Exemple #1
0
        public GatewayRepository(IConfigurationService configurationService, ILogger <GatewayRepository> logger)
        {
            _logger = logger;
            _config = configurationService.GetConfig().GetAwaiter().GetResult();

            SqlMapper.AddTypeHandler(typeof(ApplyData), new ApplyDataHandler());
        }
Exemple #2
0
        public Startup(IConfiguration configuration, IHostingEnvironment env)
        {
            _env           = env;
            _configuration = configuration;

            _applyConfig = new ConfigurationService(_env, _configuration["EnvironmentName"], _configuration["ConfigurationStorageConnectionString"], _version, _serviceName).GetConfig().GetAwaiter().GetResult();
        }
Exemple #3
0
 public Startup(IConfiguration configuration, ILogger <Startup> logger, IHostingEnvironment hostingEnvironment, IHostingEnvironment env)
 {
     _configuration      = configuration;
     _logger             = logger;
     _hostingEnvironment = hostingEnvironment;
     _env           = env;
     _configService = new ConfigurationService(env, _configuration["EnvironmentName"], _configuration["ConfigurationStorageConnectionString"], Version, ServiceName).GetConfig().GetAwaiter().GetResult();
 }
Exemple #4
0
        public ApplicationRepository(IUnitOfWork unitOfWork, IConfigurationService configurationService)
        {
            _unitOfWork = unitOfWork;
            _config     = configurationService.GetConfig().Result;

            SqlMapper.AddTypeHandler(typeof(ApplyData), new ApplyDataHandler());
            SqlMapper.AddTypeHandler(typeof(FinancialReviewDetails), new FinancialReviewDetailsDataHandler());
        }
Exemple #5
0
        public ApplyRepository(IConfigurationService configurationService)
        {
            _config = configurationService.GetConfig().Result;

            SqlMapper.AddTypeHandler(typeof(ApplyData), new ApplyDataHandler());
            SqlMapper.AddTypeHandler(typeof(OrganisationDetails), new OrganisationDetailsHandler());
            SqlMapper.AddTypeHandler(typeof(QnAData), new QnADataHandler());
            SqlMapper.AddTypeHandler(typeof(FinancialReviewDetails), new FinancialReviewDetailsDataHandler());
        }
Exemple #6
0
        public CompaniesHouseApiClient(HttpClient client, ILogger <CompaniesHouseApiClient> logger, IConfigurationService configurationService)
        {
            _client = client;
            _logger = logger;
            _config = configurationService.GetConfig().Result;

            if (!client.DefaultRequestHeaders.Contains(_acceptHeaderName))
            {
                client.DefaultRequestHeaders.Add(_acceptHeaderName, _contentType);
            }
        }
Exemple #7
0
        public static IServiceCollection AddCache(this IServiceCollection services, IApplyConfig configuration, IHostingEnvironment environment)
        {
            if (environment.IsDevelopment())
            {
                services.AddDistributedMemoryCache();
            }
            else
            {
                services.AddStackExchangeRedisCache(options =>
                {
                    var redisConnectionString  = configuration.SessionRedisConnectionString;
                    var sessionCachingDatabase = configuration.SessionCachingDatabase;
                    options.Configuration      = $"{redisConnectionString},{sessionCachingDatabase}";
                });
            }

            return(services);
        }
Exemple #8
0
 public CharityCommissionApiClient(ISearchCharitiesV1SoapClient client, ILogger <CharityCommissionApiClient> logger, IConfigurationService configurationService)
 {
     _client = client;
     _logger = logger;
     _config = configurationService.GetConfig().Result;
 }
Exemple #9
0
 public ClarificationRepository(IConfigurationService configurationService)
 {
     _config = configurationService.GetConfig().GetAwaiter().GetResult();
 }
Exemple #10
0
        public static IServiceCollection AddDataProtection(this IServiceCollection services, IApplyConfig configuration, IHostingEnvironment environment)
        {
            if (!environment.IsDevelopment())
            {
                var redisConnectionString      = configuration.SessionRedisConnectionString;
                var dataProtectionKeysDatabase = configuration.DataProtectionKeysDatabase;

                var redis = ConnectionMultiplexer.Connect($"{redisConnectionString},{dataProtectionKeysDatabase}");

                services.AddDataProtection()
                .SetApplicationName("das-apply-service")
                .PersistKeysToStackExchangeRedis(redis, "DataProtection-Keys");
            }
            return(services);
        }
Exemple #11
0
 public OrganisationRepository(IConfigurationService configurationService)
 {
     _config = configurationService.GetConfig().Result;
     SqlMapper.AddTypeHandler(typeof(OrganisationDetails), new OrganisationDetailsHandler());
 }
Exemple #12
0
 public OversightReviewQueries(IConfigurationService configurationService)
 {
     _config = configurationService.GetConfig().Result;
 }
Exemple #13
0
 public ReferenceDataApiClient(HttpClient httpClient, ILogger <ReferenceDataApiClient> logger, IConfigurationService configurationService) : base(httpClient, logger)
 {
     _config = configurationService.GetConfig().GetAwaiter().GetResult();
     _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", GetToken());
 }
Exemple #14
0
 public QnaTokenService(IConfigurationService configurationService, IHostingEnvironment hostingEnvironment)
 {
     _hostingEnvironment   = hostingEnvironment;
     _configurationService = configurationService;
     _configuration        = configurationService.GetConfig().Result;
 }
Exemple #15
0
        public static IServiceCollection AddApiAuthentication(this IServiceCollection services, IApplyConfig _applyConfig)
        {
            var azureActiveDirectoryConfiguration = _applyConfig.AzureActiveDirectoryConfiguration;

            services.AddAuthentication(auth =>
            {
                auth.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(auth =>
            {
                auth.Authority = $"https://login.microsoftonline.com/{azureActiveDirectoryConfiguration.Tenant}";
                auth.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
                {
                    ValidAudiences = azureActiveDirectoryConfiguration.Identifier.Split(",")
                };
            });

            services.AddSingleton <IClaimsTransformation, AzureAdScopeClaimTransformation>();
            return(services);
        }
Exemple #16
0
 public ContactRepository(IConfigurationService configurationService)
 {
     _config = configurationService.GetConfig().Result;
 }
Exemple #17
0
 public RoatpTokenService(IConfigurationService configurationService)
 {
     _configuration = configurationService.GetConfig().Result;
 }
Exemple #18
0
 public DbConnectionHelper(IConfigurationService configurationService, IHostingEnvironment hostingEnvironment)
 {
     _configuration      = configurationService.GetConfig().GetAwaiter().GetResult();
     _hostingEnvironment = hostingEnvironment;
 }
Exemple #19
0
 public AppealsQueries(IConfigurationService configurationService)
 {
     _config = configurationService.GetConfig().Result;
 }
Exemple #20
0
 public AssessorRepository(IConfigurationService configurationService, ILogger <AssessorRepository> logger)
 {
     _logger = logger;
     _config = configurationService.GetConfig().GetAwaiter().GetResult();
 }
Exemple #21
0
 public EmailTokenService(IHostingEnvironment hostingEnvironment, IConfigurationService configurationService)
 {
     _hostingEnvironment = hostingEnvironment;
     _config             = configurationService.GetConfig().GetAwaiter().GetResult();
 }
Exemple #22
0
        public static void AddDfeSignInAuthorization(this IServiceCollection services, IApplyConfig applyConfig, ILogger logger, IHostingEnvironment env)
        {
            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

            services.AddAuthentication(options =>
            {
                options.DefaultScheme          = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
            })
            .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
            {
                options.Cookie.Name     = ".Apply.Cookies";
                options.Cookie.HttpOnly = true;

                if (!env.IsDevelopment())
                {
                    options.Cookie.Domain = ".apprenticeships.education.gov.uk";
                }

                options.SlidingExpiration = true;
                options.ExpireTimeSpan    = TimeSpan.FromHours(1);
            })
            .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
            {
                options.CorrelationCookie = new CookieBuilder()
                {
                    Name         = ".Apply.Correlation.",
                    HttpOnly     = true,
                    SameSite     = SameSiteMode.None,
                    SecurePolicy = CookieSecurePolicy.SameAsRequest
                };

                options.Authority            = applyConfig.DfeSignIn.MetadataAddress;
                options.RequireHttpsMetadata = false;
                options.ClientId             = applyConfig.DfeSignIn.ClientId;
                options.SaveTokens           = true;

                options.Scope.Clear();
                options.Scope.Add("openid");
                options.Scope.Add("profile");


                options.Events = new OpenIdConnectEvents
                {
                    // Sometimes, problems in the OIDC provider (such as session timeouts)
                    // Redirect the user to the /auth/cb endpoint. ASP.NET Core middleware interprets this by default
                    // as a successful authentication and throws in surprise when it doesn't find an authorization code.
                    // This override ensures that these cases redirect to the root.
                    OnMessageReceived = context =>
                    {
                        var isSpuriousAuthCbRequest =
                            context.Request.Path == options.CallbackPath &&
                            context.Request.Method == "GET" &&
                            !context.Request.Query.ContainsKey("code");

                        if (isSpuriousAuthCbRequest)
                        {
                            context.HandleResponse();
                            context.Response.StatusCode          = 302;
                            context.Response.Headers["Location"] = "/";
                        }

                        return(Task.CompletedTask);
                    },

                    OnTokenValidated = async context =>
                    {
                        var signInId = context.Principal.GetSignInId();
                        var client   = context.HttpContext.RequestServices.GetRequiredService <IUsersApiClient>();
                        var user     = await client.GetUserBySignInId(signInId);

                        if (user is null)
                        {
                            var email      = context.Principal.GetEmail();
                            var givenName  = context.Principal.GetGivenName();
                            var familyName = context.Principal.GetFamilyName();

                            await client.CreateUserFromAsLogin(signInId, email, givenName, familyName);
                            user = await client.GetUserBySignInId(signInId);
                        }

                        if (user is null)
                        {
                            // Redirect to not setup page.
                            context.Response.Redirect("/Users/NotSetUp");
                            context.HandleResponse();
                        }
                        else if (user.Status == "Deleted")
                        {
                            // Redirect to access denied page.
                            context.Response.Redirect("/Home/AccessDenied");
                            context.HandleResponse();
                        }
                        else
                        {
                            var primaryIdentity = context.Principal.Identities.FirstOrDefault();
                            if (primaryIdentity != null && string.IsNullOrEmpty(primaryIdentity.Name))
                            {
                                primaryIdentity.AddClaim(new Claim(ClaimTypes.Name, $"{user.GivenNames} {user.FamilyName}"));
                                // Note: In future, may want to consider populating the other Claims, such as Email
                            }

                            var identity = new ClaimsIdentity(new List <Claim>()
                            {
                                new Claim("UserId", user.Id.ToString())
                            });
                            context.Principal.AddIdentity(identity);
                        }
                    },

                    // Sometimes the auth flow fails. The most commonly observed causes for this are
                    // Cookie correlation failures, caused by obscure load balancing stuff.
                    // In these cases, rather than send user to a 500 page, prompt them to re-authenticate.
                    // This is derived from the recommended approach: https://github.com/aspnet/Security/issues/1165
                    OnRemoteFailure = ctx =>
                    {
                        ctx.Response.Redirect("/");
                        ctx.HandleResponse();
                        return(Task.FromResult(0));
                    }
                };
            });
Exemple #23
0
 public OversightReviewRepository(IUnitOfWork unitOfWork, IConfigurationService configurationService)
 {
     _unitOfWork = unitOfWork;
     _config     = configurationService.GetConfig().Result;
 }
Exemple #24
0
 public AppealUploadRepository(IConfigurationService configurationService, IUnitOfWork unitOfWork)
 {
     _config     = configurationService.GetConfig().Result;
     _unitOfWork = unitOfWork;
 }
Exemple #25
0
 public CompaniesHouseApiClient(HttpClient client, ILogger <CompaniesHouseApiClient> logger, IConfigurationService configurationService)
 {
     _client = client;
     _logger = logger;
     _config = configurationService.GetConfig().Result;
 }
Exemple #26
0
 public EmailTemplateRepository(IConfigurationService configurationService)
 {
     _config = configurationService.GetConfig().Result;
 }
Exemple #27
0
 public TokenService(IHostingEnvironment hostingEnvironment, ILogger <TokenService> logger, IConfigurationService configurationService)
 {
     _hostingEnvironment = hostingEnvironment;
     _logger             = logger;
     _config             = configurationService.GetConfig().Result;
 }