ConfigurationService Consistency Improvements

doc-checking-app-api/src/test/java/uk/gov/di/authentication/app/lambda/DocAppCallbackHandlerTest.java

@@ -145,7 +145,7 @@ void setUp() {
                         cloudwatchMetricsService,
                         noSessionOrchestrationService);
         when(configService.getLoginURI()).thenReturn(LOGIN_URL);
-        when(configService.getOidcApiBaseURL()).thenReturn(Optional.of(OIDC_BASE_URL));
+        when(configService.getOidcApiBaseURL()).thenReturn(Optional.of(URI.create(OIDC_BASE_URL)));
         when(configService.getDocAppBackendURI()).thenReturn(CRI_URI);
         when(context.getAwsRequestId()).thenReturn(REQUEST_ID);
         when(cookieHelper.parseSessionCookie(anyMap())).thenCallRealMethod();

doc-checking-app-api/src/test/java/uk/gov/di/authentication/app/services/DocAppCriServiceTest.java

@@ -80,7 +80,7 @@ void setUp() {
         when(configService.getAccessTokenExpiry()).thenReturn(300L);
         when(configService.getDocAppAuthorisationCallbackURI()).thenReturn(REDIRECT_URI);
         when(configService.getEnvironment()).thenReturn("test");
-        when(configService.getDocAppJwksUri()).thenReturn(DOC_APP_JWKS_URI);
+        when(configService.getDocAppJwksURI()).thenReturn(DOC_APP_JWKS_URI);
     }
 
     @Nested

integration-tests/src/test/java/uk/gov/di/authentication/api/AuthenticationCallbackHandlerIntegrationTest.java

@@ -975,6 +975,11 @@ public boolean isAccountInterventionServiceActionEnabled() {
         public boolean abortOnAccountInterventionsErrorResponse() {
             return this.abortOnAisErrorResponse;
         }
+
+        @Override
+        public URI getBackChannelLogoutQueueUri() {
+            return URI.create("back-channel-logout-queue-uri");
+        }
     }
 
     private void setUpClientSession() throws Json.JsonException {

integration-tests/src/test/java/uk/gov/di/authentication/api/AuthorisationIntegrationTest.java

@@ -37,7 +37,6 @@
 import uk.gov.di.orchestration.shared.entity.ValidScopes;
 import uk.gov.di.orchestration.shared.entity.VectorOfTrust;
 import uk.gov.di.orchestration.shared.helpers.IdGenerator;
-import uk.gov.di.orchestration.shared.helpers.LocaleHelper;
 import uk.gov.di.orchestration.sharedtest.basetest.ApiGatewayHandlerIntegrationTest;
 import uk.gov.di.orchestration.sharedtest.extensions.DocAppJwksExtension;
 import uk.gov.di.orchestration.sharedtest.extensions.KmsKeyExtension;
@@ -132,13 +131,7 @@ public String getTxmaAuditQueueUrl() {
                 }
 
                 @Override
-                public boolean isLanguageEnabled(LocaleHelper.SupportedLanguage supportedLanguage) {
-                    return supportedLanguage.equals(LocaleHelper.SupportedLanguage.EN)
-                            || supportedLanguage.equals(LocaleHelper.SupportedLanguage.CY);
-                }
-
-                @Override
-                public URI getDocAppJwksUri() {
+                public URI getDocAppJwksURI() {
                     try {
                         return new URIBuilder()
                                 .setHost("localhost")

integration-tests/src/test/java/uk/gov/di/authentication/api/DocAppAuthorizeHandlerIntegrationTest.java

@@ -182,7 +182,7 @@ public URI getDocAppAuthorisationCallbackURI() {
         }
 
         @Override
-        public URI getDocAppJwksUri() {
+        public URI getDocAppJwksURI() {
             try {
                 return new URIBuilder()
                         .setHost("localhost")

integration-tests/src/test/java/uk/gov/di/authentication/api/DocAppCallbackHandlerIntegrationTest.java

@@ -414,11 +414,6 @@ public URI getDocAppAuthorisationCallbackURI() {
             return URI.create("http://localhost/redirect");
         }
 
-        @Override
-        public String getDocAppCriDataEndpoint() {
-            return "/userinfo/v2";
-        }
-
         @Override
         public String getTxmaAuditQueueUrl() {
             return txmaAuditQueue.getQueueUrl();

integration-tests/src/test/java/uk/gov/di/authentication/api/IPVAuthorisationHandlerIntegrationTest.java

@@ -48,7 +48,7 @@ class IPVAuthorisationHandlerIntegrationTest extends ApiGatewayHandlerIntegratio
     private static final String CLIENT_NAME = "some-client-name";
 
     private static final URI REDIRECT_URI = URI.create("http://localhost/redirect");
-    private static final String INTERNAl_SECTOR_URI = "https://ipv/redirect";
+    private static final URI INTERNAl_SECTOR_URI = URI.create("https://ipv/redirect");
 
     private static final String TEST_EMAIL_ADDRESS = "test@emailtest.com";
     private static final String IPV_CLIENT_ID = "ipv-client-id";
@@ -195,7 +195,7 @@ public String getIPVAuthEncryptionPublicKey() {
         }
 
         @Override
-        public String getInternalSectorUri() {
+        public URI getInternalSectorURI() {
             return INTERNAl_SECTOR_URI;
         }
 

integration-tests/src/test/java/uk/gov/di/authentication/api/IPVCallbackHandlerIntegrationTest.java

@@ -567,14 +567,13 @@ public URI getIPVBackendURI() {
         }
 
         @Override
-        public String getIPVAudience() {
+        public URI getIPVAudience() {
             try {
                 return new URIBuilder()
                         .setHost("localhost")
                         .setPort(ipvStubExtension.getHttpPort())
                         .setScheme("http")
-                        .build()
-                        .toString();
+                        .build();
             } catch (URISyntaxException e) {
                 throw new RuntimeException(e);
             }
@@ -604,5 +603,10 @@ public String getTxmaAuditQueueUrl() {
         public boolean isIPVNoSessionResponseEnabled() {
             return true;
         }
+
+        @Override
+        public URI getBackChannelLogoutQueueUri() {
+            return URI.create("back-channel-logout-queue-uri");
+        }
     }
 }

integration-tests/src/test/java/uk/gov/di/authentication/api/OrchestrationToAuthenticationAuthorizeIntegrationTest.java

@@ -18,7 +18,6 @@
 import uk.gov.di.orchestration.shared.entity.ClientType;
 import uk.gov.di.orchestration.shared.entity.ResponseHeaders;
 import uk.gov.di.orchestration.shared.entity.ServiceType;
-import uk.gov.di.orchestration.shared.helpers.LocaleHelper;
 import uk.gov.di.orchestration.shared.services.ConfigurationService;
 import uk.gov.di.orchestration.sharedtest.basetest.ApiGatewayHandlerIntegrationTest;
 import uk.gov.di.orchestration.sharedtest.helper.KeyPairHelper;
@@ -57,7 +56,8 @@ class OrchestrationToAuthenticationAuthorizeIntegrationTest
     private static final String AUTH_INTERNAL_CLIENT_ID = "authentication-orch-client-id";
     private static final String RP_SECTOR_URI = "https://rp-sector-uri.com";
     private static final String RP_REDIRECT_URI = "https://rp-uri/redirect";
-    private static final String ORCHESTRATION_REDIRECT_URI = "https://orchestration/redirect";
+    private static final URI ORCHESTRATION_REDIRECT_URI =
+            URI.create("https://orchestration/redirect");
     private static final KeyPair KEY_PAIR = KeyPairHelper.GENERATE_RSA_KEY_PAIR();
     private final String publicKey =
             "-----BEGIN PUBLIC KEY-----\n"
@@ -295,7 +295,7 @@ private void validateStandardClaimsInJar(SignedJWT signedJWT) throws java.text.P
                 equalTo(ServiceType.MANDATORY.toString()));
         assertThat(
                 signedJWT.getJWTClaimsSet().getClaim("redirect_uri"),
-                equalTo(ORCHESTRATION_REDIRECT_URI));
+                equalTo(ORCHESTRATION_REDIRECT_URI.toString()));
         assertThat(signedJWT.getJWTClaimsSet().getClaim("rp_client_id"), equalTo(CLIENT_ID));
         assertThat(
                 signedJWT.getJWTClaimsSet().getClaim("rp_sector_host"),
@@ -357,19 +357,13 @@ public String getTxmaAuditQueueUrl() {
             return txmaAuditQueue.getQueueUrl();
         }
 
-        @Override
-        public boolean isLanguageEnabled(LocaleHelper.SupportedLanguage supportedLanguage) {
-            return supportedLanguage.equals(LocaleHelper.SupportedLanguage.EN)
-                    || supportedLanguage.equals(LocaleHelper.SupportedLanguage.CY);
-        }
-
         @Override
         public String getOrchestrationClientId() {
             return AUTH_INTERNAL_CLIENT_ID;
         }
 
         @Override
-        public String getOrchestrationRedirectUri() {
+        public URI getOrchestrationRedirectURI() {
             return ORCHESTRATION_REDIRECT_URI;
         }
 

ipv-api/src/main/java/uk/gov/di/authentication/ipv/helpers/IPVCallbackHelper.java

@@ -38,6 +38,7 @@
 import uk.gov.di.orchestration.shared.services.SerializationService;
 import uk.gov.di.orchestration.shared.services.SessionService;
 
+import java.net.URI;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -78,8 +79,8 @@ public IPVCallbackHelper(ConfigurationService configurationService) {
         this.sqsClient =
                 new AwsSqsClient(
                         configurationService.getAwsRegion(),
-                        configurationService.getSpotQueueUri(),
-                        configurationService.getSqsEndpointUri());
+                        configurationService.getSpotQueueURI().toString(),
+                        configurationService.getSqsEndpointURI().map(URI::toString));
         this.authCodeResponseService =
                 new AuthCodeResponseGenerationService(configurationService, dynamoService);
     }
@@ -145,9 +146,10 @@ public Optional<ErrorObject> validateUserIdentityResponse(
                     .getValue()
                     .equals(userIdentityUserInfo.getClaim(VOT.getValue()))) {
                 var trustmarkURL =
-                        buildURI(
-                                        configurationService.getOidcApiBaseURL().orElseThrow(),
-                                        "/trustmark")
+                        configurationService
+                                .getOidcApiBaseURL()
+                                .map(uri -> buildURI(uri, "trustmark"))
+                                .orElseThrow()
                                 .toString();
                 if (!trustmarkURL.equals(userIdentityUserInfo.getClaim(VTM.getValue()))) {
                     LOG.warn("VTM does not contain expected trustmark URL");
@@ -251,11 +253,10 @@ public void queueSPOTRequest(
                                         .toJSONObject()
                                         .get(IdentityClaims.CORE_IDENTITY.getValue()))
                         .withVtm(
-                                buildURI(
-                                                configurationService
-                                                        .getOidcApiBaseURL()
-                                                        .orElseThrow(),
-                                                "/trustmark")
+                                configurationService
+                                        .getOidcApiBaseURL()
+                                        .map(uri -> buildURI(uri, "trustmark"))
+                                        .orElseThrow()
                                         .toString());
 
         var spotRequest =

ipv-api/src/main/java/uk/gov/di/authentication/ipv/lambda/IPVAuthorisationHandler.java

@@ -132,7 +132,7 @@ public APIGatewayProxyResponseEvent handleRequestWithUserContext(
             var pairwiseSubject =
                     ClientSubjectHelper.getSubjectWithSectorIdentifier(
                             userContext.getUserProfile().orElseThrow(),
-                            configurationService.getInternalSectorUri(),
+                            configurationService.getInternalSectorURI().toString(),
                             authenticationService);
             var state = new State();
             var claimsSetRequest = buildIpvClaimsRequest(authRequest).orElse(null);
@@ -184,7 +184,7 @@ public APIGatewayProxyResponseEvent handleRequestWithUserContext(
                                                             new ClientNotFoundException(
                                                                     userContext.getSession())),
                                     authenticationService,
-                                    configurationService.getInternalSectorUri())
+                                    configurationService.getInternalSectorURI().toString())
                             .getValue();
 
             var user =

ipv-api/src/main/java/uk/gov/di/authentication/ipv/lambda/IPVCallbackHandler.java

@@ -229,12 +229,12 @@ public APIGatewayProxyResponseEvent handleRequest(
                             userProfile,
                             clientRegistry,
                             dynamoService,
-                            configurationService.getInternalSectorUri());
+                            configurationService.getInternalSectorURI().toString());
 
             var internalPairwiseSubjectId =
                     ClientSubjectHelper.calculatePairwiseIdentifier(
                             userProfile.getSubjectID(),
-                            URI.create(configurationService.getInternalSectorUri()),
+                            URI.create(configurationService.getInternalSectorURI().toString()),
                             dynamoService.getOrGenerateSalt(userProfile));
 
             var ipAddress = IpAddressHelper.extractIpAddress(input);
@@ -395,7 +395,7 @@ public APIGatewayProxyResponseEvent handleRequest(
             ipvCallbackHelper.queueSPOTRequest(
                     logIds,
                     getSectorIdentifierForClient(
-                            clientRegistry, configurationService.getInternalSectorUri()),
+                            clientRegistry, configurationService.getInternalSectorURI().toString()),
                     userProfile,
                     rpPairwiseSubject,
                     userIdentityUserInfo,

ipv-api/src/main/java/uk/gov/di/authentication/ipv/lambda/ProcessingIdentityHandler.java

@@ -111,11 +111,11 @@ public APIGatewayProxyResponseEvent handleRequestWithUserContext(
                             userProfile,
                             client,
                             authenticationService,
-                            configurationService.getInternalSectorUri());
+                            configurationService.getInternalSectorURI().toString());
             var internalPairwiseSubjectId =
                     ClientSubjectHelper.calculatePairwiseIdentifier(
                             userProfile.getSubjectID(),
-                            URI.create(configurationService.getInternalSectorUri()),
+                            URI.create(configurationService.getInternalSectorURI().toString()),
                             authenticationService.getOrGenerateSalt(userProfile));
             int processingAttempts = userContext.getSession().incrementProcessingIdentityAttempts();
             LOG.info(

ipv-api/src/main/java/uk/gov/di/authentication/ipv/services/IPVAuthorisationService.java

@@ -167,7 +167,7 @@ public EncryptedJWT constructRequestJWT(
         var claimsBuilder =
                 new JWTClaimsSet.Builder()
                         .issuer(configurationService.getIPVAuthorisationClientId())
-                        .audience(configurationService.getIPVAudience())
+                        .audience(configurationService.getIPVAudience().toString())
                         .expirationTime(expiryDate)
                         .subject(subject.getValue())
                         .issueTime(nowClock.now())

ipv-api/src/test/java/uk/gov/di/authentication/ipv/contract/IpvTokenTest.java

@@ -71,7 +71,7 @@ public class IpvTokenTest {
     void setUp() {
         ipvTokenService = new IPVTokenService(configService, kmsConnectionService);
         when(configService.getIPVAuthorisationClientId()).thenReturn(CLIENT_ID.getValue());
-        when(configService.getIPVAudience()).thenReturn(IPV_URI.toString());
+        when(configService.getIPVAudience()).thenReturn(IPV_URI);
         when(configService.getIPVTokenSigningKeyAlias()).thenReturn(KEY_ID);
         when(kmsConnectionService.sign(any(SignRequest.class))).thenReturn(mockKmsReturn());
     }

ipv-api/src/test/java/uk/gov/di/authentication/ipv/helpers/IPVCallbackHelperTest.java

@@ -87,8 +87,8 @@ class IPVCallbackHelperTest {
     private final SessionService sessionService = mock(SessionService.class);
     private final AwsSqsClient sqsClient = mock(AwsSqsClient.class);
 
-    private static final String OIDC_BASE_URL = "https://base-url.com";
-    private static final String INTERNAL_SECTOR_URI = "https://test.account.gov.uk";
+    private static final URI OIDC_BASE_URL = URI.create("https://base-url.com");
+    private static final URI INTERNAL_SECTOR_URI = URI.create("https://test.account.gov.uk");
     private static final URI REDIRECT_URI = URI.create("test-uri");
     private static final String SESSION_ID = "a-session-id";
     private static final String CLIENT_SESSION_ID = "a-client-session-id";
@@ -172,7 +172,7 @@ void setUp() {
                         anyString(), anyString(), any(ClientSession.class)))
                 .thenReturn(AUTH_CODE);
         when(configurationService.getOidcApiBaseURL()).thenReturn(Optional.of(OIDC_BASE_URL));
-        when(configurationService.getInternalSectorUri()).thenReturn(INTERNAL_SECTOR_URI);
+        when(configurationService.getInternalSectorURI()).thenReturn(INTERNAL_SECTOR_URI);
     }
 
     @Test

ipv-api/src/test/java/uk/gov/di/authentication/ipv/lambda/IPVAuthorisationHandlerTest.java

@@ -123,7 +123,7 @@ public class IPVAuthorisationHandlerTest {
     private static final URI IPV_CALLBACK_URI = URI.create("http://localhost/oidc/ipv/callback");
     private static final URI IPV_AUTHORISATION_URI = URI.create("http://localhost/ipv/authorize");
     private static final String EMAIL_ADDRESS = "test@test.com";
-    private static final String INTERNAL_SECTOR_URI = "https://ipv.account.gov.uk";
+    private static final URI INTERNAL_SECTOR_URI = URI.create("https://ipv.account.gov.uk");
     private final String expectedCommonSubject =
             ClientSubjectHelper.calculatePairwiseIdentifier(
                     SUBJECT_ID, "test.account.gov.uk", SaltHelper.generateNewSalt());
@@ -166,7 +166,7 @@ void setup() {
         when(authenticationService.getUserProfileFromEmail(EMAIL_ADDRESS))
                 .thenReturn(Optional.of(userProfile));
         when(authenticationService.getOrGenerateSalt(userProfile)).thenReturn(SALT.array());
-        when(configService.getInternalSectorUri()).thenReturn(INTERNAL_SECTOR_URI);
+        when(configService.getInternalSectorURI()).thenReturn(INTERNAL_SECTOR_URI);
         when(configService.isIdentityEnabled()).thenReturn(true);
         when(configService.getEnvironment()).thenReturn(ENVIRONMENT);
     }