Merge pull request #1 from swiss-ssi-group/dev-issue

Issue and publish
swiss-ssi-group · Jul 9, 2023 · 7a171cc · 7a171cc
2 parents d541f54 + d0ab203
commit 7a171cc
Show file tree

Hide file tree

Showing 157 changed files with 90,183 additions and 35 deletions.
diff --git a/.github/workflows/azure-deploy-issuer.yml b/.github/workflows/azure-deploy-issuer.yml
@@ -0,0 +1,70 @@
+
+name: Build and deploy Issue Door unlocked
+
+env:
+ AZURE_WEBAPP_NAME: issueunlockdoor # set this to the name of your Azure Web App
+ AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
+ DOTNET_VERSION: '7.0' # set this to the .NET Core version to use
+
+on:
+ push:
+ branches: [ "deploy-issuer" ]
+ workflow_dispatch:
+
+permissions:
+ contents: read
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Set up .NET Core
+ uses: actions/setup-dotnet@v2
+ with:
+ dotnet-version: ${{ env.DOTNET_VERSION }}
+
+ - name: Set up dependency caching for faster builds
+ uses: actions/cache@v3
+ with:
+ path: ~/.nuget/packages
+ key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
+ restore-keys: |
+ ${{ runner.os }}-nuget-
+
+ - name: Build with dotnet
+ run: dotnet build --configuration Release
+
+ - name: dotnet publish
+ run: dotnet publish ./IssueUnlockDoor/IssueUnlockDoor.csproj -c Release -o ${{env.DOTNET_ROOT}}/issuerpackage
+
+ - name: Upload artifact for deployment job
+ uses: actions/upload-artifact@v3
+ with:
+ name: .net-app
+ path: ${{env.DOTNET_ROOT}}/issuerpackage
+
+ deploy:
+ permissions:
+ contents: none
+ runs-on: ubuntu-latest
+ needs: build
+ environment:
+ name: 'Development'
+ url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
+
+ steps:
+ - name: Download artifact from build job
+ uses: actions/download-artifact@v3
+ with:
+ name: .net-app
+
+ - name: Deploy to Azure Web App
+ id: deploy-to-webapp
+ uses: azure/webapps-deploy@v2
+ with:
+ app-name: ${{ env.AZURE_WEBAPP_NAME }}
+ publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_ISSUER }}
+ package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }}
diff --git a/.github/workflows/azure-deploy-verifier.yml b/.github/workflows/azure-deploy-verifier.yml
@@ -0,0 +1,70 @@
+
+name: Build and deploy EmployeeUnlockDoor
+
+env:
+ AZURE_WEBAPP_NAME: employeeunlockdoor # set this to the name of your Azure Web App
+ AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
+ DOTNET_VERSION: '7.0' # set this to the .NET Core version to use
+
+on:
+ push:
+ branches: [ "deploy-verifier" ]
+ workflow_dispatch:
+
+permissions:
+ contents: read
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Set up .NET Core
+ uses: actions/setup-dotnet@v2
+ with:
+ dotnet-version: ${{ env.DOTNET_VERSION }}
+
+ - name: Set up dependency caching for faster builds
+ uses: actions/cache@v3
+ with:
+ path: ~/.nuget/packages
+ key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
+ restore-keys: |
+ ${{ runner.os }}-nuget-
+
+ - name: Build with dotnet
+ run: dotnet build --configuration Release
+
+ - name: dotnet publish
+ run: dotnet publish ./EmployeeUnlockDoor/EmployeeUnlockDoor.csproj -c Release -o ${{env.DOTNET_ROOT}}/verifierpackage
+
+ - name: Upload artifact for deployment job
+ uses: actions/upload-artifact@v3
+ with:
+ name: .net-app
+ path: ${{env.DOTNET_ROOT}}/verifierpackage
+
+ deploy:
+ permissions:
+ contents: none
+ runs-on: ubuntu-latest
+ needs: build
+ environment:
+ name: 'Development'
+ url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
+
+ steps:
+ - name: Download artifact from build job
+ uses: actions/download-artifact@v3
+ with:
+ name: .net-app
+
+ - name: Deploy to Azure Web App
+ id: deploy-to-webapp
+ uses: azure/webapps-deploy@v2
+ with:
+ app-name: ${{ env.AZURE_WEBAPP_NAME }}
+ publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_VERIFIER }}
+ package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }}
diff --git a/EmployeeUnlockDoor.sln b/EmployeeUnlockDoor.sln
@@ -17,6 +17,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "_customSelfIssuedAttestatio
  _customSelfIssuedAttestation\self-issued-attestation-settings.json = _customSelfIssuedAttestation\self-issued-attestation-settings.json
  EndProjectSection
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "IssueUnlockDoor", "IssueUnlockDoor\IssueUnlockDoor.csproj", "{1764414F-319B-4DE0-955B-D6BD72C7E2D5}"
+EndProject
 Global
  GlobalSection(SolutionConfigurationPlatforms) = preSolution
  Debug|Any CPU = Debug|Any CPU
@@ -27,6 +29,10 @@ Global
  {86C57247-0232-4C80-B41C-CFE15849329A}.Debug|Any CPU.Build.0 = Debug|Any CPU
  {86C57247-0232-4C80-B41C-CFE15849329A}.Release|Any CPU.ActiveCfg = Release|Any CPU
  {86C57247-0232-4C80-B41C-CFE15849329A}.Release|Any CPU.Build.0 = Release|Any CPU
+ {1764414F-319B-4DE0-955B-D6BD72C7E2D5}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {1764414F-319B-4DE0-955B-D6BD72C7E2D5}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {1764414F-319B-4DE0-955B-D6BD72C7E2D5}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {1764414F-319B-4DE0-955B-D6BD72C7E2D5}.Release|Any CPU.Build.0 = Release|Any CPU
  EndGlobalSection
  GlobalSection(SolutionProperties) = preSolution
  HideSolutionNode = FALSE

diff --git a/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoor.cshtml b/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoor.cshtml
@@ -27,7 +27,6 @@
  </div>
  </div>
  </div>
-
 
  <div id="message-wrapper" style="display: none">
  <div id="message-wrapper-icon" style="display: none">
@@ -46,7 +45,7 @@
 
 <div class="container">
  <div class="row"> 
- <div style="width: 300px">
+ <div style="width: 300px;padding:0">
  <div id="qrcode" style="text-align: center"></div>
  </div>
  </div>
@@ -58,12 +57,14 @@
  <input type="hidden" required id="statePresented" name="statePresented"/>
 </form>
 
-<div class="row">
- <div class="col col-12 col-md-auto mb-4 order-last order-md-first">
- <a class="c-button-custom c-button-custom--inverted" href="@Model.AbortPortalUrl">Reset</a>
- </div>
- <div class="col col-12 col-md-auto mb-4 order-first order-md-last">
- <button type="button" id="buttonVerifyEmployeeUnlockDoor" value="Submit form" class="c-button-custom">Unlock</button>
+<div class="container">
+ <div class="row">
+ <div class="col col-12 col-md-auto mb-4 order-last order-md-first">
+ <a class="c-button-custom c-button-custom--inverted" href="@Model.AbortPortalUrl">Reset</a>
+ </div>
+ <div id="butUnlock" style="display: none" class="col col-12 col-md-auto mb-4 order-first order-md-last">
+ <button type="button" id="buttonVerifyEmployeeUnlockDoor" value="Submit form" class="c-button-custom">Unlock</button>
+ </div>
  </div>
 </div>
 

diff --git a/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoor.cshtml.cs b/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoor.cshtml.cs
@@ -49,6 +49,7 @@ public async Task<IActionResult> OnPostAsync()
  new Claim("Mail", credentialData!.Employee.Mail, ClaimValueTypes.String, "damienbodsharepoint"),
  new Claim("Surname", credentialData!.Employee.Surname, ClaimValueTypes.String, "damienbodsharepoint"),
  new Claim("Photo", credentialData!.Employee.Photo, ClaimValueTypes.String, "damienbodsharepoint"),
+ new Claim("DoorCode", credentialData!.DoorCode, ClaimValueTypes.String, "damienbodsharepoint"), 
  };
 
  var userIdentity = new ClaimsIdentity(claims, "entraemployee");

diff --git a/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoorError.cshtml b/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoorError.cshtml
@@ -1,4 +1,4 @@
-@page
+@page "{UnlockErrorMessage?}"
 @model EmployeeUnlockDoor.Pages.UnlockDoor.UnlockDoorErrorModel
 
 

diff --git a/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoorError.cshtml.cs b/EmployeeUnlockDoor/Pages/UnlockDoor/UnlockDoorError.cshtml.cs
@@ -1,17 +1,18 @@
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 
 namespace EmployeeUnlockDoor.Pages.UnlockDoor;
 
-[AllowAnonymous]
 public class UnlockDoorErrorModel : PageModel
 {
+ [BindProperty(SupportsGet = true)]
+ public string? UnlockErrorMessage { get; set; }
+
  public string? ErrorMessage { get; set; }
 
  public IActionResult OnGet()
  {
- ErrorMessage = $"Something went wrong: your cannot enter!";
+ ErrorMessage = $"Something went wrong: your cannot enter: {UnlockErrorMessage}";
  return Page();
  }
 }
diff --git a/EmployeeUnlockDoor/Pages/UnlockDoor/Unlocked.cshtml b/EmployeeUnlockDoor/Pages/UnlockDoor/Unlocked.cshtml
@@ -14,3 +14,5 @@
  </div>
  </div>
 </div>
+
+<div>@Model.NameSurnameMessage</div>
diff --git a/EmployeeUnlockDoor/Pages/UnlockDoor/Unlocked.cshtml.cs b/EmployeeUnlockDoor/Pages/UnlockDoor/Unlocked.cshtml.cs
@@ -1,22 +1,50 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc.RazorPages;
-using Microsoft.Extensions.Caching.Distributed;
-using VerifierInsuranceCompany.Services;
-using System.Security.Claims;
+using Microsoft.AspNetCore.Components.Forms;
 using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
+using static System.Runtime.InteropServices.JavaScript.JSType;
 
 namespace EmployeeUnlockDoor.Pages.UnlockDoor;
 
 [AllowAnonymous]
 public class UnlockedModel : PageModel
 {
+ private readonly ValidateUserAndDoorCodeService _validateUserAndDoorCodeService;
+
+ public UnlockedModel(ValidateUserAndDoorCodeService validateUserAndDoorCodeService)
+ {
+ _validateUserAndDoorCodeService = validateUserAndDoorCodeService;
+ }
+
  [BindProperty]
  public string? StatePresented { get; set; }
 
- public IActionResult OnGet()
+ [BindProperty]
+ public string? NameSurnameMessage { get; set; }
+
+ public async Task<IActionResult> OnGetAsync()
  {
+ var upn = HttpContext.User.FindFirst("RevocationId");
+ var doorCode = HttpContext.User.FindFirst("DoorCode");
+
+ var givenName = HttpContext.User.FindFirst("GivenName");
+ var surname = HttpContext.User.FindFirst("Surname");
+
+ NameSurnameMessage = $"Have a nice day {givenName!.Value} {surname!.Value}";
+
+ // Validate door code and VC claims
+ (bool IsValid, string Error) validation = _validateUserAndDoorCodeService
+ .PaycheckIdAndUserAreValid(upn!.Value, doorCode!.Value);
+
+ if (!validation.IsValid)
+ {
+ await HttpContext.SignOutAsync();
+ return Redirect($"~/UnlockDoor/UnlockDoorError/{validation.Error}");
+ }
+
+ // Data should be fetched from a DB or an ERP service etc.
+
  return Page();
  }
 }
diff --git a/EmployeeUnlockDoor/Services/CacheData.cs b/EmployeeUnlockDoor/Services/CacheData.cs
@@ -18,6 +18,8 @@ public class CacheData
  public string Subject { get; set; } = string.Empty;
  [JsonPropertyName("employeeClaims")]
  public EmployeeClaims Employee { get; set; } = new EmployeeClaims();
+ [JsonPropertyName("doorCode")]
+ public string DoorCode { get; set; } = string.Empty;
 
  public static void AddToCache(string key, IDistributedCache cache, CacheData cacheData)
  {

diff --git a/EmployeeUnlockDoor/Services/DoorCodeClaims.cs b/EmployeeUnlockDoor/Services/DoorCodeClaims.cs
@@ -0,0 +1,9 @@
+using System.Text.Json.Serialization;
+
+namespace EmployeeUnlockDoor.Services;
+
+public class DoorCodeClaims
+{
+ [JsonPropertyName("doorCode")]
+ public string? DoorCode { get; set; }
+}
diff --git a/EmployeeUnlockDoor/Services/EmployeeClaims.cs b/EmployeeUnlockDoor/Services/EmployeeClaims.cs
@@ -1,4 +1,4 @@
-using System.Text.Json.Serialization;
+using System.Text.Json.Serialization;
 
 namespace EmployeeUnlockDoor.Services;
 
@@ -18,6 +18,8 @@ public class EmployeeClaims
  public string DisplayName { get; set; } = string.Empty;
  [JsonPropertyName("preferredLanguage")]
  public string PreferredLanguage { get; set; } = string.Empty;
- [JsonPropertyName("userPrincipalName")]
+
+ //[JsonPropertyName("userPrincipalName")]
+ [JsonPropertyName("revocationId")]
  public string RevocationId { get; set; } = string.Empty;
 }
diff --git a/EmployeeUnlockDoor/Services/VerifierCallbackResponse.cs b/EmployeeUnlockDoor/Services/VerifierCallbackResponse.cs
@@ -1,3 +1,4 @@
+using System.Text.Json.Nodes;
 using System.Text.Json.Serialization;
 using EmployeeUnlockDoor.Services;
 
@@ -22,7 +23,6 @@ public class VerifierCallbackResponse
 
  [JsonPropertyName("verifiedCredentialsData")]
  public List<VerifiedCredentialsData> VerifiedCredentialsData { get; set; } = new List<VerifiedCredentialsData>();
-
 }
 
 public class CallbackError
@@ -42,6 +42,29 @@ public class VerifiedCredentialsData
  public List<string> CredentialTypes { get; set; } = new List<string>();
 
  [JsonPropertyName("claims")]
- public EmployeeClaims Claims { get; set; } = new EmployeeClaims();
-
+ public JsonObject Claims { get; set; } = new JsonObject();
 }
+
+//public class VerifiedCredentialsEmployeeData
+//{
+// [JsonPropertyName("authority")]
+// public string Authority { get; set; } = string.Empty;
+
+// [JsonPropertyName("type")]
+// public List<string> CredentialTypes { get; set; } = new List<string>();
+
+// [JsonPropertyName("claims")]
+// public EmployeeClaims Claims { get; set; } = new EmployeeClaims();
+//}
+
+//public class VerifiedCredentialsDoorCodeData
+//{
+// [JsonPropertyName("authority")]
+// public string Authority { get; set; } = string.Empty;
+
+// [JsonPropertyName("type")]
+// public List<string> CredentialTypes { get; set; } = new List<string>();
+
+// [JsonPropertyName("claims")]
+// public DoorCodeClaims Claims { get; set; } = new DoorCodeClaims();
+//}