[Blocked] Return correct AAL value in user_info JWT #11027
Draft
Commits on Sep 16, 2024
-
Return correct AAL value in user_info JWT
**Why** * When no AAL ACR value is selected and the SP requires a higher default AAL level or the request demands identity proofing, the user_info block should return the correct AAL ACR value instead of the default AAL ACR * Resolves https://gitlab.login.gov/lg-people/lg-people-appdev/Melba/backlog-fy24/-/issues/55 **How** * Map the ServiceProvider.default_aal value to a known ACR value using a new method (AuthnContextResolver.asserted_aal_value) * Ensure the new asserted AAL ACR value is used as a fallback in the OpenidConnectUserInfoPresenter and OpenidConnectAuthorizeForm so that the JWT built by IdTokenBuilder is correct and doesn't overwrite pre-existing data. changelog: Bug Fixes, OIDC Authentication, Return correct AAL in JWT
-
-
-
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.