From a8d25d79d33cb62a1c1a862ff1f88a2b0c7912e1 Mon Sep 17 00:00:00 2001 From: Nils Herde Date: Fri, 8 Nov 2024 14:53:34 +0100 Subject: [PATCH 1/6] github actions: Test upgrade of setup-dotnet --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 35a59be4..103317ea 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,7 +10,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: dotnet-version: 3.1.101 - name: Install dependencies From f82f8fcb1420d801ea4eefdad3614fea9b30d7e9 Mon Sep 17 00:00:00 2001 From: Nils Herde Date: Mon, 11 Nov 2024 15:47:41 +0100 Subject: [PATCH 2/6] Use sed for inserting version number --- .github/workflows/release.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7d5b9358..e209774a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,6 +24,10 @@ jobs: run: echo "ASSEMBLY_VERSION=$(echo ${GITHUB_REF:10} | cut -d '.' -f 1).0.0" >> $GITHUB_ENV - name: Print assembly version run: echo $ASSEMBLY_VERSION + - name: Sed InformationalVersion number for build purposes + run: sed -i -e "s|0.0.0.0<\/Version>|$RELEASE_VERSION<\/Version>|g" Directory.Build.props + - name: Sed AssemblyVersion number for build purposes + run: sed -i -e "s|0.0.0.0<\/AssemblyVersion>>|$RELEASE_VERSION<\/AssemblyVersion>>|g" Directory.Build.props - name: Pack nupkg run: dotnet pack -p:PackageVersion=$RELEASE_VERSION -p:AssemblyVersion=$ASSEMBLY_VERSION -p:InformationalVersion=$RELEASE_VERSION --configuration Release --no-build --output digipost/packed Digipost.Signature.Api.Client.Core - name: Pack nupkg From 00e49724cbffc22ff95096f0d967ad1312f4f4f7 Mon Sep 17 00:00:00 2001 From: Nils Herde Date: Tue, 26 Nov 2024 09:42:20 +0100 Subject: [PATCH 3/6] tests: Disable client side certificate validation We have updated the client test certificates to internally issued ones instead of Buypass certificates. This should not affect any environments as our cert authority should be configured but the client side validation in this code base is strict by default. Disable the validation locally. Server side validation is still active so using a certificate not originating from a valid authority or Digipost will fail. --- .../BaseClientTests.cs | 15 ++++++++++++--- .../Utilities/CoreDomainUtility.cs | 5 ++++- .../Smoke/DirectClientSmokeTests.cs | 3 ++- .../PortalClientTests.cs | 5 ++++- .../Smoke/PortalClientSmokeTests.cs | 6 +++++- 5 files changed, 27 insertions(+), 7 deletions(-) diff --git a/Digipost.Signature.Api.Client.Core.Tests/BaseClientTests.cs b/Digipost.Signature.Api.Client.Core.Tests/BaseClientTests.cs index bc80f9e2..02ade2af 100644 --- a/Digipost.Signature.Api.Client.Core.Tests/BaseClientTests.cs +++ b/Digipost.Signature.Api.Client.Core.Tests/BaseClientTests.cs @@ -53,7 +53,10 @@ public void Returns_client_client_configuration_sender_if_only_set() { //Arrange var expected = new Sender(BringPublicOrganizationNumber); - var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), expected); + var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), expected) + { + CertificateValidationPreferences = {ValidateSenderCertificate = false} + }; var client = new ClientStub(clientConfiguration); //Act @@ -69,7 +72,10 @@ public void Returns_job_sender_if_both_set() //Arrange var expected = new Sender(BringPublicOrganizationNumber); var clientConfigurationSender = new Sender(PostenOrganizationNumber); - var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), clientConfigurationSender); + var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), clientConfigurationSender) + { + CertificateValidationPreferences = {ValidateSenderCertificate = false} + }; var client = new ClientStub(clientConfiguration); //Act @@ -84,7 +90,10 @@ public void Returns_job_sender_if_only_set() { //Arrange var expected = new Sender(BringPublicOrganizationNumber); - var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate()); + var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate()) + { + CertificateValidationPreferences = {ValidateSenderCertificate = false} + }; var client = new ClientStub(clientConfiguration); //Act diff --git a/Digipost.Signature.Api.Client.Core.Tests/Utilities/CoreDomainUtility.cs b/Digipost.Signature.Api.Client.Core.Tests/Utilities/CoreDomainUtility.cs index 9b678350..1ff05734 100644 --- a/Digipost.Signature.Api.Client.Core.Tests/Utilities/CoreDomainUtility.cs +++ b/Digipost.Signature.Api.Client.Core.Tests/Utilities/CoreDomainUtility.cs @@ -28,7 +28,10 @@ public static class CoreDomainUtility public static ClientConfiguration GetClientConfiguration() { - return new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), GetSender()); + return new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), GetSender()) + { + CertificateValidationPreferences = {ValidateSenderCertificate = false} + }; } public static Document GetDocument() diff --git a/Digipost.Signature.Api.Client.Direct.Tests/Smoke/DirectClientSmokeTests.cs b/Digipost.Signature.Api.Client.Direct.Tests/Smoke/DirectClientSmokeTests.cs index 72908d6b..8e092b3a 100644 --- a/Digipost.Signature.Api.Client.Direct.Tests/Smoke/DirectClientSmokeTests.cs +++ b/Digipost.Signature.Api.Client.Direct.Tests/Smoke/DirectClientSmokeTests.cs @@ -28,7 +28,8 @@ private static DirectClient DirectClient(Environment environment) var clientConfig = new ClientConfiguration(environment, GetBringCertificate(), new Sender(BringPublicOrganizationNumber)) { - LogRequestAndResponse = true + LogRequestAndResponse = true, + CertificateValidationPreferences = {ValidateSenderCertificate = false} }; var client = new DirectClient(clientConfig, serviceProvider.GetService()); diff --git a/Digipost.Signature.Api.Client.Portal.Tests/PortalClientTests.cs b/Digipost.Signature.Api.Client.Portal.Tests/PortalClientTests.cs index b9eaa0e0..04e5d8ab 100644 --- a/Digipost.Signature.Api.Client.Portal.Tests/PortalClientTests.cs +++ b/Digipost.Signature.Api.Client.Portal.Tests/PortalClientTests.cs @@ -60,7 +60,10 @@ public async Task Can_be_called_without_sender_uses_sender_in_client_configurati { //Arrange var sender = new Sender(BringPublicOrganizationNumber); - var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), sender); + var clientConfiguration = new ClientConfiguration(Environment.DifiQa, GetBringCertificate(), sender) + { + CertificateValidationPreferences = {ValidateSenderCertificate = false} + }; var fakeHttpClientHandlerChecksCorrectSender = new FakeHttpClientHandlerChecksCorrectSenderResponse(); var portalClient = new PortalClient(clientConfiguration) { diff --git a/Digipost.Signature.Api.Client.Portal.Tests/Smoke/PortalClientSmokeTests.cs b/Digipost.Signature.Api.Client.Portal.Tests/Smoke/PortalClientSmokeTests.cs index 2531a72f..6ee8681c 100644 --- a/Digipost.Signature.Api.Client.Portal.Tests/Smoke/PortalClientSmokeTests.cs +++ b/Digipost.Signature.Api.Client.Portal.Tests/Smoke/PortalClientSmokeTests.cs @@ -32,7 +32,11 @@ private static PortalClient GetPortalClient(Environment environment) { var serviceProvider = LoggingUtility.CreateServiceProviderAndSetUpLogging(); var sender = new Sender(BringPublicOrganizationNumber); - var clientConfig = new ClientConfiguration(environment, GetBringCertificate(), sender) {HttpClientTimeoutInMilliseconds = 30000, LogRequestAndResponse = true}; + var clientConfig = new ClientConfiguration(environment, GetBringCertificate(), sender) + { + HttpClientTimeoutInMilliseconds = 30000, LogRequestAndResponse = true, + CertificateValidationPreferences = {ValidateSenderCertificate = false} + }; var client = new PortalClient(clientConfig, serviceProvider.GetService()); return client; } From 12046a609e24ae2d94d5c9a0de4796f38a44658d Mon Sep 17 00:00:00 2001 From: Nils Herde Date: Tue, 19 Nov 2024 15:19:21 +0100 Subject: [PATCH 4/6] Update from netcoreapp3.1 to net8.0 --- .../Digipost.Signature.Api.Client.Archive.Tests.csproj | 2 +- .../Digipost.Signature.Api.Client.Core.Tests.csproj | 2 +- .../Digipost.Signature.Api.Client.Direct.Tests.csproj | 2 +- .../Digipost.Signature.Api.Client.Portal.Tests.csproj | 2 +- .../Digipost.Signature.Api.Client.Program.csproj | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Digipost.Signature.Api.Client.Archive.Tests/Digipost.Signature.Api.Client.Archive.Tests.csproj b/Digipost.Signature.Api.Client.Archive.Tests/Digipost.Signature.Api.Client.Archive.Tests.csproj index 318a5006..fec9265c 100644 --- a/Digipost.Signature.Api.Client.Archive.Tests/Digipost.Signature.Api.Client.Archive.Tests.csproj +++ b/Digipost.Signature.Api.Client.Archive.Tests/Digipost.Signature.Api.Client.Archive.Tests.csproj @@ -1,7 +1,7 @@ - netcoreapp3.1 + net8.0 false diff --git a/Digipost.Signature.Api.Client.Core.Tests/Digipost.Signature.Api.Client.Core.Tests.csproj b/Digipost.Signature.Api.Client.Core.Tests/Digipost.Signature.Api.Client.Core.Tests.csproj index 510919f1..47a1ca73 100644 --- a/Digipost.Signature.Api.Client.Core.Tests/Digipost.Signature.Api.Client.Core.Tests.csproj +++ b/Digipost.Signature.Api.Client.Core.Tests/Digipost.Signature.Api.Client.Core.Tests.csproj @@ -23,7 +23,7 @@ - netcoreapp3.1 + net8.0 false diff --git a/Digipost.Signature.Api.Client.Direct.Tests/Digipost.Signature.Api.Client.Direct.Tests.csproj b/Digipost.Signature.Api.Client.Direct.Tests/Digipost.Signature.Api.Client.Direct.Tests.csproj index 747111eb..6f91e797 100644 --- a/Digipost.Signature.Api.Client.Direct.Tests/Digipost.Signature.Api.Client.Direct.Tests.csproj +++ b/Digipost.Signature.Api.Client.Direct.Tests/Digipost.Signature.Api.Client.Direct.Tests.csproj @@ -20,7 +20,7 @@ - netcoreapp3.1 + net8.0 false diff --git a/Digipost.Signature.Api.Client.Portal.Tests/Digipost.Signature.Api.Client.Portal.Tests.csproj b/Digipost.Signature.Api.Client.Portal.Tests/Digipost.Signature.Api.Client.Portal.Tests.csproj index a98d5b61..318942bb 100644 --- a/Digipost.Signature.Api.Client.Portal.Tests/Digipost.Signature.Api.Client.Portal.Tests.csproj +++ b/Digipost.Signature.Api.Client.Portal.Tests/Digipost.Signature.Api.Client.Portal.Tests.csproj @@ -22,7 +22,7 @@ - netcoreapp3.1 + net8.0 false diff --git a/Digipost.Signature.Api.Client.Program/Digipost.Signature.Api.Client.Program.csproj b/Digipost.Signature.Api.Client.Program/Digipost.Signature.Api.Client.Program.csproj index ef693b52..5c34a493 100644 --- a/Digipost.Signature.Api.Client.Program/Digipost.Signature.Api.Client.Program.csproj +++ b/Digipost.Signature.Api.Client.Program/Digipost.Signature.Api.Client.Program.csproj @@ -1,7 +1,7 @@  - netcoreapp3.1 + net8.0 Exe From b5e5a31b8e345f0681633d8b49a7d77051715052 Mon Sep 17 00:00:00 2001 From: Nils Herde Date: Wed, 27 Nov 2024 13:18:39 +0100 Subject: [PATCH 5/6] ci: Bump versions in actions --- .github/workflows/build.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/test.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 103317ea..c8b3c733 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: - name: Setup .NET Core uses: actions/setup-dotnet@v4 with: - dotnet-version: 3.1.101 + dotnet-version: 8.0.403 - name: Install dependencies run: dotnet restore - name: Build diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e209774a..09ba23d6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,9 +11,9 @@ jobs: steps: - uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: - dotnet-version: 3.1.101 + dotnet-version: 8.0.403 - name: Install dependencies run: dotnet restore - name: Build diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a9fad1f7..78bc6444 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,9 +10,9 @@ jobs: steps: - uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: - dotnet-version: 3.1.101 + dotnet-version: 8.0.403 - name: Install dependencies run: dotnet restore - name: Decode certificate From 2b50ea1ef06a94ad3da6d9e3b380fb577a1edfba Mon Sep 17 00:00:00 2001 From: Nils Herde Date: Thu, 28 Nov 2024 09:27:57 +0100 Subject: [PATCH 6/6] ci: debug Add a sha256 output of the base64 decoded certificate for debug purposes Do `pass Qa/Nokler_og_sertifikater/Bring_Digital_Signature_Key_Encipherment_Data_Encipherment/key | base64 -D | sha256sum` on the local machine to check for a match --- .github/workflows/test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 78bc6444..2852b0fe 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,6 +17,8 @@ jobs: run: dotnet restore - name: Decode certificate run: echo -n $(echo ${{ secrets.ENCODED_SMOKE_TEST_CERTIFICATE }}) | base64 -d > $(echo ${GITHUB_WORKSPACE})/Bring_Digital_Signature_Key_Encipherment_Data_Encipherment.p12 + - name: checksum p12 (for debug-purposes) + run: sha256sum $(echo ${GITHUB_WORKSPACE})/Bring_Digital_Signature_Key_Encipherment_Data_Encipherment.p12 - name: Set certificate path run: dotnet user-secrets set Certificate:Path:Absolute $(echo ${GITHUB_WORKSPACE})/Bring_Digital_Signature_Key_Encipherment_Data_Encipherment.p12 --project Digipost.Signature.Api.Client.Core - name: Set certificate password