AUT-665 Update tests regarding Ory Hydra changes

src/test/groovy/ee/ria/tara/AuthenticationSpec.groovy

@@ -214,7 +214,7 @@ class AuthenticationSpec extends TaraSpecification {
         }
 
         Response oidcserviceResponse = Steps.followRedirectWithCookies(flow, consentResponse, flow.oidcService.cookies)
-        assertEquals(302, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
         String authorizationCode = Utils.getParamValueFromResponseHeader(oidcserviceResponse, "code")
         Response tokenResponse = Requests.getWebToken(flow, authorizationCode)
 
@@ -296,7 +296,7 @@ class AuthenticationSpec extends TaraSpecification {
         assertThat(response.getHeader("location"), Matchers.startsWith(flow.openIdServiceConfiguration.getString("authorization_endpoint")))
         assertEquals(flow.oidcClientPublic.clientId, Utils.getParamValueFromResponseHeader(response, "client_id"), "Location field contains correct client_id value")
         Response oidcserviceResponse = Steps.followRedirectWithCookies(flow, response, flow.oidcService.cookies)
-        assertEquals(302, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
         assertThat(oidcserviceResponse.getHeader("location"), Matchers.containsString("user_cancel"))
     }
 

src/test/groovy/ee/ria/tara/IDCardAuthSpec.groovy

@@ -110,7 +110,7 @@ class IDCardAuthSpec extends TaraSpecification {
 
         assertEquals(302, consentResponse.statusCode(), "Correct HTTP status code is returned")
         Response oidcserviceResponse = Steps.followRedirectWithCookies(flow, consentResponse, flow.oidcService.cookies)
-        assertEquals(302, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
         String authorizationCode = Utils.getParamValueFromResponseHeader(oidcserviceResponse, "code")
         Response tokenResponse = Requests.getWebToken(flow, authorizationCode)
         assertEquals(200, tokenResponse.statusCode(), "Correct HTTP status code is returned")
@@ -149,7 +149,7 @@ class IDCardAuthSpec extends TaraSpecification {
 
         assertEquals(302, consentResponse.statusCode(), "Correct HTTP status code is returned")
         Response oidcserviceResponse = Steps.followRedirectWithCookies(flow, consentResponse, flow.oidcService.cookies)
-        assertEquals(302, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, oidcserviceResponse.statusCode(), "Correct HTTP status code is returned")
         String authorizationCode = Utils.getParamValueFromResponseHeader(oidcserviceResponse, "code")
         Response tokenResponse = Requests.getWebToken(flow, authorizationCode)
         assertEquals(200, tokenResponse.statusCode(), "Correct HTTP status code is returned")

src/test/groovy/ee/ria/tara/OidcAuthenticationRequestSpec.groovy

@@ -40,9 +40,9 @@ class OidcAuthenticationRequestSpec extends TaraSpecification {
         where:
         paramName       | paramValue                || statusCode || error                       || errorSuffix || errorPreffix
         "redirect_uri"  | "https://www.example.com" || 302        || "invalid_request"           || "The request is missing a required parameter" || "pre-registered redirect urls."
-        "scope"         | "my_scope"                || 302        || "invalid_scope"             || "The requested scope is invalid" || " is not allowed to request scope 'my_scope'."
-        "scope"         | "openid,eidas"            || 302        || "invalid_scope"             || "The requested scope is invalid" || " is not allowed to request scope 'openid,eidas'."
-        "response_type" | "token"                   || 302        || "unsupported_response_type" || "The authorization server does not support obtaining a token" || "is not allowed to request response_type 'token'."
+        "scope"         | "my_scope"                || 303        || "invalid_scope"             || "The requested scope is invalid" || " is not allowed to request scope 'my_scope'."
+        "scope"         | "openid,eidas"            || 303        || "invalid_scope"             || "The requested scope is invalid" || " is not allowed to request scope 'openid,eidas'."
+        "response_type" | "token"                   || 303        || "unsupported_response_type" || "The authorization server does not support obtaining a token" || "is not allowed to request response_type 'token'."
         "client_id"     | "my_client"               || 302        || "invalid_client"            || "Client authentication failed" || "The requested OAuth 2.0 Client does not exist."
     }
 
@@ -54,7 +54,7 @@ class OidcAuthenticationRequestSpec extends TaraSpecification {
         Response initOIDCServiceSession = Steps.startAuthenticationInOidcWithParams(flow, paramsMap)
 
         String errorDescription= "The requested scope is invalid, unknown, or malformed. The OAuth 2.0 Client is not allowed to request scope 'smartid'."
-        assertThat("Correct HTTP status code is returned", initOIDCServiceSession.statusCode() == 302)
+        assertThat("Correct HTTP status code is returned", initOIDCServiceSession.statusCode() == 303)
         assertThat("Correct error message is returned", Utils.getParamValueFromResponseHeader(initOIDCServiceSession, "error") == "invalid_scope")
         assertThat("Correct error_description is returned", Utils.getParamValueFromResponseHeader(initOIDCServiceSession, "error_description") == errorDescription)
     }

src/test/groovy/ee/ria/tara/OidcMetadataSpec.groovy

@@ -101,8 +101,8 @@ class OidcMetadataSpec extends TaraSpecification {
         Response userInfoResponse = Steps.getUserInfoResponseWithHeaderParam(flow, REQUEST_TYPE_GET, "456789")
         assertEquals(401, userInfoResponse.statusCode(), "Correct HTTP status code is returned")
         Map<String, String> errorMap = OpenIdUtils.getErrorFromAuthorizationHeader(userInfoResponse)
-        assertEquals("request_unauthorized", errorMap.get("error"), "Correct error text is returned")
-        assertEquals("The request could not be authorized.", errorMap.get("error_description"), "Correct error description is returned")
+        assertEquals("\"request_unauthorized\"", errorMap.get("Bearer error"), "Correct error text is returned")
+        assertEquals("\"The request could not be authorized. Check that you provided valid credentials in the right format.\"", errorMap.get("error_description"), "Correct error description is returned")
     }
 
     @Unroll

src/test/groovy/ee/ria/tara/OidcRedirectRequestSpec.groovy

@@ -27,7 +27,7 @@ class OidcRedirectRequestSpec extends TaraSpecification {
         Steps.startAuthenticationInTara(flow)
         Response midAuthResponse = Steps.authenticateWithMid(flow,"60001017716", "69100366")
         Response response = Steps.submitConsentAndFollowRedirects(flow, true, midAuthResponse)
-        assertEquals(302, response.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, response.statusCode(), "Correct HTTP status code is returned")
         assertTrue(Utils.getParamValueFromResponseHeader(response, "code").size() > 60, "Code parameter exists")
         assertEquals(flow.state, Utils.getParamValueFromResponseHeader(response, "state"), "Correct state parameter")
     }
@@ -39,7 +39,7 @@ class OidcRedirectRequestSpec extends TaraSpecification {
         Map<String, String> paramsMap = OpenIdUtils.getAuthorizationParameters(flow, "my_scope", "et")
         Response response = Steps.startAuthenticationInOidcWithParams(flow, paramsMap)
 
-        assertEquals(302, response.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, response.statusCode(), "Correct HTTP status code is returned")
         assertEquals(flow.state, Utils.getParamValueFromResponseHeader(response, "state"), "Correct state parameter")
         assertEquals("invalid_scope", Utils.getParamValueFromResponseHeader(response, "error"), "Error parameter exists")
         assertThat("Error description parameter exists", Utils.getParamValueFromResponseHeader(response, "error_description") , Matchers.startsWith("The requested scope is invalid"))
@@ -52,7 +52,7 @@ class OidcRedirectRequestSpec extends TaraSpecification {
         Map<String, String> paramsMap = OpenIdUtils.getAuthorizationParameters(flow)
         paramsMap.put("state", "ab")
         Response response = Steps.startAuthenticationInOidcWithParams(flow, paramsMap)
-        assertEquals(302, response.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, response.statusCode(), "Correct HTTP status code is returned")
         assertEquals("ab", Utils.getParamValueFromResponseHeader(response, "state"), "Correct state parameter")
         assertEquals("invalid_state", Utils.getParamValueFromResponseHeader(response, "error"), "Error parameter exists")
         assertThat("Error description parameter exists", Utils.getParamValueFromResponseHeader(response, "error_description") , Matchers.startsWith("The state is missing"))
@@ -65,7 +65,7 @@ class OidcRedirectRequestSpec extends TaraSpecification {
         Map<String, String> paramsMap = OpenIdUtils.getAuthorizationParameters(flow)
         paramsMap.put("response_type", "token")
         Response response = Steps.startAuthenticationInOidcWithParams(flow, paramsMap)
-        assertEquals(302, response.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, response.statusCode(), "Correct HTTP status code is returned")
         assertEquals(flow.state, Utils.getParamValueFromResponseHeader(response, "state"), "Correct state parameter")
         assertEquals("unsupported_response_type", Utils.getParamValueFromResponseHeader(response, "error"), "Error parameter exists")
         assertThat("Error description parameter exists", Utils.getParamValueFromResponseHeader(response, "error_description") , Matchers.startsWith("The authorization server does not support"))
@@ -82,7 +82,7 @@ class OidcRedirectRequestSpec extends TaraSpecification {
         def map3 = Utils.setParameter(cookieMap, "SESSION", flow.sessionId)
         Response rejectResponse = Requests.getRequestWithCookiesAndParams(flow, flow.loginService.fullAuthRejectUrl, cookieMap, paramsMap, Collections.emptyMap())
         Response response = Steps.followRedirectWithCookies(flow, rejectResponse, flow.oidcService.cookies)
-        assertEquals(302, response.statusCode(), "Correct HTTP status code is returned")
+        assertEquals(303, response.statusCode(), "Correct HTTP status code is returned")
         assertEquals(flow.state, Utils.getParamValueFromResponseHeader(response, "state"), "Correct state parameter")
         assertEquals("user_cancel", Utils.getParamValueFromResponseHeader(response, "error"), "Error parameter exists")
         assertThat("Error description parameter exists", Utils.getParamValueFromResponseHeader(response, "error_description") , Matchers.startsWith("User canceled the authentication process"))

src/test/groovy/ee/ria/tara/OidcUserInfoRequestSpec.groovy

@@ -332,8 +332,8 @@ class OidcUserInfoRequestSpec extends TaraSpecification {
         assertThat("Correct Content-Type is returned", response.getContentType(), startsWith("application/json"))
         assertEquals("request_unauthorized", response.body().jsonPath().get("error"), "Correct error is returned")
         Map<String, String> errorMap = OpenIdUtils.getErrorFromAuthorizationHeader(response)
-        assertEquals("request_unauthorized", errorMap.get("error"), "Correct error text is returned")
-        assertEquals("The request could not be authorized.", errorMap.get("error_description"), "Correct error description is returned")
+        assertEquals("\"request_unauthorized\"", errorMap.get("Bearer error"), "Correct error text is returned")
+        assertEquals("\"The request could not be authorized. Check that you provided valid credentials in the right format.\"", errorMap.get("error_description"), "Correct error description is returned")
     }
 
     @Unroll
@@ -346,8 +346,8 @@ class OidcUserInfoRequestSpec extends TaraSpecification {
         assertThat("Correct Content-Type is returned", response.getContentType(), startsWith("application/json"))
         assertEquals("request_unauthorized", response.body().jsonPath().get("error"), "Correct error is returned")
         Map<String, String> errorMap = OpenIdUtils.getErrorFromAuthorizationHeader(response)
-        assertEquals("request_unauthorized", errorMap.get("error"), "Correct error text is returned")
-        assertThat("Correct error description is returned", errorMap.get("error_description"), startsWith("The request could not be authorized."))
+        assertEquals("\"request_unauthorized\"", errorMap.get("Bearer error"), "Correct error text is returned")
+        assertEquals("\"The request could not be authorized. Check that you provided valid credentials in the right format.\"", errorMap.get("error_description"), "Correct error description is returned")
     }
 
     @Unroll
@@ -366,8 +366,8 @@ class OidcUserInfoRequestSpec extends TaraSpecification {
         assertThat("Correct error_description is returned", response.body().jsonPath().getString("error_description"), Matchers.endsWith("Check that you provided valid credentials in the right format."))
 
         Map<String, String> errorMap = OpenIdUtils.getErrorFromAuthorizationHeader(response)
-        assertEquals("request_unauthorized", errorMap.get("error"), "Correct error text is returned")
-        assertEquals("The request could not be authorized.", errorMap.get("error_description"), "Correct error description is returned")
+        assertEquals("\"request_unauthorized\"", errorMap.get("Bearer error"), "Correct error text is returned")
+        assertEquals("\"The request could not be authorized. Check that you provided valid credentials in the right format.\"", errorMap.get("error_description"), "Correct error description is returned")
     }
 
 }