Search in sources :

Example 46 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class LogoutHandlerTest method shouldDeleteSessionAndRedirectToDefaultLogoutUriForValidLogoutRequestWithNoQueryParams.

@Test
public void shouldDeleteSessionAndRedirectToDefaultLogoutUriForValidLogoutRequestWithNoQueryParams() {
    when(dynamoClientService.getClient("client-id")).thenReturn(Optional.of(createClientRegistry()));
    when(tokenValidationService.isTokenSignatureValid(signedIDToken.serialize())).thenReturn(true);
    APIGatewayProxyRequestEvent event = generateRequestEvent(null);
    setupSessions();
    APIGatewayProxyResponseEvent response = handler.handleRequest(event, context);
    verifySessions();
    assertThat(response, hasStatus(302));
    assertThat(response.getHeaders().get(ResponseHeaders.LOCATION), equalTo(DEFAULT_LOGOUT_URI.toString()));
    verify(auditService).submitAuditEvent(OidcAuditableEvent.LOG_OUT_SUCCESS, "aws-session-id", SESSION_ID, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PERSISTENT_SESSION_ID);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 47 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class LogoutHandlerTest method shouldRedirectToDefaultLogoutUriWhenNoCookieExists.

@Test
public void shouldRedirectToDefaultLogoutUriWhenNoCookieExists() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setQueryStringParameters(Map.of("post_logout_redirect_uri", CLIENT_LOGOUT_URI.toString(), "state", STATE.toString()));
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent response = handler.handleRequest(event, context);
    assertThat(response, hasStatus(302));
    assertThat(response.getHeaders().get(ResponseHeaders.LOCATION), equalTo(DEFAULT_LOGOUT_URI + "?state=" + STATE));
    verify(sessionService, times(0)).deleteSessionFromRedis(SESSION_ID);
    verify(auditService).submitAuditEvent(OidcAuditableEvent.LOG_OUT_SUCCESS, "aws-session-id", AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 48 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class LogoutHandlerTest method generateRequestEvent.

private static APIGatewayProxyRequestEvent generateRequestEvent(Map<String, String> queryStringParameters) {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of(COOKIE, buildCookieString(CLIENT_SESSION_ID)));
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    if (queryStringParameters != null) {
        event.setQueryStringParameters(queryStringParameters);
    }
    return event;
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)

Example 49 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class LogoutHandlerTest method shouldRedirectToDefaultLogoutUriWithErrorMessageWhenLogoutUriInRequestDoesNotMatchClientRegistry.

@Test
public void shouldRedirectToDefaultLogoutUriWithErrorMessageWhenLogoutUriInRequestDoesNotMatchClientRegistry() throws URISyntaxException {
    when(tokenValidationService.isTokenSignatureValid(signedIDToken.serialize())).thenReturn(true);
    when(dynamoClientService.getClient("client-id")).thenReturn(Optional.of(createClientRegistry()));
    APIGatewayProxyRequestEvent event = generateRequestEvent(Map.of("id_token_hint", signedIDToken.serialize(), "post_logout_redirect_uri", "http://localhost/invalidlogout", "state", STATE.toString()));
    session.getClientSessions().add(CLIENT_SESSION_ID);
    setupClientSessionToken(signedIDToken);
    generateSessionFromCookie(session);
    APIGatewayProxyResponseEvent response = handler.handleRequest(event, context);
    assertThat(response, hasStatus(302));
    ErrorObject errorObject = new ErrorObject(OAuth2Error.INVALID_REQUEST_CODE, "client registry does not contain post_logout_redirect_uri");
    URIBuilder uriBuilder = new URIBuilder(DEFAULT_LOGOUT_URI);
    uriBuilder.addParameter("state", STATE.getValue());
    uriBuilder.addParameter("error_code", errorObject.getCode());
    uriBuilder.addParameter("error_description", errorObject.getDescription());
    URI expectedUri = uriBuilder.build();
    assertThat(response.getHeaders().get(ResponseHeaders.LOCATION), equalTo(expectedUri.toString()));
    verify(sessionService, times(1)).deleteSessionFromRedis(SESSION_ID);
    verify(auditService).submitAuditEvent(OidcAuditableEvent.LOG_OUT_SUCCESS, "aws-session-id", SESSION_ID, "client-id", AuditService.UNKNOWN, AuditService.UNKNOWN, "123.123.123.123", AuditService.UNKNOWN, PERSISTENT_SESSION_ID);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) ErrorObject(com.nimbusds.oauth2.sdk.ErrorObject) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) URI(java.net.URI) URIBuilder(org.apache.http.client.utils.URIBuilder) Test(org.junit.jupiter.api.Test)

Example 50 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class TokenHandlerTest method generateApiGatewayRequest.

private APIGatewayProxyResponseEvent generateApiGatewayRequest(PrivateKeyJWT privateKeyJWT, String authorisationCode, String redirectUri, String clientId, boolean clientIdInHeader) {
    Map<String, List<String>> customParams = new HashMap<>();
    customParams.put("grant_type", Collections.singletonList(GrantType.AUTHORIZATION_CODE.getValue()));
    if (clientIdInHeader) {
        customParams.put("client_id", Collections.singletonList(IGNORE_CLIENT_ID));
    }
    customParams.put("code", Collections.singletonList(authorisationCode));
    customParams.put("redirect_uri", Collections.singletonList(redirectUri));
    Map<String, List<String>> privateKeyParams = privateKeyJWT.toParameters();
    privateKeyParams.putAll(customParams);
    String requestParams = URLUtils.serializeParameters(privateKeyParams);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody(requestParams);
    return handler.handleRequest(event, context);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) Collections.singletonList(java.util.Collections.singletonList) List(java.util.List) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)

Aggregations

APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)239 Test (org.junit.jupiter.api.Test)217 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)182 HashMap (java.util.HashMap)70 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)37 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)33 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)29 NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17 URI (java.net.URI)15 Map (java.util.Map)15 UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)14 Context (com.amazonaws.services.lambda.runtime.Context)13 NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13 Subject (com.nimbusds.oauth2.sdk.id.Subject)12 Instant (java.time.Instant)11 Matchers.containsString (org.hamcrest.Matchers.containsString)11 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)10 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)10 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)8 JWSObject (com.nimbusds.jose.JWSObject)8