diff --git a/.github/workflows/azure-deploy-issuer.yml b/.github/workflows/azure-deploy-issuer.yml
index 6ece13c..06f9ec0 100644
--- a/.github/workflows/azure-deploy-issuer.yml
+++ b/.github/workflows/azure-deploy-issuer.yml
@@ -17,12 +17,12 @@
# For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
# For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples
-name: Build and deploy IssuerDrivingLicense
+name: Deploy IssuerDrivingLicense
env:
AZURE_WEBAPP_NAME: damienbodsharepointissuer # set this to the name of your Azure Web App
AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
- DOTNET_VERSION: '7.0' # set this to the .NET Core version to use
+ DOTNET_VERSION: '9.0' # set this to the .NET Core version to use
on:
push:
@@ -37,15 +37,15 @@ jobs:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Set up .NET Core
- uses: actions/setup-dotnet@v2
+ uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
- name: Set up dependency caching for faster builds
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -59,7 +59,7 @@ jobs:
run: dotnet publish ./IssuerDrivingLicense/IssuerDrivingLicense.csproj -c Release -o ${{env.DOTNET_ROOT}}/issuerpackage
- name: Upload artifact for deployment job
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
with:
name: .net-app
path: ${{env.DOTNET_ROOT}}/issuerpackage
@@ -75,7 +75,7 @@ jobs:
steps:
- name: Download artifact from build job
- uses: actions/download-artifact@v3
+ uses: actions/download-artifact@v4
with:
name: .net-app
diff --git a/.github/workflows/azure-deploy-verifier.yml b/.github/workflows/azure-deploy-verifier.yml
index f3c945a..5006c59 100644
--- a/.github/workflows/azure-deploy-verifier.yml
+++ b/.github/workflows/azure-deploy-verifier.yml
@@ -17,12 +17,12 @@
# For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
# For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples
-name: Build and deploy VerifierInsuranceCompany
+name: Deploy VerifierInsuranceCompany
env:
AZURE_WEBAPP_NAME: damienbodsharepointverifier # set this to the name of your Azure Web App
AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
- DOTNET_VERSION: '7.0' # set this to the .NET Core version to use
+ DOTNET_VERSION: '9.0' # set this to the .NET Core version to use
on:
push:
@@ -37,15 +37,15 @@ jobs:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Set up .NET Core
- uses: actions/setup-dotnet@v2
+ uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
- name: Set up dependency caching for faster builds
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -59,7 +59,7 @@ jobs:
run: dotnet publish ./VerifierInsuranceCompany/VerifierInsuranceCompany.csproj -c Release -o ${{env.DOTNET_ROOT}}/verifierpackage
- name: Upload artifact for deployment job
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
with:
name: .net-app
path: ${{env.DOTNET_ROOT}}/verifierpackage
@@ -75,7 +75,7 @@ jobs:
steps:
- name: Download artifact from build job
- uses: actions/download-artifact@v3
+ uses: actions/download-artifact@v4
with:
name: .net-app
diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml
index 3f11567..ef763fe 100644
--- a/.github/workflows/dotnet.yml
+++ b/.github/workflows/dotnet.yml
@@ -12,11 +12,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Setup .NET
- uses: actions/setup-dotnet@v2
+ uses: actions/setup-dotnet@v4
with:
- dotnet-version: '7.0'
+ dotnet-version: '9.0'
include-prerelease: True
- name: Restore dependencies
run: dotnet restore
diff --git a/IssuerDrivingLicense/IssuerDrivingLicense.csproj b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
index b5ddc67..8892c69 100644
--- a/IssuerDrivingLicense/IssuerDrivingLicense.csproj
+++ b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
@@ -1,28 +1,28 @@
- net7.0
+ net9.0
enable
enable
aspnet-IssuerDrivingLicense-825A2CCD-D7A7-4681-8552-A73D569859BF
-
-
-
-
-
-
+
+
+
+
+
+
all
runtime; build; native; contentfiles; analyzers; buildtransitive
-
+
-
-
-
-
+
+
+
+
diff --git a/IssuerDrivingLicense/Migrations/20211015070446_init.cs b/IssuerDrivingLicense/Migrations/20211015070446_init.cs
index c3fae25..4e0096f 100644
--- a/IssuerDrivingLicense/Migrations/20211015070446_init.cs
+++ b/IssuerDrivingLicense/Migrations/20211015070446_init.cs
@@ -1,4 +1,3 @@
-using System;
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
diff --git a/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs b/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs
index 301004b..a46d7da 100644
--- a/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs
+++ b/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs
@@ -1,5 +1,4 @@
-using System;
-using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
diff --git a/IssuerDrivingLicense/Pages/Admin.cshtml.cs b/IssuerDrivingLicense/Pages/Admin.cshtml.cs
index c4bc2ec..0f9862c 100644
--- a/IssuerDrivingLicense/Pages/Admin.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/Admin.cshtml.cs
@@ -1,6 +1,6 @@
+using IssuerDrivingLicense.Persistence;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
namespace IssuerDrivingLicense;
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs
index ca7e84d..c656b8c 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs
@@ -50,7 +50,7 @@ public async Task OnPostAsync()
// TODO add other properties as needed
_context.DriverLicenses.Add(DriverLicense);
- await _context.SaveChangesAsync();
+ await _context.SaveChangesAsync();
return RedirectToPage("./User", new { id = DriverLicense.UserName });
}
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs
index 95185a3..78d9351 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs
@@ -1,7 +1,7 @@
+using IssuerDrivingLicense.Persistence;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
namespace IssuerDrivingLicense.Pages.DriverLicenses;
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs
index 7827d8d..9a20ee9 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs
@@ -1,7 +1,7 @@
-using Microsoft.AspNetCore.Mvc;
+using IssuerDrivingLicense.Persistence;
+using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
namespace IssuerDrivingLicense.Pages.DriverLicenses;
@@ -53,7 +53,7 @@ public async Task OnPostAsync()
if (DriverLicense != null)
{
var existingDriverLicense = await _context.DriverLicenses.FirstOrDefaultAsync(m => m.Id == DriverLicense.Id);
-
+
if (existingDriverLicense == null)
return NotFound();
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs
index 1925eab..4086a34 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs
@@ -1,7 +1,7 @@
-using Microsoft.AspNetCore.Mvc;
+using IssuerDrivingLicense.Persistence;
+using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
namespace IssuerDrivingLicense.Pages.DriverLicenses;
diff --git a/IssuerDrivingLicense/Pages/Error.cshtml.cs b/IssuerDrivingLicense/Pages/Error.cshtml.cs
index c635794..a7de55f 100644
--- a/IssuerDrivingLicense/Pages/Error.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/Error.cshtml.cs
@@ -1,6 +1,6 @@
+using System.Diagnostics;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
-using System.Diagnostics;
namespace IssuerDrivingLicense.Pages;
diff --git a/IssuerDrivingLicense/Program.cs b/IssuerDrivingLicense/Program.cs
index 0bc8621..1f488ae 100644
--- a/IssuerDrivingLicense/Program.cs
+++ b/IssuerDrivingLicense/Program.cs
@@ -1,18 +1,78 @@
-namespace IssuerDrivingLicense;
+using System.Configuration;
+using IssuerDrivingLicense;
+using IssuerDrivingLicense.Persistence;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.AspNetCore.Server.Kestrel.Core;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Identity.Web.UI;
+using Microsoft.Identity.Web;
-public class Program
+var builder = WebApplication.CreateBuilder(args);
+
+builder.WebHost.ConfigureKestrel(serverOptions =>
+{
+ serverOptions.AddServerHeader = false;
+});
+
+var services = builder.Services;
+var configuration = builder.Configuration;
+
+services.Configure(options =>
+{
+ options.AllowSynchronousIO = true;
+});
+
+services.AddSecurityHeaderPolicies()
+ .SetPolicySelector(ctx => SecurityHeadersDefinitions
+ .GetHeaderPolicyCollection(builder.Environment.IsDevelopment()));
+
+services.Configure(configuration.GetSection("CredentialSettings"));
+services.AddScoped();
+services.AddScoped();
+
+services.AddDatabaseDeveloperPageExceptionFilter();
+services.AddDbContext(options =>
+ options.UseSqlServer(
+ configuration.GetConnectionString("DefaultConnection")));
+
+services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
+ .AddMicrosoftIdentityWebApp(configuration.GetSection("AzureAd"));
+
+services.AddAuthorization(options =>
+{
+ options.FallbackPolicy = options.DefaultPolicy;
+});
+
+services.AddDistributedMemoryCache();
+
+services.AddRazorPages()
+ .AddMvcOptions(options => { })
+ .AddMicrosoftIdentityUI();
+
+services.AddRazorPages();
+
+var app = builder.Build();
+
+app.UseSecurityHeaders();
+
+if (app.Environment.IsDevelopment())
+{
+ app.UseDeveloperExceptionPage();
+}
+else
{
- public static void Main(string[] args)
- {
- CreateHostBuilder(args).Build().Run();
- }
-
- public static IHostBuilder CreateHostBuilder(string[] args) =>
- Host.CreateDefaultBuilder(args)
- .ConfigureWebHostDefaults(webBuilder =>
- {
- webBuilder
- .ConfigureKestrel(options => options.AddServerHeader = false)
- .UseStartup();
- });
+ app.UseExceptionHandler("/Error");
}
+
+app.UseHttpsRedirection();
+app.UseStaticFiles();
+
+app.UseRouting();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
+app.MapRazorPages();
+app.MapControllers();
+
+app.Run();
diff --git a/IssuerDrivingLicense/SecurityHeadersDefinitions.cs b/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
index b36e2f3..99ee508 100644
--- a/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
+++ b/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
@@ -1,16 +1,23 @@
-using Microsoft.AspNetCore.Builder;
-
namespace IssuerDrivingLicense;
public static class SecurityHeadersDefinitions
{
+ private static HeaderPolicyCollection? policy;
+
public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
{
- var policy = new HeaderPolicyCollection()
+ // Avoid building a new HeaderPolicyCollection on every request for performance reasons.
+ // Where possible, cache and reuse HeaderPolicyCollection instances.
+ if (policy != null)
+ {
+ return policy;
+ }
+
+ policy = new HeaderPolicyCollection()
.AddFrameOptionsDeny()
- .AddXssProtectionBlock()
.AddContentTypeOptionsNoSniff()
.AddReferrerPolicyStrictOriginWhenCrossOrigin()
+ .RemoveServerHeader()
.AddCrossOriginOpenerPolicy(builder => builder.SameOrigin())
.AddCrossOriginEmbedderPolicy(builder => builder.RequireCorp())
.AddCrossOriginResourcePolicy(builder => builder.SameOrigin())
@@ -19,32 +26,14 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
builder.AddObjectSrc().None();
builder.AddBlockAllMixedContent();
builder.AddImgSrc().Self().From("data:");
- builder.AddFormAction().Self();
builder.AddFontSrc().Self();
+ builder.AddFormAction().Self();
builder.AddStyleSrc().Self().UnsafeInline();
builder.AddBaseUri().Self();
- builder.AddScriptSrc().Self().UnsafeInline().WithNonce();
+ builder.AddScriptSrc().UnsafeInline().WithNonce();
builder.AddFrameAncestors().None();
- //builder.AddCustomDirective("require-trusted-types-for", "'script'");
})
- .RemoveServerHeader()
- .AddPermissionsPolicy(builder =>
- {
- builder.AddAccelerometer().None();
- builder.AddAutoplay().None();
- builder.AddCamera().None();
- builder.AddEncryptedMedia().None();
- builder.AddFullscreen().All();
- builder.AddGeolocation().None();
- builder.AddGyroscope().None();
- builder.AddMagnetometer().None();
- builder.AddMicrophone().None();
- builder.AddMidi().None();
- builder.AddPayment().None();
- builder.AddPictureInPicture().None();
- builder.AddSyncXHR().None();
- builder.AddUsb().None();
- });
+ .AddPermissionsPolicyWithDefaultSecureDirectives();
if (!isDev)
{
@@ -52,8 +41,6 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
policy.AddStrictTransportSecurityMaxAgeIncludeSubDomains(maxAgeInSeconds: 60 * 60 * 24 * 365);
}
- policy.ApplyDocumentHeadersToAllResponses();
-
return policy;
}
}
diff --git a/IssuerDrivingLicense/Services/CredentialSettings.cs b/IssuerDrivingLicense/Services/CredentialSettings.cs
index e60d946..3c84e5a 100644
--- a/IssuerDrivingLicense/Services/CredentialSettings.cs
+++ b/IssuerDrivingLicense/Services/CredentialSettings.cs
@@ -1,5 +1,5 @@
-using Microsoft.Identity.Web;
-using System.Security.Cryptography.X509Certificates;
+using System.Security.Cryptography.X509Certificates;
+using Microsoft.Identity.Web;
namespace IssuerDrivingLicense;
diff --git a/IssuerDrivingLicense/Services/IssuerController.cs b/IssuerDrivingLicense/Services/IssuerController.cs
index 8c7adff..ef86c4d 100644
--- a/IssuerDrivingLicense/Services/IssuerController.cs
+++ b/IssuerDrivingLicense/Services/IssuerController.cs
@@ -1,14 +1,13 @@
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
-using System.Net;
-using Microsoft.Extensions.Caching.Memory;
using System.Diagnostics;
+using System.Globalization;
+using System.Net;
using System.Net.Http.Headers;
+using System.Text.Json;
using IssuerDrivingLicense.Services;
using Microsoft.AspNetCore.Authorization;
-using System.Text.Json;
+using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Caching.Distributed;
-using System.Globalization;
+using Microsoft.Extensions.Options;
namespace IssuerDrivingLicense;
diff --git a/IssuerDrivingLicense/Services/IssuerService.cs b/IssuerDrivingLicense/Services/IssuerService.cs
index 4a46cfc..9f6b500 100644
--- a/IssuerDrivingLicense/Services/IssuerService.cs
+++ b/IssuerDrivingLicense/Services/IssuerService.cs
@@ -1,10 +1,10 @@
+using System.Globalization;
+using System.Security.Cryptography;
using IssuerDrivingLicense.Services;
using Microsoft.Extensions.Caching.Memory;
using Microsoft.Extensions.Options;
using Microsoft.Identity.Client;
using Microsoft.Identity.Web;
-using System.Globalization;
-using System.Security.Cryptography;
namespace IssuerDrivingLicense;
diff --git a/IssuerDrivingLicense/Startup.cs b/IssuerDrivingLicense/Startup.cs
deleted file mode 100644
index 06f47c1..0000000
--- a/IssuerDrivingLicense/Startup.cs
+++ /dev/null
@@ -1,78 +0,0 @@
-using IssuerDrivingLicense.Persistence;
-using Microsoft.AspNetCore.Authentication.OpenIdConnect;
-using Microsoft.AspNetCore.Server.Kestrel.Core;
-using Microsoft.EntityFrameworkCore;
-using Microsoft.Identity.Web;
-using Microsoft.Identity.Web.UI;
-
-namespace IssuerDrivingLicense;
-
-public class Startup
-{
- public Startup(IConfiguration configuration)
- {
- Configuration = configuration;
- }
-
- public IConfiguration Configuration { get; }
-
- public void ConfigureServices(IServiceCollection services)
- {
- services.Configure(options =>
- {
- options.AllowSynchronousIO = true;
- });
-
- services.Configure(Configuration.GetSection("CredentialSettings"));
- services.AddScoped();
- services.AddScoped();
-
- services.AddDatabaseDeveloperPageExceptionFilter();
- services.AddDbContext(options =>
- options.UseSqlServer(
- Configuration.GetConnectionString("DefaultConnection")));
-
- services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
- .AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));
-
- services.AddAuthorization(options =>
- {
- options.FallbackPolicy = options.DefaultPolicy;
- });
-
- services.AddDistributedMemoryCache();
-
- services.AddRazorPages()
- .AddMvcOptions(options => { })
- .AddMicrosoftIdentityUI();
- }
-
- public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
- {
- app.UseSecurityHeaders(SecurityHeadersDefinitions
- .GetHeaderPolicyCollection(env.IsDevelopment()));
-
- if (env.IsDevelopment())
- {
- app.UseDeveloperExceptionPage();
- }
- else
- {
- app.UseExceptionHandler("/Error");
- }
-
- app.UseHttpsRedirection();
- app.UseStaticFiles();
-
- app.UseRouting();
-
- app.UseAuthentication();
- app.UseAuthorization();
-
- app.UseEndpoints(endpoints =>
- {
- endpoints.MapRazorPages();
- endpoints.MapControllers();
- });
- }
-}
diff --git a/README.md b/README.md
index de8c612..c320815 100644
--- a/README.md
+++ b/README.md
@@ -11,6 +11,7 @@
## History
+- 2024-12-15 .NET 9, Updated packages
- 2023-07-29 Updated packages
- 2023-06-24 Updated VC, using mDL based driving license
- 2023-06-23 Update subject model, based on https://github.com/w3c-ccg/vdl-vocab/blob/main/context/v1.jsonld
diff --git a/VerifierInsuranceCompany/Pages/Error.cshtml.cs b/VerifierInsuranceCompany/Pages/Error.cshtml.cs
index 43c26c7..a3b16a8 100644
--- a/VerifierInsuranceCompany/Pages/Error.cshtml.cs
+++ b/VerifierInsuranceCompany/Pages/Error.cshtml.cs
@@ -1,6 +1,6 @@
+using System.Diagnostics;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
-using System.Diagnostics;
namespace VerifierInsuranceCompany.Pages;
diff --git a/VerifierInsuranceCompany/Program.cs b/VerifierInsuranceCompany/Program.cs
index 2877105..8a6ecaa 100644
--- a/VerifierInsuranceCompany/Program.cs
+++ b/VerifierInsuranceCompany/Program.cs
@@ -1,16 +1,59 @@
-namespace VerifierInsuranceCompany;
+using System.Configuration;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.AspNetCore.Server.Kestrel.Core;
+using VerifierInsuranceCompany;
-public class Program
+var builder = WebApplication.CreateBuilder(args);
+
+builder.WebHost.ConfigureKestrel(serverOptions =>
+{
+ serverOptions.AddServerHeader = false;
+});
+
+var services = builder.Services;
+var configuration = builder.Configuration;
+
+services.Configure(options =>
+{
+ options.AllowSynchronousIO = true;
+});
+
+services.AddSecurityHeaderPolicies()
+ .SetPolicySelector(ctx => SecurityHeadersDefinitions
+ .GetHeaderPolicyCollection(builder.Environment.IsDevelopment()));
+
+services.AddScoped();
+services.Configure(options =>
+{
+ options.AllowSynchronousIO = true;
+});
+
+services.Configure(configuration.GetSection("CredentialSettings"));
+services.AddHttpClient();
+services.AddDistributedMemoryCache();
+
+services.AddRazorPages();
+
+var app = builder.Build();
+
+app.UseSecurityHeaders();
+
+if (app.Environment.IsDevelopment())
{
- public static void Main(string[] args)
- {
- CreateHostBuilder(args).Build().Run();
- }
-
- public static IHostBuilder CreateHostBuilder(string[] args) =>
- Host.CreateDefaultBuilder(args)
- .ConfigureWebHostDefaults(webBuilder =>
- {
- webBuilder.UseStartup();
- });
+ app.UseDeveloperExceptionPage();
}
+else
+{
+ app.UseExceptionHandler("/Error");
+ app.UseHsts();
+}
+
+app.UseHttpsRedirection();
+app.UseStaticFiles();
+app.UseRouting();
+
+app.MapControllers();
+app.MapRazorPages();
+
+app.Run();
diff --git a/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs b/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
index 0eacffc..efc2d8a 100644
--- a/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
+++ b/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
@@ -1,16 +1,23 @@
-using Microsoft.AspNetCore.Builder;
-
-namespace IssuerDrivingLicense;
+namespace VerifierInsuranceCompany;
public static class SecurityHeadersDefinitions
{
+ private static HeaderPolicyCollection? policy;
+
public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
{
- var policy = new HeaderPolicyCollection()
+ // Avoid building a new HeaderPolicyCollection on every request for performance reasons.
+ // Where possible, cache and reuse HeaderPolicyCollection instances.
+ if (policy != null)
+ {
+ return policy;
+ }
+
+ policy = new HeaderPolicyCollection()
.AddFrameOptionsDeny()
- .AddXssProtectionBlock()
.AddContentTypeOptionsNoSniff()
.AddReferrerPolicyStrictOriginWhenCrossOrigin()
+ .RemoveServerHeader()
.AddCrossOriginOpenerPolicy(builder => builder.SameOrigin())
.AddCrossOriginEmbedderPolicy(builder => builder.RequireCorp())
.AddCrossOriginResourcePolicy(builder => builder.SameOrigin())
@@ -19,32 +26,13 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
builder.AddObjectSrc().None();
builder.AddBlockAllMixedContent();
builder.AddImgSrc().Self().From("data:");
- builder.AddFormAction().Self();
builder.AddFontSrc().Self();
- builder.AddBaseUri().Self();
builder.AddStyleSrc().Self().UnsafeInline();
- builder.AddScriptSrc().Self().UnsafeInline().WithNonce();
+ builder.AddBaseUri().Self();
+ builder.AddScriptSrc().UnsafeInline().WithNonce();
builder.AddFrameAncestors().None();
- //builder.AddCustomDirective("require-trusted-types-for", "'script'");
})
- .RemoveServerHeader()
- .AddPermissionsPolicy(builder =>
- {
- builder.AddAccelerometer().None();
- builder.AddAutoplay().None();
- builder.AddCamera().None();
- builder.AddEncryptedMedia().None();
- builder.AddFullscreen().All();
- builder.AddGeolocation().None();
- builder.AddGyroscope().None();
- builder.AddMagnetometer().None();
- builder.AddMicrophone().None();
- builder.AddMidi().None();
- builder.AddPayment().None();
- builder.AddPictureInPicture().None();
- builder.AddSyncXHR().None();
- builder.AddUsb().None();
- });
+ .AddPermissionsPolicyWithDefaultSecureDirectives();
if (!isDev)
{
@@ -52,8 +40,6 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
policy.AddStrictTransportSecurityMaxAgeIncludeSubDomains(maxAgeInSeconds: 60 * 60 * 24 * 365);
}
- policy.ApplyDocumentHeadersToAllResponses();
-
return policy;
}
}
diff --git a/VerifierInsuranceCompany/Services/CredentialSettings.cs b/VerifierInsuranceCompany/Services/CredentialSettings.cs
index 2f57842..354ee43 100644
--- a/VerifierInsuranceCompany/Services/CredentialSettings.cs
+++ b/VerifierInsuranceCompany/Services/CredentialSettings.cs
@@ -1,5 +1,5 @@
-using Microsoft.Identity.Web;
-using System.Security.Cryptography.X509Certificates;
+using System.Security.Cryptography.X509Certificates;
+using Microsoft.Identity.Web;
namespace VerifierInsuranceCompany;
diff --git a/VerifierInsuranceCompany/Services/VerifierController.cs b/VerifierInsuranceCompany/Services/VerifierController.cs
index ab49348..c69c874 100644
--- a/VerifierInsuranceCompany/Services/VerifierController.cs
+++ b/VerifierInsuranceCompany/Services/VerifierController.cs
@@ -1,13 +1,12 @@
-using Microsoft.AspNetCore.Mvc;
using System.Diagnostics;
+using System.Globalization;
using System.Net;
using System.Net.Http.Headers;
-using Microsoft.Extensions.Options;
-using VerifierInsuranceCompany.Services;
using System.Text.Json;
-using System.Globalization;
-using Azure;
+using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Caching.Distributed;
+using Microsoft.Extensions.Options;
+using VerifierInsuranceCompany.Services;
namespace VerifierInsuranceCompany;
@@ -115,7 +114,7 @@ public async Task PresentationCallback()
//the request will be deleted from the server immediately.
//That's why it is so important to capture this callback and relay this to the UI so the UI can hide
//the QR code to prevent the user from scanning it twice (resulting in an error since the request is already deleted)
- if (verifierCallbackResponse != null && verifierCallbackResponse.RequestStatus == VerifierConst.RequestRetrieved)
+ if (verifierCallbackResponse != null && verifierCallbackResponse.RequestStatus == VerifierConst.RequestRetrieved)
{
var cacheData = new CacheData
{
@@ -172,8 +171,11 @@ public ActionResult PresentationResponse()
if (data != null)
{
Debug.WriteLine("check if there was a response yet: " + data);
- return new ContentResult { ContentType = "application/json",
- Content = JsonSerializer.Serialize(data) };
+ return new ContentResult
+ {
+ ContentType = "application/json",
+ Content = JsonSerializer.Serialize(data)
+ };
}
return Ok();
diff --git a/VerifierInsuranceCompany/Startup.cs b/VerifierInsuranceCompany/Startup.cs
deleted file mode 100644
index 3c12bda..0000000
--- a/VerifierInsuranceCompany/Startup.cs
+++ /dev/null
@@ -1,56 +0,0 @@
-using IssuerDrivingLicense;
-using Microsoft.AspNetCore.Server.Kestrel.Core;
-
-namespace VerifierInsuranceCompany;
-
-public class Startup
-{
- public Startup(IConfiguration configuration)
- {
- Configuration = configuration;
- }
-
- public IConfiguration Configuration { get; }
-
- // This method gets called by the runtime. Use this method to add services to the container.
- public void ConfigureServices(IServiceCollection services)
- {
- services.AddScoped();
- services.Configure(options =>
- {
- options.AllowSynchronousIO = true;
- });
-
- services.Configure(Configuration.GetSection("CredentialSettings"));
- services.AddHttpClient();
- services.AddDistributedMemoryCache();
-
- services.AddRazorPages();
- }
-
- public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
- {
- app.UseSecurityHeaders(SecurityHeadersDefinitions
- .GetHeaderPolicyCollection(env.IsDevelopment()));
-
- if (env.IsDevelopment())
- {
- app.UseDeveloperExceptionPage();
- }
- else
- {
- app.UseExceptionHandler("/Error");
- app.UseHsts();
- }
-
- app.UseHttpsRedirection();
- app.UseStaticFiles();
- app.UseRouting();
-
- app.UseEndpoints(endpoints =>
- {
- endpoints.MapControllers();
- endpoints.MapRazorPages();
- });
- }
-}
diff --git a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
index 57cd2dd..3ae48f7 100644
--- a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
+++ b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
@@ -1,7 +1,7 @@
- net7.0
+ net9.0
135d3421-6a33-43c7-883f-ae60e65f2a2f
enable
enable
@@ -9,13 +9,13 @@
-
-
-
-
-
-
-
+
+
+
+
+
+
+