This feature of supporting audience in films-authz-sig had been implemented by Alexis as JIRA UAMX3-514. The feature is now ported to the latest fims-authz-sig code base. To make the deployment of fims-authz-sig less intrusive for existing az token clients, a flag isAudienceRequired is added so that if the audience is present in the request, fims-authz-sig will take it and include it in the token response, and if the audience is absent in the request, then fims-authz-sig won't reject the request, but will proceed and return token without audience in the response.
Related to this code change, the nup-roles.yaml under /fimsauthz-api/ is also updated to include the updated scopes. Likewise under the same folder, fims-authz.yaml is updated to make the audience in the request body optional and to replace obsolete scopes with the latest ones.
The tests that I have done are the following:
fims-authz-sig unit test (by yarn test)
fims-authz-sig integration test (with and without audience in the request) with Freddie Services: broker-trio, operator-api, PH, AS, TokenManager, inter-op, DSS.
fims-authz-sig valtest under fims-authz-sig/valtest
Let me know if a code walkthrough is helpful for the review.
This feature of supporting audience in films-authz-sig had been implemented by Alexis as JIRA UAMX3-514. The feature is now ported to the latest fims-authz-sig code base. To make the deployment of fims-authz-sig less intrusive for existing az token clients, a flag isAudienceRequired is added so that if the audience is present in the request, fims-authz-sig will take it and include it in the token response, and if the audience is absent in the request, then fims-authz-sig won't reject the request, but will proceed and return token without audience in the response.
Related to this code change, the nup-roles.yaml under/fimsauthz-api/ is also updated to include the updated scopes. Likewise under the same folder, fims-authz.yaml is updated to make the audience in the request body optional and to replace obsolete scopes with the latest ones.
The tests that I have done are the following:
Let me know if a code walkthrough is helpful for the review.