Search in sources :

Example 96 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class UpdateEmailHandlerTest method shouldReturnErrorWhenOtpCodeIsNotValid.

@Test
public void shouldReturnErrorWhenOtpCodeIsNotValid() throws Json.JsonException {
    when(dynamoService.getSubjectFromEmail(EXISTING_EMAIL_ADDRESS)).thenReturn(SUBJECT);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody(format("{\"existingEmailAddress\": \"%s\", \"replacementEmailAddress\": \"%s\", \"otp\": \"%s\"  }", EXISTING_EMAIL_ADDRESS, INVALID_EMAIL_ADDRESS, OTP));
    APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
    Map<String, Object> authorizerParams = new HashMap<>();
    authorizerParams.put("principalId", SUBJECT.getValue());
    proxyRequestContext.setAuthorizer(authorizerParams);
    event.setRequestContext(proxyRequestContext);
    when(codeStorageService.isValidOtpCode(INVALID_EMAIL_ADDRESS, OTP, VERIFY_EMAIL)).thenReturn(false);
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    verify(dynamoService, never()).updateEmail(EXISTING_EMAIL_ADDRESS, INVALID_EMAIL_ADDRESS);
    NotifyRequest notifyRequest = new NotifyRequest(INVALID_EMAIL_ADDRESS, EMAIL_UPDATED);
    verify(sqsClient, never()).send(objectMapper.writeValueAsString(notifyRequest));
    String expectedResponse = objectMapper.writeValueAsString(ErrorResponse.ERROR_1020);
    assertThat(result, hasBody(expectedResponse));
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) NotifyRequest(uk.gov.di.accountmanagement.entity.NotifyRequest) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 97 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class UpdatePasswordHandlerTest method shouldReturn400WhenRequestHasIncorrectParameters.

@Test
public void shouldReturn400WhenRequestHasIncorrectParameters() {
    APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
    Map<String, Object> authorizerParams = new HashMap<>();
    authorizerParams.put("principalId", SUBJECT.getValue());
    proxyRequestContext.setAuthorizer(authorizerParams);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(proxyRequestContext);
    event.setBody(format("{ \"incorrect\": \"%s\", \"parameter\": \"%s\"}", "incorrect", "value"));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1001));
    verifyNoInteractions(auditService);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 98 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class UpdatePasswordHandlerTest method shouldReturn204ForValidRequest.

@Test
public void shouldReturn204ForValidRequest() throws Json.JsonException {
    String persistentIdValue = "some-persistent-session-id";
    UserProfile userProfile = new UserProfile().setPublicSubjectID(SUBJECT.getValue());
    UserCredentials userCredentials = new UserCredentials().setPassword(CURRENT_PASSWORD);
    when(dynamoService.getUserProfileByEmail(EXISTING_EMAIL_ADDRESS)).thenReturn(userProfile);
    when(dynamoService.getUserCredentialsFromEmail(EXISTING_EMAIL_ADDRESS)).thenReturn(userCredentials);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setBody(format("{ \"email\": \"%s\", \"newPassword\": \"%s\" }", EXISTING_EMAIL_ADDRESS, NEW_PASSWORD));
    event.setHeaders(Map.of(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentIdValue));
    APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
    Map<String, Object> authorizerParams = new HashMap<>();
    authorizerParams.put("principalId", SUBJECT.getValue());
    proxyRequestContext.setIdentity(identityWithSourceIp("123.123.123.123"));
    proxyRequestContext.setAuthorizer(authorizerParams);
    event.setRequestContext(proxyRequestContext);
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(204));
    verify(dynamoService).updatePassword(EXISTING_EMAIL_ADDRESS, NEW_PASSWORD);
    NotifyRequest notifyRequest = new NotifyRequest(EXISTING_EMAIL_ADDRESS, NotificationType.PASSWORD_UPDATED);
    verify(sqsClient).send(objectMapper.writeValueAsString(notifyRequest));
    verify(auditService).submitAuditEvent(AccountManagementAuditableEvent.UPDATE_PASSWORD, context.getAwsRequestId(), AuditService.UNKNOWN, AuditService.UNKNOWN, userProfile.getSubjectID(), userProfile.getEmail(), "123.123.123.123", userProfile.getPhoneNumber(), persistentIdValue);
}
Also used : UserProfile(uk.gov.di.authentication.shared.entity.UserProfile) APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) UserCredentials(uk.gov.di.authentication.shared.entity.UserCredentials) NotifyRequest(uk.gov.di.accountmanagement.entity.NotifyRequest) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 99 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class UpdatePhoneNumberHandlerTest method shouldReturn400WhenRequestIsMissingParameters.

@Test
public void shouldReturn400WhenRequestIsMissingParameters() {
    APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
    Map<String, Object> authorizerParams = new HashMap<>();
    authorizerParams.put("principalId", SUBJECT.getValue());
    proxyRequestContext.setAuthorizer(authorizerParams);
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(proxyRequestContext);
    event.setBody(format("{\"email\": \"%s\"}", EMAIL_ADDRESS));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1001));
    verifyNoInteractions(auditService);
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 100 with APIGatewayProxyRequestEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.

the class DocAppCallbackHandlerTest method shouldRedirectToFrontendCallbackForSuccessfulResponse.

@Test
void shouldRedirectToFrontendCallbackForSuccessfulResponse() throws URISyntaxException {
    usingValidSession();
    usingValidClientSession();
    var successfulTokenResponse = new AccessTokenResponse(new Tokens(new BearerAccessToken(), null));
    var tokenRequest = mock(TokenRequest.class);
    Map<String, String> responseHeaders = new HashMap<>();
    responseHeaders.put("code", AUTH_CODE.getValue());
    responseHeaders.put("state", STATE.getValue());
    when(responseService.validateResponse(responseHeaders, SESSION_ID)).thenReturn(Optional.empty());
    when(tokenService.constructTokenRequest(AUTH_CODE.getValue())).thenReturn(tokenRequest);
    when(tokenService.sendTokenRequest(tokenRequest)).thenReturn(successfulTokenResponse);
    when(tokenService.sendCriDataRequest(successfulTokenResponse.getTokens().getAccessToken())).thenReturn("a-verifiable-credential");
    var event = new APIGatewayProxyRequestEvent();
    event.setQueryStringParameters(responseHeaders);
    event.setHeaders(Map.of(COOKIE, buildCookieString()));
    var response = makeHandlerRequest(event);
    assertThat(response, hasStatus(302));
    var expectedRedirectURI = new URIBuilder(LOGIN_URL).setPath("doc-checking-app-callback").build();
    assertThat(response.getHeaders().get("Location"), equalTo(expectedRedirectURI.toString()));
    verify(auditService).submitAuditEvent(DocAppAuditableEvent.DOC_APP_AUTHORISATION_RESPONSE_RECEIVED, REQUEST_ID, SESSION_ID, CLIENT_ID.getValue(), PAIRWISE_SUBJECT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN);
    verify(auditService).submitAuditEvent(DocAppAuditableEvent.DOC_APP_SUCCESSFUL_TOKEN_RESPONSE_RECEIVED, REQUEST_ID, SESSION_ID, CLIENT_ID.getValue(), PAIRWISE_SUBJECT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN);
    verify(auditService).submitAuditEvent(DocAppAuditableEvent.DOC_APP_SUCCESSFUL_CREDENTIAL_RESPONSE_RECEIVED, REQUEST_ID, SESSION_ID, CLIENT_ID.getValue(), PAIRWISE_SUBJECT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN);
    verifyNoMoreInteractions(auditService);
    verify(dynamoDocAppService).addDocAppCredential(PAIRWISE_SUBJECT_ID.getValue(), "a-verifiable-credential");
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) HashMap(java.util.HashMap) BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken) Matchers.containsString(org.hamcrest.Matchers.containsString) AccessTokenResponse(com.nimbusds.oauth2.sdk.AccessTokenResponse) Tokens(com.nimbusds.oauth2.sdk.token.Tokens) URIBuilder(org.apache.http.client.utils.URIBuilder) Test(org.junit.jupiter.api.Test)

Aggregations

APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)239 Test (org.junit.jupiter.api.Test)217 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)182 HashMap (java.util.HashMap)70 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)37 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)33 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)29 NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17 URI (java.net.URI)15 Map (java.util.Map)15 UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)14 Context (com.amazonaws.services.lambda.runtime.Context)13 NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13 Subject (com.nimbusds.oauth2.sdk.id.Subject)12 Instant (java.time.Instant)11 Matchers.containsString (org.hamcrest.Matchers.containsString)11 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)10 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)10 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)8 JWSObject (com.nimbusds.jose.JWSObject)8