Examples with Subject com.nimbusds.oauth2.sdk.id.Subject used on opensource projects

Example 26 with Subject

use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.

the class ResetPasswordRequestHandlerTest method shouldReturn500IfMessageCannotBeSentToQueue.

@Test
public void shouldReturn500IfMessageCannotBeSentToQueue() throws Json.JsonException {
    String persistentId = "some-persistent-id-value";
    Subject subject = new Subject("subject_1");
    when(authenticationService.getSubjectFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(subject);
    when(resetPasswordService.buildResetPasswordLink(TEST_SIX_DIGIT_CODE, session.getSessionId(), persistentId)).thenReturn(TEST_RESET_PASSWORD_LINK);
    NotifyRequest notifyRequest = new NotifyRequest(TEST_EMAIL_ADDRESS, RESET_PASSWORD, TEST_RESET_PASSWORD_LINK);
    String serialisedRequest = objectMapper.writeValueAsString(notifyRequest);
    Mockito.doThrow(SdkClientException.class).when(awsSqsClient).send(eq(serialisedRequest));
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
    headers.put("Session-Id", session.getSessionId());
    event.setHeaders(headers);
    event.setBody(format("{ \"email\": \"%s\" }", TEST_EMAIL_ADDRESS));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(500, result.getStatusCode());
    assertTrue(result.getBody().contains("Error sending message to queue"));
}

Example 27 with Subject

use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.

the class DocAppAuthorizeHandlerIntegrationTest method shouldReturn200WithValidDocAppAuthRequest.

@Test
void shouldReturn200WithValidDocAppAuthRequest() throws Json.JsonException {
    redis.addDocAppSubjectIdToClientSession(new Subject(), CLIENT_SESSION_ID);
    var response = makeRequest(Optional.empty(), constructFrontendHeaders(SESSION_ID, CLIENT_SESSION_ID, PERSISTENT_SESSION_ID), Map.of());
    assertThat(response, hasStatus(200));
    var body = objectMapper.readValue(response.getBody(), DocAppAuthorisationResponse.class);
    assertThat(body.getRedirectUri(), startsWith(configurationService.getDocAppAuthorisationURI().toString()));
    assertEventTypesReceived(auditTopic, List.of(DOC_APP_AUTHORISATION_REQUESTED));
}

Example 28 with Subject

use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.

the class DocAppCallbackHandlerIntegrationTest method setup.

@BeforeEach
void setup() throws JOSEException {
    criStub.init(privateKey);
    handler = new DocAppCallbackHandler(configurationService);
    docAppSubjectId = new Subject(ClientSubjectHelper.calculatePairwiseIdentifier(new Subject().getValue(), "https://test.com", SaltHelper.generateNewSalt()));
    clientStore.registerClient(CLIENT_ID, "test-client", singletonList(REDIRECT_URI), singletonList("contact@example.com"), singletonList("openid"), null, singletonList("http://localhost/post-redirect-logout"), "http://example.com", String.valueOf(ServiceType.MANDATORY), "https://test.com", "pairwise", true, ClientType.APP);
}

Example 29 with Subject

use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.

the class ResetPasswordRequestHandlerTest method shouldReturn200AndPutMessageOnQueueForAValidLinkFlowRequest.

@Test
void shouldReturn200AndPutMessageOnQueueForAValidLinkFlowRequest() throws Json.JsonException {
    String persistentId = "some-persistent-id-value";
    Map<String, String> headers = new HashMap<>();
    headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
    headers.put("Session-Id", session.getSessionId());
    Subject subject = new Subject("subject_1");
    when(authenticationService.getSubjectFromEmail(TEST_EMAIL_ADDRESS)).thenReturn(subject);
    when(resetPasswordService.buildResetPasswordLink(TEST_SIX_DIGIT_CODE, session.getSessionId(), persistentId)).thenReturn(TEST_RESET_PASSWORD_LINK);
    NotifyRequest notifyRequest = new NotifyRequest(TEST_EMAIL_ADDRESS, RESET_PASSWORD, TEST_RESET_PASSWORD_LINK);
    String serialisedRequest = objectMapper.writeValueAsString(notifyRequest);
    usingValidSession();
    APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
    event.setRequestContext(contextWithSourceIp("123.123.123.123"));
    event.setHeaders(headers);
    event.setBody(format("{ \"email\": \"%s\" }", TEST_EMAIL_ADDRESS));
    APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
    assertEquals(204, result.getStatusCode());
    verify(awsSqsClient).send(serialisedRequest);
    verify(codeStorageService).savePasswordResetCode(subject.getValue(), TEST_SIX_DIGIT_CODE, CODE_EXPIRY_TIME, RESET_PASSWORD);
    verify(sessionService).save(argThat(this::isSessionWithEmailSent));
    verify(auditService).submitAuditEvent(FrontendAuditableEvent.PASSWORD_RESET_REQUESTED, context.getAwsRequestId(), session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, TEST_EMAIL_ADDRESS, "123.123.123.123", AuditService.UNKNOWN, persistentId);
}

Example 30 with Subject

use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.

the class LoginHandlerTest method generateUserProfile.

private UserProfile generateUserProfile(String legacySubjectId) {
    LocalDateTime localDateTime = LocalDateTime.now();
    Date currentDateTime = Date.from(localDateTime.atZone(ZoneId.of("UTC")).toInstant());
    return new UserProfile().setEmail(EMAIL).setEmailVerified(true).setPhoneNumber(PHONE_NUMBER).setPhoneNumberVerified(true).setPublicSubjectID(new Subject().getValue()).setSubjectID(new Subject().getValue()).setLegacySubjectID(legacySubjectId).setTermsAndConditions(new TermsAndConditions("1.0", currentDateTime.toString()));
}