Search in sources :

Example 71 with APIGatewayProxyResponseEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.

the class VerifyCodeHandlerTest method shouldReturnEmailCodeNotValidStateIfRequestCodeDoesNotMatchStoredCode.

@Test
void shouldReturnEmailCodeNotValidStateIfRequestCodeDoesNotMatchStoredCode() {
    when(configurationService.getCodeMaxRetries()).thenReturn(5);
    when(codeStorageService.getOtpCode(TEST_EMAIL_ADDRESS, VERIFY_EMAIL)).thenReturn(Optional.of(CODE));
    APIGatewayProxyResponseEvent result = makeCallWithCode(INVALID_CODE, VERIFY_EMAIL.toString());
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1036));
}
Also used : APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 72 with APIGatewayProxyResponseEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.

the class VerifyCodeHandlerTest method shouldReturn204ForValidMfaSmsRequest.

@Test
void shouldReturn204ForValidMfaSmsRequest() {
    when(configurationService.getCodeMaxRetries()).thenReturn(5);
    when(codeStorageService.getOtpCode(TEST_EMAIL_ADDRESS, MFA_SMS)).thenReturn(Optional.of(CODE));
    APIGatewayProxyResponseEvent result = makeCallWithCode(CODE, MFA_SMS.toString());
    verify(codeStorageService).deleteOtpCode(TEST_EMAIL_ADDRESS, MFA_SMS);
    assertThat(result, hasStatus(204));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.CODE_VERIFIED, context.getAwsRequestId(), session.getSessionId(), CLIENT_ID, "test-subject-id", TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE, pair("notification-type", MFA_SMS.name()));
}
Also used : APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 73 with APIGatewayProxyResponseEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.

the class VerifyCodeHandlerTest method shouldReturn204ForValidVerifyEmailRequestUsingTestClient.

@Test
void shouldReturn204ForValidVerifyEmailRequestUsingTestClient() {
    when(configurationService.isTestClientsEnabled()).thenReturn(true);
    when(configurationService.getCodeMaxRetries()).thenReturn(5);
    when(configurationService.getTestClientVerifyEmailOTP()).thenReturn(Optional.of(TEST_CLIENT_CODE));
    when(codeStorageService.getOtpCode(TEST_CLIENT_EMAIL, VERIFY_EMAIL)).thenReturn(Optional.of(CODE));
    APIGatewayProxyResponseEvent result = makeCallWithCode(TEST_CLIENT_CODE, VERIFY_EMAIL.toString(), Optional.of(testClientSession), TEST_CLIENT_ID);
    verify(codeStorageService).deleteOtpCode(TEST_CLIENT_EMAIL, VERIFY_EMAIL);
    assertThat(result, hasStatus(204));
}
Also used : APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 74 with APIGatewayProxyResponseEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.

the class VerifyCodeHandlerTest method shouldReturnMaxReachedWhenMfaCodeIsBlocked.

@Test
void shouldReturnMaxReachedWhenMfaCodeIsBlocked() {
    when(codeStorageService.isBlockedForEmail(TEST_EMAIL_ADDRESS, CODE_BLOCKED_KEY_PREFIX)).thenReturn(true);
    APIGatewayProxyResponseEvent result = makeCallWithCode(CODE, MFA_SMS.toString());
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1027));
    verify(codeStorageService, never()).getOtpCode(session.getEmailAddress(), MFA_SMS);
}
Also used : APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Example 75 with APIGatewayProxyResponseEvent

use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.

the class VerifyCodeHandlerTest method shouldReturn400IfRequestIsMissingNotificationType.

@Test
void shouldReturn400IfRequestIsMissingNotificationType() {
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setHeaders(Map.of("Session-Id", "a-session-id"));
    event.setBody(format("{ \"code\": \"%s\"}", CODE));
    when(sessionService.getSessionFromRequestHeaders(event.getHeaders())).thenReturn(Optional.of(session));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertThat(result, hasStatus(400));
    assertThat(result, hasJsonBody(ErrorResponse.ERROR_1001));
}
Also used : APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent) APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent) Test(org.junit.jupiter.api.Test)

Aggregations

APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)260 Test (org.junit.jupiter.api.Test)214 APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)182 HashMap (java.util.HashMap)56 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)43 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)30 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)22 URI (java.net.URI)21 NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17 UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)17 Map (java.util.Map)16 ClientRegistry (uk.gov.di.authentication.shared.entity.ClientRegistry)14 ClientSession (uk.gov.di.authentication.shared.entity.ClientSession)14 Context (com.amazonaws.services.lambda.runtime.Context)13 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)13 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)13 NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)12 Subject (com.nimbusds.oauth2.sdk.id.Subject)12 URIBuilder (org.apache.http.client.utils.URIBuilder)11