Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat/265 url param instantiation #1068

Open
wants to merge 34 commits into
base: main
Choose a base branch
from
Open
Changes from 1 commit
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
75a82a2
added endpoint to set session values in HomeController
adamhaeger Jan 23, 2025
0eb977d
calculating fields and datamodel in before sessions torage
adamhaeger Jan 24, 2025
0364dd7
Merge branch 'main' into feat/265-url-param-instantiation
adamhaeger Jan 24, 2025
030a76b
wip
adamhaeger Jan 28, 2025
066cd97
clean
adamhaeger Jan 28, 2025
c272983
added null checks
adamhaeger Jan 28, 2025
d0128e4
wip
adamhaeger Jan 28, 2025
0e80736
added null checks
adamhaeger Jan 30, 2025
44a457a
updated swagger
adamhaeger Jan 30, 2025
9b3918a
Merge branch 'main' into feat/265-url-param-instantiation
adamhaeger Jan 30, 2025
c937714
not including query param route in swagger spec as it broke swagger test
adamhaeger Jan 30, 2025
35c31f9
url encoding app and org in js
adamhaeger Jan 30, 2025
0cbb37e
clean
adamhaeger Jan 30, 2025
6b7696a
Added url encoding and CSP with nonce for inline scripts
adamhaeger Jan 30, 2025
b8f75a2
added appId to know mix prefill data from different apps from same se…
adamhaeger Jan 30, 2025
e45a2a7
Added expiry
adamhaeger Jan 31, 2025
7efccaa
checking if we are on a statless app, renamed QueryParams to QueryPar…
adamhaeger Feb 3, 2025
b4de378
handling prefill from query params, added bad request returns in home…
adamhaeger Feb 3, 2025
3d17ad6
implemented IValidateQueryParamPrefill.cs to allow service owners to …
adamhaeger Feb 4, 2025
9299e10
added comments
adamhaeger Feb 4, 2025
385b57e
clean
adamhaeger Feb 4, 2025
c9d7206
wip
adamhaeger Feb 4, 2025
515f1ee
Merge branch 'main' into feat/265-url-param-instantiation
adamhaeger Feb 4, 2025
6b6a418
updated swagger
adamhaeger Feb 4, 2025
35dc6b9
added tests for HomeController
adamhaeger Feb 5, 2025
a6992e4
clean
adamhaeger Feb 5, 2025
2f15ae9
improved AppResourcesMock.cs to make all tests run
adamhaeger Feb 6, 2025
48511e7
cleanup
adamhaeger Feb 6, 2025
b819926
fixed code analysis errors
adamhaeger Feb 6, 2025
6950e77
clean
adamhaeger Feb 6, 2025
0752b4d
merge
adamhaeger Feb 6, 2025
5a9fb8f
Merge branch 'main' into feat/265-url-param-instantiation
adamhaeger Feb 10, 2025
c00b804
removed unsafe json escaping
adamhaeger Feb 11, 2025
9e900a1
clean
adamhaeger Feb 11, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
added endpoint to set session values in HomeController
  • Loading branch information
adamhaeger committed Jan 23, 2025
commit 75a82a2cc79fbfde33fdba74ea2dc0e2ae93efe4
96 changes: 96 additions & 0 deletions src/Altinn.App.Api/Controllers/HomeController.cs
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
using System.Diagnostics;
using System.Text.Json;
using System.Web;
using Altinn.App.Core.Configuration;
@@ -7,12 +8,14 @@
using Microsoft.AspNetCore.Antiforgery;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Newtonsoft.Json.Linq;

namespace Altinn.App.Api.Controllers;

/// <summary>
/// Provides access to the default home view.
/// </summary>
[ApiController]
public class HomeController : Controller
{
private static readonly JsonSerializerOptions _jsonSerializerOptions = new()
@@ -28,6 +31,8 @@ public class HomeController : Controller
private readonly IAppMetadata _appMetadata;
private readonly List<string> _onEntryWithInstance = new List<string> { "new-instance", "select-instance" };

//private readonly ApplicationMetadata _applicationMetadata;

/// <summary>
/// Initialize a new instance of the <see cref="HomeController"/> class.
/// </summary>
@@ -52,6 +57,7 @@ IAppMetadata appMetadata
_appSettings = appSettings.Value;
_appResources = appResources;
_appMetadata = appMetadata;
// _applicationMetadata = applicationMetadata;
}

/// <summary>
@@ -68,6 +74,20 @@ public async Task<IActionResult> Index(
[FromQuery] bool dontChooseReportee
)
{
// Access all query parameters
var allQueryParams = HttpContext.Request.Query;

foreach (var param in allQueryParams)
{
// Log each query parameter key and value
Console.WriteLine($"{param.Key}: {param.Value}");
HttpContext.Session.SetString(param.Key, param.Value);
var value = HttpContext.Session.GetString(param.Key);
Debugger.Break(); // This acts like a breakpoint.
}

//Debugger.Break(); // This acts like a breakpoint.

// See comments in the configuration of Antiforgery in MvcConfiguration.cs.
var tokens = _antiforgery.GetAndStoreTokens(HttpContext);
if (tokens.RequestToken != null)
@@ -82,6 +102,8 @@ [FromQuery] bool dontChooseReportee
);
}

Debugger.Break();

if (await ShouldShowAppView())
{
ViewBag.org = org;
@@ -107,6 +129,80 @@ [FromQuery] bool dontChooseReportee
return Redirect(redirectUrl);
}

/// <summary>
/// Sets query parameters in frontend session storage
/// </summary>
/// <param name="org"></param>
/// <param name="app"></param>
/// <returns></returns>
[HttpGet]
[Route("{org}/{app}/set-query-params")]
public async Task<IActionResult> SetQueryParams(string org, string app)
{
var queryParams = HttpContext.Request.Query;

Application application = await _appMetadata.GetApplicationMetadata();

List<string> dataTypes = application.DataTypes.Select(type => type.Id).ToList();

List<string> allowedQueryParams = GetAllowedQueryParams(dataTypes);

if (allowedQueryParams.Count < 1)
{
return Content("<h1>No query parameters found in the request.</h1>", "text/html");
}

var queryDict = allowedQueryParams.ToDictionary(q => q.Key, q => q.Value.ToString());
var queryParamsJson = System.Text.Json.JsonSerializer.Serialize(queryDict);
var htmlContent =
$@"
<!DOCTYPE html>
<html lang='en'>
<head>
<meta charset='UTF-8'>
<meta name='viewport' content='width=device-width, initial-scale=1.0'>
<title>Set Query Params</title>
</head>
<body>
<script>
const params = {queryParamsJson};
sessionStorage.setItem('queryParams', JSON.stringify(params));
const redirectUrl = `${{window.location.origin}}/{org}/{app}`;
window.location.href = redirectUrl;
</script>
</body>
</html>";

return Content(htmlContent, "text/html");
}

private List<string> GetAllowedQueryParams(List<string> dataTypes)
{
return dataTypes
.Select(item =>
{
var prefillJson = _appResources.GetPrefillJson(item);
if (prefillJson == null)
{
return null;
}

JObject prefillConfiguration = JObject.Parse(prefillJson);
JToken? queryParamObject = prefillConfiguration.SelectToken("QueryParams");

if (queryParamObject != null && queryParamObject.Type == JTokenType.Object)
{
return ((JObject)queryParamObject).Properties().Select(prop => prop.Name).ToList();
}

return null;
})
.Where(result => result != null)
.SelectMany(result => result)
.Distinct()
.ToList();
}

private async Task<bool> ShouldShowAppView()
{
if (User?.Identity?.IsAuthenticated == true)