use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class LogoutHandlerTest method shouldDeleteSessionAndRedirectToDefaultLogoutUriForValidLogoutRequestWithNoQueryParams.
@Test
public void shouldDeleteSessionAndRedirectToDefaultLogoutUriForValidLogoutRequestWithNoQueryParams() {
when(dynamoClientService.getClient("client-id")).thenReturn(Optional.of(createClientRegistry()));
when(tokenValidationService.isTokenSignatureValid(signedIDToken.serialize())).thenReturn(true);
APIGatewayProxyRequestEvent event = generateRequestEvent(null);
setupSessions();
APIGatewayProxyResponseEvent response = handler.handleRequest(event, context);
verifySessions();
assertThat(response, hasStatus(302));
assertThat(response.getHeaders().get(ResponseHeaders.LOCATION), equalTo(DEFAULT_LOGOUT_URI.toString()));
verify(auditService).submitAuditEvent(OidcAuditableEvent.LOG_OUT_SUCCESS, "aws-session-id", SESSION_ID, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PERSISTENT_SESSION_ID);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class LogoutHandlerTest method shouldRedirectToDefaultLogoutUriWhenNoCookieExists.
@Test
public void shouldRedirectToDefaultLogoutUriWhenNoCookieExists() {
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setQueryStringParameters(Map.of("post_logout_redirect_uri", CLIENT_LOGOUT_URI.toString(), "state", STATE.toString()));
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
APIGatewayProxyResponseEvent response = handler.handleRequest(event, context);
assertThat(response, hasStatus(302));
assertThat(response.getHeaders().get(ResponseHeaders.LOCATION), equalTo(DEFAULT_LOGOUT_URI + "?state=" + STATE));
verify(sessionService, times(0)).deleteSessionFromRedis(SESSION_ID);
verify(auditService).submitAuditEvent(OidcAuditableEvent.LOG_OUT_SUCCESS, "aws-session-id", AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class LogoutHandlerTest method generateRequestEvent.
private static APIGatewayProxyRequestEvent generateRequestEvent(Map<String, String> queryStringParameters) {
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(Map.of(COOKIE, buildCookieString(CLIENT_SESSION_ID)));
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
if (queryStringParameters != null) {
event.setQueryStringParameters(queryStringParameters);
}
return event;
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class LogoutHandlerTest method shouldRedirectToDefaultLogoutUriWithErrorMessageWhenLogoutUriInRequestDoesNotMatchClientRegistry.
@Test
public void shouldRedirectToDefaultLogoutUriWithErrorMessageWhenLogoutUriInRequestDoesNotMatchClientRegistry() throws URISyntaxException {
when(tokenValidationService.isTokenSignatureValid(signedIDToken.serialize())).thenReturn(true);
when(dynamoClientService.getClient("client-id")).thenReturn(Optional.of(createClientRegistry()));
APIGatewayProxyRequestEvent event = generateRequestEvent(Map.of("id_token_hint", signedIDToken.serialize(), "post_logout_redirect_uri", "http://localhost/invalidlogout", "state", STATE.toString()));
session.getClientSessions().add(CLIENT_SESSION_ID);
setupClientSessionToken(signedIDToken);
generateSessionFromCookie(session);
APIGatewayProxyResponseEvent response = handler.handleRequest(event, context);
assertThat(response, hasStatus(302));
ErrorObject errorObject = new ErrorObject(OAuth2Error.INVALID_REQUEST_CODE, "client registry does not contain post_logout_redirect_uri");
URIBuilder uriBuilder = new URIBuilder(DEFAULT_LOGOUT_URI);
uriBuilder.addParameter("state", STATE.getValue());
uriBuilder.addParameter("error_code", errorObject.getCode());
uriBuilder.addParameter("error_description", errorObject.getDescription());
URI expectedUri = uriBuilder.build();
assertThat(response.getHeaders().get(ResponseHeaders.LOCATION), equalTo(expectedUri.toString()));
verify(sessionService, times(1)).deleteSessionFromRedis(SESSION_ID);
verify(auditService).submitAuditEvent(OidcAuditableEvent.LOG_OUT_SUCCESS, "aws-session-id", SESSION_ID, "client-id", AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PERSISTENT_SESSION_ID);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class TokenHandlerTest method generateApiGatewayRequest.
private APIGatewayProxyResponseEvent generateApiGatewayRequest(PrivateKeyJWT privateKeyJWT, String authorisationCode, String redirectUri, String clientId, boolean clientIdInHeader) {
Map<String, List<String>> customParams = new HashMap<>();
customParams.put("grant_type", Collections.singletonList(GrantType.AUTHORIZATION_CODE.getValue()));
if (clientIdInHeader) {
customParams.put("client_id", Collections.singletonList(IGNORE_CLIENT_ID));
}
customParams.put("code", Collections.singletonList(authorisationCode));
customParams.put("redirect_uri", Collections.singletonList(redirectUri));
Map<String, List<String>> privateKeyParams = privateKeyJWT.toParameters();
privateKeyParams.putAll(customParams);
String requestParams = URLUtils.serializeParameters(privateKeyParams);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody(requestParams);
return handler.handleRequest(event, context);
}
Aggregations