Azure · AlexanderSher · Nov 9, 2023 · Jul 10, 2023 · Jul 10, 2023 · Jul 10, 2023
@@ -2,11 +2,19 @@
 
 ## 1.0.0-beta.4 (Unreleased)
 
+### Features
+
+- Added metrics to header. Will be used to track the number of requests and responses for each action.
+
 ### Bugs Fixed
 
-- Updated ODataType signature
-- Empty or null response actions will throw a bad response
-- Made the source field in the request a required field
+- Updated ODataType signature. This was done to make sure the contracts were consistent across all services.
+- Empty or null response actions will throw a bad response. There should be at lease one action passed as this is the main purpose of the SDK library. 
+- Made the source field in the request a required field. 
+- Made the request validation errors return 500. This way, we can identify that 500 errors as internal and should be marked as failures whereas response object errors should return 400s since they are customer input errors and should be identified as CallerErrors in our service.
+- Made the ODataType field in the request a required field.
+- Made the errors for JSON payload more descriptive when an invalid character is passed.
+- Added JsonDocument TryParse check to validate payload is JSON format.
 
 ## 1.0.0-beta.3 (2022-12-13)
 
@@ -17,7 +25,7 @@
 - Added createdDateTime to AuthenticationEventContextUser
 - Added new request status type for validation failure.
 - Validation Errors raise 500 response.
-- Added CustomAuthenticaionExtensionId to Data.
+- Added CustomAuthenticationExtensionId to Data.
 - Removed AuthenticationEventsId from Data.
 
 ## 1.0.0-beta.2 (2022-11-08)

@@ -8,7 +8,7 @@ internal AuthenticationEventMetadataAttribute() { }
     }
     public partial class AuthenticationEventResponseHandler : Microsoft.Azure.WebJobs.Host.Bindings.IValueBinder, Microsoft.Azure.WebJobs.Host.Bindings.IValueProvider
     {
-        public AuthenticationEventResponseHandler() { }
+        internal AuthenticationEventResponseHandler() { }
         public Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.AuthenticationEventRequestBase Request { get { throw null; } }
         public Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.AuthenticationEventResponse Response { get { throw null; } }
         public System.Type Type { get { throw null; } }
@@ -34,6 +34,16 @@ public enum EventDefinition
         [Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.AuthenticationEventMetadataAttribute(typeof(Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.TokenIssuanceStart.TokenIssuanceStartRequest), "microsoft.graph.authenticationEvent.TokenIssuanceStart", "TokenIssuanceStart", "CloudEventActionableTemplate.json")]
         TokenIssuanceStart = 0,
     }
+    public sealed partial class EventTriggerMetrics
+    {
+        internal EventTriggerMetrics() { }
+        public const string MetricsHeader = "User-Agent";
+        public const string ProductName = "AuthenticationEvents";
+        public static string Framework { get { throw null; } }
+        public static Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.EventTriggerMetrics Instance { get { throw null; } }
+        public static string Platform { get { throw null; } }
+        public static string ProductVersion { get { throw null; } }
+    }
     public enum EventType
     {
         OnTokenIssuanceStart = 0,
@@ -45,6 +55,11 @@ public enum RequestStatusType
         Successful = 2,
         ValidationError = 3,
     }
+    public partial class RequestValidationException : System.Exception
+    {
+        public RequestValidationException(string message) { }
+        public RequestValidationException(string message, System.Exception innerException) { }
+    }
     public partial class ResponseValidationException : System.Exception
     {
         public ResponseValidationException(string message) { }
@@ -128,6 +143,7 @@ protected CloudEventData() { }
     public abstract partial class CloudEventRequest<TResponse, TData> : Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.AuthenticationEventRequest<TResponse, TData> where TResponse : Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.AuthenticationEventResponse, new() where TData : Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.CloudEventData
     {
         internal CloudEventRequest() { }
+        [System.ComponentModel.DataAnnotations.RequiredAttribute]
         [System.Text.Json.Serialization.JsonPropertyNameAttribute("oDataType")]
         public string ODataType { get { throw null; } set { } }
         [System.ComponentModel.DataAnnotations.RequiredAttribute]

@@ -1,11 +1,6 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework;
-using Microsoft.Azure.WebJobs.Host.Bindings;
-using Microsoft.Azure.WebJobs.Host.Listeners;
-using Microsoft.Azure.WebJobs.Host.Protocols;
-using Microsoft.Azure.WebJobs.Host.Triggers;
 using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
@@ -14,8 +9,14 @@
 using System.Linq;
 using System.Net.Http;
 using System.Reflection;
+using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework;
+using Microsoft.Azure.WebJobs.Host.Bindings;
+using Microsoft.Azure.WebJobs.Host.Listeners;
+using Microsoft.Azure.WebJobs.Host.Protocols;
+using Microsoft.Azure.WebJobs.Host.Triggers;
 using static Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.EmptyResponse;
 using AuthenticationEventMetadata = Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework.AuthenticationEventMetadata;
 
@@ -84,7 +85,8 @@ private static IReadOnlyDictionary<string, Type> GetBindingDataContract(Paramete
         public async Task<ITriggerData> BindAsync(object value, ValueBindingContext context)
         {
             var request = (HttpRequestMessage)value;
-            AuthenticationEventResponseHandler eventResponseHandler = (AuthenticationEventResponseHandler)request.Properties[AuthenticationEventResponseHandler.EventResponseProperty];
+            AuthenticationEventResponseHandler eventResponseHandler =
+                (AuthenticationEventResponseHandler)request.Properties[AuthenticationEventResponseHandler.EventResponseProperty];
             try
             {
                 if (request == null)
@@ -97,7 +99,15 @@ public async Task<ITriggerData> BindAsync(object value, ValueBindingContext cont
                 AuthenticationEventMetadata eventMetadata = GetEventAndValidateSchema(payload);
 
                 eventResponseHandler.Request = GetRequestForEvent(request, payload, eventMetadata, Claims);
-                return new TriggerData(new AuthenticationEventValueBinder(eventResponseHandler.Request, _authEventTriggerAttr), GetBindingData(context, value, eventResponseHandler))
+
+                return new TriggerData(
+                    new AuthenticationEventValueBinder(
+                        eventResponseHandler.Request,
+                        _authEventTriggerAttr),
+                        GetBindingData(
+                            context,
+                            value,
+                            eventResponseHandler))
                 {
                     ReturnValueProvider = eventResponseHandler
                 };
@@ -118,7 +128,12 @@ public async Task<ITriggerData> BindAsync(object value, ValueBindingContext cont
         /// <returns>A TriggerData Object with the failed event request based on the event. With the related request status set.</returns>
         /// <seealso cref="TriggerData" />
         /// <seealso cref="AuthenticationEventResponseHandler" />
-        private TriggerData GetFaultyRequest(ValueBindingContext context, object value, HttpRequestMessage request, AuthenticationEventResponseHandler eventResponseHandler, Exception ex)
+        private TriggerData GetFaultyRequest(
+            ValueBindingContext context,
+            object value,
+            HttpRequestMessage request,
+            AuthenticationEventResponseHandler eventResponseHandler,
+            Exception ex)
         {
             eventResponseHandler.Request = _parameterInfo.ParameterType == typeof(string) ? new EmptyRequest(request) : AuthenticationEventMetadata.CreateEventRequest(request, _parameterInfo.ParameterType, null);
             eventResponseHandler.Request.StatusMessage = ex.Message;
@@ -127,6 +142,7 @@ private TriggerData GetFaultyRequest(ValueBindingContext context, object value,
             {
                 UnauthorizedAccessException => RequestStatusType.TokenInvalid,
                 ValidationException => RequestStatusType.ValidationError,
+                RequestValidationException => RequestStatusType.ValidationError,
                 _ => RequestStatusType.Failed,
             };
 
@@ -228,11 +244,18 @@ private async Task<Dictionary<string, string>> GetClaimsAndValidateRequest(HttpR
         /// <returns>The Event Metadata object.</returns>
         /// <exception cref="AggregateException">Aggregates all the schema validation exceptions.</exception>
         /// <exception cref="Exception">IF the event cannot be determined or if the object model event differs from the requested event on the incoming payload.</exception>
-        private static AuthenticationEventMetadata GetEventAndValidateSchema(string body)
+        internal static AuthenticationEventMetadata GetEventAndValidateSchema(string body)
         {
-            if (!Helpers.IsJson(body))
+            try
+            {
+                if (!Helpers.IsJson(body))
+                {
+                    throw new RequestValidationException(AuthenticationEventResource.Ex_Invalid_JsonPayload);
+                }
+            }
+            catch (JsonException ex)
             {
-                throw new InvalidDataException();
+                throw new RequestValidationException($"{AuthenticationEventResource.Ex_Invalid_JsonPayload}: {ex.Message}", ex.InnerException);
             }
 
             return AuthenticationEventMetadataLoader.GetEventMetadata(body);

@@ -117,7 +117,10 @@ public async Task<HttpResponseMessage> ConvertAsync(HttpRequestMessage input, Ca
                 };
 
                 FunctionResult result = await listener.Value.FunctionExecutor.TryExecuteAsync(triggerData, cancellationToken).ConfigureAwait(false);
-                return result.Succeeded ? (HttpResponseMessage)eventsResponseHandler.Response : Helpers.HttpErrorResponse(result.Exception);
+
+                return result.Succeeded ?
+                    eventsResponseHandler.Response :
+                    Helpers.HttpErrorResponse(result.Exception);
             }
             catch (Exception ex)
             {

@@ -153,8 +153,8 @@
   <data name="Ex_Invalid_JsonPath" xml:space="preserve">
     <value>Cannot find json path set value</value>
   </data>
-  <data name="Ex_Invalid_Payload" xml:space="preserve">
-    <value>Invalid Payload detected.</value>
+  <data name="Ex_Invalid_JsonPayload" xml:space="preserve">
+    <value>Invalid Json Payload</value>
   </data>
   <data name="Ex_Invalid_Response" xml:space="preserve">
     <value>Response validation failed, see inner exceptions.</value>

@@ -1,19 +1,18 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using Microsoft.AspNetCore.Http;
-using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework;
-using Microsoft.Azure.WebJobs.Host.Bindings;
 using System;
 using System.Buffers;
-using System.ComponentModel.DataAnnotations;
 using System.Globalization;
 using System.IO;
 using System.Net.Http;
 using System.Text;
 using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents.Framework;
+using Microsoft.Azure.WebJobs.Host.Bindings;
 
 namespace Microsoft.Azure.WebJobs.Extensions.AuthenticationEvents
 {
@@ -24,9 +23,26 @@ public class AuthenticationEventResponseHandler : IValueBinder
         /// <summary>The response property.</summary>
         internal const string EventResponseProperty = "$event$response";
 
+        private AuthenticationEventResponse _response;
+
         /// <summary>Gets or sets the action result.</summary>
         /// <value>The action result.</value>
-        public AuthenticationEventResponse Response { get; internal set; }
+        public AuthenticationEventResponse Response
+        {
+            get => _response;
+            private set
+            {
+                if (value != null)
+                {
+                    _response = value;
+
+                    // Set metrics on the headers for the response
+                    EventTriggerMetrics.Instance.SetMetricHeaders(_response);
+                }
+            }
+        }
+
+        internal AuthenticationEventResponseHandler() { }
 
         /// <summary>Gets the type.</summary>
         /// <value>The type.</value>
@@ -69,7 +85,7 @@ public Task SetValueAsync(object result, CancellationToken cancellationToken)
                     AuthenticationEventResponse response = Request.GetResponseObject();
                     if (response == null)
                     {
-                        throw new InvalidOperationException(AuthenticationEventResource.Ex_Missing_Request_Response);
+                        throw new RequestValidationException(AuthenticationEventResource.Ex_Missing_Request_Response);
                     }
 
                     Response = GetActionResult(result, response);
@@ -209,9 +225,19 @@ internal static AuthenticationEventJsonElement GetJsonObjectFromStream(Stream st
 
         internal static AuthenticationEventJsonElement GetJsonObjectFromString(string result)
         {
-            return !Helpers.IsJson(result)
-                ? throw new InvalidCastException(AuthenticationEventResource.Ex_Invalid_Return)
-                : new AuthenticationEventJsonElement(result);
+            try
+            {
+                if (!Helpers.IsJson(result))
+                {
+                    throw new ResponseValidationException(AuthenticationEventResource.Ex_Invalid_Return);
+                }
+            }
+            catch (JsonException ex)
+            {
+                throw new ResponseValidationException($"{AuthenticationEventResource.Ex_Invalid_Return}: {ex.Message}", ex.InnerException);
+            }
+
+            return new AuthenticationEventJsonElement(result);
         }
 
         internal static AuthenticationEventResponse GetAuthEventFromJObject(AuthenticationEventJsonElement result, AuthenticationEventResponse response)