use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.
the class AuthnResponseFromIdpService method handleFraudResponse.
private ResponseAction handleFraudResponse(InboundResponseFromIdpDto inboundResponseFromIdpDto, SessionId sessionId, String principalIPAddressAsSeenByHub, IdpSelectedStateController idpSelectedStateController) {
FraudFromIdp fraudFromIdp = new FraudFromIdp(inboundResponseFromIdpDto.getIssuer(), principalIPAddressAsSeenByHub, new PersistentId(inboundResponseFromIdpDto.getPersistentId().get()), new FraudDetectedDetails(inboundResponseFromIdpDto.getIdpFraudEventId().get(), inboundResponseFromIdpDto.getFraudIndicator().get()), inboundResponseFromIdpDto.getPrincipalIpAddressAsSeenByIdp());
idpSelectedStateController.handleFraudResponseFromIdp(fraudFromIdp);
return other(sessionId, idpSelectedStateController.isRegistrationContext());
}
use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.
the class HubEventLoggerTest method logIdpFraudEvent_shouldLogFraudEventWithDetails.
@Test
public void logIdpFraudEvent_shouldLogFraudEventWithDetails() {
final String fraudEventId = "fraudEventId";
final String fraudIndicator = "FI02";
final FraudDetectedDetails fraudDetectedDetailsDto = aFraudDetectedDetails().withFraudEventId(fraudEventId).withFraudIndicator(fraudIndicator).build();
eventLogger.logIdpFraudEvent(SESSION_ID, IDP_ENTITY_ID, TRANSACTION_ENTITY_ID, PERSISTENT_ID, SESSION_EXPIRY_TIMESTAMP, fraudDetectedDetailsDto, Optional.of(PRINCIPAL_IP_ADDRESS_SEEN_BY_IDP), PRINCIPAL_IP_ADDRESS_SEEN_BY_HUB, REQUEST_ID);
final Map<EventDetailsKey, String> details = Maps.newHashMap();
details.put(session_event_type, FRAUD_DETECTED);
details.put(idp_entity_id, IDP_ENTITY_ID);
details.put(pid, PERSISTENT_ID.getNameId());
details.put(idp_fraud_event_id, fraudEventId);
details.put(gpg45_status, fraudIndicator);
details.put(principal_ip_address_as_seen_by_idp, PRINCIPAL_IP_ADDRESS_SEEN_BY_IDP);
details.put(principal_ip_address_as_seen_by_hub, PRINCIPAL_IP_ADDRESS_SEEN_BY_HUB);
final EventSinkHubEvent expectedEvent = createExpectedEventSinkHubEvent(details);
verify(eventSinkProxy).logHubEvent(argThat(new EventMatching(expectedEvent)));
verify(eventEmitter).record(argThat(new EventMatching(expectedEvent)));
}
use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.
the class AuthnResponseFromIdpServiceTest method verifyIdpStateControllerIsCalledWithRightDataOnFraud.
private void verifyIdpStateControllerIsCalledWithRightDataOnFraud(InboundResponseFromIdpDto fraudResponseFromIdp) {
ArgumentCaptor<FraudFromIdp> captor = ArgumentCaptor.forClass(FraudFromIdp.class);
String persistentIdName = fraudResponseFromIdp.getPersistentId().get();
FraudDetectedDetails expectedFraudDetectedDetails = new FraudDetectedDetails(fraudResponseFromIdp.getIdpFraudEventId().get(), fraudResponseFromIdp.getFraudIndicator().get());
FraudFromIdp fraudFromIdp = new FraudFromIdp(fraudResponseFromIdp.getIssuer(), samlAuthnResponseContainerDto.getPrincipalIPAddressAsSeenByHub(), new PersistentId(persistentIdName), expectedFraudDetectedDetails, fraudResponseFromIdp.getPrincipalIpAddressAsSeenByIdp());
verify(idpSelectedStateController).handleFraudResponseFromIdp(captor.capture());
FraudFromIdp actualFraudFromIdp = captor.getValue();
assertThat(actualFraudFromIdp).isEqualToIgnoringGivenFields(fraudFromIdp, "persistentId", "fraudDetectedDetails");
assertThat(actualFraudFromIdp.getPersistentId().getNameId()).isEqualTo(persistentIdName);
assertThat(actualFraudFromIdp.getFraudDetectedDetails()).isEqualToComparingFieldByField(expectedFraudDetectedDetails);
}
use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.
the class IdpSelectedStateControllerTest method handleResponseFromIfp_whenFraudHasOccurred_shouldSendFraudHubEvent.
@Test
public void handleResponseFromIfp_whenFraudHasOccurred_shouldSendFraudHubEvent() {
when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(singletonList(IDP_ENTITY_ID));
FraudDetectedDetails idpFraudDetectedDetails = new FraudDetectedDetails("id", "IT01");
FraudFromIdp fraudFromIdp = aFraudFromIdp().withIssuerId(IDP_ENTITY_ID).withFraudDetectedDetails(idpFraudDetectedDetails).withPrincipalIpAddressSeenByIdp(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP).withPrincipalIpAddressAsSeenByHub(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB).build();
controller.handleFraudResponseFromIdp(fraudFromIdp);
verify(hubEventLogger).logIdpFraudEvent(NEW_SESSION_ID, IDP_ENTITY_ID, TRANSACTION_ENTITY_ID, fraudFromIdp.getPersistentId(), SESSION_EXPIRY_TIMESTAMP, idpFraudDetectedDetails, Optional.fromNullable(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP), PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB, REQUEST_ID);
}
use of uk.gov.ida.hub.policy.domain.FraudDetectedDetails in project verify-hub by alphagov.
the class IdpSelectedStateControllerTest method handleResponseFromIdp_shouldTransitionToAuthnFailedStateWhenFraudHasOccurred.
@Test
public void handleResponseFromIdp_shouldTransitionToAuthnFailedStateWhenFraudHasOccurred() {
when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(singletonList(IDP_ENTITY_ID));
FraudFromIdp fraudFromIdp = aFraudFromIdp().withIssuerId(IDP_ENTITY_ID).withFraudDetectedDetails(new FraudDetectedDetails("id", "IT01")).build();
controller.handleFraudResponseFromIdp(fraudFromIdp);
ArgumentCaptor<State> stateArgumentCaptor = ArgumentCaptor.forClass(State.class);
verify(stateTransitionAction).transitionTo(stateArgumentCaptor.capture());
assertThat(stateArgumentCaptor.getValue()).isInstanceOf(FraudEventDetectedState.class);
}
Aggregations