Feature/signing #956
Feature/signing #956
Conversation
* adr for transaction handling * scaffold signee service
… is supplied, authorize it as a write action. Move deletion of stale data elements to ProcessTaskInitializer.
* Expose endpoint for searching for person using ssn and last name. * Use class and drop dto postfix. * Move mapping to reponse class. * Add success property to PersonSearchResult. Move person details into nested object.
* adds endpoint for getting an organisation from Enhetsregisteret * renames OrganisationSearch -> Lookup
* temp * feat: add phone and email to signee state * split signee states on person/org, handle delegation before notification * split signing notification and delegation to seperate services * Move SigneeParty to Models folder * update signeeConfig -> signeeParty * split out method for processing signees to support retries * restructure signeecontext, party and state * update signing service to use new signingcontext structure * split notification config based on the receiving system * Make telemetry nullable in signing service. * some more stuff * Fix compilation error * Touples in notification service. Sms number from registry. Store reason for sms/email failure. * Extract SigningService interface. Various adjustments after mob session. * For now: Add user action for initializing delegated signing. --------- Co-authored-by: Bjørn Tore Gjerde <[email protected]>
* add model for delegation request * add step builder for delegation request * add scaffold for delegation client * add scaffold to signing delegation service * temp solution for const instead of magic strings * add delegation client * weird state * update handling of party id to use party uuid * rm sign delegate rights from access management client
…ake Telemetry optional in SigningService.
# Conflicts: # src/Altinn.App.Core/Configuration/PlatformSettings.cs # src/Altinn.App.Core/Extensions/ServiceCollectionExtensions.cs
…while env == development. (#940)
* update builder to standard set in correspondance (1/2) * restructure: add builders folder * formatting * add TryGet method to retrieve app resource id * cleanup * formatting * add custom exceptions * use IOptions for plattformsettings * simplify builder * format * trailing comma * more formatting
* update controllers * add 500 annotation for org lookup * fix copy pasta * update swagger * lastname usage goes too deep (storage) * update swagger * update test paths * use 200 OK when no hit * typo * log error * format * use the correct namespacing for the logger * shorten method
HauklandJ
added
the
feature
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| _logger.LogInformation( | ||
| "Initialize delegated singing action handler invoked for instance {Id}. In task: {CurrentTaskId}", | ||
| context.Instance.Id, |
Check failure
Code scanning / CodeQL
Log entries created from user input High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 5 days ago
To fix the problem, we need to sanitize the context.Instance.Id before logging it. Since the log entries are plain text, we should remove any newline characters from the Instance.Id to prevent log forging attacks. This can be done using the String.Replace method to replace newline characters with an empty string.
| @@ -79,5 +79,6 @@ | ||
|
|
||
| string sanitizedInstanceId = context.Instance.Id.Replace(Environment.NewLine, "").Replace("\n", "").Replace("\r", ""); | ||
| _logger.LogInformation( | ||
| "Initialize delegated singing action handler invoked for instance {Id}. In task: {CurrentTaskId}", | ||
| context.Instance.Id, | ||
| sanitizedInstanceId, | ||
| currentTask.Id |
test/Altinn.App.Api.Tests/Controllers/LookupOrganisationControllerTests.cs
Dismissed
Show dismissed
Hide dismissed
test/Altinn.App.Api.Tests/Controllers/LookupOrganisationControllerTests.cs
Dismissed
Show dismissed
Hide dismissed
test/Altinn.App.Api.Tests/Controllers/LookupPersonControllerTests.cs
Dismissed
Show dismissed
Hide dismissed
test/Altinn.App.Api.Tests/Controllers/LookupPersonControllerTests.cs
Dismissed
Show dismissed
Hide dismissed
test/Altinn.App.Api.Tests/Controllers/LookupPersonControllerTests.cs
Dismissed
Show dismissed
Hide dismissed
|
/publish |
|
/publish |
Published PR packages: |
* WIP persisting signee contexts * test data * use party id instead of partyuuid in singing context * wip: persist signature state * wip: Make SigneeContext classes public because of json serialization/deserialization. * set debug type to portable for core and api * working state for persisting and reading signee context * add missing xml comments * update swagger * make models internal --------- Co-authored-by: Camilla Marie Dalan <[email protected]> Co-authored-by: Bjørn Tore Gjerde <[email protected]>
| List<SigneeContext> organisationSigneeContexts = await GetOrganisationSigneeContexts(taskId, signeesResult, ct); | ||
| List<SigneeContext> signeeContexts = [.. personSigneeContexts, .. organisationSigneeContexts]; | ||
|
|
||
| _logger.LogInformation("Assigning signees to task {TaskId}: {SigneeContexts}", taskId, signeeContexts.Count); |
Check failure
Code scanning / CodeQL
Log entries created from user input High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 5 days ago
To fix the problem, we need to sanitize the taskId before logging it. Specifically, we should remove any newline characters from the taskId to prevent log forging. This can be done using the Replace method to remove newline characters.
| @@ -81,3 +81,4 @@ | ||
|
|
||
| _logger.LogInformation("Assigning signees to task {TaskId}: {SigneeContexts}", taskId, signeeContexts.Count); | ||
| string sanitizedTaskId = taskId.Replace(Environment.NewLine, "").Replace("\n", "").Replace("\r", ""); | ||
| _logger.LogInformation("Assigning signees to task {TaskId}: {SigneeContexts}", sanitizedTaskId, signeeContexts.Count); | ||
|
|
|
|
||
| AltinnSignatureConfiguration signatureConfiguration = GetAltinnSignatureConfiguration(taskId); | ||
| ApplicationMetadata appMetadata = await _appMetadata.GetApplicationMetadata(); | ||
| _logger.LogInformation($"Starting signing task for instance {instance.Id}"); |
Check failure
Code scanning / CodeQL
Log entries created from user input High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 5 days ago
To fix the problem, we need to sanitize the instance.Id before logging it. Since the log entries are plain text, we should remove any newline characters from the instance.Id to prevent log forging. This can be done using the Replace method to remove newline characters.
| @@ -72,3 +72,3 @@ | ||
| ApplicationMetadata appMetadata = await _appMetadata.GetApplicationMetadata(); | ||
| _logger.LogInformation($"Starting signing task for instance {instance.Id}"); | ||
| _logger.LogInformation($"Starting signing task for instance {instance.Id.Replace(Environment.NewLine, "").Replace("\n", "").Replace("\r", "")}"); | ||
| _logger.LogInformation($"Signature configuration: {signatureConfiguration.SigneeStatesDataTypeId}"); |
* adds self links to signing data elements * updates oas
* rename method * add terlemetry to singing delegation * use instancemuitator instead of instance * lastname changes * format * temp fix for bad model * add debug logging * format * domain model for application resource id * format * use app resource id * add AppResourceId and simplify parameters to signing delegation * debug logging * lets try loggin again * format * update instantiation of AppIdentifier * public * use actual instance id * inject taskId as param, due to being unable to resolve it * add delegation builder test * better logging for access management issues * rm unused using * better logging * just log everything * just log everything but better * forgot one * add summary for all public props * use party uuid * clarify vars, rm comments * log response * summaries * add app and org delegation * simplify delegation abstractions * move appResourceId into a named namespace * rm builders, use domain objects * client cleanup * add revoke signee rights * format * rm debug logging * workaround -> work around * block scoped variables * rm debug logging of sensitive data * delagate from current user * use UserParty instead of Party
* simplify lastname handling * get lastname from fullname * use invariant culture * rm redundant semi * update summary for PersonSignee.FullName
| foreach (SigneeContext signeeContext in signeeContexts) | ||
| { | ||
| if (signeeContext.SigneeState.IsAccessDelegated is true) | ||
| { | ||
| try | ||
| { | ||
| DelegationRequest delegationRequest = new() | ||
| { | ||
| ResourceId = appResourceId.Value, | ||
| InstanceId = instanceGuid, | ||
| From = new DelegationParty | ||
| { | ||
| Value = | ||
| delegatorParty.PartyUuid.ToString() | ||
| ?? throw new InvalidOperationException("Delegator: PartyUuid is null"), | ||
| }, | ||
| To = new DelegationParty | ||
| { | ||
| Value = | ||
| signeeContext.Party.PartyUuid.ToString() | ||
| ?? throw new InvalidOperationException("Delegatee: PartyUuid is null"), | ||
| }, | ||
| Rights = | ||
| [ | ||
| new RightRequest | ||
| { | ||
| Resource = | ||
| [ | ||
| new AppResource { Value = appIdentifier.App }, | ||
| new OrgResource { Value = appIdentifier.Org }, | ||
| new TaskResource { Value = taskId }, | ||
| ], | ||
| Action = new AltinnAction { Value = ActionType.Read }, | ||
| }, | ||
| new RightRequest | ||
| { | ||
| Resource = | ||
| [ | ||
| new AppResource { Value = appIdentifier.App }, | ||
| new OrgResource { Value = appIdentifier.Org }, | ||
| new TaskResource { Value = taskId }, | ||
| ], | ||
| Action = new AltinnAction { Value = ActionType.Sign }, | ||
| }, | ||
| ], | ||
| }; | ||
| DelegationResponse? response = await accessManagementClient.RevokeRights(delegationRequest, ct); | ||
| signeeContext.SigneeState.IsAccessDelegated = false; | ||
| telemetry?.RecordDelegationRevoke(DelegationResult.Success); | ||
| } | ||
| catch (Exception ex) | ||
| { | ||
| logger.LogError(ex, "Failed to revoke signee rights"); | ||
| signeeContext.SigneeState.DelegationFailedReason = "Failed to revoke signee rights: " + ex.Message; | ||
| telemetry?.RecordDelegationRevoke(DelegationResult.Error); | ||
| success = false; | ||
| } | ||
| } | ||
| } |
Check notice
Code scanning / CodeQL
Missed opportunity to use Where Note
| }, | ||
| ], | ||
| }; | ||
| DelegationResponse? response = await accessManagementClient.RevokeRights(delegationRequest, ct); |
Check warning
Code scanning / CodeQL
Useless assignment to local variable Warning
| catch (Exception ex) | ||
| { | ||
| logger.LogError(ex, "Failed to revoke signee rights"); | ||
| signeeContext.SigneeState.DelegationFailedReason = "Failed to revoke signee rights: " + ex.Message; | ||
| telemetry?.RecordDelegationRevoke(DelegationResult.Error); | ||
| success = false; | ||
| } |
Check notice
Code scanning / CodeQL
Generic catch clause Note
| }, | ||
| ], | ||
| }; | ||
| DelegationResponse? response = await accessManagementClient.DelegateRights(delegationRequest, ct); |
Check warning
Code scanning / CodeQL
Useless assignment to local variable Warning
| catch (Exception ex) | ||
| { | ||
| logger.LogError(ex, "Failed to delegate signee rights"); | ||
| state.DelegationFailedReason = "Failed to delegate signee rights: " + ex.Message; | ||
| telemetry?.RecordDelegation(DelegationResult.Error); | ||
| success = false; | ||
| } |
Check notice
Code scanning / CodeQL
Generic catch clause Note
| if (delegateSuccess) | ||
| { | ||
| // await signingNotificationService.NotifySignatureTask(signeeContexts, ct); | ||
| } |
Check warning
Code scanning / CodeQL
Futile conditional Warning
| { | ||
| using var activity = telemetry?.StartAppInstanceRevokeActivity(); | ||
|
|
||
| HttpResponseMessage? httpResponseMessage = null; |
Check notice
Code scanning / CodeQL
Missed 'using' opportunity Note
| catch (Exception e) | ||
| { | ||
| var ex = | ||
| e is AccessManagementRequestException | ||
| ? e | ||
| : new AccessManagementRequestException( | ||
| $"Something went wrong when processing the access management request.", | ||
| null, | ||
| httpResponseMessage?.StatusCode, | ||
| httpContent, | ||
| e | ||
| ); | ||
| logger.LogError(ex, "Error when processing access management request."); | ||
|
|
||
| throw ex; | ||
| } |
Check notice
Code scanning / CodeQL
Generic catch clause Note
| { | ||
| using var activity = telemetry?.StartAppInstanceDelegationActivity(); | ||
|
|
||
| HttpResponseMessage? httpResponseMessage = null; |
Check notice
Code scanning / CodeQL
Missed 'using' opportunity Note
| catch (Exception e) | ||
| { | ||
| var ex = | ||
| e is AccessManagementRequestException | ||
| ? e | ||
| : new AccessManagementRequestException( | ||
| $"Something went wrong when processing the access management request.", | ||
| null, | ||
| httpResponseMessage?.StatusCode, | ||
| httpContent, | ||
| e | ||
| ); | ||
| logger.LogError(ex, "Error when processing access management request."); | ||
|
|
||
| throw ex; | ||
| } |
Check notice
Code scanning / CodeQL
Generic catch clause Note
|
/publish |
Published PR packages: |
|
Description
PR so that vi can publish an experimental package
Related Issue(s)
Verification
Documentation