fix:539

.NET and .NET Framework January 2025 servicing releases updates Related work items: #539
pagopa · Jan 15, 2025 · a10d718 · a10d718
1 parent 20b802b
commit a10d718
Show file tree

Hide file tree

Showing 3 changed files with 54 additions and 7 deletions.
diff --git a/src/Core/PortaleFatture.BE.Core/Auth/CustomClaim.cs b/src/Core/PortaleFatture.BE.Core/Auth/CustomClaim.cs
@@ -11,6 +11,7 @@ public static class CustomClaim
     public static string Email = "email";
     public static string IdTipoContratto = "idTipoContratto";
     public static string Uid = "uid";
+    public static string Expire = "exp";
     public static string Organization = "organization";
     public static string GruppoRuolo = "gruppoRuolo";
     public static string Auth = "auth";

diff --git a/src/Infrastructure/PortaleFatture.BE.Infrastructure/Gateway/SelfCareTokenService.cs b/src/Infrastructure/PortaleFatture.BE.Infrastructure/Gateway/SelfCareTokenService.cs
@@ -1,9 +1,12 @@
-using System.IdentityModel.Tokens.Jwt;
+using System.Globalization;
+using System.IdentityModel.Tokens.Jwt;
 using System.Security;
 using System.Security.Claims;
 using System.Security.Cryptography;
 using Microsoft.Extensions.Logging;
 using Microsoft.IdentityModel.Tokens;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using PortaleFatture.BE.Core.Auth;
 using PortaleFatture.BE.Core.Auth.SelfCare;
 using PortaleFatture.BE.Core.Common;
@@ -17,7 +20,7 @@ public class SelfCareTokenService : ISelfCareTokenService
     private readonly ILogger<SelfCareTokenService> _logger;
     private readonly IPortaleFattureOptions _options;
     public SelfCareTokenService(
-        ISelfCareHttpClient httpClient, 
+        ISelfCareHttpClient httpClient,
         IPortaleFattureOptions options,
         ILogger<SelfCareTokenService> logger)
     {
@@ -53,6 +56,49 @@ private SelfCareDto Mapper(ClaimsPrincipal? tk)
         };
     }
 
+    private string ReadJwt(string selfcareToken)
+    {
+        var data = string.Empty;
+        try
+        { 
+            var handler = new JwtSecurityTokenHandler();
+            if (handler.CanReadToken(selfcareToken))
+            {
+                var token = handler.ReadJwtToken(selfcareToken);
+
+                foreach (var claim in token.Claims)
+                {
+                    if(claim.Type  == CustomClaim.Uid)
+                        data += "uid: " + claim.Value + " ";
+
+                    if (claim.Type == CustomClaim.Expire)
+                    {
+                        var expirationTimeUtc = DateTimeOffset.FromUnixTimeSeconds(Convert.ToInt64(claim.Value)).UtcDateTime;
+                        var italianTimeZone = TimeZoneInfo.FindSystemTimeZoneById("Central European Standard Time");
+                        var expirationTimeLocal = TimeZoneInfo.ConvertTimeFromUtc(expirationTimeUtc, italianTimeZone); 
+                        var italianCulture = new CultureInfo("it-IT");
+                        string formattedDate = expirationTimeLocal.ToString("f", italianCulture);
+                        data += "exp: " + formattedDate + " ";
+                    }
+
+                    if (claim.Type == CustomClaim.Organization)
+                    {
+                        dynamic? jsonObject = JsonConvert.DeserializeObject<dynamic>(claim.Value!);
+                        data += $" idEnte: {jsonObject!.id}" + $" Ente: {jsonObject!.name} ";
+                    }
+
+                }
+                return data;
+            }
+            else
+                return string.Empty;
+        }
+        catch
+        {
+            return string.Empty;
+        } 
+    }
+
     private (ClaimsPrincipal?, bool) Verify(CertificateKey? certificate, string selfcareToken, bool requireExpirationTime)
     {
         var rsa = new RSACryptoServiceProvider();
@@ -66,7 +112,7 @@ private SelfCareDto Mapper(ClaimsPrincipal? tk)
         var validationParameters = new TokenValidationParameters
         {
             RequireExpirationTime = requireExpirationTime,
-            RequireSignedTokens = true, 
+            RequireSignedTokens = true,
             ValidAudience = _options.SelfCareAudience,
             ValidateAudience = true,
             ValidIssuer = _options.SelfCareUri,
@@ -85,8 +131,8 @@ private SelfCareDto Mapper(ClaimsPrincipal? tk)
         }
         catch
         {
-            var msg = "Token Exchange Expired! ExJwt: { jwt }";
-            _logger.LogError(msg, selfcareToken);
+            var msg = $"Token Exchange Expired! {ReadJwt(selfcareToken)}";
+            _logger.LogError(msg);
             throw new SecurityException(msg);
         }
         return (claimPrincipal, true);

diff --git a/src/Presentation/PortaleFatture.BE.Api/Dockerfile b/src/Presentation/PortaleFatture.BE.Api/Dockerfile
@@ -1,12 +1,12 @@
 #See https://aka.ms/customizecontainer to learn how to customize your debug container and how Visual Studio uses this Dockerfile to build your images for faster debugging.
 
-FROM mcr.microsoft.com/dotnet/aspnet:8.0@sha256:84a93198d134a82a8f41c88b96adc6bfc2caf1d91ad25d5f25d90279938e1c4d AS base
+FROM mcr.microsoft.com/dotnet/aspnet:8.0@sha256:587c1dd115e4d6707ff656d30ace5da9f49cec48e627a40bbe5d5b249adc3549 AS base
 USER app
 WORKDIR /app
 EXPOSE 80
 EXPOSE 443
 
-FROM mcr.microsoft.com/dotnet/sdk:8.0@sha256:a364676fedc145cf88caad4bfb3cc372aae41e596c54e8a63900a2a1c8e364c6 AS build
+FROM mcr.microsoft.com/dotnet/sdk:8.0@sha256:b27b1354af00b7d4c922d74084f5c8a5cbf51f96de9ab855812bf17cbf176dd2 AS build
 
 ARG BUILD_CONFIGURATION=Release
 WORKDIR /src