ConsumerDataRight · CDR-FarooqK · Dec 9, 2025 · Jun 26, 2025 · Dec 7, 2025
diff --git a/.azuredevops/pipelines/build-dr-func.yml b/.azuredevops/pipelines/build-dr-func.yml
@@ -3,8 +3,11 @@ trigger:
   - main
   - releases/*
 
+variables:
+  - group: PT-Pipeline-Common
+
 pool:
-  vmImage: windows-latest
+  vmImage: $(Pipeline_Host_Image)
 
 steps:
   - task: UseDotNet@2

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,9 +3,25 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-
 ## [Unreleased]
 
+## [3.0.4] - 2025-12-10
+### Changed
+- Update to Central Package Management (CPM)
+
+## [3.0.3] - 2025-12-03
+### Changed
+- Updated NuGet packages to address vulnerabilities
+
+## [3.0.2] - 2025-10-15
+### Changed
+- Added ability to handle multiple Issuing Certificate Authorities when checking certificate revocation status  
+### Added
+- Enabled OpenTelemetry as a logging destination
+
+### Fixed
+- Ocsp Responder Url retrieval can now parse a larger range of Certificate Authority Info Access structures
+
 ## [3.0.1] - 2025-06-19
 
 ### Changed

diff --git a/Help/container/HELP.md b/Help/container/HELP.md
@@ -1,50 +1,67 @@
-<h2>Use the pre-built image for this solution</h2>
-
-<br />
-<p>1. Pull the latest image from <a href="https://hub.docker.com/r/consumerdataright/authorisation-server" title="Download the container from docker hub here" alt="Download the container from docker hub here">Docker Hub</a></p>
-
-<span style="display:inline-block;margin-left:1em;">
-	docker pull consumerdataright/authorisation-server
-</span>
-
-<br />
-<p>2. Run the Authorisation Server container</p>
-
-<span style="display:inline-block;margin-left:1em;">
-	docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest
-	docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server consumerdataright/authorisation-server<br \>
-	<br \><br \>
-	Please note - This docker compose file utilises the Microsoft SQL Server Image from Docker Hub.<br \>
-	The Microsoft EULA for the Microsoft SQL Server Image must be accepted to continue.<br \>
-	See the Microsoft SQL Server Image on Docker Hub for more information.<br \>
-	Using the above command from a MS Windows command prompt will run the database.<br \>
-</span>
-
-<br />
-
-<span style="display:inline-block;margin-left:1em;margin-top:10px;margin-bottom:10px;">
-	How to build your own image instead of downloading it from docker hub.<br \>
-	navigate to .\authorisation-server\Source<br \>
-	open a command prompt and execute the following;<br \>
-	docker build -f Dockerfile.standalone -t authorisation-server .<br \>
-	Please note - By default, the container above will be using a MS SQL database container, using this command from a MS Windows command prompt will run the database,<br \> 
-	docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest
-	docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server authorisation-server<br \><br \>	
-</span>
-
-<span style="display:inline-block;margin-left:1em;margin-top:10px;margin-bottom:10px;">
-	You can connect to the MS SQL database container from MS Sql Server Management Studio (SSMS) using
-	the following settings; <br />
-	Server type: Database Engine <br />
-	Server name: localhost <br />
-	Authentication: SQL Server Authentication <br />
-	Login: sa <br />
-	Password: Pa{}w0rd2019 <br />
-</span>
-<br />
+## Use the pre-built image for this solution
+
+1. Pull the latest [consumerdataright/authorisation-server](https://hub.docker.com/r/consumerdataright/authorisation-server) image from Docker Hub.
+   ```shell
+   docker pull consumerdataright/authorisation-server
+   ```
+
+2. Start the MSSQL server by executing the following command
+   > *The instructions below include starting an instance of the Microsoft SQL Server. This includes an EULA which the following command accepts. Please refer to the documentation for the [mssql/server](https://hub.docker.com/r/microsoft/mssql-server/#environment-variables) image for more details.*
+   ```shell
+   docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest    
+   ```
+
+3. Run the Authorisation Server (from image)
+   ```shell
+   # run the authorisation server
+   docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server consumerdataright/authorisation-server
+   ```
+
+## Build your own image for this solution
+To build your own image instead of using a pre-built one from Docker Hub
+1. Open a command prompt with the working directory set to the [Source](../../Source/) folder under this repository on your local file system 
+2. Build the image by executing the following command
+   ```shell
+   docker build -f Dockerfile.standalone -t authorisation-server .
+   ```
+3. Start the MSSQL server by executing the following command
+   > *The instructions below include starting an instance of the Microsoft SQL Server. This includes an EULA which the following command accepts. Please refer to the documentation for the [mssql/server](https://hub.docker.com/r/microsoft/mssql-server/#environment-variables) image for more details.*
+   ```shell
+   docker run -d -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=Pa{}w0rd2019" -p 1433:1433 --name mssql -h sql1 -d mcr.microsoft.com/mssql/server:2022-latest    
+   ```
+4. Start the Authorisation Server by executing the following command
+   ```shell
+   docker run -d -h authorisation-server -p 8001:8001 -p 3000:3000 --add-host=mssql:host-gateway --name authorisation-server authorisation-server
+   ```
+
+## Connecting to the database
+> Both approaches leverage a MS SQL database for storage. In the examples below we use [MS SQL Server Management Studio (SMSS)](https://learn.microsoft.com/en-us/ssms/), but the approach should be similar for other tooling.
+
+You will need the following authentication details:
+|                |                           |
+| --             | --                        |
+| Server type    | Database Engine           |
+| Server name    | localhost                 |
+| Authentication | SQL Server Authentication |
+| Login          | `sa`                      |
+| Password       | `Pa{}w0rd2019`            |
+
+Should you opt to use another tool, then the following would be useful
+
+|                   |                                                |
+| --                | --                                             |
+| Connection String | `Server=localhost;Database=cdr-auth-server;User Id='SA';Password='Pa{}w0rd2019';MultipleActiveResultSets=True;TrustServerCertificate=True;Encrypt=False` |
+
+
+> If the below error occurs whilst trying to connect to the MS SQL container, the SQL Server Service MUST BE STOPPED, you can do this from SQL Server Manager
 
 [<img src="./images/ssms-login-error.png" height='300' width='400' alt="SSMS Login Error"/>](./images/ssms-login-error.png)
 
-<p>
-	(NB: if the above error occurs whilst trying to connect to the MS SQL container, the SQL Server Service MUST BE STOPPED, you can do this from SQL Server Manager)
-</p>
+## Logging
+Once you have connected to the `cdr-auth-server` database above you can view the various database tables that contain logs or view the console output using the following command.
+
+  ```shell
+  docker logs authorisation-server
+  ```
+
+Optionally, logging to OpenTelemetry compatible destinations is also supported by modifying the `docker run` commands to supply additional environment variables. Additional guidance can be found in the [readme](../../README.md#logging) file.
diff --git a/README.md b/README.md
@@ -232,6 +232,24 @@ The information below lists the customisation required for each endpoint:
 # Testing
 Automated tests have been created as part of this solution. See the [Test Automation Execution Guide](./Help/testing/HELP.md) documentation for more information.
 
+# Logging
+By default the application logs to console as well as into tables within the application database. 
+
+However, OpenTelemetry can be configured by setting the [environment variables](https://opentelemetry.io/docs/specs/otel/protocol/exporter/#configuration-options) appropriately.
+
+> The example below uses [Seq](https://datalust.co/seq) for simplicity, we do not endorse any particular product. Choose an [OpenTelemetry vendor](https://opentelemetry.io/ecosystem/vendors/) is suitable for your needs.
+
+For example, you may set up a local OTLP ingestion endpoint
+`docker run -e ACCEPT_EULA=Y --rm -p 4318:80 5341:5341 datalust/seq`
+and then set the following
+
+| Environment variable | Value |
+| --- | --- |
+| `OTEL_EXPORTER_OTLP_ENDPOINT` | `http://localhost:5341/ingest/otlp` |
+| `OTEL_EXPORTER_OTLP_PROTOCOL` | `http/protobuf` |
+
+After which you should be able to [view telemetry](http://localhost:4318/).
+
 # Contribute
 We encourage contributions from the community.  See our [contributing guidelines](./CONTRIBUTING.md).
 

diff --git a/Source/CdrAuthServer.API.Logger/CdrAuthServer.API.Logger.csproj b/Source/CdrAuthServer.API.Logger/CdrAuthServer.API.Logger.csproj
@@ -1,33 +1,27 @@
 <Project Sdk="Microsoft.NET.Sdk">
-
   <PropertyGroup>
-	<TargetFramework>$(TargetFrameworkVersion)</TargetFramework>
-	<Version>$(Version)</Version>
-	<FileVersion>$(Version)</FileVersion>
-	<AssemblyVersion>$(Version)</AssemblyVersion>
+    <TargetFramework>$(TargetFrameworkVersion)</TargetFramework>
+    <Version>$(Version)</Version>
+    <FileVersion>$(Version)</FileVersion>
+    <AssemblyVersion>$(Version)</AssemblyVersion>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
-    <GenerateDocumentationFile>True</GenerateDocumentationFile>	  
+    <GenerateDocumentationFile>True</GenerateDocumentationFile>
   </PropertyGroup>
-
   <ItemGroup>
-    <PackageReference Include="Azure.Identity" Version="1.13.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.7" />
-    <PackageReference Include="Microsoft.Data.SqlClient" Version="5.2.2" />
-    <PackageReference Include="Microsoft.IO.RecyclableMemoryStream" Version="3.0.1" />
-    <PackageReference Include="Serilog.AspNetCore" Version="8.0.1" />
-    <PackageReference Include="Serilog.Settings.Configuration" Version="8.0.2" />
-    <PackageReference Include="Serilog.Sinks.MSSqlServer" Version="7.0.0" />
-    <PackageReference Include="SonarAnalyzer.CSharp" Version="9.32.0.97167">
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" />
+    <PackageReference Include="Microsoft.IO.RecyclableMemoryStream" />
+    <PackageReference Include="Serilog.Settings.Configuration" />
+    <PackageReference Include="Serilog.Sinks.MSSqlServer">
+      <TreatAsUsed>true</TreatAsUsed>
+    </PackageReference>
+    <PackageReference Include="SonarAnalyzer.CSharp">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="StyleCop.Analyzers.Unstable">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-      <PackageReference Include="StyleCop.Analyzers" Version="1.2.0-beta.556">
-          <PrivateAssets>all</PrivateAssets>
-          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-      </PackageReference>
-    <PackageReference Include="System.Text.Json" Version="8.0.5" />
-    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
   </ItemGroup>
-
-</Project>
+</Project>
diff --git a/Source/CdrAuthServer.Domain/CdrAuthServer.Domain.csproj b/Source/CdrAuthServer.Domain/CdrAuthServer.Domain.csproj
@@ -1,27 +1,13 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-	<TargetFramework>$(TargetFrameworkVersion)</TargetFramework>
-	<Version>$(Version)</Version>
-	<FileVersion>$(Version)</FileVersion>
-	<AssemblyVersion>$(Version)</AssemblyVersion>
-	<ImplicitUsings>enable</ImplicitUsings>
-	<Nullable>enable</Nullable>
+    <TargetFramework>$(TargetFrameworkVersion)</TargetFramework>
+    <Version>$(Version)</Version>
+    <FileVersion>$(Version)</FileVersion>
+    <AssemblyVersion>$(Version)</AssemblyVersion>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.Core" Version="2.2.5" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="8.0.7" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
-    <PackageReference Include="System.Collections" Version="4.3.0" />
-    <PackageReference Include="System.Diagnostics.Debug" Version="4.3.0" />
-    <PackageReference Include="System.IO" Version="4.3.0" />
-    <PackageReference Include="System.IO.FileSystem.Primitives" Version="4.3.0" />
-    <PackageReference Include="System.Runtime.Extensions" Version="4.3.1" />
-    <PackageReference Include="System.Runtime.Handles" Version="4.3.0" />
-    <PackageReference Include="System.Runtime.InteropServices" Version="4.3.0" />
-    <PackageReference Include="System.Text.Encodings.Web" Version="8.0.0" />
-    <PackageReference Include="System.Text.Json" Version="8.0.5" />
-    <PackageReference Include="System.Threading.Tasks" Version="4.3.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" />
   </ItemGroup>
-
-</Project>
+</Project>