feat: Add support for apps as serviceresource #658
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
elsand
changed the title
elsand
commented
Apr 21, 2024
src/Digdir.Domain.Dialogporten.Infrastructure/InfrastructureExtensions.cs
Show resolved
Hide resolved
elsand
commented
Apr 21, 2024
src/Digdir.Domain.Dialogporten.Infrastructure/InfrastructureExtensions.cs
Show resolved
Hide resolved
elsand
commented
Apr 21, 2024
src/Digdir.Domain.Dialogporten.Infrastructure/InfrastructureExtensions.cs
Show resolved
Hide resolved
arealmaas
approved these changes
Apr 22, 2024
|
oskogstad
pushed a commit
that referenced
this pull request
May 7, 2024
🤖 I have created a release *beep* *boop* --- ## [1.6.0](v1.5.0...v1.6.0) (2024-05-07) ### Features * Add authorization caching ([#591](#591)) ([2f86d7e](2f86d7e)) * Add GraphQL POC ([#636](#636)) ([c779eac](c779eac)) * Add support for apps as serviceresource ([#658](#658)) ([adf91ce](adf91ce)) * Authorized parties endpoint in enduser API ([#661](#661)) ([050ccbb](050ccbb)) ### Bug Fixes * Accept app references with urn:altinn:resource prefix ([#685](#685)) ([c9a5606](c9a5606)) * ensure performed by is set for activities ([#628](#628)) ([1adf075](1adf075)) * Use HttpClient wrappers that ensure success to match FusionCache expectations ([#684](#684)) ([7c1e966](7c1e966)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In order to support app instances in the Dialogporten, we need to be able to refer to apps as service resources
Description
This adds support for urn:altinn:app in dialog validator and Altinn auth helpers, and changes the Resource Registry client to use the "resourcelist" endpoint, which includes Altinn 3 apps (unfortunately this also includes Altinn 2 services, which baloons the response size considerably, but this is filtered before storing to cache). The Fusion cache settings has been changed to reflect this (ie. increasing factory timeouts).
Yet to be fixed:
Handling of "ttd" services (the Digdir test organization). These contain an empty string as "organization" in the RR, where there usually is a organization number. Special code will be required to handle TTD service authorization and dialog.org population.Moved to Cannot create dialogs referring apps/resources owned by TTD #663Handling of app instance delegations. Since app instance ids are a bit weird (has the formMoved to Not able to see actions granted by instance delegation on apps #664{partyId}/{instanceId}) we cannot just map the dialogId tourn:altinn:instance-id(like we do with resource id) as this will cause an exception in the PDP API. Preferably the PDP context handler should be able to deal with this, and map the missing partyId into the instance-id (since it needs to get the partyId for organizationnumbers/SSNs anyway)Handling of resource constraints for app in the authorization requests for search. Currently we assume name of the resource to be unique, but an app-name may be reused between service owners.Edit: we include the reservedapp_{org}_prefix, avoiding this potential ambiguity.Related Issue(s)
Verification
Documentation
docs-directory, Altinnpedia or a separate linked PR in altinn-studio-docs., if applicable)