use of uk.gov.ida.hub.policy.domain.SuccessFromIdp in project verify-hub by alphagov.
the class AuthnResponseFromIdpService method handleSuccessResponse.
private ResponseAction handleSuccessResponse(InboundResponseFromIdpDto inboundResponseFromIdpDto, SessionId sessionId, String principalIPAddressAsSeenByHub, IdpSelectedStateController idpSelectedStateController) {
LevelOfAssurance loaAchieved = inboundResponseFromIdpDto.getLevelOfAssurance().get();
SuccessFromIdp successFromIdp = new SuccessFromIdp(inboundResponseFromIdpDto.getIssuer(), inboundResponseFromIdpDto.getEncryptedMatchingDatasetAssertion().get(), inboundResponseFromIdpDto.getAuthnStatementAssertionBlob().get(), new PersistentId(inboundResponseFromIdpDto.getPersistentId().get()), loaAchieved, principalIPAddressAsSeenByHub, inboundResponseFromIdpDto.getPrincipalIpAddressAsSeenByIdp());
AttributeQueryRequestDto attributeQuery = idpSelectedStateController.createAttributeQuery(successFromIdp);
idpSelectedStateController.handleSuccessResponseFromIdp(successFromIdp);
attributeQueryService.sendAttributeQueryRequest(sessionId, attributeQuery);
return success(sessionId, idpSelectedStateController.isRegistrationContext(), loaAchieved);
}
use of uk.gov.ida.hub.policy.domain.SuccessFromIdp in project verify-hub by alphagov.
the class IdpSelectedStateControllerTest method handleSuccessResponseFromIdp_shouldThrowExceptionWhenIdpIsDisabled.
@Test(expected = IdpDisabledException.class)
public void handleSuccessResponseFromIdp_shouldThrowExceptionWhenIdpIsDisabled() {
SuccessFromIdp successFromIdp = aSuccessFromIdp().build();
when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(emptyList());
controller.handleSuccessResponseFromIdp(successFromIdp);
}
use of uk.gov.ida.hub.policy.domain.SuccessFromIdp in project verify-hub by alphagov.
the class IdpSelectedStateControllerTest method shouldThrowUnauditedErrorExceptionIfTheResponseIsFromADifferentIssuer.
@Test(expected = StateProcessingValidationException.class)
public void shouldThrowUnauditedErrorExceptionIfTheResponseIsFromADifferentIssuer() {
PersistentId persistentId = aPersistentId().withNameId("idname").build();
SuccessFromIdp successFromIdp = aSuccessFromIdp().withIssuerId("differentIDP").withPersistentId(persistentId).withPrincipalIpAddressSeenByIdp(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP).withPrincipalIpAddressAsSeenByHub(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB).withLevelOfAssurance(PROVIDED_LOA).build();
when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(asList(IDP_ENTITY_ID, "differentIDP"));
controller.handleSuccessResponseFromIdp(successFromIdp);
}
use of uk.gov.ida.hub.policy.domain.SuccessFromIdp in project verify-hub by alphagov.
the class IdpSelectedStateControllerTest method handleSuccessResponseFromIdp_shouldTransitionToCycle0And1MatchRequestSentState.
@Test
public void handleSuccessResponseFromIdp_shouldTransitionToCycle0And1MatchRequestSentState() {
ArgumentCaptor<Cycle0And1MatchRequestSentState> stateArgumentCaptor = ArgumentCaptor.forClass(Cycle0And1MatchRequestSentState.class);
PersistentId persistentId = aPersistentId().withNameId("idname").build();
final String encryptedMatchingDatasetAssertion = "blah";
SuccessFromIdp successFromIdp = aSuccessFromIdp().withIssuerId(IDP_ENTITY_ID).withPersistentId(persistentId).withPrincipalIpAddressSeenByIdp(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP).withPrincipalIpAddressAsSeenByHub(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB).withLevelOfAssurance(PROVIDED_LOA).withEncryptedMatchingDatasetAssertion(encryptedMatchingDatasetAssertion).build();
when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(singletonList(IDP_ENTITY_ID));
when(policyConfiguration.getMatchingServiceResponseWaitPeriod()).thenReturn(new org.joda.time.Duration(600L));
when(identityProvidersConfigProxy.getIdpConfig(IDP_ENTITY_ID)).thenReturn(anIdpConfigDto().withLevelsOfAssurance(LEVELS_OF_ASSURANCE).build());
controller.handleSuccessResponseFromIdp(successFromIdp);
verify(stateTransitionAction).transitionTo(stateArgumentCaptor.capture());
assertThat(stateArgumentCaptor.getValue()).isInstanceOf(Cycle0And1MatchRequestSentState.class);
assertThat(stateArgumentCaptor.getValue().getEncryptedMatchingDatasetAssertion()).isEqualTo(encryptedMatchingDatasetAssertion);
}
use of uk.gov.ida.hub.policy.domain.SuccessFromIdp in project verify-hub by alphagov.
the class IdpSelectedStateControllerTest method handleSuccessResponseFromIdp_shouldLogEventContainingLvlOfAssuranceForBillingAndPrincipalIpAddressSeenByIdpAndHub.
@Test
public void handleSuccessResponseFromIdp_shouldLogEventContainingLvlOfAssuranceForBillingAndPrincipalIpAddressSeenByIdpAndHub() {
PersistentId persistentId = aPersistentId().withNameId("idname").build();
SuccessFromIdp successFromIdp = aSuccessFromIdp().withIssuerId(IDP_ENTITY_ID).withPersistentId(persistentId).withPrincipalIpAddressSeenByIdp(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP).withPrincipalIpAddressAsSeenByHub(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB).withLevelOfAssurance(PROVIDED_LOA).build();
when(identityProvidersConfigProxy.getEnabledIdentityProviders(TRANSACTION_ENTITY_ID, controller.isRegistrationContext(), PROVIDED_LOA)).thenReturn(singletonList(IDP_ENTITY_ID));
when(policyConfiguration.getMatchingServiceResponseWaitPeriod()).thenReturn(new org.joda.time.Duration(600L));
when(identityProvidersConfigProxy.getIdpConfig(IDP_ENTITY_ID)).thenReturn(anIdpConfigDto().withLevelsOfAssurance(LEVELS_OF_ASSURANCE).build());
controller.handleSuccessResponseFromIdp(successFromIdp);
verify(hubEventLogger).logIdpAuthnSucceededEvent(NEW_SESSION_ID, SESSION_EXPIRY_TIMESTAMP, IDP_ENTITY_ID, TRANSACTION_ENTITY_ID, persistentId, REQUEST_ID, LEVELS_OF_ASSURANCE.get(0), LEVELS_OF_ASSURANCE.get(1), PROVIDED_LOA, Optional.fromNullable(PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_IDP), PRINCIPAL_IP_ADDRESS_AS_SEEN_BY_HUB);
}
Aggregations