Search in sources :

Example 76 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class ResetPasswordRequestHandlerTest method shouldReturn400IfInvalidSessionProvided.

@Test
void shouldReturn400IfInvalidSessionProvided() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody(format("{ \"email\": \"%s\" }", TEST_EMAIL_ADDRESS));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(400, result.getStatusCode());
    verify(awsSqsClient, never()).send(anyString());
    verify(codeStorageService, never()).saveOtpCode(anyString(), anyString(), anyLong(), any(NotificationType.class));
    verify(sessionService, never()).save(argThat(this::isSessionWithEmailSent));
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) NotificationType(uk.gov.di.authentication.shared.entity.NotificationType) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 77 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class ResetPasswordRequestHandlerTest method shouldReturn200AndPutMessageOnQueueForAValidLinkFlowRequest.

@Test
void shouldReturn200AndPutMessageOnQueueForAValidLinkFlowRequest() throws Json.JsonException {
    String persistentId = "some-persistent-id-value";
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
    headers.put("Session-Id", session.getSessionId());
    Subject subject = new Subject("subject_1");
    when(authenticationService.getSubjectFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(subject);
    when(resetPasswordService.buildResetPasswordLink(TEST_SIX_DIGIT_CODE, session.getSessionId(), persistentId)).thenReturn(TEST_RESET_PASSWORD_LINK);
    NotifyRequest notifyRequest = new NotifyRequest(TEST_EMAIL_ADDRESS, RESET_PASSWORD, TEST_RESET_PASSWORD_LINK);
    String serialisedRequest = objectMapper.writeValueAsString(notifyRequest);
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    event.setHeaders(headers);
    event.setBody(format("{ \"email\": \"%s\" }", TEST_EMAIL_ADDRESS));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(204, result.getStatusCode());
    verify(awsSqsClient).send(serialisedRequest);
    verify(codeStorageService).savePasswordResetCode(subject.getValue(), TEST_SIX_DIGIT_CODE, CODE_EXPIRY_TIME, RESET_PASSWORD);
    verify(sessionService).save(argThat(this::isSessionWithEmailSent));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.PASSWORD_RESET_REQUESTED, context.getAwsRequestId(), session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, persistentId);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) JsonArgumentMatcher.containsJsonString(uk.gov.di.authentication.sharedtest.matchers.JsonArgumentMatcher.containsJsonString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) NotifyRequest(uk.gov.di.authentication.shared.entity.NotifyRequest) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Subject(com.nimbusds.oauth2.sdk.id.Subject) Test(org.junit.jupiter.api.Test)

Example 78 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class CheckUserExistsHandlerTest method shouldReturn200IfUserDoesNotExist.

@Test
void shouldReturn200IfUserDoesNotExist() throws JsonProcessingException, Json.JsonException {
    usingValidSession();
    when(authenticationService.userExists(eq("joe.bloggs@digital.cabinet-office.gov.uk"))).thenReturn(false);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody("{ \"email\": \"joe.bloggs@digital.cabinet-office.gov.uk\" }");
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(200, result.getStatusCode());
    CheckUserExistsResponse checkUserExistsResponse = objectMapper.readValue(result.getBody(), CheckUserExistsResponse.class);
    assertEquals("joe.bloggs@digital.cabinet-office.gov.uk", checkUserExistsResponse.getEmail());
    assertFalse(checkUserExistsResponse.doesUserExist());
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.CHECK_USER_NO_ACCOUNT_WITH_EMAIL, "aws-session-id", session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, "joe.bloggs@digital.cabinet-office.gov.uk", "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) CheckUserExistsResponse(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 79 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class CheckUserExistsHandlerTest method shouldReturn200IfUserExists.

@Test
void shouldReturn200IfUserExists() throws JsonProcessingException, Json.JsonException {
    usingValidSession();
    String persistentId = "some-persistent-id-value";
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
    headers.put("Session-Id", session.getSessionId());
    when(authenticationService.userExists(eq("joe.bloggs@digital.cabinet-office.gov.uk"))).thenReturn(true);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody("{ \"email\": \"joe.bloggs@digital.cabinet-office.gov.uk\" }");
    event.setHeaders(headers);
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(200, result.getStatusCode());
    CheckUserExistsResponse checkUserExistsResponse = objectMapper.readValue(result.getBody(), CheckUserExistsResponse.class);
    assertEquals("joe.bloggs@digital.cabinet-office.gov.uk", checkUserExistsResponse.getEmail());
    assertTrue(checkUserExistsResponse.doesUserExist());
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.CHECK_USER_KNOWN_EMAIL, "aws-session-id", session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, "joe.bloggs@digital.cabinet-office.gov.uk", "123.123.123.123", AuditService.UNKNOWN, persistentId);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) CheckUserExistsResponse(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 80 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class CheckUserExistsHandlerTest method shouldReturn400IfRequestIsMissingSessionId.

@Test
void shouldReturn400IfRequestIsMissingSessionId() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody("{ \"email\": \"joe.bloggs@digital.cabinet-office.gov.uk\" }");
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(400, result.getStatusCode());
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1000));
    verifyNoInteractions(auditService);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Aggregations

APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)239 Test (org.junit.jupiter.api.Test)217 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)182 HashMap (java.util.HashMap)70 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)37 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)33 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)29 NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17 URI (java.net.URI)15 Map (java.util.Map)15 UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)14 Context (com.amazonaws.services.lambda.runtime.Context)13 NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13 Subject (com.nimbusds.oauth2.sdk.id.Subject)12 Instant (java.time.Instant)11 Matchers.containsString (org.hamcrest.Matchers.containsString)11 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)10 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)10 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)8 JWSObject (com.nimbusds.jose.JWSObject)8