-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(process): slimline process identity config #361
feat(process): slimline process identity config #361
Conversation
Refs: CPLP-3102
Refs: CPLP-3102
claimsIdentity.AddClaim(new Claim(PortalClaimTypes.IdentityType, Enum.GetName(identityData.IdentityType) ?? throw new ConflictException($"IdentityType {(int)identityData.IdentityType} is out of range"))); | ||
claimsIdentity.AddClaim(new Claim(PortalClaimTypes.CompanyId, identityData.CompanyId.ToString())); | ||
return true; | ||
case false when !Guid.TryParse(preferredUserName, out var identityId): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the ! in when !Guid.TryParse looks incorrect. We should have a unit-test for the method TransformAsync
instead of the cumbersome switch / case that somewhat hides the actual flow of information I recommend a more traditional implementation:
private async ValueTask<bool> AddIdentity(ClaimsPrincipal principal, ClaimsIdentity claimsIdentity)
{
var preferredUserName = principal.Claims.SingleOrDefault(x => x.Type == PortalClaimTypes.PreferredUserName)?.Value;
if (!string.IsNullOrWhiteSpace(preferredUserName) && Guid.TryParse(preferredUserName, out var identityId))
{
claimsIdentity.AddClaim(new Claim(PortalClaimTypes.IdentityId, identityId.ToString()));
return true;
}
var sub = principal.Claims.SingleOrDefault(x => x.Type == PortalClaimTypes.Sub)?.Value;
_logger.LogInformation("Preferred user name {PreferredUserName} couldn't be parsed to uuid for userEntityId {Sub}", preferredUserName, sub);
IdentityData? identityData;
if (string.IsNullOrWhiteSpace(sub) || (identityData = await _portalDbRepositories.GetInstance<IUserRepository>().GetActiveUserDataByUserEntityId(sub).ConfigureAwait(false)) == null)
{
_logger.LogWarning("No identity found for userEntityId {Sub}", sub);
return false;
}
claimsIdentity.AddClaim(new Claim(PortalClaimTypes.IdentityId, identityData.UserId.ToString()));
return true;
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did change the implementation and added unit tests.
public IdentityData IdentityData => | ||
_identityData ??= _httpContextAccessor.HttpContext?.User.GetIdentityData() | ||
?? throw new ConflictException("The identity should be set here"); | ||
public Guid IdentityId => (_identityId ??= _httpContextAccessor.HttpContext?.User.GetIdentityId())!.Value; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sonar marks this as a code smell. According to the smell's documentation it should accept
public Guid IdentityId => (_identityId ?? (_identityId = _httpContextAccessor.HttpContext?.User.GetIdentityId()))!.Value;
(I guess the rule doesn't yet know about the ??= operator, so maybe we should just mark this as a false positive?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd mark it as a false positive
Refs: CPLP-3102
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
Description
All configuration values needed for the process identity were removed except for the identity id.
Why
The determination of the identity needed for the process worker is now done with a database request to get the needed values for the specified user.
Issue
N/A - Jira Issue: CPLP-3102
Corresponding CD PR
#130
Checklist