use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-ipv-cri-uk-passport-back by alphagov.
the class IssueCredentialHandlerTest method shouldReturnErrorResponseWhenTokenIsMissingBearerPrefix.
@Test
void shouldReturnErrorResponseWhenTokenIsMissingBearerPrefix() throws JsonProcessingException {
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
Map<String, String> headers = Collections.singletonMap("Authorization", "11111111");
event.setHeaders(headers);
setRequestBodyAsPlainJWT(event);
APIGatewayProxyResponseEvent response = issueCredentialHandler.handleRequest(event, mockContext);
responseBody = objectMapper.readValue(response.getBody(), new TypeReference<>() {
});
assertEquals(BearerTokenError.INVALID_REQUEST.getHTTPStatusCode(), response.getStatusCode());
assertEquals(BearerTokenError.INVALID_REQUEST.getCode(), responseBody.get("error"));
assertEquals(BearerTokenError.INVALID_REQUEST.getDescription(), responseBody.get("error_description"));
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-ipv-cri-uk-passport-back by alphagov.
the class IssueCredentialHandlerTest method shouldReturnErrorResponseWhenInvalidAccessTokenProvided.
@Test
void shouldReturnErrorResponseWhenInvalidAccessTokenProvided() throws JsonProcessingException {
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
AccessToken accessToken = new BearerAccessToken();
Map<String, String> headers = Collections.singletonMap("Authorization", accessToken.toAuthorizationHeader());
event.setHeaders(headers);
setRequestBodyAsPlainJWT(event);
when(mockAccessTokenService.getResourceIdByAccessToken(anyString())).thenReturn(null);
APIGatewayProxyResponseEvent response = issueCredentialHandler.handleRequest(event, mockContext);
Map<String, Object> responseBody = objectMapper.readValue(response.getBody(), new TypeReference<>() {
});
assertEquals(403, response.getStatusCode());
assertEquals(OAuth2Error.ACCESS_DENIED.getCode(), responseBody.get("error"));
assertEquals(OAuth2Error.ACCESS_DENIED.appendDescription(" - The supplied access token was not found in the database").getDescription(), responseBody.get("error_description"));
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-ipv-cri-uk-passport-back by alphagov.
the class IssueCredentialHandlerTest method shouldReturn200OnSuccessfulDcsCredentialRequest.
@Test
void shouldReturn200OnSuccessfulDcsCredentialRequest() throws SqsException {
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
AccessToken accessToken = new BearerAccessToken();
Map<String, String> headers = Collections.singletonMap("Authorization", accessToken.toAuthorizationHeader());
event.setHeaders(headers);
setRequestBodyAsPlainJWT(event);
when(mockAccessTokenService.getResourceIdByAccessToken(anyString())).thenReturn(TEST_RESOURCE_ID);
when(mockDcsPassportCheckService.getDcsPassportCheck(anyString())).thenReturn(dcsCredential);
APIGatewayProxyResponseEvent response = issueCredentialHandler.handleRequest(event, mockContext);
verify(mockAuditService).sendAuditEvent(AuditEventTypes.PASSPORT_CREDENTIAL_ISSUED);
assertEquals(200, response.getStatusCode());
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-ipv-cri-uk-passport-back by alphagov.
the class JwtAuthorizationRequestHandlerTest method shouldReturn302WhenValidationFails.
@Test
void shouldReturn302WhenValidationFails() throws Exception {
when(jarValidator.validateRequestJwt(any(), anyString())).thenThrow(new JarValidationException(OAuth2Error.INVALID_REQUEST_OBJECT));
var event = new APIGatewayProxyRequestEvent();
Map<String, String> map = new HashMap<>();
map.put("client_id", "TEST");
event.setHeaders(map);
String badSignatureSignedJwt = signedJWT.serialize();
event.setBody(badSignatureSignedJwt.substring(0, badSignatureSignedJwt.length() - 4) + "nope");
var response = underTest.handleRequest(event, context);
ErrorObject errorResponse = createErrorObjectFromResponse(response.getBody());
assertEquals(302, response.getStatusCode());
assertEquals(OAuth2Error.INVALID_REQUEST_OBJECT.getCode(), errorResponse.getCode());
assertEquals(OAuth2Error.INVALID_REQUEST_OBJECT.getDescription(), errorResponse.getDescription());
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-ipv-cri-uk-passport-back by alphagov.
the class JwtAuthorizationRequestHandlerTest method shouldReturnClaimsAsJsonFromJWT.
@Test
void shouldReturnClaimsAsJsonFromJWT() throws Exception {
when(jarValidator.validateRequestJwt(any(), anyString())).thenReturn(signedJWT.getJWTClaimsSet());
var event = new APIGatewayProxyRequestEvent();
Map<String, String> map = new HashMap<>();
map.put("client_id", "TEST");
event.setHeaders(map);
event.setBody(signedJWT.serialize());
var response = underTest.handleRequest(event, context);
Map<String, Object> claims = OBJECT_MAPPER.readValue(response.getBody(), new TypeReference<>() {
});
AuthParams authParams = OBJECT_MAPPER.convertValue(claims.get("authParams"), new TypeReference<>() {
});
assertEquals("test-user-id", claims.get("user_id"));
assertEquals("code", authParams.getResponseType());
assertEquals("test-client", authParams.getClientId());
assertEquals("test-state", authParams.getState());
assertEquals("http://example.com", authParams.getRedirectUri());
Map<String, Object> sharedClaims = OBJECT_MAPPER.convertValue(claims.get("shared_claims"), new TypeReference<>() {
});
assertEquals(Arrays.asList("01/01/1980", "02/01/1980"), sharedClaims.get("dateOfBirths"));
assertEquals(Collections.singletonList("123 random street, M13 7GE"), sharedClaims.get("addresses"));
assertEquals(Arrays.asList("Daniel", "Dan", "Danny"), sharedClaims.get("givenNames"));
}
Aggregations