Introduce a new static class `CookieNames` in the `DigitalData.Auth.Claims` namespace to centralize and standardize the construction of cookie names for envelope receiver tokens.
- Added `GetEnvelopeReceiverCookieName` methods to generate cookie names with or without a default cookie name.
- Updated `AuthController` to use the `CookieNames` helper for constructing cookie names, replacing direct concatenation logic.
- Improved maintainability and consistency of cookie naming conventions across the application.
Added the `DigitalData.Auth.Claims` project to the solution,
including its build and debug configurations. Updated
`DigitalData.Auth.API.csproj` to reference the new project
and incremented version numbers to 1.4.0.
Enhanced `Program.cs` with a new JWT signature handler for
`EnvelopeReceiverSecretDto`, generating claims for envelope
and receiver-specific data. Added `DirectorySearchService`
to the service collection, configured via `DirectorySearchOptions`.
Enhanced the `AuthController` to support JWT token generation
for `EnvelopeReceiverSecretDto` entities. Added a new
dependency `IJwtSignatureHandler<EnvelopeReceiverSecretDto>`
and updated the constructor to inject it.
Refactored the `CreateTokenForEnvelopeReceiver` method:
- Added a `cookie` query parameter to control token delivery.
- Implemented consumer validation using `_consumerService`.
- Added token descriptor retrieval from `_keyPool`.
- Improved `AccessCode` validation for `EnvelopeReceiver`.
- Added logic to set tokens as cookies or return in the body.
Updated `using` directives to include required namespaces.
Improved error handling, readability, and flexibility in
token generation and delivery.
Added a new .NET project `DigitalData.Auth.Claims` targeting `net8.0`
with metadata for NuGet packaging. The project is configured to
not generate a NuGet package on build.
Introduced the `EnvelopeClaimNames` static class to define strongly-typed
constants for custom JWT claim names specific to envelope receiver tokens.
These include `EnvelopeId`, `EnvelopeUuid`, `ReceiverId`, and
`ReceiverSignature`. Added XML documentation for all constants.
Refactor `AuthController` to include `IMediator` dependency and
introduce a new `CreateTokenForEnvelopeReceiver` API endpoint
to handle envelope receiver authentication.
- Updated `using` directives to remove unused namespaces and
add required ones for new functionality.
- Added `ReceiverLogin` model to represent envelope receiver
login credentials.
- Implemented `ReadEnvelopeReceiverSecretQuery` to validate
access codes for envelope receivers.
- Cleaned up unused fields and dependencies in `AuthController`.
Added Microsoft.AspNetCore.Authentication.JwtBearer (8.0.17) to the test project.
Updated EnvelopeGenerator to version 1.2.0.3 in the API project.
Aligned JwtBearer version to 8.0.17 for the net8.0 target framework.
Introduced `ExceptionHandlingMiddleware` to handle exceptions
globally, log errors, and return appropriate JSON responses.
Registered the middleware in `Program.cs` to ensure all requests
are processed through it. Added localization support in
`Program.cs` to enable localized error messages and other
features.
The `MediatR` package (version 12.5.0) was added to the
`DigitalData.Auth.API.csproj` file. This introduces support
for the Mediator design pattern, which helps reduce coupling
between components and facilitates structured communication
via requests, commands, or queries.
Introduced a new `DbTriggerParams` configuration section in
`appsettings.json` to define database triggers for various
application components.
The section includes keys such as `Envelope`, `History`,
`EmailOut`, `EnvelopeReceiverReadOnly`, `Receiver`, and
`EmailTemplate`, each with corresponding arrays of trigger
names. This change enhances the application's ability to
manage database events in a structured and configurable way.
Added `Microsoft.EntityFrameworkCore.SqlServer` package to the
`DigitalData.Auth.API.csproj` file to enable SQL Server as the
database provider. Updated `Program.cs` to include the
`Microsoft.EntityFrameworkCore` namespace for database interaction.
Updated `DigitalData.Auth.Tests.csproj` to include `Microsoft.EntityFrameworkCore` version `8.0.17`.
Refactored `AuthController.cs` to remove unused imports and update to the latest `DigitalData.Core.Abstraction.Application` namespaces.
Streamlined `DigitalData.Auth.API.csproj`:
- Changed target framework to `net8.0`.
- Upgraded `DigitalData.Core.Abstractions` to `4.3.0` and `DigitalData.Core.Application` to `3.4.0`.
- Added `EnvelopeGenerator` and `Microsoft.EntityFrameworkCore` dependencies.
- Removed outdated `UserManager` dependencies.
Enhanced `Program.cs`:
- Integrated `EnvelopeGenerator` services with database context and caching configuration.
- Removed `AddUserManager` service registration.
- Added SQL Server logging and error handling for `DbContext`.
These changes improve maintainability, adopt modern frameworks, and introduce new functionality with `EnvelopeGenerator`.
Added "CommonUserRoles" array with roles: Admin, UserManager, ContentManager, and Signatory to appsettings.json for improved role management configuration. No other changes made.
Updated Program.cs to include "CommonUserRoles" from configuration in JWT claims for users, adding them under ClaimTypes.Role if present. Also added System.Security.Claims using directive to support this change. This enables dynamic role assignment in user tokens.
Changed the "Audience" field for the consumer with Id 2 ("sign-flow-gen") from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" in consumer-repository.json. No other fields were affected.
Changed the Audience for JWT config with Id "f3c0881b-c349-442a-ac24-d02da0798abd" from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" to reflect the correct audience for token validation.
NLog provider setup and clearing of logging providers now occur
only outside development environments. The minimum logging level
is explicitly set to Trace for all environments.
Updated `DigitalData.Auth.API.csproj` to target both `net7.0` and `net8.0`.
Replaced `TargetFramework` with `TargetFrameworks` for multi-targeting.
Conditionally included `Microsoft.AspNetCore.Authentication.JwtBearer` based on the target framework version.
Added a project reference to `DigitalData.Auth.Abstractions`.
- Updated `AuthController` to monitor backdoor parameters and enhance user credential validation.
- Changed route for `Hash` method in `CryptController` for clarity.
- Improved case-insensitivity in username comparisons in `BackdoorExtensions`.
- Modified logging setup in `Program.cs` to clear providers and set minimum level to Trace.
- Added separate logging configuration for warnings in `appsettings.json`.
- Restructured `backdoors.json` to encapsulate entries within `BackdoorParams`.
Removed the `AddBackdoors` method from `DependencyInjection.cs` and replaced its usage in `Program.cs` with `Configure<Backdoor>`. Updated `using` directives to include `Microsoft.Extensions.DependencyInjection`. Added a new `BackdoorParams` class to encapsulate backdoor configuration settings.
Introduces a new `CryptController` in the `DigitalData.Auth.API.Controllers` namespace. This API controller features a GET endpoint, `Hash`, which accepts a password as a query parameter and returns its BCrypt hashed version.
- Changed `TryGet` method return type from `bool?` to `bool` in `BackdoorExtensions.cs` for improved clarity.
- Updated configuration retrieval in `DependencyInjection.cs` to use `GetSection("backdoors")` for targeted loading.
- Added `backdoors.json` configuration file in `Program.cs` to enhance modularity and organization of settings.
Updated `TryGet` method in `BackdoorExtensions.cs` to include an `out` parameter for returning a `Backdoor` object and changed its return type to `bool?`. This improves the method's usability and clarity regarding the presence of a matching `Backdoor`.
Modified `backdoors.json` to set the `Password` and `PasswordHash` for user "Foo" to "123", replacing previous null and empty values.
- Added using directive for DigitalData.Auth.API.Models.
- Removed obsolete service configuration line.
- Introduced new service registrations: AddBackdoors, AddAuthService, and AddRSAPool.
- Retained configuration for AuthApiParams to ensure settings are utilized.
Updated `DigitalData.Auth.API.csproj` to include new package references for improved security and functionality. Added a `Verify` method in the `Backdoor` class to securely check user credentials against plain text and hashed passwords. Introduced `BackdoorExtensions` with methods for easier retrieval of `Backdoor` instances by username.
This commit refactors the namespace from `DigitalData.Auth.API.Dto` to `DigitalData.Auth.API.Models` in several files, improving the organization of data structures. A new `Backdoor` class is added to support backdoor authentication, along with a method in `DependencyInjection.cs` to register backdoor configurations. Additionally, `AuthApiParams` configuration is included in `Program.cs`, and a new JSON structure for backdoor users is introduced in `backdoors.json`. These changes enhance the codebase's structure and functionality.
- Die UpdateContent-Methode wurde aktualisiert, um den SecurityKey zurückzusetzen, wenn der PEM-Inhalt leer oder mit Leerzeichen versehen ist.
- Es wurde sichergestellt, dass ein neuer RSA-Schlüssel erstellt wird, wenn der Inhalt ungültig oder nicht vorhanden ist.
- net9.0 zu TargetFrameworks hinzugefügt.
- Paketverweise für Microsoft.AspNetCore.SignalR.Client und Microsoft.Extensions.Hosting.Abstractions, die auf net9.0 abzielen, hinzugefügt.
- Bumped Package Version, AssemblyVersion und FileVersion auf 1.3.6.
- Hinzugefügt: `TryStartConnectionAsync`-Methode zur Durchführung von Verbindungsversuchen mit Wiederholungslogik.
- `StartAsync` aktualisiert, um wiederholt zu versuchen, die Verbindung herzustellen, bis sie erfolgreich ist oder `RetryDelay` erschöpft ist.
- Aktualisiert um AuthClient zu den Diensten als Hosted Service hinzuzufügen.
- Der zugehörige Unit-Test wurde aktualisiert, um IHost anstelle von IServiceProvider zu verwenden, um gehostete Dienste testen zu können.
