Skip to content

Commit

Permalink
feat(technicaluser): new parameters for api expansion for technical u…
Browse files Browse the repository at this point in the history
…ser data added (#997)

Refs: #976
Co-authored-by: Phil Schneider <[email protected]>
Reviewed-by: Phil Schneider <[email protected]>
  • Loading branch information
AnuragNagpure and Phil91 authored Sep 19, 2024
1 parent fb42752 commit 9a261d8
Show file tree
Hide file tree
Showing 8 changed files with 99 additions and 11 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -162,9 +162,11 @@ public async Task<ServiceAccountConnectorOfferData> GetOwnCompanyServiceAccountD

IamClientAuthMethod? iamClientAuthMethod;
string? secret;
var authServiceUrl = _settings.AuthServiceUrl;

if (result.DimServiceAccountData != null)
{
authServiceUrl = result.DimServiceAccountData.AuthenticationServiceUrl;
iamClientAuthMethod = IamClientAuthMethod.SECRET;
var cryptoHelper = _settings.EncryptionConfigs.GetCryptoHelper(_settings.EncryptionConfigIndex);
secret = cryptoHelper.Decrypt(
Expand Down Expand Up @@ -192,6 +194,8 @@ public async Task<ServiceAccountConnectorOfferData> GetOwnCompanyServiceAccountD
iamClientAuthMethod,
result.UserRoleDatas,
result.CompanyServiceAccountTypeId,
result.CompanyServiceAccountKindId,
authServiceUrl,
result.Status,
secret,
result.ConnectorData,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,9 @@ public class ServiceAccountSettings
[Required]
[DistinctValues("x => x.Index")]
public IEnumerable<EncryptionModeConfig> EncryptionConfigs { get; set; } = null!;

[Required]
public string AuthServiceUrl { get; set; } = null!;
}

public static class ServiceAccountSettingsExtensions
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ public record ServiceAccountConnectorOfferData(
[property: JsonPropertyName("authenticationType")] IamClientAuthMethod? IamClientAuthMethod,
[property: JsonPropertyName("roles")] IEnumerable<UserRoleData> UserRoleDatas,
[property: JsonPropertyName("companyServiceAccountTypeId")] CompanyServiceAccountTypeId CompanyServiceAccountTypeId,
[property: JsonPropertyName("usertype")] CompanyServiceAccountKindId CompanyServiceAccountKindId,
[property: JsonPropertyName("authenticationServiceUrl")] string AuthenticationServiceUrl,
[property: JsonPropertyName("status")] UserStatusId UserStatusId,
[property: JsonPropertyName("secret")] string? Secret,
[property: JsonPropertyName("connector")] ConnectorResponseData? Connector,
Expand Down
3 changes: 2 additions & 1 deletion src/administration/Administration.Service/appsettings.json
Original file line number Diff line number Diff line change
Expand Up @@ -248,7 +248,8 @@
"ServiceAccount": {
"ClientId": "",
"EncryptionConfigIndex": 0,
"EncryptionConfigs": []
"EncryptionConfigs": [],
"AuthServiceUrl": ""
},
"Connectors": {
"MaxPageSize": 20,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ public record CompanyServiceAccountDetailedData(
UserStatusId Status,
IEnumerable<UserRoleData> UserRoleDatas,
CompanyServiceAccountTypeId CompanyServiceAccountTypeId,
CompanyServiceAccountKindId CompanyServiceAccountKindId,
ConnectorResponseData? ConnectorData,
OfferResponseData? OfferSubscriptionData,
CompanyLastEditorData? CompanyLastEditorData,
Expand All @@ -42,6 +43,7 @@ public record OfferResponseData(Guid Id, OfferTypeId Type, string? Name, Guid? S
public record CompanyLastEditorData(string? Name, string CompanyName);

public record DimServiceAccountData(
string AuthenticationServiceUrl,
byte[] ClientSecret,
byte[]? InitializationVector,
int EncryptionMode
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ public void AttachAndModifyCompanyServiceAccount(
userRole.Offer!.AppInstances.First().IamClient!.ClientClientId,
userRole.UserRoleText)),
x.ServiceAccount.CompanyServiceAccountTypeId,
x.ServiceAccount.CompanyServiceAccountKindId,
x.Connector == null
? null
: new ConnectorResponseData(
Expand All @@ -168,6 +169,7 @@ public void AttachAndModifyCompanyServiceAccount(
x.ServiceAccount.DimCompanyServiceAccount == null
? null
: new DimServiceAccountData(
x.DimCompanyServiceAccount!.AuthenticationServiceUrl,
x.DimCompanyServiceAccount!.ClientSecret,
x.DimCompanyServiceAccount.InitializationVector,
x.DimCompanyServiceAccount.EncryptionMode)))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ public ServiceAccountBusinessLogicTests()

_options = Options.Create(new ServiceAccountSettings
{
AuthServiceUrl = "https://auth.test/auth",
ClientId = ClientId,
EncryptionConfigIndex = 1,
EncryptionConfigs = new[] { new EncryptionModeConfig() { Index = 1, EncryptionKey = Convert.ToHexString(encryptionKey), CipherMode = System.Security.Cryptography.CipherMode.CBC, PaddingMode = System.Security.Cryptography.PaddingMode.PKCS7 } },
Expand Down Expand Up @@ -238,6 +239,54 @@ public async Task GetOwnCompanyServiceAccountDetailsAsync_WithValidInputAndDimCo
A.CallTo(() => _provisioningManager.GetCentralClientAuthDataAsync(A<string>._)).MustNotHaveHappened();
}

[Fact]
public async Task GetOwnCompanyServiceAccountDetailsAsync_WithValidUserTypeInternal_AuthenticationUrl()
{
// Arrange
SetupGetOwnComapnyServiceAccountInternalType();
var sut = new ServiceAccountBusinessLogic(_provisioningManager, _portalRepositories, _options, null!, _identityService, _serviceAccountManagement);

// Act
var result = await sut.GetOwnCompanyServiceAccountDetailsAsync(ValidServiceAccountId);

// Assert
result.Should().NotBeNull();
result.CompanyServiceAccountKindId.Should().Be(CompanyServiceAccountKindId.INTERNAL);
result.AuthenticationServiceUrl.Should().Be("https://auth.test/auth");
}

[Fact]
public async Task GetOwnCompanyServiceAccountDetailsAsync_WithValidUserTypeExternal_AuthenticationUrl()
{
// Arrange
SetupGetOwnComapnyServiceAccountExternalType();
var sut = new ServiceAccountBusinessLogic(_provisioningManager, _portalRepositories, _options, null!, _identityService, _serviceAccountManagement);

// Act
var result = await sut.GetOwnCompanyServiceAccountDetailsAsync(ValidServiceAccountId);

// Assert
result.Should().NotBeNull();
result.CompanyServiceAccountKindId.Should().Be(CompanyServiceAccountKindId.EXTERNAL);
result.AuthenticationServiceUrl.Should().Be("https://test.org/auth");
}

[Fact]
public async Task GetOwnCompanyServiceAccountDetailsAsync_WithInValidUserTypeInternal_AuthenticationUrl()
{
// Arrange
SetupGetOwnCompanyServiceAccountDetails();
var sut = new ServiceAccountBusinessLogic(_provisioningManager, _portalRepositories, _options, null!, _identityService, _serviceAccountManagement);

// Act
var result = await sut.GetOwnCompanyServiceAccountDetailsAsync(ValidServiceAccountId);

// Assert
result.Should().NotBeNull();
result.CompanyServiceAccountKindId.Should().NotBe(CompanyServiceAccountKindId.INTERNAL);
result.AuthenticationServiceUrl.Should().NotBe("https://auth.test/auth");
}

[Fact]
public async Task GetOwnCompanyServiceAccountDetailsAsync_WithInvalidCompany_NotFoundException()
{
Expand Down Expand Up @@ -790,21 +839,16 @@ private void SetupUpdateOwnCompanyServiceAccountDetails()

private void SetupGetOwnCompanyServiceAccount()
{
var data = _fixture.Build<CompanyServiceAccountDetailedData>()
.With(x => x.Status, UserStatusId.ACTIVE)
.With(x => x.DimServiceAccountData, default(DimServiceAccountData?))
.Create();

var cryptoConfig = _options.Value.EncryptionConfigs.Single(x => x.Index == _options.Value.EncryptionConfigIndex);
var (secret, initializationVector) = CryptoHelper.Encrypt("test", Convert.FromHexString(cryptoConfig.EncryptionKey), cryptoConfig.CipherMode, cryptoConfig.PaddingMode);
var cryptoHelper = _options.Value.EncryptionConfigs.GetCryptoHelper(_options.Value.EncryptionConfigIndex);
var (secret, initializationVector) = cryptoHelper.Encrypt("test");

var dimServiceAccountData = new DimServiceAccountData(secret, initializationVector, _options.Value.EncryptionConfigIndex);
var dimServiceAccountData = new DimServiceAccountData("https://example.org/auth", secret, initializationVector, _options.Value.EncryptionConfigIndex);
var dataWithDim = _fixture.Build<CompanyServiceAccountDetailedData>()
.With(x => x.DimServiceAccountData, dimServiceAccountData)
.Create();

A.CallTo(() => _serviceAccountRepository.GetOwnCompanyServiceAccountDetailedDataUntrackedAsync(ValidServiceAccountId, ValidCompanyId))
.Returns(data);
.Returns(dataWithDim);
A.CallTo(() => _serviceAccountRepository.GetOwnCompanyServiceAccountDetailedDataUntrackedAsync(ValidServiceAccountWithDimDataId, ValidCompanyId))
.Returns(dataWithDim);
A.CallTo(() => _serviceAccountRepository.GetOwnCompanyServiceAccountDetailedDataUntrackedAsync(
Expand All @@ -814,6 +858,35 @@ private void SetupGetOwnCompanyServiceAccount()
.Returns<CompanyServiceAccountDetailedData?>(null);
}

private void SetupGetOwnComapnyServiceAccountInternalType()
{
var data = _fixture.Build<CompanyServiceAccountDetailedData>()
.With(x => x.Status, UserStatusId.ACTIVE)
.With(x => x.CompanyServiceAccountKindId, CompanyServiceAccountKindId.INTERNAL)
.With(x => x.DimServiceAccountData, default(DimServiceAccountData?))
.Create();

A.CallTo(() => _serviceAccountRepository.GetOwnCompanyServiceAccountDetailedDataUntrackedAsync(ValidServiceAccountId, ValidCompanyId))
.Returns(data);
}

private void SetupGetOwnComapnyServiceAccountExternalType()
{
var cryptoHelper = _options.Value.EncryptionConfigs.GetCryptoHelper(_options.Value.EncryptionConfigIndex);
var (secret, initializationVector) = cryptoHelper.Encrypt("test");

var dimServiceAccountData = new DimServiceAccountData("https://test.org/auth", secret, initializationVector, _options.Value.EncryptionConfigIndex);

var externalData = _fixture.Build<CompanyServiceAccountDetailedData>()
.With(x => x.Status, UserStatusId.ACTIVE)
.With(x => x.CompanyServiceAccountKindId, CompanyServiceAccountKindId.EXTERNAL)
.With(x => x.DimServiceAccountData, dimServiceAccountData)
.Create();

A.CallTo(() => _serviceAccountRepository.GetOwnCompanyServiceAccountDetailedDataUntrackedAsync(ValidServiceAccountId, ValidCompanyId))
.Returns(externalData);
}

private void SetupDeleteOwnCompanyServiceAccount(Connector? connector = null, Identity? identity = null, Guid? processId = null)
{
var serviceAccount = new CompanyServiceAccount(Guid.NewGuid(), Guid.NewGuid(), "test-sa", "test", CompanyServiceAccountTypeId.OWN, CompanyServiceAccountKindId.INTERNAL);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -245,7 +245,8 @@
"CipherMode": "CBC",
"PaddingMode": "PKCS7"
}
]
],
"AuthServiceUrl": "https://auth.test/auth"
},
"Connectors": {
"MaxPageSize": 20,
Expand Down

0 comments on commit 9a261d8

Please sign in to comment.