Example 1 with CheckUserExistsResponse
use of uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse in project di-authentication-api by alphagov.
the class CheckUserExistsHandlerTest method shouldReturn200IfUserTransitionsFromUserNotFoundAndUserDoesNotExist.
@Test
public void shouldReturn200IfUserTransitionsFromUserNotFoundAndUserDoesNotExist() throws JsonProcessingException {
usingValidSession();
when(authenticationService.userExists(eq("joe.bloggs"))).thenReturn(false);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody("{ \"email\": \"joe.bloggs\" }");
event.setHeaders(Map.of("Session-Id", session.getSessionId()));
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(200, result.getStatusCode());
CheckUserExistsResponse checkUserExistsResponse = objectMapper.readValue(result.getBody(), CheckUserExistsResponse.class);
assertEquals("joe.bloggs", checkUserExistsResponse.getEmail());
assertFalse(checkUserExistsResponse.doesUserExist());
verify(auditService).submitAuditEvent(FrontendAuditableEvent.CHECK_USER_NO_ACCOUNT_WITH_EMAIL, "aws-session-id", session.getSessionId(), "", auditService.UNKNOWN, "joe.bloggs", "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
CheckUserExistsResponse(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Test(org.junit.jupiter.api.Test)
Example 2 with CheckUserExistsResponse
use of uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse in project di-authentication-api by alphagov.
the class CheckUserExistsHandler method handleRequestWithUserContext.
@Override
public APIGatewayProxyResponseEvent handleRequestWithUserContext(APIGatewayProxyRequestEvent input, Context context, CheckUserExistsRequest request, UserContext userContext) {
attachSessionIdToLogs(userContext.getSession());
attachLogFieldToLogs(PERSISTENT_SESSION_ID, extractPersistentIdFromHeaders(input.getHeaders()));
attachLogFieldToLogs(CLIENT_ID, userContext.getClient().map(ClientRegistry::getClientID).orElse("unknown"));
try {
LOG.info("Processing request");
String emailAddress = request.getEmail().toLowerCase();
Optional<ErrorResponse> errorResponse = ValidationHelper.validateEmailAddress(emailAddress);
String persistentSessionId = PersistentIdHelper.extractPersistentIdFromHeaders(input.getHeaders());
if (errorResponse.isPresent()) {
auditService.submitAuditEvent(FrontendAuditableEvent.CHECK_USER_INVALID_EMAIL, context.getAwsRequestId(), userContext.getSession().getSessionId(), userContext.getClient().map(ClientRegistry::getClientID).orElse(AuditService.UNKNOWN), AuditService.UNKNOWN, emailAddress, IpAddressHelper.extractIpAddress(input), AuditService.UNKNOWN, persistentSessionId);
return generateApiGatewayProxyErrorResponse(400, errorResponse.get());
}
boolean userExists = authenticationService.userExists(emailAddress);
userContext.getSession().setEmailAddress(emailAddress);
AuditableEvent auditableEvent;
if (userExists) {
auditableEvent = FrontendAuditableEvent.CHECK_USER_KNOWN_EMAIL;
} else {
auditableEvent = FrontendAuditableEvent.CHECK_USER_NO_ACCOUNT_WITH_EMAIL;
}
auditService.submitAuditEvent(auditableEvent, context.getAwsRequestId(), userContext.getSession().getSessionId(), userContext.getClient().map(ClientRegistry::getClientID).orElse(AuditService.UNKNOWN), AuditService.UNKNOWN, emailAddress, IpAddressHelper.extractIpAddress(input), AuditService.UNKNOWN, persistentSessionId);
CheckUserExistsResponse checkUserExistsResponse = new CheckUserExistsResponse(emailAddress, userExists);
sessionService.save(userContext.getSession());
LOG.info("Successfully processed request");
return generateApiGatewayProxyResponse(200, checkUserExistsResponse);
} catch (JsonException e) {
return generateApiGatewayProxyErrorResponse(400, ErrorResponse.ERROR_1001);
}
}
Also used :
JsonException(uk.gov.di.authentication.shared.serialization.Json.JsonException)
CheckUserExistsResponse(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse)
ClientRegistry(uk.gov.di.authentication.shared.entity.ClientRegistry)
ErrorResponse(uk.gov.di.authentication.shared.entity.ErrorResponse)
ApiGatewayResponseHelper.generateApiGatewayProxyErrorResponse(uk.gov.di.authentication.shared.helpers.ApiGatewayResponseHelper.generateApiGatewayProxyErrorResponse)
FrontendAuditableEvent(uk.gov.di.authentication.frontendapi.domain.FrontendAuditableEvent)
AuditableEvent(uk.gov.di.authentication.shared.domain.AuditableEvent)
Example 3 with CheckUserExistsResponse
use of uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse in project di-authentication-api by alphagov.
the class CheckUserExistsHandlerTest method shouldReturn200IfUserDoesNotExist.
@Test
void shouldReturn200IfUserDoesNotExist() throws JsonProcessingException, Json.JsonException {
usingValidSession();
when(authenticationService.userExists(eq("joe.bloggs@digital.cabinet-office.gov.uk"))).thenReturn(false);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody("{ \"email\": \"joe.bloggs@digital.cabinet-office.gov.uk\" }");
event.setHeaders(Map.of("Session-Id", session.getSessionId()));
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(200, result.getStatusCode());
CheckUserExistsResponse checkUserExistsResponse = objectMapper.readValue(result.getBody(), CheckUserExistsResponse.class);
assertEquals("joe.bloggs@digital.cabinet-office.gov.uk", checkUserExistsResponse.getEmail());
assertFalse(checkUserExistsResponse.doesUserExist());
verify(auditService).submitAuditEvent(FrontendAuditableEvent.CHECK_USER_NO_ACCOUNT_WITH_EMAIL, "aws-session-id", session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, "joe.bloggs@digital.cabinet-office.gov.uk", "123.123.123.123", AuditService.UNKNOWN, PersistentIdHelper.PERSISTENT_ID_UNKNOWN_VALUE);
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
CheckUserExistsResponse(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Test(org.junit.jupiter.api.Test)
Example 4 with CheckUserExistsResponse
use of uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse in project di-authentication-api by alphagov.
the class CheckUserExistsHandlerTest method shouldReturn200IfUserExists.
@Test
void shouldReturn200IfUserExists() throws JsonProcessingException, Json.JsonException {
usingValidSession();
String persistentId = "some-persistent-id-value";
Map<String, String> headers = new HashMap<>();
headers.put(PersistentIdHelper.PERSISTENT_ID_HEADER_NAME, persistentId);
headers.put("Session-Id", session.getSessionId());
when(authenticationService.userExists(eq("joe.bloggs@digital.cabinet-office.gov.uk"))).thenReturn(true);
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setBody("{ \"email\": \"joe.bloggs@digital.cabinet-office.gov.uk\" }");
event.setHeaders(headers);
event.setRequestContext(contextWithSourceIp("123.123.123.123"));
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertEquals(200, result.getStatusCode());
CheckUserExistsResponse checkUserExistsResponse = objectMapper.readValue(result.getBody(), CheckUserExistsResponse.class);
assertEquals("joe.bloggs@digital.cabinet-office.gov.uk", checkUserExistsResponse.getEmail());
assertTrue(checkUserExistsResponse.doesUserExist());
verify(auditService).submitAuditEvent(FrontendAuditableEvent.CHECK_USER_KNOWN_EMAIL, "aws-session-id", session.getSessionId(), AuditService.UNKNOWN, AuditService.UNKNOWN, "joe.bloggs@digital.cabinet-office.gov.uk", "123.123.123.123", AuditService.UNKNOWN, persistentId);
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
HashMap(java.util.HashMap)
CheckUserExistsResponse(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Test(org.junit.jupiter.api.Test)
Example 5 with CheckUserExistsResponse
use of uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse in project di-authentication-api by alphagov.
the class UserExistsIntegrationTest method shouldCallUserExistsEndpointAndReturnUserNotFoundStateWhenUserDoesNotExist.
@Test
public void shouldCallUserExistsEndpointAndReturnUserNotFoundStateWhenUserDoesNotExist() throws IOException, Json.JsonException {
String emailAddress = "joe.bloggs+2@digital.cabinet-office.gov.uk";
String sessionId = redis.createSession();
BaseFrontendRequest request = new CheckUserExistsRequest(emailAddress);
var response = makeRequest(Optional.of(request), constructFrontendHeaders(sessionId), Map.of());
assertThat(response, hasStatus(200));
CheckUserExistsResponse checkUserExistsResponse = objectMapper.readValue(response.getBody(), CheckUserExistsResponse.class);
assertThat(checkUserExistsResponse.getEmail(), equalTo(emailAddress));
assertFalse(checkUserExistsResponse.doesUserExist());
assertEventTypesReceived(auditTopic, List.of(CHECK_USER_NO_ACCOUNT_WITH_EMAIL));
}
Also used :
CheckUserExistsResponse(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse)
BaseFrontendRequest(uk.gov.di.authentication.shared.entity.BaseFrontendRequest)
CheckUserExistsRequest(uk.gov.di.authentication.frontendapi.entity.CheckUserExistsRequest)
Test(org.junit.jupiter.api.Test)
ApiGatewayHandlerIntegrationTest(uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)
Aggregations
CheckUserExistsResponse (uk.gov.di.authentication.frontendapi.entity.CheckUserExistsResponse)6
Test (org.junit.jupiter.api.Test)5
APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)3
APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)3
CheckUserExistsRequest (uk.gov.di.authentication.frontendapi.entity.CheckUserExistsRequest)2
ApiGatewayHandlerIntegrationTest (uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)2
HashMap (java.util.HashMap)1
FrontendAuditableEvent (uk.gov.di.authentication.frontendapi.domain.FrontendAuditableEvent)1
AuditableEvent (uk.gov.di.authentication.shared.domain.AuditableEvent)1
BaseFrontendRequest (uk.gov.di.authentication.shared.entity.BaseFrontendRequest)1
ClientRegistry (uk.gov.di.authentication.shared.entity.ClientRegistry)1
ErrorResponse (uk.gov.di.authentication.shared.entity.ErrorResponse)1
ApiGatewayResponseHelper.generateApiGatewayProxyErrorResponse (uk.gov.di.authentication.shared.helpers.ApiGatewayResponseHelper.generateApiGatewayProxyErrorResponse)1
JsonException (uk.gov.di.authentication.shared.serialization.Json.JsonException)1
