Privacy policy page html

src/main/java/gov/cabinetofice/gapuserservice/security/WebSecurityConfig.java

@@ -47,6 +47,7 @@ public WebSecurityCustomizer webSecurityCustomizer() {
                 "/login",
                 "/v2/redirect-after-login",
                 "/v2/login",
+                "/v2/privacy-policy",
                 "/is-user-logged-in",
                 "/redirect-after-cola-login",
                 "/error/**",

src/main/java/gov/cabinetofice/gapuserservice/web/LoginControllerV2.java

@@ -19,6 +19,7 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.servlet.view.RedirectView;
 import org.springframework.web.util.WebUtils;
+import org.springframework.web.servlet.ModelAndView;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -37,6 +38,8 @@ public class LoginControllerV2 {
     private final CustomJwtServiceImpl customJwtService;
     private final ApplicationConfigProperties configProperties;
 
+    public static final String PRIVACY_POLICY_PAGE_VIEW = "privacy-policy";
+
     @Value("${jwt.cookie-name}")
     public String userServiceCookieName;
 
@@ -103,6 +106,12 @@ public RedirectView redirectAfterLogin(final @CookieValue(name = REDIRECT_URL_CO
         return getRedirectView(user, redirectUrl);
     }
 
+    @GetMapping("/privacy-policy")
+    public ModelAndView showNoticePage() {
+        return new ModelAndView(PRIVACY_POLICY_PAGE_VIEW)
+                .addObject("loginUrl", oneLoginBaseUrl);
+    }
+
     private Cookie generateCustomJwtCookie(final OneLoginUserInfoDto userInfo) {
         final Map<String, String> claims = new HashMap<>();
         claims.put("email", userInfo.getEmail());

src/main/resources/templates/privacy-policy.html

@@ -0,0 +1,54 @@
+<!DOCTYPE html>
+<html lang="en" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <meta charset="UTF-8">
+
+
+    <link rel="stylesheet" th:href="@{/webjars/govuk-frontend/4.5.0/govuk-frontend.min.css}" />
+</head>
+
+<body class="govuk-template__body">
+<div th:replace="~{fragments/header :: header}"></div>
+
+<div class="govuk-width-container" >
+    <a th:href="${homePageUrl}" class="govuk-back-link">Back</a>
+
+    <main class="govuk-main-wrapper" id="main-content" role="main">
+        <div class="govuk-grid-row">
+            <div class="govuk-grid-column-two-thirds">
+                <h1 class="govuk-heading-l">Do you accept our privacy policy?</h1>
+                <p class="govuk-body">
+                    Before you can continue, you need to read and agree to the
+                    <a href="https://www.find-government-grants.service.gov.uk/info/privacy" target="_blank">
+                        Find a grant privacy policy (opens in a new tab)</a>
+                </p>
+                <p>
+                <div class="govuk-checkboxes" data-module="govuk-checkboxes">
+                    <div class="govuk-checkboxes__item">
+                        <input type="checkbox"
+                               th:id="privacyPolicy"
+                               th:name="privacyPolicy"
+                               th:checked="*{privacyPolicy == 'yes'}"
+                               th:value="yes"
+                               class="govuk-checkboxes__input"
+                        />
+
+                        <label class="govuk-label govuk-checkboxes__label" th:for="privacyPolicy">
+                            Yes, I have read and agree to the Find a grant privacy policy
+                        </label>
+                    </div>
+                </div>
+                </p>
+
+
+                <a th:href="${loginUrl}" role="button" draggable="false" class="govuk-button" data-module="govuk-button">
+                    Continue
+                </a>
+            </div>
+        </div>
+    </main>
+</div>
+
+<div th:replace="~{fragments/footer :: footer}"></div>
+</body>
+</html>