Skip to content

Commit 666c7d8

Browse files
author
JHjava
authored
Merge pull request #1555 from alphagov/bau-save-clientsession
BAU - Save client session in auth code store
2 parents 54a19d1 + ba03216 commit 666c7d8

4 files changed

Lines changed: 21 additions & 4 deletions

File tree

oidc-api/src/main/java/uk/gov/di/authentication/oidc/lambda/AuthCodeHandler.java

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -175,7 +175,9 @@ public APIGatewayProxyResponseEvent handleRequest(
175175
}
176176
AuthorizationCode authCode =
177177
authorisationCodeService.generateAuthorisationCode(
178-
clientSessionId, session.getEmailAddress());
178+
clientSessionId,
179+
session.getEmailAddress(),
180+
clientSession);
179181

180182
AuthenticationSuccessResponse authenticationResponse =
181183
authorizationService.generateSuccessfulAuthResponse(

oidc-api/src/test/java/uk/gov/di/authentication/oidc/lambda/AuthCodeHandlerTest.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -165,7 +165,8 @@ void shouldGenerateSuccessfulAuthResponseAndUpliftAsNecessary(
165165

166166
when(authorizationService.isClientRedirectUriValid(eq(CLIENT_ID), eq(REDIRECT_URI)))
167167
.thenReturn(true);
168-
when(authorisationCodeService.generateAuthorisationCode(eq(CLIENT_SESSION_ID), eq(EMAIL)))
168+
when(authorisationCodeService.generateAuthorisationCode(
169+
CLIENT_SESSION_ID, EMAIL, clientSession))
169170
.thenReturn(authorizationCode);
170171
when(authorizationService.generateSuccessfulAuthResponse(
171172
any(AuthenticationRequest.class), any(AuthorizationCode.class)))

shared/src/main/java/uk/gov/di/authentication/shared/entity/AuthCodeExchangeData.java

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ public class AuthCodeExchangeData {
88

99
@JsonProperty private String email;
1010

11+
@JsonProperty private ClientSession clientSession;
12+
1113
public String getClientSessionId() {
1214
return clientSessionId;
1315
}
@@ -25,4 +27,13 @@ public AuthCodeExchangeData setEmail(String email) {
2527
this.email = email;
2628
return this;
2729
}
30+
31+
public ClientSession getClientSession() {
32+
return clientSession;
33+
}
34+
35+
public AuthCodeExchangeData setClientSession(ClientSession clientSession) {
36+
this.clientSession = clientSession;
37+
return this;
38+
}
2839
}

shared/src/main/java/uk/gov/di/authentication/shared/services/AuthorisationCodeService.java

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
import org.apache.logging.log4j.LogManager;
77
import org.apache.logging.log4j.Logger;
88
import uk.gov.di.authentication.shared.entity.AuthCodeExchangeData;
9+
import uk.gov.di.authentication.shared.entity.ClientSession;
910
import uk.gov.di.authentication.shared.helpers.ObjectMapperFactory;
1011

1112
import java.util.Optional;
@@ -30,15 +31,17 @@ public AuthorisationCodeService(ConfigurationService configurationService) {
3031
this.objectMapper = ObjectMapperFactory.getInstance();
3132
}
3233

33-
public AuthorizationCode generateAuthorisationCode(String clientSessionId, String email) {
34+
public AuthorizationCode generateAuthorisationCode(
35+
String clientSessionId, String email, ClientSession clientSession) {
3436
AuthorizationCode authorizationCode = new AuthorizationCode();
3537
try {
3638
redisConnectionService.saveWithExpiry(
3739
AUTH_CODE_PREFIX.concat(authorizationCode.getValue()),
3840
objectMapper.writeValueAsString(
3941
new AuthCodeExchangeData()
4042
.setEmail(email)
41-
.setClientSessionId(clientSessionId)),
43+
.setClientSessionId(clientSessionId)
44+
.setClientSession(clientSession)),
4245
authorisationCodeExpiry);
4346
return authorizationCode;
4447
} catch (JsonProcessingException e) {

0 commit comments

Comments
 (0)