Example 51 with APIGatewayProxyRequestEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class TokenHandlerTest method generateApiGatewayRefreshRequest.
private APIGatewayProxyResponseEvent generateApiGatewayRefreshRequest(PrivateKeyJWT privateKeyJWT, String refreshToken, String clientId) {
Map<String, List<String>> customParams = new HashMap<>();
customParams.put("grant_type", Collections.singletonList(GrantType.REFRESH_TOKEN.getValue()));
if (clientId != null) {
customParams.put("client_id", Collections.singletonList(clientId));
}
customParams.put("refresh_token", Collections.singletonList(refreshToken));
Map<String, List<String>> privateKeyParams = privateKeyJWT.toParameters();
privateKeyParams.putAll(customParams);
String requestParams = URLUtils.serializeParameters(privateKeyParams);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody(requestParams);
return handler.handleRequest(event, context);
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
HashMap(java.util.HashMap)
Collections.singletonList(java.util.Collections.singletonList)
List(java.util.List)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Example 52 with APIGatewayProxyRequestEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class WellknownHandlerTest method shouldReturn200WhenRequestIsSuccessful.
@Test
void shouldReturn200WhenRequestIsSuccessful() throws ParseException {
when(configService.getOidcApiBaseURL()).thenReturn(Optional.of("http://localhost:8080"));
handler = new WellknownHandler(configService);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
URI expectedRegistrationURI = URI.create("http://localhost:8080/connect/register");
String expectedIdentityURI = "http://localhost:8080/identity";
String expectedTrustMarkURI = "http://localhost:8080/trustmark";
assertThat(result, hasStatus(200));
assertThat(OIDCProviderMetadata.parse(result.getBody()).getGrantTypes(), equalTo(List.of(GrantType.AUTHORIZATION_CODE)));
assertThat(OIDCProviderMetadata.parse(result.getBody()).getClaimTypes(), equalTo(List.of(ClaimType.NORMAL)));
assertThat(OIDCProviderMetadata.parse(result.getBody()).getRegistrationEndpointURI(), equalTo(expectedRegistrationURI));
assertThat(OIDCProviderMetadata.parse(result.getBody()).supportsBackChannelLogout(), equalTo(true));
assertThat(OIDCProviderMetadata.parse(result.getBody()).getCustomParameters().get("trustmarks"), equalTo(expectedTrustMarkURI));
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
URI(java.net.URI)
Test(org.junit.jupiter.api.Test)
Example 53 with APIGatewayProxyRequestEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class ResetPasswordRequestHandlerTest method shouldReturn200AndPutMessageOnQueueForAValidCodeFlowRequest.
@Test
void shouldReturn200AndPutMessageOnQueueForAValidCodeFlowRequest() throws Json.JsonException {
String persistentId = "some-persistent-id-value";
Map<String, String> headers = new HashMap<>();
headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
headers.put("Session-Id", session.getSessionId());
Subject subject = new Subject("subject_1");
when(authenticationService.getSubjectFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(subject);
NotifyRequest notifyRequest = new NotifyRequest(TEST_EMAIL_ADDRESS, RESET_PASSWORD_WITH_CODE, TEST_SIX_DIGIT_CODE);
String serialisedRequest = objectMapper.writeValueAsString(notifyRequest);
usingValidSession();
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
event.setHeaders(headers);
event.setBody(format("{ \"email\": \"%s\", \"useCodeFlow\": true }", TEST_EMAIL_ADDRESS));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(204, result.getStatusCode());
verify(awsSqsClient).send(argThat(containsJsonString(serialisedRequest)));
verify(codeStorageService).saveOtpCode(TEST_EMAIL_ADDRESS, TEST_SIX_DIGIT_CODE, CODE_EXPIRY_TIME, RESET_PASSWORD_WITH_CODE);
verify(sessionService).save(argThat(this::isSessionWithEmailSent));
verify(auditService).submitAuditEvent(FrontendAuditableEvent.PASSWORD_RESET_REQUESTED, context.getAwsRequestId(), session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, persistentId);
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
HashMap(java.util.HashMap)
JsonArgumentMatcher.containsJsonString(uk.gov.di.authentication.sharedtest.matchers.JsonArgumentMatcher.containsJsonString)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
NotifyRequest(uk.gov.di.authentication.shared.entity.NotifyRequest)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Test(org.junit.jupiter.api.Test)
Example 54 with APIGatewayProxyRequestEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class ResetPasswordRequestHandlerTest method shouldReturn400IfUserHasExceededPasswordResetCount.
@Test
public void shouldReturn400IfUserHasExceededPasswordResetCount() {
Subject subject = new Subject("subject_1");
String sessionId = "1233455677";
when(authenticationService.getSubjectFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(subject);
when(configurationService.getBlockedEmailDuration()).thenReturn(BLOCKED_EMAIL_DURATION);
Session session = mock(Session.class);
when(session.getEmailAddress()).thenReturn(TEST_EMAIL_ADDRESS);
when(session.getSessionId()).thenReturn(sessionId);
when(session.validateSession(TEST_EMAIL_ADDRESS)).thenReturn(true);
when(session.getPasswordResetCount()).thenReturn(5);
when(sessionService.getSessionFromRequestHeaders(anyMap())).thenReturn(Optional.of(session));
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(Map.of("Session-Id", sessionId));
event.setBody(format("{ \"email\": \"%s\" }", TEST_EMAIL_ADDRESS));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(400, result.getStatusCode());
verify(codeStorageService).saveBlockedForEmail(TEST_EMAIL_ADDRESS, PASSWORD_RESET_BLOCKED_KEY_PREFIX, BLOCKED_EMAIL_DURATION);
verify(session).resetPasswordResetCount();
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1022));
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
JsonArgumentMatcher.containsJsonString(uk.gov.di.authentication.sharedtest.matchers.JsonArgumentMatcher.containsJsonString)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Session(uk.gov.di.authentication.shared.entity.Session)
Test(org.junit.jupiter.api.Test)
Example 55 with APIGatewayProxyRequestEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class ResetPasswordRequestHandlerTest method shouldReturn400IfRequestIsMissingEmail.
@Test
public void shouldReturn400IfRequestIsMissingEmail() {
usingValidSession();
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(Map.of("Session-Id", session.getSessionId()));
event.setBody("{ }");
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(400, result.getStatusCode());
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1001));
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Test(org.junit.jupiter.api.Test)
Aggregations
APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)239
Test (org.junit.jupiter.api.Test)217
APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)182
HashMap (java.util.HashMap)70
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)37
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)33
ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)29
NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17
URI (java.net.URI)15
Map (java.util.Map)15
UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)14
Context (com.amazonaws.services.lambda.runtime.Context)13
NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13
Subject (com.nimbusds.oauth2.sdk.id.Subject)12
Instant (java.time.Instant)11
Matchers.containsString (org.hamcrest.Matchers.containsString)11
ClientID (com.nimbusds.oauth2.sdk.id.ClientID)10
AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)10
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)8
JWSObject (com.nimbusds.jose.JWSObject)8
