Merge pull request #103 from Virtual-Finland-Development/fix/todos-cleanup

lsipii · web-flow · commit 9a30e377c18a · 2023-11-24T17:18:42.000+02:00
Cleanups and adjustments
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/Productizer/Operations/User/GetUserProfile.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/Productizer/Operations/User/GetUserProfile.cs
@@ -49,7 +49,6 @@ public async Task<User> Handle(Query request, CancellationToken cancellationToke
                 .Include(p => p.AdditionalInformation).ThenInclude(ai => ai!.Address)
                 .SingleAsync(p => p.Id == request.User.PersonId, cancellationToken);
 
-            // TODO - To be decided: This default search profile in the user API call can be possibly removed when requirement are more clear
             var dbUserDefaultSearchProfile = await _usersDbContext.SearchProfiles.FirstOrDefaultAsync(o => o.IsDefault && o.PersonId == dbUser.Id, cancellationToken);
 
             List<UserResponseOccupation>? occupations = null;
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/Productizer/Operations/User/UpdateUserProfile.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/Productizer/Operations/User/UpdateUserProfile.cs
@@ -232,9 +232,6 @@ private async Task<List<ValidationErrorDetail>> ValidateCountryCodesLogic(Comman
             return validationErrors;
         }
 
-        /// <summary>
-        /// TODO - To be decided: This default search profile in the user API call can be possibly removed when requirement are more clear
-        /// </summary>
         /// <param name="dbUserDefaultSearchProfile"></param>
         /// <param name="dbUser"></param>
         /// <param name="request"></param>
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/User/Operations/GetUser.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/User/Operations/GetUser.cs
@@ -47,7 +47,6 @@ public async Task<User> Handle(Query request, CancellationToken cancellationToke
                 .Include(u => u.AdditionalInformation).ThenInclude(ai => ai!.Address)
                 .SingleAsync(o => o.Id == request.User.PersonId, cancellationToken);
 
-            // TODO - To be decided: This default search profile in the user API call can be possibly removed when requirement are more clear
             var dbUserDefaultSearchProfile = await _usersDbContext.SearchProfiles.FirstOrDefaultAsync(o => o.IsDefault && o.PersonId == dbUser.Id, cancellationToken);
 
             List<UserResponseOccupation>? occupations = null;
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/User/Operations/UpdateUser.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/User/Operations/UpdateUser.cs
@@ -294,11 +294,7 @@ private static ICollection<Occupation> GetUpdatedOccupations(
                         continue;
                     }
 
-                    var existingOccupation = dbUserOccupations.FirstOrDefault(o => o.Id == occupation.Id);
-
-                    // TODO: Return some error about invalid guid ?
-                    if (existingOccupation is null) continue;
-
+                    var existingOccupation = dbUserOccupations.FirstOrDefault(o => o.Id == occupation.Id) ?? throw new BadRequestException("Invalid occupation ID");
                     if (occupation.Delete is true)
                     {
                         dbUserOccupations.Remove(existingOccupation);
@@ -370,9 +366,6 @@ private async Task<List<ValidationErrorDetail>> ValidateCountryCodesLogic(Comman
             return validationErrors;
         }
 
-        /// <summary>
-        /// TODO - To be decided: This default search profile in the user API call can be possibly removed when requirement are more clear
-        /// </summary>
         /// <param name="dbUserDefaultSearchProfile"></param>
         /// <param name="dbUser"></param>
         /// <param name="request"></param>
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Helpers/Extensions/EnvironmentExtensions.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Helpers/Extensions/EnvironmentExtensions.cs
@@ -5,7 +5,9 @@ public static class Environments
     public static readonly string Local = "local";
     public static readonly string Development = "dev";
     public static readonly string Staging = "staging";
-    public static readonly string Production = "prod";
+    public static readonly string Production = "production";
+    public static readonly string MvpStaging = "mvp-staging";
+    public static readonly string MvpProduction = "mvp-production";
 }
 
 public static class EnvironmentExtensions
@@ -34,19 +36,19 @@ public static bool IsStaging(this IHostEnvironment hostEnvironment)
     {
         if (hostEnvironment == null)
         {
-            throw new ArgumentException(nameof(hostEnvironment));
+            throw new ArgumentException(null, nameof(hostEnvironment));
         }
 
-        return hostEnvironment.IsEnvironment(Environments.Staging);
+        return hostEnvironment.IsEnvironment(Environments.MvpStaging) || hostEnvironment.IsEnvironment(Environments.Staging);
     }
 
     public static bool IsProduction(this IHostEnvironment hostEnvironment)
     {
         if (hostEnvironment == null)
         {
-            throw new ArgumentException(nameof(hostEnvironment));
+            throw new ArgumentException(null, nameof(hostEnvironment));
         }
 
-        return hostEnvironment.IsEnvironment(Environments.Production);
+        return hostEnvironment.IsEnvironment(Environments.MvpProduction) || hostEnvironment.IsEnvironment(Environments.Production);
     }
 }
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Migrations/20230906150120_TermsOfService.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Migrations/20230906150120_TermsOfService.cs
@@ -68,7 +68,6 @@ protected override void Up(MigrationBuilder migrationBuilder)
                 column: "Version",
                 unique: true);
 
-            // @TODO Manage terms of service by some control mechanism and not by migrations
             migrationBuilder.InsertData(
                 table: "TermsOfServices",
                 columns: new[] { "Id", "Url", "Description", "Version", "Created", "Modified" },
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Models/UsersDatabase/Auditable.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Models/UsersDatabase/Auditable.cs
@@ -30,13 +30,13 @@ public void SetupAuditEvent(UsersDbContext dbContext, IRequestAuthenticationCand
 
     protected void SetupAuditAddition(IRequestAuthenticationCandinate user)
     {
-        Created = DateTime.Now;
+        Created = DateTime.UtcNow;
         SetupAuditUpdate(user);
     }
 
     protected void SetupAuditUpdate(IRequestAuthenticationCandinate user)
     {
-        Modified = DateTime.Now;
+        Modified = DateTime.UtcNow;
         Metadata = new AuditableMetadata(user);
     }
 }
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Program.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Program.cs
@@ -118,7 +118,6 @@
             .UseQuerySplittingBehavior(QuerySplittingBehavior.SingleQuery)
         );
 });
-AppContext.SetSwitch("Npgsql.EnableLegacyTimestampBehavior", true); // @TODO: Resolve what changed in datetime inserting that causes this to be needed
 
 //
 // Redis connection
@@ -168,20 +167,19 @@
 //
 var app = builder.Build();
 
-// Use swagger only in non-production environments
-if (!EnvironmentExtensions.IsProduction(app.Environment))
+// Use swagger only in development
+if (EnvironmentExtensions.IsLocal(app.Environment) || EnvironmentExtensions.IsDevelopment(app.Environment))
 {
     app.UseSwagger();
     app.UseSwaggerUI();
 
-    // global cors policy
-    app.UseCors(x => x
+    // Direct cors requests used in dev-stages
+    app.UseCors(builder => builder
         .AllowAnyOrigin()
         .AllowAnyMethod()
         .AllowAnyHeader());
 }
 
-
 app.UseSerilogRequestLogging(options =>
 {
     options.EnrichDiagnosticContext = (diagnosticContext, httpContext) =>
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/ApplicationSecurity.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/ApplicationSecurity.cs
@@ -9,6 +9,8 @@ public class ApplicationSecurity : IApplicationSecurity
 {
     private readonly ITermsOfServiceRepository _termsOfServiceRepository;
     private readonly SecuritySetup _setup;
+    private readonly int _initializationTimeoutInMilliseconds = 10000;
+
     public ApplicationSecurity(ITermsOfServiceRepository termsOfServiceRepository, SecuritySetup securitySetup)
     {
         _termsOfServiceRepository = termsOfServiceRepository;
@@ -27,7 +29,8 @@ public async Task<RequestAuthenticationCandinate> ParseJwtToken(string token)
         if (!tokenHandler.CanReadToken(token)) throw new NotAuthorizedException("The given token is not valid");
         var parsedToken = tokenHandler.ReadJwtToken(token);
 
-        // Resolve the security feature by token issuer (must be enabled) // @TODO: ensure the security feature is loaded before this
+        // Resolve the security feature by token issuer (must be enabled)
+        await EnsureSecurityInitializationCompleted();
         var tokenIssuer = parsedToken.Issuer;
         var securityFeature = _setup.Features.Find(o => o.Issuer == tokenIssuer) ?? throw new NotAuthorizedException("The given token issuer is not valid");
 
@@ -49,4 +52,17 @@ public async Task VerifyPersonTermsOfServiceAgreement(Guid personId)
         // Fetch person terms of service agreement
         _ = await _termsOfServiceRepository.GetTermsOfServiceAgreementOfTheLatestTermsByPersonId(personId) ?? throw new NotAuthorizedException("User has not accepted the latest terms of service.");
     }
+
+    /// <summary>
+    /// All the enabled security features must be initialized before the application can be used, verify that the initializations are completed
+    /// </summary>
+    private async Task EnsureSecurityInitializationCompleted()
+    {
+        var initializationTimeout = DateTime.Now.AddMilliseconds(_initializationTimeoutInMilliseconds);
+        while (_setup.Features.Any(o => !o.IsInitialized))
+        {
+            if (DateTime.Now > initializationTimeout) throw new NotAuthorizedException("Security initialization timeout");
+            await Task.Delay(100);
+        }
+    }
 }
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/ISecurityFeature.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/ISecurityFeature.cs
@@ -13,4 +13,5 @@ public interface ISecurityFeature
     Task ValidateSecurityTokenAudience(string audience);
 
     public string Issuer { get; }
+    public bool IsInitialized { get; set; }
 }
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/SecurityFeature.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/SecurityFeature.cs
@@ -12,14 +12,19 @@
 
 namespace VirtualFinland.UserAPI.Security.Features;
 
-public class SecurityFeature : ISecurityFeature
+public abstract class SecurityFeature : ISecurityFeature
 {
     ///
     /// The issuer of the JWT token
     ///
     public string Issuer => _issuer ?? throw new ArgumentNullException("Issuer is not set");
     protected string? _issuer;
 
+    /// <summary>
+    /// Is the security feature initialized
+    /// </summary>
+    public bool IsInitialized { get; set; } = false;
+
     /// <summary>
     /// Security feature options
     /// </summary>
@@ -171,13 +176,18 @@ protected virtual void ConfigureOpenIdConnect(AuthenticationBuilder authenticati
     /// </summary>
     protected virtual async void LoadOpenIdConfigUrl()
     {
-        if (_openIDConfigurationURL == null) return;
+        if (_openIDConfigurationURL == null)
+        {
+            IsInitialized = true;
+            return;
+        }
 
         if (Options.IsOidcMetadataCachingEnabled && await CacheRepository.Exists(Constants.Cache.OpenIdConfigPrefix))
         {
             var cachedResult = await CacheRepository.Get<OpenIdConfiguration>(Constants.Cache.OpenIdConfigPrefix);
             _issuer = cachedResult.Issuer;
             _jwksOptionsUrl = cachedResult.JwksUri;
+            IsInitialized = true;
             return;
         }
 
@@ -205,6 +215,8 @@ protected virtual async void LoadOpenIdConfigUrl()
                             Issuer = _issuer,
                             JwksUri = _jwksOptionsUrl
                         }, cacheDuration);
+
+                        IsInitialized = true;
                     }
 
                     break;
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/TestbedSecurityFeature.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/TestbedSecurityFeature.cs
@@ -1,4 +1,3 @@
-using VirtualFinland.UserAPI.Data.Repositories;
 using VirtualFinland.UserAPI.Security.Models;
 
 namespace VirtualFinland.UserAPI.Security.Features;
diff --git a/VirtualFinland.UsersAPI.Deployment/Features/PostgresDatabase.cs b/VirtualFinland.UsersAPI.Deployment/Features/PostgresDatabase.cs
@@ -95,7 +95,7 @@ public void SetupProductionPostgresDatabase(Config config, StackSetup stackSetup
 
             DbSubnetGroupName = dbSubNetGroup.Name,
             Tags = stackSetup.Tags,
-            BackupRetentionPeriod = 7, // @TODO: Define for production
+            BackupRetentionPeriod = 30,
             EnabledCloudwatchLogsExports = new[] { "postgresql" },
         });
 
diff --git a/VirtualFinland.UsersAPI.UnitTests/Helpers/APITestBase.cs b/VirtualFinland.UsersAPI.UnitTests/Helpers/APITestBase.cs
@@ -49,8 +49,8 @@ private UsersDbContext GetMemoryContext()
             {
                 new("sub", requestAuthenticationCandinate.IdentityId ?? throw new Exception("IdentityId is null")),
             },
-            DateTime.Now,
-            DateTime.Now.AddDays(1),
+            DateTime.UtcNow,
+            DateTime.UtcNow.AddDays(1),
             new SigningCredentials(new SymmetricSecurityKey(new byte[16]), SecurityAlgorithms.HmacSha256)
         ));
 
@@ -66,7 +66,7 @@ private UsersDbContext GetMemoryContext()
             new SecuritySetup()
             {
                 Features = new List<ISecurityFeature>() {
-                    new SecurityFeature(
+                    new TestSecurityFeature(
                         new SecurityFeatureOptions {
                             Issuer = requestAuthenticationCandinate.Issuer,
                             OpenIdConfigurationUrl = "test-openid-config-url",
diff --git a/VirtualFinland.UsersAPI.UnitTests/Helpers/PersonAdditionalInformationBuilder.cs b/VirtualFinland.UsersAPI.UnitTests/Helpers/PersonAdditionalInformationBuilder.cs
@@ -18,7 +18,7 @@ public class PersonAdditionalInformationBuilder
     private readonly string _citizenshipCode = "FR";
     private readonly string _countryOfBirthCode = "FR";
     private readonly DateTime _created = DateTime.UtcNow;
-    private readonly DateOnly _dateOfBirth = DateOnly.FromDateTime(DateTime.Now);
+    private readonly DateOnly _dateOfBirth = DateOnly.FromDateTime(DateTime.UtcNow);
     private readonly string _gender = "Male";
     private readonly DateTime _modified = DateTime.UtcNow;
     private readonly string _nativeLanguageCode = "FR";
diff --git a/VirtualFinland.UsersAPI.UnitTests/Helpers/TestSecurityFeature.cs b/VirtualFinland.UsersAPI.UnitTests/Helpers/TestSecurityFeature.cs
@@ -8,6 +8,7 @@ public class TestSecurityFeature : SecurityFeature
 {
     public TestSecurityFeature(SecurityFeatureOptions options, SecurityClientProviders securityClientProviders) : base(options, securityClientProviders)
     {
+        IsInitialized = true;
     }
 
     /// <summary>
diff --git a/VirtualFinland.UsersAPI.UnitTests/Tests/Security/TimeoutTests.cs b/VirtualFinland.UsersAPI.UnitTests/Tests/Security/TimeoutTests.cs
@@ -93,8 +93,8 @@ public async Task RetrievingSecurityServiceInformation_shouldThrowTimeoutExcepti
             {
                 new("sub", "dummy"),
             },
-            DateTime.Now,
-            DateTime.Now.AddDays(1),
+            DateTime.UtcNow,
+            DateTime.UtcNow.AddDays(1),
             new SigningCredentials(new SymmetricSecurityKey(new byte[16]), SecurityAlgorithms.HmacSha256)
         ));
 

Original file line number	Diff line number	Diff line change
`@@ -232,9 +232,6 @@ private async Task<List<ValidationErrorDetail>> ValidateCountryCodesLogic(Comman`
`232`	`232`	`return validationErrors;`
`233`	`233`	`}`
`234`	`234`
`235`		`- /// <summary>`
`236`		`- /// TODO - To be decided: This default search profile in the user API call can be possibly removed when requirement are more clear`
`237`		`- /// </summary>`
`238`	`235`	`/// <param name="dbUserDefaultSearchProfile"></param>`
`239`	`236`	`/// <param name="dbUser"></param>`
`240`	`237`	`/// <param name="request"></param>`
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,9 @@ public static class Environments`
`5`	`5`	`public static readonly string Local = "local";`
`6`	`6`	`public static readonly string Development = "dev";`
`7`	`7`	`public static readonly string Staging = "staging";`
`8`		`- public static readonly string Production = "prod";`
	`8`	`+ public static readonly string Production = "production";`
	`9`	`+ public static readonly string MvpStaging = "mvp-staging";`
	`10`	`+ public static readonly string MvpProduction = "mvp-production";`
`9`	`11`	`}`
`10`	`12`
`11`	`13`	`public static class EnvironmentExtensions`
`@@ -34,19 +36,19 @@ public static bool IsStaging(this IHostEnvironment hostEnvironment)`
`34`	`36`	`{`
`35`	`37`	`if (hostEnvironment == null)`
`36`	`38`	`{`
`37`		`- throw new ArgumentException(nameof(hostEnvironment));`
	`39`	`+ throw new ArgumentException(null, nameof(hostEnvironment));`
`38`	`40`	`}`
`39`	`41`
`40`		`- return hostEnvironment.IsEnvironment(Environments.Staging);`
	`42`	`+ return hostEnvironment.IsEnvironment(Environments.MvpStaging) \|\| hostEnvironment.IsEnvironment(Environments.Staging);`
`41`	`43`	`}`
`42`	`44`
`43`	`45`	`public static bool IsProduction(this IHostEnvironment hostEnvironment)`
`44`	`46`	`{`
`45`	`47`	`if (hostEnvironment == null)`
`46`	`48`	`{`
`47`		`- throw new ArgumentException(nameof(hostEnvironment));`
	`49`	`+ throw new ArgumentException(null, nameof(hostEnvironment));`
`48`	`50`	`}`
`49`	`51`
`50`		`- return hostEnvironment.IsEnvironment(Environments.Production);`
	`52`	`+ return hostEnvironment.IsEnvironment(Environments.MvpProduction) \|\| hostEnvironment.IsEnvironment(Environments.Production);`
`51`	`53`	`}`
`52`	`54`	`}`
Original file line number	Diff line number	Diff line change
`@@ -30,13 +30,13 @@ public void SetupAuditEvent(UsersDbContext dbContext, IRequestAuthenticationCand`
`30`	`30`
`31`	`31`	`protected void SetupAuditAddition(IRequestAuthenticationCandinate user)`
`32`	`32`	`{`
`33`		`- Created = DateTime.Now;`
	`33`	`+ Created = DateTime.UtcNow;`
`34`	`34`	`SetupAuditUpdate(user);`
`35`	`35`	`}`
`36`	`36`
`37`	`37`	`protected void SetupAuditUpdate(IRequestAuthenticationCandinate user)`
`38`	`38`	`{`
`39`		`- Modified = DateTime.Now;`
	`39`	`+ Modified = DateTime.UtcNow;`
`40`	`40`	`Metadata = new AuditableMetadata(user);`
`41`	`41`	`}`
`42`	`42`	`}`
Original file line number	Diff line number	Diff line change
`@@ -13,4 +13,5 @@ public interface ISecurityFeature`
`13`	`13`	`Task ValidateSecurityTokenAudience(string audience);`
`14`	`14`
`15`	`15`	`public string Issuer { get; }`
	`16`	`+ public bool IsInitialized { get; set; }`
`16`	`17`	`}`