refactor encryption and fix review findings

src/Portal.Backend.sln

@@ -54,8 +54,6 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Provisioning.DBAccess", "pr
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Provisioning.Library", "provisioning\Provisioning.Library\Provisioning.Library.csproj", "{C512740F-48A2-4B5B-83F2-EB7753EAE028}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Provisioning.Mail", "provisioning\Provisioning.Mail\Provisioning.Mail.csproj", "{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}"
-EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Provisioning.ProvisioningEntities", "provisioning\Provisioning.ProvisioningEntities\Provisioning.ProvisioningEntities.csproj", "{22DEE4A2-15ED-4176-B912-B357D474D2AC}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "registration", "registration", "{AB9C5AA2-DD5D-4A38-97C0-674A995C0AE0}"
@@ -490,18 +488,6 @@ Global
 		{C512740F-48A2-4B5B-83F2-EB7753EAE028}.Release|x64.Build.0 = Release|Any CPU
 		{C512740F-48A2-4B5B-83F2-EB7753EAE028}.Release|x86.ActiveCfg = Release|Any CPU
 		{C512740F-48A2-4B5B-83F2-EB7753EAE028}.Release|x86.Build.0 = Release|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Debug|x64.ActiveCfg = Debug|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Debug|x64.Build.0 = Debug|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Debug|x86.ActiveCfg = Debug|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Debug|x86.Build.0 = Debug|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Release|Any CPU.Build.0 = Release|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Release|x64.ActiveCfg = Release|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Release|x64.Build.0 = Release|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Release|x86.ActiveCfg = Release|Any CPU
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47}.Release|x86.Build.0 = Release|Any CPU
 		{22DEE4A2-15ED-4176-B912-B357D474D2AC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{22DEE4A2-15ED-4176-B912-B357D474D2AC}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{22DEE4A2-15ED-4176-B912-B357D474D2AC}.Debug|x64.ActiveCfg = Debug|Any CPU
@@ -1709,7 +1695,6 @@ Global
 		{0A65672B-AD03-49F3-BF17-A7EAE78D9846} = {774A1FBD-53C1-43A8-82ED-C8001AC9967C}
 		{1139324D-5704-4742-B065-C55EE6E54329} = {AE4A5C54-72F3-4B55-BB86-09DFA3AA3D7B}
 		{C512740F-48A2-4B5B-83F2-EB7753EAE028} = {AE4A5C54-72F3-4B55-BB86-09DFA3AA3D7B}
-		{9E9770D8-D2C8-496C-AB86-3A41CDBAEA47} = {AE4A5C54-72F3-4B55-BB86-09DFA3AA3D7B}
 		{22DEE4A2-15ED-4176-B912-B357D474D2AC} = {AE4A5C54-72F3-4B55-BB86-09DFA3AA3D7B}
 		{FBEA925C-EE3C-4D81-A492-0B2D386C161E} = {AB9C5AA2-DD5D-4A38-97C0-674A995C0AE0}
 		{3F7A02D4-073C-40FE-B228-8E1BA96B1946} = {AE4A5C54-72F3-4B55-BB86-09DFA3AA3D7B}

src/administration/Administration.Service/Administration.Service.csproj

@@ -51,7 +51,6 @@
     <ProjectReference Include="..\..\framework\Framework.Models\Framework.Models.csproj" />
     <ProjectReference Include="..\..\framework\Framework.Token\Framework.Token.csproj" />
     <ProjectReference Include="..\..\keycloak\Keycloak.Authentication\Keycloak.Authentication.csproj" />
-    <ProjectReference Include="..\..\mailing\Mailing.Service\Mailing.Service.csproj" />
     <ProjectReference Include="..\..\processes\ApplicationChecklist.Config\ApplicationChecklist.Config.csproj" />
     <ProjectReference Include="..\..\notifications\Notifications.Library\Notifications.Library.csproj" />
     <ProjectReference Include="..\..\processes\Mailing.Library\Mailing.Library.csproj" />

src/administration/Administration.Service/BusinessLogic/CompanyDataBusinessLogic.cs

@@ -27,14 +27,14 @@
 using Org.Eclipse.TractusX.Portal.Backend.Framework.Linq;
 using Org.Eclipse.TractusX.Portal.Backend.Framework.Models;
 using Org.Eclipse.TractusX.Portal.Backend.Framework.Web;
-using Org.Eclipse.TractusX.Portal.Backend.Mailing.SendMail;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.DBAccess;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.DBAccess.Extensions;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.DBAccess.Models;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.DBAccess.Repositories;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.PortalEntities.Enums;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.PortalEntities.Identities;
 using Org.Eclipse.TractusX.Portal.Backend.Processes.Mailing.Library;
+using System.Collections.Immutable;
 using System.Globalization;
 using System.Text.Json;
 
@@ -508,16 +508,16 @@ await _custodianService.TriggerDismantlerAsync(data.Bpn, data.Type, cancellation
         if (!string.IsNullOrWhiteSpace(data.RequesterData.RequesterEmail))
         {
             var userName = string.Join(" ", new[] { data.RequesterData.Firstname, data.RequesterData.Lastname }.Where(item => !string.IsNullOrWhiteSpace(item)));
-            var mailParameters = new Dictionary<string, string>
+            var mailParameters = ImmutableDictionary.CreateRange(new[]
             {
-                { "userName", !string.IsNullOrWhiteSpace(userName) ? userName : data.RequesterData.RequesterEmail },
-                { "requestName", typeValue },
-                { "companyName", data.CompanyName },
-                { "credentialType", typeValue },
-                {
+                KeyValuePair.Create("userName", !string.IsNullOrWhiteSpace(userName) ? userName : data.RequesterData.RequesterEmail),
+                KeyValuePair.Create("requestName", typeValue),
+                KeyValuePair.Create("companyName", data.CompanyName),
+                KeyValuePair.Create("credentialType", typeValue),
+                KeyValuePair.Create(
                     "expiryDate", data.ExpiryDate == null ? string.Empty : data.ExpiryDate.Value.ToString("o", CultureInfo.InvariantCulture)
-                }
-            };
+                )
+            });
             _mailingProcessCreation.CreateMailProcess(data.RequesterData.RequesterEmail, "CredentialApproval", mailParameters);
         }
         await _portalRepositories.SaveAsync().ConfigureAwait(false);
@@ -560,15 +560,14 @@ public async Task RejectCredential(Guid credentialId)
         if (!string.IsNullOrWhiteSpace(requesterEmail))
         {
             var userName = string.Join(" ", new[] { requesterFirstname, requesterLastname }.Where(item => !string.IsNullOrWhiteSpace(item)));
-            var mailParameters = new Dictionary<string, string>
+            var mailParameters = ImmutableDictionary.CreateRange(new[]
             {
-                { "userName", !string.IsNullOrWhiteSpace(userName) ? userName : requesterEmail },
-                { "requestName", typeValue }
-            };
+                KeyValuePair.Create("userName", !string.IsNullOrWhiteSpace(userName) ? userName : requesterEmail),
+                KeyValuePair.Create("requestName", typeValue)
+            });
             _mailingProcessCreation.CreateMailProcess(requesterEmail, "CredentialRejected", mailParameters);
         }
         await _portalRepositories.SaveAsync().ConfigureAwait(false);
-
     }
 
     /// <inheritdoc />

src/administration/Administration.Service/BusinessLogic/IdentityProviderBusinessLogic.cs

@@ -25,8 +25,6 @@
 using Org.Eclipse.TractusX.Portal.Backend.Framework.Linq;
 using Org.Eclipse.TractusX.Portal.Backend.Framework.Models.Configuration;
 using Org.Eclipse.TractusX.Portal.Backend.Keycloak.ErrorHandling;
-using Org.Eclipse.TractusX.Portal.Backend.Mailing.SendMail;
-using Org.Eclipse.TractusX.Portal.Backend.Mailing.Service;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.DBAccess;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.DBAccess.Repositories;
 using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.PortalEntities.Entities;
@@ -36,6 +34,7 @@
 using Org.Eclipse.TractusX.Portal.Backend.Provisioning.Library;
 using Org.Eclipse.TractusX.Portal.Backend.Provisioning.Library.Enums;
 using Org.Eclipse.TractusX.Portal.Backend.Provisioning.Library.Models;
+using System.Collections.Immutable;
 using System.Runtime.CompilerServices;
 using System.Text;
 using System.Text.RegularExpressions;
@@ -400,7 +399,7 @@ private async Task DeleteManagedIdpLinks(Guid identityProviderId, string? alias,
         var roleIds = await _mailingProcessCreation.GetRoleData(_settings.DeleteIdpRoles).ConfigureAwait(false);
         var idpLinkedData = identityProviderRepository.GetManagedIdpLinkedData(identityProviderId, roleIds.Distinct());
 
-        async IAsyncEnumerable<(string Email, Dictionary<string, string> Parameters)> DeleteLinksReturningMaildata()
+        async IAsyncEnumerable<(string Email, IReadOnlyDictionary<string, string> Parameters)> DeleteLinksReturningMaildata()
         {
             var companyRepository = _portalRepositories.GetInstance<ICompanyRepository>();
             var userRepository = _portalRepositories.GetInstance<IUserRepository>();
@@ -424,18 +423,18 @@ private async Task DeleteManagedIdpLinks(Guid identityProviderId, string? alias,
                 foreach (var userData in data.Identities.Where(i => i is { IsInUserRoles: true, Userdata.UserMail: not null }).Select(i => i.Userdata))
                 {
                     var userName = string.Join(" ", new[] { userData.FirstName, userData.LastName }.Where(item => !string.IsNullOrWhiteSpace(item)));
-                    var mailParameters = new Dictionary<string, string>
+                    var mailParameters = ImmutableDictionary.CreateRange(new[]
                     {
-                        {"idpAlias", alias ?? identityProviderId.ToString()},
-                        {"ownerCompanyName", ownerCompanyName},
-                        { "username", string.IsNullOrWhiteSpace(userName) ? "User" : userName }
-                    };
+                        KeyValuePair.Create("idpAlias", alias ?? identityProviderId.ToString()),
+                        KeyValuePair.Create("ownerCompanyName", ownerCompanyName),
+                        KeyValuePair.Create("username", string.IsNullOrWhiteSpace(userName) ? "User" : userName)
+                    });
                     yield return (userData.UserMail!, mailParameters);
                 }
             }
         }
 
-        foreach (var mailData in await DeleteLinksReturningMaildata().ToListAsync().ConfigureAwait(false))
+        await foreach (var mailData in DeleteLinksReturningMaildata().ConfigureAwait(false))
         {
             _mailingProcessCreation.CreateMailProcess(mailData.Email, "DeleteManagedIdp", mailData.Parameters);
         }

src/administration/Administration.Service/BusinessLogic/IdentityProviderSettings.cs

@@ -20,14 +20,19 @@
 
 using Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling;
 using Org.Eclipse.TractusX.Portal.Backend.Framework.Models.Configuration;
+using Org.Eclipse.TractusX.Portal.Backend.Framework.Models.Validation;
 using System.Text;
 
 namespace Org.Eclipse.TractusX.Portal.Backend.Administration.Service.BusinessLogic;
 
 public class IdentityProviderSettings
 {
     public IdentityProviderCsvSettings CsvSettings { get; init; } = null!;
+
+    [DistinctValues("x => x.ClientId")]
     public IEnumerable<UserRoleConfig> DeactivateIdpRoles { get; init; } = null!;
+
+    [DistinctValues("x => x.ClientId")]
     public IEnumerable<UserRoleConfig> DeleteIdpRoles { get; init; } = null!;
 
     public bool Validate()
@@ -87,6 +92,7 @@ public static IServiceCollection ConfigureIdentityProviderSettings(
     {
         services.AddOptions<IdentityProviderSettings>()
             .Bind(section)
+            .ValidateDistinctValues(section)
             .Validate(x => x.Validate())
             .ValidateOnStart();
         return services;

src/administration/Administration.Service/BusinessLogic/RegistrationBusinessLogic.cs

@@ -38,6 +38,7 @@
 using Org.Eclipse.TractusX.Portal.Backend.Provisioning.Library;
 using Org.Eclipse.TractusX.Portal.Backend.SdFactory.Library.BusinessLogic;
 using Org.Eclipse.TractusX.Portal.Backend.SdFactory.Library.Models;
+using System.Collections.Immutable;
 using System.Text.RegularExpressions;
 
 namespace Org.Eclipse.TractusX.Portal.Backend.Administration.Service.BusinessLogic;
@@ -528,11 +529,11 @@ public async Task DeclineRegistrationVerification(Guid applicationId, string com
                 ? null
                 : new[] { ProcessStepTypeId.TRIGGER_CALLBACK_OSP_DECLINED });
 
+        PostRegistrationCancelEmailAsync(emailData, companyName, comment);
         await _portalRepositories.SaveAsync().ConfigureAwait(false);
-        await PostRegistrationCancelEmailAsync(emailData, companyName, comment).ConfigureAwait(false);
     }
 
-    private async Task PostRegistrationCancelEmailAsync(ICollection<EmailData> emailData, string companyName, string comment)
+    private void PostRegistrationCancelEmailAsync(ICollection<EmailData> emailData, string companyName, string comment)
     {
         if (string.IsNullOrWhiteSpace(comment))
         {
@@ -548,13 +549,13 @@ private async Task PostRegistrationCancelEmailAsync(ICollection<EmailData> email
                 throw new ConflictException($"user {userName} has no assigned email");
             }
 
-            var mailParameters = new Dictionary<string, string>
+            var mailParameters = ImmutableDictionary.CreateRange(new[]
             {
-                { "userName", !string.IsNullOrWhiteSpace(userName) ? userName : user.Email },
-                { "companyName", companyName },
-                { "declineComment", comment },
-                { "helpUrl", _settings.HelpAddress }
-            };
+                KeyValuePair.Create("userName", !string.IsNullOrWhiteSpace(userName) ? userName : user.Email),
+                KeyValuePair.Create("companyName", companyName),
+                KeyValuePair.Create("declineComment", comment),
+                KeyValuePair.Create("helpUrl", _settings.HelpAddress)
+            });
             _mailingProcessCreation.CreateMailProcess(user.Email, "EmailRegistrationDeclineTemplate", mailParameters);
         }
     }

src/administration/Administration.Service/BusinessLogic/RegistrationSettings.cs

@@ -1,5 +1,4 @@
 /********************************************************************************
- * Copyright (c) 2021, 2023 BMW Group AG
  * Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
  *
  * See the NOTICE file(s) distributed with this work for additional
@@ -26,12 +25,6 @@ namespace Org.Eclipse.TractusX.Portal.Backend.Administration.Service.BusinessLog
 
 public class RegistrationSettings
 {
-    public RegistrationSettings()
-    {
-        DocumentTypeIds = null!;
-        HelpAddress = null!;
-    }
-
     public int ApplicationsMaxPageSize { get; set; }
 
     /// <summary>
@@ -41,10 +34,10 @@ public RegistrationSettings()
     [Required]
     [EnumEnumeration]
     [DistinctValues]
-    public IEnumerable<DocumentTypeId> DocumentTypeIds { get; set; }
+    public IEnumerable<DocumentTypeId> DocumentTypeIds { get; set; } = null!;
 
     [Required(AllowEmptyStrings = false)]
-    public string HelpAddress { get; set; }
+    public string HelpAddress { get; set; } = null!;
 
     public bool UseDimWallet { get; set; }
 }

src/administration/Administration.Service/BusinessLogic/RegistrationStatusBusinessLogic.cs

@@ -58,7 +58,7 @@ public async Task SetCallbackAddress(OnboardingServiceProviderCallbackRequestDat
             throw new ForbiddenException($"Only {CompanyRoleId.ONBOARDING_SERVICE_PROVIDER} are allowed to set the callback url");
         }
 
-        var cryptoConfig = _settings.EncryptionConfigs.SingleOrDefault(x => x.Index == _settings.EncrptionConfigIndex) ?? throw new ConfigurationException($"EncryptionModeIndex {_settings.EncrptionConfigIndex} is not configured");
+        var cryptoConfig = _settings.EncryptionConfigs.SingleOrDefault(x => x.Index == _settings.EncryptionConfigIndex) ?? throw new ConfigurationException($"EncryptionModeIndex {_settings.EncryptionConfigIndex} is not configured");
         var (secret, initializationVector) = CryptoHelper.Encrypt(requestData.ClientSecret, Convert.FromHexString(cryptoConfig.EncryptionKey), cryptoConfig.CipherMode, cryptoConfig.PaddingMode);
 
         if (ospDetailId.HasValue && ospDetails != null)

src/administration/Administration.Service/BusinessLogic/ServiceAccountSettings.cs

@@ -1,5 +1,4 @@
 /********************************************************************************
- * Copyright (c) 2021, 2023 BMW Group AG
  * Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
  *
  * See the NOTICE file(s) distributed with this work for additional
@@ -27,16 +26,11 @@ namespace Org.Eclipse.TractusX.Portal.Backend.Administration.Service.BusinessLog
 /// </summary>
 public class ServiceAccountSettings
 {
-    public ServiceAccountSettings()
-    {
-        ClientId = null!;
-    }
-
     /// <summary>
     /// Service account clientId.
     /// </summary>
     [Required(AllowEmptyStrings = false)]
-    public string ClientId { get; set; }
+    public string ClientId { get; set; } = null!;
 }
 
 public static class ServiceAccountSettingsExtensions