Search in sources :

Example 51 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class TokenHandlerTest method generateApiGatewayRefreshRequest.

private APIGatewayProxyResponseEvent generateApiGatewayRefreshRequest(PrivateKeyJWT privateKeyJWT, String refreshToken, String clientId) {
    Map<String, List<String>> customParams = new HashMap<>();
    customParams.put("grant_type", Collections.singletonList(GrantType.REFRESH_TOKEN.getValue()));
    if (clientId != null) {
        customParams.put("client_id", Collections.singletonList(clientId));
    }
    customParams.put("refresh_token", Collections.singletonList(refreshToken));
    Map<String, List<String>> privateKeyParams = privateKeyJWT.toParameters();
    privateKeyParams.putAll(customParams);
    String requestParams = URLUtils.serializeParameters(privateKeyParams);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody(requestParams);
    return handler.handleRequest(event, context);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) Collections.singletonList(java.util.Collections.singletonList) List(java.util.List) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)

Example 52 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class WellknownHandlerTest method shouldReturn200WhenRequestIsSuccessful.

@Test
void shouldReturn200WhenRequestIsSuccessful() throws ParseException {
    when(configService.getOidcApiBaseURL()).thenReturn(Optional.of("http://localhost:8080"));
    handler = new WellknownHandler(configService);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    URI expectedRegistrationURI = URI.create("http://localhost:8080/connect/register");
    String expectedIdentityURI = "http://localhost:8080/identity";
    String expectedTrustMarkURI = "http://localhost:8080/trustmark";
    assertThat(result, hasStatus(200));
    assertThat(OIDCProviderMetadata.parse(result.getBody()).getGrantTypes(), equalTo(List.of(GrantType.AUTHORIZATION_CODE)));
    assertThat(OIDCProviderMetadata.parse(result.getBody()).getClaimTypes(), equalTo(List.of(ClaimType.NORMAL)));
    assertThat(OIDCProviderMetadata.parse(result.getBody()).getRegistrationEndpointURI(), equalTo(expectedRegistrationURI));
    assertThat(OIDCProviderMetadata.parse(result.getBody()).supportsBackChannelLogout(), equalTo(true));
    assertThat(OIDCProviderMetadata.parse(result.getBody()).getCustomParameters().get("trustmarks"), equalTo(expectedTrustMarkURI));
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) URI(java.net.URI) Test(org.junit.jupiter.api.Test)

Example 53 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class ResetPasswordRequestHandlerTest method shouldReturn200AndPutMessageOnQueueForAValidCodeFlowRequest.

@Test
void shouldReturn200AndPutMessageOnQueueForAValidCodeFlowRequest() throws Json.JsonException {
    String persistentId = "some-persistent-id-value";
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
    headers.put("Session-Id", session.getSessionId());
    Subject subject = new Subject("subject_1");
    when(authenticationService.getSubjectFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(subject);
    NotifyRequest notifyRequest = new NotifyRequest(TEST_EMAIL_ADDRESS, RESET_PASSWORD_WITH_CODE, TEST_SIX_DIGIT_CODE);
    String serialisedRequest = objectMapper.writeValueAsString(notifyRequest);
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    event.setHeaders(headers);
    event.setBody(format("{ \"email\": \"%s\", \"useCodeFlow\": true }", TEST_EMAIL_ADDRESS));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(204, result.getStatusCode());
    verify(awsSqsClient).send(argThat(containsJsonString(serialisedRequest)));
    verify(codeStorageService).saveOtpCode(TEST_EMAIL_ADDRESS, TEST_SIX_DIGIT_CODE, CODE_EXPIRY_TIME, RESET_PASSWORD_WITH_CODE);
    verify(sessionService).save(argThat(this::isSessionWithEmailSent));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.PASSWORD_RESET_REQUESTED, context.getAwsRequestId(), session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, persistentId);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) JsonArgumentMatcher.containsJsonString(uk.gov.di.authentication.sharedtest.matchers.JsonArgumentMatcher.containsJsonString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) NotifyRequest(uk.gov.di.authentication.shared.entity.NotifyRequest) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Subject(com.nimbusds.oauth2.sdk.id.Subject) Test(org.junit.jupiter.api.Test)

Example 54 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class ResetPasswordRequestHandlerTest method shouldReturn400IfUserHasExceededPasswordResetCount.

@Test
public void shouldReturn400IfUserHasExceededPasswordResetCount() {
    Subject subject = new Subject("subject_1");
    String sessionId = "1233455677";
    when(authenticationService.getSubjectFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(subject);
    when(configurationService.getBlockedEmailDuration()).thenReturn(BLOCKED_EMAIL_DURATION);
    Session session = mock(Session.class);
    when(session.getEmailAddress()).thenReturn(TEST_EMAIL_ADDRESS);
    when(session.getSessionId()).thenReturn(sessionId);
    when(session.validateSession(TEST_EMAIL_ADDRESS)).thenReturn(true);
    when(session.getPasswordResetCount()).thenReturn(5);
    when(sessionService.getSessionFromRequestHeaders(anyMap())).thenReturn(Optional.of(session));
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", sessionId));
    event.setBody(format("{ \"email\": \"%s\" }", TEST_EMAIL_ADDRESS));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(400, result.getStatusCode());
    verify(codeStorageService).saveBlockedForEmail(TEST_EMAIL_ADDRESS, PASSWORD_RESET_BLOCKED_KEY_PREFIX, BLOCKED_EMAIL_DURATION);
    verify(session).resetPasswordResetCount();
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1022));
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) JsonArgumentMatcher.containsJsonString(uk.gov.di.authentication.sharedtest.matchers.JsonArgumentMatcher.containsJsonString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Subject(com.nimbusds.oauth2.sdk.id.Subject) Session(uk.gov.di.authentication.shared.entity.Session) Test(org.junit.jupiter.api.Test)

Example 55 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class ResetPasswordRequestHandlerTest method shouldReturn400IfRequestIsMissingEmail.

@Test
public void shouldReturn400IfRequestIsMissingEmail() {
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setBody("{ }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(400, result.getStatusCode());
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1001));
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Aggregations

APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)239 Test (org.junit.jupiter.api.Test)217 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)182 HashMap (java.util.HashMap)70 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)37 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)33 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)29 NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17 URI (java.net.URI)15 Map (java.util.Map)15 UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)14 Context (com.amazonaws.services.lambda.runtime.Context)13 NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13 Subject (com.nimbusds.oauth2.sdk.id.Subject)12 Instant (java.time.Instant)11 Matchers.containsString (org.hamcrest.Matchers.containsString)11 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)10 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)10 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)8 JWSObject (com.nimbusds.jose.JWSObject)8