fix: P4ADEV-403 passing parameters from Controller to Service (#11)

src/main/java/it/gov/pagopa/payhub/auth/controller/AuthControllerImpl.java

@@ -18,7 +18,7 @@ public AuthControllerImpl(AuthService authService) {
 
     @Override
     public ResponseEntity<AccessToken> postToken(String clientId, String grantType, String subjectToken, String subjectIssuer, String subjectTokenType, String scope) {
-        authService.postToken(subjectToken);
+        authService.postToken(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
         return new ResponseEntity<>(HttpStatus.OK);
     }
 }

src/main/java/it/gov/pagopa/payhub/auth/service/AuthService.java

@@ -2,5 +2,5 @@
 
 public interface AuthService {
 
-    void postToken(String token);
+    void postToken(String clientId, String grantType, String subjectToken, String subjectIssuer, String subjectTokenType, String scope);
 }

src/main/java/it/gov/pagopa/payhub/auth/service/AuthServiceImpl.java

@@ -14,7 +14,7 @@ public AuthServiceImpl(ExchangeTokenService exchangeTokenService) {
     }
 
     @Override
-    public void postToken(String token) {
-        exchangeTokenService.postToken(token);
+    public void postToken(String clientId, String grantType, String subjectToken, String subjectIssuer, String subjectTokenType, String scope) {
+        exchangeTokenService.postToken(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
     }
 }

src/main/java/it/gov/pagopa/payhub/auth/service/exchange/ExchangeTokenService.java

@@ -1,5 +1,5 @@
 package it.gov.pagopa.payhub.auth.service.exchange;
 
 public interface ExchangeTokenService {
-    void postToken(String token);
+    void postToken(String clientId, String grantType, String subjectToken, String subjectIssuer, String subjectTokenType, String scope);
 }

src/main/java/it/gov/pagopa/payhub/auth/service/exchange/ExchangeTokenServiceImpl.java

@@ -12,7 +12,7 @@ public ExchangeTokenServiceImpl(ValidateTokenService validateTokenService) {
     }
 
     @Override
-    public void postToken(String token) {
-        validateTokenService.validate(token);
+    public void postToken(String clientId, String grantType, String subjectToken, String subjectIssuer, String subjectTokenType, String scope) {
+        validateTokenService.validate(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
     }
 }

src/main/java/it/gov/pagopa/payhub/auth/service/exchange/ValidateTokenService.java

@@ -27,8 +27,8 @@ public ValidateTokenService(@Value("${jwt.token.audience:}")String audience,
         this.jwtValidator = jwtValidator;
     }
 
-    public void validate(String token) {
-        Map<String, String> data = jwtValidator.validate(token, urlJwkProvider);
+    public void validate(String clientId, String grantType, String subjectToken, String subjectIssuer, String subjectTokenType, String scope) {
+        Map<String, String> data = jwtValidator.validate(subjectToken, urlJwkProvider);
         if (!(data.get(Claims.AUDIENCE).equals(audience) && data.get(Claims.ISSUER).equals(issuer))){
             throw new InvalidTokenException("Invalid audience or issuer in the token");
         }

src/test/java/it/gov/pagopa/payhub/auth/controller/AuthControllerTest.java

@@ -32,25 +32,30 @@ class AuthControllerTest {
 
     @Test
     void givenExpectedAuthTokenThenOk() throws Exception {
-        doNothing().when(authServiceMock).postToken("token");
+        String clientId="CLIENT_ID";
+        String grantType="GRANT_TYPE";
+        String subjectToken="SUBJECT_TOKEN";
+        String subjectIssuer="SUBJECT_ISSUER";
+        String subjectTokenType="SUBJECT_TOKEN_TYPE";
+        String scope="SCOPE";
+
+        doNothing().when(authServiceMock).postToken(clientId,grantType,subjectToken,subjectIssuer,subjectTokenType,scope);
 
         MvcResult result = mockMvc.perform(
                 post("/payhub/auth/token")
-                        .param("client_id", "piattaforma-unitaria")
-                        .param("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange")
-                        .param("subject_token", "token")
-                        .param("subject_issuer", "issuer")
-                        .param("subject_token_type", "urn:ietf:params:oauth:token-type:id_token")
-                        .param("scope", "openid")
+                        .param("client_id", clientId)
+                        .param("grant_type", grantType)
+                        .param("subject_token", subjectToken)
+                        .param("subject_issuer", subjectIssuer)
+                        .param("subject_token_type", subjectTokenType)
+                        .param("scope", scope)
         ).andExpect(status().is2xxSuccessful()).andReturn();
 
         Assertions.assertNotNull(result);
     }
 
     @Test
     void givenRequestWithoutAuthTokenThenBadRequest() throws Exception {
-        doNothing().when(authServiceMock).postToken("token");
-
         MvcResult result = mockMvc.perform(
                 post("/payhub/auth/token")
         ).andExpect(status().isBadRequest()).andReturn();

src/test/java/it/gov/pagopa/payhub/auth/service/AuthServiceTest.java

@@ -32,12 +32,17 @@ void verifyNotMoreInteractions(){
     @Test
     void whenPostTokenThenCallExchangeService(){
         // Given
-        String token = "TOKEN";
+        String clientId="CLIENT_ID";
+        String grantType="GRANT_TYPE";
+        String subjectToken="SUBJECT_TOKEN";
+        String subjectIssuer="SUBJECT_ISSUER";
+        String subjectTokenType="SUBJECT_TOKEN_TYPE";
+        String scope="SCOPE";
 
         // When
-        service.postToken(token);
+        service.postToken(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
 
         // Then
-        Mockito.verify(exchangeTokenServiceMock).postToken(token);
+        Mockito.verify(exchangeTokenServiceMock).postToken(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
     }
 }

src/test/java/it/gov/pagopa/payhub/auth/service/exchange/ExchangeTokenServiceTest.java

@@ -31,12 +31,17 @@ void verifyNotMoreInteractions(){
     @Test
     void givenValidTokenWhenPostTokenThenSuccess(){
         // Given
-        String token = "TOKEN";
+        String clientId="CLIENT_ID";
+        String grantType="GRANT_TYPE";
+        String subjectToken="SUBJECT_TOKEN";
+        String subjectIssuer="SUBJECT_ISSUER";
+        String subjectTokenType="SUBJECT_TOKEN_TYPE";
+        String scope="SCOPE";
 
         // When
-        service.postToken(token);
+        service.postToken(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
 
         // Then
-        Mockito.verify(validateTokenServiceMock).validate(token);
+        Mockito.verify(validateTokenServiceMock).validate(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
     }
 }

src/test/java/it/gov/pagopa/payhub/auth/service/exchange/ValidateTokenServiceTest.java

@@ -49,39 +49,55 @@ void clean(){
     }
     @Test
     void authTokenOk() throws Exception {
-        String token = utils.generateJWK(EXPIRES_AT);
+        String clientId = "CLIENT_ID";
+        String grantType = "GRANT_TYPE";
+        String subjectToken = utils.generateJWK(EXPIRES_AT);
+        String subjectIssuer = "SUBJECT_ISSUER";
+        String subjectTokenType = "SUBJECT_TOKEN_TYPE";
+        String scope = "SCOPE";
+
         Map<String, String> claimsMap = createJWKClaims(ISS, AUD);
 
         String wireMockUrl = utils.getUrlJwkProvider();
-        when(jwtValidator.validate(token, wireMockUrl)).thenReturn(claimsMap);
+        when(jwtValidator.validate(subjectToken, wireMockUrl)).thenReturn(claimsMap);
 
-        validateTokenService.validate(token);
-        Mockito.verify(jwtValidator, times(1)).validate(token, wireMockUrl);
+        validateTokenService.validate(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope);
+        Mockito.verify(jwtValidator, times(1)).validate(subjectToken, wireMockUrl);
     }
 
     @Test
     void authTokenWrongIss() throws Exception {
-        String token = utils.generateJWK(EXPIRES_AT);
+        String clientId = "CLIENT_ID";
+        String grantType = "GRANT_TYPE";
+        String subjectToken = utils.generateJWK(EXPIRES_AT);
+        String subjectIssuer = "SUBJECT_ISSUER";
+        String subjectTokenType = "SUBJECT_TOKEN_TYPE";
+        String scope = "SCOPE";
         Map<String, String> claimsMap = createJWKClaims("ISS_FAKE", AUD);
 
         String wireMockUrl = utils.getUrlJwkProvider();
-        when(jwtValidator.validate(token, wireMockUrl)).thenReturn(claimsMap);
+        when(jwtValidator.validate(subjectToken, wireMockUrl)).thenReturn(claimsMap);
 
         assertThrows(InvalidTokenException.class, () ->
-                                validateTokenService.validate(token));
+                                validateTokenService.validate(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope));
 
     }
 
     @Test
     void authTokenWrongAud() throws Exception {
-        String token = utils.generateJWK(EXPIRES_AT);
+        String clientId = "CLIENT_ID";
+        String grantType = "GRANT_TYPE";
+        String subjectToken = utils.generateJWK(EXPIRES_AT);
+        String subjectIssuer = "SUBJECT_ISSUER";
+        String subjectTokenType = "SUBJECT_TOKEN_TYPE";
+        String scope = "SCOPE";
         Map<String, String> claimsMap = createJWKClaims(ISS, "AUD_FAKE");
 
         String wireMockUrl = utils.getUrlJwkProvider();
-        when(jwtValidator.validate(token, wireMockUrl)).thenReturn(claimsMap);
+        when(jwtValidator.validate(subjectToken, wireMockUrl)).thenReturn(claimsMap);
 
         assertThrows(InvalidTokenException.class, () ->
-                        validateTokenService.validate(token));
+                        validateTokenService.validate(clientId, grantType, subjectToken, subjectIssuer, subjectTokenType, scope));
 
     }