From f4ac5101100902dac80b56b52ef21d4d6ab381cc Mon Sep 17 00:00:00 2001 From: Magnus Jerre Date: Mon, 16 May 2022 14:20:50 +0200 Subject: [PATCH] Support custom claims for Local testing (#8434) Co-authored-by: Magnus Jerre --- TestData/authorization/claims/12345.json | 7 +++ TestData/authorization/claims/1337.json | 7 +++ src/Configuration/LocalPlatformSettings.cs | 2 + src/Controllers/HomeController.cs | 5 +++ src/Models/Authentication/CustomClaim.cs | 21 +++++++++ .../Implementation/ClaimsService.cs | 44 +++++++++++++++++++ .../Authorization/Interface/IClaims.cs | 11 +++++ src/Startup.cs | 1 + 8 files changed, 98 insertions(+) create mode 100644 TestData/authorization/claims/12345.json create mode 100644 TestData/authorization/claims/1337.json create mode 100644 src/Models/Authentication/CustomClaim.cs create mode 100644 src/Services/Authorization/Implementation/ClaimsService.cs create mode 100644 src/Services/Authorization/Interface/IClaims.cs diff --git a/TestData/authorization/claims/12345.json b/TestData/authorization/claims/12345.json new file mode 100644 index 00000000..e3da1325 --- /dev/null +++ b/TestData/authorization/claims/12345.json @@ -0,0 +1,7 @@ +[ + { + "type": "some:extra:claim", + "value": "claimValue", + "valueType": "http://www.w3.org/2001/XMLSchema#string" + } +] diff --git a/TestData/authorization/claims/1337.json b/TestData/authorization/claims/1337.json new file mode 100644 index 00000000..e3da1325 --- /dev/null +++ b/TestData/authorization/claims/1337.json @@ -0,0 +1,7 @@ +[ + { + "type": "some:extra:claim", + "value": "claimValue", + "valueType": "http://www.w3.org/2001/XMLSchema#string" + } +] diff --git a/src/Configuration/LocalPlatformSettings.cs b/src/Configuration/LocalPlatformSettings.cs index 20949d13..5286f472 100644 --- a/src/Configuration/LocalPlatformSettings.cs +++ b/src/Configuration/LocalPlatformSettings.cs @@ -64,5 +64,7 @@ public string LocalTestingStaticTestDataPath { public string PartyListFolder { get; set; } = "partylist/"; public string RolesFolder { get; set; } = "roles/"; + + public string ClaimsFolder { get; set; } = "claims/"; } } diff --git a/src/Controllers/HomeController.cs b/src/Controllers/HomeController.cs index 9daa1f58..37696448 100644 --- a/src/Controllers/HomeController.cs +++ b/src/Controllers/HomeController.cs @@ -15,6 +15,7 @@ using Microsoft.Extensions.Options; using AltinnCore.Authentication.Constants; +using Altinn.Platform.Authorization.Services.Interface; using Altinn.Platform.Profile.Models; using Altinn.Platform.Storage.Interface.Models; using Altinn.Platform.Storage.Repository; @@ -37,6 +38,7 @@ public class HomeController : Controller private readonly IUserProfiles _userProfileService; private readonly IAuthentication _authenticationService; private readonly IApplicationRepository _applicationRepository; + private readonly IClaims _claimsService; private readonly ILocalApp _localApp; public HomeController( @@ -45,6 +47,7 @@ public HomeController( IUserProfiles userProfileService, IAuthentication authenticationService, IApplicationRepository applicationRepository, + IClaims claimsService, ILocalApp localApp) { _generalSettings = generalSettings.Value; @@ -52,6 +55,7 @@ public HomeController( _userProfileService = userProfileService; _authenticationService = authenticationService; _applicationRepository = applicationRepository; + _claimsService = claimsService; _localApp = localApp; } @@ -118,6 +122,7 @@ public async Task LogInTestUser(StartAppModel startAppModel) claims.Add(new Claim(AltinnCoreClaimTypes.UserName, profile.UserName, ClaimValueTypes.String, issuer)); claims.Add(new Claim(AltinnCoreClaimTypes.PartyID, profile.PartyId.ToString(), ClaimValueTypes.Integer32, issuer)); claims.Add(new Claim(AltinnCoreClaimTypes.AuthenticationLevel, startAppModel.AuthenticationLevel, ClaimValueTypes.Integer32, issuer)); + claims.AddRange(await _claimsService.GetCustomClaims(profile.UserId, issuer)); ClaimsIdentity identity = new ClaimsIdentity(_generalSettings.GetClaimsIdentity); identity.AddClaims(claims); diff --git a/src/Models/Authentication/CustomClaim.cs b/src/Models/Authentication/CustomClaim.cs new file mode 100644 index 00000000..9283c96c --- /dev/null +++ b/src/Models/Authentication/CustomClaim.cs @@ -0,0 +1,21 @@ +namespace Altinn.Platform.Authentication.Model +{ + public class CustomClaim + { + /// + /// Gets or sets the claim type, E.g. custom:claim + /// + public string Type { get; set; } + + /// + /// Gets or sets the claim value, E.g. customValue + /// + public string Value { get; set; } + + /// + /// Gets or sets the value type for the claim, E.g. http://www.w3.org/2001/XMLSchema#string + /// See System.Security.Claims.ClaimValueTypes for more value types + /// + public string ValueType { get; set; } + } +} diff --git a/src/Services/Authorization/Implementation/ClaimsService.cs b/src/Services/Authorization/Implementation/ClaimsService.cs new file mode 100644 index 00000000..5436b7a9 --- /dev/null +++ b/src/Services/Authorization/Implementation/ClaimsService.cs @@ -0,0 +1,44 @@ +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Security.Claims; +using System.Threading.Tasks; +using Altinn.Platform.Authentication.Model; +using Altinn.Platform.Authorization.Services.Interface; +using LocalTest.Configuration; +using Microsoft.Extensions.Options; +using Newtonsoft.Json; + +namespace LocalTest.Services.Authorization.Implementation +{ + public class ClaimsService : IClaims + { + private readonly LocalPlatformSettings _localPlatformSettings; + + public ClaimsService(IOptions localPlatformSettings) + { + _localPlatformSettings = localPlatformSettings.Value; + } + + public Task> GetCustomClaims(int userId, string issuer) + { + var path = GetCustomClaimsPath(userId); + + if (File.Exists(path)) + { + var content = File.ReadAllText(path); + var claims = JsonConvert.DeserializeObject>(content) ?? new List(); + return Task.FromResult(claims.Select(c => new Claim(c.Type, c.Value, c.ValueType, issuer)).ToList()); + } + + return Task.FromResult(new List()); + } + + private string GetCustomClaimsPath(int userId) + { + return _localPlatformSettings.LocalTestingStaticTestDataPath + + _localPlatformSettings.AuthorizationDataFolder + _localPlatformSettings.ClaimsFolder + userId + + ".json"; + } + } +} diff --git a/src/Services/Authorization/Interface/IClaims.cs b/src/Services/Authorization/Interface/IClaims.cs new file mode 100644 index 00000000..13dcdb4e --- /dev/null +++ b/src/Services/Authorization/Interface/IClaims.cs @@ -0,0 +1,11 @@ +using System.Collections.Generic; +using System.Security.Claims; +using System.Threading.Tasks; + +namespace Altinn.Platform.Authorization.Services.Interface +{ + public interface IClaims + { + public Task> GetCustomClaims(int userId, string issuer); + } +} diff --git a/src/Startup.cs b/src/Startup.cs index d07c007e..8bd703e3 100644 --- a/src/Startup.cs +++ b/src/Startup.cs @@ -81,6 +81,7 @@ public void ConfigureServices(IServiceCollection services) services.AddSingleton(); services.AddSingleton(); services.AddSingleton(); + services.AddSingleton(); services.AddSingleton(); services.AddSingleton(); services.AddSingleton();