ATO-1248: Add AuthSession To UserContext

govuk-one-login · Nov 28, 2024 · e3e522c · e3e522c
1 parent 7f5efd8
commit e3e522c
Show file tree

Hide file tree

Showing 49 changed files with 243 additions and 41 deletions.
diff --git a/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/AccountInterventionsHandler.java b/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/AccountInterventionsHandler.java
@@ -25,6 +25,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json.JsonException;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
 import uk.gov.di.authentication.shared.services.ClientSessionService;
@@ -96,6 +97,7 @@ public AccountInterventionsHandler(ConfigurationService configurationService) {
     protected AccountInterventionsHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -108,6 +110,7 @@ protected AccountInterventionsHandler(
                 AccountInterventionsRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/AccountRecoveryHandler.java b/...api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/AccountRecoveryHandler.java
@@ -14,6 +14,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json.JsonException;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
 import uk.gov.di.authentication.shared.services.ClientSessionService;
@@ -37,6 +38,7 @@ public class AccountRecoveryHandler extends BaseFrontendHandler<AccountRecoveryR
     protected AccountRecoveryHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -46,6 +48,7 @@ protected AccountRecoveryHandler(
                 AccountRecoveryRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/.../main/java/uk/gov/di/authentication/frontendapi/lambda/AuthenticationAuthCodeHandler.java b/.../main/java/uk/gov/di/authentication/frontendapi/lambda/AuthenticationAuthCodeHandler.java
@@ -20,6 +20,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json.JsonException;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
 import uk.gov.di.authentication.shared.services.ClientSessionService;
@@ -52,6 +53,7 @@ public AuthenticationAuthCodeHandler(
             DynamoAuthCodeService dynamoAuthCodeService,
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -61,6 +63,7 @@ public AuthenticationAuthCodeHandler(
                 AuthCodeRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/CheckEmailFraudBlockHandler.java b/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/CheckEmailFraudBlockHandler.java
@@ -19,6 +19,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
 import uk.gov.di.authentication.shared.services.ClientSessionService;
@@ -43,6 +44,7 @@ public class CheckEmailFraudBlockHandler extends BaseFrontendHandler<CheckEmailF
     protected CheckEmailFraudBlockHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -52,6 +54,7 @@ protected CheckEmailFraudBlockHandler(
                 CheckEmailFraudBlockRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/CheckReAuthUserHandler.java b/...api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/CheckReAuthUserHandler.java
@@ -24,6 +24,7 @@
 import uk.gov.di.authentication.shared.helpers.ReauthAuthenticationAttemptsHelper;
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationAttemptsService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
@@ -62,6 +63,7 @@ public class CheckReAuthUserHandler extends BaseFrontendHandler<CheckReauthUserR
     public CheckReAuthUserHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -72,6 +74,7 @@ public CheckReAuthUserHandler(
                 CheckReauthUserRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/CheckUserExistsHandler.java b/...api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/CheckUserExistsHandler.java
@@ -67,6 +67,7 @@ public CheckUserExistsHandler(
                 CheckUserExistsRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/LoginHandler.java b/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/LoginHandler.java
@@ -103,6 +103,7 @@ public LoginHandler(
                 LoginRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService,

diff --git a/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/MfaHandler.java b/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/MfaHandler.java
@@ -23,6 +23,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json.JsonException;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.AwsSqsClient;
 import uk.gov.di.authentication.shared.services.ClientService;
@@ -67,6 +68,7 @@ public class MfaHandler extends BaseFrontendHandler<MfaRequest>
     public MfaHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             CodeGeneratorService codeGeneratorService,
             CodeStorageService codeStorageService,
             ClientSessionService clientSessionService,
@@ -78,6 +80,7 @@ public MfaHandler(
                 MfaRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...i/src/main/java/uk/gov/di/authentication/frontendapi/lambda/MfaResetAuthorizeHandler.java b/...i/src/main/java/uk/gov/di/authentication/frontendapi/lambda/MfaResetAuthorizeHandler.java
@@ -18,6 +18,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
 import uk.gov.di.authentication.shared.services.ClientSessionService;
@@ -45,6 +46,7 @@ public class MfaResetAuthorizeHandler extends BaseFrontendHandler<MfaResetReques
     public MfaResetAuthorizeHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -55,6 +57,7 @@ public MfaResetAuthorizeHandler(
                 MfaResetRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...d-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/ResetPasswordHandler.java b/...d-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/ResetPasswordHandler.java
@@ -27,6 +27,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json.JsonException;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.AwsSqsClient;
 import uk.gov.di.authentication.shared.services.ClientService;
@@ -70,6 +71,7 @@ public ResetPasswordHandler(
             CodeStorageService codeStorageService,
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuditService auditService,
@@ -80,6 +82,7 @@ public ResetPasswordHandler(
                 ResetPasswordCompletionRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/ResetPasswordRequestHandler.java b/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/ResetPasswordRequestHandler.java
@@ -22,6 +22,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json.JsonException;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.AwsSqsClient;
 import uk.gov.di.authentication.shared.services.ClientService;
@@ -62,6 +63,7 @@ public class ResetPasswordRequestHandler extends BaseFrontendHandler<ResetPasswo
     public ResetPasswordRequestHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -73,6 +75,7 @@ public ResetPasswordRequestHandler(
                 ResetPasswordRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/ReverificationResultHandler.java b/...rc/main/java/uk/gov/di/authentication/frontendapi/lambda/ReverificationResultHandler.java
@@ -16,6 +16,7 @@
 import uk.gov.di.authentication.shared.helpers.PersistentIdHelper;
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
 import uk.gov.di.authentication.shared.services.ClientSessionService;
@@ -41,6 +42,7 @@ public class ReverificationResultHandler extends BaseFrontendHandler<Reverificat
     public ReverificationResultHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -50,6 +52,7 @@ public ReverificationResultHandler(
                 ReverificationResultRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...pi/src/main/java/uk/gov/di/authentication/frontendapi/lambda/SendNotificationHandler.java b/...pi/src/main/java/uk/gov/di/authentication/frontendapi/lambda/SendNotificationHandler.java
@@ -27,6 +27,7 @@
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.serialization.Json.JsonException;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.AwsSqsClient;
 import uk.gov.di.authentication.shared.services.ClientService;
@@ -89,6 +90,7 @@ public class SendNotificationHandler extends BaseFrontendHandler<SendNotificatio
     public SendNotificationHandler(
             ConfigurationService configurationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ClientService clientService,
             AuthenticationService authenticationService,
@@ -102,6 +104,7 @@ public SendNotificationHandler(
                 SendNotificationRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/SignUpHandler.java b/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/SignUpHandler.java
@@ -63,6 +63,7 @@ public SignUpHandler(
                 SignupRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/StartHandler.java b/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/StartHandler.java
@@ -133,13 +133,15 @@ public APIGatewayProxyResponseEvent handleRequest(
             APIGatewayProxyRequestEvent input, Context context) {
         ThreadContext.clearMap();
         LOG.info("Start request received");
+
         var session = sessionService.getSessionFromRequestHeaders(input.getHeaders()).orElse(null);
         if (Objects.isNull(session)) {
             return generateApiGatewayProxyErrorResponse(400, ErrorResponse.ERROR_1000);
         } else {
             attachSessionIdToLogs(session);
             LOG.info("Start session retrieved");
         }
+
         attachLogFieldToLogs(
                 PERSISTENT_SESSION_ID, extractPersistentIdFromHeaders(input.getHeaders()));
 
@@ -174,7 +176,7 @@ public APIGatewayProxyResponseEvent handleRequest(
                                         configurationService.getHeadersCaseInsensitive()));
             }
 
-            var userContext = startService.buildUserContext(session, clientSession.get());
+            var userContext = startService.buildUserContext(session, null, clientSession.get());
 
             attachLogFieldToLogs(
                     CLIENT_ID,

diff --git a/...d-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/UpdateProfileHandler.java b/...d-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/UpdateProfileHandler.java
@@ -17,6 +17,7 @@
 import uk.gov.di.authentication.shared.helpers.PersistentIdHelper;
 import uk.gov.di.authentication.shared.lambda.BaseFrontendHandler;
 import uk.gov.di.authentication.shared.services.AuditService;
+import uk.gov.di.authentication.shared.services.AuthSessionService;
 import uk.gov.di.authentication.shared.services.AuthenticationService;
 import uk.gov.di.authentication.shared.services.ClientService;
 import uk.gov.di.authentication.shared.services.ClientSessionService;
@@ -46,6 +47,7 @@ public class UpdateProfileHandler extends BaseFrontendHandler<UpdateProfileReque
     protected UpdateProfileHandler(
             AuthenticationService authenticationService,
             SessionService sessionService,
+            AuthSessionService authSessionService,
             ClientSessionService clientSessionService,
             ConfigurationService configurationService,
             AuditService auditService,
@@ -54,6 +56,7 @@ protected UpdateProfileHandler(
                 UpdateProfileRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...tend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/VerifyCodeHandler.java b/...tend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/VerifyCodeHandler.java
@@ -98,6 +98,7 @@ protected VerifyCodeHandler(
                 VerifyCodeRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/...d-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/VerifyMfaCodeHandler.java b/...d-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/VerifyMfaCodeHandler.java
@@ -97,6 +97,7 @@ public VerifyMfaCodeHandler(
                 VerifyMfaCodeRequest.class,
                 configurationService,
                 sessionService,
+                authSessionService,
                 clientSessionService,
                 clientService,
                 authenticationService);

diff --git a/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/services/StartService.java b/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/services/StartService.java
@@ -10,6 +10,7 @@
 import uk.gov.di.authentication.frontendapi.entity.UserStartInfo;
 import uk.gov.di.authentication.shared.conditions.DocAppUserHelper;
 import uk.gov.di.authentication.shared.conditions.IdentityHelper;
+import uk.gov.di.authentication.shared.entity.AuthSessionItem;
 import uk.gov.di.authentication.shared.entity.ClientRegistry;
 import uk.gov.di.authentication.shared.entity.ClientSession;
 import uk.gov.di.authentication.shared.entity.MFAMethod;
@@ -64,8 +65,9 @@ public Session createNewSessionWithExistingIdAndClientSession(
         return session;
     }
 
-    public UserContext buildUserContext(Session session, ClientSession clientSession) {
-        var builder = UserContext.builder(session).withClientSession(clientSession);
+    public UserContext buildUserContext(
+            Session session, Optional<AuthSessionItem> authSession, ClientSession clientSession) {
+        var builder = UserContext.builder(session, authSession).withClientSession(clientSession);
         UserContext userContext;
         try {
             var clientId =