From 37e545a0da0c1c5d354c7b2cb8ab4ca163a2bf17 Mon Sep 17 00:00:00 2001 From: Amund Date: Thu, 9 Jan 2025 13:10:24 +0100 Subject: [PATCH] fix: Authentication level claim is 0 in dialog token (#1654) ## Description Changed IdportenAuthLevelClaim constant to fix parsing of Acr field in dialog token ## Related Issue(s) - #1458 ## Verification - [x] **Your** code builds clean without any errors or warnings - [x] Manual testing done (required) - [ ] Relevant automated test added (if you find this hard, leave it and we'll help out) ## Documentation - [ ] Documentation is updated (either in `docs`-directory, Altinnpedia or a separate linked PR in [altinn-studio-docs.](https://github.com/Altinn/altinn-studio-docs), if applicable) --- .../Common/Authentication/AuthenticationBuilderExtensions.cs | 5 +++++ .../Common/Authentication/AuthenticationBuilderExtensions.cs | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/src/Digdir.Domain.Dialogporten.GraphQL/Common/Authentication/AuthenticationBuilderExtensions.cs b/src/Digdir.Domain.Dialogporten.GraphQL/Common/Authentication/AuthenticationBuilderExtensions.cs index f5a8a32e3..660c27cf8 100644 --- a/src/Digdir.Domain.Dialogporten.GraphQL/Common/Authentication/AuthenticationBuilderExtensions.cs +++ b/src/Digdir.Domain.Dialogporten.GraphQL/Common/Authentication/AuthenticationBuilderExtensions.cs @@ -1,6 +1,7 @@ using Microsoft.IdentityModel.Tokens; using Microsoft.AspNetCore.Authentication.JwtBearer; using System.Diagnostics; +using System.IdentityModel.Tokens.Jwt; namespace Digdir.Domain.Dialogporten.GraphQL.Common.Authentication; @@ -22,6 +23,10 @@ public static IServiceCollection AddDialogportenAuthentication( services.AddSingleton(); + // Turn off mapping InboundClaims names to its longer version + // "acr" => "http://schemas.microsoft.com/claims/authnclassreference" + JwtSecurityTokenHandler.DefaultMapInboundClaims = false; + var authenticationBuilder = services.AddAuthentication(); foreach (var schema in jwtTokenSchemas) diff --git a/src/Digdir.Domain.Dialogporten.WebApi/Common/Authentication/AuthenticationBuilderExtensions.cs b/src/Digdir.Domain.Dialogporten.WebApi/Common/Authentication/AuthenticationBuilderExtensions.cs index 52e17c184..e0d8a3981 100644 --- a/src/Digdir.Domain.Dialogporten.WebApi/Common/Authentication/AuthenticationBuilderExtensions.cs +++ b/src/Digdir.Domain.Dialogporten.WebApi/Common/Authentication/AuthenticationBuilderExtensions.cs @@ -1,6 +1,7 @@ using Microsoft.IdentityModel.Tokens; using Microsoft.AspNetCore.Authentication.JwtBearer; using System.Diagnostics; +using System.IdentityModel.Tokens.Jwt; namespace Digdir.Domain.Dialogporten.WebApi.Common.Authentication; @@ -24,6 +25,10 @@ public static IServiceCollection AddDialogportenAuthentication( services.AddSingleton(); + // Turn off mapping InboundClaims names to its longer version + // "acr" => "http://schemas.microsoft.com/claims/authnclassreference" + JwtSecurityTokenHandler.DefaultMapInboundClaims = false; + var authenticationBuilder = services.AddAuthentication(); foreach (var schema in jwtTokenSchemas)