Support custom claims for Local testing (#8434)

Co-authored-by: Magnus Jerre <[email protected]>
Altinn · May 16, 2022 · f4ac510 · f4ac510
1 parent 30b82b0
commit f4ac510
Show file tree

Hide file tree

Showing 8 changed files with 98 additions and 0 deletions.
diff --git a/TestData/authorization/claims/12345.json b/TestData/authorization/claims/12345.json
@@ -0,0 +1,7 @@
+[
+  {
+    "type": "some:extra:claim",
+    "value": "claimValue",
+    "valueType": "http://www.w3.org/2001/XMLSchema#string"
+  }
+]
diff --git a/TestData/authorization/claims/1337.json b/TestData/authorization/claims/1337.json
@@ -0,0 +1,7 @@
+[
+  {
+    "type": "some:extra:claim",
+    "value": "claimValue",
+    "valueType": "http://www.w3.org/2001/XMLSchema#string"
+  }
+]
diff --git a/src/Configuration/LocalPlatformSettings.cs b/src/Configuration/LocalPlatformSettings.cs
@@ -64,5 +64,7 @@ public string LocalTestingStaticTestDataPath {
         public string PartyListFolder { get; set; } = "partylist/";
 
         public string RolesFolder { get; set; } = "roles/";
+
+        public string ClaimsFolder { get; set; } = "claims/";
     }
 }
diff --git a/src/Controllers/HomeController.cs b/src/Controllers/HomeController.cs
@@ -15,6 +15,7 @@
 using Microsoft.Extensions.Options;
 
 using AltinnCore.Authentication.Constants;
+using Altinn.Platform.Authorization.Services.Interface;
 using Altinn.Platform.Profile.Models;
 using Altinn.Platform.Storage.Interface.Models;
 using Altinn.Platform.Storage.Repository;
@@ -37,6 +38,7 @@ public class HomeController : Controller
         private readonly IUserProfiles _userProfileService;
         private readonly IAuthentication _authenticationService;
         private readonly IApplicationRepository _applicationRepository;
+        private readonly IClaims _claimsService;
         private readonly ILocalApp _localApp;
 
         public HomeController(
@@ -45,13 +47,15 @@ public HomeController(
             IUserProfiles userProfileService,
             IAuthentication authenticationService,
             IApplicationRepository applicationRepository,
+            IClaims claimsService,
             ILocalApp localApp)
         {
             _generalSettings = generalSettings.Value;
             _localPlatformSettings = localPlatformSettings.Value;
             _userProfileService = userProfileService;
             _authenticationService = authenticationService;
             _applicationRepository = applicationRepository;
+            _claimsService = claimsService;
             _localApp = localApp;
         }
 
@@ -118,6 +122,7 @@ public async Task<ActionResult> LogInTestUser(StartAppModel startAppModel)
                 claims.Add(new Claim(AltinnCoreClaimTypes.UserName, profile.UserName, ClaimValueTypes.String, issuer));
                 claims.Add(new Claim(AltinnCoreClaimTypes.PartyID, profile.PartyId.ToString(), ClaimValueTypes.Integer32, issuer));
                 claims.Add(new Claim(AltinnCoreClaimTypes.AuthenticationLevel, startAppModel.AuthenticationLevel, ClaimValueTypes.Integer32, issuer));
+                claims.AddRange(await _claimsService.GetCustomClaims(profile.UserId, issuer));
 
                 ClaimsIdentity identity = new ClaimsIdentity(_generalSettings.GetClaimsIdentity);
                 identity.AddClaims(claims);

diff --git a/src/Models/Authentication/CustomClaim.cs b/src/Models/Authentication/CustomClaim.cs
@@ -0,0 +1,21 @@
+namespace Altinn.Platform.Authentication.Model
+{
+    public class CustomClaim
+    {
+        /// <summary>
+        /// Gets or sets the claim type, E.g. custom:claim
+        /// </summary>
+        public string Type { get; set; }
+
+        /// <summary>
+        /// Gets or sets the claim value, E.g. customValue
+        /// </summary>
+        public string Value { get; set; }
+
+        /// <summary>
+        /// Gets or sets the value type for the claim, E.g. http://www.w3.org/2001/XMLSchema#string
+        /// See System.Security.Claims.ClaimValueTypes for more value types
+        /// </summary>
+        public string ValueType { get; set; }
+    }
+}
diff --git a/src/Services/Authorization/Implementation/ClaimsService.cs b/src/Services/Authorization/Implementation/ClaimsService.cs
@@ -0,0 +1,44 @@
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Altinn.Platform.Authentication.Model;
+using Altinn.Platform.Authorization.Services.Interface;
+using LocalTest.Configuration;
+using Microsoft.Extensions.Options;
+using Newtonsoft.Json;
+
+namespace LocalTest.Services.Authorization.Implementation
+{
+    public class ClaimsService : IClaims
+    {
+        private readonly LocalPlatformSettings _localPlatformSettings;
+
+        public ClaimsService(IOptions<LocalPlatformSettings> localPlatformSettings)
+        {
+            _localPlatformSettings = localPlatformSettings.Value;
+        }
+
+        public Task<List<Claim>> GetCustomClaims(int userId, string issuer)
+        {
+            var path = GetCustomClaimsPath(userId);
+
+            if (File.Exists(path))
+            {
+                var content = File.ReadAllText(path);
+                var claims = JsonConvert.DeserializeObject<List<CustomClaim>>(content) ?? new List<CustomClaim>();
+                return Task.FromResult(claims.Select(c => new Claim(c.Type, c.Value, c.ValueType, issuer)).ToList());
+            }
+
+            return Task.FromResult(new List<Claim>());
+        }
+
+        private string GetCustomClaimsPath(int userId)
+        {
+            return _localPlatformSettings.LocalTestingStaticTestDataPath +
+                   _localPlatformSettings.AuthorizationDataFolder + _localPlatformSettings.ClaimsFolder + userId +
+                   ".json";
+        }
+    }
+}
diff --git a/src/Services/Authorization/Interface/IClaims.cs b/src/Services/Authorization/Interface/IClaims.cs
@@ -0,0 +1,11 @@
+using System.Collections.Generic;
+using System.Security.Claims;
+using System.Threading.Tasks;
+
+namespace Altinn.Platform.Authorization.Services.Interface
+{
+    public interface IClaims
+    {
+        public Task<List<Claim>> GetCustomClaims(int userId, string issuer);
+    }
+}
diff --git a/src/Startup.cs b/src/Startup.cs
@@ -81,6 +81,7 @@ public void ConfigureServices(IServiceCollection services)
             services.AddSingleton<Services.Register.Interface.IParties, PartiesWrapper>();
             services.AddSingleton<IPersons, PersonsWrapper>();
             services.AddSingleton<Altinn.Platform.Authorization.Services.Interface.IParties, PartiesService>();
+            services.AddSingleton<IClaims, ClaimsService>();
             services.AddSingleton<IInstanceRepository, InstanceRepository>();
             services.AddSingleton<IDataRepository, DataRepository>();
             services.AddSingleton<IInstanceEventRepository, InstanceEventRepository>();