +} + +export interface CheckEmailFraudBlockResponse extends DefaultApiResponse { + email: string; + isBlockedStatus: string; +} diff --git a/src/components/enter-email/enter-email-controller.ts b/src/components/enter-email/enter-email-controller.ts index a24e831deb..b189ee08ee 100644 --- a/src/components/enter-email/enter-email-controller.ts +++ b/src/components/enter-email/enter-email-controller.ts @@ -31,6 +31,9 @@ import { timestampNMinutesFromNow, timestampNSecondsFromNow, } from "../../utils/lock-helper"; +import { checkEmailFraudBlockService } from "../check-email-fraud-block/checkEmailFraudBlockService"; +import { CheckEmailFraudBlockInterface } from "../check-email-fraud-block/types"; +import { logger } from "../../utils/logger"; export const RE_ENTER_EMAIL_TEMPLATE = "enter-email/index-re-enter-email-account.njk"; @@ -59,7 +62,8 @@ export function enterEmailCreateGet(req: Request, res: Response): void { export function enterEmailPost( service: EnterEmailServiceInterface = enterEmailService(), - checkReauthService: CheckReauthServiceInterface = checkReauthUsersService() + checkReauthService: CheckReauthServiceInterface = checkReauthUsersService(), + checkEmailFraudService: CheckEmailFraudBlockInterface = checkEmailFraudBlockService() ): ExpressRouteFunc { return async function (req: Request, res: Response) { const email = req.body.email; @@ -126,6 +130,17 @@ export function enterEmailPost( result.data.lockoutInformation.length > 0 ) setUpAuthAppLocks(req, result.data.lockoutInformation); + + const checkEmailFraudResponse = + await checkEmailFraudService.checkEmailFraudBlock( + email, + sessionId, + req.ip, + clientSessionId, + persistentSessionId + ); + logger.info(`checkEmailFraudResponse: ${checkEmailFraudResponse.data}`); + req.session.user.enterEmailMfaType = result.data.mfaMethodType; req.session.user.redactedPhoneNumber = result.data.phoneNumberLastThree; const nextState = result.data.doesUserExist diff --git a/src/components/enter-email/tests/enter-email-integration.test.ts b/src/components/enter-email/tests/enter-email-integration.test.ts index a863736a24..d45ff38923 100644 --- a/src/components/enter-email/tests/enter-email-integration.test.ts +++ b/src/components/enter-email/tests/enter-email-integration.test.ts @@ -1,18 +1,14 @@ import request from "supertest"; import { describe } from "mocha"; import { expect, sinon } from "../../../../test/utils/test-utils"; -import nock = require("nock"); import * as cheerio from "cheerio"; import decache from "decache"; -import { - API_ENDPOINTS, - HTTP_STATUS_CODES, - PATH_NAMES, -} from "../../../app.constants"; +import { API_ENDPOINTS, HTTP_STATUS_CODES, PATH_NAMES } from "../../../app.constants"; import { CheckReauthServiceInterface } from "../../check-reauth-users/types"; import { AxiosResponse } from "axios"; import { createApiResponse } from "../../../utils/http"; import { DefaultApiResponse } from "../../../types"; +import nock = require("nock"); describe("Integration::enter email", () => { let token: string | string[]; @@ -167,6 +163,13 @@ describe("Integration::enter email", () => { email: "test@test.com", doesUserExist: true, }); + nock(baseApi) + .post(API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK) + .once() + .reply(HTTP_STATUS_CODES.OK, { + email: "test@test.com", + isBlockedStatus: "Pending", + }); request(app) .post(PATH_NAMES.ENTER_EMAIL_SIGN_IN) @@ -185,6 +188,13 @@ describe("Integration::enter email", () => { email: "test@test.com", doesUserExist: false, }); + nock(baseApi) + .post(API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK) + .once() + .reply(HTTP_STATUS_CODES.OK, { + email: "test@test.com", + isBlockedStatus: "Pending", + }); request(app) .post(PATH_NAMES.ENTER_EMAIL_SIGN_IN) @@ -236,6 +246,14 @@ describe("Integration::enter email", () => { doesUserExist: true, }); + nock(baseApi) + .post(API_ENDPOINTS.CHECK_EMAIL_FRAUD_BLOCK) + .once() + .reply(HTTP_STATUS_CODES.OK, { + email: "test@test.com", + isBlockedStatus: "Pending", + }); + request(app) .post(PATH_NAMES.ENTER_EMAIL_SIGN_IN) .type("form")