From d535fcd18c13e61fa6161dea82563fd0cbec87d2 Mon Sep 17 00:00:00 2001 From: Mark Coburn Date: Fri, 28 Jun 2024 06:44:59 -0700 Subject: [PATCH] fix: return 202 when challenge in createAuthorization response --- .../controller/AuthorizationsController.java | 8 +++- .../AuthorizationsControllerTest.groovy | 37 +++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/mdx-web/src/main/java/com/mx/path/model/mdx/web/controller/AuthorizationsController.java b/mdx-web/src/main/java/com/mx/path/model/mdx/web/controller/AuthorizationsController.java index 91b7b887..810d9226 100644 --- a/mdx-web/src/main/java/com/mx/path/model/mdx/web/controller/AuthorizationsController.java +++ b/mdx-web/src/main/java/com/mx/path/model/mdx/web/controller/AuthorizationsController.java @@ -22,7 +22,13 @@ public AuthorizationsController() { @RequestMapping(value = "/users/{user_id}/authorizations", method = RequestMethod.POST, consumes = BaseController.MDX_MEDIA) public final ResponseEntity createAuthorization(@RequestBody Authorization authorizationRequest) throws Exception { AccessorResponse response = gateway().authorizations().create(authorizationRequest); - return new ResponseEntity<>(response.getResult().wrapped(), createMultiMapForResponse(response.getHeaders()), HttpStatus.OK); + Authorization result = response.getResult(); + + HttpStatus status = HttpStatus.OK; + if (result.getChallenges() != null && result.getChallenges().size() > 0) { + status = HttpStatus.ACCEPTED; + } + return new ResponseEntity<>(response.getResult().wrapped(), createMultiMapForResponse(response.getHeaders()), status); } @RequestMapping(value = "/users/{user_id}/authorizations/callback", method = RequestMethod.GET, produces = "text/html") diff --git a/mdx-web/src/test/groovy/com/mx/path/model/mdx/web/controller/AuthorizationsControllerTest.groovy b/mdx-web/src/test/groovy/com/mx/path/model/mdx/web/controller/AuthorizationsControllerTest.groovy index 8fef3060..cf627f45 100644 --- a/mdx-web/src/test/groovy/com/mx/path/model/mdx/web/controller/AuthorizationsControllerTest.groovy +++ b/mdx-web/src/test/groovy/com/mx/path/model/mdx/web/controller/AuthorizationsControllerTest.groovy @@ -1,13 +1,17 @@ package com.mx.path.model.mdx.web.controller +import static org.mockito.Mockito.doReturn import static org.mockito.Mockito.spy import static org.mockito.Mockito.verify +import com.mx.path.core.common.accessor.PathResponseStatus import com.mx.path.gateway.accessor.AccessorResponse import com.mx.path.gateway.api.Gateway import com.mx.path.gateway.api.authorization.AuthorizationGateway import com.mx.path.model.mdx.model.authorization.Authorization import com.mx.path.model.mdx.model.authorization.HtmlPage +import com.mx.path.model.mdx.model.challenges.Challenge +import com.mx.path.model.mdx.model.challenges.Question import org.mockito.Mockito import org.springframework.http.HttpStatus @@ -43,6 +47,39 @@ class AuthorizationsControllerTest extends Specification { HttpStatus.OK == response.getStatusCode() } + def "createAuthorization - ACCEPTED"() { + given: + def authorization = new Authorization() + BaseController.setGateway(gateway) + + def challenge = new Challenge().tap { + id = "CHALLENGE_1" + questions = new ArrayList().tap { + add(new Question().tap { + id = "QUESTION_1" + prompt = "Do you accept the policy?" + promptType = "text" + }) + } + } + def accessorResponse = new Authorization().tap { + challenges = [challenge] + } + doReturn(new AccessorResponse() + .withResult(accessorResponse) + .withStatus(PathResponseStatus.ACCEPTED)) + .when(authorizationGateway).create(authorization) + + when: + def response = subject.createAuthorization(authorization) + + then: + verify(gateway).authorizations() || true + verify(authorizationGateway).create(authorization) || true + response.statusCode == HttpStatus.ACCEPTED + response.getBody().challenges.size() > 0 + } + def "callback interacts with gateway"() { given: def authorization = new HtmlPage()