Update dialogporten client package and use improved token validator.

MagnusSandgren · MagnusSandgren · commit 35e940d5fe1c · 2025-02-27T15:17:44.000+01:00
diff --git a/src/Altinn.DialogportenAdapter.EventSimulator/Altinn.DialogportenAdapter.EventSimulator.csproj b/src/Altinn.DialogportenAdapter.EventSimulator/Altinn.DialogportenAdapter.EventSimulator.csproj
@@ -9,7 +9,7 @@
 
     <ItemGroup>
       <PackageReference Include="Cocona" Version="2.2.0" />
-      <PackageReference Include="Altinn.Platform.Storage.Interface" Version="4.0.4" />
+      <PackageReference Include="Altinn.Platform.Storage.Interface" Version="4.0.7" />
       <PackageReference Include="Refit.HttpClientFactory" Version="8.0.0" />
     </ItemGroup>
 
diff --git a/src/Altinn.DialogportenAdapter.WebApi/Altinn.DialogportenAdapter.WebApi.csproj b/src/Altinn.DialogportenAdapter.WebApi/Altinn.DialogportenAdapter.WebApi.csproj
@@ -8,16 +8,16 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Altinn.ApiClients.Dialogporten" Version="1.54.0-rc" />
+        <PackageReference Include="Altinn.ApiClients.Dialogporten" Version="1.56.1" />
         <PackageReference Include="Altinn.ApiClients.Maskinporten" Version="9.2.1" />
-        <PackageReference Include="Azure.Extensions.AspNetCore.Configuration.Secrets" Version="1.3.2" />
-        <PackageReference Include="Altinn.Platform.Storage.Interface" Version="4.0.4" />
+        <PackageReference Include="Azure.Extensions.AspNetCore.Configuration.Secrets" Version="1.4.0" />
+        <PackageReference Include="Altinn.Platform.Storage.Interface" Version="4.0.7" />
         <PackageReference Include="Azure.Identity" Version="1.13.2" />
-        <PackageReference Include="JWTCookieAuthentication" Version="4.0.1" />
-         <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.22.0" />
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.0"/>
+        <PackageReference Include="JWTCookieAuthentication" Version="4.0.4" />
+         <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.23.0" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.2" />
         <PackageReference Include="Refit.HttpClientFactory" Version="8.0.0" />
-        <PackageReference Include="UUIDNext" Version="4.0.0" />
+        <PackageReference Include="UUIDNext" Version="4.1.1" />
     </ItemGroup>
 
 </Project>
diff --git a/src/Altinn.DialogportenAdapter.WebApi/Common/Constants.cs b/src/Altinn.DialogportenAdapter.WebApi/Common/Constants.cs
@@ -1,11 +1,15 @@
 using System.Collections.Immutable;
+using Altinn.DialogportenAdapter.WebApi.Infrastructure.Dialogporten;
 using Altinn.Platform.Storage.Interface.Enums;
 
 namespace Altinn.DialogportenAdapter.WebApi.Common;
 
-public static class Constants
+internal static class Constants
 {
     public const int DefaultMaxStringLength = 255;
+    
+    public const string InstanceDataValueDialogIdKey = "dialog.id";
+    public const string InstanceDataValueDisableSyncKey = "dialog.disableAutomaticSync";
 
     public static readonly ImmutableArray<string> SupportedEventTypes =
     [
@@ -26,4 +30,10 @@ public static class Constants
         InstanceEventType.MessageArchived.ToString(),
         InstanceEventType.MessageRead.ToString(),
     ];
+    
+    public static readonly ImmutableArray<(DialogGuiActionPriority Priority, int Limit)> PriorityLimits = [
+        (DialogGuiActionPriority.Primary, 1),
+        (DialogGuiActionPriority.Secondary, 1),
+        (DialogGuiActionPriority.Tertiary, 5 )
+    ];
 }
diff --git a/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Delete/InstanceService.cs b/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Delete/InstanceService.cs
@@ -4,57 +4,54 @@
 
 namespace Altinn.DialogportenAdapter.WebApi.Features.Command.Delete;
 
-public record DeleteDialogDto(int PartyId, Guid InstanceGuid, bool Hard, string DialogToken);
+internal sealed record DeleteInstanceDto(int PartyId, Guid InstanceGuid, bool Hard, string DialogToken);
 
-public enum DeleteDialogResult
+internal enum DeleteInstanceResult
 {
     Success,
     InstanceNotFound,
     Unauthorized
 }
 
-internal sealed class DeleteDialogService
+internal sealed class InstanceService
 {
     private readonly IStorageApi _storageApi;
     private readonly IDialogTokenValidator _dialogTokenValidator;
 
-    public DeleteDialogService(IStorageApi storageApi, IDialogTokenValidator dialogTokenValidator)
+    public InstanceService(IStorageApi storageApi, IDialogTokenValidator dialogTokenValidator)
     {
         _storageApi = storageApi ?? throw new ArgumentNullException(nameof(storageApi));
         _dialogTokenValidator = dialogTokenValidator ?? throw new ArgumentNullException(nameof(dialogTokenValidator));
     }
 
-    public async Task<DeleteDialogResult> DeleteDialog(DeleteDialogDto request, CancellationToken cancellationToken)
+    public async Task<DeleteInstanceResult> Delete(DeleteInstanceDto request, CancellationToken cancellationToken)
     {
         var instance = await _storageApi
             .GetInstance(request.PartyId, request.InstanceGuid, cancellationToken)
             .ContentOrDefault();
 
         if (instance is null)
         {
-            return DeleteDialogResult.InstanceNotFound;
+            return DeleteInstanceResult.InstanceNotFound;
         }
 
         var dialogId = request.InstanceGuid.ToVersion7(instance.Created!.Value);
-        var result = ValidateDialogToken(request.DialogToken, dialogId);
-        if (!result.IsValid)
+        if (!ValidateDialogToken(request.DialogToken, dialogId))
         {
-            return DeleteDialogResult.Unauthorized;
+            return DeleteInstanceResult.Unauthorized;
         }
         
         await _storageApi.DeleteInstance(request.PartyId, request.InstanceGuid, request.Hard, cancellationToken);
-        return DeleteDialogResult.Success;
+        return DeleteInstanceResult.Success;
     }
     
-    private IValidationResult ValidateDialogToken(ReadOnlySpan<char> token, Guid dialogId)
+    private bool ValidateDialogToken(ReadOnlySpan<char> token, Guid dialogId)
     {
         const string bearerPrefix = "Bearer ";
         token = token.StartsWith(bearerPrefix, StringComparison.OrdinalIgnoreCase) 
             ? token[bearerPrefix.Length..] 
             : token;
-        var result = _dialogTokenValidator.Validate(token);
-        // TODO: Validate dialog id
-        // TODO: Validate action
-        return result;
+        var result = _dialogTokenValidator.Validate(token, dialogId, ["delete"]);
+        return result.IsValid;
     }
 }
diff --git a/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Sync/ActivityDtoTransformer.cs b/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Sync/ActivityDtoTransformer.cs
@@ -5,7 +5,7 @@
 
 namespace Altinn.DialogportenAdapter.WebApi.Features.Command.Sync;
 
-internal class ActivityDtoTransformer
+internal sealed class ActivityDtoTransformer
 {
     public List<ActivityDto> GetActivities(InstanceEventList events)
     {
diff --git a/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Sync/StorageDialogportenDataMerger.cs b/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Sync/StorageDialogportenDataMerger.cs
@@ -7,11 +7,6 @@ namespace Altinn.DialogportenAdapter.WebApi.Features.Command.Sync;
 
 internal sealed class StorageDialogportenDataMerger
 {
-    private static readonly List<(DialogGuiActionPriority Priority, int Limit)> PriorityLimits = [
-        (DialogGuiActionPriority.Primary, 1),
-        (DialogGuiActionPriority.Secondary, 1),
-        (DialogGuiActionPriority.Tertiary, 5 )
-    ];
 
     private readonly Settings _settings;
 
@@ -273,7 +268,7 @@ private static List<GuiActionDto> MergeGuiActions(IEnumerable<GuiActionDto> exis
             .ExceptBy(storageActions.Select(x => x.Id), x => x.Id)
             .ToList();
 
-        var priorityCapacity = PriorityLimits
+        var priorityCapacity = Constants.PriorityLimits
             .GroupJoin(result, x => x.Priority, x => x.Priority,
                 (priorityLimit, existingActions) =>
                 (
diff --git a/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Sync/SyncInstanceToDialogService.cs b/src/Altinn.DialogportenAdapter.WebApi/Features/Command/Sync/SyncInstanceToDialogService.cs
@@ -61,12 +61,12 @@ public async Task Sync(SyncInstanceToDialogDto dto, CancellationToken cancellati
             return;
         }
 
-        if (instance is not null)
+        if (ShouldUpdateInstanceWithDialogId(instance, dialogId))
         {
             // Update the instance with the dialogId before we start to modify the dialog
-            // This way we can keep track of which instances that have been synced to dialogporten
-            // even if the dialogporten api is down or we have a bug in the sync process.
-            // TODO: Si til team core (storage) at de ikke skal sende event dersom datavalues endres
+            // This way we can keep track of which instances that have been attempted synced
+            // to dialogporten even if the dialogporten api is down or we have a bug in the
+            // sync process.
             await UpdateInstanceWithDialogId(dto, dialogId, cancellationToken);
         }
         
@@ -133,9 +133,8 @@ private static bool ShouldSoftDeleteDialog([NotNullWhen(true)] Instance? instanc
 
     private static bool IsDialogSyncDisabled(Instance? instance)
     {
-        const string disableSyncKey = "dialog.disableAutomaticSync";
         return instance?.DataValues is not null 
-               && instance.DataValues.TryGetValue(disableSyncKey, out var disableSyncString) 
+               && instance.DataValues.TryGetValue(Constants.InstanceDataValueDisableSyncKey, out var disableSyncString) 
                && bool.TryParse(disableSyncString, out var disableSync) 
                && disableSync;
     }
@@ -164,6 +163,14 @@ private static bool ShouldPurgeDialog(Instance? instance, [NotNullWhen(true)] Di
     {
         return instance is null or { Status.IsHardDeleted: true } && existingDialog is not null;
     }
+    
+    private static bool ShouldUpdateInstanceWithDialogId([NotNullWhen(true)] Instance? instance, Guid dialogId)
+    {
+        return instance?.DataValues is null
+           || !instance.DataValues.TryGetValue(Constants.InstanceDataValueDialogIdKey, out var dialogIdString)
+           || !Guid.TryParse(dialogIdString, out var instanceDialogId)
+           || instanceDialogId != dialogId;
+    }
 
     private Task UpsertDialog(DialogDto dialog, bool disableAltinnEvents, CancellationToken cancellationToken)
     {
@@ -201,7 +208,7 @@ private Task UpdateInstanceWithDialogId(SyncInstanceToDialogDto dto, Guid dialog
         {
             Values = new()
             {
-                { "dialog.id", dialogId.ToString() }
+                { Constants.InstanceDataValueDialogIdKey, dialogId.ToString() }
             }
         }, cancellationToken);
     }
diff --git a/src/Altinn.DialogportenAdapter.WebApi/Program.cs b/src/Altinn.DialogportenAdapter.WebApi/Program.cs
@@ -103,15 +103,15 @@
     [FromRoute] Guid instanceGuid,
     [FromQuery] bool hard,
     [FromHeader(Name = "Authorization")] string authorization,
-    [FromServices] DeleteDialogService deleteService,
+    [FromServices] InstanceService instanceService,
     CancellationToken cancellationToken) =>
 {
-    var request = new DeleteDialogDto(instanceOwner, instanceGuid, hard, authorization);
-    return await deleteService.DeleteDialog(request, cancellationToken) switch
+    var request = new DeleteInstanceDto(instanceOwner, instanceGuid, hard, authorization);
+    return await instanceService.Delete(request, cancellationToken) switch
     {
-        DeleteDialogResult.Success => Results.NoContent(),
-        DeleteDialogResult.InstanceNotFound => Results.NotFound(),
-        DeleteDialogResult.Unauthorized => Results.Unauthorized(),
+        DeleteInstanceResult.Success => Results.NoContent(),
+        DeleteInstanceResult.InstanceNotFound => Results.NotFound(),
+        DeleteInstanceResult.Unauthorized => Results.Unauthorized(),
         _ => Results.InternalServerError()
     };
 });
diff --git a/tests/Altinn.DialogportenAdapter.Unit.Tests/Altinn.DialogportenAdapter.Unit.Tests.csproj b/tests/Altinn.DialogportenAdapter.Unit.Tests/Altinn.DialogportenAdapter.Unit.Tests.csproj
@@ -10,10 +10,16 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="coverlet.collector" Version="6.0.0"/>
-        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0"/>
-        <PackageReference Include="xunit" Version="2.5.3"/>
-        <PackageReference Include="xunit.runner.visualstudio" Version="2.5.3"/>
+        <PackageReference Include="coverlet.collector" Version="6.0.4">
+          <PrivateAssets>all</PrivateAssets>
+          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+        </PackageReference>
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.13.0" />
+        <PackageReference Include="xunit" Version="2.9.3" />
+        <PackageReference Include="xunit.runner.visualstudio" Version="3.0.2">
+          <PrivateAssets>all</PrivateAssets>
+          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+        </PackageReference>
     </ItemGroup>
 
     <ItemGroup>

Original file line number	Diff line number	Diff line change
`@@ -4,57 +4,54 @@`
`4`	`4`
`5`	`5`	`namespace Altinn.DialogportenAdapter.WebApi.Features.Command.Delete;`
`6`	`6`
`7`		`-public record DeleteDialogDto(int PartyId, Guid InstanceGuid, bool Hard, string DialogToken);`
	`7`	`+internal sealed record DeleteInstanceDto(int PartyId, Guid InstanceGuid, bool Hard, string DialogToken);`
`8`	`8`
`9`		`-public enum DeleteDialogResult`
	`9`	`+internal enum DeleteInstanceResult`
`10`	`10`	`{`
`11`	`11`	`Success,`
`12`	`12`	`InstanceNotFound,`
`13`	`13`	`Unauthorized`
`14`	`14`	`}`
`15`	`15`
`16`		`-internal sealed class DeleteDialogService`
	`16`	`+internal sealed class InstanceService`
`17`	`17`	`{`
`18`	`18`	`private readonly IStorageApi _storageApi;`
`19`	`19`	`private readonly IDialogTokenValidator _dialogTokenValidator;`
`20`	`20`
`21`		`- public DeleteDialogService(IStorageApi storageApi, IDialogTokenValidator dialogTokenValidator)`
	`21`	`+ public InstanceService(IStorageApi storageApi, IDialogTokenValidator dialogTokenValidator)`
`22`	`22`	`{`
`23`	`23`	`_storageApi = storageApi ?? throw new ArgumentNullException(nameof(storageApi));`
`24`	`24`	`_dialogTokenValidator = dialogTokenValidator ?? throw new ArgumentNullException(nameof(dialogTokenValidator));`
`25`	`25`	`}`
`26`	`26`
`27`		`- public async Task<DeleteDialogResult> DeleteDialog(DeleteDialogDto request, CancellationToken cancellationToken)`
	`27`	`+ public async Task<DeleteInstanceResult> Delete(DeleteInstanceDto request, CancellationToken cancellationToken)`
`28`	`28`	`{`
`29`	`29`	`var instance = await _storageApi`
`30`	`30`	`.GetInstance(request.PartyId, request.InstanceGuid, cancellationToken)`
`31`	`31`	`.ContentOrDefault();`
`32`	`32`
`33`	`33`	`if (instance is null)`
`34`	`34`	`{`
`35`		`- return DeleteDialogResult.InstanceNotFound;`
	`35`	`+ return DeleteInstanceResult.InstanceNotFound;`
`36`	`36`	`}`
`37`	`37`
`38`	`38`	`var dialogId = request.InstanceGuid.ToVersion7(instance.Created!.Value);`
`39`		`- var result = ValidateDialogToken(request.DialogToken, dialogId);`
`40`		`- if (!result.IsValid)`
	`39`	`+ if (!ValidateDialogToken(request.DialogToken, dialogId))`
`41`	`40`	`{`
`42`		`- return DeleteDialogResult.Unauthorized;`
	`41`	`+ return DeleteInstanceResult.Unauthorized;`
`43`	`42`	`}`
`44`	`43`
`45`	`44`	`await _storageApi.DeleteInstance(request.PartyId, request.InstanceGuid, request.Hard, cancellationToken);`
`46`		`- return DeleteDialogResult.Success;`
	`45`	`+ return DeleteInstanceResult.Success;`
`47`	`46`	`}`
`48`	`47`
`49`		`- private IValidationResult ValidateDialogToken(ReadOnlySpan<char> token, Guid dialogId)`
	`48`	`+ private bool ValidateDialogToken(ReadOnlySpan<char> token, Guid dialogId)`
`50`	`49`	`{`
`51`	`50`	`const string bearerPrefix = "Bearer ";`
`52`	`51`	`token = token.StartsWith(bearerPrefix, StringComparison.OrdinalIgnoreCase)`
`53`	`52`	`? token[bearerPrefix.Length..]`
`54`	`53`	`: token;`
`55`		`- var result = _dialogTokenValidator.Validate(token);`
`56`		`- // TODO: Validate dialog id`
`57`		`- // TODO: Validate action`
`58`		`- return result;`
	`54`	`+ var result = _dialogTokenValidator.Validate(token, dialogId, ["delete"]);`
	`55`	`+ return result.IsValid;`
`59`	`56`	`}`
`60`	`57`	`}`
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@`
`5`	`5`
`6`	`6`	`namespace Altinn.DialogportenAdapter.WebApi.Features.Command.Sync;`
`7`	`7`
`8`		`-internal class ActivityDtoTransformer`
	`8`	`+internal sealed class ActivityDtoTransformer`
`9`	`9`	`{`
`10`	`10`	`public List<ActivityDto> GetActivities(InstanceEventList events)`
`11`	`11`	`{`
Original file line number	Diff line number	Diff line change
`@@ -61,12 +61,12 @@ public async Task Sync(SyncInstanceToDialogDto dto, CancellationToken cancellati`
`61`	`61`	`return;`
`62`	`62`	`}`
`63`	`63`
`64`		`- if (instance is not null)`
	`64`	`+ if (ShouldUpdateInstanceWithDialogId(instance, dialogId))`
`65`	`65`	`{`
`66`	`66`	`// Update the instance with the dialogId before we start to modify the dialog`
`67`		`- // This way we can keep track of which instances that have been synced to dialogporten`
`68`		`- // even if the dialogporten api is down or we have a bug in the sync process.`
`69`		`- // TODO: Si til team core (storage) at de ikke skal sende event dersom datavalues endres`
	`67`	`+ // This way we can keep track of which instances that have been attempted synced`
	`68`	`+ // to dialogporten even if the dialogporten api is down or we have a bug in the`
	`69`	`+ // sync process.`
`70`	`70`	`await UpdateInstanceWithDialogId(dto, dialogId, cancellationToken);`
`71`	`71`	`}`
`72`	`72`
`@@ -133,9 +133,8 @@ private static bool ShouldSoftDeleteDialog([NotNullWhen(true)] Instance? instanc`
`133`	`133`
`134`	`134`	`private static bool IsDialogSyncDisabled(Instance? instance)`
`135`	`135`	`{`
`136`		`- const string disableSyncKey = "dialog.disableAutomaticSync";`
`137`	`136`	`return instance?.DataValues is not null`
`138`		`- && instance.DataValues.TryGetValue(disableSyncKey, out var disableSyncString)`
	`137`	`+ && instance.DataValues.TryGetValue(Constants.InstanceDataValueDisableSyncKey, out var disableSyncString)`
`139`	`138`	`&& bool.TryParse(disableSyncString, out var disableSync)`
`140`	`139`	`&& disableSync;`
`141`	`140`	`}`
`@@ -164,6 +163,14 @@ private static bool ShouldPurgeDialog(Instance? instance, [NotNullWhen(true)] Di`
`164`	`163`	`{`
`165`	`164`	`return instance is null or { Status.IsHardDeleted: true } && existingDialog is not null;`
`166`	`165`	`}`
	`166`	`+`
	`167`	`+ private static bool ShouldUpdateInstanceWithDialogId([NotNullWhen(true)] Instance? instance, Guid dialogId)`
	`168`	`+ {`
	`169`	`+ return instance?.DataValues is null`
	`170`	`+ \|\| !instance.DataValues.TryGetValue(Constants.InstanceDataValueDialogIdKey, out var dialogIdString)`
	`171`	`+ \|\| !Guid.TryParse(dialogIdString, out var instanceDialogId)`
	`172`	`+ \|\| instanceDialogId != dialogId;`
	`173`	`+ }`
`167`	`174`
`168`	`175`	`private Task UpsertDialog(DialogDto dialog, bool disableAltinnEvents, CancellationToken cancellationToken)`
`169`	`176`	`{`
`@@ -201,7 +208,7 @@ private Task UpdateInstanceWithDialogId(SyncInstanceToDialogDto dto, Guid dialog`
`201`	`208`	`{`
`202`	`209`	`Values = new()`
`203`	`210`	`{`
`204`		`- { "dialog.id", dialogId.ToString() }`
	`211`	`+ { Constants.InstanceDataValueDialogIdKey, dialogId.ToString() }`
`205`	`212`	`}`
`206`	`213`	`}, cancellationToken);`
`207`	`214`	`}`