search

Altinn / altinn-authorization

Altinn platform microservice for handling authorization
2 stars 3 forks source link

Authorize API not able to find delegations for person and org identifiers #844

Closed jonkjetiloye closed 1 month ago

jonkjetiloye commented 2 months ago

Description of the bug

The ContextHandler fails to enrich the request context with the needed internal IDs (UserId and PartyId) for subject when performing requests with either of the subject attributes: urn:altinn:person:identifier-no urn:altinn:ssn (depricated) urn:altinn:organization:identifier-no urn:altinn:organizationnumber (depricated)

using any of these should enrich the request context with both the new external identifier variants as well as the internal identifiers: UserId UserUuid PartyId PartyUuid

Steps To Reproduce

Endpoint: {{baseUrl}}/authorization/api/v1/authorize Body example: use either urn:altinn:person:identifier-no or urn:altinn:organization:identifier-no subject for entity having received delegation of the resource

{
    "Request": {
        "ReturnPolicyIdList": false,
        "AccessSubject": [
            {
                "Attribute": [
                    {
                        "AttributeId": "urn:altinn:person:identifier-no",
                        "Value": "02056260016",
                        "DataType": "http://www.w3.org/2001/XMLSchema#string"
                    }
                ]
            }
        ],
        "Action": [
            {
                "Attribute": [
                    {
                        "AttributeId": "urn:oasis:names:tc:xacml:1.0:action:action-id",
                        "Value": "read",
                        "DataType": "http://www.w3.org/2001/XMLSchema#string"
                    }
                ]
            }
        ],
        "Resource": [
            {
                "Attribute": [
                    {
                        "AttributeId": "urn:altinn:resource",
                        "Value": "jks-test-resource",
                        "DataType": "http://www.w3.org/2001/XMLSchema#string"
                    },
                    {
                        "AttributeId": "urn:altinn:organization:identifier-no",
                        "Value": "910459880",
                        "DataType": "http://www.w3.org/2001/XMLSchema#string"
                    }
                ]
            }
        ]
    }
}

Additional Information

No response