P4ADEV-1275 resolved change request

src/main/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestService.java

@@ -1,5 +1,7 @@
 package it.gov.pagopa.payhub.auth.service.a2a;
 
+import it.gov.pagopa.payhub.auth.exception.custom.ClientUnauthorizedException;
+import it.gov.pagopa.payhub.auth.mapper.ClientMapper;
 import it.gov.pagopa.payhub.model.generated.ClientDTO;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
@@ -8,12 +10,17 @@
 @Slf4j
 public class AuthorizeClientCredentialsRequestService {
 	private final ClientService clientService;
+	private final ClientMapper clientMapper;
 
-	public AuthorizeClientCredentialsRequestService(ClientService clientService) {
+	public AuthorizeClientCredentialsRequestService(ClientService clientService, ClientMapper clientMapper) {
 		this.clientService = clientService;
+		this.clientMapper = clientMapper;
 	}
 
 	public ClientDTO authorizeCredentials(String clientId, String clientSecret) {
-		return clientService.authorizeCredentials(clientId, clientSecret);
+		return clientService.getClientByClientId(clientId)
+			.map(clientMapper::mapToDTO)
+			.filter(dto -> dto.getClientSecret().equals(clientSecret))
+			.orElseThrow(() -> new ClientUnauthorizedException("Unauthorized client for client-credentials"));
 	}
 }

src/main/java/it/gov/pagopa/payhub/auth/service/a2a/ClientService.java

@@ -13,5 +13,4 @@ public interface ClientService {
 	String getClientSecret(String organizationIpaCode, String clientId);
 	List<ClientNoSecretDTO> getClients(String organizationIpaCode);
 	Optional<Client> getClientByClientId(String clientId);
-	ClientDTO authorizeCredentials(String clientId, String clientSecret);
 }

src/main/java/it/gov/pagopa/payhub/auth/service/a2a/ClientServiceImpl.java

@@ -50,11 +50,4 @@ public Optional<Client> getClientByClientId(String clientId) {
 		return clientRetrieverService.getClientByClientId(clientId);
 	}
 
-	public ClientDTO authorizeCredentials(String clientId, String clientSecret) {
-		return getClientByClientId(clientId)
-			.map(clientMapper::mapToDTO)
-			.filter(dto -> dto.getClientSecret().equals(clientSecret))
-			.orElseThrow(() -> new ClientUnauthorizedException("Unauthorized client for client-credentials"));
-	}
-
 }

src/main/java/it/gov/pagopa/payhub/auth/service/a2a/ValidateClientCredentialsService.java

@@ -1,6 +1,6 @@
 package it.gov.pagopa.payhub.auth.service.a2a;
 
-import it.gov.pagopa.payhub.auth.exception.custom.ClientUnauthorizedException;
+import it.gov.pagopa.payhub.auth.exception.custom.InvalidExchangeRequestException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 import org.springframework.util.StringUtils;
@@ -19,13 +19,13 @@ public void validate(String scope, String clientSecret) {
 
 	private void validateProtocolConfiguration(String scope) {
 		if (!ALLOWED_SCOPE.equals(scope)){
-			throw new ClientUnauthorizedException("Invalid scope " + scope);
+			throw new InvalidExchangeRequestException("Invalid scope " + scope);
 		}
 	}
 
 	private void validateClientSecret(String clientSecret) {
 		if (!StringUtils.hasText(clientSecret)) {
-			throw new ClientUnauthorizedException("clientSecret is mandatory with client-credentials grant type");
+			throw new InvalidExchangeRequestException("clientSecret is mandatory with client-credentials grant type");
 		}
 	}
 

src/test/java/it/gov/pagopa/payhub/auth/service/a2a/AuthorizeClientCredentialsRequestServiceTest.java

@@ -0,0 +1,89 @@
+package it.gov.pagopa.payhub.auth.service.a2a;
+
+import it.gov.pagopa.payhub.auth.exception.custom.ClientUnauthorizedException;
+import it.gov.pagopa.payhub.auth.mapper.ClientMapper;
+import it.gov.pagopa.payhub.auth.model.Client;
+import it.gov.pagopa.payhub.model.generated.ClientDTO;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+import java.util.Optional;
+import java.util.UUID;
+
+@ExtendWith(MockitoExtension.class)
+class AuthorizeClientCredentialsRequestServiceTest {
+
+	@Mock
+	private ClientService clientServiceMock;
+	@Mock
+	private ClientMapper clientMapperMock;
+	private AuthorizeClientCredentialsRequestService service;
+
+	@BeforeEach
+	void init() {
+		service = new AuthorizeClientCredentialsRequestService(clientServiceMock, clientMapperMock);
+	}
+
+	@Test
+	void givenRightCredentialsWhenVerifyCredentialsThenOk() {
+		// Given
+		String organizationIpaCode = "IPA_TEST_2";
+		String clientName = "SERVICE_001";
+		String clientId = organizationIpaCode + clientName;
+		String clientSecretMock = UUID.randomUUID().toString();
+
+		Client mockClient = new Client();
+		ClientDTO expectedClientDTO = ClientDTO.builder()
+			.clientId(clientId)
+			.clientName(clientName)
+			.organizationIpaCode(organizationIpaCode)
+			.clientSecret(clientSecretMock)
+			.build();
+
+		Mockito.when(clientServiceMock.getClientByClientId(clientId)).thenReturn(Optional.of(mockClient));
+		Mockito.when(clientMapperMock.mapToDTO(mockClient)).thenReturn(expectedClientDTO);
+		// When
+		ClientDTO actualClientDTO = service.authorizeCredentials(clientId, clientSecretMock);
+		// Then
+		Assertions.assertEquals(expectedClientDTO, actualClientDTO);
+	}
+
+	@Test
+	void givenUnexpectedClientIdCredentialsWhenVerifyCredentialsThenClientUnauthorizedException() {
+		// Given
+		String clientId = "UNEXPECTED_CLIENT_ID";
+		String clientSecretMock = UUID.randomUUID().toString();
+
+		Mockito.when(clientServiceMock.getClientByClientId(clientId)).thenThrow(new ClientUnauthorizedException("error"));
+		// When, Then
+		Assertions.assertThrows(ClientUnauthorizedException.class, () -> service.authorizeCredentials(clientId, clientSecretMock));
+	}
+
+	@Test
+	void givenUnexpectedClientSecretCredentialsWhenVerifyCredentialsThenClientUnauthorizedException() {
+		// Given
+		String organizationIpaCode = "IPA_TEST_2";
+		String clientName = "SERVICE_001";
+		String clientId = organizationIpaCode + clientName;
+		String clientSecret = UUID.randomUUID().toString();
+
+		Client mockClient = new Client();
+		ClientDTO expectedClientDTO = ClientDTO.builder()
+			.clientId(clientId)
+			.clientName(clientName)
+			.organizationIpaCode(organizationIpaCode)
+			.clientSecret(UUID.randomUUID().toString())
+			.build();
+
+		Mockito.when(clientServiceMock.getClientByClientId(clientId)).thenReturn(Optional.of(mockClient));
+		Mockito.when(clientMapperMock.mapToDTO(mockClient)).thenReturn(expectedClientDTO);
+
+		// When, Then
+		Assertions.assertThrows(ClientUnauthorizedException.class, () -> service.authorizeCredentials(clientId, clientSecret));
+	}
+}

src/test/java/it/gov/pagopa/payhub/auth/service/a2a/ClientCredentialsServiceTest.java

@@ -16,13 +16,13 @@ class ClientCredentialsServiceTest {
 	@Mock
 	private ValidateClientCredentialsService validateClientCredentialsServiceMock;
 	@Mock
-	private AuthorizeClientCredentialsRequestService authorizeClientCredentialsRequestService;
+	private AuthorizeClientCredentialsRequestService authorizeClientCredentialsRequestServiceMock;
 
 	private ClientCredentialService service;
 
 	@BeforeEach
 	void init() {
-		service = new ClientCredentialServiceImpl(validateClientCredentialsServiceMock, authorizeClientCredentialsRequestService);
+		service = new ClientCredentialServiceImpl(validateClientCredentialsServiceMock, authorizeClientCredentialsRequestServiceMock);
 	}
 
 	@Test
@@ -33,7 +33,7 @@ void givenValidTokenWhenPostTokenThenSuccess(){
 		String clientSecret="CLIENT_SECRET";
 
 		Mockito.doNothing().when(validateClientCredentialsServiceMock).validate(scope, clientSecret);
-		Mockito.doReturn(new ClientDTO()).when(authorizeClientCredentialsRequestService).authorizeCredentials(clientId, clientSecret);
+		Mockito.doReturn(new ClientDTO()).when(authorizeClientCredentialsRequestServiceMock).authorizeCredentials(clientId, clientSecret);
 		AccessToken expectedAccessToken = AccessToken.builder().accessToken("accessToken").build();
 		//When
 		AccessToken result = service.postToken(clientId, scope, clientSecret);

src/test/java/it/gov/pagopa/payhub/auth/service/a2a/ClientServiceTest.java

@@ -1,6 +1,5 @@
 package it.gov.pagopa.payhub.auth.service.a2a;
 
-import it.gov.pagopa.payhub.auth.exception.custom.ClientUnauthorizedException;
 import it.gov.pagopa.payhub.auth.mapper.ClientMapper;
 import it.gov.pagopa.payhub.auth.model.Client;
 import it.gov.pagopa.payhub.auth.service.a2a.registration.ClientRegistrationService;
@@ -118,61 +117,4 @@ void givenClientIdWhenGetClientByClientIdThenInvokeClientService() {
 		Assertions.assertEquals(Optional.of(expectedClient), result);
 	}
 
-	@Test
-	void givenRightCredentialsWhenVerifyCredentialsThenOk() {
-		// Given
-		String organizationIpaCode = "IPA_TEST_2";
-		String clientName = "SERVICE_001";
-		String clientId = organizationIpaCode + clientName;
-		String clientSecretMock = UUID.randomUUID().toString();
-
-		Client mockClient = new Client();
-		ClientDTO expectedClientDTO = ClientDTO.builder()
-			.clientId(clientId)
-			.clientName(clientName)
-			.organizationIpaCode(organizationIpaCode)
-			.clientSecret(clientSecretMock)
-			.build();
-
-		Mockito.when(clientRetrieverServiceMock.getClientByClientId(clientId)).thenReturn(Optional.of(mockClient));
-		Mockito.when(clientMapperMock.mapToDTO(mockClient)).thenReturn(expectedClientDTO);
-		// When
-		ClientDTO actualClientDTO = service.authorizeCredentials(clientId, clientSecretMock);
-		// Then
-		Assertions.assertEquals(expectedClientDTO, actualClientDTO);
-	}
-
-	@Test
-	void givenUnexpectedClientIdCredentialsWhenVerifyCredentialsThenClientUnauthorizedException() {
-		// Given
-		String clientId = "UNEXPECTED_CLIENT_ID";
-		String clientSecretMock = UUID.randomUUID().toString();
-
-		Mockito.when(clientRetrieverServiceMock.getClientByClientId(clientId)).thenThrow(new ClientUnauthorizedException("error"));
-		// When, Then
-		Assertions.assertThrows(ClientUnauthorizedException.class, () -> service.authorizeCredentials(clientId, clientSecretMock));
-	}
-
-	@Test
-	void givenUnexpectedClientSecretCredentialsWhenVerifyCredentialsThenClientUnauthorizedException() {
-		// Given
-		String organizationIpaCode = "IPA_TEST_2";
-		String clientName = "SERVICE_001";
-		String clientId = organizationIpaCode + clientName;
-		String clientSecret = UUID.randomUUID().toString();
-
-		Client mockClient = new Client();
-		ClientDTO expectedClientDTO = ClientDTO.builder()
-			.clientId(clientId)
-			.clientName(clientName)
-			.organizationIpaCode(organizationIpaCode)
-			.clientSecret(UUID.randomUUID().toString())
-			.build();
-
-		Mockito.when(clientRetrieverServiceMock.getClientByClientId(clientId)).thenReturn(Optional.of(mockClient));
-		Mockito.when(clientMapperMock.mapToDTO(mockClient)).thenReturn(expectedClientDTO);
-
-		// When, Then
-		Assertions.assertThrows(ClientUnauthorizedException.class, () -> service.authorizeCredentials(clientId, clientSecret));
-	}
 }

src/test/java/it/gov/pagopa/payhub/auth/service/a2a/ValidateClientCredentialsServiceTest.java

@@ -1,6 +1,6 @@
 package it.gov.pagopa.payhub.auth.service.a2a;
 
-import it.gov.pagopa.payhub.auth.exception.custom.ClientUnauthorizedException;
+import it.gov.pagopa.payhub.auth.exception.custom.InvalidExchangeRequestException;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
@@ -26,13 +26,13 @@ void givenValidRequestThenOk() {
 
 	@Test
 	void givenInvalidScopeThenInvalidExchangeRequestException() {
-		assertThrows(ClientUnauthorizedException.class, () ->
+		assertThrows(InvalidExchangeRequestException.class, () ->
 			service.validate( "UNEXPECTED_SCOPE", ALLOWED_CLIENT_SECRET));
 	}
 
 	@Test
 	void givenNullClientSecretThenInvalidExchangeRequestException() {
-		assertThrows(ClientUnauthorizedException.class, () ->
+		assertThrows(InvalidExchangeRequestException.class, () ->
 			service.validate(ValidateClientCredentialsService.ALLOWED_SCOPE, null));
 	}