Examples with RequestIdentity com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity used on opensource projects

Example 1 with RequestIdentity

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.

the class AuthorisationHandlerTest method shouldReturn400WhenAuthorisationRequestCannotBeParsed.

@Test
void shouldReturn400WhenAuthorisationRequestCannotBeParsed() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setQueryStringParameters(Map.of("client_id", CLIENT_ID.getValue(), "redirect_uri", REDIRECT_URI, "scope", SCOPE, "invalid_parameter", "nonsense", "state", STATE.getValue()));
    event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
    APIGatewayProxyResponseEvent response = makeHandlerRequest(event);
    assertThat(response, hasStatus(302));
    assertEquals("https://localhost:8080?error=invalid_request&error_description=Invalid+request%3A+Missing+response_type+parameter&state=" + STATE.getValue(), response.getHeaders().get(ResponseHeaders.LOCATION));
    verify(auditService).submitAuditEvent(AUTHORISATION_REQUEST_ERROR, AWS_REQUEST_ID, "", "", "", "", "123.123.123.123", "", PERSISTENT_SESSION_ID, pair("description", "Invalid request: Missing response_type parameter"));
}

Example 2 with RequestIdentity

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.

the class AuthorisationHandlerTest method shouldRedirectToLoginWhenRequestObjectIsValid.

@Test
void shouldRedirectToLoginWhenRequestObjectIsValid() {
    when(configService.isDocAppApiEnabled()).thenReturn(true);
    when(requestObjectService.validateRequestObject(any(AuthenticationRequest.class))).thenReturn(Optional.empty());
    when(clientSessionService.generateClientSession(any(ClientSession.class))).thenReturn(CLIENT_SESSION_ID);
    var event = new APIGatewayProxyRequestEvent();
    event.setQueryStringParameters(Map.of("client_id", "test-id", "redirect_uri", "http://localhost:8080", "scope", "openid", "response_type", "code", "request", new PlainJWT(new JWTClaimsSet.Builder().build()).serialize()));
    event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
    var response = makeHandlerRequest(event);
    assertThat(response, hasStatus(302));
    var uri = URI.create(response.getHeaders().get(ResponseHeaders.LOCATION));
    assertEquals(LOGIN_URL.getAuthority(), uri.getAuthority());
    assertTrue(response.getMultiValueHeaders().get(ResponseHeaders.SET_COOKIE).contains(EXPECTED_SESSION_COOKIE_STRING));
    assertTrue(response.getMultiValueHeaders().get(ResponseHeaders.SET_COOKIE).contains(EXPECTED_PERSISTENT_COOKIE_STRING));
    verify(sessionService).save(session);
    inOrder.verify(auditService).submitAuditEvent(OidcAuditableEvent.AUTHORISATION_INITIATED, context.getAwsRequestId(), session.getSessionId(), CLIENT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PERSISTENT_SESSION_ID);
}

Example 3 with RequestIdentity

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.

the class AuthorisationHandlerTest method withRequestEvent.

private APIGatewayProxyRequestEvent withRequestEvent(Map<String, String> requestParams) {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setQueryStringParameters(requestParams);
    event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
    return event;
}

Example 4 with RequestIdentity

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.

the class AuthorisationHandlerTest method shouldReturn400WhenAuthorisationRequestContainsInvalidScope.

@Test
void shouldReturn400WhenAuthorisationRequestContainsInvalidScope() {
    when(authorizationService.validateAuthRequest(any(AuthenticationRequest.class))).thenReturn(Optional.of(new AuthRequestError(OAuth2Error.INVALID_SCOPE, URI.create("http://localhost:8080"))));
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setQueryStringParameters(Map.of("client_id", "test-id", "redirect_uri", "http://localhost:8080", "scope", "email,openid,profile,non-existent-scope", "response_type", "code"));
    event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
    APIGatewayProxyResponseEvent response = makeHandlerRequest(event);
    assertThat(response, hasStatus(302));
    assertEquals("http://localhost:8080?error=invalid_scope&error_description=Invalid%2C+unknown+or+malformed+scope", response.getHeaders().get(ResponseHeaders.LOCATION));
    verify(auditService).submitAuditEvent(AUTHORISATION_REQUEST_ERROR, AWS_REQUEST_ID, "", "", "", "", "123.123.123.123", "", PERSISTENT_SESSION_ID, pair("description", OAuth2Error.INVALID_SCOPE.getDescription()));
}

Example 5 with RequestIdentity

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.

the class AuthorisationHandlerTest method shouldThrowExceptionWhenNoQueryStringParametersArePresent.

@Test
void shouldThrowExceptionWhenNoQueryStringParametersArePresent() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
    RuntimeException expectedException = assertThrows(RuntimeException.class, () -> makeHandlerRequest(event), "Expected to throw AccessTokenException");
    assertThat(expectedException.getMessage(), equalTo("No query string parameters are present in the Authentication request"));
}