fix(webAPI): Specifying EndUserId on the ServiceOwner Search endpoint…

… produces 500 - Internal Server error (#1234)

GetOrCreateClaimsBasedOnEndUserId() caused this. Dropping the method
entirely fixes the problem and simplifies the code.

## Related Issue(s)

- #1233 

## Verification

- [x] **Your** code builds clean without any errors or warnings
- [x] Manual testing done (required)
- [ ] Relevant automated test added (if you find this hard, leave it and
we'll help out)

## Documentation

- [ ] Documentation is updated (either in `docs`-directory, Altinnpedia
or a separate linked PR in
[altinn-studio-docs.](https://github.com/Altinn/altinn-studio-docs), if
applicable)

docs/schema/V1/swagger.verified.json

@@ -5161,7 +5161,7 @@
             }
           },
           {
-            "description": "Filter by Display state ",
+            "description": "Filter by Display state",
             "explode": true,
             "in": "query",
             "name": "systemLabel",

src/Digdir.Domain.Dialogporten.Application/Externals/AltinnAuthorization/IAltinnAuthorization.cs

@@ -7,13 +7,11 @@ public interface IAltinnAuthorization
 {
     public Task<DialogDetailsAuthorizationResult> GetDialogDetailsAuthorization(
         DialogEntity dialogEntity,
-        string? endUserId = null,
         CancellationToken cancellationToken = default);
 
     public Task<DialogSearchAuthorizationResult> GetAuthorizedResourcesForSearch(
         List<string> constraintParties,
         List<string> constraintServiceResources,
-        string? endUserId = null,
         CancellationToken cancellationToken = default);
 
     public Task<AuthorizedPartiesResult> GetAuthorizedParties(IPartyIdentifier authenticatedParty, bool flatten = false,

src/Digdir.Domain.Dialogporten.Application/Features/V1/ServiceOwner/Dialogs/Queries/Get/GetDialogQuery.cs

@@ -101,7 +101,6 @@ public async Task<GetDialogResult> Handle(GetDialogQuery request, CancellationTo
 
             var authorizationResult = await _altinnAuthorization.GetDialogDetailsAuthorization(
                 dialog,
-                request.EndUserId,
                 cancellationToken);
 
             if (!authorizationResult.HasAccessToMainResource())

src/Digdir.Domain.Dialogporten.Application/Features/V1/ServiceOwner/Dialogs/Queries/Search/SearchDialogQuery.cs

@@ -96,7 +96,7 @@ public sealed class SearchDialogQuery : SortablePaginationParameter<SearchDialog
     public string? Process { get; init; }
 
     /// <summary>
-    /// Filter by Display state 
+    /// Filter by Display state
     /// </summary>
     public List<SystemLabel.Values>? SystemLabel { get; set; }
 
@@ -162,7 +162,6 @@ public async Task<SearchDialogResult> Handle(SearchDialogQuery request, Cancella
             var authorizedResources = await _altinnAuthorization.GetAuthorizedResourcesForSearch(
                 request.Party ?? [],
                 request.ServiceResource ?? [],
-                request.EndUserId,
                 cancellationToken);
             dialogQuery = _db.Dialogs.PrefilterAuthorizedDialogs(authorizedResources);
         }

src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/AltinnAuthorizationClient.cs

@@ -45,12 +45,11 @@ public AltinnAuthorizationClient(
 
     public async Task<DialogDetailsAuthorizationResult> GetDialogDetailsAuthorization(
         DialogEntity dialogEntity,
-        string? endUserId,
         CancellationToken cancellationToken = default)
     {
         var request = new DialogDetailsAuthorizationRequest
         {
-            Claims = GetOrCreateClaimsBasedOnEndUserId(endUserId),
+            Claims = _user.GetPrincipal().Claims.ToList(),
             ServiceResource = dialogEntity.ServiceResource,
             DialogId = dialogEntity.Id,
             Party = dialogEntity.Party,
@@ -64,10 +63,9 @@ public async Task<DialogDetailsAuthorizationResult> GetDialogDetailsAuthorizatio
     public async Task<DialogSearchAuthorizationResult> GetAuthorizedResourcesForSearch(
         List<string> constraintParties,
         List<string> serviceResources,
-        string? endUserId,
         CancellationToken cancellationToken = default)
     {
-        var claims = GetOrCreateClaimsBasedOnEndUserId(endUserId);
+        var claims = _user.GetPrincipal().Claims.ToList();
         var request = new DialogSearchAuthorizationRequest
         {
             Claims = claims,
@@ -187,21 +185,6 @@ private void LogIfIndeterminate(XacmlJsonResponse? response, XacmlJsonRequestRoo
         }
     }
 
-    private List<Claim> GetOrCreateClaimsBasedOnEndUserId(string? endUserId)
-    {
-        List<Claim> claims = [];
-        if (endUserId is not null && PartyIdentifier.TryParse(endUserId, out var partyIdentifier))
-        {
-            claims.Add(new Claim(partyIdentifier.Prefix(), partyIdentifier.Id));
-        }
-        else
-        {
-            claims.AddRange(_user.GetPrincipal().Claims);
-        }
-
-        return claims;
-    }
-
     private async Task<XacmlJsonResponse?> SendPdpRequest(
         XacmlJsonRequestRoot xacmlJsonRequest, CancellationToken cancellationToken) =>
         await SendRequest<XacmlJsonResponse>(

src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/LocalDevelopmentAltinnAuthorization.cs

@@ -20,14 +20,13 @@ public LocalDevelopmentAltinnAuthorization(IDialogDbContext db)
     [SuppressMessage("Performance", "CA1822:Mark members as static")]
     public Task<DialogDetailsAuthorizationResult> GetDialogDetailsAuthorization(
         DialogEntity dialogEntity,
-        string? _,
         CancellationToken __)
     {
         // Just allow everything
         return Task.FromResult(new DialogDetailsAuthorizationResult { AuthorizedAltinnActions = dialogEntity.GetAltinnActions() });
     }
 
-    public async Task<DialogSearchAuthorizationResult> GetAuthorizedResourcesForSearch(List<string> constraintParties, List<string> serviceResources, string? endUserId,
+    public async Task<DialogSearchAuthorizationResult> GetAuthorizedResourcesForSearch(List<string> constraintParties, List<string> serviceResources,
         CancellationToken cancellationToken = default)
     {