DFPL 2499 #5578
DFPL 2499 #5578
Conversation
github-actions
bot
added
the
ccd configuration
| @@ -1,7 +1,7 @@ | |||
| name: fpl-case-service | |||
| apiVersion: v2 | |||
| home: https://github.com/hmcts/fpl-ccd-configuration | |||
| version: 1.12.79 | |||
| version: 1.12.80 | |||
There was a problem hiding this comment.
Is this needed? Doesn't look like anything's changed here.
There was a problem hiding this comment.
The bot updated the version automatically. Wonder if the bot is triggered because I added two new secrets to charts/fpl-case-service/values.yaml Should I revert the version?
|
|
||
| public byte[] downloadDocumentByDocumentId(String documentId) throws IllegalArgumentException, EmptyFileException { | ||
| return secureDocStoreService.downloadDocument(documentId); | ||
| return secureDocStoreService.downloadDocument(documentId, cafcassSystemUserService.getUserToken()); |
There was a problem hiding this comment.
Can we not use the calling user's token here like we normally do when calling the docstore (on requestData)? That should be the cafcass system user, saves logging in again/if ever an accidental bug allows the non-docstore user to login.
Not sure we should ever be logging in and doing actions on their behalf, but use their request token to do it?
There was a problem hiding this comment.
The IDAM /userinfo endpoint will only return user name but not the other details (e.g. user roles) if the token is generated via password grant.
CCD / CDAM will throw exception if they can't grab the user role with the tokens.
That's why we need to get the token via login, such that IDAM will return a full userinfo
Pull request was closed
JIRA link (if applicable)
https://tools.hmcts.net/jira/browse/DFPL-2499
Change description
We are going to set up a system user for Cafcass with the right set of roles to access our new Cafcass APIs.
This PR: update the validation of the access token. add Cafcass system user configurartion
Does this PR introduce a breaking change? (check one with "x")