From 3364ee4edb582ef625d925be49ebcfefe77fb652 Mon Sep 17 00:00:00 2001
From: Imran Ishaq <imranishaq024@gmail.com>
Date: Wed, 8 Jan 2025 12:40:34 +0500
Subject: [PATCH] Done with writing test cases for the origin which is not
 exists in list and handle success case for multiple origins

---
 .../service/verifier/CommonVerifiersTest.java | 46 +++++++++++++++++--
 1 file changed, 43 insertions(+), 3 deletions(-)

diff --git a/jans-fido2/server/src/test/java/io/jans/fido2/service/verifier/CommonVerifiersTest.java b/jans-fido2/server/src/test/java/io/jans/fido2/service/verifier/CommonVerifiersTest.java
index 9b67ab55728..7f9c9b33ac2 100644
--- a/jans-fido2/server/src/test/java/io/jans/fido2/service/verifier/CommonVerifiersTest.java
+++ b/jans-fido2/server/src/test/java/io/jans/fido2/service/verifier/CommonVerifiersTest.java
@@ -21,6 +21,7 @@
 import io.jans.fido2.service.processors.AttestationFormatProcessor;
 import io.jans.service.net.NetworkService;
 import jakarta.enterprise.inject.Instance;
+import jakarta.ws.rs.BadRequestException;
 import jakarta.ws.rs.WebApplicationException;
 import jakarta.ws.rs.core.Response;
 import org.bouncycastle.util.encoders.Hex;
@@ -33,9 +34,7 @@
 
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-import java.util.Collections;
-import java.util.List;
+import java.util.*;
 import java.util.stream.Stream;
 
 import static org.junit.jupiter.api.Assertions.*;
@@ -116,6 +115,47 @@ void verifyRpDomain_originIsNull_valid() {
         assertEquals(response, "test.domain");
     }
 
+
+    @Test
+    void verifyRpDomain_originMatchesValidOrigin_valid() {
+        String origin = "https://test.bank.com";
+        String rpId = "bank.com";
+        List<RequestedParty> requestedParties = new ArrayList<>();
+        RequestedParty rp = new RequestedParty();
+        rp.setOrigins(Arrays.asList("test.bank.com", "emp.bank.com", "india.bank.com"));
+        requestedParties.add(rp);
+
+        when(networkService.getHost(origin)).thenReturn("test.bank.com");
+
+        String response = commonVerifiers.verifyRpDomain(origin, rpId, requestedParties);
+
+        assertNotNull(response);
+        assertEquals("test.bank.com", response);
+    }
+
+    @Test
+    void verifyRpDomain_originDoesNotMatchValidOrigins_invalid() {
+        String origin = "https://test.bank1.com";
+        String rpId = "bank.com";
+        List<RequestedParty> requestedParties = new ArrayList<>();
+        RequestedParty rp = new RequestedParty();
+        rp.setOrigins(Arrays.asList("test.bank.com", "emp.bank.com", "india.bank.com"));
+        requestedParties.add(rp);
+
+        when(networkService.getHost(origin)).thenReturn("test.bank1.com");
+
+        // Here we mock the errorResponseFactory to throw a BadRequestException
+        when(errorResponseFactory.badRequestException(any(), anyString()))
+                .thenThrow(new BadRequestException("The origin '\" + origin + \"' is not listed in the allowed origins."));
+
+        // Expecting an exception when the origin doesn't match any of the allowed origins
+        BadRequestException exception = assertThrows(BadRequestException.class, () -> {
+            commonVerifiers.verifyRpDomain(origin, rpId, requestedParties);
+        });
+
+        assertEquals("The origin '\" + origin + \"' is not listed in the allowed origins.", exception.getMessage());
+    }
+
     @Test
     void verifyCounter_oldAndNewCounterZero_valid() {
         int oldCounter = 0;