Search in sources :

Example 1 with InboundResponseFromIdpDto

use of uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method shouldOnlyUpdateSessionStateWhenANonFraudRequesterErrorResponseIsReceived.

@Test
public void shouldOnlyUpdateSessionStateWhenANonFraudRequesterErrorResponseIsReceived() {
    // Given
    stub(idpSelectedStateController.isRegistrationContext()).toReturn(REGISTERING);
    InboundResponseFromIdpDto requesterErrorResponse = InboundResponseFromIdpDtoBuilder.errorResponse(UUID.randomUUID().toString(), IdpIdaStatus.Status.RequesterError);
    stub(samlEngineProxy.translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class))).toReturn(requesterErrorResponse);
    // When
    ResponseAction responseAction = service.receiveAuthnResponseFromIdp(sessionId, samlAuthnResponseContainerDto);
    // Then
    verify(samlEngineProxy).translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class));
    verify(idpSelectedStateController).handleRequesterErrorResponseFromIdp(any(RequesterErrorResponse.class));
    ResponseAction expectedResponseAction = ResponseAction.other(sessionId, REGISTERING);
    assertThat(responseAction).isEqualToComparingFieldByField(expectedResponseAction);
    verifyIdpStateControllerIsCalledWithRightDataOnNonFraudRequesterError(requesterErrorResponse);
}
Also used : InboundResponseFromIdpDto(uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto) RequesterErrorResponseBuilder.aRequesterErrorResponse(uk.gov.ida.hub.policy.builder.domain.RequesterErrorResponseBuilder.aRequesterErrorResponse) RequesterErrorResponse(uk.gov.ida.hub.policy.domain.RequesterErrorResponse) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.Test)

Example 2 with InboundResponseFromIdpDto

use of uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method shouldOnlyUpdateSessionStateWhenANonFraudRequesterPendingResponseIsReceived.

@Test
public void shouldOnlyUpdateSessionStateWhenANonFraudRequesterPendingResponseIsReceived() {
    // Given
    String entityId = UUID.randomUUID().toString();
    InboundResponseFromIdpDto authnPendingResponse = InboundResponseFromIdpDtoBuilder.authnPendingResponse(entityId);
    stub(samlEngineProxy.translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class))).toReturn(authnPendingResponse);
    // When
    ResponseAction responseAction = service.receiveAuthnResponseFromIdp(sessionId, samlAuthnResponseContainerDto);
    // Then
    verify(idpSelectedStateController).handlePausedRegistrationResponseFromIdp(entityId, PRINCIPAL_IP_ADDRESS, authnPendingResponse.getLevelOfAssurance().toJavaUtil());
    ResponseAction expectedResponseAction = ResponseAction.pending(sessionId);
    assertThat(responseAction).isEqualToComparingFieldByField(expectedResponseAction);
}
Also used : InboundResponseFromIdpDto(uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.Test)

Example 3 with InboundResponseFromIdpDto

use of uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method mapAuthnCancelResponseFromIDP.

@Test
public void mapAuthnCancelResponseFromIDP() {
    // Given
    final boolean isRegistration = true;
    stub(idpSelectedStateController.isRegistrationContext()).toReturn(isRegistration);
    InboundResponseFromIdpDto noAuthenticationContextResponse = InboundResponseFromIdpDtoBuilder.errorResponse(UUID.randomUUID().toString(), IdpIdaStatus.Status.AuthenticationCancelled);
    stub(samlEngineProxy.translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class))).toReturn(noAuthenticationContextResponse);
    // When
    ResponseAction responseAction = service.receiveAuthnResponseFromIdp(sessionId, samlAuthnResponseContainerDto);
    // Then
    verify(samlEngineProxy).translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class));
    verifyNoMoreInteractions(samlEngineProxy);
    verify(idpSelectedStateController).handleNoAuthenticationContextResponseFromIdp(any(AuthenticationErrorResponse.class));
    ResponseAction expectedResponseAction = ResponseAction.cancel(sessionId, isRegistration);
    assertThat(responseAction).isEqualToComparingFieldByField(expectedResponseAction);
    verifyIdpStateControllerIsCalledWithRightDataOnNonFraudNoAuthenticationContext(noAuthenticationContextResponse);
}
Also used : InboundResponseFromIdpDto(uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto) AuthenticationErrorResponse(uk.gov.ida.hub.policy.domain.AuthenticationErrorResponse) AuthenticationErrorResponseBuilder.anAuthenticationErrorResponse(uk.gov.ida.hub.policy.builder.domain.AuthenticationErrorResponseBuilder.anAuthenticationErrorResponse) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.Test)

Example 4 with InboundResponseFromIdpDto

use of uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method shouldOnlyUpdateSessionStateWhenAFraudSuccessfulResponseIsReceived.

@Test
public void shouldOnlyUpdateSessionStateWhenAFraudSuccessfulResponseIsReceived() {
    // Given
    stub(idpSelectedStateController.isRegistrationContext()).toReturn(REGISTERING);
    InboundResponseFromIdpDto fraudResponseFromIdp = InboundResponseFromIdpDtoBuilder.fraudResponse(UUID.randomUUID().toString());
    stub(samlEngineProxy.translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class))).toReturn(fraudResponseFromIdp);
    // When
    ResponseAction responseAction = service.receiveAuthnResponseFromIdp(sessionId, samlAuthnResponseContainerDto);
    // Then
    verify(samlEngineProxy).translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class));
    ResponseAction expectedResponseAction = ResponseAction.other(sessionId, REGISTERING);
    assertThat(responseAction).isEqualToComparingFieldByField(expectedResponseAction);
    verifyIdpStateControllerIsCalledWithRightDataOnFraud(fraudResponseFromIdp);
}
Also used : InboundResponseFromIdpDto(uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.Test)

Example 5 with InboundResponseFromIdpDto

use of uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method mapAuthnContextResponseFromIdpAsOther.

@Test
public void mapAuthnContextResponseFromIdpAsOther() {
    // Given
    final boolean isRegistration = true;
    stub(idpSelectedStateController.isRegistrationContext()).toReturn(isRegistration);
    InboundResponseFromIdpDto noAuthenticationContextResponse = InboundResponseFromIdpDtoBuilder.errorResponse(UUID.randomUUID().toString(), IdpIdaStatus.Status.NoAuthenticationContext);
    stub(samlEngineProxy.translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class))).toReturn(noAuthenticationContextResponse);
    // When
    ResponseAction responseAction = service.receiveAuthnResponseFromIdp(sessionId, samlAuthnResponseContainerDto);
    // Then
    verify(samlEngineProxy).translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class));
    verifyNoMoreInteractions(samlEngineProxy);
    verify(idpSelectedStateController).handleNoAuthenticationContextResponseFromIdp(any(AuthenticationErrorResponse.class));
    ResponseAction expectedResponseAction = ResponseAction.other(sessionId, isRegistration);
    assertThat(responseAction).isEqualToComparingFieldByField(expectedResponseAction);
    verifyIdpStateControllerIsCalledWithRightDataOnNonFraudNoAuthenticationContext(noAuthenticationContextResponse);
}
Also used : InboundResponseFromIdpDto(uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto) AuthenticationErrorResponse(uk.gov.ida.hub.policy.domain.AuthenticationErrorResponse) AuthenticationErrorResponseBuilder.anAuthenticationErrorResponse(uk.gov.ida.hub.policy.builder.domain.AuthenticationErrorResponseBuilder.anAuthenticationErrorResponse) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.Test)

Aggregations

InboundResponseFromIdpDto (uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto)10 SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto)9 ResponseAction (uk.gov.ida.hub.policy.domain.ResponseAction)9 Test (org.junit.Test)8 AuthenticationErrorResponseBuilder.anAuthenticationErrorResponse (uk.gov.ida.hub.policy.builder.domain.AuthenticationErrorResponseBuilder.anAuthenticationErrorResponse)3 AuthenticationErrorResponse (uk.gov.ida.hub.policy.domain.AuthenticationErrorResponse)3 URI (java.net.URI)1 RequesterErrorResponseBuilder.aRequesterErrorResponse (uk.gov.ida.hub.policy.builder.domain.RequesterErrorResponseBuilder.aRequesterErrorResponse)1 AttributeQueryContainerDto (uk.gov.ida.hub.policy.contracts.AttributeQueryContainerDto)1 AttributeQueryRequestDto (uk.gov.ida.hub.policy.contracts.AttributeQueryRequestDto)1 SamlAuthnResponseContainerDto (uk.gov.ida.hub.policy.contracts.SamlAuthnResponseContainerDto)1 LevelOfAssurance (uk.gov.ida.hub.policy.domain.LevelOfAssurance)1 RequesterErrorResponse (uk.gov.ida.hub.policy.domain.RequesterErrorResponse)1 SessionId (uk.gov.ida.hub.policy.domain.SessionId)1 SuccessFromIdp (uk.gov.ida.hub.policy.domain.SuccessFromIdp)1 IdpSelectedStateController (uk.gov.ida.hub.policy.domain.controller.IdpSelectedStateController)1 IdpSelectedState (uk.gov.ida.hub.policy.domain.state.IdpSelectedState)1