From d6908ae2360f11025469eb59f2131de7b808c95c Mon Sep 17 00:00:00 2001 From: CDR-AakashJ Date: Mon, 8 Dec 2025 07:45:38 +1100 Subject: [PATCH] v3.0.4 release (#28) Co-authored-by: CDR Open Source --- .azuredevops/pipelines/build-dr-func.yml | 5 +- CHANGELOG.md | 18 +- Help/container/HELP.md | 111 ++-- README.md | 18 + .../CdrAuthServer.API.Logger.csproj | 40 +- .../CdrAuthServer.Domain.csproj | 30 +- .../CdrAuthServer.E2ETests.csproj | 153 ++--- ....GetDataRecipients.IntegrationTests.csproj | 102 ++-- .../CdrAuthServer.GetDataRecipients.csproj | 41 +- .../GetDataRecipientsFunction.cs | 8 +- .../CdrAuthServer.Infrastructure.csproj | 45 +- .../Extensions/CertificateExtensions.cs | 33 +- .../CdrAuthServer.IntegrationTests.csproj | 178 +++--- .../CdrAuthServer.Repository.csproj | 37 +- .../CdrAuthServer.TLS.Gateway.csproj | 86 +-- Source/CdrAuthServer.UI/package-lock.json | 565 +++++++++++++----- .../CdrAuthServer.UnitTests.csproj | 46 +- .../CdrAuthServer.mTLS.Gateway.csproj | 112 ++-- Source/CdrAuthServer.sln | 6 + Source/CdrAuthServer/CdrAuthServer.csproj | 61 +- .../Configuration/OpenTelemetryKeys.cs | 45 ++ .../OpenTelemetryConfigurationExtensions.cs | 43 ++ Source/CdrAuthServer/Program.cs | 3 +- Source/CdrAuthServer/Services/TokenService.cs | 11 +- .../Validation/ClientRegistrationValidator.cs | 62 +- .../Validation/ValidateMtlsAttribute.cs | 33 +- Source/Directory.Build.props | 2 +- Source/Directory.Packages.props | 74 +++ Source/Dockerfile | 1 + Source/Dockerfile.standalone | 1 + 30 files changed, 1223 insertions(+), 747 deletions(-) create mode 100644 Source/CdrAuthServer/Configuration/OpenTelemetryKeys.cs create mode 100644 Source/CdrAuthServer/Extensions/OpenTelemetryConfigurationExtensions.cs create mode 100644 Source/Directory.Packages.props diff --git a/.azuredevops/pipelines/build-dr-func.yml b/.azuredevops/pipelines/build-dr-func.yml index 2b95f04..6a056ee 100644 --- a/.azuredevops/pipelines/build-dr-func.yml +++ b/.azuredevops/pipelines/build-dr-func.yml @@ -3,8 +3,11 @@ trigger: - main - releases/* +variables: + - group: PT-Pipeline-Common + pool: - vmImage: windows-latest + vmImage: $(Pipeline_Host_Image) steps: - task: UseDotNet@2 diff --git a/CHANGELOG.md b/CHANGELOG.md index 62e56b9..339c8ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,9 +3,25 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - ## [Unreleased] +## [3.0.4] - 2025-12-10 +### Changed +- Update to Central Package Management (CPM) + +## [3.0.3] - 2025-12-03 +### Changed +- Updated NuGet packages to address vulnerabilities + +## [3.0.2] - 2025-10-15 +### Changed +- Added ability to handle multiple Issuing Certificate Authorities when checking certificate revocation status +### Added +- Enabled OpenTelemetry as a logging destination + +### Fixed +- Ocsp Responder Url retrieval can now parse a larger range of Certificate Authority Info Access structures + ## [3.0.1] - 2025-06-19 ### Changed diff --git a/Help/container/HELP.md b/Help/container/HELP.md index 9dd2fcf..4aaf86c 100644 --- a/Help/container/HELP.md +++ b/Help/container/HELP.md @@ -1,50 +1,67 @@ -

Use the pre-built image for this solution

- -
-

1. Pull the latest image from Docker Hub

- - - docker pull consumerdataright/authorisation-server - - -
-

2. Run the Authorisation Server container

- - - docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest - docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server consumerdataright/authorisation-server
-

- Please note - This docker compose file utilises the Microsoft SQL Server Image from Docker Hub.
- The Microsoft EULA for the Microsoft SQL Server Image must be accepted to continue.
- See the Microsoft SQL Server Image on Docker Hub for more information.
- Using the above command from a MS Windows command prompt will run the database.
- - -
- - - How to build your own image instead of downloading it from docker hub.
- navigate to .\authorisation-server\Source
- open a command prompt and execute the following;
- docker build -f Dockerfile.standalone -t authorisation-server .
- Please note - By default, the container above will be using a MS SQL database container, using this command from a MS Windows command prompt will run the database,
- docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest - docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server authorisation-server

- - - - You can connect to the MS SQL database container from MS Sql Server Management Studio (SSMS) using - the following settings;
- Server type: Database Engine
- Server name: localhost
- Authentication: SQL Server Authentication
- Login: sa
- Password: Pa{}w0rd2019
- -
+## Use the pre-built image for this solution + +1. Pull the latest [consumerdataright/authorisation-server](https://hub.docker.com/r/consumerdataright/authorisation-server) image from Docker Hub. + ```shell + docker pull consumerdataright/authorisation-server + ``` + +2. Start the MSSQL server by executing the following command + > *The instructions below include starting an instance of the Microsoft SQL Server. This includes an EULA which the following command accepts. Please refer to the documentation for the [mssql/server](https://hub.docker.com/r/microsoft/mssql-server/#environment-variables) image for more details.* + ```shell + docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest + ``` + +3. Run the Authorisation Server (from image) + ```shell + # run the authorisation server + docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server consumerdataright/authorisation-server + ``` + +## Build your own image for this solution +To build your own image instead of using a pre-built one from Docker Hub +1. Open a command prompt with the working directory set to the [Source](../../Source/) folder under this repository on your local file system +2. Build the image by executing the following command + ```shell + docker build -f Dockerfile.standalone -t authorisation-server . + ``` +3. Start the MSSQL server by executing the following command + > *The instructions below include starting an instance of the Microsoft SQL Server. This includes an EULA which the following command accepts. Please refer to the documentation for the [mssql/server](https://hub.docker.com/r/microsoft/mssql-server/#environment-variables) image for more details.* + ```shell + docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest + ``` +4. Start the Authorisation Server by executing the following command + ```shell + docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server authorisation-server + ``` + +## Connecting to the database +> Both approaches leverage a MS SQL database for storage. In the examples below we use [MS SQL Server Management Studio (SMSS)](https://learn.microsoft.com/en-us/ssms/), but the approach should be similar for other tooling. + +You will need the following authentication details: +| | | +| -- | -- | +| Server type | Database Engine | +| Server name | localhost | +| Authentication | SQL Server Authentication | +| Login | `sa` | +| Password | `Pa{}w0rd2019` | + +Should you opt to use another tool, then the following would be useful + +| | | +| -- | -- | +| Connection String | `Server=localhost;Database=cdr-auth-server;User Id='SA';Password='Pa{}w0rd2019';MultipleActiveResultSets=True;TrustServerCertificate=True;Encrypt=False` | + + +> If the below error occurs whilst trying to connect to the MS SQL container, the SQL Server Service MUST BE STOPPED, you can do this from SQL Server Manager [SSMS Login Error](./images/ssms-login-error.png) -

- (NB: if the above error occurs whilst trying to connect to the MS SQL container, the SQL Server Service MUST BE STOPPED, you can do this from SQL Server Manager) -

\ No newline at end of file +## Logging +Once you have connected to the `cdr-auth-server` database above you can view the various database tables that contain logs or view the console output using the following command. + + ```shell + docker logs authorisation-server + ``` + +Optionally, logging to OpenTelemetry compatible destinations is also supported by modifying the `docker run` commands to supply additional environment variables. Additional guidance can be found in the [readme](../../README.md#logging) file. \ No newline at end of file diff --git a/README.md b/README.md index abb022a..839e2a4 100644 --- a/README.md +++ b/README.md @@ -232,6 +232,24 @@ The information below lists the customisation required for each endpoint: # Testing Automated tests have been created as part of this solution. See the [Test Automation Execution Guide](./Help/testing/HELP.md) documentation for more information. +# Logging +By default the application logs to console as well as into tables within the application database. + +However, OpenTelemetry can be configured by setting the [environment variables](https://opentelemetry.io/docs/specs/otel/protocol/exporter/#configuration-options) appropriately. + +> The example below uses [Seq](https://datalust.co/seq) for simplicity, we do not endorse any particular product. Choose an [OpenTelemetry vendor](https://opentelemetry.io/ecosystem/vendors/) is suitable for your needs. + +For example, you may set up a local OTLP ingestion endpoint +`docker run -e ACCEPT_EULA=Y --rm -p 4318:80 5341:5341 datalust/seq` +and then set the following + +| Environment variable | Value | +| --- | --- | +| `OTEL_EXPORTER_OTLP_ENDPOINT` | `http://localhost:5341/ingest/otlp` | +| `OTEL_EXPORTER_OTLP_PROTOCOL` | `http/protobuf` | + +After which you should be able to [view telemetry](http://localhost:4318/). + # Contribute We encourage contributions from the community. See our [contributing guidelines](./CONTRIBUTING.md). diff --git a/Source/CdrAuthServer.API.Logger/CdrAuthServer.API.Logger.csproj b/Source/CdrAuthServer.API.Logger/CdrAuthServer.API.Logger.csproj index b81b8f0..0f863aa 100644 --- a/Source/CdrAuthServer.API.Logger/CdrAuthServer.API.Logger.csproj +++ b/Source/CdrAuthServer.API.Logger/CdrAuthServer.API.Logger.csproj @@ -1,33 +1,27 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) enable enable - True + True - - - - - - - - - + + + + + true + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + all runtime; build; native; contentfiles; analyzers; buildtransitive - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - - - + \ No newline at end of file diff --git a/Source/CdrAuthServer.Domain/CdrAuthServer.Domain.csproj b/Source/CdrAuthServer.Domain/CdrAuthServer.Domain.csproj index fe2de7a..85c687d 100644 --- a/Source/CdrAuthServer.Domain/CdrAuthServer.Domain.csproj +++ b/Source/CdrAuthServer.Domain/CdrAuthServer.Domain.csproj @@ -1,27 +1,13 @@  - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) - enable - enable + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) + enable + enable - - - - - - - - - - - - - - + - - + \ No newline at end of file diff --git a/Source/CdrAuthServer.E2ETests/CdrAuthServer.E2ETests.csproj b/Source/CdrAuthServer.E2ETests/CdrAuthServer.E2ETests.csproj index 1e826cf..021dd91 100644 --- a/Source/CdrAuthServer.E2ETests/CdrAuthServer.E2ETests.csproj +++ b/Source/CdrAuthServer.E2ETests/CdrAuthServer.E2ETests.csproj @@ -1,77 +1,80 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) - false - Debug;Release;Shared - enable - enable - True - - - - Always - - - Always - - - Always - - - - - - - - - - - - - - - - - - - - - - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - runtime; build; native; contentfiles; analyzers; buildtransitive - all - - - runtime; build; native; contentfiles; analyzers; buildtransitive - all - - - - - - Always - - - Always - - - Always - - - Always - - - + + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) + false + Debug;Release;Shared + enable + enable + True + + + + Always + + + Always + + + Always + + + + + + + + + + + + + + + + + + true + + + true + + + true + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + + + + + Always + + + Always + + + Always + + + Always + + \ No newline at end of file diff --git a/Source/CdrAuthServer.GetDataRecipients.IntegrationTests/CdrAuthServer.GetDataRecipients.IntegrationTests.csproj b/Source/CdrAuthServer.GetDataRecipients.IntegrationTests/CdrAuthServer.GetDataRecipients.IntegrationTests.csproj index 3fd8263..5351b2c 100644 --- a/Source/CdrAuthServer.GetDataRecipients.IntegrationTests/CdrAuthServer.GetDataRecipients.IntegrationTests.csproj +++ b/Source/CdrAuthServer.GetDataRecipients.IntegrationTests/CdrAuthServer.GetDataRecipients.IntegrationTests.csproj @@ -1,59 +1,47 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) - false - True - - - - Always - - - Always - - - Always - - - - - - - - - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - - runtime; build; native; contentfiles; analyzers; buildtransitive - all - - - runtime; build; native; contentfiles; analyzers; buildtransitive - all - - - - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - - runtime; build; native; contentfiles; analyzers; buildtransitive - all - - - + + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) + false + True + + + + Always + + + Always + + + Always + + + + + + + + + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + \ No newline at end of file diff --git a/Source/CdrAuthServer.GetDataRecipients/CdrAuthServer.GetDataRecipients.csproj b/Source/CdrAuthServer.GetDataRecipients/CdrAuthServer.GetDataRecipients.csproj index 52bc73c..bef92ac 100644 --- a/Source/CdrAuthServer.GetDataRecipients/CdrAuthServer.GetDataRecipients.csproj +++ b/Source/CdrAuthServer.GetDataRecipients/CdrAuthServer.GetDataRecipients.csproj @@ -1,15 +1,15 @@  - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) v4 - <_FunctionsSkipCleanOutput>true - Exe - /home/site/wwwroot - Linux - True + <_FunctionsSkipCleanOutput>true + Exe + /home/site/wwwroot + Linux + True @@ -20,22 +20,23 @@ - - - - - - - - + + + true + + + + + + + all runtime; build; native; contentfiles; analyzers; buildtransitive - + all runtime; build; native; contentfiles; analyzers; buildtransitive - @@ -58,4 +59,4 @@ - + \ No newline at end of file diff --git a/Source/CdrAuthServer.GetDataRecipients/GetDataRecipientsFunction.cs b/Source/CdrAuthServer.GetDataRecipients/GetDataRecipientsFunction.cs index 4af8366..4b5da93 100644 --- a/Source/CdrAuthServer.GetDataRecipients/GetDataRecipientsFunction.cs +++ b/Source/CdrAuthServer.GetDataRecipients/GetDataRecipientsFunction.cs @@ -93,7 +93,7 @@ private static X509Certificate2 LoadCertificates(ILogger log, string cert, strin { log.LogInformation("Loading the certificate..."); byte[] certBytes = Convert.FromBase64String(cert); - X509Certificate2 certificate = new (certBytes, certPwd, X509KeyStorageFlags.MachineKeySet); + X509Certificate2 certificate = new(certBytes, certPwd, X509KeyStorageFlags.MachineKeySet); return certificate; } @@ -161,7 +161,7 @@ private static X509Certificate2 LoadCertificates(ILogger log, string cert, strin /// Get the list of Data Recipients from the Register. /// /// Raw data. - private async Task<(string, System.Net.HttpStatusCode)> GetDataRecipients( + private async Task<(string Data, System.Net.HttpStatusCode StatusCode)> GetDataRecipients( string dataRecipientsEndpoint, string accessToken, X509Certificate2 clientCertificate, @@ -236,7 +236,7 @@ private static async Task InsertDBLog(string dbConnString, string msg, string lv if (exMsg != null) { Exception innerException = exMsg; - StringBuilder innerMsg = new (); + StringBuilder innerMsg = new(); int ctr = 0; do @@ -277,7 +277,7 @@ private static async Task InsertDBLog(string dbConnString, string msg, string lv exMessage = exMessage.Replace("'", string.Empty); } - using SqlConnection db = new (dbConnString); + using SqlConnection db = new(dbConnString); await db.OpenAsync(); var cmdText = string.Empty; diff --git a/Source/CdrAuthServer.Infrastructure/CdrAuthServer.Infrastructure.csproj b/Source/CdrAuthServer.Infrastructure/CdrAuthServer.Infrastructure.csproj index 3a9eab2..fbaa85e 100644 --- a/Source/CdrAuthServer.Infrastructure/CdrAuthServer.Infrastructure.csproj +++ b/Source/CdrAuthServer.Infrastructure/CdrAuthServer.Infrastructure.csproj @@ -1,41 +1,30 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) enable enable - True + True - - - - - - - - + + + all runtime; build; native; contentfiles; analyzers; buildtransitive - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - - - - - - + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + + + - - - + \ No newline at end of file diff --git a/Source/CdrAuthServer.Infrastructure/Extensions/CertificateExtensions.cs b/Source/CdrAuthServer.Infrastructure/Extensions/CertificateExtensions.cs index 0b8f825..3655aab 100644 --- a/Source/CdrAuthServer.Infrastructure/Extensions/CertificateExtensions.cs +++ b/Source/CdrAuthServer.Infrastructure/Extensions/CertificateExtensions.cs @@ -1,5 +1,8 @@ -using CdrAuthServer.Infrastructure.Exceptions; +using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; +using CdrAuthServer.Infrastructure.Exceptions; +using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.Logging; namespace CdrAuthServer.Infrastructure.Extensions { @@ -7,22 +10,32 @@ public static class CertificateExtensions { public static string GetOCSPUrlFromCertificate(this X509Certificate2 certificate) { - X509Extension? ocspExtension = certificate.Extensions["1.3.6.1.5.5.7.1.1"]; // AuthorityInfoAccess + X509Extension? aiaExtension = certificate.Extensions["1.3.6.1.5.5.7.1.1"]; // AuthorityInfoAccess - if (ocspExtension == null) + if (aiaExtension == null) { throw new ClientCertificateException("Unable to validate certificate - Missing Authority Information Access"); } - // Extract the OCSP responder URL from the extension data - // Assuming the extensionData contains the URL as a string - string extensionData = System.Text.Encoding.ASCII.GetString(ocspExtension.RawData); - string ocspResponderUrl = string.Empty; - if (extensionData.Contains("http")) + + var aiaData = new AsnEncodedData(aiaExtension.Oid, aiaExtension.RawData); + string aiaString = aiaData.Format(true); + + // Look for the OCSP URL in the AuthorityInfoAccess string + string[] lines = aiaString.Split(new[] { '\r', '\n' }, StringSplitOptions.RemoveEmptyEntries); + foreach (string line in lines) { - int idx = extensionData.IndexOf("http"); - ocspResponderUrl = extensionData.Substring(idx); + string lineLower = line.ToLower(); + if (lineLower.Contains("ocsp")) + { + int urlStartIndex = lineLower.IndexOf("http"); + if (urlStartIndex >= 0) + { + ocspResponderUrl = lineLower.Substring(urlStartIndex).Trim(); + break; + } + } } if (ocspResponderUrl == string.Empty) diff --git a/Source/CdrAuthServer.IntegrationTests/CdrAuthServer.IntegrationTests.csproj b/Source/CdrAuthServer.IntegrationTests/CdrAuthServer.IntegrationTests.csproj index f509ed5..da9572a 100644 --- a/Source/CdrAuthServer.IntegrationTests/CdrAuthServer.IntegrationTests.csproj +++ b/Source/CdrAuthServer.IntegrationTests/CdrAuthServer.IntegrationTests.csproj @@ -1,91 +1,91 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) - false - Debug;Release;Shared - enable - enable - true - True - - - - Always - - - Always - - - Always - - - - - - - - - - - - - - - - - - - - - - - - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - runtime; build; native; contentfiles; analyzers; buildtransitive - all - - - runtime; build; native; contentfiles; analyzers; buildtransitive - all - - - - - - - - - - - Always - - - Always - - - Always - - - Always - - - Always - - - Always - - - + + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) + false + Debug;Release;Shared + enable + enable + true + True + + + + Always + + + Always + + + Always + + + + + + + + + + + + + + + + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + + + true + + + true + + + true + + + + + + + + + Always + + + Always + + + Always + + + Always + + + Always + + + Always + + \ No newline at end of file diff --git a/Source/CdrAuthServer.Repository/CdrAuthServer.Repository.csproj b/Source/CdrAuthServer.Repository/CdrAuthServer.Repository.csproj index 2abcbdc..f3c9f3c 100644 --- a/Source/CdrAuthServer.Repository/CdrAuthServer.Repository.csproj +++ b/Source/CdrAuthServer.Repository/CdrAuthServer.Repository.csproj @@ -1,45 +1,38 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) enable enable - True + True - - - - + + + all runtime; build; native; contentfiles; analyzers; buildtransitive + true - - + + all runtime; build; native; contentfiles; analyzers; buildtransitive + true - - - - - - + all runtime; build; native; contentfiles; analyzers; buildtransitive - + all runtime; build; native; contentfiles; analyzers; buildtransitive - - - + \ No newline at end of file diff --git a/Source/CdrAuthServer.TLS.Gateway/CdrAuthServer.TLS.Gateway.csproj b/Source/CdrAuthServer.TLS.Gateway/CdrAuthServer.TLS.Gateway.csproj index 0e5577b..a1538e5 100644 --- a/Source/CdrAuthServer.TLS.Gateway/CdrAuthServer.TLS.Gateway.csproj +++ b/Source/CdrAuthServer.TLS.Gateway/CdrAuthServer.TLS.Gateway.csproj @@ -1,48 +1,54 @@  + + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) + enable + enable + True + + + + + + + Always + + + + + - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) - enable - enable - True - - - - - - - - - Always - - - - - - - - - - - - - - - - + + true + + + true + + + true + + + true + + + true + + + true + + + all runtime; build; native; contentfiles; analyzers; buildtransitive - + all runtime; build; native; contentfiles; analyzers; buildtransitive - - - - - - + + + + + \ No newline at end of file diff --git a/Source/CdrAuthServer.UI/package-lock.json b/Source/CdrAuthServer.UI/package-lock.json index 1361c79..a6ff569 100644 --- a/Source/CdrAuthServer.UI/package-lock.json +++ b/Source/CdrAuthServer.UI/package-lock.json @@ -4842,19 +4842,18 @@ } }, "node_modules/@pmmmwh/react-refresh-webpack-plugin": { - "version": "0.5.11", - "resolved": "https://registry.npmjs.org/@pmmmwh/react-refresh-webpack-plugin/-/react-refresh-webpack-plugin-0.5.11.tgz", - "integrity": "sha512-7j/6vdTym0+qZ6u4XbSAxrWBGYSdCfTzySkj7WAFgDLmSyWlOrWvpyzxlFh5jtw9dn0oL/jtW+06XfFiisN3JQ==", + "version": "0.5.17", + "resolved": "https://registry.npmjs.org/@pmmmwh/react-refresh-webpack-plugin/-/react-refresh-webpack-plugin-0.5.17.tgz", + "integrity": "sha512-tXDyE1/jzFsHXjhRZQ3hMl0IVhYe5qula43LDWIhVfjp9G/nT5OQY5AORVOrkEGAUltBJOfOWeETbmhm6kHhuQ==", "dev": true, + "license": "MIT", "dependencies": { - "ansi-html-community": "^0.0.8", - "common-path-prefix": "^3.0.0", + "ansi-html": "^0.0.9", "core-js-pure": "^3.23.3", "error-stack-parser": "^2.0.6", - "find-up": "^5.0.0", "html-entities": "^2.1.0", "loader-utils": "^2.0.4", - "schema-utils": "^3.0.0", + "schema-utils": "^4.2.0", "source-map": "^0.7.3" }, "engines": { @@ -4866,7 +4865,7 @@ "sockjs-client": "^1.4.0", "type-fest": ">=0.17.0 <5.0.0", "webpack": ">=4.43.0 <6.0.0", - "webpack-dev-server": "3.x || 4.x", + "webpack-dev-server": "3.x || 4.x || 5.x", "webpack-hot-middleware": "2.x", "webpack-plugin-serve": "0.x || 1.x" }, @@ -4891,6 +4890,63 @@ } } }, + "node_modules/@pmmmwh/react-refresh-webpack-plugin/node_modules/ajv": { + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz", + "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", + "dev": true, + "license": "MIT", + "dependencies": { + "fast-deep-equal": "^3.1.3", + "fast-uri": "^3.0.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, + "node_modules/@pmmmwh/react-refresh-webpack-plugin/node_modules/ajv-keywords": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-5.1.0.tgz", + "integrity": "sha512-YCS/JNFAUyr5vAuhk1DWm1CBxRHW9LbJ2ozWeemrIqpbsqKjHVxYPyi5GC0rjZIT5JxJ3virVTS8wk4i/Z+krw==", + "dev": true, + "license": "MIT", + "dependencies": { + "fast-deep-equal": "^3.1.3" + }, + "peerDependencies": { + "ajv": "^8.8.2" + } + }, + "node_modules/@pmmmwh/react-refresh-webpack-plugin/node_modules/json-schema-traverse": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", + "dev": true, + "license": "MIT" + }, + "node_modules/@pmmmwh/react-refresh-webpack-plugin/node_modules/schema-utils": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.2.tgz", + "integrity": "sha512-Gn/JaSk/Mt9gYubxTtSn/QCV4em9mpAPiR1rqy/Ocu19u/G9J5WWdNoUT4SiV6mFC3y6cxyFcFwdzPM3FgxGAQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@types/json-schema": "^7.0.9", + "ajv": "^8.9.0", + "ajv-formats": "^2.1.1", + "ajv-keywords": "^5.1.0" + }, + "engines": { + "node": ">= 10.13.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/webpack" + } + }, "node_modules/@popperjs/core": { "version": "2.11.8", "resolved": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.8.tgz", @@ -6456,6 +6512,19 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/ansi-html": { + "version": "0.0.9", + "resolved": "https://registry.npmjs.org/ansi-html/-/ansi-html-0.0.9.tgz", + "integrity": "sha512-ozbS3LuenHVxNRh/wdnN16QapUHzauqSomAl1jwwJRRsGwFwtj644lIhxfWu0Fy0acCij2+AEgHvjscq3dlVXg==", + "dev": true, + "engines": [ + "node >= 0.8.0" + ], + "license": "Apache-2.0", + "bin": { + "ansi-html": "bin/ansi-html" + } + }, "node_modules/ansi-html-community": { "version": "0.0.8", "resolved": "https://registry.npmjs.org/ansi-html-community/-/ansi-html-community-0.0.8.tgz", @@ -6783,10 +6852,14 @@ } }, "node_modules/available-typed-arrays": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz", - "integrity": "sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw==", + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz", + "integrity": "sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==", "dev": true, + "license": "MIT", + "dependencies": { + "possible-typed-array-names": "^1.0.0" + }, "engines": { "node": ">= 0.4" }, @@ -7238,15 +7311,6 @@ "npm": "1.2.8000 || >= 1.4.16" } }, - "node_modules/body-parser/node_modules/bytes": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", - "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==", - "dev": true, - "engines": { - "node": ">= 0.8" - } - }, "node_modules/body-parser/node_modules/debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", @@ -7291,10 +7355,11 @@ "dev": true }, "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", "dev": true, + "license": "MIT", "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -7484,25 +7549,57 @@ } }, "node_modules/bytes": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz", - "integrity": "sha512-pMhOfFDPiv9t5jjIXkHosWmkSyQbvsgEVNkz0ERHbuLh2T/7j4Mqqpz523Fe8MVY89KC6Sh/QfS2sM+SjgFDcw==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", + "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==", "dev": true, + "license": "MIT", "engines": { "node": ">= 0.8" } }, "node_modules/call-bind": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", - "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.8.tgz", + "integrity": "sha512-oKlSFMcMwpUg2ednkhQ454wfWiU/ul3CkJe/PEHcTKuiX6RpbehUiFMXu13HalGZxfUwCQzZG747YXBn1im9ww==", "dev": true, + "license": "MIT", "dependencies": { + "call-bind-apply-helpers": "^1.0.0", "es-define-property": "^1.0.0", - "es-errors": "^1.3.0", - "function-bind": "^1.1.2", "get-intrinsic": "^1.2.4", - "set-function-length": "^1.2.1" + "set-function-length": "^1.2.2" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/call-bound": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz", + "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==", + "dev": true, + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "get-intrinsic": "^1.3.0" }, "engines": { "node": ">= 0.4" @@ -7692,13 +7789,17 @@ } }, "node_modules/cipher-base": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/cipher-base/-/cipher-base-1.0.4.tgz", - "integrity": "sha512-Kkht5ye6ZGmwv40uUDZztayT2ThLQGfnj/T71N/XzeZeo3nf8foyW7zGTsPYkEya3m5f3cAypH+qe7YOrM1U2Q==", + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/cipher-base/-/cipher-base-1.0.6.tgz", + "integrity": "sha512-3Ek9H3X6pj5TgenXYtNWdaBon1tgYCaebd+XPg0keyjEbEfkD4KkmAxkQ/i1vYvxdcT5nscLBfq9VJRmCBcFSw==", "dev": true, + "license": "MIT", "dependencies": { - "inherits": "^2.0.1", - "safe-buffer": "^5.0.1" + "inherits": "^2.0.4", + "safe-buffer": "^5.2.1" + }, + "engines": { + "node": ">= 0.10" } }, "node_modules/cjs-module-lexer": { @@ -7848,12 +7949,6 @@ "node": ">= 12" } }, - "node_modules/common-path-prefix": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/common-path-prefix/-/common-path-prefix-3.0.0.tgz", - "integrity": "sha512-QE33hToZseCH3jS0qN96O/bSh3kaw/h+Tq7ngyY9eWDUnTlTNUyqfqvCXioLe5Na5jFsL78ra/wuBU4iuEgd4w==", - "dev": true - }, "node_modules/common-tags": { "version": "1.8.2", "resolved": "https://registry.npmjs.org/common-tags/-/common-tags-1.8.2.tgz", @@ -7882,17 +7977,18 @@ } }, "node_modules/compression": { - "version": "1.7.4", - "resolved": "https://registry.npmjs.org/compression/-/compression-1.7.4.tgz", - "integrity": "sha512-jaSIDzP9pZVS4ZfQ+TzvtiWhdpFhE2RDHz8QJkpX9SIpLq88VueF5jJw6t+6CUQcAoA6t+x89MLrWAqpfDE8iQ==", + "version": "1.8.1", + "resolved": "https://registry.npmjs.org/compression/-/compression-1.8.1.tgz", + "integrity": "sha512-9mAqGPHLakhCLeNyxPkK4xVo746zQ/czLH1Ky+vkitMnWfWZps8r0qXuwhwizagCRttsL4lfG4pIOvaWLpAP0w==", "dev": true, + "license": "MIT", "dependencies": { - "accepts": "~1.3.5", - "bytes": "3.0.0", - "compressible": "~2.0.16", + "bytes": "3.1.2", + "compressible": "~2.0.18", "debug": "2.6.9", - "on-headers": "~1.0.2", - "safe-buffer": "5.1.2", + "negotiator": "~0.6.4", + "on-headers": "~1.1.0", + "safe-buffer": "5.2.1", "vary": "~1.1.2" }, "engines": { @@ -7914,11 +8010,15 @@ "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", "dev": true }, - "node_modules/compression/node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true + "node_modules/compression/node_modules/negotiator": { + "version": "0.6.4", + "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.4.tgz", + "integrity": "sha512-myRT3DiWPHqho5PrJaIRyaMv2kgYf0mUVgBNOYMuCH5Ki1yEiQaf/ZJuQ62nvpc44wL5WDbTX7yGJi1Neevw8w==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.6" + } }, "node_modules/concat-map": { "version": "0.0.1", @@ -9052,6 +9152,21 @@ "integrity": "sha512-YXQl1DSa4/PQyRfgrv6aoNjhasp/p4qs9FjJ4q4cQk+8m4r6k4ZSiEyytKG8f8W9gi8WsQtIObNmKd+tMzNTmA==", "dev": true }, + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "dev": true, + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/duplexer": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/duplexer/-/duplexer-0.1.2.tgz", @@ -9255,13 +9370,11 @@ "dev": true }, "node_modules/es-define-property": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", - "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", "dev": true, - "dependencies": { - "get-intrinsic": "^1.2.4" - }, + "license": "MIT", "engines": { "node": ">= 0.4" } @@ -9303,15 +9416,30 @@ "integrity": "sha512-cXLGjP0c4T3flZJKQSuziYoq7MlT+rnvfZjfp7h+I7K9BNX54kP9nyWvdbwjQ4u1iWbOL4u96fgeZLToQlZC7w==", "dev": true }, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/es-set-tostringtag": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.0.2.tgz", - "integrity": "sha512-BuDyupZt65P9D2D2vA/zqcI3G5xRsklm5N3xCwuiy+/vKy8i0ifdsQP1sLgO4tZDSCaQUSnmC48khknGMV3D2Q==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", "dev": true, + "license": "MIT", "dependencies": { - "get-intrinsic": "^1.2.2", - "has-tostringtag": "^1.0.0", - "hasown": "^2.0.0" + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" }, "engines": { "node": ">= 0.4" @@ -10281,6 +10409,23 @@ "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==", "dev": true }, + "node_modules/fast-uri": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz", + "integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/fastify" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/fastify" + } + ], + "license": "BSD-3-Clause" + }, "node_modules/fastq": { "version": "1.16.0", "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.16.0.tgz", @@ -10353,10 +10498,11 @@ } }, "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", "dev": true, + "license": "MIT", "dependencies": { "balanced-match": "^1.0.0" } @@ -10510,12 +10656,19 @@ } }, "node_modules/for-each": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.3.tgz", - "integrity": "sha512-jqYfLp7mo9vIyQf8ykW2v7A+2N4QjeCeI5+Dz9XraiO1ign81wjiH7Fb9vSOWvQfNtmSa4H2RoQTrrXivdUZmw==", + "version": "0.3.5", + "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.5.tgz", + "integrity": "sha512-dKx12eRCVIzqCxFGplyFKJMPvLEWgmNtUrpTiJIR5u97zEhRG8ySrtboPHZXx7daLxQVrl643cTzbab2tkQjxg==", "dev": true, + "license": "MIT", "dependencies": { - "is-callable": "^1.1.3" + "is-callable": "^1.2.7" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, "node_modules/foreground-child": { @@ -10747,14 +10900,17 @@ "dev": true }, "node_modules/form-data": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz", - "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==", + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.4.tgz", + "integrity": "sha512-f0cRzm6dkyVYV3nPoooP8XlccPQukegwhAnpoLcXy+X+A8KfpGOoXwDr9FLZd3wzgLaBGQBE3lY93Zm/i1JvIQ==", "dev": true, + "license": "MIT", "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.35" }, "engines": { "node": ">= 6" @@ -10886,16 +11042,22 @@ } }, "node_modules/get-intrinsic": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", - "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", "dev": true, + "license": "MIT", "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", "function-bind": "^1.1.2", - "has-proto": "^1.0.1", - "has-symbols": "^1.0.3", - "hasown": "^2.0.0" + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" }, "engines": { "node": ">= 0.4" @@ -10919,6 +11081,20 @@ "node": ">=8.0.0" } }, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "dev": true, + "license": "MIT", + "dependencies": { + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/get-stream": { "version": "6.0.1", "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", @@ -11068,12 +11244,13 @@ } }, "node_modules/gopd": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", - "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", "dev": true, - "dependencies": { - "get-intrinsic": "^1.1.3" + "license": "MIT", + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -11161,10 +11338,11 @@ } }, "node_modules/has-symbols": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", - "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "dev": true, + "license": "MIT", "engines": { "node": ">= 0.4" }, @@ -11173,12 +11351,13 @@ } }, "node_modules/has-tostringtag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.0.tgz", - "integrity": "sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "dev": true, + "license": "MIT", "dependencies": { - "has-symbols": "^1.0.2" + "has-symbols": "^1.0.3" }, "engines": { "node": ">= 0.4" @@ -11211,10 +11390,11 @@ } }, "node_modules/hasown": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.0.tgz", - "integrity": "sha512-vUptKVTpIJhcczKBbgnS+RtcuYMB8+oNzPK2/Hp3hanz8JmpATdmmgLgSaadVREkDm+e2giHwY3ZRkyjSIDDFA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", "dev": true, + "license": "MIT", "dependencies": { "function-bind": "^1.1.2" }, @@ -11474,10 +11654,11 @@ } }, "node_modules/http-proxy-middleware": { - "version": "2.0.7", - "resolved": "https://registry.npmjs.org/http-proxy-middleware/-/http-proxy-middleware-2.0.7.tgz", - "integrity": "sha512-fgVY8AV7qU7z/MmXJ/rxwbrtQH4jBQ9m7kp3llF0liB7glmFeVZFBepQb32T3y8n8k2+AEYuMPCpinYW+/CuRA==", + "version": "2.0.9", + "resolved": "https://registry.npmjs.org/http-proxy-middleware/-/http-proxy-middleware-2.0.9.tgz", + "integrity": "sha512-c1IyJYLYppU574+YI7R4QyX2ystMtVXZwIdzazUIPIJsHuWNd+mho2j+bKoHftndicGj9yh+xjd+l0yj7VeT1Q==", "dev": true, + "license": "MIT", "dependencies": { "@types/http-proxy": "^1.17.8", "http-proxy": "^1.18.1", @@ -12104,12 +12285,13 @@ } }, "node_modules/is-typed-array": { - "version": "1.1.12", - "resolved": "https://registry.npmjs.org/is-typed-array/-/is-typed-array-1.1.12.tgz", - "integrity": "sha512-Z14TF2JNG8Lss5/HMqt0//T9JeHXttXy5pH/DBU4vi98ozO2btxzq9MwYDZYnKwU8nRsz/+GVFVRDq3DkVuSPg==", + "version": "1.1.15", + "resolved": "https://registry.npmjs.org/is-typed-array/-/is-typed-array-1.1.15.tgz", + "integrity": "sha512-p3EcsicXjit7SaskXHs1hA91QxgTw46Fv6EFKKGS5DRFLD8yKnohjF3hxoju94b/OcMZoQukzpPpBE9uLVKzgQ==", "dev": true, + "license": "MIT", "dependencies": { - "which-typed-array": "^1.1.11" + "which-typed-array": "^1.1.16" }, "engines": { "node": ">= 0.4" @@ -16744,6 +16926,16 @@ "tmpl": "1.0.5" } }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, "node_modules/md5.js": { "version": "1.3.5", "resolved": "https://registry.npmjs.org/md5.js/-/md5.js-1.3.5.tgz", @@ -17357,10 +17549,11 @@ } }, "node_modules/on-headers": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", - "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz", + "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==", "dev": true, + "license": "MIT", "engines": { "node": ">= 0.8" } @@ -17633,21 +17826,57 @@ } }, "node_modules/pbkdf2": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.2.tgz", - "integrity": "sha512-iuh7L6jA7JEGu2WxDwtQP1ddOpaJNC4KlDEFfdQajSGgGPNi4OyDc2R7QnbY2bR9QjBVGwgvTdNJZoE7RaxUMA==", + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.3.tgz", + "integrity": "sha512-wfRLBZ0feWRhCIkoMB6ete7czJcnNnqRpcoWQBLqatqXXmelSRqfdDK4F3u9T2s2cXas/hQJcryI/4lAL+XTlA==", "dev": true, + "license": "MIT", "dependencies": { - "create-hash": "^1.1.2", - "create-hmac": "^1.1.4", - "ripemd160": "^2.0.1", - "safe-buffer": "^5.0.1", - "sha.js": "^2.4.8" + "create-hash": "~1.1.3", + "create-hmac": "^1.1.7", + "ripemd160": "=2.0.1", + "safe-buffer": "^5.2.1", + "sha.js": "^2.4.11", + "to-buffer": "^1.2.0" }, "engines": { "node": ">=0.12" } }, + "node_modules/pbkdf2/node_modules/create-hash": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.1.3.tgz", + "integrity": "sha512-snRpch/kwQhcdlnZKYanNF1m0RDlrCdSKQaH87w1FCFPVPNCQ/Il9QJKAX2jVBZddRdaHBMC+zXa9Gw9tmkNUA==", + "dev": true, + "license": "MIT", + "dependencies": { + "cipher-base": "^1.0.1", + "inherits": "^2.0.1", + "ripemd160": "^2.0.0", + "sha.js": "^2.4.0" + } + }, + "node_modules/pbkdf2/node_modules/hash-base": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-2.0.2.tgz", + "integrity": "sha512-0TROgQ1/SxE6KmxWSvXHvRj90/Xo1JvZShofnYF+f6ZsGtR4eES7WfrQzPalmyagfKZCXpVnitiRebZulWsbiw==", + "dev": true, + "license": "MIT", + "dependencies": { + "inherits": "^2.0.1" + } + }, + "node_modules/pbkdf2/node_modules/ripemd160": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.1.tgz", + "integrity": "sha512-J7f4wutN8mdbV08MJnXibYpCOPHR+yzy+iQ/AsjMv2j8cLavQ8VGagDFUwwTAdF8FmRKVeNpbTTEwNHCW1g94w==", + "dev": true, + "license": "MIT", + "dependencies": { + "hash-base": "^2.0.0", + "inherits": "^2.0.1" + } + }, "node_modules/performance-now": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", @@ -17826,6 +18055,16 @@ "node": ">=4" } }, + "node_modules/possible-typed-array-names": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.1.0.tgz", + "integrity": "sha512-/+5VFTchJDoVj3bhoqi6UeymcD00DAwb1nJwamzPvHEszJ4FpF6SNNbUbOS8yI56qHzdV8eK0qEfOSiodkTdxg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, "node_modules/postcss": { "version": "8.4.35", "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.35.tgz", @@ -19402,15 +19641,6 @@ "node": ">= 0.8" } }, - "node_modules/raw-body/node_modules/bytes": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", - "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==", - "dev": true, - "engines": { - "node": ">= 0.8" - } - }, "node_modules/raw-body/node_modules/iconv-lite": { "version": "0.4.24", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", @@ -20795,16 +21025,24 @@ "dev": true }, "node_modules/sha.js": { - "version": "2.4.11", - "resolved": "https://registry.npmjs.org/sha.js/-/sha.js-2.4.11.tgz", - "integrity": "sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==", + "version": "2.4.12", + "resolved": "https://registry.npmjs.org/sha.js/-/sha.js-2.4.12.tgz", + "integrity": "sha512-8LzC5+bvI45BjpfXU8V5fdU2mfeKiQe1D1gIMn7XUlF3OTUrpdJpPPH4EMAnF0DsHHdSZqCdSss5qCmJKuiO3w==", "dev": true, + "license": "(MIT AND BSD-3-Clause)", "dependencies": { - "inherits": "^2.0.1", - "safe-buffer": "^5.0.1" + "inherits": "^2.0.4", + "safe-buffer": "^5.2.1", + "to-buffer": "^1.2.0" }, "bin": { "sha.js": "bin.js" + }, + "engines": { + "node": ">= 0.10" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, "node_modules/shallow-clone": { @@ -21540,10 +21778,11 @@ } }, "node_modules/sucrase/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", "dev": true, + "license": "MIT", "dependencies": { "balanced-match": "^1.0.0" } @@ -21974,6 +22213,21 @@ "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", "dev": true }, + "node_modules/to-buffer": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/to-buffer/-/to-buffer-1.2.1.tgz", + "integrity": "sha512-tB82LpAIWjhLYbqjx3X4zEeHN6M8CiuOEy2JY8SEQVdYRe3CCHOFaqrBW1doLDrfpWhplcW7BL+bO3/6S3pcDQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "isarray": "^2.0.5", + "safe-buffer": "^5.2.1", + "typed-array-buffer": "^1.0.3" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -22213,14 +22467,15 @@ } }, "node_modules/typed-array-buffer": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/typed-array-buffer/-/typed-array-buffer-1.0.0.tgz", - "integrity": "sha512-Y8KTSIglk9OZEr8zywiIHG/kmQ7KWyjseXs1CbSo8vC42w7hg2HgYTxSWwP0+is7bWDc1H+Fo026CpHFwm8tkw==", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/typed-array-buffer/-/typed-array-buffer-1.0.3.tgz", + "integrity": "sha512-nAYYwfY3qnzX30IkA6AQZjVbtK6duGontcQm1WSG1MD94YLqK0515GNApXkoxKOWMusVssAHWLh9SeaoefYFGw==", "dev": true, + "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.1", - "is-typed-array": "^1.1.10" + "call-bound": "^1.0.3", + "es-errors": "^1.3.0", + "is-typed-array": "^1.1.14" }, "engines": { "node": ">= 0.4" @@ -22743,10 +22998,11 @@ } }, "node_modules/webpack-dev-server": { - "version": "4.15.1", - "resolved": "https://registry.npmjs.org/webpack-dev-server/-/webpack-dev-server-4.15.1.tgz", - "integrity": "sha512-5hbAst3h3C3L8w6W4P96L5vaV0PxSmJhxZvWKYIdgxOQm8pNZ5dEOmmSLBVpP85ReeyRt6AS1QJNyo/oFFPeVA==", + "version": "4.15.2", + "resolved": "https://registry.npmjs.org/webpack-dev-server/-/webpack-dev-server-4.15.2.tgz", + "integrity": "sha512-0XavAZbNJ5sDrCbkpWL8mia0o5WPOd2YGtxrEiZkBK9FjLppIUK2TgxK6qGD2P3hUXTJNNPVibrerKcx5WkR1g==", "dev": true, + "license": "MIT", "dependencies": { "@types/bonjour": "^3.5.9", "@types/connect-history-api-fallback": "^1.3.5", @@ -22776,7 +23032,7 @@ "serve-index": "^1.9.1", "sockjs": "^0.3.24", "spdy": "^4.0.2", - "webpack-dev-middleware": "^5.3.1", + "webpack-dev-middleware": "^5.3.4", "ws": "^8.13.0" }, "bin": { @@ -23101,16 +23357,19 @@ } }, "node_modules/which-typed-array": { - "version": "1.1.13", - "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.13.tgz", - "integrity": "sha512-P5Nra0qjSncduVPEAr7xhoF5guty49ArDTwzJ/yNuPIbZppyRxFQsRCWrocxIY+CnMVG+qfbU2FmDKyvSGClow==", + "version": "1.1.19", + "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.19.tgz", + "integrity": "sha512-rEvr90Bck4WZt9HHFC4DJMsjvu7x+r6bImz0/BrbWb7A2djJ8hnZMrWnHo9F8ssv0OMErasDhftrfROTyqSDrw==", "dev": true, + "license": "MIT", "dependencies": { - "available-typed-arrays": "^1.0.5", - "call-bind": "^1.0.4", - "for-each": "^0.3.3", - "gopd": "^1.0.1", - "has-tostringtag": "^1.0.0" + "available-typed-arrays": "^1.0.7", + "call-bind": "^1.0.8", + "call-bound": "^1.0.4", + "for-each": "^0.3.5", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-tostringtag": "^1.0.2" }, "engines": { "node": ">= 0.4" diff --git a/Source/CdrAuthServer.UnitTests/CdrAuthServer.UnitTests.csproj b/Source/CdrAuthServer.UnitTests/CdrAuthServer.UnitTests.csproj index a3d0327..1d1da98 100644 --- a/Source/CdrAuthServer.UnitTests/CdrAuthServer.UnitTests.csproj +++ b/Source/CdrAuthServer.UnitTests/CdrAuthServer.UnitTests.csproj @@ -1,21 +1,18 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) enable false - True + True - - Always @@ -27,35 +24,30 @@ Always - - - - - - + + + + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + all runtime; build; native; contentfiles; analyzers; buildtransitive - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - Always - - + \ No newline at end of file diff --git a/Source/CdrAuthServer.mTLS.Gateway/CdrAuthServer.mTLS.Gateway.csproj b/Source/CdrAuthServer.mTLS.Gateway/CdrAuthServer.mTLS.Gateway.csproj index 5bc2e56..91f7303 100644 --- a/Source/CdrAuthServer.mTLS.Gateway/CdrAuthServer.mTLS.Gateway.csproj +++ b/Source/CdrAuthServer.mTLS.Gateway/CdrAuthServer.mTLS.Gateway.csproj @@ -1,57 +1,61 @@  - - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) - enable - enable - True - - - + + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) + enable + enable + True + - - - - - - Always - - - - - - - - - - - - - - - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - all - runtime; build; native; contentfiles; analyzers; buildtransitive - - - - - - - - - - - Always - - + + + + + Always + + + + + + + + + true + + + true + + + true + + + true + + + true + + + true + + - + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + + + + + + Always + + + \ No newline at end of file diff --git a/Source/CdrAuthServer.sln b/Source/CdrAuthServer.sln index a3ee4e0..9c1985f 100644 --- a/Source/CdrAuthServer.sln +++ b/Source/CdrAuthServer.sln @@ -46,6 +46,12 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "CdrAuthServer.GetDataRecipi EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "CdrAuthServer.GetDataRecipients.IntegrationTests", "CdrAuthServer.GetDataRecipients.IntegrationTests\CdrAuthServer.GetDataRecipients.IntegrationTests.csproj", "{56C795F0-376A-4938-9552-A037AD231EFD}" EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{8EC462FD-D22E-90A8-E5CE-7E832BA40C5D}" + ProjectSection(SolutionItems) = preProject + Directory.Build.props = Directory.Build.props + Directory.Packages.props = Directory.Packages.props + EndProjectSection +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU diff --git a/Source/CdrAuthServer/CdrAuthServer.csproj b/Source/CdrAuthServer/CdrAuthServer.csproj index c5148a8..64642ef 100644 --- a/Source/CdrAuthServer/CdrAuthServer.csproj +++ b/Source/CdrAuthServer/CdrAuthServer.csproj @@ -1,39 +1,33 @@  - - $(TargetFrameworkVersion) - $(Version) - $(Version) - $(Version) + $(TargetFrameworkVersion) + $(Version) + $(Version) + $(Version) enable enable d57d2c28-46ab-4ea5-9327-daba2552a167 Linux - True - bin\$(MSBuildProjectName).xml + True + bin\$(MSBuildProjectName).xml - $(NoWarn);1591;1516 - $(NoWarn);1591;1516 - - - PreserveNewest @@ -45,42 +39,33 @@ PreserveNewest - - - - - - - - - - - - - - - + + + + + + true + + + true + + all runtime; build; native; contentfiles; analyzers; buildtransitive - + all runtime; build; native; contentfiles; analyzers; buildtransitive - - - - - - - + + + + - - - + \ No newline at end of file diff --git a/Source/CdrAuthServer/Configuration/OpenTelemetryKeys.cs b/Source/CdrAuthServer/Configuration/OpenTelemetryKeys.cs new file mode 100644 index 0000000..7b116bc --- /dev/null +++ b/Source/CdrAuthServer/Configuration/OpenTelemetryKeys.cs @@ -0,0 +1,45 @@ +namespace CdrAuthServer.Configuration +{ + /// + /// The names of environment variables / configuration keys that configure the underlying OTLP Exporter used by the OpenTelemetrySink. + /// + /// Refer to OTLP Exporter Configuration OpenTelemetry documentation. + public static class OpenTelemetryKeys + { + /// + /// A base endpoint URL for any signal type, with an optionally-specified port number. + /// Helpful for when you’re sending more than one signal to the same endpoint and want one environment variable to control the endpoint. + /// + /// + /// Refer to OTEL_EXPORTER_OTLP_ENDPOINT OpenTelemetry documentation. + /// + public const string Endpoint = "OTEL_EXPORTER_OTLP_ENDPOINT"; + + /// + /// Endpoint URL for trace data only, with an optionally-specified port number. + /// Typically ends with v1/traces when using OTLP/HTTP. + /// + /// + /// Refer to OTEL_EXPORTER_OTLP_TRACES_ENDPOINT OpenTelemetry documentation. + /// + public const string TracesEndpoint = "OTEL_EXPORTER_OTLP_TRACES_ENDPOINT"; + + /// + /// Endpoint URL for metric data only, with an optionally-specified port number. + /// Typically ends with v1/metrics when using OTLP/HTTP. + /// + /// + /// Refer to OTEL_EXPORTER_OTLP_METRICS_ENDPOINT OpenTelemetry documentation. + /// + public const string MetricsEndpoint = "OTEL_EXPORTER_OTLP_METRICS_ENDPOINT"; + + /// + /// Endpoint URL for log data only, with an optionally-specified port number. + /// Typically ends with v1/logs when using OTLP/HTTP. + /// + /// + /// Refer to OTEL_EXPORTER_OTLP_LOGS_ENDPOINT OpenTelemetry documentation. + /// + public const string LogsEndpoint = "OTEL_EXPORTER_OTLP_LOGS_ENDPOINT"; + } +} diff --git a/Source/CdrAuthServer/Extensions/OpenTelemetryConfigurationExtensions.cs b/Source/CdrAuthServer/Extensions/OpenTelemetryConfigurationExtensions.cs new file mode 100644 index 0000000..1a11f0a --- /dev/null +++ b/Source/CdrAuthServer/Extensions/OpenTelemetryConfigurationExtensions.cs @@ -0,0 +1,43 @@ +using System.Reflection; +using CdrAuthServer.Configuration; + +namespace Serilog +{ + /// + /// Extension functionality for configuration OpenTelemetry. + /// + public static class OpenTelemetryConfigurationExtensions + { + /// + /// Conditionally enable Open Telemetry if any of the following OpenTelemetry endpoint configuration values: + /// + /// OTEL_EXPORTER_OTLP_ENDPOINT + /// OTEL_EXPORTER_OTLP_TRACES_ENDPOINT + /// OTEL_EXPORTER_OTLP_METRICS_ENDPOINT + /// OTEL_EXPORTER_OTLP_LOGS_ENDPOINT + /// + /// have been set in line with the Exporter configuration guidance. + /// + /// The existing logger configuration to which OpenTelemetry needs to be added. + /// The application configuration. + /// The logger configuration with OpenTelemetry sink configured (if applicable). + public static LoggerConfiguration AddOpenTelemetry(this LoggerConfiguration loggerConfiguration, IConfiguration configuration) + { + if (configuration.GetValue(OpenTelemetryKeys.Endpoint) is not null + || configuration.GetValue(OpenTelemetryKeys.TracesEndpoint) is not null + || configuration.GetValue(OpenTelemetryKeys.MetricsEndpoint) is not null + || configuration.GetValue(OpenTelemetryKeys.LogsEndpoint) is not null) + { + loggerConfiguration.WriteTo.OpenTelemetry(configure: static x => + { + x.ResourceAttributes = new Dictionary + { + { "resource.name", Assembly.GetEntryAssembly()?.GetName()?.Name ?? string.Empty }, + }; + }); + } + + return loggerConfiguration; + } + } +} diff --git a/Source/CdrAuthServer/Program.cs b/Source/CdrAuthServer/Program.cs index 2ca064f..234a844 100644 --- a/Source/CdrAuthServer/Program.cs +++ b/Source/CdrAuthServer/Program.cs @@ -144,7 +144,7 @@ await builder.Services.ConfigureWebServer( { options.AddPolicy(pol.Name, policy => { - if (pol.ScopeRequirement != null && !pol.ScopeRequirement.IsNullOrEmpty()) + if (pol.ScopeRequirement != null && !string.IsNullOrEmpty(pol.ScopeRequirement)) { policy.Requirements.Add(new ScopeRequirement(pol.ScopeRequirement)); } @@ -330,6 +330,7 @@ static void ConfigureSerilog(IConfiguration configuration, bool isDatabaseReady { var loggerConfiguration = new LoggerConfiguration() .ReadFrom.Configuration(configuration) + .AddOpenTelemetry(configuration) .Enrich.FromLogContext(); // If the database is ready, configure the SQL Server sink diff --git a/Source/CdrAuthServer/Services/TokenService.cs b/Source/CdrAuthServer/Services/TokenService.cs index 9dbb515..30c87d1 100644 --- a/Source/CdrAuthServer/Services/TokenService.cs +++ b/Source/CdrAuthServer/Services/TokenService.cs @@ -275,15 +275,12 @@ private async Task GetRefreshTokenResponse(TokenRequest tokenRequ var newScopes = tokenRequest.Scope.Split(' '); // Verify that the client has not requested additional scopes that exceed the original request. - foreach (var newScope in newScopes) + if (!newScopes.All(currentScopes.Contains)) { - if (!currentScopes.Contains(newScope)) + return new TokenResponse() { - return new TokenResponse() - { - Error = new Error(ErrorCodes.Generic.InvalidScope, "Additional scopes were requested in the refresh_token request"), - }; - } + Error = new Error(ErrorCodes.Generic.InvalidScope, "Additional scopes were requested in the refresh_token request"), + }; } // Additional scopes were not requested, so return the same or subset of scopes. diff --git a/Source/CdrAuthServer/Validation/ClientRegistrationValidator.cs b/Source/CdrAuthServer/Validation/ClientRegistrationValidator.cs index 86f98d4..21d5775 100644 --- a/Source/CdrAuthServer/Validation/ClientRegistrationValidator.cs +++ b/Source/CdrAuthServer/Validation/ClientRegistrationValidator.cs @@ -46,6 +46,8 @@ public async Task Validate(ClientRegistrationRequest clientReg return ErrorCatalogue.Catalogue().GetValidationResult(ErrorCatalogue.EMPTY_REGISTRATION_REQUEST); } + _logger.LogInformation("Validate - Start Validate SSA"); + // 1. SSA validation first. If it fails, then exit as no point in validating anything else. var ssaResult = await ValidateSSA(clientRegistrationRequest, configOptions); if (!ssaResult.IsValid) @@ -54,6 +56,9 @@ public async Task Validate(ClientRegistrationRequest clientReg return ssaResult; } + _logger.LogInformation("Validate - End Validate SSA"); + _logger.LogInformation("Validate - Start Validate Request Signature"); + // 2. Signature validation to determine if we can rely on the contents of the registration request jwt. var signatureResult = await ValidateRequestSignature(clientRegistrationRequest, configOptions); if (!signatureResult.IsValid) @@ -62,6 +67,9 @@ public async Task Validate(ClientRegistrationRequest clientReg return signatureResult; } + _logger.LogInformation("Validate - End Validate Request Signature"); + _logger.LogInformation("Validate - Start Validate Sector Uri Identifier"); + // 3. Validate the sector identifier uri var sectorIdentifierResult = await ValidateSectorIdentifierUri(clientRegistrationRequest.SoftwareStatement?.SectorIdentifierUri); if (!sectorIdentifierResult.IsValid) @@ -70,6 +78,9 @@ public async Task Validate(ClientRegistrationRequest clientReg return sectorIdentifierResult; } + _logger.LogInformation("Validate - End Validate Sector Uri Identifier"); + _logger.LogInformation("Validate - Start Basic Validation"); + // Signature validation has been completed successfully. // @@ -124,6 +135,9 @@ public async Task Validate(ClientRegistrationRequest clientReg MustEqual(clientRegistrationRequest.ApplicationType, nameof(clientRegistrationRequest.ApplicationType), "web"); } + _logger.LogInformation("Validate - End Basic Validation"); + _logger.LogInformation("Validate - Start Redirect Uri Validation"); + // redirect_uri validation. foreach (var redirectUri in clientRegistrationRequest.RedirectUris) { @@ -140,6 +154,8 @@ public async Task Validate(ClientRegistrationRequest clientReg } } + _logger.LogInformation("Validate - End Redirect Uri Validation"); + if (_validationResults.Count != 0) { _logger.LogError("validation failed: {@ValidationResults}", _validationResults); @@ -224,32 +240,42 @@ private async Task ValidateRequestSignature(ClientRegistration _logger.LogInformation("Data Recipient JWKS: {Jwks}", JsonConvert.SerializeObject(jwks)); - // Assert - Validate Registration Request Signature - var validationParameters = new TokenValidationParameters() + try { - ValidateLifetime = true, - ClockSkew = TimeSpan.FromSeconds(configOptions.ClockSkewSeconds), + // Assert - Validate Registration Request Signature + var validationParameters = new TokenValidationParameters() + { + ValidateLifetime = true, + ClockSkew = TimeSpan.FromSeconds(configOptions.ClockSkewSeconds), - RequireSignedTokens = true, - ValidateIssuerSigningKey = true, - IssuerSigningKeys = jwks.Keys, + RequireSignedTokens = true, + ValidateIssuerSigningKey = true, + IssuerSigningKeys = jwks.Keys, - ValidateAudience = true, - ValidAudience = configOptions.Issuer, + ValidateAudience = true, + ValidAudience = configOptions.Issuer, - ValidateIssuer = true, - ValidIssuer = request.SoftwareStatement.SoftwareId, - }; + ValidateIssuer = true, + ValidIssuer = request.SoftwareStatement.SoftwareId, + }; + _logger.LogInformation("Start JWT Token Validation"); - // Validate token. - try - { - var tokenHandler = new JwtSecurityTokenHandler(); - tokenHandler.ValidateToken(request.ClientRegistrationRequestJwt, validationParameters, out var _); + // Validate token. + try + { + var tokenHandler = new JwtSecurityTokenHandler(); + tokenHandler.ValidateToken(request.ClientRegistrationRequestJwt, validationParameters, out var _); + _logger.LogInformation("End JWT Token Validation"); + } + catch (Exception ex) + { + _logger.LogError(ex, "Client Registration Request validation failed - {Message}", ex.Message); + return ErrorCatalogue.Catalogue().GetValidationResult(ErrorCatalogue.REGISTRATION_REQUEST_VALIDATION_FAILED); + } } catch (Exception ex) { - _logger.LogError(ex, "Client Registration Request validation failed - {Message}", ex.Message); + _logger.LogError(ex, "JWT validation parameters failed - {Message}", ex.Message); return ErrorCatalogue.Catalogue().GetValidationResult(ErrorCatalogue.REGISTRATION_REQUEST_VALIDATION_FAILED); } diff --git a/Source/CdrAuthServer/Validation/ValidateMtlsAttribute.cs b/Source/CdrAuthServer/Validation/ValidateMtlsAttribute.cs index c5ea04a..3ca75a3 100644 --- a/Source/CdrAuthServer/Validation/ValidateMtlsAttribute.cs +++ b/Source/CdrAuthServer/Validation/ValidateMtlsAttribute.cs @@ -78,24 +78,39 @@ private void VerifyCertificateRevocation(ActionExecutingContext context, Configu // Build the OCSP request URL from the client cert var ocspResponderUrl = cert.GetOCSPUrlFromCertificate(); - // Read the CA PEM from configuration. - var clientCertCAPem = _configuration.GetValue("Certificates:Ocsp:MtlsOcspResponderPem"); + // Read the CA PEMs from configuration. Multiple CA PEMs can be passed in to handle auth-server supporting more than one certificate trust chains + var clientCertCAPems = _configuration.GetValue("Certificates:Ocsp:MtlsOcspResponderPem"); - if (string.IsNullOrEmpty(clientCertCAPem)) + if (string.IsNullOrEmpty(clientCertCAPems)) { _logger.LogError("Certificates:Ocsp:MtlsOcspResponderPem value is either null or empty"); throw new ConfigurationErrorsException("Certificates:Ocsp:MtlsOcspResponderPem value is either null or empty"); } - // create request object for ocsp. - var ocspRequester = new OcspRequester(ocspResponderUrl, clientCertCAPem, _logger, _httpClient); + var clientCertCAPemList = clientCertCAPems.Split(";", StringSplitOptions.RemoveEmptyEntries); + OcspRequester.OcspResult ocspResult = OcspRequester.OcspResult.Unknown; - _logger.LogInformation("mTLS certificate check - calling OCSP Responder at {OcspResponderUrl}", ocspResponderUrl); + foreach (var clientCertCAPem in clientCertCAPemList) + { + if (string.IsNullOrEmpty(clientCertCAPem)) + { + continue; + } + + // create request object for ocsp. + var ocspRequester = new OcspRequester(ocspResponderUrl, clientCertCAPem, _logger, _httpClient); - // Call the OCSP responder to get the status of the certificate. - var ocspResult = ocspRequester.GetResult(cert.GetSerialNumberString()).Result; + _logger.LogInformation("mTLS certificate check - calling OCSP Responder at {OcspResponderUrl}", ocspResponderUrl); - _logger.LogInformation("mTLS certificate check - OCSP Response for {SerialNumber} = {OcspResult}", cert.GetSerialNumberString(), ocspResult); + // Call the OCSP responder to get the status of the certificate. + ocspResult = ocspRequester.GetResult(cert.GetSerialNumberString()).Result; + + _logger.LogInformation("mTLS certificate check - OCSP Response for {SerialNumber} = {OcspResult}", cert.GetSerialNumberString(), ocspResult); + if (ocspResult != OcspRequester.OcspResult.Unknown) + { + break; + } + } if (ocspResult != OcspRequester.OcspResult.Good) { diff --git a/Source/Directory.Build.props b/Source/Directory.Build.props index bca697b..ee0c6d3 100644 --- a/Source/Directory.Build.props +++ b/Source/Directory.Build.props @@ -1,7 +1,7 @@ net8.0 - 3.0.1 + 3.0.4 true true true diff --git a/Source/Directory.Packages.props b/Source/Directory.Packages.props new file mode 100644 index 0000000..73daa3d --- /dev/null +++ b/Source/Directory.Packages.props @@ -0,0 +1,74 @@ + + + true + true + false + $(NoWarn);NU1507 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Source/Dockerfile b/Source/Dockerfile index 6030b96..065d088 100644 --- a/Source/Dockerfile +++ b/Source/Dockerfile @@ -20,6 +20,7 @@ COPY ./ . FROM build AS publish COPY ./Directory.Build.props /app/Directory.Build.props +COPY ./Directory.Packages.props /app/Directory.Packages.props COPY ./.editorconfig /app/.editorconfig COPY ./CdrAuthServer.Domain/. /app/CdrAuthServer.Domain COPY ./CdrAuthServer.Repository/. /app/CdrAuthServer.Repository diff --git a/Source/Dockerfile.standalone b/Source/Dockerfile.standalone index 486c58b..ffd0583 100644 --- a/Source/Dockerfile.standalone +++ b/Source/Dockerfile.standalone @@ -46,6 +46,7 @@ COPY ./ . FROM build AS publish COPY ./Directory.Build.props /app/Directory.Build.props +COPY ./Directory.Packages.props /app/Directory.Packages.props COPY ./.editorconfig /app/.editorconfig COPY ./CdrAuthServer.Domain/. /app/CdrAuthServer.Domain COPY ./CdrAuthServer.Repository/. /app/CdrAuthServer.Repository