Skip to content

Commit

Permalink
Merge branch 'test' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
james-hollinger committed Oct 5, 2023
2 parents beb877c + 0cd66be commit c10cfc7
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 16 deletions.
18 changes: 16 additions & 2 deletions backend/webapi/Extensions/ClaimsPrincipalExtensions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,23 @@ public static Guid GetUserId(this ClaimsPrincipal? user)
public static string? GetIdentityProvider(this ClaimsPrincipal? user) => user?.FindFirstValue(Claims.IdentityProvider);

/// <summary>
/// Returns the Identity Provider ID of the User, or null if User is null
/// Returns the Identity Provider ID of the User, or null if User is null.
/// Trims "@bcp" off the end if the Identity Provider is BC Provider.
/// </summary>
public static string? GetIdpId(this ClaimsPrincipal? user) => user?.FindFirstValue(Claims.PreferredUsername);
public static string? GetIdpId(this ClaimsPrincipal? user)
{
var idpId = user?.FindFirstValue(Claims.PreferredUsername);

if (idpId != null
&& user.GetIdentityProvider() == IdentityProviders.BCProvider
&& idpId.EndsWith("@bcp", StringComparison.InvariantCultureIgnoreCase))
{
// Keycloak adds "@<identity provider>" at the end of the IDP ID, and for BC Providers this won't match what we have in the DB if we don't trim it.
idpId = idpId[..^4];
}

return idpId;
}

/// <summary>
/// Parses the Resource Access claim and returns the roles for the given resource
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public async Task Handle(PlrCpnLookupFound notification, CancellationToken cance
if (await this.keycloakClient.AssignAccessRoles(userId, MohKeycloakEnrolment.PractitionerLicenceStatus))
{
this.context.BusinessEvents.Add(LicenceStatusRoleAssigned.Create(notification.PartyId, MohKeycloakEnrolment.PractitionerLicenceStatus, this.clock.GetCurrentInstant()));
};
}
}
}
}
Expand Down
10 changes: 0 additions & 10 deletions backend/webapi/Features/Discovery/Discovery.cs
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ namespace Pidp.Features.Discovery;

using Pidp.Data;
using Pidp.Extensions;
using Pidp.Infrastructure.Auth;
using Pidp.Models;

public class Discovery
Expand All @@ -26,15 +25,6 @@ public async Task<IDomainResult<int>> HandleAsync(Command command)
{
var lowerIdpId = command.User.GetIdpId()?.ToLowerInvariant();

// TODO: consider a more general approach for this; maybe in User.GetIdpId()?
if (command.User.GetIdentityProvider() == IdentityProviders.BCProvider
&& lowerIdpId != null
&& lowerIdpId.EndsWith("@bcp", StringComparison.InvariantCulture))
{
// Keycloak adds "@bcp" at the end of the IDP ID, and so won't match what we have in the DB if we don't trim it.
lowerIdpId = lowerIdpId[..^4];
}

#pragma warning disable CA1304 // ToLower() is Locale Dependant
var credential = await this.context.Credentials
.SingleOrDefaultAsync(credential => credential.UserId == command.User.GetUserId()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public class BCProviderAttributes

public static BCProviderAttributes FromNewUser(string clientId, NewUserRepresentation representation)
{
var attributes = new BCProviderAttributes(clientId)
var newAttributes = new BCProviderAttributes(clientId)
.SetEndorserData(representation.EndorserData)
.SetHpdid(representation.Hpdid)
.SetIsMd(representation.IsMd)
Expand All @@ -45,10 +45,10 @@ public static BCProviderAttributes FromNewUser(string clientId, NewUserRepresent

if (!string.IsNullOrWhiteSpace(representation.Cpn))
{
attributes.SetCpn(representation.Cpn);
newAttributes.SetCpn(representation.Cpn);
}

return attributes;
return newAttributes;
}

public Dictionary<string, object> AsAdditionalData() => this.attributes;
Expand Down

0 comments on commit c10cfc7

Please sign in to comment.