User Story:
As IDA, I want to validate both the MISP Partner status and the associated MISP License Key before processing authentication requests, So that authentication is executed only when both the partner and license key are active and valid.
Description:
Partners onboarded through MISP invoke authentication services in IDA using a valid MISP License Key associated with the partner. Before executing authentication, IDA must validate:
-
MISP Partner status
-
MISP License Key status
Authentication should be processed only when both the MISP Partner and the MISP License Key are active and valid.
If either the MISP Partner is inactive/deactivated or the MISP License Key is inactive/invalid/expired, IDA must reject the authentication request and return an appropriate error response.
This ensures that authentication services are accessed only by authorized and valid partners with active licenses, enforcing proper partner and license lifecycle management.
Acceptance Criteria:
-
MISP Partner Status Validation
#* Given a partner is registered as a MISP Partner
#* When an authentication request is received
#* Then IDA should validate that the MISP Partner status is Active.
-
MISP License Key Validation
#* Given the authentication request includes a MISP License Key
#* When IDA processes the request
#* Then IDA should validate that the license key is active and valid.
-
Successful Authentication Execution
#* Given the MISP Partner is Active
#* And the MISP License Key is Active and valid
#* When an authentication request is received
#* Then IDA should proceed with executing the authentication flow.
-
Reject Request if Partner is Deactivated
#* Given the MISP Partner is Deactivated
#* When an authentication request is received
#* Then IDA should reject the request.
-
Reject Request if License Key is Invalid or Inactive
#* Given the MISP License Key is inactive, invalid, or expired
#* When an authentication request is received
#* Then IDA should reject the authentication request.
-
Error Handling
#* When authentication is rejected due to invalid partner status or license key
#* Then IDA should return an appropriate error message indicating the reason for failure.
-
Audit Logging
#* When authentication fails due to MISP partner or license key validation failure
#* Then IDA should log the partner ID, license key, timestamp, and reason for rejection.
Alternate Flows:
-
MISP Partner Active but License Key Inactive
#* Given the MISP Partner status is Active
#* But the MISP License Key is inactive or expired
#* When an authentication request is received
#* Then IDA should reject the authentication request due to invalid license key.
-
MISP Partner Deactivated but License Key Active
#* Given the MISP Partner is Deactivated
#* And the MISP License Key is still active
#* When the partner sends an authentication request
#* Then IDA should reject the authentication request because the partner is inactive.
-
Both Partner and License Key Invalid
#* Given the MISP Partner is Deactivated
#* And the MISP License Key is inactive or expired
#* When the authentication request is received
#* Then IDA should reject the request.
-
License Key Renewal
#* If an expired or inactive license key is renewed or reactivated in PMS
#* Then IDA should allow authentication requests again once the updated status is synchronized provided the partner is still active
User Story:
As IDA, I want to validate both the MISP Partner status and the associated MISP License Key before processing authentication requests, So that authentication is executed only when both the partner and license key are active and valid.
Description:
Partners onboarded through MISP invoke authentication services in IDA using a valid MISP License Key associated with the partner. Before executing authentication, IDA must validate:
MISP Partner status
MISP License Key status
Authentication should be processed only when both the MISP Partner and the MISP License Key are active and valid.
If either the MISP Partner is inactive/deactivated or the MISP License Key is inactive/invalid/expired, IDA must reject the authentication request and return an appropriate error response.
This ensures that authentication services are accessed only by authorized and valid partners with active licenses, enforcing proper partner and license lifecycle management.
Acceptance Criteria:
MISP Partner Status Validation
#* Given a partner is registered as a MISP Partner
#* When an authentication request is received
#* Then IDA should validate that the MISP Partner status is Active.
MISP License Key Validation
#* Given the authentication request includes a MISP License Key
#* When IDA processes the request
#* Then IDA should validate that the license key is active and valid.
Successful Authentication Execution
#* Given the MISP Partner is Active
#* And the MISP License Key is Active and valid
#* When an authentication request is received
#* Then IDA should proceed with executing the authentication flow.
Reject Request if Partner is Deactivated
#* Given the MISP Partner is Deactivated
#* When an authentication request is received
#* Then IDA should reject the request.
Reject Request if License Key is Invalid or Inactive
#* Given the MISP License Key is inactive, invalid, or expired
#* When an authentication request is received
#* Then IDA should reject the authentication request.
Error Handling
#* When authentication is rejected due to invalid partner status or license key
#* Then IDA should return an appropriate error message indicating the reason for failure.
Audit Logging
#* When authentication fails due to MISP partner or license key validation failure
#* Then IDA should log the partner ID, license key, timestamp, and reason for rejection.
Alternate Flows:
MISP Partner Active but License Key Inactive
#* Given the MISP Partner status is Active
#* But the MISP License Key is inactive or expired
#* When an authentication request is received
#* Then IDA should reject the authentication request due to invalid license key.
MISP Partner Deactivated but License Key Active
#* Given the MISP Partner is Deactivated
#* And the MISP License Key is still active
#* When the partner sends an authentication request
#* Then IDA should reject the authentication request because the partner is inactive.
Both Partner and License Key Invalid
#* Given the MISP Partner is Deactivated
#* And the MISP License Key is inactive or expired
#* When the authentication request is received
#* Then IDA should reject the request.
License Key Renewal
#* If an expired or inactive license key is renewed or reactivated in PMS
#* Then IDA should allow authentication requests again once the updated status is synchronized provided the partner is still active