Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setting only required default scopes for test realm #118

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Setting only required default scopes for test realm #118

wants to merge 1 commit into from

Conversation

anchita-g
Copy link
Collaborator

@anchita-g anchita-g commented Mar 6, 2023
edited
Loading

Description of what I changed

#101
To remove the extra claims regarding roles and emails in the test realm that we setup for sample tokens, explicitly set the defaultClientScopes while creating the realm. Also remove the group protocol mapper for this realm.

For test-smart, the extension that we use to enable SMART-on-FHIR already takes care of setting these claims up to the requirement.

E2E test

TESTED:

After the required changes, tested by issuing a token for both the realms.

For test realm, the token's payload when decoded used to look like this before:

{
  "exp": 1678093320,
  "iat": 1678093020,
  "jti": "1c826158-517a-434d-82c4-073f7992518e",
  "iss": "http://104.198.226.164:9080/auth/realms/test",
  "aud": "account",
  "sub": "a1d4b0ea-4c47-44b8-8af2-496ea1ed46f0",
  "typ": "Bearer",
  "azp": "my-fhir-client",
  "session_state": "277c6af2-dbe9-4ae2-91eb-9be2cfb4f9d5",
  "acr": "1",
  "realm_access": {
    "roles": [
      "default-roles-test",
      "offline_access",
      "uma_authorization"
    ]
  },
  "resource_access": {
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    }
  },
  "scope": "profile email",
  "sid": "277c6af2-dbe9-4ae2-91eb-9be2cfb4f9d5",
  "email_verified": false,
  "patient_list": "4156970",
  "preferred_username": "testuser",
  "group": [
    "fhirUser"
  ]
}

After the changes it looks like this:

{
  "exp": 1678091062,
  "iat": 1678090762,
  "jti": "5cdcd82c-bef6-462d-baa3-0a5f3a0fd7c1",
  "iss": "http://localhost:9080/auth/realms/test",
  "sub": "7cbd5274-c1bb-4041-b8de-454c336b179a",
  "typ": "Bearer",
  "azp": "my-fhir-client",
  "session_state": "39d52772-5322-4561-8db3-78d8b6dbf2b1",
  "scope": "profile",
  "sid": "39d52772-5322-4561-8db3-78d8b6dbf2b1",
  "patient_list": "patient-list-example",
  "preferred_username": "testuser"
}

Checklist: I completed these to help reviewers :)

  • I have read and will follow the review process.

  • I am familiar with Google Style Guides for the language I have coded in.

    No? Please take some time and review Java and Python style guides.

  • My IDE is configured to follow the Google code styles.

    No? Unsure? -> configure your IDE.

  • I have added tests to cover my changes. (If you refactored existing code that was well tested you do not have to add tests)

  • I ran mvn clean package right before creating this pull request and added all formatting changes to my commit.

  • All new and existing tests passed.

  • My pull request is based on the latest changes of the master branch.

    No? Unsure? -> execute command git pull --rebase upstream master

@anchita-g anchita-g marked this pull request as draft March 6, 2023 09:00
@anchita-g anchita-g marked this pull request as ready for review March 6, 2023 09:00
@anchita-g anchita-g requested a review from bashir2 March 6, 2023 09:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bashir2 bashir2 Awaiting requested review from bashir2

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@anchita-g