Search in sources :

Example 1 with AuthResponse

use of uk.gov.pay.api.model.publicauth.AuthResponse in project pay-publicapi by alphagov.

the class AccountAuthenticatorTest method shouldReturnValidAccount.

@Test
public void shouldReturnValidAccount() {
    AuthResponse authResponse = new AuthResponse(accountId, "a-token-link", CARD);
    when(mockResponse.getStatus()).thenReturn(OK.getStatusCode());
    when(mockResponse.readEntity(AuthResponse.class)).thenReturn(authResponse);
    Optional<Account> maybeAccount = accountAuthenticator.authenticate(bearerToken);
    assertThat(maybeAccount.get().getName(), is(accountId));
    assertThat(maybeAccount.get().getAccountId(), is(accountId));
    assertThat(maybeAccount.get().getPaymentType(), is(CARD));
    verify(mockAppender).doAppend(loggingEventArgumentCaptor.capture());
    List<LoggingEvent> logEvents = loggingEventArgumentCaptor.getAllValues();
    assertThat(logEvents, hasSize(1));
    assertThat(logEvents.get(0).getFormattedMessage(), is("Successfully authenticated using API key with token_link a-token-link"));
}
Also used : ILoggingEvent(ch.qos.logback.classic.spi.ILoggingEvent) LoggingEvent(ch.qos.logback.classic.spi.LoggingEvent) AuthResponse(uk.gov.pay.api.model.publicauth.AuthResponse) Test(org.junit.jupiter.api.Test)

Example 2 with AuthResponse

use of uk.gov.pay.api.model.publicauth.AuthResponse in project pay-publicapi by alphagov.

the class AccountAuthenticator method authenticate.

@Override
public Optional<Account> authenticate(String bearerToken) {
    Response response = client.target(publicAuthUrl).request().header(AUTHORIZATION, "Bearer " + bearerToken).accept(MediaType.APPLICATION_JSON).get();
    if (response.getStatus() == OK.getStatusCode()) {
        AuthResponse authResponse = response.readEntity(AuthResponse.class);
        logger.info(format("Successfully authenticated using API key with token_link %s", authResponse.getTokenLink()), kv("token_link", authResponse.getTokenLink()));
        return Optional.of(new Account(authResponse.getAccountId(), authResponse.getTokenType(), authResponse.getTokenLink()));
    } else if (response.getStatus() == UNAUTHORIZED.getStatusCode()) {
        JsonNode unauthorisedResponse = response.readEntity(JsonNode.class);
        ErrorIdentifier errorIdentifier = ErrorIdentifier.valueOf(unauthorisedResponse.get("error_identifier").asText());
        if (errorIdentifier == ErrorIdentifier.AUTH_TOKEN_REVOKED) {
            String tokenLink = unauthorisedResponse.get("token_link").asText();
            logger.warn(format("Attempt to authenticate using revoked API key with token_link %s", tokenLink), kv("token_link", tokenLink));
        } else {
            logger.warn("Attempt to authenticate using invalid API key with valid checksum");
        }
        response.close();
        return Optional.empty();
    } else {
        response.close();
        logger.warn("Unexpected status code " + response.getStatus() + " from auth.");
        throw new ServiceUnavailableException();
    }
}
Also used : Response(javax.ws.rs.core.Response) AuthResponse(uk.gov.pay.api.model.publicauth.AuthResponse) ErrorIdentifier(uk.gov.service.payments.commons.model.ErrorIdentifier) JsonNode(com.fasterxml.jackson.databind.JsonNode) ServiceUnavailableException(javax.ws.rs.ServiceUnavailableException) AuthResponse(uk.gov.pay.api.model.publicauth.AuthResponse)

Aggregations

AuthResponse (uk.gov.pay.api.model.publicauth.AuthResponse)2 ILoggingEvent (ch.qos.logback.classic.spi.ILoggingEvent)1 LoggingEvent (ch.qos.logback.classic.spi.LoggingEvent)1 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 ServiceUnavailableException (javax.ws.rs.ServiceUnavailableException)1 Response (javax.ws.rs.core.Response)1 Test (org.junit.jupiter.api.Test)1 ErrorIdentifier (uk.gov.service.payments.commons.model.ErrorIdentifier)1