ATO-1428: Extract session id variable in StartHandler

govuk-one-login · Feb 11, 2025 · 39360e3 · 39360e3
1 parent 4b07cb7
commit 39360e3
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 15 deletions.
diff --git a/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/StartHandler.java b/frontend-api/src/main/java/uk/gov/di/authentication/frontendapi/lambda/StartHandler.java
@@ -16,7 +16,10 @@
 import uk.gov.di.authentication.frontendapi.helpers.ReauthMetadataBuilder;
 import uk.gov.di.authentication.frontendapi.services.StartService;
 import uk.gov.di.authentication.shared.domain.CloudwatchMetrics;
-import uk.gov.di.authentication.shared.entity.*;
+import uk.gov.di.authentication.shared.entity.ClientRegistry;
+import uk.gov.di.authentication.shared.entity.ErrorResponse;
+import uk.gov.di.authentication.shared.entity.JourneyType;
+import uk.gov.di.authentication.shared.entity.UserProfile;
 import uk.gov.di.authentication.shared.exceptions.ClientNotFoundException;
 import uk.gov.di.authentication.shared.helpers.DocAppSubjectIdHelper;
 import uk.gov.di.authentication.shared.helpers.IpAddressHelper;
@@ -37,13 +40,13 @@
 
 import java.util.ArrayList;
 import java.util.Map;
-import java.util.Objects;
 import java.util.Optional;
 
 import static uk.gov.di.authentication.frontendapi.helpers.ReauthMetadataBuilder.getReauthFailureReasonFromCountTypes;
 import static uk.gov.di.authentication.shared.domain.CloudwatchMetricDimensions.ENVIRONMENT;
 import static uk.gov.di.authentication.shared.domain.CloudwatchMetricDimensions.FAILURE_REASON;
 import static uk.gov.di.authentication.shared.domain.RequestHeaders.CLIENT_SESSION_ID_HEADER;
+import static uk.gov.di.authentication.shared.domain.RequestHeaders.SESSION_ID_HEADER;
 import static uk.gov.di.authentication.shared.helpers.ApiGatewayResponseHelper.generateApiGatewayProxyErrorResponse;
 import static uk.gov.di.authentication.shared.helpers.ApiGatewayResponseHelper.generateApiGatewayProxyResponse;
 import static uk.gov.di.authentication.shared.helpers.LogLineHelper.LogFieldName.CLIENT_ID;
@@ -53,6 +56,7 @@
 import static uk.gov.di.authentication.shared.helpers.LogLineHelper.attachSessionIdToLogs;
 import static uk.gov.di.authentication.shared.helpers.PersistentIdHelper.extractPersistentIdFromHeaders;
 import static uk.gov.di.authentication.shared.helpers.RequestHeaderHelper.getHeaderValueFromHeaders;
+import static uk.gov.di.authentication.shared.helpers.RequestHeaderHelper.getOptionalHeaderValueFromHeaders;
 import static uk.gov.di.authentication.shared.helpers.TxmaAuditHelper.getTxmaAuditEncodedHeader;
 import static uk.gov.di.authentication.shared.services.AuditService.MetadataPair.pair;
 
@@ -132,13 +136,20 @@ public APIGatewayProxyResponseEvent handleRequest(
             APIGatewayProxyRequestEvent input, Context context) {
         ThreadContext.clearMap();
         LOG.info("Start request received");
-        var session = sessionService.getSessionFromRequestHeaders(input.getHeaders()).orElse(null);
-        if (Objects.isNull(session)) {
+        var sessionIdOpt =
+                getOptionalHeaderValueFromHeaders(
+                        input.getHeaders(),
+                        SESSION_ID_HEADER,
+                        configurationService.getHeadersCaseInsensitive());
+        var sessionOpt = sessionIdOpt.flatMap(sessionService::getSession);
+        if (sessionIdOpt.isEmpty() || sessionOpt.isEmpty()) {
             return generateApiGatewayProxyErrorResponse(400, ErrorResponse.ERROR_1000);
-        } else {
-            attachSessionIdToLogs(session);
-            LOG.info("Start session retrieved");
         }
+        var sessionId = sessionIdOpt.get();
+        var session = sessionOpt.get();
+
+        attachSessionIdToLogs(sessionId);
+        LOG.info("Start session retrieved");
         attachLogFieldToLogs(
                 PERSISTENT_SESSION_ID, extractPersistentIdFromHeaders(input.getHeaders()));
 
@@ -180,7 +191,7 @@ public APIGatewayProxyResponseEvent handleRequest(
             var authSession =
                     authSessionService.getUpdatedPreviousSessionOrCreateNew(
                             Optional.ofNullable(startRequest.previousSessionId()),
-                            session.getSessionId(),
+                            sessionId,
                             startRequest.currentCredentialStrength());
 
             authSessionService.addSession(authSession.withUpliftRequired(upliftRequired));
@@ -230,7 +241,7 @@ public APIGatewayProxyResponseEvent handleRequest(
                     new AuditContext(
                             userContext.getClient().get().getClientID(),
                             clientSessionId,
-                            session.getSessionId(),
+                            sessionId,
                             internalCommonSubjectIdentifierForAuditEvent,
                             userContext
                                     .getUserProfile()

diff --git a/frontend-api/src/test/java/uk/gov/di/authentication/frontendapi/lambda/StartHandlerTest.java b/frontend-api/src/test/java/uk/gov/di/authentication/frontendapi/lambda/StartHandlerTest.java
@@ -101,7 +101,7 @@ class StartHandlerTest {
     private static final String TEST_RP_PAIRWISE_ID = "test_rp_pairwise_id";
     private static final String TEST_PREVIOUS_SIGN_IN_JOURNEY_ID = "test_journey_id";
     private static final int MAX_ALLOWED_RETRIES = 6;
-    private static final String SESSION_ID = "some-session-id";
+    private static final String SESSION_ID = "session-id";
     public static final State STATE = new State();
     public static final URI REDIRECT_URL = URI.create("https://localhost/redirect");
     private static final Scope DOC_APP_SCOPE =
@@ -146,8 +146,6 @@ void beforeEach() {
         when(configurationService.isIdentityEnabled()).thenReturn(true);
         when(configurationService.getEnvironment()).thenReturn("test");
         when(context.getAwsRequestId()).thenReturn("aws-session-id");
-        when(sessionService.getSessionFromRequestHeaders(any()))
-                .thenReturn(Optional.of(new Session("session-id")));
         when(userContext.getClient()).thenReturn(Optional.of(clientRegistry));
         when(userContext.getClientSession()).thenReturn(clientSession);
         when(clientRegistry.getClientID()).thenReturn(TEST_CLIENT_ID);
@@ -538,6 +536,7 @@ void shouldReturn200AndEmitReauthFailedEventWhenUserBlockedForReauthJourney(
 
     @Test
     void shouldReturn400WhenClientSessionIsNotFound() throws Json.JsonException {
+        usingValidSession();
         usingInvalidClientSession();
         var event =
                 apiRequestEventWithHeadersAndBody(
@@ -614,8 +613,7 @@ private void usingInvalidClientSession() {
     }
 
     private void usingValidSession() {
-        when(sessionService.getSessionFromRequestHeaders(anyMap()))
-                .thenReturn(Optional.of(session));
+        when(sessionService.getSession(anyString())).thenReturn(Optional.of(session));
         when(startService.createNewSessionWithExistingIdAndClientSession(
                         session, CLIENT_SESSION_ID))
                 .thenReturn(session);
@@ -624,7 +622,7 @@ private void usingValidSession() {
     }
 
     private void usingInvalidSession() {
-        when(sessionService.getSessionFromRequestHeaders(anyMap())).thenReturn(Optional.empty());
+        when(sessionService.getSession(anyString())).thenReturn(Optional.empty());
     }
 
     private ClientSession getClientSession() {