Sr at21 integration test config

bff/src/Altinn.Authentication.UI/Altinn.Authentication.UI/Altinn.Authentication.UI.csproj

@@ -10,11 +10,17 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Altinn.Common.AccessTokenClient" Version="3.0.1" />
+    <PackageReference Include="Altinn.Common.AccessTokenClient" Version="3.0.2" />
     <PackageReference Include="Altinn.Common.PEP" Version="4.0.0" />
     <PackageReference Include="Altinn.Platform.Models" Version="1.5.0" />
+    <PackageReference Include="Azure.Extensions.AspNetCore.Configuration.Secrets" Version="1.3.1" />
+    <PackageReference Include="Azure.Extensions.AspNetCore.DataProtection.Blobs" Version="1.3.3" />
+    <PackageReference Include="Azure.Identity" Version="1.11.0" />
+    <PackageReference Include="Azure.Security.KeyVault.Secrets" Version="4.6.0" />
+    <PackageReference Include="Azure.Storage.Queues" Version="12.17.1" />
     <PackageReference Include="JWTCookieAuthentication" Version="4.0.1" />
-    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.3" />
+    <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.22.0" />
+    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.4" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.5.0" />
     <PackageReference Include="Swashbuckle.AspNetCore.Filters" Version="8.0.1" />
   </ItemGroup>
@@ -27,7 +33,6 @@
 
   <ItemGroup>
     <Folder Include="wwwroot\authentication\" />
-    <Folder Include="wwwroot\authentication\" />
   </ItemGroup>
 
 </Project>

bff/src/Altinn.Authentication.UI/Altinn.Authentication.UI/Controllers/HomeController.cs

@@ -80,7 +80,7 @@ public async Task<IActionResult> Index()
             });
         }
 
-        return View();
+        //return View();
 
         if (await ShouldShowAppView())
         {

bff/src/Altinn.Authentication.UI/Altinn.Authentication.UI/Controllers/ProfileController.cs

@@ -5,7 +5,6 @@
 using Altinn.Authentication.UI.Core.UserProfiles;
 using Altinn.Authentication.UI.Core.Authentication;
 using Altinn.Platform.Register.Models;
-using System.Net.Http.Headers;
 
 namespace Altinn.Authentication.UI.Controllers;
 
@@ -39,7 +38,7 @@ IPartyService partyService
     /// The method consumes the UserProfile and Party services
     /// </summary>
     /// <returns>The UserProfile as a DTO for the Frontend</returns>    
-    //[Authorize] 
+    [Authorize] 
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpGet("user")]
     public async Task<ActionResult> GetUser()

bff/src/Altinn.Authentication.UI/Altinn.Authentication.UI/Controllers/SystemRegisterController.cs

@@ -17,14 +17,12 @@ public SystemRegisterController(ISystemRegisterService systemRegisterService)
         _systemRegisterService = systemRegisterService;
     }
 
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpGet]
     public async Task<ActionResult> GetListOfRegisteredSystems(CancellationToken cancellationToken = default)
     {
-        List<RegisteredSystemDTO> lista = new();
-
-        lista.AddRange(await _systemRegisterService.GetListRegSys(cancellationToken));
+        List<RegisteredSystemDTO> lista = [.. await _systemRegisterService.GetListRegSys(cancellationToken)];
 
         return Ok(lista);
     }

bff/src/Altinn.Authentication.UI/Altinn.Authentication.UI/Controllers/SystemUserController.cs

@@ -3,9 +3,7 @@
 using Altinn.Authentication.UI.Filters;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
-using System.Diagnostics;
 using System.Net.Http.Headers;
-//https://github.com/Altinn/altinn-authentication-frontend/issues/22 and 23
 
 namespace Altinn.Authentication.UI.Controllers;
 
@@ -43,7 +41,7 @@ public SystemUserController(ISystemUserService systemUserService, IHttpContextAc
     /// </summary>
     /// <param name="cancellationToken"></param>
     /// <returns></returns>
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpGet]
     public async Task<ActionResult> GetSystemUserListForLoggedInUser(CancellationToken cancellationToken = default)
@@ -56,9 +54,8 @@ public async Task<ActionResult> GetSystemUserListForLoggedInUser(CancellationTok
         return Ok(list);
     }
 
-    //[Authorize]
+    [Authorize]
     [HttpGet("{guid}")]
-
     public async Task<ActionResult> GetSystemUserDetailsById(Guid guid, CancellationToken cancellationToken)
     {
         var (partyId, actionResult) = ResolvePartyId();
@@ -80,7 +77,7 @@ public async Task<ActionResult> GetSystemUserDetailsById(Guid guid, Cancellation
     /// <param name="consumerId">The legal number (Orgno) of the Vendor creating the Registered System (Accounting system)</param>
     /// <param name="systemOrg">The legal number (Orgno) of the party owning the System User Integration</param>
     /// <returns>The SystemUserIntegration model API DTO</returns>
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpGet("get-consumers-integration-by-clientId/{consumerId}/{systemOrg}/{clientId}")]
     public async Task<ActionResult> CheckIfPartyHasIntegration(string clientId, string consumerId, string systemOrg,CancellationToken cancellationToken = default)
@@ -89,14 +86,12 @@ public async Task<ActionResult> CheckIfPartyHasIntegration(string clientId, stri
         if (res is null) return NoContent();
         return Ok(res);
     }
-
-    //https://brokul.dev/sending-files-and-additional-data-using-httpclient-in-net-core
-    //POST api/<SystemUserController>/upload
+
     /// <summary>
     /// Used to upload a certificate for the System User
     /// </summary>
     /// <returns></returns>
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpPost("uploaddisk")]
     public async Task<ActionResult> UploadFileToDisk(IFormFile file, CancellationToken cancellationToken = default)
@@ -113,12 +108,11 @@ public async Task<ActionResult> UploadFileToDisk(IFormFile file, CancellationTok
         return Ok();
     }
 
-
     /// <summary>
     /// Endpoint for uploading a certificate for the System User
     /// </summary>
     /// <param name = "cancellationToken" ></ param >
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpPost("uploadjwk")]
     public async Task<ActionResult> UploadCertificate([FromForm] IFormFile file, [FromForm] string navn, [FromForm] string beskrivelse , CancellationToken cancellationToken = default)
@@ -137,9 +131,8 @@ public async Task<ActionResult> UploadCertificate([FromForm] IFormFile file, [Fr
 
         return Ok();
     }
-
 
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpPost]
     public async Task<ActionResult> Post([FromBody] SystemUserDescriptor newSystemUserDescriptor, CancellationToken cancellationToken = default)
@@ -155,7 +148,7 @@ public async Task<ActionResult> Post([FromBody] SystemUserDescriptor newSystemUs
         return NotFound();
     }
 
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpPut("{id}")]
     public async void Put(Guid id, [FromBody] SystemUserDescriptor modifiedSystemUser, CancellationToken cancellationToken = default)
@@ -164,7 +157,7 @@ public async void Put(Guid id, [FromBody] SystemUserDescriptor modifiedSystemUse
         if (modifiedSystemUser.SelectedSystemType is not null) await _systemUserService.ChangeSystemUserProduct(modifiedSystemUser.SelectedSystemType, id, cancellationToken);
     }
 
-    //[Authorize]
+    [Authorize]
     [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
     [HttpDelete("{id}")]
     public void Delete(Guid id, CancellationToken cancellationToken = default)

bff/src/Altinn.Authentication.UI/Altinn.Authentication.UI/Extensions/ProgramConfigurationAndDependencyInjection.cs

@@ -0,0 +1,171 @@
+using Altinn.App.Core.Health;
+using Altinn.Authentication.UI.Core.AppConfiguration;
+using Altinn.Authentication.UI.Core.Authentication;
+using Altinn.Authentication.UI.Core.SystemRegister;
+using Altinn.Authentication.UI.Core.SystemUsers;
+using Altinn.Authentication.UI.Core.UserProfiles;
+using Altinn.Authentication.UI.Filters;
+using Altinn.Authentication.UI.Integration.Authentication;
+using Altinn.Authentication.UI.Integration.Configuration;
+using Altinn.Authentication.UI.Mocks.SystemRegister;
+using Altinn.Authentication.UI.Mocks.SystemUsers;
+using Altinn.Authentication.UI.Mocks.UserProfiles;
+using Altinn.Common.AccessTokenClient.Services;
+using AltinnCore.Authentication.JwtCookie;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+using Microsoft.IdentityModel.Tokens;
+using System.Reflection;
+
+namespace Altinn.Authentication.UI.Extensions
+{
+    /// <summary>
+    /// Extensions for the Program.cs 
+    /// </summary>
+    public static class ProgramConfigurationAndDependencyInjection
+    {
+        /// <summary>
+        /// Extension method on Program.cs
+        /// </summary>
+        /// <param name="services"></param>
+        /// <param name="configuration"></param>
+        /// <returns></returns>
+        public static IServiceCollection ConfigureServiceDefaults(this IServiceCollection services)
+        {
+            //Defaults
+            services.AddMvc();
+            services.AddControllersWithViews();
+            services.AddHealthChecks().AddCheck<HealthCheck>("authentication_ui_health_check");
+
+            return services;
+        }
+        /// <summary>
+        /// Extension method on Program.cs
+        /// </summary>
+        /// <param name="services"></param>
+        /// <param name="configuration"></param>
+        /// <returns></returns>
+        public static IServiceCollection ConfigureAppSettings(this IServiceCollection services, IConfiguration configuration)
+        {
+            //App Configuration
+            services.Configure<PlatformSettings>(configuration.GetSection("PlatformSettings"));
+            PlatformSettings? platformSettings = configuration.GetSection("PlatformSettings").Get<PlatformSettings>();
+
+            services.Configure<GeneralSettings>(configuration.GetSection("GeneralSettings"));
+
+            services.AddSingleton(configuration);
+
+            return services;
+        }
+
+        /// <summary>
+        /// Extension method for Program
+        /// </summary>
+        /// <param name="services"></param>
+        /// <param name="configuration"></param>
+        /// <param name="builder"></param>
+        /// <returns></returns>
+        public static IServiceCollection ConfigureAuthenticationAndSecurity(this IServiceCollection services, WebApplicationBuilder builder)
+        {
+            //Authentication and Security
+            services.ConfigureDataProtection();
+            services.AddTransient<ISigningCredentialsResolver, SigningCredentialsResolver>();
+            services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
+            services.TryAddSingleton<ValidateAntiforgeryTokenIfAuthCookieAuthorizationFilter>();
+            services.AddAuthentication(JwtCookieDefaults.AuthenticationScheme)
+                .AddJwtCookie(JwtCookieDefaults.AuthenticationScheme, configureOptions: options =>
+                {
+                    options.JwtCookieName = "AltinnStudioRuntime";
+                    options.MetadataAddress = "http://localhost:5101/authentication/api/v1/openid/";
+
+                    options.TokenValidationParameters = new TokenValidationParameters
+                    {
+                        ValidateIssuerSigningKey = true,
+                        ValidateIssuer = false,
+                        ValidateAudience = false,
+                        RequireExpirationTime = true,
+                        ValidateLifetime = true,
+                        ClockSkew = TimeSpan.Zero
+                    };
+
+                    if (builder.Environment.IsDevelopment())
+                    {
+                        options.RequireHttpsMetadata = false;
+                    }
+                });
+
+            services.AddAntiforgery(options =>
+            {
+                // asp .net core expects two types of tokens: One that is attached to the request as header, and the other one as cookie.
+                // The values of the tokens are not the same and both need to be present and valid in a "unsafe" request.
+
+                // We use this for OIDC state validation. See authentication controller. 
+                // https://learn.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-6.0
+                // https://github.com/axios/axios/blob/master/lib/defaults.js
+                options.Cookie.Name = "AS-XSRF-TOKEN";
+                options.Cookie.SameSite = SameSiteMode.Lax;
+                options.HeaderName = "X-XSRF-TOKEN";
+            });
+
+            return services;
+        }
+
+        /// <summary>
+        /// Adds Clients for Integration to the Authentication Component for AuthenticationClient, UserProfileClient, PartyClient, SystemUserClient and SystemRegisterClient
+        /// </summary>
+        /// <param name="services"></param>
+        /// <param name="configuration"></param>
+        /// <returns></returns>
+        public static IServiceCollection AddIntegrationLayer(this IServiceCollection services)
+        {
+            //Clients in the Integration layer for the login user and auth logic
+            //services.AddHttpClient<IAuthenticationClient, AuthenticationClientMock>();
+            services.AddHttpClient<IAuthenticationClient, AuthenticationClient>();
+            services.AddSingleton<IUserProfileClient, UserProfileClientMock>();
+            services.AddSingleton<IPartyClient, PartyClientMock>();
+
+            //Clients for the actual Features' Services
+            services.AddSingleton<ISystemUserClient, SystemUserClientMock>();
+            services.AddSingleton<ISystemRegisterClient, SystemRegisterClientMock>();
+
+            return services;
+        }
+
+        /// <summary>
+        /// Adds UserProfileService, PartyService, SystemUserService and SystemRegisterService to the DI
+        /// </summary>
+        /// <param name="services"></param>
+        /// <param name="configuration"></param>
+        /// <returns></returns>
+        public static IServiceCollection AddCoreServices(this IServiceCollection services)
+        {
+            //Services for the login user and auth logic
+            services.AddSingleton<IUserProfileService, UserProfileService>();
+            services.AddSingleton<IPartyService, PartyService>();
+
+            //Altinn actual Features' Services        
+            services.AddSingleton<ISystemUserService, SystemUserService>();
+            services.AddSingleton<ISystemRegisterService, SystemRegisterService>();
+
+            return services;
+        }
+
+        /// <summary>
+        /// Extension method on Program app builder
+        /// </summary>
+        /// <param name="services"></param>
+        /// <param name="configuration"></param>
+        /// <returns></returns>
+        public static IServiceCollection ConfigureDevelopmentAndTestingServices(this IServiceCollection services)
+        {
+            //Debug and Development
+            services.AddSwaggerGen(c =>
+            {
+                var xmlDocumentationFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
+                var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlDocumentationFile);
+                c.IncludeXmlComments(xmlPath);
+            });
+
+            return services;    
+        }
+    }
+}