This issue has a dependency to issue #469 and is blocked until that change is in place.
The wanted outcome of this issue is to support authorization of a new subscription with the organization number of the caller. Then to keep the organization number for future authorization in push logic. This replaces the use of partyId, but only in cases were the ClaimsPrincipal has no references to a user. Most bearer tokens will still have a userid.
The goal here is to support policies where access subject contains organization numbers. Remember to isolate this new logic to Generic Events.
Description
This issue has a dependency to issue #469 and is blocked until that change is in place.
The wanted outcome of this issue is to support authorization of a new subscription with the organization number of the caller. Then to keep the organization number for future authorization in push logic. This replaces the use of partyId, but only in cases were the ClaimsPrincipal has no references to a user. Most bearer tokens will still have a userid.
The goal here is to support policies where access subject contains organization numbers. Remember to isolate this new logic to Generic Events.
Rule from resource ttd-altinn-events-automated-tests in at23:
Tasks
Acceptance Criteria
Testing