Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: P4ADEV-1276-create-access-token #98

Merged
merged 5 commits into from
Oct 22, 2024
Merged
Show file tree
Hide file tree
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,8 @@ public class IamUserInfoDTO {

// field calculated upon registration
private String innerUserId;

// field to check if it is a real user or a machine/system user
private boolean systemUser;
}

Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
package it.gov.pagopa.payhub.auth.mapper;

import it.gov.pagopa.payhub.auth.dto.IamUserInfoDTO;
import it.gov.pagopa.payhub.auth.dto.IamUserOrganizationRolesDTO;
import it.gov.pagopa.payhub.auth.utils.Constants;
import it.gov.pagopa.payhub.model.generated.ClientDTO;
import org.springframework.stereotype.Service;

import java.util.Collections;
import java.util.function.Function;

@Service
public class ClientDTO2UserInfoMapper implements Function<ClientDTO, IamUserInfoDTO> {
@Override
public IamUserInfoDTO apply(ClientDTO clientDTO) {
return IamUserInfoDTO.builder()
.systemUser(true)
.issuer(clientDTO.getOrganizationIpaCode())
.userId(clientDTO.getClientId())
.name(clientDTO.getClientName())
.familyName(clientDTO.getOrganizationIpaCode())
.fiscalCode(clientDTO.getOrganizationIpaCode())
.organizationAccess(IamUserOrganizationRolesDTO.builder()
.organizationIpaCode(clientDTO.getOrganizationIpaCode())
.roles(Collections.singletonList(Constants.ROLE_ADMIN))
.build())
.build();
}
}
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package it.gov.pagopa.payhub.auth.service.exchange;
package it.gov.pagopa.payhub.auth.service;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
import com.auth0.jwt.JWT;
import com.auth0.jwt.interfaces.DecodedJWT;
import it.gov.pagopa.payhub.auth.exception.custom.InvalidTokenException;
import it.gov.pagopa.payhub.auth.service.exchange.AccessTokenBuilderService;
import it.gov.pagopa.payhub.auth.utils.JWTValidator;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
package it.gov.pagopa.payhub.auth.service.a2a;

import it.gov.pagopa.payhub.auth.dto.IamUserInfoDTO;
import it.gov.pagopa.payhub.auth.mapper.ClientDTO2UserInfoMapper;
import it.gov.pagopa.payhub.auth.service.AccessTokenBuilderService;
import it.gov.pagopa.payhub.auth.service.TokenStoreService;
import it.gov.pagopa.payhub.model.generated.AccessToken;
import it.gov.pagopa.payhub.model.generated.ClientDTO;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;

Expand All @@ -10,17 +15,30 @@ public class ClientCredentialServiceImpl implements ClientCredentialService {

private final ValidateClientCredentialsService validateClientCredentialsService;
private final AuthorizeClientCredentialsRequestService authorizeClientCredentialsRequestService;
private final AccessTokenBuilderService accessTokenBuilderService;
private final TokenStoreService tokenStoreService;
private final ClientDTO2UserInfoMapper clientDTO2UserInfoMapper;

public ClientCredentialServiceImpl(ValidateClientCredentialsService validateClientCredentialsService, AuthorizeClientCredentialsRequestService authorizeClientCredentialsRequestService) {
public ClientCredentialServiceImpl(
ValidateClientCredentialsService validateClientCredentialsService,
AuthorizeClientCredentialsRequestService authorizeClientCredentialsRequestService,
AccessTokenBuilderService accessTokenBuilderService,
TokenStoreService tokenStoreService, ClientDTO2UserInfoMapper clientDTO2UserInfoMapper) {
this.validateClientCredentialsService = validateClientCredentialsService;
this.authorizeClientCredentialsRequestService = authorizeClientCredentialsRequestService;
this.accessTokenBuilderService = accessTokenBuilderService;
this.tokenStoreService = tokenStoreService;
this.clientDTO2UserInfoMapper = clientDTO2UserInfoMapper;
}

@Override
public AccessToken postToken(String clientId, String scope, String clientSecret) {
log.info("Client {} requested authentication with client_credentials grant type and scope {}", clientId, scope);
validateClientCredentialsService.validate(scope, clientSecret);
authorizeClientCredentialsRequestService.authorizeCredentials(clientId, clientSecret);
return AccessToken.builder().accessToken("accessToken").build();
ClientDTO authorizedClient = authorizeClientCredentialsRequestService.authorizeCredentials(clientId, clientSecret);
AccessToken accessToken = accessTokenBuilderService.build();
IamUserInfoDTO iamUser = clientDTO2UserInfoMapper.apply(authorizedClient);
tokenStoreService.save(accessToken.getAccessToken(), iamUser);
return accessToken;
}
}
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
package it.gov.pagopa.payhub.auth.service.a2a;

import it.gov.pagopa.payhub.auth.exception.custom.ClientUnauthorizedException;
import it.gov.pagopa.payhub.auth.mapper.ClientMapper;
import it.gov.pagopa.payhub.auth.model.Client;
import it.gov.pagopa.payhub.auth.service.a2a.registration.ClientRegistrationService;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import com.auth0.jwt.interfaces.Claim;
import it.gov.pagopa.payhub.auth.dto.IamUserInfoDTO;
import it.gov.pagopa.payhub.auth.model.User;
import it.gov.pagopa.payhub.auth.service.AccessTokenBuilderService;
import it.gov.pagopa.payhub.auth.service.TokenStoreService;
import it.gov.pagopa.payhub.model.generated.AccessToken;
import lombok.extern.slf4j.Slf4j;
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
package it.gov.pagopa.payhub.auth.mapper;

import it.gov.pagopa.payhub.auth.dto.IamUserInfoDTO;
import it.gov.pagopa.payhub.auth.dto.IamUserOrganizationRolesDTO;
import it.gov.pagopa.payhub.auth.utils.Constants;
import it.gov.pagopa.payhub.model.generated.ClientDTO;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.junit.jupiter.MockitoExtension;

import java.util.Collections;
import java.util.UUID;

@ExtendWith(MockitoExtension.class)
class ClientDTO2UserInfoMapperTest {

@InjectMocks
private ClientDTO2UserInfoMapper mapper;

@Test
void givenDTOWhenApplyTheOk() {
// Given
String plainClientSecret = UUID.randomUUID().toString();
String organizationIpaCode = "organizationIpaCode";
String clientName = "clientName";
String clientId = organizationIpaCode + clientName;

ClientDTO clientDTO = ClientDTO.builder()
.clientId(clientId)
.clientName(clientName)
.organizationIpaCode(organizationIpaCode)
.clientSecret(plainClientSecret)
.build();

// When
IamUserInfoDTO result = mapper.apply(clientDTO);
//Then
Assertions.assertEquals(
antonioT90 marked this conversation as resolved.
Show resolved Hide resolved
IamUserInfoDTO.builder()
.systemUser(true)
.issuer(clientDTO.getOrganizationIpaCode())
.userId(clientDTO.getClientId())
.name(clientDTO.getClientName())
.familyName(clientDTO.getOrganizationIpaCode())
.fiscalCode(clientDTO.getOrganizationIpaCode())
.organizationAccess(IamUserOrganizationRolesDTO.builder()
.organizationIpaCode(clientDTO.getOrganizationIpaCode())
.roles(Collections.singletonList(Constants.ROLE_ADMIN))
.build())
.build(),
result
);
}
}
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package it.gov.pagopa.payhub.auth.service.exchange;
package it.gov.pagopa.payhub.auth.service;

import com.auth0.jwt.JWT;
import com.auth0.jwt.interfaces.DecodedJWT;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
import com.auth0.jwt.JWT;
import com.auth0.jwt.interfaces.DecodedJWT;
import it.gov.pagopa.payhub.auth.exception.custom.InvalidTokenException;
import it.gov.pagopa.payhub.auth.service.exchange.AccessTokenBuilderService;
import it.gov.pagopa.payhub.auth.utils.JWTValidator;
import org.junit.jupiter.api.Assertions;

Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
package it.gov.pagopa.payhub.auth.service.a2a;

import it.gov.pagopa.payhub.auth.dto.IamUserInfoDTO;
import it.gov.pagopa.payhub.auth.mapper.ClientDTO2UserInfoMapper;
import it.gov.pagopa.payhub.auth.service.AccessTokenBuilderService;
import it.gov.pagopa.payhub.auth.service.TokenStoreService;
import it.gov.pagopa.payhub.model.generated.AccessToken;
import it.gov.pagopa.payhub.model.generated.ClientDTO;
import org.junit.jupiter.api.Assertions;
Expand All @@ -17,12 +21,24 @@ class ClientCredentialsServiceTest {
private ValidateClientCredentialsService validateClientCredentialsServiceMock;
@Mock
private AuthorizeClientCredentialsRequestService authorizeClientCredentialsRequestServiceMock;
@Mock
private AccessTokenBuilderService accessTokenBuilderServiceMock;
@Mock
private TokenStoreService tokenStoreServiceMock;
@Mock
private ClientDTO2UserInfoMapper clientDTO2UserInfoMapperMock;

private ClientCredentialService service;

@BeforeEach
void init() {
service = new ClientCredentialServiceImpl(validateClientCredentialsServiceMock, authorizeClientCredentialsRequestServiceMock);
service = new ClientCredentialServiceImpl(
validateClientCredentialsServiceMock,
authorizeClientCredentialsRequestServiceMock,
accessTokenBuilderServiceMock,
tokenStoreServiceMock,
clientDTO2UserInfoMapperMock
);
}

@Test
Expand All @@ -33,12 +49,17 @@ void givenValidTokenWhenPostTokenThenSuccess(){
String clientSecret="CLIENT_SECRET";

Mockito.doNothing().when(validateClientCredentialsServiceMock).validate(scope, clientSecret);
Mockito.doReturn(new ClientDTO()).when(authorizeClientCredentialsRequestServiceMock).authorizeCredentials(clientId, clientSecret);
ClientDTO clientDTO = new ClientDTO();
Mockito.doReturn(clientDTO).when(authorizeClientCredentialsRequestServiceMock).authorizeCredentials(clientId, clientSecret);
AccessToken expectedAccessToken = AccessToken.builder().accessToken("accessToken").build();
Mockito.when(accessTokenBuilderServiceMock.build()).thenReturn(expectedAccessToken);
IamUserInfoDTO iamUserInfo = new IamUserInfoDTO();
Mockito.when(clientDTO2UserInfoMapperMock.apply(clientDTO)).thenReturn(iamUserInfo);
//When
AccessToken result = service.postToken(clientId, scope, clientSecret);
//Then
Assertions.assertEquals(expectedAccessToken, result);
Assertions.assertSame(expectedAccessToken, result);
Mockito.verify(tokenStoreServiceMock).save(Mockito.same(expectedAccessToken.getAccessToken()), Mockito.same(iamUserInfo));
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import com.auth0.jwt.interfaces.Claim;
import it.gov.pagopa.payhub.auth.dto.IamUserInfoDTO;
import it.gov.pagopa.payhub.auth.model.User;
import it.gov.pagopa.payhub.auth.service.AccessTokenBuilderService;
import it.gov.pagopa.payhub.auth.service.TokenStoreService;
import it.gov.pagopa.payhub.model.generated.AccessToken;
import org.junit.jupiter.api.AfterEach;
Expand Down
Loading