The `UseDbMigration` setting in the `appsettings.json` file was updated from `true` to `false`. This change disables automatic application of database migrations, potentially requiring manual intervention or an alternative approach for managing schema updates.
Added a new `GetEnvelopeReceiverOfReceiver` method in the
`EnvelopeReceiverController` to retrieve an envelope receiver
based on the provided `envelopeKey`. The method is secured
with the `Receiver` authorization policy and uses the
`_mediator.Send` method to process a `ReadEnvelopeReceiverQuery`.
Included the `Microsoft.Extensions.Options` namespace to
support potential configuration needs. Added XML documentation
placeholders for the new method.
Updated DocumentController to include a new GetDocumentOfReceiver
endpoint for retrieving envelope documents. Added authorization
based on the Receiver policy and implemented error handling for
invalid or missing EnvelopeId claims. Integrated ILogger to log
errors and provide detailed diagnostics. Included necessary
namespace imports to support the new functionality.
Enhanced token validation logic by introducing an `OnTokenValidated` event handler. This ensures the `envelopeKey` in the request path matches the token's subject (`sub` claim). Added `return Task.CompletedTask;` to complete asynchronous operations. These changes improve security by preventing mismatches or unauthorized access.
Added `AddEnvelopeReceiverLoginOperation` to `AuthProxyDocumentFilter` to define a new Swagger operation for the `/api/Auth/envelope-receiver/{key}` endpoint. Introduced the `EnvelopeReceiverLogin` record for the request body. Updated `yarp.json` to configure routing for the new endpoint, ensuring the `cookie` query parameter is always set to `true`. Modified `Apply` to include the new operation in Swagger documentation.
Added two new endpoints to `AuthController`: `LogoutEnvelopeReceiver` for removing a specific per-envelope receiver cookie and `LogoutAllEnvelopeReceivers` for clearing all such cookies. Updated `DigitalData.Auth.Claims` package to version 1.0.3. Introduced new `using` directives to support the added functionality. Included XML documentation for the new endpoints to improve code clarity.
Introduced a new `EnvelopeReceiverJwt` authentication scheme to support per-envelope JWT validation using cookies specific to envelope keys. Added the `CheckEnvelopeReceiver` endpoint in `AuthController.cs` to validate these tokens, protected by the `AuthPolicy.Receiver` policy.
Configured the `EnvelopeReceiverJwt` scheme to dynamically resolve issuer signing keys and validate tokens. Enhanced `JwtBearerEvents.OnMessageReceived` to extract envelope keys from the request path and retrieve tokens from corresponding cookies.
Updated the `AuthPolicy.Receiver` policy to use the `EnvelopeReceiverJwt` scheme, ensuring isolated authentication for per-envelope scenarios. Added XML documentation for the `CheckEnvelopeReceiver` method.
Introduce a new `CheckReceiver` action method in `AuthController`.
This method is protected by the `Receiver` authorization policy
and handles GET requests to the `check-receiver/{envelopeKey}` route.
It accepts an `envelopeKey` parameter from the route and currently
returns an HTTP 200 OK response.
- Added `using DigitalData.Auth.Claims` to support claims handling.
- Improved EF Core DbContext comment for better clarity.
- Added logic to dynamically select connection strings based on
`MIGRATION_TEST_MODE` or `UseDbMigration` configuration.
- Updated `AuthPolicy.Receiver` to include the `"receiver"` role.
Added a reference to the `DigitalData.Auth.Claims` package (version 1.0.1) in the `EnvelopeGenerator.API.csproj` file. This introduces functionality related to handling authentication claims in the project.
Added SixLabors.ImageSharp (v3.1.12) as a dependency to API, Application, Infrastructure, Jobs, Tests, Web, and WorkerService projects to enable advanced image processing capabilities across the solution. This prepares the codebase for features involving image manipulation or generation.
Upgraded Microsoft.Identity.Client to version 4.82.1 in all projects, updated related assembly references and binding redirects, and ensured packages.config reflects the new version. Also updated Microsoft.IdentityModel.Abstractions to 8.14.0 and added System.Formats.Asn1 where required. These changes improve consistency and compatibility for authentication dependencies.
Upgraded HtmlSanitizer from 8.0.865 to 9.0.892 in all existing project references. Added HtmlSanitizer 9.0.892 as a new dependency to API, Infrastructure, Jobs, Tests, and WorkerService projects to ensure consistent and up-to-date usage throughout the solution.
Marked CreateAsync in ReadOnlyController as [Obsolete] to encourage use of MediatR. Simplified Flag.DataIntegrityIssue reference in EnvelopeMailService error handling.
Simplified the Get method to always require a ReadEmailTemplateQuery and CancellationToken, delegating all queries to the mediator. Removed conditional logic for handling null or missing parameters. Updated XML documentation to reflect the new method signature.
Introduced IHasChangedWhen interface to EnvelopeReceiver and History.
Added HasEmailAndName property to EnvelopeReceiver.
Updated AutoMapperAuditingExtensions to map ChangedWhen to UTC.
Removed redundant using statements and fixed formatting.
Refactored ReadEmailTemplateQuery and handler to use non-nullable EmailTemplateDto, throwing NotFoundException when no template is found. Updated namespaces and using statements for consistency. Added detailed XML docs for query properties. Controller updated to reference new query namespace.
Replaced EmailTemplateQueryBase record with IEmailTemplateQuery interface for email template queries. Updated all relevant commands, queries, and controller methods to use the new interface. Removed EmailTemplateQueryBase and migrated properties to implementing classes. Improved documentation to clarify query structure and Type property usage.
Replaced specific Update command import with general Commands namespace import to streamline access to all command classes. No functional changes made.
Refactored the EmailTemplateQuery record to EmailTemplateQueryBase across the codebase. Updated all references, method signatures, inheritance, and documentation to use the new base type. No functional changes; this improves clarity and generalization for email template queries.
- Enforce [Authorize(Policy = AuthPolicy.Sender)] on controller
- Switch to primary constructor for dependency injection
- Remove obsolete constructor and private fields
- Update method logic to use constructor parameters directly
- Improve XML documentation and code clarity
- Ensure consistent use of MediatR for command/query handling
Refactored DocumentController to use IAuthorizationService and async policy checks via IsUserInPolicyAsync instead of role checks. Implemented IAuthController interface and removed ILogger dependency. Updated usings for new authorization logic.
Refactored AuthController to implement IAuthController and expose AuthService. Removed the protected IsUserInPolicyAsync method in favor of using an extension method for policy checks. Updated the Logout logic to use the new approach. Consolidated using directives into a single line.
Introduced IAuthController with AuthService and User properties to standardize authentication handling. Added AuthorizationControllerExtensions with IsUserInPolicyAsync to simplify policy-based authorization checks. Included necessary using directives.
Deleted the AuthExtensions.cs file, which included the AuthorizePolicyAsync extension for IAuthorizationService. This method and related code were no longer needed.
Introduce IsUserInPolicyAsync for cleaner policy checks in AuthController and update Logout to use it. Adjust Logout's response type to void and improve documentation and formatting.
- Inject IAuthorizationService for flexible policy checks
- Replace role checks in Logout with async policy authorization
- Merge IsAuthenticated into Check endpoint with optional role
- Update Check response type and clean up imports
Introduced a static AuthExtensions class providing an AuthorizePolicyAsync extension method for IAuthorizationService. This method streamlines policy-based authorization checks by returning a boolean result for a given user and policy name.
Renamed receiver roles FullyAuth → Receiver.Full and PreAuth → Receiver.TFA across the codebase for improved clarity and consistency. Updated all usages, [Authorize] attributes, role checks, authentication logic, and authorization policies to use the new role names. Marked old constants as obsolete and pointed them to the new values. This change enhances code readability and groups receiver roles under the Receiver static class.
Replaced direct role-based [Authorize] attributes with named
authorization policies (e.g., AuthPolicy.Receiver,
AuthPolicy.SenderOrReceiver) in AnnotationController,
DocumentController, and ReadOnlyController. Added and registered
new policies in Program.cs and updated AuthPolicy constants.
This centralizes and simplifies authorization management.
Replaced SenderOrReceiverFullyAuth and ReceiverFullyAuth policies with more general SenderOrReceiver and Receiver policies. Updated policy definitions in AuthPolicy.cs to use nameof for clarity. Adjusted AddAuthorizationBuilder configuration and [Authorize] attributes in controllers to use the new, less restrictive policies, simplifying authorization logic.
Renamed AuthorizationPolicies to AuthPolicy and updated all references to use the new naming convention for authorization policy constants. This improves consistency and clarity across the codebase.
Switched from AddAuthorization to AddAuthorizationBuilder for
defining authorization policies, resulting in more concise and
modern code. Policy logic and requirements remain unchanged.
Replaced role-based [Authorize] attributes with policy-based ones in AuthController and TfaRegistrationController. This centralizes authorization logic and allows for more flexible access control.
Introduce SenderOrReceiverFullyAuth and ReceiverFullyAuth policies for role-based authorization. Register these policies in Program.cs. Also, fix OpenApiReference type for Swagger security configuration.
- Change AuthController to use IOptions<AuthTokenKeys> for config
- Restrict Logout and new Check endpoints to Sender and Receiver.FullyAuth roles
- Update Logout logic to handle cookie deletion or sign-out based on user role
- Add GET /api/auth/check to verify user role via query param
- Add necessary using statements for new dependencies
Introduced AuthProxyDocumentFilter to programmatically document the POST /api/auth proxy login endpoint in Swagger. The filter defines request body schemas, example values, query parameter, and response codes. Registered the filter in Program.cs for OpenAPI generation.
Changed the default Audience property in AuthTokenKeys from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" to reflect the correct expected audience for authentication tokens.
Removed the previous Login method from AuthController, including its XML documentation and Swagger/OpenAPI annotations. This prepares the controller for a revised authentication implementation.
Integrated YARP by adding the Yarp.ReverseProxy package, including yarp.json for proxy configuration, and updating Program.cs to load and map reverse proxy routes. This enables the API to forward requests based on yarp.json settings.
Configured yarp.json to proxy POST /api/auth requests to the
auth-hub cluster at http://172.24.12.39:9090, rewriting the
path to /api/auth/sign-flow before forwarding.
Combined sender and receiver document retrieval into a single
GetDocument endpoint. The endpoint now authorizes both Sender
and Receiver.FullyAuth roles, handling their logic based on
role detection. Sender requires a query parameter; receiver
extracts envelope ID from claims and disallows query params.
Updated method signature and endpoint documentation.
- Updated DocumentController to use class-level [Authorize] and method-level role-based authorization for sender and receiver endpoints.
- Replaced ReadEnvelopeReceiverQuery with ReadDocumentQuery for sender document retrieval; simplified response logic.
- Added a new endpoint for fully authenticated receivers to fetch documents by envelope ID from user claims.
- Refactored ReadDocumentQuery and handler to always return DocumentDto, throw NotFoundException when needed, and use _repo.Query.
- Cleaned up using directives and removed legacy error handling and logging.
Refactored AuthController to use C# 12 primary constructor syntax for ILogger<AuthController> injection. Removed obsolete IUserService and IDirectorySearchService dependencies, their fields, and the old constructor. This streamlines the controller and prepares it for MediatR-based service handling.
Added a private extension method GetRequiredClaimOfSender to ClaimsPrincipal for retrieving the first available value from multiple claim types, throwing a detailed exception if none are found. Refactored GetId to use this method, improving code reuse and clarity when handling user claims.
Replaced nullable claim accessors with strict versions that throw exceptions if required claims are missing or invalid. Updated controller logic to use new methods and removed fallback/error handling for missing claims, ensuring stricter claim validation throughout the codebase.
Renamed the extension class for claims handling and added a private GetRequiredClaimOfSender method for ClaimsPrincipal. This method throws a detailed exception when a required claim is missing, improving error reporting and debugging.
Refactored the class name in ReceiverClaimExtensions.cs to better reflect its focus on receiver-specific claim extension methods rather than general envelope authentication. No functional changes were made.
Renamed authentication-related extension methods to clarify that they extract claims for the "receiver" context (e.g., GetAuthReceiverSignature → GetReceiverSignatureOfReceiver). Updated all usages in AnnotationController and ReadOnlyController. Also renamed the helper method GetRequiredClaim to GetRequiredClaimOfReceiver for improved clarity and reduced ambiguity.
