Skip to content

LG-11537 Access the active profile in the userinfo endpoint#9596

Merged
jmhooper merged 2 commits intomainfrom
jmhooper-access-correct-profile-in-user-info
Nov 15, 2023
Merged

LG-11537 Access the active profile in the userinfo endpoint#9596
jmhooper merged 2 commits intomainfrom
jmhooper-access-correct-profile-in-user-info

Conversation

@jmhooper
Copy link
Contributor

In #9509 we added the ability to specify which profile to fetch PII from when reading PII from the session.

This commit applies that capability to the OpenID Connect UserInfo endpoint to ensure that only the active profile's PII is used there.

The user info endpoint is used by service providers to access PII after auth. As a result it is not a request made by users and does not have a user session. To read PII we use the out-of-band session accessor's #load_pii method. This commit adds a profile_id arg to that method and passes in the active profile's ID when reading PII.

In #9509 we added the ability to specify which profile to fetch PII from when reading PII from the session.

This commit applies that capability to the OpenID Connect UserInfo endpoint to ensure that only the active profile's PII is used there.

The user info endpoint is used by service providers to access PII after auth. As a result it is not a request made by users and does not have a user session. To read PII we use the out-of-band session accessor's `#load_pii` method. This commit adds a `profile_id` arg to that method and passes in the active profile's ID when reading PII.

changelog: Internal, Active-pending profile, The active profile is now read from the session on the userinfo endpoint.
# Only used for convenience in tests
# @param [Pii::Attributes] pii
def put_pii(pii, expiration = 5.minutes)
def put_pii(profile_id, pii, expiration = 5.minutes)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method creates a user session and adds PII to it. I found that throughout the code it was used as a convenience to create a user session. Above I added the put_empty_user_session to perform that action without adding PII to help make things a little more clear.

@jmhooper jmhooper requested a review from a team November 15, 2023 14:36
Copy link
Contributor

@soniaconnolly soniaconnolly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, a few comments.

@ial2_data ||= begin
if ial2_session? || ialmax_session?
out_of_band_session_accessor.load_pii
if (ial2_session? || ialmax_session?) && active_profile.present?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want a method that expresses ial2_session? || ialmax_session?, maybe profile_requested? or something like that?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think within the context of the user info controller these make sense as different request contexts where PII may be read. I think that reducing them to a single method may add some indirection.

OutOfBandSessionAccessor.new(
identity.rails_session_id,
).put_empty_user_session(
5.minutes.to_i,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noticed that this argument has to_i, but the default argument above is just 5.minutes, not sure if that's an issue.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it is. I'm just trying to keep it consistent with what was there before.

describe '#ttl' do
it 'returns the remaining time-to-live of the session data in redis' do
store.put_pii({ first_name: 'Fakey' }, 5.minutes.to_i)
store.put_pii(123, { first_name: 'Fakey' }, 5.minutes.to_i)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it make sense to let(profile_id) { 123 } for clarity?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I can do something like that.

@jmhooper jmhooper merged commit 92a3dbb into main Nov 15, 2023
@jmhooper jmhooper deleted the jmhooper-access-correct-profile-in-user-info branch November 15, 2023 17:24
# Only used for convenience in tests
# @param [Pii::Attributes] pii
def put_pii(pii, expiration = 5.minutes)
def put_pii(profile_id, pii, expiration = 5.minutes)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Next time I would convert these to keyword arugments, since pii used to be first and now it's not

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants