From c7c75c5b264463a47f8a8ca96ec4490c5faa2b3f Mon Sep 17 00:00:00 2001 From: Jack Plowman <62281988+JackPlowman@users.noreply.github.com> Date: Thu, 7 Nov 2024 12:00:26 +0000 Subject: [PATCH 1/3] NPA-3627 Pass Through Id Token --- ...Level.xml => AssignMessage.AddUserAuthHeaders.xml} | 8 +++++--- .../policies/AssignMessage.AddUserIdHeader.xml | 9 --------- .../policies/AssignMessage.AddUserNHSNumber.xml | 11 ----------- proxies/live/apiproxy/targets/target.xml | 5 +---- 4 files changed, 6 insertions(+), 27 deletions(-) rename proxies/live/apiproxy/policies/{AssignMessage.AddUserAuthLevel.xml => AssignMessage.AddUserAuthHeaders.xml} (59%) delete mode 100644 proxies/live/apiproxy/policies/AssignMessage.AddUserIdHeader.xml delete mode 100644 proxies/live/apiproxy/policies/AssignMessage.AddUserNHSNumber.xml diff --git a/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthLevel.xml b/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthHeaders.xml similarity index 59% rename from proxies/live/apiproxy/policies/AssignMessage.AddUserAuthLevel.xml rename to proxies/live/apiproxy/policies/AssignMessage.AddUserAuthHeaders.xml index 3f77880..5bb63dd 100644 --- a/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthLevel.xml +++ b/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthHeaders.xml @@ -1,11 +1,13 @@ - - Add User Auth Level + + Add User Auth Headers
{toUpperCase(accesstoken.auth_level)}
+
{accesstoken.auth_user_id}
+
{accesstoken.id_token}
 true - \ No newline at end of file + diff --git a/proxies/live/apiproxy/policies/AssignMessage.AddUserIdHeader.xml b/proxies/live/apiproxy/policies/AssignMessage.AddUserIdHeader.xml deleted file mode 100644 index 4f1f8a7..0000000 --- a/proxies/live/apiproxy/policies/AssignMessage.AddUserIdHeader.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - -
{accesstoken.id_token-subject}
- - - false - - diff --git a/proxies/live/apiproxy/policies/AssignMessage.AddUserNHSNumber.xml b/proxies/live/apiproxy/policies/AssignMessage.AddUserNHSNumber.xml deleted file mode 100644 index f05db79..0000000 --- a/proxies/live/apiproxy/policies/AssignMessage.AddUserNHSNumber.xml +++ /dev/null @@ -1,11 +0,0 @@ - - - Add User NHS Number - - -
{accesstoken.auth_user_id}
- - - true - - \ No newline at end of file diff --git a/proxies/live/apiproxy/targets/target.xml b/proxies/live/apiproxy/targets/target.xml index e46fa37..764bb0c 100644 --- a/proxies/live/apiproxy/targets/target.xml +++ b/proxies/live/apiproxy/targets/target.xml @@ -15,10 +15,7 @@ AddProxyURL - AddUserAuthLevel - - - AddUserNHSNumber + AddUserAuthHeaders RaiseFault.415UnsupportedMediaType From 97c51c5048c8da3340103a280b7366eaa314e7fd Mon Sep 17 00:00:00 2001 From: Jack Plowman <62281988+JackPlowman@users.noreply.github.com> Date: Thu, 7 Nov 2024 13:16:17 +0000 Subject: [PATCH 2/3] NPA-3627 Decode Auth Token --- .../policies/AssignMessage.AddUserAuthHeaders.xml | 2 +- proxies/live/apiproxy/policies/DecodeAccessTokenJWT.xml | 4 ++++ proxies/live/apiproxy/targets/target.xml | 3 +++ .../apiproxy/policies/AssignMessage.AddIssuerHeader.xml | 2 +- .../apiproxy/policies/AssignMessage.AddUserIdHeader.xml | 9 --------- 5 files changed, 9 insertions(+), 11 deletions(-) create mode 100644 proxies/live/apiproxy/policies/DecodeAccessTokenJWT.xml delete mode 100644 proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml diff --git a/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthHeaders.xml b/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthHeaders.xml index 5bb63dd..dd9d2b5 100644 --- a/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthHeaders.xml +++ b/proxies/live/apiproxy/policies/AssignMessage.AddUserAuthHeaders.xml @@ -5,7 +5,7 @@
{toUpperCase(accesstoken.auth_level)}
{accesstoken.auth_user_id}
-
{accesstoken.id_token}
+
{jwt.DecodeAccessTokenJWT.claim.vot}
 true diff --git a/proxies/live/apiproxy/policies/DecodeAccessTokenJWT.xml b/proxies/live/apiproxy/policies/DecodeAccessTokenJWT.xml new file mode 100644 index 0000000..c87d014 --- /dev/null +++ b/proxies/live/apiproxy/policies/DecodeAccessTokenJWT.xml @@ -0,0 +1,4 @@ + + DecodeAccessTokenJWT + accesstoken.id_token + diff --git a/proxies/live/apiproxy/targets/target.xml b/proxies/live/apiproxy/targets/target.xml index 764bb0c..c35b254 100644 --- a/proxies/live/apiproxy/targets/target.xml +++ b/proxies/live/apiproxy/targets/target.xml @@ -14,6 +14,9 @@ AddProxyURL + + DecodeAccessTokenJWT + AddUserAuthHeaders diff --git a/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml b/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml index d44d0df..a5e1d07 100644 --- a/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml +++ b/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml @@ -1,7 +1,7 @@ -
{jwt.DecodeJWT.FromJWTHeader.claim.issuer}
+
{jwt.DecodeJWT.accesstoken.id_token}
 false diff --git a/proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml b/proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml deleted file mode 100644 index 4d8362c..0000000 --- a/proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - -
{jwt.DecodeJWT.FromJWTHeader.claim.subject}
- - - false - - From d8fc1946be6862d18dbb20407fbe65eb1c329f96 Mon Sep 17 00:00:00 2001 From: Jack Plowman <62281988+JackPlowman@users.noreply.github.com> Date: Thu, 7 Nov 2024 13:18:30 +0000 Subject: [PATCH 3/3] NPA-3627 Revert Sandbox Changes --- .../apiproxy/policies/AssignMessage.AddIssuerHeader.xml | 2 +- .../apiproxy/policies/AssignMessage.AddUserIdHeader.xml | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml diff --git a/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml b/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml index a5e1d07..d44d0df 100644 --- a/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml +++ b/proxies/sandbox/apiproxy/policies/AssignMessage.AddIssuerHeader.xml @@ -1,7 +1,7 @@ -
{jwt.DecodeJWT.accesstoken.id_token}
+
{jwt.DecodeJWT.FromJWTHeader.claim.issuer}
 false diff --git a/proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml b/proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml new file mode 100644 index 0000000..4d8362c --- /dev/null +++ b/proxies/sandbox/apiproxy/policies/AssignMessage.AddUserIdHeader.xml @@ -0,0 +1,9 @@ + + + +
{jwt.DecodeJWT.FromJWTHeader.claim.subject}
+ + + false + +