Internal decision requests failing when duplicate subject IDs on request

[jonkjetiloye]

Description

PR 846 Fixes for external Authorize API introduced an ArgumentException if providing multiple subject identifiers (organization number, user id and person id) together, which was meant for external requests to the Authorize API endpoint.

This however also triggers for internal Decision API, and breaks existing authorization requests for enterprise users where both user id and organization number are present on the requests from the PEP.

This change does the following to mitigate this issue:

1. The multiple subject identifiers argument only triggered for external Authorize API endpoint
2. Setting PartyId based on organization number, also moved to only be enriched for external Authorize API. This means only external authorize requests will be able to authorize organizations through delegations.
3. For Authorize API endpoint ArgumentException error messages are added to the XacmlContextStatus response as ProcessingError

Related Issue(s)

• 844

Verification

• [x] Your code builds clean without any errors or warnings
• [x] Manual testing done (required)
• [ ] Relevant automated test added (if you find this hard, leave it and we'll help out)
• [x] All tests run green

Documentation

• [ ] User documentation is updated with a separate linked PR in altinn-studio-docs. (if applicable)

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
56.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud