Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable passing scopes to org token #128

Merged
merged 2 commits into from
Nov 26, 2024
Merged

Enable passing scopes to org token #128

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eb99f62
Enable passing scopes to org token
martinothamar Nov 25, 2024
016cfd5
Merge branch 'main' into feat/org-token-scopes
ivarne Nov 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/Controllers/HomeController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,10 +201,10 @@ public async Task<ActionResult> GetTestUserToken(int userId)
/// <param name="id"></param>
/// <returns></returns>
[HttpGet("{id}")]
public async Task<ActionResult> GetTestOrgToken(string id, [FromQuery] string orgNumber = null)
public async Task<ActionResult> GetTestOrgToken(string id, [FromQuery] string orgNumber = null, [FromQuery] string scopes = null)
{
// Create a test token with long duration
string token = await _authenticationService.GenerateTokenForOrg(id, orgNumber);
string token = await _authenticationService.GenerateTokenForOrg(id, orgNumber, scopes);

return Ok(token);
}
Expand Down
5 changes: 3 additions & 2 deletions src/Services/Authentication/Implementation/AuthenticationService.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ public string GenerateToken(ClaimsPrincipal principal)
}

/// <inheritdoc />
public async Task<string> GenerateTokenForOrg(string org, string? orgNumber = null)
public async Task<string> GenerateTokenForOrg(string org, string? orgNumber = null, string? scopes = null)
{
if (orgNumber is null)
{
Expand All @@ -69,7 +69,8 @@ public async Task<string> GenerateTokenForOrg(string org, string? orgNumber = nu
claims.Add(new Claim(AltinnCoreClaimTypes.Org, org.ToLower(), ClaimValueTypes.String, issuer));
// 3 is the default level for altinn tokens form Maskinporten
claims.Add(new Claim(AltinnCoreClaimTypes.AuthenticationLevel, "3", ClaimValueTypes.Integer32, issuer));
claims.Add(new Claim("urn:altinn:scope", "altinn:serviceowner/instances.read", ClaimValueTypes.String, issuer));
scopes ??= "altinn:serviceowner/instances.read";
claims.Add(new Claim("urn:altinn:scope", scopes, ClaimValueTypes.String, issuer));
if (!string.IsNullOrEmpty(orgNumber))
{
claims.Add(new Claim(AltinnCoreClaimTypes.OrgNumber, orgNumber, ClaimValueTypes.String, issuer));
Expand Down
2 changes: 1 addition & 1 deletion src/Services/Authentication/Interface/IAuthentication.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ public interface IAuthentication
/// <param name="org">Three letter application owner name (eg, TST )</param>
/// <param name="orgNumber">Optional Organization number for the application owner. Will be fetched if not provided</param>
/// <returns>JWT token</returns>
public Task<string> GenerateTokenForOrg(string org, string? orgNumber = null);
public Task<string> GenerateTokenForOrg(string org, string? orgNumber = null, string? scopes = null);

/// <summary>
/// Get JWT token for user profile
Expand Down