Refactor EnvelopeReceiverPage for modular data handling
Refactored `EnvelopeReceiverPage.razor` to use new services for receiver authentication and data retrieval. Introduced `EnvelopeReceiverAuthorizationService` for handling JWT-based authorization and `EnvelopeReceiverPageDataService` for centralized data access and caching. Updated dependency injection in `Program.cs` to register these services. Replaced direct service calls with `PageDataService` methods for document, signature, and receiver data retrieval. Improved logging with `ILogger` and added debug logs for token validation. Enhanced modularity, maintainability, and performance by consolidating logic and reducing coupling between components.
This commit is contained in:
@@ -0,0 +1,93 @@
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Claims;
|
||||
using DigitalData.Auth.Claims;
|
||||
using EnvelopeGenerator.Domain.Constants;
|
||||
using EnvelopeGenerator.Server.Models;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.Extensions.Options;
|
||||
|
||||
namespace EnvelopeGenerator.Server.Services;
|
||||
|
||||
/// <summary>
|
||||
/// Authorizes receiver access for interactive server pages without calling a controller endpoint.
|
||||
/// </summary>
|
||||
public class EnvelopeReceiverAuthorizationService(
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
IAuthorizationService authorizationService,
|
||||
IOptions<AuthTokenKeys> authTokenKeyOptions,
|
||||
IOptionsMonitor<JwtBearerOptions> jwtBearerOptionsMonitor,
|
||||
ILogger<EnvelopeReceiverAuthorizationService> logger)
|
||||
{
|
||||
private readonly AuthTokenKeys _authTokenKeys = authTokenKeyOptions.Value;
|
||||
|
||||
/// <summary>
|
||||
/// Returns the authenticated receiver principal for the specified envelope key when authorization succeeds.
|
||||
/// </summary>
|
||||
public async Task<ClaimsPrincipal?> AuthorizeAsync(string envelopeKey, CancellationToken cancellationToken = default)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(envelopeKey))
|
||||
return null;
|
||||
|
||||
var httpContext = httpContextAccessor.HttpContext;
|
||||
if (httpContext is null)
|
||||
return null;
|
||||
|
||||
if (await IsAuthorizedReceiverAsync(httpContext.User, envelopeKey, cancellationToken))
|
||||
return httpContext.User;
|
||||
|
||||
var cookieName = CookieNames.GetEnvelopeReceiverCookieName(_authTokenKeys.Cookie, envelopeKey);
|
||||
if (!httpContext.Request.Cookies.TryGetValue(cookieName, out var token) || string.IsNullOrWhiteSpace(token))
|
||||
{
|
||||
logger.LogDebug("Receiver cookie '{CookieName}' was not found for envelope '{EnvelopeKey}'.", cookieName, envelopeKey);
|
||||
return null;
|
||||
}
|
||||
|
||||
var principal = ValidateReceiverToken(token);
|
||||
if (principal is null)
|
||||
return null;
|
||||
|
||||
if (!await IsAuthorizedReceiverAsync(principal, envelopeKey, cancellationToken))
|
||||
return null;
|
||||
|
||||
httpContext.User = principal;
|
||||
|
||||
return principal;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Checks whether the current request is authorized for the specified envelope key.
|
||||
/// </summary>
|
||||
public async Task<bool> IsAuthorizedAsync(string envelopeKey, CancellationToken cancellationToken = default)
|
||||
=> await AuthorizeAsync(envelopeKey, cancellationToken) is not null;
|
||||
|
||||
private async Task<bool> IsAuthorizedReceiverAsync(ClaimsPrincipal? principal, string envelopeKey, CancellationToken cancellationToken)
|
||||
{
|
||||
if (principal?.Identity?.IsAuthenticated != true)
|
||||
return false;
|
||||
|
||||
var authorizationResult = await authorizationService.AuthorizeAsync(principal, AuthPolicy.Receiver);
|
||||
if (!authorizationResult.Succeeded)
|
||||
return false;
|
||||
|
||||
var subject = principal.FindFirst(ClaimTypes.NameIdentifier)?.Value
|
||||
?? principal.FindFirst("sub")?.Value;
|
||||
|
||||
return string.Equals(subject, envelopeKey, StringComparison.Ordinal);
|
||||
}
|
||||
|
||||
private ClaimsPrincipal? ValidateReceiverToken(string token)
|
||||
{
|
||||
try
|
||||
{
|
||||
var tokenValidationParameters = jwtBearerOptionsMonitor.Get(AuthScheme.Receiver).TokenValidationParameters.Clone();
|
||||
var tokenHandler = new JwtSecurityTokenHandler();
|
||||
return tokenHandler.ValidateToken(token, tokenValidationParameters, out _);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger.LogDebug(ex, "Receiver token validation failed.");
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,103 @@
|
||||
using System.Security.Claims;
|
||||
using System.Text.Json;
|
||||
using EnvelopeGenerator.Application.Common.Dto;
|
||||
using EnvelopeGenerator.Application.Common.Dto.EnvelopeReceiver;
|
||||
using EnvelopeGenerator.Application.Documents.Queries;
|
||||
using EnvelopeGenerator.Application.EnvelopeReceivers.Queries;
|
||||
using EnvelopeGenerator.Server.Client.Models;
|
||||
using EnvelopeGenerator.Server.Client.Models.Constants;
|
||||
using EnvelopeGenerator.Server.Extensions;
|
||||
using EnvelopeGenerator.Server.Options;
|
||||
using MediatR;
|
||||
using Microsoft.Extensions.Caching.Distributed;
|
||||
using Microsoft.Extensions.Options;
|
||||
using ApplicationEnvelopeReceiverDto = EnvelopeGenerator.Application.Common.Dto.EnvelopeReceiver.EnvelopeReceiverDto;
|
||||
|
||||
namespace EnvelopeGenerator.Server.Services;
|
||||
|
||||
/// <summary>
|
||||
/// Loads receiver page data directly from MediatR and distributed cache.
|
||||
/// </summary>
|
||||
public class EnvelopeReceiverPageDataService(
|
||||
IMediator mediator,
|
||||
IDistributedCache cache,
|
||||
IOptions<CacheOptions> cacheOptions)
|
||||
{
|
||||
private const string SignatureCacheKeyPrefix = "envelope-generator.receiver-ui.signature:";
|
||||
|
||||
/// <summary>
|
||||
/// Loads the PDF document bytes for the authenticated receiver.
|
||||
/// </summary>
|
||||
public async Task<byte[]?> GetDocumentAsync(ClaimsPrincipal user, CancellationToken cancellationToken = default)
|
||||
{
|
||||
var document = await mediator.Send(new ReadDocumentQuery(EnvelopeId: user.EnvelopeId()), cancellationToken);
|
||||
return document.ByteData;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Loads the current receiver's signature placeholders.
|
||||
/// </summary>
|
||||
public async Task<IReadOnlyList<SignatureDto>> GetSignaturesAsync(ClaimsPrincipal user, CancellationToken cancellationToken = default)
|
||||
{
|
||||
var receiverId = user.ReceiverId();
|
||||
var document = await mediator.Send(new ReadDocumentQuery(EnvelopeId: user.EnvelopeId()), cancellationToken);
|
||||
|
||||
if (document.Elements is not IEnumerable<DocReceiverElementDto> elements)
|
||||
return [];
|
||||
|
||||
return elements
|
||||
.Where(element => element.ReceiverId == receiverId)
|
||||
.Select(MapSignature)
|
||||
.Convert(UnitOfLength.Point)
|
||||
.ToList();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Loads the envelope receiver data for the specified envelope key.
|
||||
/// </summary>
|
||||
public async Task<ApplicationEnvelopeReceiverDto?> GetEnvelopeReceiverAsync(string envelopeKey, CancellationToken cancellationToken = default)
|
||||
{
|
||||
var result = await mediator.Send(new ReadEnvelopeReceiverQuery { Key = envelopeKey }, cancellationToken);
|
||||
return result.SingleOrDefault();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Loads the cached signature for the authenticated receiver.
|
||||
/// </summary>
|
||||
public async Task<SignatureCaptureDto?> GetCachedSignatureAsync(ClaimsPrincipal user, CancellationToken cancellationToken = default)
|
||||
{
|
||||
var json = await cache.GetStringAsync(GetSignatureCacheKey(user), cancellationToken);
|
||||
return json is null ? null : JsonSerializer.Deserialize<SignatureCaptureDto>(json);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Saves the cached signature for the authenticated receiver.
|
||||
/// </summary>
|
||||
public async Task SaveCachedSignatureAsync(ClaimsPrincipal user, SignatureCaptureDto signature, CancellationToken cancellationToken = default)
|
||||
{
|
||||
var json = JsonSerializer.Serialize(signature);
|
||||
var options = cacheOptions.Value.SignatureCacheExpiration.HasValue
|
||||
? new DistributedCacheEntryOptions { AbsoluteExpirationRelativeToNow = cacheOptions.Value.SignatureCacheExpiration.Value }
|
||||
: new DistributedCacheEntryOptions();
|
||||
|
||||
await cache.SetStringAsync(GetSignatureCacheKey(user), json, options, cancellationToken);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Deletes the cached signature for the authenticated receiver.
|
||||
/// </summary>
|
||||
public Task DeleteCachedSignatureAsync(ClaimsPrincipal user, CancellationToken cancellationToken = default)
|
||||
=> cache.RemoveAsync(GetSignatureCacheKey(user), cancellationToken);
|
||||
|
||||
private static string GetSignatureCacheKey(ClaimsPrincipal user)
|
||||
=> $"{SignatureCacheKeyPrefix}{user.ReceiverSignature()}";
|
||||
|
||||
private static SignatureDto MapSignature(DocReceiverElementDto element) => new()
|
||||
{
|
||||
Id = element.Id,
|
||||
X = element.X,
|
||||
Y = element.Y,
|
||||
Page = element.Page,
|
||||
SenderAppType = (EnvelopeGenerator.Server.Client.Models.Constants.SenderAppType)element.SenderAppType
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user