fix: use encoded value for urns

[Alxandr]

Summary by CodeRabbit

Release Notes

• Bug Fixes

  • Improved external identity encoding for email-based authentication to ensure proper identifier construction and validation.

• Chores

  • Updated platform dependency package to latest maintenance release.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR updates the Altinn.Urn package dependency from version 4.1.1 to 4.1.2, and refactors email-based external identity construction in both production and test code to use the .Encoded property instead of .Value from UrnEncoded.

Changes

Cohort / File(s)	Summary
Email External Identity Refactoring src/Authentication/Services/OidcServerService.cs, test/Altinn.Platform.Authentication.Tests/Helpers/TokenAssertsHelper.cs	Updated email-based external identity construction from UrnEncoded.Create(...).Value to UrnEncoded.Create(...).Encoded. Added using Altinn.Urn; import to test file.
Dependency Update src/Core/Altinn.Platform.Authentication.Core.csproj	Bumped Altinn.Urn package version from 4.1.1 to 4.1.2.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 25.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: use encoded value for urns' clearly describes the main change across all three modified files, where encoded URN values are being used instead of raw values.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/urn-encoded

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@test/Altinn.Platform.Authentication.Tests/Helpers/TokenAssertsHelper.cs`:
- Line 70: The test assertion in TokenAssertsHelper.cs is creating the expected
external identifier without lowercasing the email, so it does not mirror
production logic; update the assertion that uses
AltinnCoreClaimTypes.ExternalIdentifier and
UrnEncoded.Create(testScenario.Email!) to call ToLowerInvariant() on
testScenario.Email before passing it to UrnEncoded.Create (i.e.
UrnEncoded.Create(testScenario.Email!.ToLowerInvariant()).Encoded) so the test
matches the OidcServerService production behavior.

[sonarqubecloud]

Quality Gate passed

Issues
10 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud