Search in sources :

Example 1 with FraudDetectedDetails

use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.

the class AuthnResponseFromIdpService method handleFraudResponse.

private ResponseAction handleFraudResponse(InboundResponseFromIdpDto inboundResponseFromIdpDto, SessionId sessionId, String principalIPAddressAsSeenByHub, IdpSelectedStateController idpSelectedStateController) {
    FraudFromIdp fraudFromIdp = new FraudFromIdp(inboundResponseFromIdpDto.getIssuer(), principalIPAddressAsSeenByHub, new PersistentId(inboundResponseFromIdpDto.getPersistentId().get()), new FraudDetectedDetails(inboundResponseFromIdpDto.getIdpFraudEventId().get(), inboundResponseFromIdpDto.getFraudIndicator().get()), inboundResponseFromIdpDto.getPrincipalIpAddressAsSeenByIdp());
    idpSelectedStateController.handleFraudResponseFromIdp(fraudFromIdp);
    return other(sessionId, idpSelectedStateController.isRegistrationContext());
}
Also used : FraudFromIdp(uk.gov.ida.hub.policy.domain.FraudFromIdp) FraudDetectedDetails(uk.gov.ida.hub.policy.domain.FraudDetectedDetails) PersistentId(uk.gov.ida.hub.policy.domain.PersistentId)

Example 2 with FraudDetectedDetails

use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.

the class HubEventLoggerTest method logIdpFraudEvent_shouldLogFraudEventWithDetails.

@Test
public void logIdpFraudEvent_shouldLogFraudEventWithDetails() {
    final String fraudEventId = "fraudEventId";
    final String fraudIndicator = "FI02";
    final FraudDetectedDetails fraudDetectedDetailsDto = aFraudDetectedDetails().withFraudEventId(fraudEventId).withFraudIndicator(fraudIndicator).build();
    eventLogger.logIdpFraudEvent(SESSION_ID, IDP_ENTITY_ID, TRANSACTION_ENTITY_ID, PERSISTENT_ID, SESSION_EXPIRY_TIMESTAMP, fraudDetectedDetailsDto, Optional.of(PRINCIPAL_IP_ADDRESS_SEEN_BY_IDP), PRINCIPAL_IP_ADDRESS_SEEN_BY_HUB, REQUEST_ID);
    final Map<EventDetailsKey, String> details = Maps.newHashMap();
    details.put(session_event_type, FRAUD_DETECTED);
    details.put(idp_entity_id, IDP_ENTITY_ID);
    details.put(pid, PERSISTENT_ID.getNameId());
    details.put(idp_fraud_event_id, fraudEventId);
    details.put(gpg45_status, fraudIndicator);
    details.put(principal_ip_address_as_seen_by_idp, PRINCIPAL_IP_ADDRESS_SEEN_BY_IDP);
    details.put(principal_ip_address_as_seen_by_hub, PRINCIPAL_IP_ADDRESS_SEEN_BY_HUB);
    final EventSinkHubEvent expectedEvent = createExpectedEventSinkHubEvent(details);
    verify(eventSinkProxy).logHubEvent(argThat(new EventMatching(expectedEvent)));
    verify(eventEmitter).record(argThat(new EventMatching(expectedEvent)));
}
Also used : EventDetailsKey(uk.gov.ida.eventsink.EventDetailsKey) FraudDetectedDetailsBuilder.aFraudDetectedDetails(uk.gov.ida.hub.policy.builder.domain.FraudDetectedDetailsBuilder.aFraudDetectedDetails) FraudDetectedDetails(uk.gov.ida.hub.policy.domain.FraudDetectedDetails) EventSinkHubEvent(uk.gov.ida.hub.policy.domain.EventSinkHubEvent) Test(org.junit.Test)

Example 3 with FraudDetectedDetails

use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method verifyIdpStateControllerIsCalledWithRightDataOnFraud.

private void verifyIdpStateControllerIsCalledWithRightDataOnFraud(InboundResponseFromIdpDto fraudResponseFromIdp) {
    ArgumentCaptor<FraudFromIdp> captor = ArgumentCaptor.forClass(FraudFromIdp.class);
    String persistentIdName = fraudResponseFromIdp.getPersistentId().get();
    FraudDetectedDetails expectedFraudDetectedDetails = new FraudDetectedDetails(fraudResponseFromIdp.getIdpFraudEventId().get(), fraudResponseFromIdp.getFraudIndicator().get());
    FraudFromIdp fraudFromIdp = new FraudFromIdp(fraudResponseFromIdp.getIssuer(), samlAuthnResponseContainerDto.getPrincipalIPAddressAsSeenByHub(), new PersistentId(persistentIdName), expectedFraudDetectedDetails, fraudResponseFromIdp.getPrincipalIpAddressAsSeenByIdp());
    verify(idpSelectedStateController).handleFraudResponseFromIdp(captor.capture());
    FraudFromIdp actualFraudFromIdp = captor.getValue();
    assertThat(actualFraudFromIdp).isEqualToIgnoringGivenFields(fraudFromIdp, "persistentId", "fraudDetectedDetails");
    assertThat(actualFraudFromIdp.getPersistentId().getNameId()).isEqualTo(persistentIdName);
    assertThat(actualFraudFromIdp.getFraudDetectedDetails()).isEqualToComparingFieldByField(expectedFraudDetectedDetails);
}
Also used : FraudFromIdp(uk.gov.ida.hub.policy.domain.FraudFromIdp) FraudDetectedDetails(uk.gov.ida.hub.policy.domain.FraudDetectedDetails) PersistentId(uk.gov.ida.hub.policy.domain.PersistentId)

Example 4 with FraudDetectedDetails

use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.

the class IdpSelectedStateControllerTest method handleResponseFromIfp_whenFraudHasOccurred_shouldSendFraudHubEvent.

@Test
public void handleResponseFromIfp_whenFraudHasOccurred_shouldSendFraudHubEvent() {
    when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(singletonList(IDP_ENTITY_ID));
    FraudDetectedDetails idpFraudDetectedDetails = new FraudDetectedDetails("id", "IT01");
    FraudFromIdp fraudFromIdp = aFraudFromIdp().withIssuerId(IDP_ENTITY_ID).withFraudDetectedDetails(idpFraudDetectedDetails).withPrincipalIpAddressSeenByIdp(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP).withPrincipalIpAddressAsSeenByHub(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB).build();
    controller.handleFraudResponseFromIdp(fraudFromIdp);
    verify(hubEventLogger).logIdpFraudEvent(NEW_SESSION_ID, IDP_ENTITY_ID, TRANSACTION_ENTITY_ID, fraudFromIdp.getPersistentId(), SESSION_EXPIRY_TIMESTAMP, idpFraudDetectedDetails, Optional.fromNullable(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP), PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB, REQUEST_ID);
}
Also used : FraudFromIdpBuilder.aFraudFromIdp(uk.gov.ida.hub.policy.builder.domain.FraudFromIdpBuilder.aFraudFromIdp) FraudFromIdp(uk.gov.ida.hub.policy.domain.FraudFromIdp) FraudDetectedDetails(uk.gov.ida.hub.policy.domain.FraudDetectedDetails) Test(org.junit.Test)

Example 5 with FraudDetectedDetails

use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.

the class IdpSelectedStateControllerTest method handleResponseFromIdp_shouldTransitionToAuthnFailedStateWhenFraudHasOccurred.

@Test
public void handleResponseFromIdp_shouldTransitionToAuthnFailedStateWhenFraudHasOccurred() {
    when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(singletonList(IDP_ENTITY_ID));
    FraudFromIdp fraudFromIdp = aFraudFromIdp().withIssuerId(IDP_ENTITY_ID).withFraudDetectedDetails(new FraudDetectedDetails("id", "IT01")).build();
    controller.handleFraudResponseFromIdp(fraudFromIdp);
    ArgumentCaptor<State> stateArgumentCaptor = ArgumentCaptor.forClass(State.class);
    verify(stateTransitionAction).transitionTo(stateArgumentCaptor.capture());
    assertThat(stateArgumentCaptor.getValue()).isInstanceOf(FraudEventDetectedState.class);
}
Also used : FraudFromIdpBuilder.aFraudFromIdp(uk.gov.ida.hub.policy.builder.domain.FraudFromIdpBuilder.aFraudFromIdp) FraudFromIdp(uk.gov.ida.hub.policy.domain.FraudFromIdp) State(uk.gov.ida.hub.policy.domain.State) AuthnFailedErrorState(uk.gov.ida.hub.policy.domain.state.AuthnFailedErrorState) Cycle0And1MatchRequestSentState(uk.gov.ida.hub.policy.domain.state.Cycle0And1MatchRequestSentState) IdpSelectedState(uk.gov.ida.hub.policy.domain.state.IdpSelectedState) FraudEventDetectedState(uk.gov.ida.hub.policy.domain.state.FraudEventDetectedState) IdpSelectedStateBuilder.anIdpSelectedState(uk.gov.ida.hub.policy.builder.state.IdpSelectedStateBuilder.anIdpSelectedState) PausedRegistrationState(uk.gov.ida.hub.policy.domain.state.PausedRegistrationState) SessionStartedState(uk.gov.ida.hub.policy.domain.state.SessionStartedState) FraudDetectedDetails(uk.gov.ida.hub.policy.domain.FraudDetectedDetails) Test(org.junit.Test)

Aggregations

FraudDetectedDetails (uk.gov.ida.hub.policy.domain.FraudDetectedDetails)5 FraudFromIdp (uk.gov.ida.hub.policy.domain.FraudFromIdp)4 Test (org.junit.Test)3 FraudFromIdpBuilder.aFraudFromIdp (uk.gov.ida.hub.policy.builder.domain.FraudFromIdpBuilder.aFraudFromIdp)2 PersistentId (uk.gov.ida.hub.policy.domain.PersistentId)2 EventDetailsKey (uk.gov.ida.eventsink.EventDetailsKey)1 FraudDetectedDetailsBuilder.aFraudDetectedDetails (uk.gov.ida.hub.policy.builder.domain.FraudDetectedDetailsBuilder.aFraudDetectedDetails)1 IdpSelectedStateBuilder.anIdpSelectedState (uk.gov.ida.hub.policy.builder.state.IdpSelectedStateBuilder.anIdpSelectedState)1 EventSinkHubEvent (uk.gov.ida.hub.policy.domain.EventSinkHubEvent)1 State (uk.gov.ida.hub.policy.domain.State)1 AuthnFailedErrorState (uk.gov.ida.hub.policy.domain.state.AuthnFailedErrorState)1 Cycle0And1MatchRequestSentState (uk.gov.ida.hub.policy.domain.state.Cycle0And1MatchRequestSentState)1 FraudEventDetectedState (uk.gov.ida.hub.policy.domain.state.FraudEventDetectedState)1 IdpSelectedState (uk.gov.ida.hub.policy.domain.state.IdpSelectedState)1 PausedRegistrationState (uk.gov.ida.hub.policy.domain.state.PausedRegistrationState)1 SessionStartedState (uk.gov.ida.hub.policy.domain.state.SessionStartedState)1