Search in sources :

Example 86 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class MfaHandlerTest method shouldReturn400IfUserIsBlockedFromRequestingAnyMoreMfaCodes.

@Test
void shouldReturn400IfUserIsBlockedFromRequestingAnyMoreMfaCodes() {
    usingValidSession();
    when(codeStorageService.isBlockedForEmail(TEST_EMAIL_ADDRESS, CODE_REQUEST_BLOCKED_KEY_PREFIX)).thenReturn(true);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setBody(format("{ \"email\": \"%s\"}", TEST_EMAIL_ADDRESS));
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(400, result.getStatusCode());
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1026));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.MFA_INVALID_CODE_REQUEST, "aws-session-id", session.getSessionId(), "", AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 87 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class MfaHandlerTest method shouldReturn400IfUserHasReachedTheMfaCodeRequestLimit.

@Test
void shouldReturn400IfUserHasReachedTheMfaCodeRequestLimit() {
    usingValidSession();
    when(configurationService.getBlockedEmailDuration()).thenReturn(BLOCKED_EMAIL_DURATION);
    session.incrementCodeRequestCount();
    session.incrementCodeRequestCount();
    session.incrementCodeRequestCount();
    session.incrementCodeRequestCount();
    session.incrementCodeRequestCount();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setBody(format("{ \"email\": \"%s\"}", TEST_EMAIL_ADDRESS));
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(400, result.getStatusCode());
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1025));
    verify(codeStorageService).saveBlockedForEmail(TEST_EMAIL_ADDRESS, CODE_REQUEST_BLOCKED_KEY_PREFIX, BLOCKED_EMAIL_DURATION);
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.MFA_INVALID_CODE_REQUEST, "aws-session-id", session.getSessionId(), "", AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 88 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class MfaHandlerTest method shouldReturn204AndNotSendMessageForSuccessfulMfaRequestOnTestClient.

@Test
void shouldReturn204AndNotSendMessageForSuccessfulMfaRequestOnTestClient() throws Json.JsonException {
    usingValidSession();
    usingValidClientSession(TEST_CLIENT_ID);
    when(configurationService.isTestClientsEnabled()).thenReturn(true);
    when(authenticationService.getPhoneNumber(TEST_EMAIL_ADDRESS)).thenReturn(Optional.of(PHONE_NUMBER));
    when(codeGeneratorService.sixDigitCode()).thenReturn(CODE);
    NotifyRequest notifyRequest = new NotifyRequest(PHONE_NUMBER, MFA_SMS, CODE);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setBody(format("{ \"email\": \"%s\"}", TEST_EMAIL_ADDRESS));
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    verify(sqsClient, never()).send(objectMapper.writeValueAsString(notifyRequest));
    verify(codeStorageService).saveOtpCode(TEST_EMAIL_ADDRESS, CODE, CODE_EXPIRY_TIME, MFA_SMS);
    assertThat(result, hasStatus(204));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.MFA_CODE_SENT_FOR_TEST_CLIENT, "aws-session-id", session.getSessionId(), TEST_CLIENT_ID, AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", PHONE_NUMBER, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) NotifyRequest(uk.gov.di.authentication.shared.entity.NotifyRequest) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 89 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class MfaHandlerTest method shouldReturn400WhenEmailInSessionDoesNotMatchEmailInRequest.

@Test
void shouldReturn400WhenEmailInSessionDoesNotMatchEmailInRequest() {
    usingValidSession();
    when(authenticationService.getPhoneNumber(TEST_EMAIL_ADDRESS)).thenReturn(Optional.of(PHONE_NUMBER));
    when(codeGeneratorService.sixDigitCode()).thenReturn(CODE);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", session.getSessionId()));
    event.setBody(format("{ \"email\": \"%s\"}", "wrong.email@gov.uk"));
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.MFA_MISMATCHED_EMAIL, "aws-session-id", session.getSessionId(), "", AuditService.UNKNOWN, "wrong.email@gov.uk", "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 90 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class SendOtpNotificationHandlerTest method shouldReturn400WhenAccountAlreadyExistsWithGivenEmail.

@Test
void shouldReturn400WhenAccountAlreadyExistsWithGivenEmail() {
    when(dynamoService.userExists(eq(TEST_EMAIL_ADDRESS))).thenReturn(true);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of());
    event.setBody(format("{ \"email\": \"%s\", \"notificationType\": \"%s\" }", TEST_EMAIL_ADDRESS, VERIFY_EMAIL));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(400, result.getStatusCode());
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1009));
    verifyNoInteractions(auditService);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Aggregations

APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)239 Test (org.junit.jupiter.api.Test)217 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)182 HashMap (java.util.HashMap)70 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)37 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)33 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)29 NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17 URI (java.net.URI)15 Map (java.util.Map)15 UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)14 Context (com.amazonaws.services.lambda.runtime.Context)13 NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13 Subject (com.nimbusds.oauth2.sdk.id.Subject)12 Instant (java.time.Instant)11 Matchers.containsString (org.hamcrest.Matchers.containsString)11 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)10 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)10 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)8 JWSObject (com.nimbusds.jose.JWSObject)8