Fix #378: Authentication handlers

.github/workflows/CodeQuality.yml

@@ -8,7 +8,7 @@ on:
 jobs:
   build:
     name: Build
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -79,7 +79,7 @@ jobs:
         run: dotnet-coverage collect --output CoverageResults/integration.test.report.coverage.xml --output-format cobertura --session-id integrationtestsession "dotnet run --project CometServer/CometServer.csproj -c Debug" &
 
       - name: Wait for API to start
-        run: sleep 60  # Adjust as necessary to ensure the API is up
+        run: sleep 70  # Adjust as necessary to ensure the API is up
 
       - name: Checkout Integration Test Suite
         uses: actions/checkout@v4

CDP4Orm.Tests/UtilsTestFixture.cs

@@ -1,4 +1,4 @@
-// --------------------------------------------------------------------------------------------------------------------
+// --------------------------------------------------------------------------------------------------------------------
 // <copyright file="UtilsTestFixture.cs" company="Starion Group S.A.">
 //    Copyright (c) 2015-2024 Starion Group S.A.
 //

CDP4Orm/Dao/Authentication/AuthenticationPersonDao.cs

@@ -1,22 +1,22 @@
 // --------------------------------------------------------------------------------------------------------------------
 // <copyright file="AuthenticationPersonDao.cs" company="Starion Group S.A.">
-//    Copyright (c) 2015-2023 Starion Group S.A.
-//
+//    Copyright (c) 2015-2025 Starion Group S.A.
+// 
 //    Author: Sam Gerené, Alex Vorobiev, Alexander van Delft, Nathanael Smiechowski, Antoine Théate
-//
-//    This file is part of CDP4-COMET Webservices Community Edition. 
-//    The CDP4-COMET Webservices Community Edition is the STARION implementation of ECSS-E-TM-10-25 Annex A and Annex C.
-//
-//    The CDP4-COMET Webservices Community Edition is free software; you can redistribute it and/or
+// 
+//    This file is part of CDP4-COMET Webservices Community Edition.
+//    The CDP4-COMET Web Services Community Edition is the Starion implementation of ECSS-E-TM-10-25 Annex A and Annex C.
+// 
+//    The CDP4-COMET Web Services Community Edition is free software; you can redistribute it and/or
 //    modify it under the terms of the GNU Affero General Public
 //    License as published by the Free Software Foundation; either
 //    version 3 of the License, or (at your option) any later version.
-//
-//    The CDP4-COMET Webservices Community Edition is distributed in the hope that it will be useful,
+// 
+//    The CDP4-COMET Web Services Community Edition is distributed in the hope that it will be useful,
 //    but WITHOUT ANY WARRANTY; without even the implied warranty of
 //    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-//    GNU Affero General Public License for more details.
-//
+//    Lesser General Public License for more details.
+// 
 //    You should have received a copy of the GNU Affero General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 // </copyright>
@@ -100,6 +100,59 @@ public async Task<IEnumerable<AuthenticationPerson>> Read(NpgsqlTransaction tran
             return result;
         }
 
+        /// <summary>
+        /// Read the data from the database.
+        /// </summary>
+        /// <param name="transaction">
+        /// The current transaction to the database.
+        /// </param>
+        /// <param name="partition">
+        /// The database partition (schema) where the requested resource is stored.
+        /// </param>
+        /// <param name="userId">
+        /// User Iid to retrieve from the database.
+        /// </param>
+        /// <param name="instant">
+        /// The instant as a nullable <see cref="DateTime"/>
+        /// </param>
+        /// <returns>
+        /// List of instances of <see cref="AuthenticationPerson"/>.
+        /// </returns>
+        public async Task<IEnumerable<AuthenticationPerson>> Read(NpgsqlTransaction transaction, string partition, Guid userId, DateTime? instant = null)
+        {
+            var result = new List<AuthenticationPerson>();
+
+            await using var command = new NpgsqlCommand();
+
+            var sqlBuilder = new System.Text.StringBuilder();
+
+            sqlBuilder.Append(this.PersonDao.BuildReadQuery(partition, instant));
+
+            sqlBuilder.Append(" WHERE \"Iid\" = :userId");
+            command.Parameters.Add("userId", NpgsqlDbType.Uuid).Value = userId;
+
+            if (instant.HasValue && instant.Value != DateTime.MaxValue)
+            {
+                command.Parameters.Add("instant", NpgsqlDbType.Timestamp).Value = instant;
+            }
+
+            sqlBuilder.Append(';');
+
+            command.Connection = transaction.Connection;
+            command.Transaction = transaction;
+            command.CommandText = sqlBuilder.ToString();
+
+            await using var reader = await command.ExecuteReaderAsync();
+
+            while (await reader.ReadAsync())
+            {
+                var authenticationPerson = MapToDto(reader);
+                result.Add(authenticationPerson);
+            }
+
+            return result;
+        }
+
         /// <summary>
         /// The mapping from a database record to data transfer object.
         /// </summary>
@@ -114,11 +167,11 @@ private static AuthenticationPerson MapToDto(NpgsqlDataReader reader)
             var valueDict = (Dictionary<string, string>)reader["ValueTypeSet"];
             var iid = Guid.Parse(reader["Iid"].ToString());
             var revisionNumber = int.Parse(valueDict["RevisionNumber"]);
-            
+
             var dto = new AuthenticationPerson(iid, revisionNumber)
             {
                 Role = reader["Role"] is DBNull ? null : Guid.Parse(reader["Role"].ToString()),
-                DefaultDomain = reader["DefaultDomain"] is DBNull? null : Guid.Parse(reader["DefaultDomain"].ToString()),
+                DefaultDomain = reader["DefaultDomain"] is DBNull ? null : Guid.Parse(reader["DefaultDomain"].ToString()),
                 Organization = reader["Organization"] is DBNull ? null : Guid.Parse(reader["Organization"].ToString())
             };
 
@@ -147,7 +200,7 @@ private static AuthenticationPerson MapToDto(NpgsqlDataReader reader)
                 // map shortname to UserName
                 dto.UserName = tempShortName.UnEscape();
             }
-            
+
             return dto;
         }
     }

CDP4Orm/Dao/Authentication/IAuthenticationPersonDao.cs

@@ -1,22 +1,22 @@
 // --------------------------------------------------------------------------------------------------------------------
 // <copyright file="IAuthenticationPersonDao.cs" company="Starion Group S.A.">
-//    Copyright (c) 2015-2023 Starion Group S.A.
-//
-//    Author: Sam Gerené, Alex Vorobiev, Alexander van Delft, Nathanael Smiechowski, Antoine Théate
-//
-//    This file is part of CDP4-COMET Webservices Community Edition. 
-//    The CDP4-COMET Webservices Community Edition is the STARION implementation of ECSS-E-TM-10-25 Annex A and Annex C.
-//
-//    The CDP4-COMET Webservices Community Edition is free software; you can redistribute it and/or
+//    Copyright (c) 2015-2025 Starion Group S.A.
+// 
+//    Author: Sam Gerené, Alex Vorobiev, Alexander van Delft, Nathanael Smiechowski, Antoine Théate
+// 
+//    This file is part of CDP4-COMET Webservices Community Edition.
+//    The CDP4-COMET Web Services Community Edition is the Starion implementation of ECSS-E-TM-10-25 Annex A and Annex C.
+// 
+//    The CDP4-COMET Web Services Community Edition is free software; you can redistribute it and/or
 //    modify it under the terms of the GNU Affero General Public
 //    License as published by the Free Software Foundation; either
 //    version 3 of the License, or (at your option) any later version.
-//
-//    The CDP4-COMET Webservices Community Edition is distributed in the hope that it will be useful,
+// 
+//    The CDP4-COMET Web Services Community Edition is distributed in the hope that it will be useful,
 //    but WITHOUT ANY WARRANTY; without even the implied warranty of
 //    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-//    GNU Affero General Public License for more details.
-//
+//    Lesser General Public License for more details.
+// 
 //    You should have received a copy of the GNU Affero General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 // </copyright>
@@ -56,5 +56,25 @@ public interface IAuthenticationPersonDao
         /// List of instances of <see cref="AuthenticationPerson"/>.
         /// </returns>
         Task<IEnumerable<AuthenticationPerson>> Read(NpgsqlTransaction transaction, string partition, string userName, DateTime? instant = null);
+
+        /// <summary>
+        /// Read the data from the database.
+        /// </summary>
+        /// <param name="transaction">
+        /// The current transaction to the database.
+        /// </param>
+        /// <param name="partition">
+        /// The database partition (schema) where the requested resource is stored.
+        /// </param>
+        /// <param name="userId">
+        /// User Iid to retrieve from the database.
+        /// </param>
+        /// <param name="instant">
+        /// The instant as a nullable <see cref="DateTime"/>
+        /// </param>
+        /// <returns>
+        /// List of instances of <see cref="AuthenticationPerson"/>.
+        /// </returns>
+        Task<IEnumerable<AuthenticationPerson>> Read(NpgsqlTransaction transaction, string partition, Guid userId, DateTime? instant = null);
     }
-}
+}

COMET-WebServices.sln.DotSettings

@@ -250,7 +250,6 @@
 
    This file is part of CDP4-COMET Webservices Community Edition. 
    The CDP4-COMET Web Services Community Edition is the Starion implementation of ECSS-E-TM-10-25 Annex A and Annex C.
-   This is an auto-generated class. Any manual changes to this file will be overwritten!
 
    The CDP4-COMET Web Services Community Edition is free software; you can redistribute it and/or
    modify it under the terms of the GNU Affero General Public
@@ -280,6 +279,7 @@
 	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002ECSharpKeepExistingMigration/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002ECSharpPlaceEmbeddedOnSameLineMigration/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002ECSharpUseContinuousIndentInsideBracesMigration/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002EMemberReordering_002EMigrations_002ECSharpFileLayoutPatternRemoveIsAttributeUpgrade/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002ESettingsUpgrade_002EAlwaysTreatStructAsNotReorderableMigration/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002ESettingsUpgrade_002EMigrateBlankLinesAroundFieldToBlankLinesAroundProperty/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002ESettingsUpgrade_002EPredefinedNamingRulesToUserRulesUpgrade/@EntryIndexedValue">True</s:Boolean>

CometServer.Tests/Authentication/Anonymous/AnonymousAuthenticationHandlerTestFixture.cs

@@ -0,0 +1,88 @@
+// --------------------------------------------------------------------------------------------------------------------
+// <copyright file="AnonymousAuthenticationHandlerTestFixture.cs" company="Starion Group S.A.">
+//    Copyright (c) 2015-2025 Starion Group S.A.
+// 
+//    Author: Sam Gerené, Alex Vorobiev, Alexander van Delft, Nathanael Smiechowski, Antoine Théate
+// 
+//    This file is part of CDP4-COMET Webservices Community Edition.
+//    The CDP4-COMET Web Services Community Edition is the Starion implementation of ECSS-E-TM-10-25 Annex A and Annex C.
+// 
+//    The CDP4-COMET Web Services Community Edition is free software; you can redistribute it and/or
+//    modify it under the terms of the GNU Affero General Public
+//    License as published by the Free Software Foundation; either
+//    version 3 of the License, or (at your option) any later version.
+// 
+//    The CDP4-COMET Web Services Community Edition is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+//    Affero General Public License for more details.
+// 
+//    You should have received a copy of the GNU Affero General Public License
+//    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+// </copyright>
+// --------------------------------------------------------------------------------------------------------------------
+
+namespace CometServer.Tests.Authentication.Anonymous
+{
+    using System.Linq;
+    using System.Security.Claims;
+    using System.Text.Encodings.Web;
+    using System.Threading.Tasks;
+
+    using CometServer.Authentication.Anonymous;
+
+    using Microsoft.AspNetCore.Authentication;
+    using Microsoft.AspNetCore.Http;
+    using Microsoft.Extensions.Logging;
+    using Microsoft.Extensions.Options;
+
+    using Moq;
+
+    using NUnit.Framework;
+
+    [TestFixture]
+    public class AnonymousAuthenticationHandlerTestFixture
+    {
+        public AnonymousAuthenticationHandler handler;
+        public Mock<IOptionsMonitor<AnonymousAuthenticationOptions>> optionsMonitor;
+        public Mock<ILoggerFactory> loggerFactory;
+        public Mock<UrlEncoder> encoder;
+        public Mock<ISystemClock> systemClock;
+
+        [SetUp]
+        public void Setup()
+        {
+            this.optionsMonitor = new Mock<IOptionsMonitor<AnonymousAuthenticationOptions>>();
+
+            this.optionsMonitor
+                .Setup(x => x.Get(It.IsAny<string>()))
+                .Returns(new AnonymousAuthenticationOptions());
+
+            this.loggerFactory = new Mock<ILoggerFactory>();
+            var logger = new Mock<ILogger<AnonymousAuthenticationHandler>>();
+            this.loggerFactory.Setup(x => x.CreateLogger(It.IsAny<string>())).Returns(logger.Object);
+
+            this.encoder = new Mock<UrlEncoder>();
+            this.systemClock = new Mock<ISystemClock>();
+            this.handler = new AnonymousAuthenticationHandler(this.optionsMonitor.Object, this.loggerFactory.Object, this.encoder.Object, this.systemClock.Object);
+        }
+
+        [Test]
+        public async Task VerifyHandleAnonymousAuthentication()
+        {
+            var context = new DefaultHttpContext();
+
+            await this.handler.InitializeAsync(new AuthenticationScheme(AnonymousAuthenticationDefaults.AuthenticationScheme, AnonymousAuthenticationDefaults.DisplayName,
+                typeof(AnonymousAuthenticationHandler)), context);
+
+            var result = await this.handler.AuthenticateAsync();
+
+            Assert.Multiple(() =>
+            {
+                Assert.That(result.Succeeded, Is.True);
+                Assert.That(result.Principal, Is.Not.Null);
+                Assert.That(result.Principal.Claims.Single(x => x.Type == ClaimTypes.Name).Value, Is.EqualTo("anonymous"));
+            });
+        }
+    }
+}