Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ssi): adjust framework creation endpoint #70

Merged
merged 9 commits into from
Apr 22, 2024

Conversation

Phil91
Copy link
Member

@Phil91 Phil91 commented Apr 17, 2024

Description

  • adjust endpoint create framework credential to take the bpn of the request
  • adjust claim handler to support serviceAccounts as well

Why

The id of the technical user isn't taken correctly

Issue

N/A

Corresponding Backend PR

#646

Checklist

  • I have followed the contributing guidelines
  • I have performed IP checks for added or updated 3rd party libraries
  • I have created and linked IP issues or requested their creation by a committer
  • I have performed a self-review of my own code
  • I have successfully tested my changes locally
  • I have added tests that prove my changes work
  • I have checked that new and existing tests pass locally with my changes
  • I have commented my code, particularly in hard-to-understand areas
  • I have added copyright and license headers, footers (for .md files) or files (for images)

@@ -77,11 +77,11 @@ protected override Task HandleRequirementAsync(AuthorizationHandlerContext conte
private void InitializeClaims(ClaimsPrincipal principal)
{
var preferredUserName = principal.Claims.SingleOrDefault(x => x.Type == ClaimTypes.PreferredUserName)?.Value;
if (!Guid.TryParse(preferredUserName, out var identityId))
var sub = principal.Claims.SingleOrDefault(x => x.Type == ClaimTypes.Sub)?.Value;
if (!Guid.TryParse(preferredUserName, out var identityId) && !Guid.TryParse(sub, out identityId))
Copy link
Contributor

@ntruchsess ntruchsess Apr 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is misleading as it results in log-message referring to preferredUserName
also 'sub' is not supposed to contain an identityId. It contains the keycloak users primary key (see the equivalent code in portal: https://github.com/eclipse-tractusx/portal-backend/blob/f43eadae29a5b93022e7794cec0381d970339637/src/web/Web.Identity/MandatoryIdentityClaimHandler.cs#L109 )

* adjust endpoint create framework credential to take the bpn of the request
* adjust claim handler to support serviceAccounts as well
Comment on lines 124 to 127
catch (Exception e)
{
throw new ArgumentException($"{member.DeclaringType?.Name}.{member.Name} is not assignable from {expression}, {e.Message}", e);
}

Check notice

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.
adjust the identityId to string to be able to save the clientId of a technical user
@Phil91 Phil91 requested a review from ntruchsess April 22, 2024 08:55
@Phil91 Phil91 force-pushed the feature/ssi branch 4 times, most recently from 38f0533 to c2c1667 Compare April 22, 2024 13:55
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
77.4% Coverage on New Code (required ≥ 80%)

See analysis details on SonarCloud

@Phil91 Phil91 merged commit 2d06fe6 into release/v1.0.0-rc.2 Apr 22, 2024
10 of 11 checks passed
@Phil91 Phil91 deleted the feature/ssi branch April 22, 2024 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants