Fix Dialogtoken issuer, Postman collection and Redis connection strng (…

…#648) * Use Dialogporten issuer from appsettings * Add Redis connection string for local development to appsettings.Development * Updated Postman collection
Altinn · Jan 30, 2025 · d413b41 · d413b41
1 parent b2cea28
commit d413b41
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 80 deletions.
diff --git a/.github/workflows/ci-cd.yaml b/.github/workflows/ci-cd.yaml
@@ -80,6 +80,7 @@ jobs:
           SLACK_URL: ${{ secrets.SLACK_URL }}
           SBL_BRIDGE_BASE_URL: ${{ secrets.SBL_BRIDGE_BASE_URL }}
           RESOURCE_WHITELIST: ${{ secrets.RESOURCE_WHITELIST }}
+          MASKINPORTEN_ENVIRONMENT: ${{ secrets.MASKINPORTEN_ENVIRONMENT }}
 
   deploy-at22:
     name: deploy at22

diff --git a/altinn-correspondence-postman-collection.json b/altinn-correspondence-postman-collection.json
@@ -227,13 +227,6 @@
 										"correspondence",
 										"{{correspondenceId}}",
 										"markasread"
-									],
-									"query": [
-										{
-											"key": "onBehalfOf",
-											"value": "",
-											"description": "(Optional) Specifies the identifier of the entity on whose behalf the current user is acting."
-										}
 									]
 								}
 							},
@@ -336,13 +329,6 @@
 										"correspondence",
 										"{{correspondenceId}}",
 										"confirm"
-									],
-									"query": [
-										{
-											"key": "onBehalfOf",
-											"value": "",
-											"description": "(Optional) Specifies the identifier of the entity on whose behalf the current user is acting."
-										}
 									]
 								}
 							},
@@ -445,13 +431,6 @@
 										"correspondence",
 										"{{correspondenceId}}",
 										"archive"
-									],
-									"query": [
-										{
-											"key": "onBehalfOf",
-											"value": "",
-											"description": "(Optional) Specifies the identifier of the entity on whose behalf the current user is acting."
-										}
 									]
 								}
 							},
@@ -537,13 +516,6 @@
 										"attachment",
 										"{{attachmentId}}",
 										"download"
-									],
-									"query": [
-										{
-											"key": "onBehalfOf",
-											"value": "",
-											"description": "(Optional) Specifies the identifier of the entity on whose behalf the current user is acting."
-										}
 									]
 								}
 							},
@@ -614,13 +586,6 @@
 										"correspondence",
 										"{{correspondenceId}}",
 										"purge"
-									],
-									"query": [
-										{
-											"key": "onBehalfOf",
-											"value": "",
-											"description": "(Optional) Specifies the identifier of the entity on whose behalf the current user is acting."
-										}
 									]
 								}
 							},
@@ -712,7 +677,7 @@
 						],
 						"body": {
 							"mode": "raw",
-							"raw": "{\n    \"Correspondence\": {\n        \"resourceId\": \"{{resource_id}}\",\n        \"sender\": \"0192:{{senderOrgNo}}\",\n        \"sendersReference\": \"1\",\n        \"content\": {\n            \"language\": \"nb\",\n            \"messageTitle\": \"Meldingstittel\",\n            \"messageSummary\": \"Ett sammendrag for meldingen\",\n            \"messageBody\": \"# meldingsteksten. Som kan være plain text eller markdown \",\n            \"attachments\": []\n        },\n        \"RequestedPublishTime\": \"2024-09-28T12:44:28.290518+00:00\",\n        \"allowSystemDeleteAfter\": \"2025-08-29T13:31:28.290518+00:00\",\n        \"dueDateTime\": \"2025-05-29T13:31:28.290518+00:00\",\n        \"externalReferences\": [\n            {\n                \"referenceValue\": \"1\",\n                \"referenceType\": \"AltinnBrokerFileTransfer\"\n            }\n        ],\n        \"propertyList\": {\n            \"deserunt_12\": \"1\",\n            \"culpa_852\": \"2\",\n            \"anim5\": \"3\",\n            \"Æ*'1??`  \": \"asdfgklasjd\"\n        },\n        \"replyOptions\": [\n            {\n                \"linkURL\": \"https://www.test.no\",\n                \"linkText\": \"test\"\n            },\n            {\n                \"linkURL\": \"https://test.no\",\n                \"linkText\": \"test\"\n            }\n        ],\n        \"notification\": {\n            \"notificationTemplate\": 0,\n            \"notificationChannel\": 3,\n            \"SendReminder\": true,\n            \"EmailBody\": \"Test av varsel\",\n            \"EmailSubject\": \"Dette er innholdet i ett varsel\",\n            \"SmsBody\": \"Dette er innholdet i ett testvarsel\",\n            \"ReminderEmailBody\": \"Dette er test av revarsling \",\n            \"ReminderEmailSubject\": \"Test av revarsel\",\n            \"ReminderSmsBody\": \"Dette er en test av revarslingl\"\n        },\n        \"IgnoreReservation\": true,\n        \"IsConfirmationNeeded\": false\n    },\n    \"Recipients\": [\n        \"0192:{{recipientOrgNo}}\"\n    ],\n    \"existingAttachments\": []\n}",
+							"raw": "{\n    \"Correspondence\": {\n        \"resourceId\": \"{{resource_id}}\",\n        \"sender\": \"urn:altinn:organization:identifier-no:{{senderOrgNo}}\",\n        \"sendersReference\": \"1\",\n        \"content\": {\n            \"language\": \"nb\",\n            \"messageTitle\": \"Meldingstittel\",\n            \"messageSummary\": \"Ett sammendrag for meldingen\",\n            \"messageBody\": \"# meldingsteksten. Som kan være plain text eller markdown \",\n            \"attachments\": []\n        },\n        \"RequestedPublishTime\": \"2024-09-28T12:44:28.290518+00:00\",\n        \"allowSystemDeleteAfter\": \"2025-08-29T13:31:28.290518+00:00\",\n        \"dueDateTime\": \"2025-05-29T13:31:28.290518+00:00\",\n        \"externalReferences\": [\n            {\n                \"referenceValue\": \"1\",\n                \"referenceType\": \"AltinnBrokerFileTransfer\"\n            }\n        ],\n        \"propertyList\": {\n            \"deserunt_12\": \"1\",\n            \"culpa_852\": \"2\",\n            \"anim5\": \"3\",\n            \"Æ*'1??`  \": \"asdfgklasjd\"\n        },\n        \"replyOptions\": [\n            {\n                \"linkURL\": \"https://www.test.no\",\n                \"linkText\": \"test\"\n            },\n            {\n                \"linkURL\": \"https://test.no\",\n                \"linkText\": \"test\"\n            }\n        ],\n        \"notification\": {\n            \"notificationTemplate\": 0,\n            \"notificationChannel\": 3,\n            \"SendReminder\": true,\n            \"EmailBody\": \"Test av varsel\",\n            \"EmailSubject\": \"Dette er innholdet i ett varsel\",\n            \"SmsBody\": \"Dette er innholdet i ett testvarsel\",\n            \"ReminderEmailBody\": \"Dette er test av revarsling \",\n            \"ReminderEmailSubject\": \"Test av revarsel\",\n            \"ReminderSmsBody\": \"Dette er en test av revarslingl\"\n        },\n        \"IgnoreReservation\": true,\n        \"IsConfirmationNeeded\": false\n    },\n    \"Recipients\": [\n        \"urn:altinn:organization:identifier-no:{{recipientOrgNo}}\"\n    ],\n    \"existingAttachments\": []\n}",
 							"options": {
 								"raw": {
 									"headerFamily": "json",
@@ -829,7 +794,7 @@
 							"formdata": [
 								{
 									"key": "Recipients[0]",
-									"value": "0192:{{recipientOrgNo}}",
+									"value": "urn:altinn:organization:identifier-no:{{recipientOrgNo}}",
 									"type": "text"
 								},
 								{
@@ -839,7 +804,7 @@
 								},
 								{
 									"key": "Correspondence.Sender",
-									"value": "0192:{{senderOrgNo}}",
+									"value": "urn:altinn:organization:identifier-no:{{senderOrgNo}}",
 									"type": "text"
 								},
 								{
@@ -1124,13 +1089,6 @@
 								"v1",
 								"correspondence",
 								"{{correspondenceId}}"
-							],
-							"query": [
-								{
-									"key": "onBehalfOf",
-									"value": "",
-									"description": "(Optional) Specifies the identifier of the entity on whose behalf the current user is acting."
-								}
 							]
 						}
 					},
@@ -1210,13 +1168,6 @@
 								"correspondence",
 								"{{correspondenceId}}",
 								"details"
-							],
-							"query": [
-								{
-									"key": "onBehalfOf",
-									"value": "",
-									"description": "(Optional) Specifies the identifier of the entity on whose behalf the current user is acting."
-								}
 							]
 						}
 					},
@@ -1303,7 +1254,7 @@
 							}
 						],
 						"url": {
-							"raw": "{{baseUrl}}/correspondence/api/v1/correspondence?from=2024-02-02T13:31:28.290518&to=2025-08-29T13:31:28.290518&status=2&resourceId={{resource_id}}&role=RecipientAndSender",
+							"raw": "{{baseUrl}}/correspondence/api/v1/correspondence?from=2024-02-02T13:31:28.290518&to=2025-08-29T13:31:28.290518&status=2&resourceId={{resource_id}}&role=RecipientAndSender&onBehalfOf=",
 							"host": [
 								"{{baseUrl}}"
 							],
@@ -1439,7 +1390,7 @@
 						],
 						"body": {
 							"mode": "raw",
-							"raw": "{\n  \"dataType\": \"html\",\n  \"expirationTime\": \"2024-12-12\",\n  \"resourceId\": \"{{resource_id}}\",\n  \"name\": \"testFile\",\n  \"sender\": \"0192:{{senderOrgNo}}\",\n  \"sendersReference\": \"1234\",\n  \"fileName\": \"test-file\",\n  \"isEncrypted\": false\n}",
+							"raw": "{\n  \"expirationTime\": \"2024-12-12\",\n  \"resourceId\": \"{{resource_id}}\",\n  \"name\": \"testFile\",\n  \"sender\": \"0192:{{senderOrgNo}}\",\n  \"sendersReference\": \"1234\",\n  \"fileName\": \"test-file\",\n  \"isEncrypted\": false\n}",
 							"options": {
 								"raw": {
 									"headerFamily": "json",

diff --git a/src/Altinn.Correspondence.API/Helpers/EdDsaSecurityKeysCacheService.cs b/src/Altinn.Correspondence.API/Helpers/EdDsaSecurityKeysCacheService.cs
@@ -1,6 +1,8 @@
 using Microsoft.IdentityModel.Tokens;
 using ScottBrady.IdentityModel.Tokens;
 using ScottBrady.IdentityModel;
+using Altinn.Correspondence.Core.Options;
+using Microsoft.Extensions.Options;
 
 namespace Altinn.Correspondence.API.Helpers
 {
@@ -12,21 +14,12 @@ public class EdDsaSecurityKeysCacheService : IHostedService, IDisposable
         private PeriodicTimer? _timer;
         private readonly IHttpClientFactory _httpClientFactory;
         private readonly ILogger<EdDsaSecurityKeysCacheService> _logger;
+        private readonly DialogportenSettings _dialogportenSettings;
 
         private readonly TimeSpan _refreshInterval = TimeSpan.FromHours(12);
-
-        // In this service we allow keys for all non-production environments for
-        // simplicity. Usually one would only allow a single environment (issuer) here,
-        // which we could get from an injected IConfiguration/IOptions
-        private readonly List<string> _wellKnownEndpoints =
-        [
-            //"https://localhost:7214/api/v1/.well-known/jwks.json",
-            "https://altinn-dev-api.azure-api.net/dialogporten/api/v1/.well-known/jwks.json",
-        "https://platform.tt02.altinn.no/dialogporten/api/v1/.well-known/jwks.json"
-        ];
-
-        public EdDsaSecurityKeysCacheService(IHttpClientFactory httpClientFactory, ILogger<EdDsaSecurityKeysCacheService> logger)
+        public EdDsaSecurityKeysCacheService(IHttpClientFactory httpClientFactory, IOptions<DialogportenSettings> dialogportenSettings, ILogger<EdDsaSecurityKeysCacheService> logger)
         {
+            _dialogportenSettings = dialogportenSettings.Value;
             _httpClientFactory = httpClientFactory;
             _logger = logger;
         }
@@ -68,24 +61,22 @@ private async Task RefreshAsync(CancellationToken cancellationToken)
             var httpClient = _httpClientFactory.CreateClient();
             var keys = new List<EdDsaSecurityKey>();
 
-            foreach (var endpoint in _wellKnownEndpoints)
+            var endpoint = _dialogportenSettings.Issuer + "/.well-known/jwks.json";
+            try
             {
-                try
+                var response = await httpClient.GetStringAsync(endpoint, cancellationToken);
+                var jwks = new JsonWebKeySet(response);
+                foreach (var jwk in jwks.Keys)
                 {
-                    var response = await httpClient.GetStringAsync(endpoint, cancellationToken);
-                    var jwks = new JsonWebKeySet(response);
-                    foreach (var jwk in jwks.Keys)
+                    if (ExtendedJsonWebKeyConverter.TryConvertToEdDsaSecurityKey(jwk, out var edDsaKey))
                     {
-                        if (ExtendedJsonWebKeyConverter.TryConvertToEdDsaSecurityKey(jwk, out var edDsaKey))
-                        {
-                            keys.Add(edDsaKey);
-                        }
+                        keys.Add(edDsaKey);
                     }
                 }
-                catch (Exception ex)
-                {
-                    _logger.LogWarning(ex, "Failed to retrieve keys from {endpoint}", endpoint);
-                }
+            }
+            catch (Exception ex)
+            {
+                _logger.LogWarning(ex, "Failed to retrieve keys from {endpoint}", endpoint);
             }
 
             _logger.LogInformation("Refreshed EdDsa keys cache with {count} keys", keys.Count);

diff --git a/src/Altinn.Correspondence.API/appsettings.Development.json b/src/Altinn.Correspondence.API/appsettings.Development.json
@@ -36,6 +36,7 @@
     "CorrespondenceBaseUrl": "https://localhost:7241/",
     "AltinnSblBridgeBaseUrl": "",
     "ContactReservationRegistryBaseUrl": "https://test.kontaktregisteret.no",
-    "ResourceWhiteList": ""
+    "ResourceWhiteList": "",
+    "RedisConnectionString": "localhost:6379,password=test-password"
   }
 }