Examples with APIGatewayProxyRequestEvent com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent used on opensource projects

Example 66 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class SignUpHandlerTest method shouldReturn400IfUserAlreadyExists.

@Test
void shouldReturn400IfUserAlreadyExists() {
    when(authenticationService.userExists(eq("joe.bloggs@test.com"))).thenReturn(true);
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    event.setHeaders(Map.of("Session-Id", "a-session-id"));
    event.setBody("{ \"password\": \"computer-1\", \"email\": \"joe.bloggs@test.com\" }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1009));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.CREATE_ACCOUNT_EMAIL_ALREADY_EXISTS, context.getAwsRequestId(), session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, "joe.bloggs@test.com", "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}

Example 67 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class SignUpHandlerTest method shouldReturn400IfSessionIdMissing.

@Test
void shouldReturn400IfSessionIdMissing() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody("{ \"password\": \"computer-1\", \"email\": \"joe.bloggs@test.com\" }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1000));
    verifyNoInteractions(auditService);
}

Example 68 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class SignUpHandlerTest method shouldReturn400IfPasswordFailsValidation.

@Test
void shouldReturn400IfPasswordFailsValidation() {
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setBody("{ \"password\": \"computer\", \"email\": \"joe.bloggs@test.com\" }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1007));
    verifyNoInteractions(auditService);
}

Example 69 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class StartHandlerTest method shouldReturn400WhenBuildClientStartInfoThrowsException.

@Test
void shouldReturn400WhenBuildClientStartInfoThrowsException() throws ParseException, Json.JsonException {
    when(startService.buildUserContext(session, clientSession)).thenReturn(userContext);
    when(startService.buildClientStartInfo(userContext)).thenThrow(new ParseException("Unable to parse authentication request"));
    usingValidClientSession();
    usingValidSession();
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, PERSISTENT_ID);
    headers.put(CLIENT_SESSION_ID_HEADER, CLIENT_SESSION_ID);
    headers.put(SESSION_ID_HEADER, SESSION_ID);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(headers);
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    String expectedResponse = objectMapper.writeValueAsString(ErrorResponse.ERROR_1038);
    assertThat(result, hasBody(expectedResponse));
    verifyNoInteractions(auditService);
}

Example 70 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class StartHandlerTest method shouldReturn200WhenDocCheckingAppUserIsPresent.

@Test
void shouldReturn200WhenDocCheckingAppUserIsPresent() throws Json.JsonException, ParseException, Json.JsonException {
    when(configurationService.getDocAppDomain()).thenReturn(URI.create("https://doc-app"));
    var userStartInfo = new UserStartInfo(false, false, false, false, null, null, true);
    when(startService.buildUserContext(session, clientSession)).thenReturn(userContext);
    var scope = new Scope(OIDCScopeValue.OPENID, CustomScopeValue.DOC_CHECKING_APP);
    when(startService.buildClientStartInfo(userContext)).thenReturn(new ClientStartInfo(TEST_CLIENT_NAME, scope.toStringList(), "MANDATORY", false, REDIRECT_URL));
    when(startService.getGATrackingId(anyMap())).thenReturn(null);
    when(startService.getCookieConsentValue(anyMap(), anyString())).thenReturn(null);
    when(startService.buildUserStartInfo(userContext, null, null, true)).thenReturn(userStartInfo);
    usingValidClientSession();
    usingValidSession();
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, PERSISTENT_ID);
    headers.put(CLIENT_SESSION_ID_HEADER, CLIENT_SESSION_ID);
    headers.put(SESSION_ID_HEADER, SESSION_ID);
    var event = new APIGatewayProxyRequestEvent();
    event.setHeaders(headers);
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    var result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(200));
    var response = objectMapper.readValue(result.getBody(), StartResponse.class);
    assertThat(response.getClient().getClientName(), equalTo(TEST_CLIENT_NAME));
    assertThat(response.getClient().getScopes(), equalTo(scope.toStringList()));
    assertThat(response.getClient().getServiceType(), equalTo(ServiceType.MANDATORY.toString()));
    assertThat(response.getClient().getRedirectUri(), equalTo(REDIRECT_URL));
    assertFalse(response.getClient().getCookieConsentShared());
    assertTrue(response.getUser().isDocCheckingAppUser());
    assertFalse(response.getUser().isIdentityRequired());
    assertFalse(response.getUser().isUpliftRequired());
    assertFalse(response.getUser().isAuthenticated());
    assertFalse(response.getUser().isConsentRequired());
    assertThat(response.getUser().getCookieConsent(), equalTo(null));
    assertThat(response.getUser().getGaCrossDomainTrackingId(), equalTo(null));
    verify(clientSessionService).saveClientSession(anyString(), any());
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.START_INFO_FOUND, "aws-session-id", SESSION_ID, TEST_CLIENT_ID, auditService.UNKNOWN, auditService.UNKNOWN, "123.123.123.123", PERSISTENT_ID, AuditService.UNKNOWN);
}