use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class UpdateEmailHandlerTest method shouldReturnErrorWhenOtpCodeIsNotValid.
@Test
public void shouldReturnErrorWhenOtpCodeIsNotValid() throws Json.JsonException {
when(dynamoService.getSubjectFromEmail(EXISTING_EMAIL_ADDRESS)).thenReturn(SUBJECT);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody(format("{\"existingEmailAddress\": \"%s\", \"replacementEmailAddress\": \"%s\", \"otp\": \"%s\" }", EXISTING_EMAIL_ADDRESS, INVALID_EMAIL_ADDRESS, OTP));
APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
Map<String, Object> authorizerParams = new HashMap<>();
authorizerParams.put("principalId", SUBJECT.getValue());
proxyRequestContext.setAuthorizer(authorizerParams);
event.setRequestContext(proxyRequestContext);
when(codeStorageService.isValidOtpCode(INVALID_EMAIL_ADDRESS, OTP, VERIFY_EMAIL)).thenReturn(false);
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(400));
verify(dynamoService, never()).updateEmail(EXISTING_EMAIL_ADDRESS, INVALID_EMAIL_ADDRESS);
NotifyRequest notifyRequest = new NotifyRequest(INVALID_EMAIL_ADDRESS, EMAIL_UPDATED);
verify(sqsClient, never()).send(objectMapper.writeValueAsString(notifyRequest));
String expectedResponse = objectMapper.writeValueAsString(ErrorResponse.ERROR_1020);
assertThat(result, hasBody(expectedResponse));
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class UpdatePasswordHandlerTest method shouldReturn400WhenRequestHasIncorrectParameters.
@Test
public void shouldReturn400WhenRequestHasIncorrectParameters() {
APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
Map<String, Object> authorizerParams = new HashMap<>();
authorizerParams.put("principalId", SUBJECT.getValue());
proxyRequestContext.setAuthorizer(authorizerParams);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setRequestContext(proxyRequestContext);
event.setBody(format("{ \"incorrect\": \"%s\", \"parameter\": \"%s\"}", "incorrect", "value"));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(400));
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1001));
verifyNoInteractions(auditService);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class UpdatePasswordHandlerTest method shouldReturn204ForValidRequest.
@Test
public void shouldReturn204ForValidRequest() throws Json.JsonException {
String persistentIdValue = "some-persistent-session-id";
UserProfile userProfile = new UserProfile().setPublicSubjectID(SUBJECT.getValue());
UserCredentials userCredentials = new UserCredentials().setPassword(CURRENT_PASSWORD);
when(dynamoService.getUserProfileByEmail(EXISTING_EMAIL_ADDRESS)).thenReturn(userProfile);
when(dynamoService.getUserCredentialsFromEmail(EXISTING_EMAIL_ADDRESS)).thenReturn(userCredentials);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody(format("{ \"email\": \"%s\", \"newPassword\": \"%s\" }", EXISTING_EMAIL_ADDRESS, NEW_PASSWORD));
event.setHeaders(Map.of(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentIdValue));
APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
Map<String, Object> authorizerParams = new HashMap<>();
authorizerParams.put("principalId", SUBJECT.getValue());
proxyRequestContext.setIdentity(identityWithSourceIp("123.123.123.123"));
proxyRequestContext.setAuthorizer(authorizerParams);
event.setRequestContext(proxyRequestContext);
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(204));
verify(dynamoService).updatePassword(EXISTING_EMAIL_ADDRESS, NEW_PASSWORD);
NotifyRequest notifyRequest = new NotifyRequest(EXISTING_EMAIL_ADDRESS, NotificationType.PASSWORD_UPDATED);
verify(sqsClient).send(objectMapper.writeValueAsString(notifyRequest));
verify(auditService).submitAuditEvent(AccountManagementAuditableEvent.UPDATE_PASSWORD, context.getAwsRequestId(), AuditService.UNKNOWN, AuditService.UNKNOWN, userProfile.getSubjectID(), userProfile.getEmail(), "123.123.123.123", userProfile.getPhoneNumber(), persistentIdValue);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class UpdatePhoneNumberHandlerTest method shouldReturn400WhenRequestIsMissingParameters.
@Test
public void shouldReturn400WhenRequestIsMissingParameters() {
APIGatewayProxyRequestEvent.ProxyRequestContext proxyRequestContext = new APIGatewayProxyRequestEvent.ProxyRequestContext();
Map<String, Object> authorizerParams = new HashMap<>();
authorizerParams.put("principalId", SUBJECT.getValue());
proxyRequestContext.setAuthorizer(authorizerParams);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setRequestContext(proxyRequestContext);
event.setBody(format("{\"email\": \"%s\"}", EMAIL_ADDRESS));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(400));
assertThat(result, hasJsonBody(ErrorResponse.ERROR_1001));
verifyNoInteractions(auditService);
}
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent in project di-authentication-api by alphagov.
the class DocAppCallbackHandlerTest method shouldRedirectToFrontendCallbackForSuccessfulResponse.
@Test
void shouldRedirectToFrontendCallbackForSuccessfulResponse() throws URISyntaxException {
usingValidSession();
usingValidClientSession();
var successfulTokenResponse = new AccessTokenResponse(new Tokens(new BearerAccessToken(), null));
var tokenRequest = mock(TokenRequest.class);
Map<String, String> responseHeaders = new HashMap<>();
responseHeaders.put("code", AUTH_CODE.getValue());
responseHeaders.put("state", STATE.getValue());
when(responseService.validateResponse(responseHeaders, SESSION_ID)).thenReturn(Optional.empty());
when(tokenService.constructTokenRequest(AUTH_CODE.getValue())).thenReturn(tokenRequest);
when(tokenService.sendTokenRequest(tokenRequest)).thenReturn(successfulTokenResponse);
when(tokenService.sendCriDataRequest(successfulTokenResponse.getTokens().getAccessToken())).thenReturn("a-verifiable-credential");
var event = new APIGatewayProxyRequestEvent();
event.setQueryStringParameters(responseHeaders);
event.setHeaders(Map.of(COOKIE, buildCookieString()));
var response = makeHandlerRequest(event);
assertThat(response, hasStatus(302));
var expectedRedirectURI = new URIBuilder(LOGIN_URL).setPath("doc-checking-app-callback").build();
assertThat(response.getHeaders().get("Location"), equalTo(expectedRedirectURI.toString()));
verify(auditService).submitAuditEvent(DocAppAuditableEvent.DOC_APP_AUTHORISATION_RESPONSE_RECEIVED, REQUEST_ID, SESSION_ID, CLIENT_ID.getValue(), PAIRWISE_SUBJECT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN);
verify(auditService).submitAuditEvent(DocAppAuditableEvent.DOC_APP_SUCCESSFUL_TOKEN_RESPONSE_RECEIVED, REQUEST_ID, SESSION_ID, CLIENT_ID.getValue(), PAIRWISE_SUBJECT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN);
verify(auditService).submitAuditEvent(DocAppAuditableEvent.DOC_APP_SUCCESSFUL_CREDENTIAL_RESPONSE_RECEIVED, REQUEST_ID, SESSION_ID, CLIENT_ID.getValue(), PAIRWISE_SUBJECT_ID.getValue(), AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN, AuditService.UNKNOWN);
verifyNoMoreInteractions(auditService);
verify(dynamoDocAppService).addDocAppCredential(PAIRWISE_SUBJECT_ID.getValue(), "a-verifiable-credential");
}
Aggregations