Search in sources :

Example 6 with RequestIdentity

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.

the class AuthorisationHandlerTest method shouldReturnErrorWhenRequestObjectIsInvalid.

@ParameterizedTest
@MethodSource("expectedErrorObjects")
void shouldReturnErrorWhenRequestObjectIsInvalid(ErrorObject errorObject) {
    when(configService.isDocAppApiEnabled()).thenReturn(true);
    when(requestObjectService.validateRequestObject(any(AuthenticationRequest.class))).thenReturn(Optional.of(new AuthRequestError(errorObject, URI.create("http://localhost:8080"))));
    var event = new APIGatewayProxyRequestEvent();
    event.setQueryStringParameters(Map.of("client_id", "test-id", "redirect_uri", "http://localhost:8080", "scope", "openid", "response_type", "code", "request", new PlainJWT(new JWTClaimsSet.Builder().build()).serialize()));
    event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
    var response = makeHandlerRequest(event);
    var expectedURI = new AuthenticationErrorResponse(URI.create("http://localhost:8080"), errorObject, null, null).toURI().toString();
    assertThat(response, hasStatus(302));
    assertEquals(expectedURI, response.getHeaders().get(ResponseHeaders.LOCATION));
    verify(auditService).submitAuditEvent(AUTHORISATION_REQUEST_ERROR, AWS_REQUEST_ID, "", "", "", "", "123.123.123.123", "", PERSISTENT_SESSION_ID, pair("description", errorObject.getDescription()));
}
Also used : RequestIdentity(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity) PlainJWT(com.nimbusds.jwt.PlainJWT) ProxyRequestContext(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.ProxyRequestContext) AuthenticationErrorResponse(com.nimbusds.openid.connect.sdk.AuthenticationErrorResponse) AuthRequestError(uk.gov.di.authentication.oidc.entity.AuthRequestError) APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) MethodSource(org.junit.jupiter.params.provider.MethodSource)

Example 7 with RequestIdentity

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.

the class AuthorisationHandlerTest method shouldRedirectToLoginWhenUserHasNoExistingSession.

@Test
void shouldRedirectToLoginWhenUserHasNoExistingSession() {
    when(clientSessionService.generateClientSession(any(ClientSession.class))).thenReturn(CLIENT_SESSION_ID);
    Map<String, String> requestParams = buildRequestParams(null);
    APIGatewayProxyRequestEvent event = withRequestEvent(requestParams);
    event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
    APIGatewayProxyResponseEvent response = makeHandlerRequest(event);
    URI uri = URI.create(response.getHeaders().get(ResponseHeaders.LOCATION));
    assertThat(response, hasStatus(302));
    assertThat(uri.getQuery(), not(containsString("cookie_consent")));
    assertEquals(LOGIN_URL.getAuthority(), uri.getAuthority());
    assertTrue(response.getMultiValueHeaders().get(ResponseHeaders.SET_COOKIE).contains(EXPECTED_SESSION_COOKIE_STRING));
    assertTrue(response.getMultiValueHeaders().get(ResponseHeaders.SET_COOKIE).contains(EXPECTED_PERSISTENT_COOKIE_STRING));
    verify(sessionService).save(eq(session));
    inOrder.verify(auditService).submitAuditEvent(OidcAuditableEvent.AUTHORISATION_INITIATED, context.getAwsRequestId(), session.getSessionId(), CLIENT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PERSISTENT_SESSION_ID);
}
Also used : RequestIdentity(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity) ProxyRequestContext(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.ProxyRequestContext) APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) ClientSession(uk.gov.di.authentication.shared.entity.ClientSession) Matchers.containsString(org.hamcrest.Matchers.containsString) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) URI(java.net.URI) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Aggregations

APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)7 ProxyRequestContext (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.ProxyRequestContext)7 RequestIdentity (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity)7 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)6 Test (org.junit.jupiter.api.Test)5 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)3 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)3 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)2 PlainJWT (com.nimbusds.jwt.PlainJWT)2 AuthRequestError (uk.gov.di.authentication.oidc.entity.AuthRequestError)2 ClientSession (uk.gov.di.authentication.shared.entity.ClientSession)2 AuthenticationErrorResponse (com.nimbusds.openid.connect.sdk.AuthenticationErrorResponse)1 URI (java.net.URI)1 Matchers.containsString (org.hamcrest.Matchers.containsString)1 MethodSource (org.junit.jupiter.params.provider.MethodSource)1