Skip to content

WIP #1019

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
rdubigny wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

WIP #1019

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d39f651
WIP
rdubigny Mar 24, 2026
332a78b
✅ fix tests
BenoitSerrano Mar 24, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions back/apps/core-fca-low/src/controllers/interaction.controller.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -395,7 +395,7 @@ describe("InteractionController", () => {
const res: Partial<Response> = { redirect: jest.fn() };
const userSessionService = {
get: jest.fn().mockReturnValue({
spIdentity: { sub: "user1" },
spIdentity: { sub: "user1", roles: ["agent_public"] },
interactionId: "interaction123",
idpAcr: "high",
spEssentialAcr: "high",
Expand Down Expand Up @@ -443,7 +443,7 @@ describe("InteractionController", () => {
const res = {} as Response;
const userSessionService = {
get: jest.fn().mockReturnValue({
spIdentity: { sub: "user1" },
spIdentity: { sub: "user1", roles: ["agent_public"] },
isSilentAuthentication: true,
idpId: "idp123",
}),
Expand All @@ -461,7 +461,7 @@ describe("InteractionController", () => {
const res = { redirect: jest.fn() } as unknown as Response;
const userSessionService = {
get: jest.fn().mockReturnValue({
spIdentity: { sub: "user1" },
spIdentity: { sub: "user1", roles: ["agent_public"] },
isSilentAuthentication: false,
interactionId: "interaction123",
idpId: "idp123",
Expand All @@ -483,7 +483,7 @@ describe("InteractionController", () => {
const res = {} as Response;
const userSessionService = {
get: jest.fn().mockReturnValue({
spIdentity: { sub: "user1", roles: [] },
spIdentity: { sub: "user1", roles: ["agent_public"] },
spId: "sp123",
idpId: "idp123",
idpIdentity: { is_service_public: false },
Expand All @@ -503,7 +503,7 @@ describe("InteractionController", () => {
const res = {} as Response;
const userSessionService = {
get: jest.fn().mockReturnValue({
spIdentity: { sub: "user1" },
spIdentity: { sub: "user1", roles: ["agent_public"] },
spId: "sp123",
idpId: "idp123",
idpIdentity: { is_service_public: false },
Expand All @@ -524,7 +524,7 @@ describe("InteractionController", () => {
const res = {} as Response;
const userSessionService = {
get: jest.fn().mockReturnValue({
spIdentity: { sub: "user1" },
spIdentity: { sub: "user1", roles: ["agent_public"] },
spEssentialAcr: "high",
idpAcr: "low",
}),
Expand Down
8 changes: 3 additions & 5 deletions back/apps/core-fca-low/src/controllers/interaction.controller.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -249,7 +249,7 @@ export class InteractionController {
// is_service_public field is only provided by ProConnect Identité
// any identity without an is_service_public field is considered to be from the public sector
const isPrivateSectorIdentity = idpIdentity?.is_service_public === false;
const isRoleAgentPublic = !roles || roles.includes("agent_public");
const isRoleAgentPublic = roles.includes("agent_public");
const doesNotAcceptPrivateSectorEmployees = spType === "public";

if (
Expand All @@ -258,10 +258,8 @@ export class InteractionController {
) {
this.logger.warn({
code: "agent_public_role_mismatch",
roles,
is_service_public: idpIdentity?.is_service_public,
spType,
siret: idpIdentity?.siret,
isPrivateSectorIdentity,
isRoleAgentPublic,
});
}
if (isPrivateSectorIdentity && doesNotAcceptPrivateSectorEmployees) {
Expand Down
6 changes: 3 additions & 3 deletions back/apps/core-fca-low/src/dto/identity-for-sp.dto.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import {
IsArray,
IsDefined,
IsEnum,
IsObject,
IsOptional,
IsString,
MaxLength,
MinLength,
Expand Down Expand Up @@ -35,6 +35,7 @@ export class IdentityForSpDto extends IdentityFromIdpDto {
@IsString()
idp_acr: string;

@IsArray()
@IsEnum(
[
"dirigeant",
Expand All @@ -46,6 +47,5 @@ export class IdentityForSpDto extends IdentityFromIdpDto {
],
{ each: true },
)
@IsOptional()
roles?: string[];
roles: string[];
}
8 changes: 4 additions & 4 deletions back/apps/core-fca-low/src/services/identity.sanitizer.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,7 @@ describe("IdentitySanitizer", () => {
sub,
uid: "UID123",
usual_name: "Doe",
roles: [],
});
});

Expand All @@ -174,6 +175,7 @@ describe("IdentitySanitizer", () => {
usual_name: "Doe",
uid: "UID123",
siret: "12345678900007",
is_service_public: true,
};

config.get = jest.fn().mockReturnValue({
Expand All @@ -195,7 +197,6 @@ describe("IdentitySanitizer", () => {
cachedOrganizationService.getCachedOrganizationBySiret,
).toHaveBeenCalledWith("12345678900007");
expect(identityForSp.roles).toEqual(["agent_public"]);
expect(identityForSp.is_service_public).toBe(true);
});

it("should handle error when getCachedOrganizationBySiret throws", async () => {
Expand Down Expand Up @@ -229,10 +230,9 @@ describe("IdentitySanitizer", () => {

expect(logger.error).toHaveBeenCalledWith({
code: "identity-sanitizer-cached-organization-error",
error,
originalError: error,
});
expect(result.roles).toBeUndefined();
expect(result.is_service_public).toBeUndefined();
expect(result.roles).toEqual([]);
});

it("should not throw CoreFcaInvalidIdentityException when phone number is invalid", async () => {
Expand Down
4 changes: 2 additions & 2 deletions back/apps/core-fca-low/src/services/identity.sanitizer.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ export class IdentitySanitizer {
const { featureFetchOrganizationData } =
this.config.get<ApiEntrepriseConfig>("ApiEntreprise");

identityForSp.roles = [];
if (featureFetchOrganizationData && !!identityForSp.siret) {
try {
const cachedOrganization =
Expand All @@ -74,11 +75,10 @@ export class IdentitySanitizer {
const roles =
this.cachedOrganizationService.computeRoles(cachedOrganization);
identityForSp.roles = roles;
identityForSp.is_service_public = roles.includes("agent_public");
} catch (error) {
this.logger.error({
code: "identity-sanitizer-cached-organization-error",
error,
originalError: error,
});
}
}
Expand Down
14 changes: 7 additions & 7 deletions back/libs/cached-organization/src/services/cached-organization.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,13 @@ export class CachedOrganizationService {

computeRoles(cachedOrganization: CachedOrganization): string[] {
const roles: string[] = [];
const isServicePublic = isPublicService({
cached_categorie_juridique: cachedOrganization.categorieJuridique,
cached_etat_administratif: cachedOrganization.etatAdministratif,
siret: cachedOrganization.siret,
});

if (isServicePublic) {
if (
isPublicService({
cached_categorie_juridique: cachedOrganization.categorieJuridique,
cached_etat_administratif: cachedOrganization.etatAdministratif,
siret: cachedOrganization.siret,
})
) {
roles.push("agent_public");
}

Expand Down
1 change: 1 addition & 0 deletions back/libs/logger-plugins/src/services/logger-session.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ export class LoggerSessionService implements LoggerPluginServiceInterface {
spSiret: spIdentity?.siret,
spSiretHint,
spSub: spIdentity?.sub,
spRoles: spIdentity?.roles,
};

return context;
Expand Down
Loading