diff --git a/app/service_invite/rest.py b/app/service_invite/rest.py index da7fe5794..333c5dbac 100644 --- a/app/service_invite/rest.py +++ b/app/service_invite/rest.py @@ -1,3 +1,4 @@ +import base64 import json import os from datetime import datetime @@ -48,9 +49,28 @@ def _create_service_invite(invited_user, invite_link_host): current_app.config["SECRET_KEY"], current_app.config["DANGEROUS_SALT"], ) + + # The raw permissions are in the form "a,b,c,d" + # but need to be in the form ["a", "b", "c", "d"] + data = {} + permissions = invited_user.permissions + permissions = permissions.split(",") + permission_list = [] + for permission in permissions: + permission_list.append(f"{permission}") + data["from_user_id"] = (str(invited_user.from_user.id),) + data["service_id"] = str(invited_user.service.id) + data["permissions"] = permission_list + data["folder_permissions"] = invited_user.folder_permissions + data["invited_user_id"] = str(invited_user.id) + data["invited_user_email"] = invited_user.email_address + url = os.environ["LOGIN_DOT_GOV_REGISTRATION_URL"] url = url.replace("NONCE", token) - url = url.replace("STATE", token) + + user_data_url_safe = get_user_data_url_safe(data) + + url = url.replace("STATE", user_data_url_safe) personalisation = { "user_name": invited_user.from_user.name, @@ -75,32 +95,6 @@ def _create_service_invite(invited_user, invite_link_host): json.dumps(personalisation), ex=1800, ) - # The raw permissions are in the form "a,b,c,d" - # but need to be in the form ["a", "b", "c", "d"] - data = {} - permissions = invited_user.permissions - permissions = permissions.split(",") - permission_list = [] - for permission in permissions: - permission_list.append(f"{permission}") - data["from_user_id"] = (str(invited_user.from_user.id),) - data["service_id"] = str(invited_user.service.id) - data["permissions"] = permission_list - data["folder_permissions"] = invited_user.folder_permissions - - # This is for the login.gov service invite on the - # "Set Up Your Profile" path. - redis_key = f"service-invite-{invited_user.email_address}" - redis_store.raw_set( - redis_key, - json.dumps(data), - ex=3600 * 24, - ) - # TODO REMOVE DEBUG - print(hilite(f"Save this data {data} with this redis_key {redis_key}")) - did_we_save_it = redis_store.raw_get(redis_key) - print(hilite(f"Did we save the data successfully? {did_we_save_it}")) - # END DEBUG send_notification_to_queue(saved_notification, queue=QueueNames.NOTIFY) @@ -225,12 +219,7 @@ def validate_service_invitation_token(token): return jsonify(data=invited_user_schema.dump(invited_user)), 200 -@service_invite.route("/service/invite/redis/", methods=["GET"]) -def get_service_invite_data(redis_key): - service_invite_data = redis_store.raw_get(redis_key) - # We can't log this because key may contain PII (email address) - if service_invite_data is None: - raise Exception("No service invite data") - else: - service_invite_data = service_invite_data.decode("utf8") - return jsonify(service_invite_data), 200 +def get_user_data_url_safe(data): + data = json.dumps(data) + data = base64.b64encode(data.encode("utf8")) + return data.decode("utf8")