Example 6 with RequestIdentity
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.
the class AuthorisationHandlerTest method shouldReturnErrorWhenRequestObjectIsInvalid.
@ParameterizedTest
@MethodSource("expectedErrorObjects")
void shouldReturnErrorWhenRequestObjectIsInvalid(ErrorObject errorObject) {
when(configService.isDocAppApiEnabled()).thenReturn(true);
when(requestObjectService.validateRequestObject(any(AuthenticationRequest.class))).thenReturn(Optional.of(new AuthRequestError(errorObject, URI.create("http://localhost:8080"))));
var event = new APIGatewayProxyRequestEvent();
event.setQueryStringParameters(Map.of("client_id", "test-id", "redirect_uri", "http://localhost:8080", "scope", "openid", "response_type", "code", "request", new PlainJWT(new JWTClaimsSet.Builder().build()).serialize()));
event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
var response = makeHandlerRequest(event);
var expectedURI = new AuthenticationErrorResponse(URI.create("http://localhost:8080"), errorObject, null, null).toURI().toString();
assertThat(response, hasStatus(302));
assertEquals(expectedURI, response.getHeaders().get(ResponseHeaders.LOCATION));
verify(auditService).submitAuditEvent(AUTHORISATION_REQUEST_ERROR, AWS_REQUEST_ID, "", "", "", "", "123.123.123.123", "", PERSISTENT_SESSION_ID, pair("description", errorObject.getDescription()));
}
Also used :
RequestIdentity(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity)
PlainJWT(com.nimbusds.jwt.PlainJWT)
ProxyRequestContext(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.ProxyRequestContext)
AuthenticationErrorResponse(com.nimbusds.openid.connect.sdk.AuthenticationErrorResponse)
AuthRequestError(uk.gov.di.authentication.oidc.entity.AuthRequestError)
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Example 7 with RequestIdentity
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity in project di-authentication-api by alphagov.
the class AuthorisationHandlerTest method shouldRedirectToLoginWhenUserHasNoExistingSession.
@Test
void shouldRedirectToLoginWhenUserHasNoExistingSession() {
when(clientSessionService.generateClientSession(any(ClientSession.class))).thenReturn(CLIENT_SESSION_ID);
Map<String, String> requestParams = buildRequestParams(null);
APIGatewayProxyRequestEvent event = withRequestEvent(requestParams);
event.setRequestContext(new ProxyRequestContext().withIdentity(new RequestIdentity().withSourceIp("123.123.123.123")));
APIGatewayProxyResponseEvent response = makeHandlerRequest(event);
URI uri = URI.create(response.getHeaders().get(ResponseHeaders.LOCATION));
assertThat(response, hasStatus(302));
assertThat(uri.getQuery(), not(containsString("cookie_consent")));
assertEquals(LOGIN_URL.getAuthority(), uri.getAuthority());
assertTrue(response.getMultiValueHeaders().get(ResponseHeaders.SET_COOKIE).contains(EXPECTED_SESSION_COOKIE_STRING));
assertTrue(response.getMultiValueHeaders().get(ResponseHeaders.SET_COOKIE).contains(EXPECTED_PERSISTENT_COOKIE_STRING));
verify(sessionService).save(eq(session));
inOrder.verify(auditService).submitAuditEvent(OidcAuditableEvent.AUTHORISATION_INITIATED, context.getAwsRequestId(), session.getSessionId(), CLIENT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PERSISTENT_SESSION_ID);
}
Also used :
RequestIdentity(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity)
ProxyRequestContext(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.ProxyRequestContext)
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
ClientSession(uk.gov.di.authentication.shared.entity.ClientSession)
Matchers.containsString(org.hamcrest.Matchers.containsString)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
URI(java.net.URI)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Aggregations
APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)7
ProxyRequestContext (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.ProxyRequestContext)7
RequestIdentity (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent.RequestIdentity)7
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)6
Test (org.junit.jupiter.api.Test)5
APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)3
AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)3
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)2
PlainJWT (com.nimbusds.jwt.PlainJWT)2
AuthRequestError (uk.gov.di.authentication.oidc.entity.AuthRequestError)2
ClientSession (uk.gov.di.authentication.shared.entity.ClientSession)2
AuthenticationErrorResponse (com.nimbusds.openid.connect.sdk.AuthenticationErrorResponse)1
URI (java.net.URI)1
Matchers.containsString (org.hamcrest.Matchers.containsString)1
MethodSource (org.junit.jupiter.params.provider.MethodSource)1
