Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend/refactor OIDC configuration for DigiD/eHerkenning #71

Merged
merged 7 commits into from
Jun 13, 2024
Merged

Extend/refactor OIDC configuration for DigiD/eHerkenning #71

merged 7 commits into from
Jun 13, 2024

Conversation

sergei-maertens
Copy link
Member

  • Added support for dots in claim names
  • Added extra configuration fields to be able to capture the full authentication context

@sergei-maertens
⬆️ Bump minimum required moz-oidc-db library version
543157b 
Version 0.18.0 will have the ClaimFieldDefault utility that
we rely on.
@codecov Codecov
Copy link

codecov bot commented Jun 12, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 90.41%. Comparing base (0f75dbd) to head (04242ab).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master      #71      +/-   ##
==========================================
+ Coverage   90.12%   90.41%   +0.29%     
==========================================
  Files          50       50              
  Lines        1569     1576       +7     
  Branches      142      141       -1     
==========================================
+ Hits         1414     1425      +11     
+ Misses        114      110       -4     
  Partials       41       41
Flag Coverage Δ
base 89.35% <ø> (ø)
oidc 100.00% <100.00%> (+2.64%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@sergei-maertens sergei-maertens force-pushed the feature/refactor-oidc-to-claimfield branch 4 times, most recently from 13803e5 to e920f95 Compare June 12, 2024 14:41
@sergei-maertens
🗃️ Migrate claim fields to proper ClaimField and add missing fields
ec86150 
The existing string-fields are now migrated to claim fields so
that dots in claim names are supported. Additionally, the fields
have been renamed to better cover their meaning, in line with
the authentication context data model/json schema.
@sergei-maertens
🗃️ Add additional fields for mandate claim information extraction
c990f13 
From the test accounts/connections analysis, it became clear that additional
information needs to be extracted from the OIDC claims. This sets up the
relevant configuration fields to be able to specify which claims hold
which data.
@sergei-maertens
✨ Update admin form configuration
0860716 
Ensure that the renamed/moved and new fields are present in the
admin configuration forms.
@sergei-maertens
🔥 Remove code for claim management
54206fa 
This code is not directly consumed in any of our backends, and that
makes testing it hard too. The consuming code is (and belongs) in
Open Forms.
@sergei-maertens
✅ Add test for claim obfuscation configuration
48667bf
@sergei-maertens
✨ Define claim obfuscation parameters on config models
04242ab 
Downstream projects will miss/forget this, and we know which
claims hold privacy-sensitive information.
@sergei-maertens sergei-maertens force-pushed the feature/refactor-oidc-to-claimfield branch from 247490c to 04242ab Compare June 13, 2024 12:23
@sergei-maertens sergei-maertens merged commit f6a6801 into master Jun 13, 2024
16 checks passed
@sergei-maertens sergei-maertens deleted the feature/refactor-oidc-to-claimfield branch June 13, 2024 13:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevenbal stevenbal stevenbal requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sergei-maertens @stevenbal