Example 1 with AccessTokenException
use of uk.gov.di.authentication.shared.exceptions.AccessTokenException in project di-authentication-api by alphagov.
the class AccessTokenServiceTest method shouldThrowExceptionWhenTokenHasExpired.
@ParameterizedTest
@MethodSource("identityEndpoint")
void shouldThrowExceptionWhenTokenHasExpired(boolean identityEndpoint) throws JOSEException {
accessToken = createSignedExpiredAccessToken();
AccessTokenException accessTokenException = assertThrows(AccessTokenException.class, () -> validationService.parse(accessToken.toAuthorizationHeader(), identityEndpoint), "Expected to throw AccessTokenException");
assertThat(accessTokenException.getMessage(), equalTo("Invalid Access Token"));
assertThat(accessTokenException.getError(), equalTo(BearerTokenError.INVALID_TOKEN));
}
Also used :
AccessTokenException(uk.gov.di.authentication.shared.exceptions.AccessTokenException)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Example 2 with AccessTokenException
use of uk.gov.di.authentication.shared.exceptions.AccessTokenException in project di-authentication-api by alphagov.
the class AccessTokenServiceTest method shouldThrowExceptionWhenTokenSignatureIsInvalid.
@ParameterizedTest
@MethodSource("identityEndpoint")
void shouldThrowExceptionWhenTokenSignatureIsInvalid(boolean identityEndpoint) {
when(tokenValidationService.validateAccessTokenSignature(accessToken)).thenReturn(false);
AccessTokenException accessTokenException = assertThrows(AccessTokenException.class, () -> validationService.parse(accessToken.toAuthorizationHeader(), identityEndpoint), "Expected to throw AccessTokenException");
assertThat(accessTokenException.getMessage(), equalTo("Unable to validate AccessToken signature"));
assertThat(accessTokenException.getError(), equalTo(BearerTokenError.INVALID_TOKEN));
}
Also used :
AccessTokenException(uk.gov.di.authentication.shared.exceptions.AccessTokenException)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Example 3 with AccessTokenException
use of uk.gov.di.authentication.shared.exceptions.AccessTokenException in project di-authentication-api by alphagov.
the class AccessTokenServiceTest method shouldThrowExceptionWhenClientIsNotFoundInClientRegistry.
@ParameterizedTest
@MethodSource("identityEndpoint")
void shouldThrowExceptionWhenClientIsNotFoundInClientRegistry(boolean identityEndpoint) {
when(tokenValidationService.validateAccessTokenSignature(accessToken)).thenReturn(true);
when(clientService.getClient(CLIENT_ID)).thenReturn(Optional.empty());
AccessTokenException accessTokenException = assertThrows(AccessTokenException.class, () -> validationService.parse(accessToken.toAuthorizationHeader(), identityEndpoint), "Expected to throw AccessTokenException");
assertThat(accessTokenException.getMessage(), equalTo("Client not found"));
assertThat(accessTokenException.getError(), equalTo(BearerTokenError.INVALID_TOKEN));
}
Also used :
AccessTokenException(uk.gov.di.authentication.shared.exceptions.AccessTokenException)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Example 4 with AccessTokenException
use of uk.gov.di.authentication.shared.exceptions.AccessTokenException in project di-authentication-api by alphagov.
the class AccessTokenServiceTest method shouldThrowExceptionWhenAccessTokenSentIsNotTheSameAsInRedis.
@ParameterizedTest
@MethodSource("identityEndpoint")
void shouldThrowExceptionWhenAccessTokenSentIsNotTheSameAsInRedis(boolean identityEndpoint) throws JsonProcessingException {
if (identityEndpoint) {
accessToken = createSignedAccessTokenWithIdentityClaims(oidcValidClaimsRequest);
}
when(tokenValidationService.validateAccessTokenSignature(accessToken)).thenReturn(true);
when(clientService.getClient(CLIENT_ID)).thenReturn(Optional.of(generateClientRegistry(SCOPES)));
when(redisConnectionService.getValue(ACCESS_TOKEN_PREFIX + CLIENT_ID + "." + SUBJECT)).thenReturn(new ObjectMapper().writeValueAsString(new AccessTokenStore(createSignedAccessTokenWithoutIdentityClaims().getValue(), INTERNAL_SUBJECT.getValue())));
AccessTokenException accessTokenException = assertThrows(AccessTokenException.class, () -> validationService.parse(accessToken.toAuthorizationHeader(), identityEndpoint), "Expected to throw AccessTokenException");
assertThat(accessTokenException.getMessage(), equalTo("Invalid Access Token"));
assertThat(accessTokenException.getError(), equalTo(BearerTokenError.INVALID_TOKEN));
}
Also used :
AccessTokenStore(uk.gov.di.authentication.shared.entity.AccessTokenStore)
AccessTokenException(uk.gov.di.authentication.shared.exceptions.AccessTokenException)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Example 5 with AccessTokenException
use of uk.gov.di.authentication.shared.exceptions.AccessTokenException in project di-authentication-api by alphagov.
the class IdentityHandlerTest method shouldReturn401WhenBearerTokenIsNotParseable.
@Test
void shouldReturn401WhenBearerTokenIsNotParseable() throws AccessTokenException {
APIGatewayProxyRequestEvent event = new APIGatewayProxyRequestEvent();
event.setHeaders(Map.of("Authorization", "this-is-not-a-valid-token"));
AccessTokenException accessTokenException = new AccessTokenException("Unable to parse AccessToken", INVALID_TOKEN);
when(accessTokenService.parse("this-is-not-a-valid-token", true)).thenThrow(accessTokenException);
APIGatewayProxyResponseEvent result = handler.handleRequest(event, context);
assertThat(result, hasStatus(401));
assertEquals(INVALID_TOKEN_RESPONSE, result.getMultiValueHeaders());
}
Also used :
APIGatewayProxyRequestEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)
AccessTokenException(uk.gov.di.authentication.shared.exceptions.AccessTokenException)
APIGatewayProxyResponseEvent(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)
Test(org.junit.jupiter.api.Test)
Aggregations
AccessTokenException (uk.gov.di.authentication.shared.exceptions.AccessTokenException)15
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)8
MethodSource (org.junit.jupiter.params.provider.MethodSource)7
Test (org.junit.jupiter.api.Test)4
AccessTokenInfo (uk.gov.di.authentication.oidc.entity.AccessTokenInfo)4
AccessTokenStore (uk.gov.di.authentication.shared.entity.AccessTokenStore)3
APIGatewayProxyRequestEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent)2
APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)2
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2
UserInfoErrorResponse (com.nimbusds.openid.connect.sdk.UserInfoErrorResponse)2
UserInfo (com.nimbusds.openid.connect.sdk.claims.UserInfo)2
JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1
SignedJWT (com.nimbusds.jwt.SignedJWT)1
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)1
ParseException (java.text.ParseException)1
IdentityErrorResponse (uk.gov.di.authentication.oidc.entity.IdentityErrorResponse)1
IdentityResponse (uk.gov.di.authentication.oidc.entity.IdentityResponse)1
