Search in sources :

Example 66 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class SignUpHandlerTest method shouldReturn400IfUserAlreadyExists.

@Test
void shouldReturn400IfUserAlreadyExists() {
    when(authenticationService.userExists(eq("joe.bloggs@test.com"))).thenReturn(true);
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    event.setHeaders(Map.of("Session-Id", "a-session-id"));
    event.setBody("{ \"password\": \"computer-1\", \"email\": \"joe.bloggs@test.com\" }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1009));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.CREATE_ACCOUNT_EMAIL_ALREADY_EXISTS, context.getAwsRequestId(), session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, "joe.bloggs@test.com", "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 67 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class SignUpHandlerTest method shouldReturn400IfSessionIdMissing.

@Test
void shouldReturn400IfSessionIdMissing() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody("{ \"password\": \"computer-1\", \"email\": \"joe.bloggs@test.com\" }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1000));
    verifyNoInteractions(auditService);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 68 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class SignUpHandlerTest method shouldReturn400IfPasswordFailsValidation.

@Test
void shouldReturn400IfPasswordFailsValidation() {
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setBody("{ \"password\": \"computer\", \"email\": \"joe.bloggs@test.com\" }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1007));
    verifyNoInteractions(auditService);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 69 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class StartHandlerTest method shouldReturn400WhenBuildClientStartInfoThrowsException.

@Test
void shouldReturn400WhenBuildClientStartInfoThrowsException() throws ParseException, Json.JsonException {
    when(startService.buildUserContext(session, clientSession)).thenReturn(userContext);
    when(startService.buildClientStartInfo(userContext)).thenThrow(new ParseException("Unable to parse authentication request"));
    usingValidClientSession();
    usingValidSession();
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, PERSISTENT_ID);
    headers.put(CLIENT_SESSION_ID_HEADER, CLIENT_SESSION_ID);
    headers.put(SESSION_ID_HEADER, SESSION_ID);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(headers);
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    String expectedResponse = objectMapper.writeValueAsString(ErrorResponse.ERROR_1038);
    assertThat(result, hasBody(expectedResponse));
    verifyNoInteractions(auditService);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) ParseException(com.nimbusds.oauth2.sdk.ParseException) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 70 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class StartHandlerTest method shouldReturn200WhenDocCheckingAppUserIsPresent.

@Test
void shouldReturn200WhenDocCheckingAppUserIsPresent() throws Json.JsonException, ParseException, Json.JsonException {
    when(configurationService.getDocAppDomain()).thenReturn(URI.create("https://doc-app"));
    var userStartInfo = new UserStartInfo(false, false, false, false, null, null, true);
    when(startService.buildUserContext(session, clientSession)).thenReturn(userContext);
    var scope = new Scope(OIDCScopeValue.OPENID, CustomScopeValue.DOC_CHECKING_APP);
    when(startService.buildClientStartInfo(userContext)).thenReturn(new ClientStartInfo(TEST_CLIENT_NAME, scope.toStringList(), "MANDATORY", false, REDIRECT_URL));
    when(startService.getGATrackingId(anyMap())).thenReturn(null);
    when(startService.getCookieConsentValue(anyMap(), anyString())).thenReturn(null);
    when(startService.buildUserStartInfo(userContext, null, null, true)).thenReturn(userStartInfo);
    usingValidClientSession();
    usingValidSession();
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, PERSISTENT_ID);
    headers.put(CLIENT_SESSION_ID_HEADER, CLIENT_SESSION_ID);
    headers.put(SESSION_ID_HEADER, SESSION_ID);
    var event = new APIGatewayProxyRequestEvent();
    event.setHeaders(headers);
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    var result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(200));
    var response = objectMapper.readValue(result.getBody(), StartResponse.class);
    assertThat(response.getClient().getClientName(), equalTo(TEST_CLIENT_NAME));
    assertThat(response.getClient().getScopes(), equalTo(scope.toStringList()));
    assertThat(response.getClient().getServiceType(), equalTo(ServiceType.MANDATORY.toString()));
    assertThat(response.getClient().getRedirectUri(), equalTo(REDIRECT_URL));
    assertFalse(response.getClient().getCookieConsentShared());
    assertTrue(response.getUser().isDocCheckingAppUser());
    assertFalse(response.getUser().isIdentityRequired());
    assertFalse(response.getUser().isUpliftRequired());
    assertFalse(response.getUser().isAuthenticated());
    assertFalse(response.getUser().isConsentRequired());
    assertThat(response.getUser().getCookieConsent(), equalTo(null));
    assertThat(response.getUser().getGaCrossDomainTrackingId(), equalTo(null));
    verify(clientSessionService).saveClientSession(anyString(), any());
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.START_INFO_FOUND, "aws-session-id", SESSION_ID, TEST_CLIENT_ID, auditService.UNKNOWN, auditService.UNKNOWN, "123.123.123.123", PERSISTENT_ID, AuditService.UNKNOWN);
}
Also used : Scope(com.nimbusds.oauth2.sdk.Scope) APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) UserStartInfo(uk.gov.di.authentication.frontendapi.entity.UserStartInfo) ClientStartInfo(uk.gov.di.authentication.frontendapi.entity.ClientStartInfo) HashMap(java.util.HashMap) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Aggregations

APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)239 Test (org.junit.jupiter.api.Test)217 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)182 HashMap (java.util.HashMap)70 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)37 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)33 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)29 NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17 URI (java.net.URI)15 Map (java.util.Map)15 UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)14 Context (com.amazonaws.services.lambda.runtime.Context)13 NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13 Subject (com.nimbusds.oauth2.sdk.id.Subject)12 Instant (java.time.Instant)11 Matchers.containsString (org.hamcrest.Matchers.containsString)11 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)10 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)10 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)8 JWSObject (com.nimbusds.jose.JWSObject)8