diff --git a/.gitignore b/.gitignore index 1b63209d..3f342ef8 100644 --- a/.gitignore +++ b/.gitignore @@ -18,6 +18,9 @@ # Mono auto generated files mono_crash.* +# intellij +.idea + # Build results [Dd]ebug/ [Dd]ebugPublic/ diff --git a/CHANGELOG.md b/CHANGELOG.md index 8d4e8cc6..941fd0a8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ All notable changes to this project will be documented in this file. See [versionize](https://github.com/versionize/versionize) for commit guidelines. + +## [1.0.11](https://www.github.com/bcgov/JAG-JPIDP/releases/tag/v1.0.11) (2024-1-31) + ## [1.0.9](https://www.github.com/bcgov/JAG-JPIDP/releases/tag/v1.0.9) (2024-1-6) diff --git a/backend/ApprovalFlow/ApprovalFlow.csproj b/backend/ApprovalFlow/ApprovalFlow.csproj index 195576d4..dee2b930 100644 --- a/backend/ApprovalFlow/ApprovalFlow.csproj +++ b/backend/ApprovalFlow/ApprovalFlow.csproj @@ -4,7 +4,7 @@ net6.0 enable enable - 1.0.9 + 1.0.11 Linux diff --git a/backend/NotificationService/Kafka/ConsumerSetup.cs b/backend/NotificationService/Kafka/ConsumerSetup.cs index d73e37df..bf581df2 100644 --- a/backend/NotificationService/Kafka/ConsumerSetup.cs +++ b/backend/NotificationService/Kafka/ConsumerSetup.cs @@ -24,7 +24,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerTokenEndpointUrl = config.KafkaCluster.SaslOauthbearerTokenEndpointUrl, SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SslCertificateLocation = config.KafkaCluster.SslCertificateLocation, SslKeyLocation = config.KafkaCluster.SslKeyLocation @@ -38,7 +38,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerTokenEndpointUrl = config.KafkaCluster.SaslOauthbearerTokenEndpointUrl, SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SaslOauthbearerClientId = config.KafkaCluster.SaslOauthbearerProducerClientId, SaslOauthbearerClientSecret = config.KafkaCluster.SaslOauthbearerProducerClientSecret, diff --git a/backend/NotificationService/NotificationService.csproj b/backend/NotificationService/NotificationService.csproj index 1660da6a..8546e99b 100644 --- a/backend/NotificationService/NotificationService.csproj +++ b/backend/NotificationService/NotificationService.csproj @@ -6,7 +6,7 @@ enable 0932d320-0272-4127-af4d-01fae4f7c4c8 Linux - 1.0.9 + 1.0.11 diff --git a/backend/NotificationService/NotificationServiceConfiguration.cs b/backend/NotificationService/NotificationServiceConfiguration.cs index 941b4f96..27b57570 100644 --- a/backend/NotificationService/NotificationServiceConfiguration.cs +++ b/backend/NotificationService/NotificationServiceConfiguration.cs @@ -33,7 +33,7 @@ public class KafkaClusterConfiguration public string SslKeyLocation { get; set; } = string.Empty; public string Scope { get; set; } = "openid"; public string ConsumerGroupId { get; set; } = "jum-notification-consumer-group"; - + public string HostnameVerification { get; set; } = "Https"; } diff --git a/backend/common/Common.csproj b/backend/common/Common.csproj index b251c15e..7df2497c 100644 --- a/backend/common/Common.csproj +++ b/backend/common/Common.csproj @@ -5,7 +5,7 @@ enable enable Linux - 1.0.9 + 1.0.11 diff --git a/backend/edt.casemanagement/ConsumerSetup.cs b/backend/edt.casemanagement/ConsumerSetup.cs index 141d7d04..bbf6a314 100644 --- a/backend/edt.casemanagement/ConsumerSetup.cs +++ b/backend/edt.casemanagement/ConsumerSetup.cs @@ -32,7 +32,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SocketKeepaliveEnable = true, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, ConnectionsMaxIdleMs = 600000, SslCertificateLocation = config.KafkaCluster.SslCertificateLocation, @@ -49,7 +49,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerScope = config.KafkaCluster.Scope, ClientId = Dns.GetHostName(), RequestTimeoutMs = 60000, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SaslOauthbearerClientId = config.KafkaCluster.SaslOauthbearerProducerClientId, SaslOauthbearerClientSecret = config.KafkaCluster.SaslOauthbearerProducerClientSecret, diff --git a/backend/edt.casemanagement/EdtServiceConfiguration.cs b/backend/edt.casemanagement/EdtServiceConfiguration.cs index 55bb4daa..b836b760 100644 --- a/backend/edt.casemanagement/EdtServiceConfiguration.cs +++ b/backend/edt.casemanagement/EdtServiceConfiguration.cs @@ -106,6 +106,8 @@ public class KafkaClusterConfiguration : BaseKafkafiguration public string AckTopicName { get; set; } = string.Empty; public string ConsumerGroupId { get; set; } = "caseaccess-consumer-group"; public string RetryConsumerGroupId { get; set; } = "caseaccess-retry-consumer-group"; + public string HostnameVerification { get; set; } = "Https"; + } diff --git a/backend/edt.casemanagement/Kafka/ConsumerSetup.cs b/backend/edt.casemanagement/Kafka/ConsumerSetup.cs index 40b8f97e..1c8767fd 100644 --- a/backend/edt.casemanagement/Kafka/ConsumerSetup.cs +++ b/backend/edt.casemanagement/Kafka/ConsumerSetup.cs @@ -29,7 +29,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SocketKeepaliveEnable = true, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, ConnectionsMaxIdleMs = 600000, SslCertificateLocation = config.KafkaCluster.SslCertificateLocation, @@ -46,7 +46,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerScope = config.KafkaCluster.Scope, ClientId = Dns.GetHostName(), RequestTimeoutMs = 60000, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SaslOauthbearerClientId = config.KafkaCluster.SaslOauthbearerProducerClientId, SaslOauthbearerClientSecret = config.KafkaCluster.SaslOauthbearerProducerClientSecret, diff --git a/backend/edt.casemanagement/edt.casemanagement.csproj b/backend/edt.casemanagement/edt.casemanagement.csproj index a139e12e..e0cc1627 100644 --- a/backend/edt.casemanagement/edt.casemanagement.csproj +++ b/backend/edt.casemanagement/edt.casemanagement.csproj @@ -4,7 +4,7 @@ net6.0 enable enable - 1.0.9 + 1.0.11 Linux diff --git a/backend/edt.disclosure/EdtDisclosureServiceConfiguration.cs b/backend/edt.disclosure/EdtDisclosureServiceConfiguration.cs index ad143362..1ce61f56 100644 --- a/backend/edt.disclosure/EdtDisclosureServiceConfiguration.cs +++ b/backend/edt.disclosure/EdtDisclosureServiceConfiguration.cs @@ -120,6 +120,7 @@ public class KafkaClusterConfiguration public string ConsumerGroupId { get; set; } = "disclosure-consumer-group"; public string RetryConsumerGroupId { get; set; } = "disclosure-retry-consumer-group"; public string CoreFolioCreationNotificationTopic { get; set; } = string.Empty; + public string HostnameVerification { get; set; } = "Https"; } diff --git a/backend/edt.disclosure/Kafka/ConsumerSetup.cs b/backend/edt.disclosure/Kafka/ConsumerSetup.cs index adc9f62d..150fa109 100644 --- a/backend/edt.disclosure/Kafka/ConsumerSetup.cs +++ b/backend/edt.disclosure/Kafka/ConsumerSetup.cs @@ -35,7 +35,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SocketKeepaliveEnable = true, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, ConnectionsMaxIdleMs = 600000, SslCertificateLocation = config.KafkaCluster.SslCertificateLocation, @@ -52,7 +52,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerScope = config.KafkaCluster.Scope, ClientId = Dns.GetHostName(), RequestTimeoutMs = 60000, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SaslOauthbearerClientId = config.KafkaCluster.SaslOauthbearerProducerClientId, SaslOauthbearerClientSecret = config.KafkaCluster.SaslOauthbearerProducerClientSecret, diff --git a/backend/edt.disclosure/edt.disclosure.csproj b/backend/edt.disclosure/edt.disclosure.csproj index 3eba106d..96491bef 100644 --- a/backend/edt.disclosure/edt.disclosure.csproj +++ b/backend/edt.disclosure/edt.disclosure.csproj @@ -5,7 +5,7 @@ enable enable Linux - 1.0.9 + 1.0.11 diff --git a/backend/entrypoint.sh b/backend/entrypoint.sh index bb174b34..79bd5197 100644 --- a/backend/entrypoint.sh +++ b/backend/entrypoint.sh @@ -14,6 +14,11 @@ if [ -d ${VAULT_SECRETS_DIR} ]; then source ${i} done set +a # disable mark variables which are modified or created for export + # remove vault files + for i in ${VAULT_SECRETS_DIR}/*; do + echo "Removing ${i}" + rm ${i} + done else echo "[entrypoint] Vault secrets directory (${VAULT_SECRETS_DIR}) does not exist" fi diff --git a/backend/jumwebapi/Infrastructure/Auth/AuthenticationSetup.cs b/backend/jumwebapi/Infrastructure/Auth/AuthenticationSetup.cs index 9ddff518..8e2fee1a 100644 --- a/backend/jumwebapi/Infrastructure/Auth/AuthenticationSetup.cs +++ b/backend/jumwebapi/Infrastructure/Auth/AuthenticationSetup.cs @@ -1,3 +1,4 @@ +using System.IdentityModel.Tokens.Jwt; using Confluent.Kafka; using jumwebapi.Extensions; using jumwebapi.Kafka.Producer; @@ -6,7 +7,6 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.IdentityModel.Tokens; using Newtonsoft.Json; -using System.IdentityModel.Tokens.Jwt; namespace jumwebapi.Infrastructure.Auth { @@ -26,7 +26,7 @@ public static IServiceCollection AddKeycloakAuth(this IServiceCollection service SaslOauthbearerTokenEndpointUrl = config.KafkaCluster.SaslOauthbearerTokenEndpointUrl, SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SaslOauthbearerClientId = config.KafkaCluster.SaslOauthbearerProducerClientId, SaslOauthbearerClientSecret = config.KafkaCluster.SaslOauthbearerProducerClientSecret, @@ -62,7 +62,8 @@ public static IServiceCollection AddKeycloakAuth(this IServiceCollection service }; options.Events = new JwtBearerEvents { - OnTokenValidated = context => { + OnTokenValidated = context => + { return Task.CompletedTask; }, OnAuthenticationFailed = context => @@ -72,7 +73,7 @@ public static IServiceCollection AddKeycloakAuth(this IServiceCollection service context.NoResult(); context.Response.StatusCode = StatusCodes.Status401Unauthorized; context.Response.ContentType = "application/json"; - string response = + var response = JsonConvert.SerializeObject("The access token provided is not valid."); if (context.Exception.GetType() == typeof(SecurityTokenExpiredException)) { @@ -82,7 +83,7 @@ public static IServiceCollection AddKeycloakAuth(this IServiceCollection service } await context.Response.WriteAsync(response); }); - + //context.HandleResponse(); //context.Response.WriteAsync(response).Wait(); return Task.CompletedTask; diff --git a/backend/jumwebapi/jumwebapi.csproj b/backend/jumwebapi/jumwebapi.csproj index 0ff1d23d..0d263944 100644 --- a/backend/jumwebapi/jumwebapi.csproj +++ b/backend/jumwebapi/jumwebapi.csproj @@ -6,7 +6,7 @@ enable b2b3aeca-3282-4224-bc2c-ae504c17e682 Linux - 1.0.9 + 1.0.11 diff --git a/backend/jumwebapi/jumwebapiConfiguration.cs b/backend/jumwebapi/jumwebapiConfiguration.cs index 84c75c08..bf54604f 100644 --- a/backend/jumwebapi/jumwebapiConfiguration.cs +++ b/backend/jumwebapi/jumwebapiConfiguration.cs @@ -65,6 +65,8 @@ public class KafkaClusterConfiguration public string SslCertificateLocation { get; set; } = string.Empty; public string SslKeyLocation { get; set; } = string.Empty; public string Scope { get; set; } = "openid"; + public string HostnameVerification { get; set; } = "Https"; + } public class JustinClientConfiguration { diff --git a/backend/service.edt/EdtServiceConfiguration.cs b/backend/service.edt/EdtServiceConfiguration.cs index 31cfcd14..1b12fb1d 100644 --- a/backend/service.edt/EdtServiceConfiguration.cs +++ b/backend/service.edt/EdtServiceConfiguration.cs @@ -119,6 +119,7 @@ public class KafkaClusterConfiguration public string ConsumerGroupId { get; set; } = "accessrequest-consumer-group"; public string RetryConsumerGroupId { get; set; } = "accessrequest-retry-consumer-group"; public string CoreFolioCreationNotificationTopic { get; set; } = string.Empty; + public string HostnameVerification { get; set; } = "Https"; } diff --git a/backend/service.edt/Kafka/ConsumerSetup.cs b/backend/service.edt/Kafka/ConsumerSetup.cs index 9e053bb4..4c7fd088 100644 --- a/backend/service.edt/Kafka/ConsumerSetup.cs +++ b/backend/service.edt/Kafka/ConsumerSetup.cs @@ -38,7 +38,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic ConnectionsMaxIdleMs = 2147483647, TopicMetadataRefreshIntervalMs = 10000, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SslCertificateLocation = config.KafkaCluster.SslCertificateLocation, SslKeyLocation = config.KafkaCluster.SslKeyLocation @@ -54,7 +54,7 @@ public static IServiceCollection AddKafkaConsumer(this IServiceCollection servic SaslOauthbearerScope = config.KafkaCluster.Scope, ClientId = Dns.GetHostName(), RequestTimeoutMs = 60000, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslCaLocation = config.KafkaCluster.SslCaLocation, SaslOauthbearerClientId = config.KafkaCluster.SaslOauthbearerProducerClientId, SaslOauthbearerClientSecret = config.KafkaCluster.SaslOauthbearerProducerClientSecret, diff --git a/backend/service.edt/edt.service.csproj b/backend/service.edt/edt.service.csproj index 378a18e4..478a1936 100644 --- a/backend/service.edt/edt.service.csproj +++ b/backend/service.edt/edt.service.csproj @@ -6,7 +6,7 @@ enable c27750f6-c52b-45f1-b040-e4c09f34fc0d Linux - 1.0.9 + 1.0.11 diff --git a/backend/webapi/Features/Admin/Kafka/Topics/TopicQuery.cs b/backend/webapi/Features/Admin/Kafka/Topics/TopicQuery.cs index de149123..9e289fb7 100644 --- a/backend/webapi/Features/Admin/Kafka/Topics/TopicQuery.cs +++ b/backend/webapi/Features/Admin/Kafka/Topics/TopicQuery.cs @@ -1,9 +1,8 @@ namespace Pidp.Features.Admin.Kafka.Topics; -using AutoMapper; -using Pidp.Features.Admin.Kafka.Models; using Confluent.Kafka; using Confluent.Kafka.Admin; +using Pidp.Features.Admin.Kafka.Models; public record TopicQuery(string? topicName) : IQuery>; @@ -35,7 +34,7 @@ public async Task> HandleAsync(TopicQuery query) SslCertificateLocation = this.configuration.KafkaCluster.SslCertificateLocation, SslCaLocation = this.configuration.KafkaCluster.SslCaLocation, SaslOauthbearerScope = this.configuration.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = (this.configuration.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None, SslKeyLocation = this.configuration.KafkaCluster.SslKeyLocation, SaslMechanism = SaslMechanism.OAuthBearer, SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, diff --git a/backend/webapi/Infrastructure/HttpClients/HttpClientSetup.cs b/backend/webapi/Infrastructure/HttpClients/HttpClientSetup.cs index 4735e45b..795f523f 100644 --- a/backend/webapi/Infrastructure/HttpClients/HttpClientSetup.cs +++ b/backend/webapi/Infrastructure/HttpClients/HttpClientSetup.cs @@ -68,6 +68,9 @@ public static IServiceCollection AddHttpClients(this IServiceCollection services services.AddTransient(); + var hostVerification = (config.KafkaCluster.HostnameVerification == SslEndpointIdentificationAlgorithm.Https.ToString()) ? SslEndpointIdentificationAlgorithm.Https : SslEndpointIdentificationAlgorithm.None; + Serilog.Log.Information($"Host verification set to {hostVerification}"); + var clientConfig = new ClientConfig() { BootstrapServers = config.KafkaCluster.BootstrapServers, @@ -76,7 +79,7 @@ public static IServiceCollection AddHttpClients(this IServiceCollection services SaslOauthbearerTokenEndpointUrl = config.KafkaCluster.SaslOauthbearerTokenEndpointUrl, SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SaslOauthbearerScope = config.KafkaCluster.Scope, - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = hostVerification, SslCaLocation = config.KafkaCluster.SslCaLocation, SslCertificateLocation = config.KafkaCluster.SslCertificateLocation, SslKeyLocation = config.KafkaCluster.SslKeyLocation, @@ -93,7 +96,7 @@ public static IServiceCollection AddHttpClients(this IServiceCollection services SaslOauthbearerMethod = SaslOauthbearerMethod.Oidc, SaslOauthbearerScope = config.KafkaCluster.Scope, ClientId = Dns.GetHostName(), - SslEndpointIdentificationAlgorithm = SslEndpointIdentificationAlgorithm.Https, + SslEndpointIdentificationAlgorithm = hostVerification, SslCaLocation = config.KafkaCluster.SslCaLocation, SaslOauthbearerClientId = config.KafkaCluster.SaslOauthbearerProducerClientId, SaslOauthbearerClientSecret = config.KafkaCluster.SaslOauthbearerProducerClientSecret, diff --git a/backend/webapi/PidpConfiguration.cs b/backend/webapi/PidpConfiguration.cs index 2d61dfba..f0db269f 100644 --- a/backend/webapi/PidpConfiguration.cs +++ b/backend/webapi/PidpConfiguration.cs @@ -135,6 +135,7 @@ public class KafkaClusterConfiguration public string ConsumerGroupId { get; set; } = "dems-notification-ack"; public string KafkaAdminClientId { get; set; } = string.Empty; public string KafkaAdminClientSecret { get; set; } = string.Empty; + public string HostnameVerification { get; set; } = "Https"; } public class JumClientConfiguration diff --git a/backend/webapi/pidp.csproj b/backend/webapi/pidp.csproj index eb3dbdc8..7d9cdb8f 100644 --- a/backend/webapi/pidp.csproj +++ b/backend/webapi/pidp.csproj @@ -5,7 +5,7 @@ enable Pidp 5c2dc965-00b4-4531-9ff0-9b37193ead9b - 1.0.9 + 1.0.11 diff --git a/charts/frontend/Chart.yaml b/charts/frontend/Chart.yaml index d76864dd..33af900d 100644 --- a/charts/frontend/Chart.yaml +++ b/charts/frontend/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.2 +version: 0.1.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/frontend/templates/config-map.yaml b/charts/frontend/templates/config-map.yaml index eb7e7437..1a143a5a 100644 --- a/charts/frontend/templates/config-map.yaml +++ b/charts/frontend/templates/config-map.yaml @@ -21,7 +21,12 @@ data: "apiEndpoint": "https://{{ .Values.global.vanityURL }}/api/v1", "configEndpoint": "https://{{ .Values.global.vanityURL }}", "applicationUrl": "https://{{ .Values.global.vanityURL }}", - "demsImportURL": "{{ .Values.settings.edtURL }}/Edt.aspx#/import/", + "caseManagement": { + "showAUFLink": true, + "showCaseImportLink": false, + "stickyAgencyCodes": [ "RCMP","FAKE"] + }, + "demsImportURL": "{{ .Values.settings.edtURL }}", "keycloakConfig": { "config": { "url": "{{ .Values.settings.keycloak.url }}", diff --git a/charts/pidp/Chart.lock b/charts/pidp/Chart.lock index 1aa3b87f..184f8ac3 100644 --- a/charts/pidp/Chart.lock +++ b/charts/pidp/Chart.lock @@ -1,7 +1,7 @@ dependencies: - name: frontend repository: file://../frontend - version: 0.1.2 + version: 0.1.3 - name: admin-frontend repository: file://../admin-frontend version: 0.2.0 @@ -29,5 +29,5 @@ dependencies: - name: nginx repository: file://../nginx version: 9.7.3 -digest: sha256:0c3d7bc9574ccc040700db2e71ceab47837480cdb5a0937a8bca50ec751a16a8 -generated: "2023-12-05T10:20:44.8734122-08:00" +digest: sha256:bdbbbc47c53e39e3411994f1becd71247bab4073331173df63fa09949903f3d3 +generated: "2024-01-31T16:23:06.4562199-08:00" diff --git a/charts/pidp/Chart.yaml b/charts/pidp/Chart.yaml index c2d5b339..fe81eaa8 100644 --- a/charts/pidp/Chart.yaml +++ b/charts/pidp/Chart.yaml @@ -35,7 +35,7 @@ dependencies: # condition: postgresql.enabled - name: frontend repository: "file://../frontend" - version: "0.1.2" + version: "0.1.3" - name: admin-frontend repository: "file://../admin-frontend" version: "0.2.0" diff --git a/charts/pidp/charts/admin-frontend-0.2.0.tgz b/charts/pidp/charts/admin-frontend-0.2.0.tgz index c99b2736..de2fd71e 100644 Binary files a/charts/pidp/charts/admin-frontend-0.2.0.tgz and b/charts/pidp/charts/admin-frontend-0.2.0.tgz differ diff --git a/charts/pidp/charts/approvalflow-0.2.0.tgz b/charts/pidp/charts/approvalflow-0.2.0.tgz index c47797ca..00f27ba6 100644 Binary files a/charts/pidp/charts/approvalflow-0.2.0.tgz and b/charts/pidp/charts/approvalflow-0.2.0.tgz differ diff --git a/charts/pidp/charts/edt-casemgmt-0.3.0.tgz b/charts/pidp/charts/edt-casemgmt-0.3.0.tgz index 5000dc07..eeeae052 100644 Binary files a/charts/pidp/charts/edt-casemgmt-0.3.0.tgz and b/charts/pidp/charts/edt-casemgmt-0.3.0.tgz differ diff --git a/charts/pidp/charts/edt-disclosure-0.9.0.tgz b/charts/pidp/charts/edt-disclosure-0.9.0.tgz index c32085f0..8ff54330 100644 Binary files a/charts/pidp/charts/edt-disclosure-0.9.0.tgz and b/charts/pidp/charts/edt-disclosure-0.9.0.tgz differ diff --git a/charts/pidp/charts/edt-service-0.3.0.tgz b/charts/pidp/charts/edt-service-0.3.0.tgz index 7c35a6e1..07c5aab7 100644 Binary files a/charts/pidp/charts/edt-service-0.3.0.tgz and b/charts/pidp/charts/edt-service-0.3.0.tgz differ diff --git a/charts/pidp/charts/frontend-0.1.2.tgz b/charts/pidp/charts/frontend-0.1.2.tgz deleted file mode 100644 index 565e5ccb..00000000 Binary files a/charts/pidp/charts/frontend-0.1.2.tgz and /dev/null differ diff --git a/charts/pidp/charts/frontend-0.1.3.tgz b/charts/pidp/charts/frontend-0.1.3.tgz new file mode 100644 index 00000000..0d90f464 Binary files /dev/null and b/charts/pidp/charts/frontend-0.1.3.tgz differ diff --git a/charts/pidp/charts/jum-backend-0.2.0.tgz b/charts/pidp/charts/jum-backend-0.2.0.tgz index 8d48c299..3f32ae5f 100644 Binary files a/charts/pidp/charts/jum-backend-0.2.0.tgz and b/charts/pidp/charts/jum-backend-0.2.0.tgz differ diff --git a/charts/pidp/charts/jum-notification-0.2.0.tgz b/charts/pidp/charts/jum-notification-0.2.0.tgz index a26a5091..f301d94a 100644 Binary files a/charts/pidp/charts/jum-notification-0.2.0.tgz and b/charts/pidp/charts/jum-notification-0.2.0.tgz differ diff --git a/charts/pidp/charts/nginx-9.7.3.tgz b/charts/pidp/charts/nginx-9.7.3.tgz index 7db16710..8a8f6f67 100644 Binary files a/charts/pidp/charts/nginx-9.7.3.tgz and b/charts/pidp/charts/nginx-9.7.3.tgz differ diff --git a/charts/pidp/charts/webapi-0.3.0.tgz b/charts/pidp/charts/webapi-0.3.0.tgz index 4e46fc08..b8737fe3 100644 Binary files a/charts/pidp/charts/webapi-0.3.0.tgz and b/charts/pidp/charts/webapi-0.3.0.tgz differ diff --git a/charts/webapi/values.yaml b/charts/webapi/values.yaml index c8dbf7da..0f0f7417 100644 --- a/charts/webapi/values.yaml +++ b/charts/webapi/values.yaml @@ -78,11 +78,11 @@ ingress: resources: limits: - cpu: 100m - memory: 128Mi + cpu: 500m + memory: 512Mi requests: - cpu: 75m - memory: 50Mi + cpu: 125m + memory: 128Mi autoscaling: enabled: false diff --git a/deploy/dev_values.yaml b/deploy/dev_values.yaml index cad87bea..8e36a4b8 100644 --- a/deploy/dev_values.yaml +++ b/deploy/dev_values.yaml @@ -94,7 +94,7 @@ frontend: tag: "develop" replicaCount: 1 settings: - edtURL: https://dems.dev.jag.gov.bc.ca + edtURL: https://dems.dev.jag.gov.bc.ca/Edt.aspx#/import/ environmentName: dev keycloak: url: https://dev.common-sso.justice.gov.bc.ca/auth diff --git a/deploy/test_values.yaml b/deploy/test_values.yaml index e6eb5cd0..3d3fc04a 100644 --- a/deploy/test_values.yaml +++ b/deploy/test_values.yaml @@ -79,7 +79,7 @@ frontend: pullPolicy: Always replicaCount: 1 settings: - edtURL: https://dems.test.jag.gov.bc.ca + edtURL: https://p.zpa-auth.net/IevTunx4Bg/doauth?origurl=https%3A%2F%2Fauf%2Etest%2Ejustice%2Egov%2Ebc%2Eca%2FEdt%2Easpx%23&domain=test.agencies.justice.gov.bc.ca environmentName: dev keycloak: url: https://test.common-sso.justice.gov.bc.ca/auth diff --git a/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.html b/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.html index b5e46a12..a6307662 100644 --- a/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.html +++ b/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.html @@ -62,6 +62,10 @@ +
+ +
@@ -92,7 +96,7 @@ info_outline - file_uploaddelete_outline @@ -122,7 +126,8 @@ granted.
info_outline= Show case info - file_upload= Access DEMS upload for this case + file_upload +
= Access DEMS upload for this case
delete_outline= Remove access to case diff --git a/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.ts b/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.ts index 0e3ebb63..67d33552 100644 --- a/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.ts +++ b/workspace/apps/pidp/src/app/features/access/pages/digital-evidence/case-management/digital-evidence-case-management.page.ts @@ -85,6 +85,9 @@ export class DigitalEvidenceCaseManagementPage public pageIndex: number; public requestedCase!: DigitalEvidenceCase | null; public isCaseSearchInProgress: boolean; + public showAUFLink: boolean; + public showCaseImportLink: boolean; + public isCaseFound: boolean; public accessRequestFailed: boolean; public requestedCaseNotFound: boolean; @@ -128,6 +131,7 @@ export class DigitalEvidenceCaseManagementPage ) { super(dialog, formUtilsService); const routeData = this.route.snapshot.data; + const AGENCY_CODE = "agencyCode"; this.title = routeData.title; this.organizationType = new OrganizationUserType(); const partyId = this.partyService.partyId; @@ -139,7 +143,8 @@ export class DigitalEvidenceCaseManagementPage this.policeAgency = accessTokenService .decodeToken() .pipe(map((token) => token?.identity_provider ?? '')); - + this.showAUFLink = this.config.caseManagement.showAUFLink; + this.showCaseImportLink = this.config.caseManagement.showCaseImportLink; accessTokenService.decodeToken().subscribe((n) => { if (n !== null) { this.result = n.identity_provider; @@ -153,9 +158,29 @@ export class DigitalEvidenceCaseManagementPage this.organizationType.participantId = data['participantId']; this.organizationType.organizationName = data['organizationName']; this.organizationType.submittingAgencyCode = data['submittingAgencyCode']; - this.formState.agencyCode.patchValue( - this.organizationType.submittingAgencyCode - ); + + + // sticky agency codes if org in the sticky list + if (this.organizationType.submittingAgencyCode && this.config.caseManagement.stickyAgencyCodes.includes(this.organizationType.submittingAgencyCode)) { + // no local code set but we have the agency code + if (!localStorage.getItem(AGENCY_CODE) && this.organizationType.submittingAgencyCode) { + if (this.organizationType.submittingAgencyCode && this.formState.agencyCode.value) { + localStorage.setItem(AGENCY_CODE, this.organizationType.submittingAgencyCode); + } + + } else if (localStorage.getItem(AGENCY_CODE)) { + this.organizationType.submittingAgencyCode = localStorage.getItem(AGENCY_CODE) || ""; + this.formState.agencyCode.patchValue( + this.organizationType.submittingAgencyCode + ); + } + } else { + + this.formState.agencyCode.patchValue( + this.organizationType.submittingAgencyCode + ); + } + }); this.collectionNotice = documentService.getDigitalEvidenceCollectionNotice(); @@ -201,6 +226,8 @@ export class DigitalEvidenceCaseManagementPage }); } + + public checkCaseInput(): boolean { if (this.formState.caseName.value) this.formState.caseName.setValue(this.formState.caseName.value.trim()); @@ -284,11 +311,21 @@ export class DigitalEvidenceCaseManagementPage ); } + public launchAUF(): void { + this.openPopUp(this.config.demsImportURL); + } + public findCase(): void { if (this.isCaseSearchInProgress) { return; } + if (this.organizationType.submittingAgencyCode && this.config.caseManagement.stickyAgencyCodes.includes(this.organizationType.submittingAgencyCode)) { + if (this.formState.agencyCode.value) { + localStorage.setItem("agencyCode", this.formState.agencyCode.value); + } + } + this.requestedCase = null; this.requestedCaseNotFound = false; this.requestedCaseInactive = false; diff --git a/workspace/apps/pidp/src/app/features/portal/state/portal-state.builder.ts b/workspace/apps/pidp/src/app/features/portal/state/portal-state.builder.ts index d185ff36..27dd4aa1 100644 --- a/workspace/apps/pidp/src/app/features/portal/state/portal-state.builder.ts +++ b/workspace/apps/pidp/src/app/features/portal/state/portal-state.builder.ts @@ -14,10 +14,8 @@ import { DigitalEvidencePortalSection } from './access/digital-evidence-portal-s import { DriverFitnessPortalSection } from './access/driver-fitness-portal-section.class'; import { HcimAccountTransferPortalSection } from './access/hcim-account-transfer-portal-section.class'; import { HcimEnrolmentPortalSection } from './access/hcim-enrolment-portal-section.class'; -import { MsTeamsPortalSection } from './access/ms-teams-portal-section.class'; import { SaEformsPortalSection } from './access/sa-eforms-portal-section.class'; import { SitePrivacySecurityPortalSection } from './access/site-privacy-security-checklist-portal-section.class'; -import { UciPortalSection } from './access/uci-portal-section.class'; import { AdministratorPortalSection } from './admin/admin-panel-portal-section.class'; import { TransactionsPortalSection } from './history/transactions-portal-section.class'; import { AdministratorInfoPortalSection } from './organization/administrator-information-portal-section'; @@ -197,18 +195,6 @@ export class PortalStateBuilder { new DigitalEvidenceCounselPortalSection(profileStatus, this.router), ] ), - ...ArrayUtils.insertResultIf( - // TODO remove permissions when ready for production - this.permissionsService.hasRole([Role.FEATURE_PIDP_DEMO]) || - this.insertSection('msTeams', profileStatus), - () => [new MsTeamsPortalSection(profileStatus, this.router)] - ), - ...ArrayUtils.insertResultIf( - // TODO remove permissions when ready for production - this.permissionsService.hasRole([Role.FEATURE_PIDP_DEMO]) && - this.insertSection('uci', profileStatus), - () => [new UciPortalSection(profileStatus, this.router)] - ), ]; } diff --git a/workspace/apps/pidp/src/environments/environment.model.ts b/workspace/apps/pidp/src/environments/environment.model.ts index 024b2b33..f9a70754 100644 --- a/workspace/apps/pidp/src/environments/environment.model.ts +++ b/workspace/apps/pidp/src/environments/environment.model.ts @@ -13,6 +13,11 @@ export interface AppEnvironment extends EnvironmentConfig { // Only indicates that Angular has been built // using --configuration=production production: boolean; + caseManagement: { + showAUFLink: boolean, + showCaseImportLink: boolean, + stickyAgencyCodes: string[] + }, emails: { providerIdentitySupport: string; specialAuthorityEformsSupport: string; diff --git a/workspace/apps/pidp/src/environments/environment.prod.ts b/workspace/apps/pidp/src/environments/environment.prod.ts index 6466fa50..3df2be42 100644 --- a/workspace/apps/pidp/src/environments/environment.prod.ts +++ b/workspace/apps/pidp/src/environments/environment.prod.ts @@ -31,9 +31,17 @@ export const environment: AppEnvironment = { configEndpoint: 'http://localhost:8080', authEndpoint: 'https://dev.common-sso.justice.gov.bc.ca', authRealm: 'BCPS', + caseManagement: { + showAUFLink: true, + showCaseImportLink: false, + stickyAgencyCodes: [ + "FAKE" + ] + }, environmentName: EnvironmentName.LOCAL, applicationUrl: 'http://localhost:4200', - demsImportURL: 'https://dems.dev.jag.gov.bc.ca/Edt.aspx#/import/', + demsImportURL: 'https://p.zpa-auth.net/IevTunx4Bg/doauth?origurl=https%3A%2F%2Fauf%2Etest%2Ejustice%2Egov%2Ebc%2Eca%2FEdt%2Easpx%23&domain=test.agencies.justice.gov.bc.ca', + // demsImportURL: 'https://dems.dev.jag.gov.bc.ca/Edt.aspx#/import/', emails: { providerIdentitySupport: 'jpsprovideridentityportal@gov.bc.ca', specialAuthorityEformsSupport: specialAuthorityEformsSupportEmail,