chore: add IDP error cloudwatch metric

giuseppe-gangemi · giuseppe-gangemi · commit c4fb3b409bff · 2025-09-29T11:10:20.000+02:00
diff --git a/src/oneid/oneid-ecs-core/src/main/java/it/pagopa/oneid/web/controller/SAMLController.java b/src/oneid/oneid-ecs-core/src/main/java/it/pagopa/oneid/web/controller/SAMLController.java
@@ -92,6 +92,9 @@ public Response samlACS(@BeanParam @Valid SAMLResponseDTO samlResponseDTO) {
     // in this case the raw SAMLResponse is stored in SAML record, but the flow is interrupted
     if (currentAuthDTO.isResponseWithMultipleSignatures()) {
       Log.error("SAML Response contains multiple signatures");
+      cloudWatchConnectorImpl.sendIDPErrorMetricData(
+          samlSession.getAuthorizationRequestDTOExtended().getIdp(),
+          ErrorCode.IDP_ERROR_MULTIPLE_SAMLRESPONSE_SIGNATURES_PRESENT);
       throw new GenericHTMLException(ErrorCode.IDP_ERROR_MULTIPLE_SAMLRESPONSE_SIGNATURES_PRESENT);
     }
 
diff --git a/src/oneid/oneid-ecs-core/src/test/java/it/pagopa/oneid/web/controller/SAMLControllerTest.java b/src/oneid/oneid-ecs-core/src/test/java/it/pagopa/oneid/web/controller/SAMLControllerTest.java
@@ -25,6 +25,7 @@
 import it.pagopa.oneid.service.SessionServiceImpl;
 import it.pagopa.oneid.web.controller.interceptors.CurrentAuthDTO;
 import it.pagopa.oneid.web.controller.mock.SAMLControllerTestProfile;
+import it.pagopa.oneid.web.dto.AuthorizationRequestDTOExtended;
 import jakarta.inject.Inject;
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
@@ -433,9 +434,12 @@ void samlACS_SAMLResponseWithMultipleSignatures() {
     Response response = Mockito.mock(Response.class);
     Mockito.when(response.getInResponseTo()).thenReturn("Dummy");
     Mockito.when(samlServiceImpl.getSAMLResponseFromString(Mockito.any())).thenReturn(response);
+    Mockito.when(mockAuthDTO.getResponse()).thenReturn(response);
 
+    AuthorizationRequestDTOExtended dto = Mockito.mock(AuthorizationRequestDTOExtended.class);
+    Mockito.when(dto.getIdp()).thenReturn("dummy-idp"); // Stub idp for cloudwatch metrics
     SAMLSession samlSession = Mockito.mock(SAMLSession.class);
-    Mockito.when(mockAuthDTO.getResponse()).thenReturn(response);
+    Mockito.when(samlSession.getAuthorizationRequestDTOExtended()).thenReturn(dto);
     Mockito.when(mockAuthDTO.getSamlSession()).thenReturn(samlSession);
 
     // HTTP 302

Original file line number	Diff line number	Diff line change
`@@ -92,6 +92,9 @@ public Response samlACS(@BeanParam @Valid SAMLResponseDTO samlResponseDTO) {`
`92`	`92`	`// in this case the raw SAMLResponse is stored in SAML record, but the flow is interrupted`
`93`	`93`	`if (currentAuthDTO.isResponseWithMultipleSignatures()) {`
`94`	`94`	`Log.error("SAML Response contains multiple signatures");`
	`95`	`+ cloudWatchConnectorImpl.sendIDPErrorMetricData(`
	`96`	`+ samlSession.getAuthorizationRequestDTOExtended().getIdp(),`
	`97`	`+ ErrorCode.IDP_ERROR_MULTIPLE_SAMLRESPONSE_SIGNATURES_PRESENT);`
`95`	`98`	`throw new GenericHTMLException(ErrorCode.IDP_ERROR_MULTIPLE_SAMLRESPONSE_SIGNATURES_PRESENT);`
`96`	`99`	`}`
`97`	`100`