From 5a4409e931405c5b1caea84ebb1cbe57f20b83cf Mon Sep 17 00:00:00 2001 From: RyanThomas1214 Date: Wed, 9 Jul 2025 15:11:58 +0100 Subject: [PATCH 1/4] FLAGSAPI-1140 update user restricted scope to be level aal2 --- manifest_template.yml | 4 ++-- proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml | 1 + proxies/live/apiproxy/targets/scr-target.xml | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/manifest_template.yml b/manifest_template.yml index 6d154ad56..1dcb93261 100644 --- a/manifest_template.yml +++ b/manifest_template.yml @@ -71,7 +71,7 @@ apigee: {% endif %} scopes: - 'urn:nhsd:apim:app:level3:summary-care-record' - - 'urn:nhsd:apim:user-nhs-id:aal3:summary-care-record' + - 'urn:nhsd:apim:user-nhs-id:aal2:summary-care-record' quota: {{ ENV.quota | default('300') }} quotaInterval: '1' quotaTimeUnit: minute @@ -92,7 +92,7 @@ ACCESS_MODES: - name: user-restricted nameSuffix: '' displayName: Healthcare Worker - scopes: ['urn:nhsd:apim:user-nhs-id:aal3:summary-care-record'] + scopes: ['urn:nhsd:apim:user-nhs-id:aal2:summary-care-record'] requireCallbackUrl: true description: User restricted - name: application-restricted diff --git a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml index 04ede1d35..ea820ad66 100644 --- a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml +++ b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml @@ -1,3 +1,4 @@ VerifyAccessToken + urn:nhsd:apim:app:level3:summary-care-record, urn:nhsd:apim:user-nhs-id:aal2:summary-care-record diff --git a/proxies/live/apiproxy/targets/scr-target.xml b/proxies/live/apiproxy/targets/scr-target.xml index e4738eb2b..4cd4e1a11 100644 --- a/proxies/live/apiproxy/targets/scr-target.xml +++ b/proxies/live/apiproxy/targets/scr-target.xml @@ -29,7 +29,7 @@ AssignMessage.SetAccessModeUserRestricted - (scope JavaRegex "(.+\ urn:nhsd:apim:user-nhs-id:aal3:summary-care-record\ .+|^urn:nhsd:apim:user-nhs-id:aal3:summary-care-record\ .+|.+\ urn:nhsd:apim:user-nhs-id:aal3:summary-care-record$|^urn:nhsd:apim:user-nhs-id:aal3:summary-care-record$)") + (scope JavaRegex "(.+\ urn:nhsd:apim:user-nhs-id:aal2:summary-care-record\ .+|^urn:nhsd:apim:user-nhs-id:aal2:summary-care-record\ .+|.+\ urn:nhsd:apim:user-nhs-id:aal2:summary-care-record$|^urn:nhsd:apim:user-nhs-id:aal2:summary-care-record$)") FlowCallout.UserRoleService From 912ca410fc292d9bd36a659c2cad02b99db84852 Mon Sep 17 00:00:00 2001 From: RyanThomas1214 Date: Tue, 15 Jul 2025 14:26:59 +0100 Subject: [PATCH 2/4] FLAGSAPI-1140 fix formatting of scope --- proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml index ea820ad66..515c24e3d 100644 --- a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml +++ b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml @@ -1,4 +1,4 @@ VerifyAccessToken - urn:nhsd:apim:app:level3:summary-care-record, urn:nhsd:apim:user-nhs-id:aal2:summary-care-record + urn:nhsd:apim:app:level3:summary-care-record urn:nhsd:apim:user-nhs-id:aal2:summary-care-record From 501484acf55c90690be9b92a537cfa709cad0a27 Mon Sep 17 00:00:00 2001 From: RyanThomas1214 Date: Fri, 18 Jul 2025 08:38:17 +0100 Subject: [PATCH 3/4] FLAGSAPI-1140 fix formatting of scope --- proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml index 515c24e3d..dff191325 100644 --- a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml +++ b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml @@ -1,4 +1,4 @@ VerifyAccessToken - urn:nhsd:apim:app:level3:summary-care-record urn:nhsd:apim:user-nhs-id:aal2:summary-care-record + urn:nhsd:apim:app:level3:summary-care-record urn:nhsd:apim:user-nhs-id:aal2:summary-care-record urn:nhsd:apim:user-nhs-id:aal3:summary-care-record From a5839afd2e3f0287bf82ed89bc7285d73f1d8e2f Mon Sep 17 00:00:00 2001 From: RyanThomas1214 Date: Fri, 18 Jul 2025 13:34:51 +0100 Subject: [PATCH 4/4] FLAGSAPI-1140 fix formatting of scope --- proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml index dff191325..515c24e3d 100644 --- a/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml +++ b/proxies/live/apiproxy/policies/OAuthV2.VerifyAccessToken.xml @@ -1,4 +1,4 @@ VerifyAccessToken - urn:nhsd:apim:app:level3:summary-care-record urn:nhsd:apim:user-nhs-id:aal2:summary-care-record urn:nhsd:apim:user-nhs-id:aal3:summary-care-record + urn:nhsd:apim:app:level3:summary-care-record urn:nhsd:apim:user-nhs-id:aal2:summary-care-record