LG-12190 Store vtr and acr_values in sp_session#10004
Merged
Conversation
In #9991 the `vtr` property is added to the `ServiceProviderRequest`. Since the `vtr` property is introduced there it is unsafe to create a `ServiceProviderRequest` record with `vtr` during a deploy since some instances may have code that is unaware of the `vtr` property and will result in an `ArgumentError` when creating a `ServiceProviderRequest` Once the changes in #9991 are deployed it should be safe to create records with the `vtr` property. This commit does that in the `ServiceProviderRequestProxy`. [skip changelog]
This commit adds code to the `OpenidConnectAuthorizeForm` to consume a `vtr` param. This param validated and then added to the `ServiceProviderRequest` and eventually added to the `sp_session` by the `StoreSpMetadataInSession` service. This `vtr` param will eventually be used along with the new `AuthnContextResolver` tooling to determine what features need to be in place for an authentication and identity proofing transaction. [skip changelog]
Co-authored-by: John Maxwell <john.maxwell@gsa.gov>
Co-authored-by: John Maxwell <john.maxwell@gsa.gov>
zachmargolis
approved these changes
Feb 1, 2024
Comment on lines
+321
to
+322
| rescue Vot::Parser::ParseException | ||
| nil |
Contributor
There was a problem hiding this comment.
would we want to catch this exception and add an error for it? or no
Contributor
Author
There was a problem hiding this comment.
The validate_vtr param has kind of a roundabout way of doing it. It looks like see if the param is present and this is nil.
I would like to find a more direct and elegant way of doing it. The trick with this getting reliably re-evaluated with valid? calls could get messy.
jmhooper
commented
Feb 5, 2024
jmhooper
commented
Feb 5, 2024
jmhooper
commented
Feb 5, 2024
jmhooper
force-pushed
the
jmhooper-write-vtr-to-sp-request
branch
from
a00798f to
e03acc8
Compare
jmhooper
added a commit
that referenced
this pull request
Feb 6, 2024
jmhooper
added a commit
that referenced
this pull request
Feb 6, 2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This commit adds code to the
OpenidConnectAuthorizeFormto consume avtrparam. This param validated and then added to theServiceProviderRequestand eventually added to thesp_sessionby theStoreSpMetadataInSessionservice.This
vtrparam will eventually be used along with the newAuthnContextResolvertooling to determine what features need to be in place for an authentication and identity proofing transaction.