Merge pull request #703 from eclipse-tractusx/release/v2.0.0-RC6

build(2.0.0-rc6): merge release into main

CHANGELOG.md

@@ -2,6 +2,17 @@
 
 New features, fixed bugs, known defects and other noteworthy changes to each release of the Catena-X Portal Backend.
 
+## 2.0.0-RC6
+
+### Feature
+* **Administration Service**
+* dim: enhanced endpoint with issuer did, bpnl and did of the holder and url for the bpn did resolver
+
+### Bugfix
+* **Administration Service**
+* allowed null values in GET and POST identityprovider response
+* fixed isOwner filter for GET api/administration/serviceaccount/owncompany/serviceaccounts
+
 ## 2.0.0-RC5
 
 ### Changes

src/Directory.Build.props

@@ -20,6 +20,6 @@
 <Project>
   <PropertyGroup>
     <VersionPrefix>2.0.0</VersionPrefix>
-    <VersionSuffix>RC5</VersionSuffix>
+    <VersionSuffix>RC6</VersionSuffix>
   </PropertyGroup>
 </Project>

src/administration/Administration.Service/BusinessLogic/CompanyDataBusinessLogic.cs

@@ -576,11 +576,34 @@ public async IAsyncEnumerable<CompanyCertificateBpnData> GetCompanyCertificatesB
             _settings.MaxPageSize,
             portalRepositories.GetInstance<ICompanyCertificateRepository>().GetActiveCompanyCertificatePaginationSource(sorting, certificateStatus, certificateType, _identityData.CompanyId));
 
-    public async Task<DimUrlsResponse> GetDimServiceUrls() =>
-        new(
-            $"{await portalRepositories.GetInstance<ICompanyRepository>().GetWalletServiceUrl(_identityData.CompanyId).ConfigureAwait(ConfigureAwaitOptions.None)}/oauth/token",
+    public async Task<DimUrlsResponse> GetDimServiceUrls()
+    {
+        var (bpnl, did, walletServiceUrl) = await portalRepositories.GetInstance<ICompanyRepository>().GetDimServiceUrls(_identityData.CompanyId).ConfigureAwait(ConfigureAwaitOptions.None);
+
+        if (bpnl is null)
+        {
+            throw new ConflictException("Bpn must be set");
+        }
+
+        if (did is null)
+        {
+            throw new ConflictException("Did must be set");
+        }
+
+        if (walletServiceUrl is null)
+        {
+            throw new ConflictException("Wallet Url must be set");
+        }
+
+        return new(
+            _settings.IssuerDid,
+            bpnl,
+            did,
+            _settings.BpnDidResolverUrl,
+            $"{walletServiceUrl}/oauth/token",
             _settings.DecentralIdentityManagementAuthUrl
         );
+    }
 
     /// <inheritdoc />
     public async Task<int> DeleteCompanyCertificateAsync(Guid documentId)

src/administration/Administration.Service/BusinessLogic/CompanyDataSettings.cs

@@ -32,6 +32,8 @@ public CompanyDataSettings()
         SsiCertificateMediaTypes = null!;
         CompanyCertificateMediaTypes = null!;
         DecentralIdentityManagementAuthUrl = null!;
+        IssuerDid = null!;
+        BpnDidResolverUrl = null!;
     }
 
     /// <summary>
@@ -65,6 +67,12 @@ public CompanyDataSettings()
 
     [Required(AllowEmptyStrings = true)]
     public string DecentralIdentityManagementAuthUrl { get; set; }
+
+    [Required(AllowEmptyStrings = true)]
+    public string IssuerDid { get; set; }
+
+    [Required(AllowEmptyStrings = true)]
+    public string BpnDidResolverUrl { get; set; }
 }
 
 public static class CompanyDataSettingsExtensions

src/administration/Administration.Service/BusinessLogic/IdentityProviderBusinessLogic.cs

@@ -523,19 +523,17 @@ private async ValueTask<IdentityProviderDetails> GetIdentityProviderDetailsOidc(
             identityProviderDataOidc?.Enabled,
             identityProviderMapper)
         {
-            Oidc = identityProviderDataOidc == null ?
-                null :
-                new IdentityProviderDetailsOidc(
+            Oidc = identityProviderDataOidc == null
+                ? null
+                : new IdentityProviderDetailsOidc(
                     metadataUrl,
                     identityProviderDataOidc.AuthorizationUrl,
                     identityProviderDataOidc.TokenUrl,
                     identityProviderDataOidc.LogoutUrl,
                     identityProviderDataOidc.ClientId,
                     !string.IsNullOrEmpty(identityProviderDataOidc.ClientSecret),
-                    identityProviderDataOidc.ClientAuthMethod)
-                {
-                    SignatureAlgorithm = identityProviderDataOidc.SignatureAlgorithm
-                }
+                    identityProviderDataOidc.ClientAuthMethod,
+                    identityProviderDataOidc.SignatureAlgorithm)
         };
     }
 
@@ -575,9 +573,9 @@ private async ValueTask<IdentityProviderDetails> GetIdentityProviderDetailsSaml(
             identityProviderDataSaml?.Enabled,
             identityProviderMapper)
         {
-            Saml = identityProviderDataSaml == null ?
-                null :
-                new IdentityProviderDetailsSaml(
+            Saml = identityProviderDataSaml == null
+                ? null
+                : new IdentityProviderDetailsSaml(
                     identityProviderDataSaml.EntityId,
                     identityProviderDataSaml.SingleSignOnServiceUrl)
         };

src/administration/Administration.Service/BusinessLogic/UserBusinessLogic.cs

@@ -122,7 +122,7 @@ private async IAsyncEnumerable<string> CreateOwnCompanyUsersInternalAsync(IEnume
             user => user.userName ?? user.eMail,
             user => user.eMail);
 
-        var companyDisplayName = await _userProvisioningService.GetIdentityProviderDisplayName(companyNameIdpAliasData.IdpAlias).ConfigureAwait(ConfigureAwaitOptions.None);
+        var companyDisplayName = await _userProvisioningService.GetIdentityProviderDisplayName(companyNameIdpAliasData.IdpAlias).ConfigureAwait(ConfigureAwaitOptions.None) ?? companyNameIdpAliasData.IdpAlias;
 
         await foreach (var (companyUserId, userName, password, error) in _userProvisioningService.CreateOwnCompanyIdpUsersAsync(companyNameIdpAliasData, userCreationInfoIdps).ConfigureAwait(false))
         {
@@ -163,7 +163,7 @@ private Task<IEnumerable<UserRoleData>> GetOwnCompanyUserRoleData(IEnumerable<st
     public async Task<Guid> CreateOwnCompanyIdpUserAsync(Guid identityProviderId, UserCreationInfoIdp userCreationInfo)
     {
         var (companyNameIdpAliasData, nameCreatedBy) = await _userProvisioningService.GetCompanyNameIdpAliasData(identityProviderId, _identityData.IdentityId).ConfigureAwait(ConfigureAwaitOptions.None);
-        var displayName = await _userProvisioningService.GetIdentityProviderDisplayName(companyNameIdpAliasData.IdpAlias).ConfigureAwait(ConfigureAwaitOptions.None);
+        var displayName = await _userProvisioningService.GetIdentityProviderDisplayName(companyNameIdpAliasData.IdpAlias).ConfigureAwait(ConfigureAwaitOptions.None) ?? companyNameIdpAliasData.IdpAlias;
 
         if (!userCreationInfo.Roles.Any())
         {

src/administration/Administration.Service/BusinessLogic/UserUploadBusinessLogic.cs

@@ -129,7 +129,7 @@ await GetUserRoleDatas(parsed.Roles, validRoleData, _identityData.CompanyId).Con
 
         UserCreationRoleDataIdpInfo? userCreationInfo = null;
 
-        var displayName = await _userProvisioningService.GetIdentityProviderDisplayName(companyNameIdpAliasData.IdpAlias).ConfigureAwait(ConfigureAwaitOptions.None);
+        var displayName = await _userProvisioningService.GetIdentityProviderDisplayName(companyNameIdpAliasData.IdpAlias).ConfigureAwait(ConfigureAwaitOptions.None) ?? companyNameIdpAliasData.IdpAlias;
 
         await foreach (var result in
             _userProvisioningService

src/administration/Administration.Service/Models/DimUrlsResponse.cs

@@ -17,9 +17,15 @@
  * SPDX-License-Identifier: Apache-2.0
  ********************************************************************************/
 
+using System.Text.Json.Serialization;
+
 namespace Org.Eclipse.TractusX.Portal.Backend.Administration.Service.Models;
 
 public record DimUrlsResponse(
-    string? DecentralIdentityManagementAuthUrl,
-    string DecentralIdentityManagementServiceUrl
+    [property: JsonPropertyName("trusted_issuer")] string IssuerDid,
+    [property: JsonPropertyName("participant_id")] string Bpnl,
+    [property: JsonPropertyName("iatp_id")] string HolderDid,
+    [property: JsonPropertyName("did_resolver")] string BpnDidResolverUrl,
+    [property: JsonPropertyName("decentralIdentityManagementAuthUrl")] string DecentralIdentityManagementAuthUrl,
+    [property: JsonPropertyName("decentralIdentityManagementServiceUrl")] string DecentralIdentityManagementServiceUrl
 );

src/administration/Administration.Service/Models/IdentityProviderDetails.cs

@@ -1,5 +1,4 @@
 /********************************************************************************
- * Copyright (c) 2021, 2023 BMW Group AG
  * Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
  *
  * See the NOTICE file(s) distributed with this work for additional
@@ -25,7 +24,15 @@
 
 namespace Org.Eclipse.TractusX.Portal.Backend.Administration.Service.Models;
 
-public record IdentityProviderDetails(Guid IdentityProviderId, string? Alias, IdentityProviderCategoryId IdentityProviderCategoryId, IdentityProviderTypeId IdentityProviderTypeId, string? DisplayName, string? RedirectUrl, bool? Enabled, IEnumerable<IdentityProviderMapperModel>? Mappers)
+public record IdentityProviderDetails(
+    Guid IdentityProviderId,
+    string? Alias,
+    IdentityProviderCategoryId IdentityProviderCategoryId,
+    IdentityProviderTypeId IdentityProviderTypeId,
+    string? DisplayName,
+    string? RedirectUrl,
+    bool? Enabled,
+    IEnumerable<IdentityProviderMapperModel>? Mappers)
 {
     [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
     public IdentityProviderDetailsOidc? Oidc { get; init; } = null;
@@ -34,10 +41,18 @@ public record IdentityProviderDetails(Guid IdentityProviderId, string? Alias, Id
     public IdentityProviderDetailsSaml? Saml { get; init; } = null;
 }
 
-public record IdentityProviderDetailsOidc(string? MetadataUrl, string AuthorizationUrl, string TokenUrl, string? LogoutUrl, string ClientId, bool HasClientSecret, IamIdentityProviderClientAuthMethod ClientAuthMethod)
-{
-    [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
-    public IamIdentityProviderSignatureAlgorithm? SignatureAlgorithm { get; init; } = null;
-}
+public record IdentityProviderDetailsOidc(
+    string? MetadataUrl,
+    string? AuthorizationUrl,
+    string? TokenUrl,
+    string? LogoutUrl,
+    string? ClientId,
+    bool HasClientSecret,
+    IamIdentityProviderClientAuthMethod? ClientAuthMethod,
+    [property: JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)] IamIdentityProviderSignatureAlgorithm? SignatureAlgorithm
+);
 
-public record IdentityProviderDetailsSaml(string ServiceProviderEntityId, string SingleSignOnServiceUrl);
+public record IdentityProviderDetailsSaml(
+    string? ServiceProviderEntityId,
+    string? SingleSignOnServiceUrl
+);

src/administration/Administration.Service/Models/PartnerRegistrationData.cs

@@ -1,5 +1,4 @@
 /********************************************************************************
- * Copyright (c) 2021, 2023 BMW Group AG
  * Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
  *
  * See the NOTICE file(s) distributed with this work for additional
@@ -38,7 +37,7 @@ public record PartnerRegistrationData
     IEnumerable<CompanyUniqueIdData> UniqueIds,
     IEnumerable<UserDetailData> UserDetails,
     IEnumerable<CompanyRoleId> CompanyRoles
-) : Registration.Common.RegistrationData(Name, City, StreetName, CountryAlpha2Code, BusinessPartnerNumber, null, Region, null, StreetNumber, ZipCode, UniqueIds);
+) : RegistrationData(Name, City, StreetName, CountryAlpha2Code, BusinessPartnerNumber, null, Region, null, StreetNumber, ZipCode, UniqueIds);
 
 public record UserDetailData(
     Guid? IdentityProviderId,

src/administration/Administration.Service/appsettings.json

@@ -245,7 +245,10 @@
     }
   },
   "ServiceAccount": {
-    "ClientId": ""
+    "ClientId": "",
+    "DimCreationRoles": [],
+    "EncryptionConfigIndex": 0,
+    "EncryptionConfigs": []
   },
   "Connectors": {
     "MaxPageSize": 20,
@@ -371,7 +374,9 @@
     "UseCaseParticipationMediaTypes": [],
     "SsiCertificateMediaTypes": [],
     "CompanyCertificateMediaTypes":[],
-    "DecentralIdentityManagementAuthUrl": ""
+    "DecentralIdentityManagementAuthUrl": "",
+    "IssuerDid":  "",
+    "BpnDidResolverUrl":  ""
   },
   "Network2Network": {
     "InitialRoles": [],

src/portalbackend/PortalBackend.DBAccess/Models/CompanyServiceAccountData.cs

@@ -29,6 +29,7 @@ public record CompanyServiceAccountData(
     [property: JsonPropertyName("name")] string Name,
     [property: JsonPropertyName("serviceAccountType")] CompanyServiceAccountTypeId CompanyServiceAccountTypeId,
     [property: JsonPropertyName("isOwner")] bool IsOwner,
+    [property: JsonPropertyName("isProvider")] bool IsProvider,
     [property: JsonPropertyName("offerSubscriptionId")] Guid? OfferSubscriptionId,
     [property: JsonPropertyName("connector")] ConnectorResponseData? ConnectorData,
     [property: JsonPropertyName("offer")] OfferResponseData? OfferSubscriptionsData

src/portalbackend/PortalBackend.DBAccess/Repositories/CompanyRepository.cs

@@ -378,9 +378,13 @@ public void CreateWalletData(Guid companyId, string did, JsonDocument didDocumen
                     .Select(ca => ca.Id)))
             .SingleOrDefaultAsync();
 
-    public Task<string?> GetWalletServiceUrl(Guid companyId) =>
+    public Task<(string? Bpn, string? Did, string? WalletUrl)> GetDimServiceUrls(Guid companyId) =>
         context.Companies.Where(x => x.Id == companyId)
-            .Select(x => x.CompanyWalletData!.AuthenticationServiceUrl)
+            .Select(x => new ValueTuple<string?, string?, string?>(
+                x.BusinessPartnerNumber,
+                x.CompanyWalletData!.Did,
+                x.CompanyWalletData.AuthenticationServiceUrl
+            ))
             .SingleOrDefaultAsync();
 
     public Task<(string? Holder, string? BusinessPartnerNumber, WalletInformation? WalletInformation)> GetWalletData(Guid identityId) =>

src/portalbackend/PortalBackend.DBAccess/Repositories/ICompanyRepository.cs

@@ -176,6 +176,6 @@ public interface ICompanyRepository
     void CreateWalletData(Guid companyId, string did, JsonDocument didDocument, string clientId, byte[] clientSecret, byte[]? initializationVector, int encryptionMode, string authenticationServiceUrl);
     Task<(bool Exists, JsonDocument DidDocument)> GetDidDocumentById(string bpn);
     Task<(bool Exists, Guid CompanyId, IEnumerable<Guid> SubmittedCompanyApplicationId)> GetCompanyIdByBpn(string bpn);
-    Task<string?> GetWalletServiceUrl(Guid companyId);
+    Task<(string? Bpn, string? Did, string? WalletUrl)> GetDimServiceUrls(Guid companyId);
     Task<(string? Holder, string? BusinessPartnerNumber, WalletInformation? WalletInformation)> GetWalletData(Guid identityId);
 }

src/portalbackend/PortalBackend.DBAccess/Repositories/ServiceAccountRepository.cs

@@ -160,32 +160,40 @@ public void AttachAndModifyCompanyServiceAccount(
             take,
             _dbContext.CompanyServiceAccounts
                 .AsNoTracking()
-                .Where(serviceAccount =>
-                    (!isOwner.HasValue && (serviceAccount.CompaniesLinkedServiceAccount!.Owners == userCompanyId || serviceAccount.CompaniesLinkedServiceAccount!.Provider == userCompanyId) ||
-                    isOwner.HasValue && (isOwner.Value && serviceAccount.CompaniesLinkedServiceAccount!.Owners == userCompanyId || !isOwner.Value && serviceAccount.CompaniesLinkedServiceAccount!.Provider == userCompanyId)) &&
-                    serviceAccount.Identity!.UserStatusId == userStatusId &&
-                    (clientId == null || EF.Functions.ILike(serviceAccount.ClientClientId!, $"%{clientId.EscapeForILike()}%")))
-                .GroupBy(serviceAccount => serviceAccount.Identity!.UserStatusId),
-            serviceAccounts => serviceAccounts.OrderBy(serviceAccount => serviceAccount.Name),
-            serviceAccount => new CompanyServiceAccountData(
-                serviceAccount.Id,
-                serviceAccount.ClientClientId,
-                serviceAccount.Name,
-                serviceAccount.CompanyServiceAccountTypeId,
-                serviceAccount.CompaniesLinkedServiceAccount!.Provider == null,
-                serviceAccount.OfferSubscriptionId,
-                serviceAccount.Connector == null
+                .Select(serviceAccount => new
+                {
+                    ServiceAccount = serviceAccount,
+                    IsOwner = serviceAccount.CompaniesLinkedServiceAccount!.Owners == userCompanyId,
+                    IsProvider = serviceAccount.CompaniesLinkedServiceAccount!.Provider == userCompanyId
+                })
+                .Where(x =>
+                    (isOwner.HasValue
+                        ? isOwner.Value && x.IsOwner || !isOwner.Value && x.IsProvider
+                        : x.IsOwner || x.IsProvider) &&
+                    x.ServiceAccount.Identity!.UserStatusId == userStatusId &&
+                    (clientId == null || EF.Functions.ILike(x.ServiceAccount.ClientClientId!, $"%{clientId.EscapeForILike()}%")))
+                .GroupBy(x => x.ServiceAccount.Identity!.UserStatusId),
+            x => x.OrderBy(x => x.ServiceAccount.Name),
+            x => new CompanyServiceAccountData(
+                x.ServiceAccount.Id,
+                x.ServiceAccount.ClientClientId,
+                x.ServiceAccount.Name,
+                x.ServiceAccount.CompanyServiceAccountTypeId,
+                x.IsOwner,
+                x.IsProvider,
+                x.ServiceAccount.OfferSubscriptionId,
+                x.ServiceAccount.Connector == null
                     ? null
                     : new ConnectorResponseData(
-                        serviceAccount.Connector.Id,
-                        serviceAccount.Connector.Name),
-                serviceAccount!.OfferSubscription == null
+                        x.ServiceAccount.Connector.Id,
+                        x.ServiceAccount.Connector.Name),
+                x!.ServiceAccount.OfferSubscription == null
                     ? null
                     : new OfferResponseData(
-                        serviceAccount.OfferSubscription.OfferId,
-                        serviceAccount.OfferSubscription.Offer!.OfferTypeId,
-                        serviceAccount.OfferSubscription.Offer.Name,
-                        serviceAccount.OfferSubscription.Id)))
+                        x.ServiceAccount.OfferSubscription.OfferId,
+                        x.ServiceAccount.OfferSubscription.Offer!.OfferTypeId,
+                        x.ServiceAccount.OfferSubscription.Offer.Name,
+                        x.ServiceAccount.OfferSubscription.Id)))
             .SingleOrDefaultAsync();
 
     /// <inheritdoc />