Merge pull request #561 from ITfoxtec/1.0.x-development

1.0.x development
ITfoxtec · Apr 19, 2023 · a0de27f · a0de27f
2 parents 775b84a + bb7464a
commit a0de27f
Show file tree

Hide file tree

Showing 35 changed files with 292 additions and 77 deletions.
diff --git a/docs/deployment.md b/docs/deployment.md
@@ -51,11 +51,11 @@ You can increment the password security level by uploading risk passwords.
 
 You can upload risk passwords with the FoxIDs seed tool console application. The seed tool code is [downloaded](https://github.com/ITfoxtec/FoxIDs/tree/master/tools/FoxIDs.SeedTool) and need to be compiled and [configured](#configure-the-seed-tool) to run.
 
-Download the `SHA-1` pwned passwords `ordered by prevalence` from [haveibeenpwned.com/passwords](https://haveibeenpwned.com/Passwords).
+Download the `SHA-1` pwned passwords in a single file from [haveibeenpwned.com/passwords](https://haveibeenpwned.com/Passwords) using the [PwnedPasswordsDownloader tool](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader).
 
 > Be aware that it takes some time to upload all risk passwords. This step can be omitted and postponed to later.  
 
-The risk passwords are uploaded as bulk which has a higher consumption. Please make sure to adjust the Cosmos DB provisioned throughput (e.g. to 20000 RU/s or higher) temporarily. 
+The risk passwords are uploaded as bulk which has a higher consumption. Please make sure to adjust the Cosmos DB provisioned throughput (e.g. to 4000 RU/s or higher) temporarily. 
 The throughput can be adjusted in Azure Cosmos DB --> Data Explorer --> Scale & Settings.
 
 You can read the number of risk passwords uploaded to FoxIDs in [FoxIDs Control Client](control.md#foxids-control-client) master tenant on the Risk Passwords tap. And you can test if a password is okay or has appeared in breaches.

diff --git a/docs/images/configure-login-advanced.png b/docs/images/configure-login-advanced.png
diff --git a/docs/login.md b/docs/login.md
@@ -59,12 +59,12 @@ You can select to require two-factor authentication for all users authenticating
 ### Configure user session
 The user sessions lifetime can be changed. The default lifetime is 10 hours. 
 The user session is a sliding session, where the lifetime is extended every time, an application makes a login request until the absolute session lifetime is reached.  
-It is possible to configure an absolute session lifetime in the advanced settings.
+It is possible to configure an absolute session lifetime as well.
 
 The user session can be changed to a persistent session which is preserved when the browser is closed and reopened.  
 The user session become a persistent session if either the persistent session lifetime is configured to be grater, then 0. Or the persistent session lifetime unlimited setting is set to on.
 
-> Click `show advanced settings` to see all session settings.
+> Click the `User session` tag to see all session settings.
 
 ![Configure Login](images/configure-login-session.png)
 

diff --git a/docs/name-title-icon-css.md b/docs/name-title-icon-css.md
@@ -30,7 +30,7 @@ Find the up-party login in [FoxIDs Control Client](control.md#foxids-control-cli
 
  ## CSS examples
 
- Change background and add logo text. It is also possible to add a logo image.
+ Change background and add logo text. 
 
     body {
         background: #7c8391;
@@ -48,6 +48,16 @@ Find the up-party login in [FoxIDs Control Client](control.md#foxids-control-cli
 
 ![Configure background and add logo with CSS](images/configure-login-css-backbround-logo.png)    
 
+It is also possible to use a logo image.
+
+    .brand-content-text {
+        display: none;
+    }
+
+    .brand-content-icon:before {
+       content:url('https://some-external-site.com/logo.png');
+    }
+
 Add a background image from an external site.
 
     body {
@@ -61,6 +71,51 @@ Add a background image from an external site.
 
 ![Configure background image](images/configure-login-css-backbround-image.png)   
 
+Change button and link color, in this example CSS to green.
+
+    label {
+        color: #a4c700 !important;
+    }
+
+    .input:focus {
+        outline: none !important;
+        border:1px solid #a4c700;
+        box-shadow: 0 0 10px #a4c700;
+      }
+
+    .btn-link, .btn-link:hover, a, a:hover {
+        color: #a4c700;
+    }
+
+    .btn-primary.disabled, .btn-primary:disabled {
+        color: #fff;
+        background-color: #afc44f;
+        border-color: #afc44f;
+    }
+
+    .btn-primary, .btn-primary:hover, .btn-primary:active, .btn-primary:focus, .btn-primary:active {
+        background-color: #a4c700;
+        border-color: #a4c700;
+    }
+
+    .btn-primary:not(:disabled):not(.disabled).active, .btn-primary:not(:disabled):not(.disabled):active, .show>.btn-primary.dropdown-toggle {
+        background-color: #7c9600;
+        border-color: #7c9600;
+    }
+
+    .btn-link:not(:disabled):not(.disabled):active, .btn-link:not(:disabled):not(.disabled).active, .show>.btn-link.dropdown-toggle {
+        color: #a4c700;
+    }
+
+    .btn:focus, .form-control:focus {
+        border-color: #a4c700;
+        box-shadow: 0 0 0 .2rem rgba(64,78,0,.25);
+    }
+
+    .btn-primary:not(:disabled):not(.disabled).active:focus, .btn-primary:not(:disabled):not(.disabled):active:focus, .show>.btn-primary.dropdown-toggle:focus {
+        box-shadow: 0 0 0 .2rem rgba(64,78,0,.25);
+    }
+
  Add information to the login box.
 
     div.page-content:before {

diff --git a/docs/Users.md → docs/users.md b/docs/Users.md → docs/users.md
diff --git a/src/FoxIDs.Control/Controllers/Master/MRiskPasswordFirstController.cs b/src/FoxIDs.Control/Controllers/Master/MRiskPasswordFirstController.cs
@@ -0,0 +1,45 @@
+using FoxIDs.Infrastructure;
+using FoxIDs.Models;
+using Api = FoxIDs.Models.Api;
+using FoxIDs.Repository;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using AutoMapper;
+
+namespace FoxIDs.Controllers
+{
+    public class MRiskPasswordFirstController : MasterApiController
+    {
+        private readonly TelemetryScopedLogger logger;
+        private readonly IMapper mapper;
+        private readonly IMasterRepository masterRepository;
+
+        public MRiskPasswordFirstController(TelemetryScopedLogger logger, IMapper mapper, IMasterRepository masterRepository) : base(logger)
+        {
+            this.logger = logger;
+            this.mapper = mapper;
+            this.masterRepository = masterRepository;
+        }
+
+        /// <summary>
+        /// Get the first 1000 risk password. Can be used query risk passwords before deleting them.
+        /// </summary>
+        /// <returns>Risk passwords.</returns>
+        [ProducesResponseType(typeof(HashSet<Api.RiskPassword>), StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status404NotFound)]
+        public async Task<ActionResult<HashSet<Api.RiskPassword>>> GetRiskPasswordFirst()
+        {
+            var mRiskPasswords = await masterRepository.GetListAsync<RiskPassword>(maxItemCount: 1000);
+            if (mRiskPasswords?.Count > 0) 
+            {
+                return Ok(mapper.Map<HashSet<Api.RiskPassword>>(mRiskPasswords));
+            }
+            else
+            {
+                return Ok();
+            }
+        }
+    }
+}
diff --git a/src/FoxIDs.Control/FoxIDs.Control.csproj b/src/FoxIDs.Control/FoxIDs.Control.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
-		<Version>1.0.15.1</Version>
+		<Version>1.0.15.3</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>

diff --git a/src/FoxIDs.Control/Infrastructure/Security/JwtBearerMultipleTenantsHandler.cs b/src/FoxIDs.Control/Infrastructure/Security/JwtBearerMultipleTenantsHandler.cs
@@ -8,7 +8,7 @@
 using System.Security.Authentication;
 using System.Text.Encodings.Web;
 using System.Threading.Tasks;
-using UrlCombineLib;
+using ITfoxtec.Identity.Util;
 using ITfoxtec.Identity.Tokens;
 using Microsoft.IdentityModel.Tokens;
 using System.Security.Claims;

diff --git a/src/FoxIDs.Control/MappingProfiles/MasterMappingProfile.cs b/src/FoxIDs.Control/MappingProfiles/MasterMappingProfile.cs
@@ -33,6 +33,7 @@ private void Mapping()
                 .ReverseMap();
 
             CreateMap<RiskPassword, Api.RiskPassword>()
+                .ForMember(d => d.PasswordSha1Hash, opt => opt.MapFrom(s => s.Id.Substring(s.Id.LastIndexOf(':') + 1)))
                 .ReverseMap();
         }
     }

diff --git a/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj b/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
-		<Version>1.0.15.1</Version>
+		<Version>1.0.15.3</Version>
 		<RootNamespace>FoxIDs.Client</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>

diff --git a/src/FoxIDs.ControlClient/Models/ViewModels/Parties/IDynamicElementsViewModel.cs b/src/FoxIDs.ControlClient/Models/ViewModels/Parties/IDynamicElementsViewModel.cs
@@ -7,7 +7,7 @@ namespace FoxIDs.Client.Models.ViewModels
     public interface IDynamicElementsViewModel
     {
         [Length(Constants.Models.DynamicElements.ElementsMin, Constants.Models.DynamicElements.ElementsMax)]
-        [Display(Name = "Dynamic elements executed in order (use the move up and down arrows to change the order)")]
+        [Display(Name = "Dynamic elements shown in order (use the move up and down arrows to change the order)")]
         public List<DynamicElementViewModel> Elements { get; set; }
     }
 }
diff --git a/src/FoxIDs.ControlClient/Pages/Components/EOAuthDownParty.razor b/src/FoxIDs.ControlClient/Pages/Components/EOAuthDownParty.razor
@@ -42,15 +42,6 @@
                 <div>OIDC Discovery: <FTextLinkClipboard Text="@clientOidcDiscovery" /></div>
             }
 
-            @if (DownParty.ShowAdvanced)
-            {
-                <FInputSelect @bind-Value="oauthDownParty.Form.Model.PartyBindingPattern" For="@(() => oauthDownParty.Form.Model.PartyBindingPattern)">
-                    <option value="@PartyBindingPatterns.Brackets">Brackets pattern .../down-party(up-party)/... - default</option>
-                    <option value="@PartyBindingPatterns.Tildes">Tildes pattern .../down-party~up-party~/...</option>
-                    <option value="@PartyBindingPatterns.Dot">Dot pattern .../down-party.up-party./...</option>
-                </FInputSelect>
-            }
-
             @if (oauthDownParty.EnableClientTab && oauthDownParty.EnableResourceTab)
             {
                 <hr />
@@ -65,6 +56,15 @@
             }
         </div>
 
+        @if (DownParty.ShowAdvanced)
+        {
+            <FInputSelect @bind-Value="oauthDownParty.Form.Model.PartyBindingPattern" For="@(() => oauthDownParty.Form.Model.PartyBindingPattern)">
+                <option value="@PartyBindingPatterns.Brackets">Brackets pattern .../down-party(up-party)/... - default</option>
+                <option value="@PartyBindingPatterns.Tildes">Tildes pattern .../down-party~up-party~/...</option>
+                <option value="@PartyBindingPatterns.Dot">Dot pattern .../down-party.up-party./...</option>
+            </FInputSelect>
+        }
+
         <ul class="nav nav-tabs">
             <li class="nav-item">
                 @if (oauthDownParty.EnableClientTab)

diff --git a/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj b/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
-		<Version>1.0.15.1</Version>
+		<Version>1.0.15.3</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>

diff --git a/src/FoxIDs.ControlShared/Models/Api/Parties/CreateUser.cs b/src/FoxIDs.ControlShared/Models/Api/Parties/CreateUser.cs
@@ -13,7 +13,7 @@ public class CreateUser
         public bool RequireMultiFactor { get; set; }
 
         [Length(Constants.Models.DynamicElements.ElementsMin, Constants.Models.DynamicElements.ElementsMax)]
-        [Display(Name = "Dynamic elements executed in order")]
+        [Display(Name = "Dynamic elements shown in order")]
         public List<DynamicElement> Elements { get; set; }
 
         /// <summary>

diff --git a/src/FoxIDs.Shared/Extensions/HttpContextExtensions.cs b/src/FoxIDs.Shared/Extensions/HttpContextExtensions.cs
@@ -3,7 +3,7 @@
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.DependencyInjection;
 using System;
-using UrlCombineLib;
+using ITfoxtec.Identity.Util;
 
 namespace FoxIDs
 {

diff --git a/src/FoxIDs.Shared/FoxIDs.Shared.csproj b/src/FoxIDs.Shared/FoxIDs.Shared.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
-		<Version>1.0.15.1</Version>
+		<Version>1.0.15.3</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
@@ -38,7 +38,6 @@
 		<PackageReference Include="Microsoft.Azure.Services.AppAuthentication" Version="1.6.2" />
 		<PackageReference Include="Microsoft.Extensions.Caching.StackExchangeRedis" Version="7.0.4" />
 		<PackageReference Include="SendGrid" Version="9.28.1" />
-		<PackageReference Include="UrlCombine" Version="2.0.0" />
 	</ItemGroup>
 
 	<ItemGroup>

diff --git a/src/FoxIDs.Shared/Logic/MasterTenantLogic.cs b/src/FoxIDs.Shared/Logic/MasterTenantLogic.cs
@@ -6,7 +6,7 @@
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
-using UrlCombineLib;
+using ITfoxtec.Identity.Util;
 using static ITfoxtec.Identity.IdentityConstants;
 
 namespace FoxIDs.Logic

diff --git a/src/FoxIDs.Shared/Logic/Parties/OidcDiscoveryReadLogic.cs b/src/FoxIDs.Shared/Logic/Parties/OidcDiscoveryReadLogic.cs
@@ -8,7 +8,7 @@
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
-using UrlCombineLib;
+using ITfoxtec.Identity.Util;
 
 namespace FoxIDs.Logic
 {

diff --git a/src/FoxIDs.Shared/Repository/MasterRepository.cs b/src/FoxIDs.Shared/Repository/MasterRepository.cs
@@ -308,16 +308,28 @@ public async Task SaveBulkAsync<T>(List<T> items) where T : MasterDocument
                     concurrentTasks.Add(bulkContainer.UpsertItemAsync(item, partitionKey)
                         .ContinueWith(async (responseTask) =>
                         {
-                            if (responseTask.Exception != null)
+                            if (!responseTask.IsCompletedSuccessfully)
                             {
-                                logger.Error(responseTask.Exception);
+                                var innerException = responseTask.Exception.Flatten()?.InnerExceptions?.FirstOrDefault();
+                                if (innerException != null)
+                                {
+                                    throw new CosmosDataException(partitionId, innerException);
+                                }
+                                else
+                                {
+                                    throw new CosmosDataException(partitionId);
+                                }
                             }
                             totalRU += (await responseTask).RequestCharge;
                         }));
                 }
 
                 await Task.WhenAll(concurrentTasks);
             }
+            catch (CosmosDataException)
+            {
+                throw;
+            }
             catch (Exception ex)
             {
                 throw new CosmosDataException(partitionId, ex);
@@ -346,16 +358,28 @@ public async Task DeleteBulkAsync<T>(List<string> ids) where T : MasterDocument
                     concurrentTasks.Add(bulkContainer.DeleteItemAsync<T>(id, partitionKey)
                         .ContinueWith(async (responseTask) =>
                         {
-                            if (responseTask.Exception != null)
+                            if (!responseTask.IsCompletedSuccessfully)
                             {
-                                logger.Error(responseTask.Exception);
+                                var innerException = responseTask.Exception.Flatten()?.InnerExceptions?.FirstOrDefault();
+                                if (innerException != null)
+                                {
+                                    throw new CosmosDataException(partitionId, innerException);
+                                }
+                                else
+                                {
+                                    throw new CosmosDataException(partitionId);
+                                }
                             }
                             totalRU += (await responseTask).RequestCharge;
                         }));
                 }
 
                 await Task.WhenAll(concurrentTasks);
             }
+            catch (CosmosDataException)
+            {
+                throw;
+            }
             catch (Exception ex)
             {
                 throw new CosmosDataException(partitionId, ex);

diff --git a/src/FoxIDs.SharedBase/Extensions/HashExtensions.cs b/src/FoxIDs.SharedBase/Extensions/HashExtensions.cs
@@ -8,7 +8,7 @@ public static class HashExtensions
     {
         public static string Sha1Hash(this string password)
         {
-            using (var sha1Provider = new SHA1CryptoServiceProvider())
+            using (var sha1Provider = SHA1.Create())
             {
                 var hash = sha1Provider.ComputeHash(Encoding.UTF8.GetBytes(password));
                 return string.Concat(hash.Select(b => b.ToString("X2")));

diff --git a/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj b/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj
@@ -2,15 +2,15 @@
 
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
-		<Version>1.0.15.1</Version>
+		<Version>1.0.15.3</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
 		<Copyright>Copyright © 2023</Copyright>
 	</PropertyGroup>
 
 	<ItemGroup>
-		<PackageReference Include="ITfoxtec.Identity" Version="2.5.17" />
+		<PackageReference Include="ITfoxtec.Identity" Version="2.5.19" />
 		<PackageReference Include="ITfoxtec.Identity.Saml2" Version="4.8.6" />
 		<PackageReference Include="Microsoft.AspNetCore.Components.DataAnnotations.Validation" Version="3.2.0-rc1.20223.4" />
 		<PackageReference Include="System.Net.Http.Json" Version="7.0.1" />

diff --git a/src/FoxIDs/Extensions/RouteBindingExtensions.cs b/src/FoxIDs/Extensions/RouteBindingExtensions.cs
@@ -1,12 +1,10 @@
 using FoxIDs.Models;
 using ITfoxtec.Identity;
-using Microsoft.AspNetCore.Components;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.WebUtilities;
 using System;
 using System.Collections.Generic;
-using System.Linq;
-using UrlCombineLib;
+using ITfoxtec.Identity.Util;
 
 namespace FoxIDs
 {