Updated project version from 1.0.1 to 1.0.2 in the `.csproj` file.
This includes changes to `<Version>`, `<AssemblyVersion>`, and
`<FileVersion>` to reflect a minor update or patch.
Refactored and renamed several test methods in `CookieNamesTests` to improve clarity and align with updated functionality. Replaced methods testing `GetEnvelopeReceiverKeyOrDefault` with new methods for `GetEnvelopeReceiverCookieName` and `GetEnvelopeKeyOrDefault`. Added new tests to validate behavior with default cookie names and incorrect bases. Renamed `TryGetEnvelopeReceiverKey` methods to `TryGetEnvelopeKey` for consistency, while maintaining their functionality.
Renamed and refactored methods in `CookieNames` to improve naming consistency and simplify usage. Added overloads with default `defaultCookieName` set to `"AuthToken"`. Updated XML documentation to reflect these changes.
Updated `CookieNamesTests` to use the new method names and signatures. Adjusted test cases to align with the new default behavior and ensure compatibility.
These changes enhance code readability, reduce redundancy, and standardize method naming conventions.
Added a new `CookieNamesTests` class to validate methods in the
`CookieNames` class, including scenarios for generating and
extracting cookie names and keys. Tests cover valid, invalid,
and unrelated cookie names, as well as round-trip validation
of `GetEnvelopeReceiverCookieName` and `GetEnvelopeReceiverKeyOrDefault`.
Updated `DigitalData.Auth.Tests.csproj` to include a project
reference to `DigitalData.Auth.Claims` for testing purposes.
Refactored `CookieNames.cs` to replace the `GetEnvelopeReceiverCookieName(string key)` method with new methods for extracting envelope receiver keys from cookie names:
- Added `GetEnvelopeReceiverKeyOrDefault` to extract keys or return `null` if the format is invalid.
- Added `TryGetEnvelopeReceiverKey` to attempt key extraction with a success flag.
Updated `DigitalData.Auth.Claims.csproj` to increment `Version`, `AssemblyVersion`, and `FileVersion` from 1.0.0 to 1.0.1, reflecting the new functionality.
Updated `DigitalData.Auth.API.csproj` to increment `<Version>`, `<AssemblyVersion>`, and `<FileVersion>` from `1.4.0` to `1.4.1`. This minor version update reflects bug fixes or small improvements without introducing breaking changes.
Introduce a new static class `CookieNames` in the `DigitalData.Auth.Claims` namespace to centralize and standardize the construction of cookie names for envelope receiver tokens.
- Added `GetEnvelopeReceiverCookieName` methods to generate cookie names with or without a default cookie name.
- Updated `AuthController` to use the `CookieNames` helper for constructing cookie names, replacing direct concatenation logic.
- Improved maintainability and consistency of cookie naming conventions across the application.
Added the `DigitalData.Auth.Claims` project to the solution,
including its build and debug configurations. Updated
`DigitalData.Auth.API.csproj` to reference the new project
and incremented version numbers to 1.4.0.
Enhanced `Program.cs` with a new JWT signature handler for
`EnvelopeReceiverSecretDto`, generating claims for envelope
and receiver-specific data. Added `DirectorySearchService`
to the service collection, configured via `DirectorySearchOptions`.
Enhanced the `AuthController` to support JWT token generation
for `EnvelopeReceiverSecretDto` entities. Added a new
dependency `IJwtSignatureHandler<EnvelopeReceiverSecretDto>`
and updated the constructor to inject it.
Refactored the `CreateTokenForEnvelopeReceiver` method:
- Added a `cookie` query parameter to control token delivery.
- Implemented consumer validation using `_consumerService`.
- Added token descriptor retrieval from `_keyPool`.
- Improved `AccessCode` validation for `EnvelopeReceiver`.
- Added logic to set tokens as cookies or return in the body.
Updated `using` directives to include required namespaces.
Improved error handling, readability, and flexibility in
token generation and delivery.
Added a new .NET project `DigitalData.Auth.Claims` targeting `net8.0`
with metadata for NuGet packaging. The project is configured to
not generate a NuGet package on build.
Introduced the `EnvelopeClaimNames` static class to define strongly-typed
constants for custom JWT claim names specific to envelope receiver tokens.
These include `EnvelopeId`, `EnvelopeUuid`, `ReceiverId`, and
`ReceiverSignature`. Added XML documentation for all constants.
Refactor `AuthController` to include `IMediator` dependency and
introduce a new `CreateTokenForEnvelopeReceiver` API endpoint
to handle envelope receiver authentication.
- Updated `using` directives to remove unused namespaces and
add required ones for new functionality.
- Added `ReceiverLogin` model to represent envelope receiver
login credentials.
- Implemented `ReadEnvelopeReceiverSecretQuery` to validate
access codes for envelope receivers.
- Cleaned up unused fields and dependencies in `AuthController`.
Added Microsoft.AspNetCore.Authentication.JwtBearer (8.0.17) to the test project.
Updated EnvelopeGenerator to version 1.2.0.3 in the API project.
Aligned JwtBearer version to 8.0.17 for the net8.0 target framework.
Introduced `ExceptionHandlingMiddleware` to handle exceptions
globally, log errors, and return appropriate JSON responses.
Registered the middleware in `Program.cs` to ensure all requests
are processed through it. Added localization support in
`Program.cs` to enable localized error messages and other
features.
The `MediatR` package (version 12.5.0) was added to the
`DigitalData.Auth.API.csproj` file. This introduces support
for the Mediator design pattern, which helps reduce coupling
between components and facilitates structured communication
via requests, commands, or queries.
Introduced a new `DbTriggerParams` configuration section in
`appsettings.json` to define database triggers for various
application components.
The section includes keys such as `Envelope`, `History`,
`EmailOut`, `EnvelopeReceiverReadOnly`, `Receiver`, and
`EmailTemplate`, each with corresponding arrays of trigger
names. This change enhances the application's ability to
manage database events in a structured and configurable way.
Added `Microsoft.EntityFrameworkCore.SqlServer` package to the
`DigitalData.Auth.API.csproj` file to enable SQL Server as the
database provider. Updated `Program.cs` to include the
`Microsoft.EntityFrameworkCore` namespace for database interaction.
Updated `DigitalData.Auth.Tests.csproj` to include `Microsoft.EntityFrameworkCore` version `8.0.17`.
Refactored `AuthController.cs` to remove unused imports and update to the latest `DigitalData.Core.Abstraction.Application` namespaces.
Streamlined `DigitalData.Auth.API.csproj`:
- Changed target framework to `net8.0`.
- Upgraded `DigitalData.Core.Abstractions` to `4.3.0` and `DigitalData.Core.Application` to `3.4.0`.
- Added `EnvelopeGenerator` and `Microsoft.EntityFrameworkCore` dependencies.
- Removed outdated `UserManager` dependencies.
Enhanced `Program.cs`:
- Integrated `EnvelopeGenerator` services with database context and caching configuration.
- Removed `AddUserManager` service registration.
- Added SQL Server logging and error handling for `DbContext`.
These changes improve maintainability, adopt modern frameworks, and introduce new functionality with `EnvelopeGenerator`.
Added "CommonUserRoles" array with roles: Admin, UserManager, ContentManager, and Signatory to appsettings.json for improved role management configuration. No other changes made.
Updated Program.cs to include "CommonUserRoles" from configuration in JWT claims for users, adding them under ClaimTypes.Role if present. Also added System.Security.Claims using directive to support this change. This enables dynamic role assignment in user tokens.
Changed the "Audience" field for the consumer with Id 2 ("sign-flow-gen") from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" in consumer-repository.json. No other fields were affected.
Changed the Audience for JWT config with Id "f3c0881b-c349-442a-ac24-d02da0798abd" from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" to reflect the correct audience for token validation.
NLog provider setup and clearing of logging providers now occur
only outside development environments. The minimum logging level
is explicitly set to Trace for all environments.
Updated `DigitalData.Auth.API.csproj` to target both `net7.0` and `net8.0`.
Replaced `TargetFramework` with `TargetFrameworks` for multi-targeting.
Conditionally included `Microsoft.AspNetCore.Authentication.JwtBearer` based on the target framework version.
Added a project reference to `DigitalData.Auth.Abstractions`.
- Updated `AuthController` to monitor backdoor parameters and enhance user credential validation.
- Changed route for `Hash` method in `CryptController` for clarity.
- Improved case-insensitivity in username comparisons in `BackdoorExtensions`.
- Modified logging setup in `Program.cs` to clear providers and set minimum level to Trace.
- Added separate logging configuration for warnings in `appsettings.json`.
- Restructured `backdoors.json` to encapsulate entries within `BackdoorParams`.
Removed the `AddBackdoors` method from `DependencyInjection.cs` and replaced its usage in `Program.cs` with `Configure<Backdoor>`. Updated `using` directives to include `Microsoft.Extensions.DependencyInjection`. Added a new `BackdoorParams` class to encapsulate backdoor configuration settings.
Introduces a new `CryptController` in the `DigitalData.Auth.API.Controllers` namespace. This API controller features a GET endpoint, `Hash`, which accepts a password as a query parameter and returns its BCrypt hashed version.
- Changed `TryGet` method return type from `bool?` to `bool` in `BackdoorExtensions.cs` for improved clarity.
- Updated configuration retrieval in `DependencyInjection.cs` to use `GetSection("backdoors")` for targeted loading.
- Added `backdoors.json` configuration file in `Program.cs` to enhance modularity and organization of settings.
Updated `TryGet` method in `BackdoorExtensions.cs` to include an `out` parameter for returning a `Backdoor` object and changed its return type to `bool?`. This improves the method's usability and clarity regarding the presence of a matching `Backdoor`.
Modified `backdoors.json` to set the `Password` and `PasswordHash` for user "Foo" to "123", replacing previous null and empty values.
- Added using directive for DigitalData.Auth.API.Models.
- Removed obsolete service configuration line.
- Introduced new service registrations: AddBackdoors, AddAuthService, and AddRSAPool.
- Retained configuration for AuthApiParams to ensure settings are utilized.
Updated `DigitalData.Auth.API.csproj` to include new package references for improved security and functionality. Added a `Verify` method in the `Backdoor` class to securely check user credentials against plain text and hashed passwords. Introduced `BackdoorExtensions` with methods for easier retrieval of `Backdoor` instances by username.
This commit refactors the namespace from `DigitalData.Auth.API.Dto` to `DigitalData.Auth.API.Models` in several files, improving the organization of data structures. A new `Backdoor` class is added to support backdoor authentication, along with a method in `DependencyInjection.cs` to register backdoor configurations. Additionally, `AuthApiParams` configuration is included in `Program.cs`, and a new JSON structure for backdoor users is introduced in `backdoors.json`. These changes enhance the codebase's structure and functionality.
- Die UpdateContent-Methode wurde aktualisiert, um den SecurityKey zurückzusetzen, wenn der PEM-Inhalt leer oder mit Leerzeichen versehen ist.
- Es wurde sichergestellt, dass ein neuer RSA-Schlüssel erstellt wird, wenn der Inhalt ungültig oder nicht vorhanden ist.
- net9.0 zu TargetFrameworks hinzugefügt.
- Paketverweise für Microsoft.AspNetCore.SignalR.Client und Microsoft.Extensions.Hosting.Abstractions, die auf net9.0 abzielen, hinzugefügt.
- Bumped Package Version, AssemblyVersion und FileVersion auf 1.3.6.
