Merge pull request #1448 from govuk-one-login/ATO-387/remove-consentR…

…equired

ATO-387: Remove consent required

src/app.constants.ts

@@ -30,7 +30,6 @@ export const PATH_NAMES = {
   CREATE_ACCOUNT_ENTER_PHONE_NUMBER: "/enter-phone-number",
   CREATE_ACCOUNT_SUCCESSFUL: "/account-created",
   CHECK_YOUR_PHONE: "/check-your-phone",
-  SHARE_INFO: "/share-info",
   UPDATED_TERMS_AND_CONDITIONS: "/updated-terms-and-conditions",
   ENTER_MFA: "/enter-code",
   SECURITY_CODE_INVALID: "/security-code-invalid",

src/app.ts

@@ -53,7 +53,6 @@ import {
   getSessionIdMiddleware,
   initialiseSessionMiddleware,
 } from "./middleware/session-middleware";
-import { shareInfoRouter } from "./components/share-info/share-info-routes";
 import { updatedTermsConditionsRouter } from "./components/updated-terms-conditions/updated-terms-conditions-routes";
 import { signInOrCreateRouter } from "./components/sign-in-or-create/sign-in-or-create-routes";
 import { accountNotFoundRouter } from "./components/account-not-found/account-not-found-routes";
@@ -126,7 +125,6 @@ function registerRoutes(app: express.Application) {
   app.use(resendMfaCodeAccountCreationRouter);
   app.use(resendEmailCodeRouter);
   app.use(signedOutRouter);
-  app.use(shareInfoRouter);
   app.use(updatedTermsConditionsRouter);
   app.use(resetPasswordRouter);
   if (support2FABeforePasswordReset()) {

src/assets/javascript/cookies.js

@@ -90,7 +90,6 @@ var cookies = function () {
         "sign in",
         "middle"
       ),
-      "/share-info": generateSessionJourney("sign in", "middle"),
       "/reset-password-check-email": generateSessionJourney(
         "password reset",
         "start"

src/components/account-created/account-created-controller.ts

@@ -19,9 +19,6 @@ export async function accountCreatedPost(
     req,
     req.path,
     USER_JOURNEY_EVENTS.ACCOUNT_CREATED,
-    {
-      isConsentRequired: req.session.user.isConsentRequired,
-    },
     res.locals.sessionId
   );
 

src/components/account-created/tests/account-created-controller.test.ts

@@ -41,11 +41,5 @@ describe("account created controller", () => {
 
       expect(res.redirect).to.have.been.calledWith(PATH_NAMES.AUTH_CODE);
     });
-    it("should redirect to share-info when consent is required", async () => {
-      req.session.user.isConsentRequired = true;
-      await accountCreatedPost(req as Request, res as Response);
-
-      expect(res.redirect).to.have.been.calledWith(PATH_NAMES.SHARE_INFO);
-    });
   });
 });

src/components/authorize/authorize-controller.ts

@@ -97,10 +97,6 @@ export function authorizeGet(
     req.session.client.rpSectorHost = claims.rp_sector_host;
     req.session.client.rpRedirectUri = claims.rp_redirect_uri;
     req.session.client.rpState = claims.rp_state;
-
-    req.session.client.consentEnabled =
-      startAuthResponse.data.user.consentRequired;
-
     req.session.user.isIdentityRequired =
       startAuthResponse.data.user.identityRequired;
     req.session.user.isAuthenticated =
@@ -134,7 +130,6 @@ export function authorizeGet(
       PATH_NAMES.AUTHORIZE,
       nextStateEvent,
       {
-        isConsentRequired: req.session.client.consentEnabled,
         requiresUplift: req.session.user.isUpliftRequired,
         isIdentityRequired: req.session.user.isIdentityRequired,
         isAuthenticated: req.session.user.isAuthenticated,

src/components/authorize/claims-config.ts

@@ -21,7 +21,6 @@ export type Claims = {
   jti: string;
   client_name: string;
   cookie_consent_shared: boolean;
-  consent_required: boolean;
   is_one_login_service: boolean;
   service_type: string;
   govuk_signin_journey_id: string;
@@ -45,7 +44,6 @@ export const requiredClaimsKeys = [
   "jti",
   "client_name",
   "cookie_consent_shared",
-  "consent_required",
   "is_one_login_service",
   "service_type",
   "govuk_signin_journey_id",

src/components/authorize/tests/authorize-controller.test.ts

@@ -48,7 +48,6 @@ describe("authorize controller", () => {
     fakeAuthorizeService = mockAuthService({
       data: {
         user: {
-          consentRequired: false,
           identityRequired: false,
           upliftRequired: false,
           authenticated: true,
@@ -179,28 +178,8 @@ describe("authorize controller", () => {
       expect(res.redirect).to.have.calledWith(PATH_NAMES.AUTH_CODE);
     });
 
-    it("should redirect to /share-info when consent required", async () => {
-      authServiceResponseData.data.user = {
-        consentRequired: true,
-        identityRequired: false,
-        upliftRequired: false,
-        authenticated: true,
-      };
-      fakeAuthorizeService = mockAuthService(authServiceResponseData);
-
-      await authorizeGet(
-        fakeAuthorizeService,
-        fakeCookieConsentService,
-        fakeKmsDecryptionService,
-        fakeJwtService
-      )(req as Request, res as Response);
-
-      expect(res.redirect).to.have.calledWith(PATH_NAMES.SHARE_INFO);
-    });
-
     it("should redirect to /identity page when identity check required", async () => {
       authServiceResponseData.data.user = {
-        consentRequired: false,
         identityRequired: true,
         upliftRequired: false,
         authenticated: true,
@@ -223,7 +202,6 @@ describe("authorize controller", () => {
       process.env.SUPPORT_REAUTHENTICATION = "1";
       mockClaims.reauthenticate = "123456";
       authServiceResponseData.data.user = {
-        consentRequired: false,
         identityRequired: false,
         upliftRequired: false,
         authenticated: false,
@@ -245,7 +223,6 @@ describe("authorize controller", () => {
       process.env.SUPPORT_REAUTHENTICATION = "0";
       mockClaims.reauthenticate = "123456";
       authServiceResponseData.data.user = {
-        consentRequired: false,
         identityRequired: false,
         upliftRequired: false,
         authenticated: false,
@@ -278,7 +255,6 @@ describe("authorize controller", () => {
     it("should redirect to /sign-in-or-create page with _ga query param when present", async () => {
       const gaTrackingId = "2.172053219.3232.1636392870-444224.1635165988";
       authServiceResponseData.data.user = {
-        consentRequired: false,
         identityRequired: false,
         upliftRequired: false,
         cookieConsent: COOKIE_CONSENT.ACCEPT,
@@ -321,7 +297,6 @@ describe("authorize controller", () => {
     it("should redirect to /doc-checking-app when doc check app user", async () => {
       authServiceResponseData.data.user = {
         authenticated: false,
-        consentRequired: false,
         docCheckingAppUser: true,
       };
       fakeAuthorizeService = mockAuthService(authServiceResponseData);

src/components/authorize/tests/authorize-integration.test.ts

@@ -47,13 +47,11 @@ describe("Integration:: authorize", () => {
                 serviceType: "MANDATORY",
                 clientName: "test-client",
                 cookieConsentEnabled: true,
-                consentEnabled: true,
                 redirectUri: "http://test-redirect.gov.uk/callback",
                 state: "jasldasl12312",
                 isOneLoginService: false,
               },
               user: {
-                consentRequired: true,
                 upliftRequired: false,
                 identityRequired: false,
                 authenticated: false,

src/components/authorize/tests/test-data.ts

@@ -9,7 +9,6 @@ export function createmockclaims(): any {
   return {
     confidence: "Cl.Cm",
     iss: "UNKNOWN",
-    consent_required: false,
     client_id: getOrchToAuthExpectedClientId(),
     govuk_signin_journey_id: "QOFzoB3o-9gGplMgdT1dJfH4vaI",
     aud: getOrchToAuthExpectedAudience(),

src/components/authorize/types.ts

@@ -10,7 +10,6 @@ export interface StartAuthResponse extends DefaultApiResponse {
 export interface UserSessionInfo {
   upliftRequired: boolean;
   identityRequired: boolean;
-  consentRequired: boolean;
   authenticated: boolean;
   cookieConsent?: string;
   gaCrossDomainTrackingId?: string;

src/components/common/mfa/send-mfa-controller.ts

@@ -57,7 +57,6 @@ export function sendMfaGeneric(
         {
           isLatestTermsAndConditionsAccepted:
             req.session.user.isLatestTermsAndConditionsAccepted,
-          isConsentRequired: req.session.user.isConsentRequired,
           isIdentityRequired: req.session.user.isIdentityRequired,
         },
         sessionId

src/components/common/state-machine/state-machine.ts

@@ -63,7 +63,6 @@ const authStateMachine = createMachine(
     initial: PATH_NAMES.AUTHORIZE,
     context: {
       isLatestTermsAndConditionsAccepted: true,
-      isConsentRequired: false,
       requiresUplift: false,
       requiresTwoFactorAuth: false,
       isAuthenticated: false,
@@ -101,10 +100,6 @@ const authStateMachine = createMachine(
               cond: "requiresAuthAppUplift",
             },
             { target: [PATH_NAMES.UPLIFT_JOURNEY], cond: "requiresUplift" },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             {
               target: [PATH_NAMES.ENTER_EMAIL_SIGN_IN],
               cond: "isReauthenticationRequired",
@@ -232,10 +227,6 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.UPDATED_TERMS_AND_CONDITIONS],
               cond: "isLatestTermsAndConditionsAccepted",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.AUTH_CODE] },
           ],
         },
@@ -328,10 +319,6 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.PROVE_IDENTITY],
               cond: "isIdentityRequired",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.CREATE_ACCOUNT_SUCCESSFUL] },
           ],
         },
@@ -350,10 +337,6 @@ const authStateMachine = createMachine(
       [PATH_NAMES.CREATE_ACCOUNT_SUCCESSFUL]: {
         on: {
           [USER_JOURNEY_EVENTS.ACCOUNT_CREATED]: [
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.AUTH_CODE] },
           ],
         },
@@ -389,10 +372,6 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.UPDATED_TERMS_AND_CONDITIONS],
               cond: "isLatestTermsAndConditionsAccepted",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.AUTH_CODE] },
           ],
         },
@@ -417,10 +396,6 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.PROVE_IDENTITY],
               cond: "isIdentityRequired",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.AUTH_CODE] },
           ],
           [USER_JOURNEY_EVENTS.CHANGE_SECURITY_CODES_REQUESTED]: [
@@ -448,10 +423,6 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.PROVE_IDENTITY],
               cond: "isIdentityRequired",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.AUTH_CODE] },
           ],
         },
@@ -475,19 +446,10 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.PROVE_IDENTITY],
               cond: "isIdentityRequired",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.AUTH_CODE] },
           ],
         },
       },
-      [PATH_NAMES.SHARE_INFO]: {
-        on: {
-          [USER_JOURNEY_EVENTS.CONSENT_ACCEPTED]: [PATH_NAMES.AUTH_CODE],
-        },
-      },
       [PATH_NAMES.RESET_PASSWORD_REQUEST]: {
         on: {
           [USER_JOURNEY_EVENTS.PASSWORD_RESET_REQUESTED]: [
@@ -585,10 +547,6 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.UPDATED_TERMS_AND_CONDITIONS],
               cond: "isLatestTermsAndConditionsAccepted",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             {
               target: [PATH_NAMES.PROVE_IDENTITY],
               cond: "isIdentityRequired",
@@ -634,10 +592,6 @@ const authStateMachine = createMachine(
               target: [PATH_NAMES.UPDATED_TERMS_AND_CONDITIONS],
               cond: "isLatestTermsAndConditionsAccepted",
             },
-            {
-              target: [PATH_NAMES.SHARE_INFO],
-              cond: "isConsentRequired",
-            },
             { target: [PATH_NAMES.AUTH_CODE] },
           ],
         },
@@ -767,7 +721,6 @@ const authStateMachine = createMachine(
   },
   {
     guards: {
-      isConsentRequired: (context) => context.isConsentRequired === true,
       isLatestTermsAndConditionsAccepted: (context) =>
         context.isLatestTermsAndConditionsAccepted === false,
       requiresUplift: (context) =>

src/components/common/verify-code/verify-code-controller.ts

@@ -141,7 +141,6 @@ export function verifyCodePost(
         nextEvent,
         {
           isIdentityRequired: req.session.user.isIdentityRequired,
-          isConsentRequired: req.session.user.isConsentRequired,
           isLatestTermsAndConditionsAccepted:
             req.session.user.isLatestTermsAndConditionsAccepted,
           support2FABeforePasswordReset: support2FABeforePasswordReset(),

src/components/create-password/create-password-controller.ts

@@ -39,8 +39,6 @@ export function createPasswordPost(
       throw new BadRequestError(result.data.message, result.data.code);
     }
 
-    req.session.user.isConsentRequired = result.data.consentRequired;
-
     return res.redirect(
       await getNextPathAndUpdateJourney(
         req,

src/components/create-password/create-password-service.ts

@@ -5,8 +5,8 @@ import {
   http,
 } from "../../utils/http";
 import { API_ENDPOINTS } from "../../app.constants";
-import { CreatePasswordServiceInterface, SignUpResponse } from "./types";
-import { ApiResponseResult } from "../../types";
+import { CreatePasswordServiceInterface } from "./types";
+import { ApiResponseResult, DefaultApiResponse } from "../../types";
 import { Request } from "express";
 
 export function createPasswordService(
@@ -20,8 +20,8 @@ export function createPasswordService(
     sourceIp: string,
     persistentSessionId: string,
     req: Request
-  ): Promise<ApiResponseResult<SignUpResponse>> {
-    const response = await axios.client.post<SignUpResponse>(
+  ): Promise<ApiResponseResult<DefaultApiResponse>> {
+    const response = await axios.client.post<DefaultApiResponse>(
       API_ENDPOINTS.SIGNUP_USER,
       {
         email: emailAddress,
@@ -39,7 +39,7 @@ export function createPasswordService(
       )
     );
 
-    return createApiResponse<SignUpResponse>(response);
+    return createApiResponse<DefaultApiResponse>(response);
   };
 
   return {

src/components/create-password/tests/create-password-controller.test.ts

@@ -36,9 +36,6 @@ describe("create-password controller", () => {
       it("should redirect to get security codes when 2 factor is required", async () => {
         const fakeService: CreatePasswordServiceInterface = {
           signUpUser: sinon.fake.returns({
-            data: {
-              consentRequired: false,
-            },
             success: true,
           }),
         } as unknown as CreatePasswordServiceInterface;

src/components/create-password/types.ts

@@ -10,9 +10,5 @@ export interface CreatePasswordServiceInterface {
     sourceIp: string,
     persistentSessionId: string,
     req: Request
-  ) => Promise<ApiResponseResult<SignUpResponse>>;
-}
-
-export interface SignUpResponse extends DefaultApiResponse {
-  consentRequired: boolean;
+  ) => Promise<ApiResponseResult<DefaultApiResponse>>;
 }