14
14
using ZiggyCreatures . Caching . Fusion ;
15
15
16
16
namespace Digdir . Domain . Dialogporten . Infrastructure . Altinn . Authorization ;
17
-
18
17
internal sealed class AltinnAuthorizationClient : IAltinnAuthorization
19
18
{
19
+ private const string AuthorizeUrl = "authorization/api/v1/authorize" ;
20
+ private const string AuthorizedPartiesUrl = "/accessmanagement/api/v1/resourceowner/authorizedparties?includeAltinn2=true" ;
21
+
20
22
private readonly HttpClient _httpClient ;
21
23
private readonly IFusionCache _cache ;
22
24
private readonly IUser _user ;
23
25
private readonly IDialogDbContext _db ;
24
26
private readonly ILogger _logger ;
25
27
28
+ private static readonly JsonSerializerOptions SerializerOptions = new ( )
29
+ {
30
+ PropertyNameCaseInsensitive = true ,
31
+ DefaultIgnoreCondition = JsonIgnoreCondition . WhenWritingDefault
32
+ } ;
33
+
26
34
public AltinnAuthorizationClient (
27
35
HttpClient client ,
28
36
IFusionCacheProvider cacheProvider ,
@@ -71,7 +79,23 @@ public async Task<DialogSearchAuthorizationResult> GetAuthorizedResourcesForSear
71
79
=> await PerformNonScalableDialogSearchAuthorization ( request , token ) , token : cancellationToken ) ;
72
80
}
73
81
74
- private async Task < DialogSearchAuthorizationResult > PerformNonScalableDialogSearchAuthorization ( DialogSearchAuthorizationRequest request , CancellationToken cancellationToken )
82
+ public async Task < AuthorizedPartiesResult > GetAuthorizedParties ( IPartyIdentifier authenticatedParty ,
83
+ CancellationToken cancellationToken = default )
84
+ {
85
+ var authorizedPartiesRequest = new AuthorizedPartiesRequest ( authenticatedParty ) ;
86
+ return await _cache . GetOrSetAsync ( authorizedPartiesRequest . GenerateCacheKey ( ) , async token
87
+ => await PerformAuthorizedPartiesRequest ( authorizedPartiesRequest , token ) , token : cancellationToken ) ;
88
+ }
89
+
90
+ private async Task < AuthorizedPartiesResult > PerformAuthorizedPartiesRequest ( AuthorizedPartiesRequest authorizedPartiesRequest ,
91
+ CancellationToken token )
92
+ {
93
+ var authorizedPartiesDto = await SendAuthorizedPartiesRequest ( authorizedPartiesRequest , token ) ;
94
+ return AuthorizedPartiesHelper . CreateAuthorizedPartiesResult ( authorizedPartiesDto ) ;
95
+ }
96
+
97
+ private async Task < DialogSearchAuthorizationResult > PerformNonScalableDialogSearchAuthorization (
98
+ DialogSearchAuthorizationRequest request , CancellationToken cancellationToken )
75
99
{
76
100
/*
77
101
* This is a preliminary implementation as per https://github.com/digdir/dialogporten/issues/249
@@ -107,14 +131,15 @@ private async Task<DialogSearchAuthorizationResult> PerformNonScalableDialogSear
107
131
}
108
132
109
133
var xacmlJsonRequest = DecisionRequestHelper . NonScalable . CreateDialogSearchRequest ( request ) ;
110
- var xamlJsonResponse = await SendRequest ( xacmlJsonRequest , cancellationToken ) ;
134
+ var xamlJsonResponse = await SendPdpRequest ( xacmlJsonRequest , cancellationToken ) ;
111
135
return DecisionRequestHelper . NonScalable . CreateDialogSearchResponse ( xacmlJsonRequest , xamlJsonResponse ) ;
112
136
}
113
137
114
- private async Task < DialogDetailsAuthorizationResult > PerformDialogDetailsAuthorization ( DialogDetailsAuthorizationRequest request , CancellationToken cancellationToken )
138
+ private async Task < DialogDetailsAuthorizationResult > PerformDialogDetailsAuthorization (
139
+ DialogDetailsAuthorizationRequest request , CancellationToken cancellationToken )
115
140
{
116
141
var xacmlJsonRequest = DecisionRequestHelper . CreateDialogDetailsRequest ( request ) ;
117
- var xamlJsonResponse = await SendRequest ( xacmlJsonRequest , cancellationToken ) ;
142
+ var xamlJsonResponse = await SendPdpRequest ( xacmlJsonRequest , cancellationToken ) ;
118
143
return DecisionRequestHelper . CreateDialogDetailsResponse ( request . AltinnActions , xamlJsonResponse ) ;
119
144
}
120
145
@@ -133,32 +158,32 @@ private List<Claim> GetOrCreateClaimsBasedOnEndUserId(string? endUserId)
133
158
return claims ;
134
159
}
135
160
136
- private static readonly JsonSerializerOptions SerializerOptions = new ( )
137
- {
138
- PropertyNameCaseInsensitive = true ,
139
- DefaultIgnoreCondition = JsonIgnoreCondition . WhenWritingDefault
140
- } ;
161
+ private async Task < XacmlJsonResponse ? > SendPdpRequest (
162
+ XacmlJsonRequestRoot xacmlJsonRequest , CancellationToken cancellationToken ) =>
163
+ await SendRequest < XacmlJsonResponse > (
164
+ AuthorizeUrl , xacmlJsonRequest , cancellationToken ) ;
165
+
166
+ private async Task < List < AuthorizedPartiesResultDto > ? > SendAuthorizedPartiesRequest (
167
+ AuthorizedPartiesRequest authorizedPartiesRequest , CancellationToken cancellationToken ) =>
168
+ await SendRequest < List < AuthorizedPartiesResultDto > > (
169
+ AuthorizedPartiesUrl , authorizedPartiesRequest , cancellationToken ) ;
141
170
142
- private async Task < XacmlJsonResponse ? > SendRequest ( XacmlJsonRequestRoot xacmlJsonRequest , CancellationToken cancellationToken )
171
+ private async Task < T ? > SendRequest < T > ( string url , object request , CancellationToken cancellationToken )
143
172
{
144
- const string apiUrl = "authorization/api/v1/authorize" ;
145
- var requestJson = JsonSerializer . Serialize ( xacmlJsonRequest , SerializerOptions ) ;
146
- _logger . LogDebug ( "Generated XACML request: {RequestJson}" , requestJson ) ;
173
+ var requestJson = JsonSerializer . Serialize ( request , SerializerOptions ) ;
174
+ _logger . LogDebug ( "Authorization request to {Url}: {RequestJson}" , url , requestJson ) ;
147
175
var httpContent = new StringContent ( requestJson , Encoding . UTF8 , "application/json" ) ;
148
-
149
- var response = await _httpClient . PostAsync ( apiUrl , httpContent , cancellationToken ) ;
150
-
176
+ var response = await _httpClient . PostAsync ( url , httpContent , cancellationToken ) ;
151
177
if ( response . StatusCode != HttpStatusCode . OK )
152
178
{
153
179
var errorResponse = await response . Content . ReadAsStringAsync ( cancellationToken ) ;
154
- _logger . LogInformation (
155
- "AltinnAuthorizationClient.SendRequest failed with non-successful status code: {StatusCode} {Response}" ,
180
+ _logger . LogWarning ( "AltinnAuthorizationClient.SendRequest failed with non-successful status code: {StatusCode} {Response}" ,
156
181
response . StatusCode , errorResponse ) ;
157
182
158
- return null ;
183
+ return default ;
159
184
}
160
185
161
186
var responseData = await response . Content . ReadAsStringAsync ( cancellationToken ) ;
162
- return JsonSerializer . Deserialize < XacmlJsonResponse > ( responseData , SerializerOptions ) ;
187
+ return JsonSerializer . Deserialize < T > ( responseData , SerializerOptions ) ;
163
188
}
164
189
}
0 commit comments