SDK-2808: .NET - SDK Security Dependency Upgrade

.github/ISSUE_TEMPLATE.md

@@ -12,6 +12,6 @@ assignees: ''
 #
 # There's a better way to get help!
 #
-# Send your questions or issues to sdksupport@yoti.com
+# Send your questions or issues to https://support.yoti.com
 #
 #

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Yoti Support
+    url: https://support.yoti.com/yotisupport/s/contactsupport
+    about: Please send your questions or issues here.

.gitignore

@@ -34,9 +34,6 @@ Backup*/
 # except build/, which is used as an MSBuild target.
 !**/packages/build/
 
-.DS_STORE
-.DS_Store
-
 # Coverage
 OpenCover/
 
@@ -45,3 +42,4 @@ src/tools/
 
 # Code Coverage Results
 src/TestResults/
+*.lscache

README.md

@@ -64,7 +64,7 @@ The Yoti SDK can be used for the following products, follow the links for more i
 
 ## Support
 
-For any questions or support please email [clientsupport@yoti.com](mailto:clientsupport@yoti.com).
+For any questions or support please contact us here: https://support.yoti.com
 Please provide the following to get you up and working as quickly as possible:
 
 * Computer type

azure-pipelines-sonar-only.yml

@@ -0,0 +1,59 @@
+# Minimal SonarCloud-only pipeline for testing
+# This is a temporary pipeline to test SonarCloud configuration
+
+trigger:
+  branches:
+    include:
+    - release/3.20.0
+
+pool:
+  vmImage: 'windows-latest'
+
+variables:
+  solution: '**/*.sln'
+  buildPlatform: 'Any CPU'
+  buildConfiguration: 'Release'
+
+steps:
+- task: SonarCloudPrepare@1
+  inputs:
+    SonarCloud: 'Yoti SonarCloud'
+    organization: 'getyoti'
+    scannerMode: 'MSBuild'
+    projectKey: 'getyoti:dotnet'
+    projectName: '.NET SDK'
+    projectVersion: '3.20.0'
+    extraProperties: |
+      sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml"
+      sonar.links.scm = https://github.com/getyoti/yoti-dotnet-sdk
+      sonar.exclusions = src/Yoti.Auth/ProtoBuf/**,src/Examples/**,**/obj/**,**/*.dll,src/Yoti.Auth/DigitalIdentity/**
+  displayName: SonarCloud Prepare Analysis
+
+- task: UseDotNet@2
+  inputs:
+    packageType: 'sdk'
+    version: '8.x'
+  displayName: 'Install .NET 8.0 SDK'
+
+- task: NuGetToolInstaller@1
+
+- task: NuGetCommand@2
+  inputs:
+    restoreSolution: '$(solution)'
+  displayName: Restore Solution
+
+- task: VSBuild@1
+  inputs:
+    solution: '$(solution)'
+    platform: '$(buildPlatform)'
+    configuration: '$(buildConfiguration)'
+    msbuildArgs: '/p:SkipInvalidConfigurations=false'
+  displayName: Build Solution (Minimal)
+
+- task: SonarCloudAnalyze@1
+  displayName: Sonar Cloud Analyze
+
+- task: SonarCloudPublish@1
+  inputs:
+    pollingTimeoutSec: '300'
+  displayName: Sonar Cloud Publish

azure-pipelines.yml

@@ -32,11 +32,11 @@ steps:
     scannerMode: 'MSBuild'
     projectKey: 'getyoti:dotnet'
     projectName: '.NET SDK'
-    projectVersion: '3.11.0'
+    projectVersion: '3.20.0'
     extraProperties: |
       sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml"
       sonar.links.scm = https://github.com/getyoti/yoti-dotnet-sdk
-      sonar.exclusions = src/Yoti.Auth/ProtoBuf/**,src/Examples/**,**/obj/**,**/*.dll
+      sonar.exclusions = src/Yoti.Auth/ProtoBuf/**,src/Examples/**,**/obj/**,**/*.dll,src/Yoti.Auth/DigitalIdentity/**
   displayName: SonarCloud Prepare Analysis
 
 - task: NuGetToolInstaller@1

src/Examples/Aml/AmlExample/AmlExample.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <TargetFramework>netcoreapp3.1</TargetFramework>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
@@ -12,7 +12,10 @@
 
   <ItemGroup>
     <PackageReference Include="DotNetEnv" Version="2.3.0" />
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.4" />
+    <!-- CVE fixes: GHSA-ghhp-997w-qr28 (Critical), GHSA-cmhx-cq75-c4mj (High) -->
+    <PackageReference Include="System.Text.Encodings.Web" Version="4.7.2" />
+    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
   </ItemGroup>
 
   <ItemGroup>

src/Examples/DigitalIdentity/DigitalIdentity/.dockerignore

@@ -0,0 +1,25 @@
+**/.classpath
+**/.dockerignore
+**/.env
+**/.git
+**/.gitignore
+**/.project
+**/.settings
+**/.toolstarget
+**/.vs
+**/.vscode
+**/*.*proj.user
+**/*.dbmdl
+**/*.jfm
+**/azds.yaml
+**/bin
+**/charts
+**/docker-compose*
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+LICENSE
+README.md

src/Examples/DigitalIdentity/DigitalIdentity/.env.example

@@ -0,0 +1,2 @@
+YOTI_CLIENT_SDK_ID=yourClientSdkId
+YOTI_KEY_FILE_PATH=yourKeyFilePath

src/Examples/DigitalIdentity/DigitalIdentity/Controllers/AdvancedIdentityShareController.cs

@@ -0,0 +1,94 @@
+using System;
+using System.IO;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using Newtonsoft.Json;
+using Yoti.Auth;
+using Yoti.Auth.DigitalIdentity;
+using Yoti.Auth.DigitalIdentity.Policy;
+
+namespace DigitalIdentityExample.Controllers
+{
+    public class AdvancedIdentityShareController : Controller
+    {
+        private readonly string _clientSdkId;
+        private readonly ILogger _logger;
+        public AdvancedIdentityShareController(ILogger<AdvancedIdentityShareController> logger)
+        {
+            _logger = logger;
+
+            _clientSdkId = Environment.GetEnvironmentVariable("YOTI_CLIENT_SDK_ID");
+            _logger.LogInformation(string.Format("Yoti Client SDK ID='{0}'", _clientSdkId));
+        }
+
+        // GET: /advanced-identity-share
+        [Route("advanced-identity-share")]
+        public IActionResult DigitalIdentity()
+        {
+            try
+            {
+                string yotiKeyFilePath = Environment.GetEnvironmentVariable("YOTI_KEY_FILE_PATH");
+                _logger.LogInformation(
+                    string.Format(
+                        "yotiKeyFilePath='{0}'",
+                        yotiKeyFilePath));
+
+                StreamReader privateKeyStream = System.IO.File.OpenText(yotiKeyFilePath);
+
+                var yotiClient = new DigitalIdentityClient(_clientSdkId, privateKeyStream);
+
+                string advancedIdentityProfileJson = @"
+            {
+                ""profiles"": [
+                    {
+                        ""trust_framework"": ""YOTI_GLOBAL"",
+                        ""schemes"": [
+                            {
+                                ""label"": ""identity-AL-L1"",
+                                ""type"": ""IDENTITY"",
+                                ""objective"": ""AL_L1"",
+
+                            },
+                            {
+                                ""label"": ""identity-AL-M1"",
+                                ""type"": ""IDENTITY"",
+                                ""objective"": ""AL_M1"",
+
+                            }
+                        ]
+                    }
+                ]
+
+            }";
+
+                var advancedIdentityProfile = JsonConvert.DeserializeObject<AdvancedIdentityProfile>(advancedIdentityProfileJson);
+
+                var policy = new PolicyBuilder()
+                    .WithAdvancedIdentityProfileRequirements(advancedIdentityProfile)
+                    .Build();
+
+                var sessionReq = new ShareSessionRequestBuilder().WithPolicy(policy)
+                    .WithRedirectUri("https:/www.yoti.com")
+                    .Build();
+
+                var SessionResult = yotiClient.CreateShareSession(sessionReq);
+
+                var sharedReceiptResponse = new SharedReceiptResponse();
+                ViewBag.YotiClientSdkId = _clientSdkId;
+                ViewBag.sessionID = SessionResult.Id;
+
+                return View("AdvancedIdentityShare", sharedReceiptResponse);
+            }
+            catch (Exception e)
+            {
+                _logger.LogError(
+                     exception: e,
+                     message: e.Message);
+
+                TempData["Error"] = e.Message; 
+                TempData["InnerException"] = e.InnerException?.Message;
+                return RedirectToAction("Error", "Success");
+            }
+        }
+    } 
+}

src/Examples/DigitalIdentity/DigitalIdentity/Controllers/DbsController.cs

@@ -0,0 +1,92 @@
+using System;
+using System.IO;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using Yoti.Auth;
+using Yoti.Auth.DigitalIdentity;
+using Yoti.Auth.DigitalIdentity.Policy;
+
+namespace DigitalIdentityExample.Controllers
+{
+    public class DbsController : Controller
+    {
+        private readonly string _clientSdkId;
+        private readonly ILogger _logger;
+        public DbsController(ILogger<DbsController> logger)
+        {
+            _logger = logger;
+
+            _clientSdkId = Environment.GetEnvironmentVariable("YOTI_CLIENT_SDK_ID");
+            _logger.LogInformation(string.Format("Yoti Client SDK ID='{0}'", _clientSdkId));
+        }
+
+        // GET: /generate-share
+        [Route("dbs-share")]
+        public IActionResult DigitalIdentity()
+        {
+            try
+            {
+                string yotiKeyFilePath = Environment.GetEnvironmentVariable("YOTI_KEY_FILE_PATH");
+                _logger.LogInformation(
+                    string.Format(
+                        "yotiKeyFilePath='{0}'",
+                        yotiKeyFilePath));
+
+                StreamReader privateKeyStream = System.IO.File.OpenText(yotiKeyFilePath);
+
+                var yotiClient = new DigitalIdentityClient(_clientSdkId, privateKeyStream);
+
+                var givenNamesWantedAttribute = new WantedAttributeBuilder()
+                    .WithName("given_names")
+                    .WithOptional(false)
+                    .Build();
+
+                var notification = new NotificationBuilder()
+                    .WithUrl("https://example.com/webhook")
+                    .WithMethod("POST")
+                    .WithVerifyTls(true)
+                    .Build();
+
+                var policy = new PolicyBuilder()
+                    .WithIdentityProfileRequirements(new
+                    {
+                        trust_framework = "UK_TFIDA",
+                        scheme = new
+                        {
+                            type = "DBS",
+                            objective = "BASIC"
+                        }
+                    })
+                    .Build();
+
+                var sessionReq = new ShareSessionRequestBuilder()
+                    .WithPolicy(policy)
+                    .WithNotification(notification)
+                    .WithRedirectUri("https:/www.yoti.com")
+                    .WithSubject(new
+                    {
+                        subject_id = "some_subject_id_string"
+                    }).Build();
+
+                var SessionResult = yotiClient.CreateShareSession(sessionReq);
+
+                var sharedReceiptResponse = new SharedReceiptResponse();
+
+                ViewBag.YotiClientSdkId = _clientSdkId;
+                ViewBag.sessionID = SessionResult.Id;
+
+                return View("Dbs", sharedReceiptResponse);
+            }
+            catch (Exception e)
+            {
+                _logger.LogError(
+                     exception: e,
+                     message: e.Message);
+
+                TempData["Error"] = e.Message; 
+                TempData["InnerException"] = e.InnerException?.Message;
+                return RedirectToAction("Error", "Success");
+            }
+        }
+    } 
+}