feat: add EnvelopeKeyRedirController to redirect /EnvelopeKey/{*path} to /Envelope/{*path}

EnvelopeGenerator.Application/EnvelopeReceivers/Queries/ReadEnvelopeReceiverQuery.cs

@@ -66,6 +66,22 @@ public static class Extensions
         var q = new ReadEnvelopeReceiverQuery() { Key = key };
         return mediator.Send(q, cancel).Then(envRcvs => envRcvs.FirstOrDefault());
     }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="mediator"></param>
+    /// <param name="uuid"></param>
+    /// <param name="signature"></param>
+    /// <param name="cancel"></param>
+    /// <returns></returns>
+    public static Task<EnvelopeReceiverDto?> ReadEnvelopeReceiverAsync(this IMediator mediator, string uuid, string signature, CancellationToken cancel = default)
+    {
+        var q = new ReadEnvelopeReceiverQuery();
+        q.Envelope.Uuid = uuid;
+        q.Receiver.Signature = signature;
+        return mediator.Send(q, cancel).Then(envRcvs => envRcvs.FirstOrDefault());
+    }
 }
 
 /// <summary>

EnvelopeGenerator.Application/Model/EnvelopeQueryBase.cs

@@ -8,10 +8,10 @@ public record EnvelopeQueryBase
     /// <summary>
     /// Die eindeutige Kennung des Umschlags.
     /// </summary>
-    public virtual int? Id { get; init; }
+    public virtual int? Id { get; set; }
 
     /// <summary>
     /// Die universell eindeutige Kennung des Umschlags.
     /// </summary>
-    public virtual string? Uuid { get; init; }
+    public virtual string? Uuid { get; set; }
 }

EnvelopeGenerator.Web/Controllers/EnvelopeController.cs

@@ -41,8 +41,8 @@ public class EnvelopeController : ControllerBase
     }
 
     [Authorize(Roles = ReceiverRole.FullyAuth)]
-    [HttpPost("{envelopeKey}")]
+    [HttpPost]
-    public async Task<IActionResult> CreateOrUpdate([FromRoute] string envelopeKey, [FromBody] ExpandoObject annotations, CancellationToken cancel = default)
+    public async Task<IActionResult> CreateOrUpdate([FromBody] ExpandoObject annotations, CancellationToken cancel = default)
     {
         // get claims
         var signature = User.GetAuthReceiverSignature();
@@ -58,11 +58,12 @@ public class EnvelopeController : ControllerBase
         if (await _mediator.IsSignedAsync(uuid, signature, cancel))
             return Problem(statusCode: 403);
 
-        var notification = await _mediator.ReadEnvelopeReceiverAsync(envelopeKey, cancel)
+        var docSignedNotification = await _mediator
+            .ReadEnvelopeReceiverAsync(uuid, signature, cancel)
             .ToDocSignedNotification(annotations)
             ?? throw new NotFoundException("Envelope receiver is not found.");
 
-        await _mediator.Publish(notification, cancel);
+        await _mediator.Publish(docSignedNotification, cancel);
 
         return Ok();
     }

EnvelopeGenerator.Web/Controllers/EnvelopeKeyRedirController.cs

@@ -0,0 +1,13 @@
+using Microsoft.AspNetCore.Mvc;
+
+namespace EnvelopeGenerator.Web.Controllers;
+
+[Route("EnvelopeKey")]
+public class EnvelopeKeyRedirController : Controller
+{
+    /// <summary>
+    /// Redirects /EnvelopeKey/{*path} -> /Envelope/{*path}
+    /// </summary>
+    [HttpGet("{*path}")]
+    public IActionResult RedirectToEnvelope(string path) => Redirect($"/Envelope/{path}");
+}

EnvelopeGenerator.Web/Controllers/HomeController.cs

@@ -22,6 +22,7 @@ using EnvelopeGenerator.Domain.Constants;
 
 namespace EnvelopeGenerator.Web.Controllers;
 
+[Route("Envelope")]
 public class HomeController : ViewControllerBase
 {
     [Obsolete("Use MediatR")]
@@ -63,7 +64,7 @@ public class HomeController : ViewControllerBase
         });
     }
 
-    [HttpGet("EnvelopeKey/{envelopeReceiverId}")]
+    [HttpGet("{envelopeReceiverId}")]
     [Obsolete("Use MediatR")]
     public async Task<IActionResult> MainAsync([FromRoute] string envelopeReceiverId)
     {
@@ -107,7 +108,7 @@ public class HomeController : ViewControllerBase
         }
     }
 
-    [HttpGet("EnvelopeKey/{envelopeReceiverId}/Locked")]
+    [HttpGet("{envelopeReceiverId}/Locked")]
     [Obsolete("Use DigitalData.Core.Exceptions and .Middleware")]
     public async Task<IActionResult> EnvelopeLocked([FromRoute] string envelopeReceiverId)
     {
@@ -294,7 +295,7 @@ public class HomeController : ViewControllerBase
     }
     #endregion
 
-    [HttpPost("EnvelopeKey/{envelopeReceiverId}/Locked")]
+    [HttpPost("{envelopeReceiverId}/Locked")]
     [Obsolete("Use MediatR")]
     public async Task<IActionResult> LogInEnvelope([FromRoute] string envelopeReceiverId, [FromForm] Auth auth)
     {
@@ -367,7 +368,7 @@ public class HomeController : ViewControllerBase
     }    
 
     [Authorize(Roles = ReceiverRole.FullyAuth)]
-    [HttpGet("EnvelopeKey/{envelopeReceiverId}/Success")]
+    [HttpGet("{envelopeReceiverId}/Success")]
     [Obsolete("Use DigitalData.Core.Exceptions and .Middleware")]
     public async Task<IActionResult> EnvelopeSigned(string envelopeReceiverId, CancellationToken cancel)
     {
@@ -381,7 +382,7 @@ public class HomeController : ViewControllerBase
 
                     var signed = await _mediator.IsSignedAsync(envelopeReceiverId, cancel);
                     if (signed)
-                        return base.Redirect($"/EnvelopeKey/{envelopeReceiverId}/Locked");
+                        return base.Redirect($"/Envelope/{envelopeReceiverId}/Locked");
 
                     await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
                     ViewData["EnvelopeKey"] = envelopeReceiverId;
@@ -401,7 +402,7 @@ public class HomeController : ViewControllerBase
     }
 
     [Authorize(Roles = ReceiverRole.FullyAuth)]
-    [HttpGet("EnvelopeKey/{envelopeReceiverId}/Rejected")]
+    [HttpGet("{envelopeReceiverId}/Rejected")]
     [Obsolete("Use MediatR")]
     public async Task<IActionResult> EnvelopeRejected(string envelopeReceiverId)
     {
@@ -413,7 +414,7 @@ public class HomeController : ViewControllerBase
                 {
                     return await _historyService.IsRejected(envelopeId: er.EnvelopeId)
                         ? View(er)
-                        : Redirect($"/EnvelopeKey/{envelopeReceiverId}/Locked");
+                        : Redirect($"/Envelope/{envelopeReceiverId}/Locked");
 
                 },
                 Fail: IActionResult (messages, notices) =>
@@ -429,7 +430,7 @@ public class HomeController : ViewControllerBase
         }
     }
 
-    [HttpGet("EnvelopeKey/{readOnlyKey}/ReadOnly")]
+    [HttpGet("{readOnlyKey}/ReadOnly")]
     [Obsolete("Use MediatR")]
     public async Task<IActionResult> EnvelopeReceiverReadOnly([FromRoute] string readOnlyKey)
     {
@@ -499,7 +500,7 @@ public class HomeController : ViewControllerBase
     }
 
     [Authorize(Roles = ReceiverRole.FullyAuth)]
-    [HttpGet("IsAuthenticated")]
+    [HttpGet("/IsAuthenticated")]
     public IActionResult IsAuthenticated()
     {
         var envelopeUuid = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
@@ -507,7 +508,7 @@ public class HomeController : ViewControllerBase
         return Ok(new { EnvelopeUuid = envelopeUuid, ReceiverSignature = receiverSignature });
     }
 
-    [HttpPost("lang/{culture}")]
+    [HttpPost("/lang/{culture}")]
     public IActionResult SetLanguage([FromRoute] string culture)
     {
         try
@@ -526,7 +527,7 @@ public class HomeController : ViewControllerBase
         }
     }
 
-    [HttpGet("lang")]
+    [HttpGet("/lang")]
     public IActionResult GetLanguages() => Ok(_cultures.Languages);
 
     public IActionResult Error404() => this.ViewError404();

EnvelopeGenerator.Web/Controllers/ViewControllerBase.cs

@@ -1,5 +1,4 @@
 using EnvelopeGenerator.Web.Models;
-using Ganss.Xss;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Localization;
 using EnvelopeGenerator.Application.Resources;

EnvelopeGenerator.Web/wwwroot/js/api-service.js

@@ -10,7 +10,7 @@ class API {
   }
 
   static get REJECT_REDIR_URL() {
-    return `/envelopekey/${API.ENV_KEY}/rejected`;
+    return `/envelope/${API.ENV_KEY}/rejected`;
   }
 
   static get SHARE_URL() {

EnvelopeGenerator.Web/wwwroot/js/app.js

@@ -145,7 +145,7 @@ class App {
 
                 if (result == true) {
                     // Redirect to success page after saving to database
-                    window.location.href = `/EnvelopeKey/${this.envelopeKey}/Success`
+                    window.location.href = `/Envelope/${this.envelopeKey}/Success`
                 }
                 break;
 
@@ -272,7 +272,7 @@ class App {
 
                 // Export annotation data and save to database
                 try {
-                    const res = await postEnvelope(this.envelopeKey, await iJSON);
+                    const res = await postEnvelope(await iJSON);
 
                     if (!res.ok) {
                         if (res.status === 403) {

EnvelopeGenerator.Web/wwwroot/js/network.js

@@ -1,19 +1,15 @@
 /**
  * Fetches CSRF Token from page
- * @returns
  */
-function getCSRFToken() {
+const csrfToken = { 'X-XSRF-TOKEN': document.getElementsByName('__RequestVerificationToken')[0].value };
-    const token = document.getElementsByName('__RequestVerificationToken')[0].value
-    return { 'X-XSRF-TOKEN': token }
-}
 
 /**
  * Save signature data to server
  * @param {any} envelopeKey
  * @param {any} annotations
  */
-function postEnvelope(envelopeKey, annotations) {
+function postEnvelope(annotations) {
-    const token = getCSRFToken()
+    const token = csrfToken
     const options = {
         credentials: 'include',
         method: 'POST',
@@ -24,7 +20,7 @@ function postEnvelope(envelopeKey, annotations) {
         body: JSON.stringify(annotations)
     }
 
-    return fetch(`/api/envelope/${envelopeKey}`, options)
+    return fetch(`/api/envelope`, options)
 }
 
 async function setLangAsync(language, flagCode) {