use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class CheckUserExistsHandlerTest method shouldReturn400IfEmailAddressIsInvalid.
@Test
void shouldReturn400IfEmailAddressIsInvalid() {
usingValidSession();
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody("{ \"email\": \"joe.bloggs\" }");
event.setHeaders(Map.of("Session-Id", session.getSessionId()));
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(400, result.getStatusCode());
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1004));
verify(auditService).submitAuditEvent(FrontendAuditableEvent.CHECK_USER_INVALID_EMAIL, "aws-session-id", session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, "joe.bloggs", "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class LoginHandlerTest method shouldKeepUserLockedWhenTheyEnterSuccessfulLoginRequestInNewSession.
@Test
void shouldKeepUserLockedWhenTheyEnterSuccessfulLoginRequestInNewSession() {
UserProfile userProfile = generateUserProfile(null);
when(authenticationService.getUserProfileByEmailMaybe(EMAIL)).thenReturn(Optional.of(userProfile));
when(authenticationService.login(userCredentials, PASSWORD)).thenReturn(true);
when(codeStorageService.getIncorrectPasswordCount(EMAIL)).thenReturn(5);
usingValidSession();
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
event.setHeaders(Map.of("Session-Id", session.getSessionId()));
event.setBody(format("{ \"password\": \"%s\", \"email\": \"%s\" }", PASSWORD, EMAIL));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(400));
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1028));
verify(auditService).submitAuditEvent(FrontendAuditableEvent.ACCOUNT_TEMPORARILY_LOCKED, "aws-session-id", session.getSessionId(), "", userProfile.getSubjectID(), userProfile.getEmail(), "123.123.123.123", userProfile.getPhoneNumber(), PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class LoginHandlerTest method shouldReturn200IfLoginIsSuccessful.
@Test
void shouldReturn200IfLoginIsSuccessful() throws JsonProcessingException, Json.JsonException {
when(configurationService.getTermsAndConditionsVersion()).thenReturn("1.0");
String persistentId = "some-persistent-id-value";
Map<String, String> headers = new HashMap<>();
headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
headers.put("Session-Id", session.getSessionId());
UserProfile userProfile = generateUserProfile(null);
when(authenticationService.getUserProfileByEmailMaybe(EMAIL)).thenReturn(Optional.of(userProfile));
when(authenticationService.login(userCredentials, PASSWORD)).thenReturn(true);
when(clientSession.getAuthRequestParams()).thenReturn(generateAuthRequest().toParameters());
usingValidSession();
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
event.setHeaders(headers);
event.setBody(format("{ \"password\": \"%s\", \"email\": \"%s\" }", PASSWORD, EMAIL.toUpperCase()));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(200));
LoginResponse response = objectMapper.readValue(result.getBody(), LoginResponse.class);
assertThat(response.getRedactedPhoneNumber(), equalTo(RedactPhoneNumberHelper.redactPhoneNumber(PHONE_NUMBER)));
assertThat(response.getLatestTermsAndConditionsAccepted(), equalTo(true));
verify(authenticationService).getUserProfileByEmailMaybe(EMAIL);
verify(auditService).submitAuditEvent(FrontendAuditableEvent.LOG_IN_SUCCESS, "aws-session-id", session.getSessionId(), "", userProfile.getSubjectID(), userProfile.getEmail(), "123.123.123.123", userProfile.getPhoneNumber(), persistentId);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class LoginHandlerTest method shouldReturn401IfMigratedUserHasInvalidCredentials.
@Test
void shouldReturn401IfMigratedUserHasInvalidCredentials() {
String legacySubjectId = new Subject().getValue();
UserProfile userProfile = generateUserProfile(legacySubjectId);
when(authenticationService.getUserProfileByEmailMaybe(EMAIL)).thenReturn(Optional.of(userProfile));
when(userMigrationService.processMigratedUser(userCredentials, PASSWORD)).thenReturn(false);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(Map.of("Session-Id", session.getSessionId()));
event.setBody(format("{ \"password\": \"%s\", \"email\": \"%s\" }", PASSWORD, EMAIL));
usingValidSession();
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(401));
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1008));
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class MfaHandlerTest method shouldReturn400IfUserIsBlockedFromAttemptingMfaCodes.
@Test
void shouldReturn400IfUserIsBlockedFromAttemptingMfaCodes() {
usingValidSession();
when(codeStorageService.isBlockedForEmail(TEST_EMAIL_ADDRESS, CODE_BLOCKED_KEY_PREFIX)).thenReturn(true);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(Map.of("Session-Id", session.getSessionId()));
event.setBody(format("{ \"email\": \"%s\"}", TEST_EMAIL_ADDRESS));
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(400, result.getStatusCode());
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1027));
verify(auditService).submitAuditEvent(FrontendAuditableEvent.MFA_INVALID_CODE_REQUEST, "aws-session-id", session.getSessionId(), "", AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Aggregations