PDP: validation of parameters, invalid API response for getting users
When retrieving user details, the userid parameter isn't validated and the response is invalid.
RBAC >>> GET https://didmos.satosa.latest.rustbucket.io/pdp/users/test-user
RBAC <<< (response)
HTTP/1.1 200 OK
...
{"userid": "test-user", "assignedRoles": [], "authorizedRoles": []}
- Expected 1: API should expect
userid
instead ofusername
(sent:test-user
, will send UUID) - should raise error, - Expected 2: Response
userid
value is invalid, expecting either or both:userid=UUID, username=test-user