From 682be58574ed8132e9db2b91e484c92ece5016df Mon Sep 17 00:00:00 2001 From: Hitesh C Date: Wed, 19 Jul 2023 15:19:58 +0530 Subject: [PATCH 1/2] [ES-176] [ES-177] (#270) * [ES-177] * [MOIFIED] github actions * [CHANGES] review comment changes --- .github/workflows/push_trigger.yml | 1 + .../mosip/esignet/KeyBindingServiceTest.java | 2 +- .../esignet/repository/ConsentRepository.java | 1 + .../esignet/services/ConsentServiceImpl.java | 6 ++++ .../esignet/ConsentDetailRepositoryTest.java | 32 +++++++++++++++++++ .../mosip/esignet/ConsentServiceImplTest.java | 8 +++++ .../esignet/core/dto/OIDCTransaction.java | 2 ++ .../esignet/core/spi/ConsentService.java | 7 ++++ .../services/AuthorizationServiceImpl.java | 5 +-- .../services/ConsentHelperService.java | 29 +++++++++++++---- .../LinkedAuthorizationServiceImpl.java | 3 +- .../services/ConsentHelperServiceTest.java | 28 +++++++++++++--- 12 files changed, 109 insertions(+), 15 deletions(-) diff --git a/.github/workflows/push_trigger.yml b/.github/workflows/push_trigger.yml index f5038f38f..dc6d7ae94 100644 --- a/.github/workflows/push_trigger.yml +++ b/.github/workflows/push_trigger.yml @@ -10,6 +10,7 @@ on: - 1.* - develop - main + - bugfix-ES-177 jobs: call-workflow-codeql-analysis: diff --git a/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java b/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java index cd56a241d..72d65b210 100644 --- a/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java +++ b/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java @@ -210,7 +210,7 @@ public void bindWallet_withUnsupportedFormat_thenFail() throws EsignetException, Assert.assertNotNull(keyBindingService.bindWallet(walletBindingRequest, new HashMap<>())); Assert.fail(); } catch (EsignetException e) { - Assert.assertTrue(e.getErrorCode().equals(ErrorConstants.INVALID_CHALLENGE_FORMAT)); + Assert.assertTrue(e.getErrorCode().equals(ErrorConstants.INVALID_AUTH_FACTOR_TYPE_OR_CHALLENGE_FORMAT)); } } diff --git a/consent-service-impl/src/main/java/io/mosip/esignet/repository/ConsentRepository.java b/consent-service-impl/src/main/java/io/mosip/esignet/repository/ConsentRepository.java index a66553ea8..80b49a94f 100644 --- a/consent-service-impl/src/main/java/io/mosip/esignet/repository/ConsentRepository.java +++ b/consent-service-impl/src/main/java/io/mosip/esignet/repository/ConsentRepository.java @@ -12,6 +12,7 @@ import java.util.UUID; @Repository public interface ConsentRepository extends JpaRepository { + boolean existsByClientIdAndPsuToken(String clientId, String psuToken); Optional findByClientIdAndPsuToken(String clientId, String psuToken); void deleteByClientIdAndPsuToken(String clientId, String psuToken); diff --git a/consent-service-impl/src/main/java/io/mosip/esignet/services/ConsentServiceImpl.java b/consent-service-impl/src/main/java/io/mosip/esignet/services/ConsentServiceImpl.java index 8dfbd576d..ec0c48a9d 100644 --- a/consent-service-impl/src/main/java/io/mosip/esignet/services/ConsentServiceImpl.java +++ b/consent-service-impl/src/main/java/io/mosip/esignet/services/ConsentServiceImpl.java @@ -86,4 +86,10 @@ public ConsentDetail saveUserConsent(UserConsent userConsent) { AuditHelper.buildAuditDto(userConsent.getClientId()), null); return consentDetailDto; } + + @Override + @Transactional + public void deleteUserConsent(String clientId, String psuToken) { + consentRepository.deleteByClientIdAndPsuToken(clientId, psuToken); + } } diff --git a/consent-service-impl/src/test/java/io/mosip/esignet/ConsentDetailRepositoryTest.java b/consent-service-impl/src/test/java/io/mosip/esignet/ConsentDetailRepositoryTest.java index 4375cfb35..52b810330 100644 --- a/consent-service-impl/src/test/java/io/mosip/esignet/ConsentDetailRepositoryTest.java +++ b/consent-service-impl/src/test/java/io/mosip/esignet/ConsentDetailRepositoryTest.java @@ -173,4 +173,36 @@ public void createConsent_withNullCreatedtimes_thenFail() { Assert.fail(); } + @Test + public void createAndDeleteConsent_withValidDetail_thenPass() { + + ConsentDetail consentDetail =new ConsentDetail(); + UUID uuid=UUID.randomUUID(); + LocalDateTime date = LocalDateTime.of(2019, 12, 12, 12, 12, 12); + consentDetail.setClientId("123"); + consentDetail.setPsuToken("abc"); + consentDetail.setClaims("claims"); + consentDetail.setAuthorizationScopes("authorizationScopes"); + consentDetail.setCreatedtimes(date); + consentDetail.setExpiredtimes(LocalDateTime.now()); + consentDetail.setSignature("signature"); + consentDetail.setHash("hash"); + consentDetail.setAcceptedClaims("claim"); + consentDetail.setPermittedScopes("scope"); + consentDetail =consentRepository.save(consentDetail); + Assert.assertNotNull(consentDetail); + + Optional result; + + result = consentRepository.findByClientIdAndPsuToken("123", "abc"); + Assert.assertTrue(result.isPresent()); + + result = consentRepository.findByClientIdAndPsuToken("123", "abcd"); + Assert.assertFalse(result.isPresent()); + consentRepository.deleteByClientIdAndPsuToken(consentDetail.getClientId(),consentDetail.getPsuToken()); + consentRepository.flush(); + Optional consentDetailOptional = consentRepository.findByClientIdAndPsuToken("123", "abc"); + Assert.assertFalse(consentDetailOptional.isPresent()); + } + } diff --git a/consent-service-impl/src/test/java/io/mosip/esignet/ConsentServiceImplTest.java b/consent-service-impl/src/test/java/io/mosip/esignet/ConsentServiceImplTest.java index 4e22c42cf..9fe489724 100644 --- a/consent-service-impl/src/test/java/io/mosip/esignet/ConsentServiceImplTest.java +++ b/consent-service-impl/src/test/java/io/mosip/esignet/ConsentServiceImplTest.java @@ -139,5 +139,13 @@ public void saveUserConsent_withValidDetails_thenPass() throws Exception{ } + @Test + public void deleteConsentByClientIdAndPsuToken_thenPass(){ + String clientId = "test-client-id"; + String psuToken = "test-psu-token"; + consentService.deleteUserConsent(clientId,psuToken); + Mockito.verify(consentRepository).deleteByClientIdAndPsuToken(clientId, psuToken); + } + } diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/dto/OIDCTransaction.java b/esignet-core/src/main/java/io/mosip/esignet/core/dto/OIDCTransaction.java index b0e857119..4ede0e067 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/dto/OIDCTransaction.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/dto/OIDCTransaction.java @@ -21,6 +21,8 @@ public class OIDCTransaction implements Serializable { String relyingPartyId; String redirectUri; Claims requestedClaims; + List essentialClaims; + List voluntaryClaims; List requestedAuthorizeScopes; String[] claimsLocales; String authTransactionId; diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/spi/ConsentService.java b/esignet-core/src/main/java/io/mosip/esignet/core/spi/ConsentService.java index 08d310e7a..029ed6a49 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/spi/ConsentService.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/spi/ConsentService.java @@ -24,4 +24,11 @@ public interface ConsentService { * */ ConsentDetail saveUserConsent(UserConsent userConsent) throws EsignetException; + + /** + * Api to delete user consent from Consent Registry + * @param psuToken + * @param clientId + */ + void deleteUserConsent(String clientId, String psuToken); } diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java index 2c730e87d..5f436f22a 100644 --- a/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java +++ b/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java @@ -29,7 +29,6 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Primary; import org.springframework.stereotype.Service; import java.util.*; @@ -114,6 +113,8 @@ public OAuthDetailResponse getOauthDetails(OAuthDetailRequest oauthDetailReqDto) //Cache the transaction OIDCTransaction oidcTransaction = new OIDCTransaction(); + oidcTransaction.setEssentialClaims(oauthDetailResponse.getEssentialClaims()); + oidcTransaction.setVoluntaryClaims(oauthDetailResponse.getVoluntaryClaims()); oidcTransaction.setRedirectUri(oauthDetailReqDto.getRedirectUri()); oidcTransaction.setRelyingPartyId(clientDetailDto.getRpId()); oidcTransaction.setClientId(clientDetailDto.getId()); @@ -224,7 +225,7 @@ public AuthCodeResponse getAuthCode(AuthCodeRequest authCodeRequest) throws Esig transaction.setCodeHash(authorizationHelperService.getKeyHash(authCode)); transaction.setAcceptedClaims(acceptedClaims); transaction.setPermittedScopes(acceptedScopes); - consentHelperService.addUserConsent(transaction, false, null); + consentHelperService.updateUserConsent(transaction, false, null); transaction = cacheUtilService.setAuthCodeGeneratedTransaction(authCodeRequest.getTransactionId(), transaction); auditWrapper.logAudit(Action.GET_AUTH_CODE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(authCodeRequest.getTransactionId(), transaction), null); diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java index 75813cada..b2a4aba5d 100644 --- a/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java +++ b/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java @@ -20,6 +20,7 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import org.springframework.util.CollectionUtils; import java.util.*; import java.util.function.Function; @@ -39,18 +40,34 @@ public void processConsent(OIDCTransaction transaction, boolean linked) { userConsentRequest.setPsuToken(transaction.getPartnerSpecificUserToken()); Optional consent = consentService.getUserConsent(userConsentRequest); - ConsentAction consentAction = consent.isEmpty() ? ConsentAction.CAPTURE : evaluateConsentAction(transaction,consent.get(), linked); + if(CollectionUtils.isEmpty(transaction.getVoluntaryClaims()) + && CollectionUtils.isEmpty(transaction.getEssentialClaims()) + && CollectionUtils.isEmpty(transaction.getRequestedAuthorizeScopes())){ + transaction.setConsentAction(ConsentAction.NOCAPTURE); + transaction.setAcceptedClaims(List.of()); + transaction.setPermittedScopes(List.of()); + } else { + ConsentAction consentAction = consent.isEmpty() ? ConsentAction.CAPTURE : evaluateConsentAction(transaction, consent.get(), linked); - transaction.setConsentAction(consentAction); + transaction.setConsentAction(consentAction); - if(consentAction.equals(ConsentAction.NOCAPTURE)) { - transaction.setAcceptedClaims(consent.get().getAcceptedClaims()); //NOSONAR consent is already evaluated to be not null - transaction.setPermittedScopes(consent.get().getPermittedScopes()); //NOSONAR consent is already evaluated to be not null + if (consentAction.equals(ConsentAction.NOCAPTURE)) { + transaction.setAcceptedClaims(consent.get().getAcceptedClaims()); //NOSONAR consent is already evaluated to be not null + transaction.setPermittedScopes(consent.get().getPermittedScopes()); //NOSONAR consent is already evaluated to be not null + } } } - public void addUserConsent(OIDCTransaction transaction, boolean linked, String signature) { + public void updateUserConsent(OIDCTransaction transaction, boolean linked, String signature) { + if(ConsentAction.NOCAPTURE.equals(transaction.getConsentAction()) + && transaction.getEssentialClaims().isEmpty() + && transaction.getVoluntaryClaims().isEmpty() + && transaction.getRequestedAuthorizeScopes().isEmpty() + ){ + //delete old consent if it exists since this scenario doesn't require capture of consent. + consentService.deleteUserConsent(transaction.getClientId(),transaction.getPartnerSpecificUserToken()); + } if(ConsentAction.CAPTURE.equals(transaction.getConsentAction())){ UserConsent userConsent = new UserConsent(); userConsent.setClientId(transaction.getClientId()); diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/LinkedAuthorizationServiceImpl.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/LinkedAuthorizationServiceImpl.java index 35b89deb0..1124b3f6a 100644 --- a/oidc-service-impl/src/main/java/io/mosip/esignet/services/LinkedAuthorizationServiceImpl.java +++ b/oidc-service-impl/src/main/java/io/mosip/esignet/services/LinkedAuthorizationServiceImpl.java @@ -25,7 +25,6 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Primary; import org.springframework.scheduling.annotation.Async; import org.springframework.stereotype.Service; import org.springframework.web.context.request.async.DeferredResult; @@ -270,7 +269,7 @@ public LinkedConsentResponse saveConsentV2(LinkedConsentRequestV2 linkedConsentR // cache consent only, auth-code will be generated on link-auth-code-status API call transaction.setAcceptedClaims(linkedConsentRequest.getAcceptedClaims()); transaction.setPermittedScopes(linkedConsentRequest.getPermittedAuthorizeScopes()); - consentHelperService.addUserConsent(transaction, true, linkedConsentRequest.getSignature()); + consentHelperService.updateUserConsent(transaction, true, linkedConsentRequest.getSignature()); cacheUtilService.setLinkedConsentedTransaction(linkedConsentRequest.getLinkedTransactionId(), transaction); //Publish message after successfully saving the consent kafkaHelperService.publish(linkedAuthCodeTopicName, linkedConsentRequest.getLinkedTransactionId()); diff --git a/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java b/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java index 615352753..c6b8c5349 100644 --- a/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java +++ b/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java @@ -72,7 +72,7 @@ public void addUserConsent_withValidLinkedTransaction_thenPass() claims.setId_token(id_token); oidcTransaction.setRequestedClaims(claims); - consentHelperService.addUserConsent(oidcTransaction, true, null); + consentHelperService.updateUserConsent(oidcTransaction, true, null); } @@ -99,7 +99,7 @@ public void addUserConsent_withValidWebTransaction_thenPass() Mockito.when(consentService.saveUserConsent(Mockito.any())).thenReturn(new ConsentDetail()); - consentHelperService.addUserConsent(oidcTransaction, false, ""); + consentHelperService.updateUserConsent(oidcTransaction, false, ""); } @Test @@ -110,6 +110,8 @@ public void processConsent_withValidConsentAndConsentActionAsNoCapture_thenPass( oidcTransaction.setPartnerSpecificUserToken("123"); oidcTransaction.setRequestedAuthorizeScopes(List.of("openid","profile")); oidcTransaction.setPermittedScopes(List.of("openid","profile")); + oidcTransaction.setEssentialClaims(List.of("name")); + oidcTransaction.setVoluntaryClaims(List.of("email")); Claims claims = new Claims(); Map userinfo = new HashMap<>(); @@ -156,7 +158,8 @@ public void processConsent_withValidConsentAndConsentActionAsCapture_thenPass() oidcTransaction.setPartnerSpecificUserToken("123"); oidcTransaction.setRequestedAuthorizeScopes(List.of("openid","profile")); oidcTransaction.setPermittedScopes(List.of("openid","profile")); - + oidcTransaction.setEssentialClaims(List.of("name")); + oidcTransaction.setVoluntaryClaims(List.of("email")); Claims claims = new Claims(); Map userinfo = new HashMap<>(); Map id_token = new HashMap<>(); @@ -207,7 +210,9 @@ public void processConsent_withEmptyConsent_thenPass(){ OIDCTransaction oidcTransaction=new OIDCTransaction(); oidcTransaction.setClientId("abc"); oidcTransaction.setPartnerSpecificUserToken("123"); - + oidcTransaction.setVoluntaryClaims(List.of("email")); + oidcTransaction.setEssentialClaims(List.of()); + oidcTransaction.setRequestedAuthorizeScopes(List.of()); UserConsentRequest userConsentRequest = new UserConsentRequest(); userConsentRequest.setClientId(oidcTransaction.getClientId()); userConsentRequest.setPsuToken(oidcTransaction.getPartnerSpecificUserToken()); @@ -218,4 +223,19 @@ public void processConsent_withEmptyConsent_thenPass(){ Assert.assertEquals(oidcTransaction.getConsentAction(),ConsentAction.CAPTURE); } + + @Test + public void processConsent_withEmptyRequestedClaims_thenPass(){ + OIDCTransaction oidcTransaction=new OIDCTransaction(); + oidcTransaction.setClientId("abc"); + oidcTransaction.setPartnerSpecificUserToken("123"); + oidcTransaction.setVoluntaryClaims(List.of()); + oidcTransaction.setEssentialClaims(List.of()); + oidcTransaction.setRequestedAuthorizeScopes(List.of()); + UserConsentRequest userConsentRequest = new UserConsentRequest(); + userConsentRequest.setClientId(oidcTransaction.getClientId()); + userConsentRequest.setPsuToken(oidcTransaction.getPartnerSpecificUserToken()); + consentHelperService.processConsent(oidcTransaction,true); + Assert.assertEquals(oidcTransaction.getConsentAction(),ConsentAction.NOCAPTURE); + } } \ No newline at end of file From 294ffa956b8ec350723a1f7539ddc34ae95533e2 Mon Sep 17 00:00:00 2001 From: Hitesh C Date: Mon, 24 Jul 2023 12:06:14 +0530 Subject: [PATCH 2/2] [ES-177] (#278) * [ES-177] * [MOIFIED] github actions * [CHANGES] review comment changes * Updated test cases and added audit logs --- .../io/mosip/esignet/api/util/Action.java | 3 +- .../services/ConsentHelperService.java | 9 ++++ .../services/ConsentHelperServiceTest.java | 43 +++++++++++++++++-- 3 files changed, 51 insertions(+), 4 deletions(-) diff --git a/esignet-integration-api/src/main/java/io/mosip/esignet/api/util/Action.java b/esignet-integration-api/src/main/java/io/mosip/esignet/api/util/Action.java index e99dbe396..6979351c7 100644 --- a/esignet-integration-api/src/main/java/io/mosip/esignet/api/util/Action.java +++ b/esignet-integration-api/src/main/java/io/mosip/esignet/api/util/Action.java @@ -22,5 +22,6 @@ public enum Action { LINK_SEND_OTP, LINK_AUTH_CODE, GET_USER_CONSENT, - SAVE_USER_CONSENT + SAVE_USER_CONSENT, + UPDATE_USER_CONSENT } diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java index b2a4aba5d..1e41ec774 100644 --- a/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java +++ b/oidc-service-impl/src/main/java/io/mosip/esignet/services/ConsentHelperService.java @@ -8,6 +8,9 @@ import com.fasterxml.jackson.core.JsonProcessingException; import io.mosip.esignet.api.dto.ClaimDetail; import io.mosip.esignet.api.dto.Claims; +import io.mosip.esignet.api.spi.AuditPlugin; +import io.mosip.esignet.api.util.Action; +import io.mosip.esignet.api.util.ActionStatus; import io.mosip.esignet.api.util.ConsentAction; import io.mosip.esignet.core.constants.ErrorConstants; import io.mosip.esignet.core.dto.ConsentDetail; @@ -16,6 +19,7 @@ import io.mosip.esignet.core.dto.UserConsentRequest; import io.mosip.esignet.core.exception.EsignetException; import io.mosip.esignet.core.spi.ConsentService; +import io.mosip.esignet.core.util.AuditHelper; import io.mosip.esignet.core.util.IdentityProviderUtil; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; @@ -34,6 +38,9 @@ public class ConsentHelperService { @Autowired private ConsentService consentService; + @Autowired + private AuditPlugin auditWrapper; + public void processConsent(OIDCTransaction transaction, boolean linked) { UserConsentRequest userConsentRequest = new UserConsentRequest(); userConsentRequest.setClientId(transaction.getClientId()); @@ -67,6 +74,7 @@ public void updateUserConsent(OIDCTransaction transaction, boolean linked, Strin ){ //delete old consent if it exists since this scenario doesn't require capture of consent. consentService.deleteUserConsent(transaction.getClientId(),transaction.getPartnerSpecificUserToken()); + auditWrapper.logAudit(Action.UPDATE_USER_CONSENT, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(transaction.getAuthTransactionId(),transaction),null); } if(ConsentAction.CAPTURE.equals(transaction.getConsentAction())){ UserConsent userConsent = new UserConsent(); @@ -93,6 +101,7 @@ public void updateUserConsent(OIDCTransaction transaction, boolean linked, Strin throw new EsignetException(ErrorConstants.INVALID_CLAIM); } consentService.saveUserConsent(userConsent); + auditWrapper.logAudit(Action.UPDATE_USER_CONSENT, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(transaction.getAuthTransactionId(),transaction),null); } } diff --git a/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java b/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java index c6b8c5349..392699d16 100644 --- a/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java +++ b/oidc-service-impl/src/test/java/io/mosip/esignet/services/ConsentHelperServiceTest.java @@ -9,9 +9,11 @@ import com.fasterxml.jackson.databind.ObjectMapper; import io.mosip.esignet.api.dto.ClaimDetail; import io.mosip.esignet.api.dto.Claims; +import io.mosip.esignet.api.spi.AuditPlugin; import io.mosip.esignet.api.util.ConsentAction; import io.mosip.esignet.core.dto.ConsentDetail; import io.mosip.esignet.core.dto.OIDCTransaction; +import io.mosip.esignet.core.dto.UserConsent; import io.mosip.esignet.core.dto.UserConsentRequest; import io.mosip.esignet.core.spi.ConsentService; import io.mosip.esignet.core.util.KafkaHelperService; @@ -50,13 +52,16 @@ public class ConsentHelperServiceTest { @Autowired ObjectMapper objectMapper; + @Mock + AuditPlugin auditHelper; + @Test public void addUserConsent_withValidLinkedTransaction_thenPass() { OIDCTransaction oidcTransaction = new OIDCTransaction(); oidcTransaction.setAuthTransactionId("123"); - oidcTransaction.setAcceptedClaims(List.of("name","email")); + oidcTransaction.setAcceptedClaims(List.of("name")); oidcTransaction.setPermittedScopes(null); oidcTransaction.setConsentAction(ConsentAction.CAPTURE); @@ -66,13 +71,18 @@ public void addUserConsent_withValidLinkedTransaction_thenPass() ClaimDetail userinfoNameClaimDetail = new ClaimDetail("name", new String[]{"value1a", "value1b"}, true); ClaimDetail idTokenClaimDetail = new ClaimDetail("token", new String[]{"value2a", "value2b"}, false); userinfo.put("name", userinfoNameClaimDetail); - userinfo.put("email",null); id_token.put("idTokenKey", idTokenClaimDetail); claims.setUserinfo(userinfo); claims.setId_token(id_token); oidcTransaction.setRequestedClaims(claims); consentHelperService.updateUserConsent(oidcTransaction, true, null); + UserConsent userConsent = new UserConsent(); + userConsent.setHash("PxQIckCdFC5TPmL7_G7NH0Zs4UmHC74rGpOkyldqRpg"); + userConsent.setClaims(claims); + userConsent.setAuthorizationScopes(Map.of()); + userConsent.setAcceptedClaims(List.of("name")); + Mockito.verify(consentService).saveUserConsent(userConsent); } @@ -81,7 +91,7 @@ public void addUserConsent_withValidWebTransaction_thenPass() { OIDCTransaction oidcTransaction = new OIDCTransaction(); oidcTransaction.setAuthTransactionId("123"); - oidcTransaction.setAcceptedClaims(List.of("name","email")); + oidcTransaction.setAcceptedClaims(List.of("value1")); oidcTransaction.setPermittedScopes(null); oidcTransaction.setConsentAction(ConsentAction.CAPTURE); @@ -100,6 +110,33 @@ public void addUserConsent_withValidWebTransaction_thenPass() Mockito.when(consentService.saveUserConsent(Mockito.any())).thenReturn(new ConsentDetail()); consentHelperService.updateUserConsent(oidcTransaction, false, ""); + UserConsent userConsent = new UserConsent(); + userConsent.setHash("Cgh8oWpNM84WPYQVvluGj616_kd4z60elVXtc7R_lXw"); + userConsent.setClaims(claims); + userConsent.setAuthorizationScopes(Map.of()); + userConsent.setAcceptedClaims(List.of("value1")); + userConsent.setSignature(""); + Mockito.verify(consentService).saveUserConsent(userConsent); + } + + @Test + public void addUserConsent_withValidWebTransactionNoClaimsAndScopes_thenPass() + { + String clientId = "clientId"; + String psuToken = "psuToken"; + OIDCTransaction oidcTransaction = new OIDCTransaction(); + oidcTransaction.setAuthTransactionId("123"); + oidcTransaction.setAcceptedClaims(List.of()); + oidcTransaction.setRequestedAuthorizeScopes(List.of()); + oidcTransaction.setConsentAction(ConsentAction.NOCAPTURE); + oidcTransaction.setVoluntaryClaims(List.of()); + oidcTransaction.setEssentialClaims(List.of()); + oidcTransaction.setAcceptedClaims(List.of()); + oidcTransaction.setPermittedScopes(List.of()); + oidcTransaction.setClientId(clientId); + oidcTransaction.setPartnerSpecificUserToken(psuToken); + consentHelperService.updateUserConsent(oidcTransaction, false, ""); + Mockito.verify(consentService).deleteUserConsent(clientId, psuToken); } @Test