Example 21 with APIGatewayProxyResponseEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.
the class IdentityHandlerTest method shouldReturnIdentityResponseForSuccessfulRequest.
@Test
void shouldReturnIdentityResponseForSuccessfulRequest() throws AccessTokenException, JsonProcessingException {
String serializedCredential = SignedCredentialHelper.generateCredential().serialize();
IdentityResponse identityResponse = new IdentityResponse(SUBJECT.getValue(), serializedCredential);
AccessToken accessToken = new BearerAccessToken();
when(accessTokenService.parse(accessToken.toAuthorizationHeader(), true)).thenReturn(accessTokenInfo);
when(identityService.populateIdentityResponse(accessTokenInfo)).thenReturn(identityResponse);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(Map.of("Authorization", accessToken.toAuthorizationHeader()));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(200));
IdentityResponse receivedIdentityResponse = new ObjectMapper().readValue(result.getBody(), IdentityResponse.class);
assertThat(receivedIdentityResponse.getIdentityCredential(), equalTo(serializedCredential));
assertThat(receivedIdentityResponse.getSub(), equalTo(SUBJECT.getValue()));
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
AccessToken(com.nimbusds.oauth2.sdk.token.AccessToken)
BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken)
IdentityResponse(uk.gov.di.authentication.oidc.entity.IdentityResponse)
BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Test(org.junit.jupiter.api.Test)
Example 22 with APIGatewayProxyResponseEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.
the class IdentityHandlerTest method shouldReturn401WhenAccessTokenIsMissing.
@Test
void shouldReturn401WhenAccessTokenIsMissing() {
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(401));
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Test(org.junit.jupiter.api.Test)
Example 23 with APIGatewayProxyResponseEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.
the class IPVCallbackHandlerTest method shouldRedirectToLoginUriForSuccessfulResponse.
@Test
void shouldRedirectToLoginUriForSuccessfulResponse() throws URISyntaxException {
usingValidSession();
usingValidClientSession();
TokenResponse successfulTokenResponse = new AccessTokenResponse(new Tokens(new BearerAccessToken(), null));
TokenRequest tokenRequest = mock(TokenRequest.class);
Map<String, String> responseHeaders = new HashMap<>();
responseHeaders.put("code", AUTH_CODE.getValue());
responseHeaders.put("state", STATE.getValue());
when(dynamoClientService.getClient(CLIENT_ID.getValue())).thenReturn(Optional.of(generateClientRegistry()));
when(responseService.validateResponse(responseHeaders, SESSION_ID)).thenReturn(Optional.empty());
when(dynamoService.getUserProfileFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(Optional.of(generateUserProfile()));
when(ipvTokenService.constructTokenRequest(AUTH_CODE.getValue())).thenReturn(tokenRequest);
when(ipvTokenService.sendTokenRequest(tokenRequest)).thenReturn(successfulTokenResponse);
when(ipvTokenService.sendIpvInfoRequest(successfulTokenResponse.toSuccessResponse().getTokens().getBearerAccessToken())).thenReturn(SignedCredentialHelper.generateCredential().serialize());
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setQueryStringParameters(responseHeaders);
event.setHeaders(Map.of(COOKIE, buildCookieString()));
APIGatewayProxyResponseEvent response = makeHandlerRequest(event);
assertThat(response, hasStatus(302));
URI redirectUri = new URIBuilder(LOGIN_URL).setPath("auth-code").build();
assertThat(response.getHeaders().get("Location"), equalTo(redirectUri.toString()));
}
Also used :
AccessTokenResponse(com.nimbusds.oauth2.sdk.AccessTokenResponse)
TokenResponse(com.nimbusds.oauth2.sdk.TokenResponse)
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
HashMap(java.util.HashMap)
TokenRequest(com.nimbusds.oauth2.sdk.TokenRequest)
BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken)
Matchers.containsString(org.hamcrest.Matchers.containsString)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
AccessTokenResponse(com.nimbusds.oauth2.sdk.AccessTokenResponse)
URI(java.net.URI)
Tokens(com.nimbusds.oauth2.sdk.token.Tokens)
URIBuilder(org.apache.http.client.utils.URIBuilder)
Test(org.junit.jupiter.api.Test)
Example 24 with APIGatewayProxyResponseEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.
the class TokenHandlerTest method shouldReturn200ForRefreshTokenRequestWhenMultipleRefreshTokensAreStored.
@Test
public void shouldReturn200ForRefreshTokenRequestWhenMultipleRefreshTokensAreStored() throws JOSEException, JsonProcessingException {
SignedJWT signedRefreshToken = createSignedRefreshToken();
KeyPair keyPair = generateRsaKeyPair();
RefreshToken refreshToken = new RefreshToken(signedRefreshToken.serialize());
RefreshToken refreshToken2 = new RefreshToken();
OIDCTokenResponse tokenResponse = new OIDCTokenResponse(new OIDCTokens(accessToken, refreshToken));
PrivateKeyJWT privateKeyJWT = generatePrivateKeyJWT(keyPair.getPrivate());
ClientRegistry clientRegistry = generateClientRegistry(keyPair);
when(tokenService.validateTokenRequestParams(anyString())).thenReturn(Optional.empty());
when(clientService.getClient(eq(CLIENT_ID))).thenReturn(Optional.of(clientRegistry));
when(tokenService.validatePrivateKeyJWT(anyString(), eq(clientRegistry.getPublicKey()), eq(BASE_URI), eq(CLIENT_ID))).thenReturn(Optional.empty());
when(tokenValidationService.validateRefreshTokenSignatureAndExpiry(refreshToken)).thenReturn(true);
when(tokenValidationService.validateRefreshTokenScopes(SCOPES.toStringList(), SCOPES.toStringList())).thenReturn(true);
RefreshTokenStore tokenStore = new RefreshTokenStore(List.of(refreshToken.getValue(), refreshToken2.getValue()), INTERNAL_SUBJECT.getValue());
String redisKey = REFRESH_TOKEN_PREFIX + CLIENT_ID + "." + PUBLIC_SUBJECT.getValue();
String tokenStoreString = new ObjectMapper().writeValueAsString(tokenStore);
when(redisConnectionService.getValue(redisKey)).thenReturn(tokenStoreString);
when(tokenService.generateRefreshTokenResponse(eq(CLIENT_ID), eq(INTERNAL_SUBJECT), eq(SCOPES.toStringList()), eq(PUBLIC_SUBJECT))).thenReturn(tokenResponse);
APIGatewayProxyResponseEvent result = generateApiGatewayRefreshRequest(privateKeyJWT, refreshToken.getValue());
assertThat(result, hasStatus(200));
assertTrue(result.getBody().contains(refreshToken.getValue()));
assertTrue(result.getBody().contains(accessToken.getValue()));
String updatedTokenstore = new ObjectMapper().writeValueAsString(new RefreshTokenStore(List.of(refreshToken2.getValue()), INTERNAL_SUBJECT.getValue()));
verify(redisConnectionService, times(1)).saveWithExpiry(redisKey, updatedTokenstore, 1234L);
}
Also used :
RefreshTokenStore(uk.gov.di.authentication.shared.entity.RefreshTokenStore)
KeyPair(java.security.KeyPair)
RefreshToken(com.nimbusds.oauth2.sdk.token.RefreshToken)
OIDCTokenResponse(com.nimbusds.openid.connect.sdk.OIDCTokenResponse)
OIDCTokens(com.nimbusds.openid.connect.sdk.token.OIDCTokens)
PrivateKeyJWT(com.nimbusds.oauth2.sdk.auth.PrivateKeyJWT)
ClientRegistry(uk.gov.di.authentication.shared.entity.ClientRegistry)
SignedJWT(com.nimbusds.jwt.SignedJWT)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 25 with APIGatewayProxyResponseEvent
use of com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent in project di-authentication-api by alphagov.
the class IPVAuthorisationHandlerTest method shouldReturn200AndRedirectURIWithClaims.
@Test
void shouldReturn200AndRedirectURIWithClaims() throws JsonProcessingException, UnsupportedEncodingException {
usingValidSession();
usingValidClientSession(TEST_CLIENT_ID);
Map<String, String> headers = new HashMap<>();
headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, PERSISTENT_SESSION_ID);
headers.put("Session-Id", session.getSessionId());
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(headers);
event.setBody(format("{ \"email\": \"%s\"}", TEST_EMAIL_ADDRESS));
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
APIGatewayProxyResponseEvent response = makeHandlerRequest(event);
assertThat(response, hasStatus(200));
IPVAuthorisationResponse body = new ObjectMapper().readValue(response.getBody(), IPVAuthorisationResponse.class);
assertThat(body.getRedirectUri(), startsWith(IPV_AUTHORISATION_URI + "/authorize"));
assertThat(splitQuery(body.getRedirectUri()).get("claims"), equalTo(claimsSetRequest.toJSONString()));
verify(authorisationService).storeState(eq(session.getSessionId()), any(State.class));
}
Also used :
IPVAuthorisationResponse(uk.gov.di.authentication.ipv.entity.IPVAuthorisationResponse)
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
State(com.nimbusds.oauth2.sdk.id.State)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Test(org.junit.jupiter.api.Test)
Aggregations
APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)260
Test (org.junit.jupiter.api.Test)214
APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)182
HashMap (java.util.HashMap)56
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)43
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)30
ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)22
URI (java.net.URI)21
NotifyRequest (uk.gov.di.authentication.shared.entity.NotifyRequest)17
UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)17
Map (java.util.Map)16
ClientRegistry (uk.gov.di.authentication.shared.entity.ClientRegistry)14
ClientSession (uk.gov.di.authentication.shared.entity.ClientSession)14
Context (com.amazonaws.services.lambda.runtime.Context)13
JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)13
AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)13
NotifyRequest (uk.gov.di.accountmanagement.entity.NotifyRequest)13
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)12
Subject (com.nimbusds.oauth2.sdk.id.Subject)12
URIBuilder (org.apache.http.client.utils.URIBuilder)11
