diff --git a/src/Digdir.Domain.Dialogporten.Application/Common/Extensions/ClaimsPrincipalExtensions.cs b/src/Digdir.Domain.Dialogporten.Application/Common/Extensions/ClaimsPrincipalExtensions.cs index 28e4f4df8..b25af8c28 100644 --- a/src/Digdir.Domain.Dialogporten.Application/Common/Extensions/ClaimsPrincipalExtensions.cs +++ b/src/Digdir.Domain.Dialogporten.Application/Common/Extensions/ClaimsPrincipalExtensions.cs @@ -21,8 +21,8 @@ public static class ClaimsPrincipalExtensions private const string IdPrefix = "0192"; private const string AltinnClaimPrefix = "urn:altinn:"; private const string IdportenAuthLevelClaim = "acr"; - private const string AltinnAutorizationDetailsClaim = "authorization_details"; - private const string AttributeIdSystemUser = "urn:altinn:systemuser"; + private const string AuthorizationDetailsClaim = "authorization_details"; + private const string AuthorizationDetailsType = "urn:altinn:systemuser"; private const string AltinnAuthLevelClaim = "urn:altinn:authlevel"; private const string ScopeClaim = "scope"; private const char ScopeClaimSeparator = ' '; @@ -85,7 +85,7 @@ private static bool TryGetAuthorizationDetailsClaimValue(this ClaimsPrincipal cl { authorizationDetails = null; - if (!claimsPrincipal.TryGetClaimValue(AltinnAutorizationDetailsClaim, out var authDetailsJson)) + if (!claimsPrincipal.TryGetClaimValue(AuthorizationDetailsClaim, out var authDetailsJson)) { return false; } @@ -125,7 +125,7 @@ public static bool TryGetSystemUserId(this ClaimsPrincipal claimsPrincipal, return false; } - var systemUserDetails = authorizationDetails.FirstOrDefault(x => x.Type == AttributeIdSystemUser); + var systemUserDetails = authorizationDetails.FirstOrDefault(x => x.Type == AuthorizationDetailsType); if (systemUserDetails?.SystemUserIds is null) { diff --git a/src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/DecisionRequestHelper.cs b/src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/DecisionRequestHelper.cs index 4315957fe..f2297fc3c 100644 --- a/src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/DecisionRequestHelper.cs +++ b/src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/DecisionRequestHelper.cs @@ -19,7 +19,7 @@ internal static class DecisionRequestHelper private const string AltinnAutorizationDetailsClaim = "authorization_details"; private const string AttributeIdOrg = "urn:altinn:org"; private const string AttributeIdApp = "urn:altinn:app"; - private const string AttributeIdSystemUser = "urn:altinn:systemuser"; + private const string AttributeIdSystemUser = "urn:altinn:systemuser:uuid"; private const string AttributeIdUserId = "urn:altinn:userid"; private const string ReservedResourcePrefixForApps = "app_"; private const string AttributeIdAppInstance = "urn:altinn:instance-id"; diff --git a/tests/Digdir.Domain.Dialogporten.Infrastructure.Unit.Tests/DecisionRequestHelperTests.cs b/tests/Digdir.Domain.Dialogporten.Infrastructure.Unit.Tests/DecisionRequestHelperTests.cs index f7a7538e7..e23c180e5 100644 --- a/tests/Digdir.Domain.Dialogporten.Infrastructure.Unit.Tests/DecisionRequestHelperTests.cs +++ b/tests/Digdir.Domain.Dialogporten.Infrastructure.Unit.Tests/DecisionRequestHelperTests.cs @@ -152,7 +152,7 @@ public void CreateDialogDetailsRequestShouldReturnCorrectRequestForSystemUser() var accessSubject = result.Request.AccessSubject.First(); Assert.Equal("s1", accessSubject.Id); Assert.Contains(accessSubject.Attribute, a => a.AttributeId == "urn:altinn:foo" && a.Value == "bar"); - Assert.Contains(accessSubject.Attribute, a => a.AttributeId == "urn:altinn:systemuser" && a.Value == "unique_systemuser_id"); + Assert.Contains(accessSubject.Attribute, a => a.AttributeId == "urn:altinn:systemuser:uuid" && a.Value == "unique_systemuser_id"); } [Fact]