Example 36 with Subject
use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.
the class RemoveAccountIntegrationTest method shouldRemoveAccountAndReturn204WhenUserExists.
@Test
public void shouldRemoveAccountAndReturn204WhenUserExists() {
String email = "joe.bloggs+3@digital.cabinet-office.gov.uk";
String password = "password-1";
Subject subject = new Subject();
String subjectId = userStore.signUp(email, password, subject);
var response = makeRequest(Optional.of(new RemoveAccountRequest(email)), Collections.emptyMap(), Collections.emptyMap(), Collections.emptyMap(), Map.of("principalId", subjectId));
assertThat(response, hasStatus(HttpStatus.SC_NO_CONTENT));
assertFalse(userStore.userExists(email));
assertEventTypesReceived(auditTopic, List.of(DELETE_ACCOUNT));
}
Also used :
RemoveAccountRequest(uk.gov.di.accountmanagement.entity.RemoveAccountRequest)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Test(org.junit.jupiter.api.Test)
ApiGatewayHandlerIntegrationTest(uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)
Example 37 with Subject
use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.
the class UpdateEmailIntegrationTest method shouldThrowExceptionWhenUserAttemptsToUpdateDifferentAccount.
@Test
void shouldThrowExceptionWhenUserAttemptsToUpdateDifferentAccount() {
String correctSubjectID = userStore.signUp(EXISTING_EMAIL_ADDRESS, "password-1", SUBJECT);
String otherSubjectID = userStore.signUp("other.user@digital.cabinet-office.gov.uk", "password-2", new Subject());
String otp = redis.generateAndSaveEmailCode(NEW_EMAIL_ADDRESS, 300);
Exception ex = assertThrows(RuntimeException.class, () -> makeRequest(Optional.of(new UpdateEmailRequest(EXISTING_EMAIL_ADDRESS, NEW_EMAIL_ADDRESS, otp)), Collections.emptyMap(), Collections.emptyMap(), Collections.emptyMap(), Map.of("principalId", otherSubjectID)));
assertThat(ex.getMessage(), is("Subject ID does not match principalId"));
}
Also used :
UpdateEmailRequest(uk.gov.di.accountmanagement.entity.UpdateEmailRequest)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Test(org.junit.jupiter.api.Test)
ApiGatewayHandlerIntegrationTest(uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)
Example 38 with Subject
use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.
the class UpdatePasswordIntegrationTest method shouldThrowExceptionWhenUserAttemptsToUpdateDifferentAccount.
@Test
void shouldThrowExceptionWhenUserAttemptsToUpdateDifferentAccount() {
String correctSubjectID = userStore.signUp(TEST_EMAIL, "password-1", SUBJECT);
String otherSubjectID = userStore.signUp("other.user@digital.cabinet-office.gov.uk", "password-2", new Subject());
Exception ex = assertThrows(RuntimeException.class, () -> makeRequest(Optional.of(new UpdatePasswordRequest(TEST_EMAIL, "password-2")), Collections.emptyMap(), Collections.emptyMap(), Collections.emptyMap(), Map.of("principalId", otherSubjectID)));
assertThat(ex.getMessage(), is("Subject ID does not match principalId"));
}
Also used :
UpdatePasswordRequest(uk.gov.di.accountmanagement.entity.UpdatePasswordRequest)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Test(org.junit.jupiter.api.Test)
ApiGatewayHandlerIntegrationTest(uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)
Example 39 with Subject
use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.
the class LogoutIntegrationTest method setupClientAndSession.
private SignedJWT setupClientAndSession(String sessionId, String clientSessionId) throws ParseException, Json.JsonException {
Nonce nonce = new Nonce();
Date expiryDate = NowHelper.nowPlus(10, ChronoUnit.MINUTES);
IDTokenClaimsSet idTokenClaims = new IDTokenClaimsSet(new Issuer(BASE_URL), new Subject(), List.of(new Audience("client-id")), expiryDate, new Date());
idTokenClaims.setNonce(nonce);
SignedJWT signedJWT = tokenSigner.signJwt(idTokenClaims.toJWTClaimsSet());
redis.createSession(sessionId);
redis.addAuthRequestToSession(clientSessionId, sessionId, generateAuthRequest(nonce).toParameters());
redis.addIDTokenToSession(clientSessionId, signedJWT.serialize());
clientStore.registerClient("client-id", "client-name", singletonList("http://localhost:8080/redirect"), singletonList("client-1"), singletonList("openid"), "public-key", singletonList(REDIRECT_URL), "http://example.com", String.valueOf(ServiceType.MANDATORY), "https://test.com", "public", true);
return signedJWT;
}
Also used :
Nonce(com.nimbusds.openid.connect.sdk.Nonce)
Issuer(com.nimbusds.oauth2.sdk.id.Issuer)
Audience(com.nimbusds.oauth2.sdk.id.Audience)
IDTokenClaimsSet(com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet)
SignedJWT(com.nimbusds.jwt.SignedJWT)
Date(java.util.Date)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Example 40 with Subject
use of com.nimbusds.oauth2.sdk.id.Subject in project di-authentication-api by alphagov.
the class ResetPasswordIntegrationTest method shouldUpdatePasswordAndReturn204ForRequestWithCode.
@Test
public void shouldUpdatePasswordAndReturn204ForRequestWithCode() throws Json.JsonException {
String subject = "new-subject";
String sessionId = redis.createSession();
userStore.signUp(EMAIL_ADDRESS, "password-1", new Subject(subject));
redis.generateAndSavePasswordResetCode(subject, CODE, 900l);
var response = makeRequest(Optional.of(new ResetPasswordCompletionRequest(CODE, PASSWORD)), constructFrontendHeaders(sessionId), Map.of());
assertThat(response, hasStatus(204));
List<NotifyRequest> requests = notificationsQueue.getMessages(NotifyRequest.class);
assertThat(requests, hasSize(1));
assertThat(requests.get(0).getDestination(), equalTo(EMAIL_ADDRESS));
assertThat(requests.get(0).getNotificationType(), equalTo(PASSWORD_RESET_CONFIRMATION));
assertEventTypesReceived(auditTopic, List.of(PASSWORD_RESET_SUCCESSFUL));
}
Also used :
NotifyRequest(uk.gov.di.authentication.shared.entity.NotifyRequest)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
ResetPasswordCompletionRequest(uk.gov.di.authentication.frontendapi.entity.ResetPasswordCompletionRequest)
Test(org.junit.jupiter.api.Test)
ApiGatewayHandlerIntegrationTest(uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)
Aggregations
Subject (com.nimbusds.oauth2.sdk.id.Subject)59
Test (org.junit.jupiter.api.Test)36
SignedJWT (com.nimbusds.jwt.SignedJWT)22
Date (java.util.Date)22
ApiGatewayHandlerIntegrationTest (uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)19
UserProfile (uk.gov.di.authentication.shared.entity.UserProfile)18
KeyPair (java.security.KeyPair)16
BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)15
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)13
ParseException (com.nimbusds.oauth2.sdk.ParseException)12
Scope (com.nimbusds.oauth2.sdk.Scope)12
APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)11
APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)11
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)10
ECKeyGenerator (com.nimbusds.jose.jwk.gen.ECKeyGenerator)9
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)9
ECDSASigner (com.nimbusds.jose.crypto.ECDSASigner)8
Issuer (com.nimbusds.oauth2.sdk.id.Issuer)8
IDTokenClaimsSet (com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet)8
LocalDateTime (java.time.LocalDateTime)8
