Bump Microsoft.Extensions.Caching.Abstractions from 6.0.0 to 8.0.0

.github/workflows/monthly-scan.yml

@@ -0,0 +1,51 @@
+name: Trufflehog Monthly Deep Scan
+
+
+on:
+  schedule:
+    - cron: "0 0 28-31 * *" 
+
+    #This scan will run on the last day of every month
+
+  push:
+    branches: [main, p3sprint/*, feature/*]
+jobs:
+  trufflehog-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+      - name: Install Trufflehog-latest
+        run: |
+          pip3 install trufflehog
+      - name: Run Trufflehog Monthly Deep Scan
+
+        #Configure the correct git url of the repo to be scanned
+        run: |
+          trufflehog https://github.com/Crown-Commercial-Service/ccs-ppg-notification-api.git --regex --entropy=FALSE
+
+      - name: Send email notification
+        uses: 
+          dawidd6/action-send-mail@v3.1.0
+        if: always()
+
+        with: 
+         server_address: ${{ secrets.SERVER_ADDRESS }}
+         server_port: ${{ secrets.SERVER_PORT }}
+         username: ${{ secrets.USER_NAME }}
+         password: ${{ secrets.PASSWORD }}
+         subject: Trufflehog Monthly Deep Scan
+         to: "rahulgandhi.jayabalan@brickendon.com,ponselvam.sakthivel@brickendon.com"
+         from: "secops@brickendon.com"
+         body: |
+
+           Hi,
+
+            The Trufflehog Monthly Deep Scan has completed for "${{ github.repository }}". Please review the results below:
+
+            Scan Job URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+            Scan Status: **${{ job.status }}**              
+
+           Thank You.           
+           Brickendon SecOps

.github/workflows/secrets-scan.yml

@@ -0,0 +1,64 @@
+name: Git Secrets Scan
+
+on:
+  schedule:
+    - cron: "0 0 * * *" 
+  push:
+    branches: [main, feature/*, p3sprint/*]
+
+jobs:
+  git-secrets-scan:
+    name: Git Secrets Scan
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v2
+
+    - name: Install git secrets
+      run: sudo apt-get update && sudo apt-get install git-secrets -y
+
+    - name: Add custom secrets patterns
+      run: git secrets --add '(\bBEGIN\b).*(PRIVATE KEY\b)'
+           && git secrets --add 'AKIA[0-9A-Z]{16}'
+           && git secrets --add '^([A-Za-z0-9/+=]{40,})$'
+           && git secrets --add '^ghp_[a-zA-Z0-9]{36}'
+           && git secrets --add '^github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}'
+           && git secrets --add '^v[0-9]\\.[0-9a-f]{40}'
+           && git secrets --add '[A-Za-z0-9+/]{88}=='
+           && git secrets --add '[A-Za-z0-9_-]{32}$'           
+           && git secrets --add 'conclavesso[0-9a-z-]{84}'
+           && git secrets --add '\\b[a-z0-9]{80}\\b'
+           && git secrets --add '\\b[A-Z0-9]{50}\\b'
+           && git secrets --add '\\b[A-Z0-9]{58}\\b'
+           && git secrets --add '^[a-zA-Z0-9_-]{32,64}$'
+
+    - name: Run git secrets scan
+      run: |      
+        git secrets --scan
+
+    - name: Send email notification
+      uses: 
+        dawidd6/action-send-mail@v3.1.0
+      if: always()
+
+      with: 
+         server_address: ${{ secrets.SERVER_ADDRESS }}
+         server_port: ${{ secrets.SERVER_PORT }}
+         username: ${{ secrets.USER_NAME }}
+         password: ${{ secrets.PASSWORD }}
+         subject: Git Secrets Scan Results
+         to: "ponselvam.sakthivel@brickendon.com, rahulgandhi.jayabalan@brickendon.com"
+         from: "secops@brickendon.com"
+         body: |
+
+           Hi,
+
+            The Git Secrets scan has completed for "${{ github.repository }}". Please review the results below:
+
+            Scan Job URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+            Scan Status: **${{ job.status }}**              
+
+           Thank You.           
+           Brickendon SecOps

Ccs.Ppg.NotificationService.API/Controllers/NotificationController.cs

@@ -12,10 +12,12 @@ namespace Ccs.Ppg.NotificationService.API.Controllers
     public class NotificationController : ControllerBase
     {
         private readonly IMessageProviderService _messageProviderService;
-        public NotificationController(IMessageProviderService messageProviderService)
+		    private readonly IEmailProviderService _emailProviderService;		
+		    public NotificationController(IMessageProviderService messageProviderService, IEmailProviderService emailProviderService)
         {
             _messageProviderService = messageProviderService;
-        }
+			      _emailProviderService = emailProviderService;
+		    }
         /// <summary>
         /// Allows a user to send SMS
         /// </summary>
@@ -39,11 +41,42 @@ public NotificationController(IMessageProviderService messageProviderService)
         /// </remarks>
 
         [HttpPost("sms")]
-        [SwaggerOperation(Tags = new[] { "notification/sms" })]
+        [SwaggerOperation(Tags = new[] { "Notification - SMS" })]
         [ProducesResponseType(typeof(bool), 200)]
         public async Task<bool> Post(MessageRequestModel message)
         {
             return await _messageProviderService.SendMessage(message);
-        }
-    }
+		    }
+
+		    /// <summary>
+		    /// Allows a user to send email
+		    /// </summary>
+		    /// <response  code="200">Ok</response>
+		    /// <response  code="401">Unauthorised</response>
+		    /// <response  code="403">Forbidden</response>
+		    /// <response  code="404">Not found</response>
+		    /// <response  code="400">Bad request. </response>
+		    /// <remarks>
+		    /// Sample request:
+		    ///
+		    ///     POST /notification/email
+		    ///        {
+		    ///        "to": "username@xxxx.com",
+		    ///        "templateId": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
+		    ///        "bodyContent": {
+		    ///                 "email": "UserName@xxxx.com",
+		    ///                 "additionalProp3": "string",
+		    ///                 "additionalProp3": "string"
+        ///                 }
+		    ///         }
+		    ///
+		    /// </remarks>
+
+		    [HttpPost("email")]
+		    [SwaggerOperation(Tags = new[] { "Notification - Email" })]
+	      public async Task SendEmailAsync(EmailInfo emailInfo)
+		    {
+           await _emailProviderService.SendEmailAsync(emailInfo);
+        }			      
+		}
 }

Ccs.Ppg.NotificationService.API/CustomOptions/ParameterStoreConfigurationProvider.cs

@@ -39,7 +39,9 @@ public async Task GetSecrets()
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "Message/ApiKey", "Message:ApiKey"));
       configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "Message/TemplateId", "Message:TemplateId"));
 
-      var dbName = _awsParameterStoreService.FindParameterByName(parameters, path + "ConnectionStrings/Name");
+			configurations.Add(_awsParameterStoreService.GetParameter(parameters, path + "Email/ApiKey", "Email:ApiKey"));
+
+			var dbName = _awsParameterStoreService.FindParameterByName(parameters, path + "ConnectionStrings/Name");
       var dbConnection = _awsParameterStoreService.FindParameterByName(parameters, path + "ConnectionStrings/CcsSso");
 
       if (!string.IsNullOrEmpty(dbName))

Ccs.Ppg.NotificationService.API/CustomOptions/VaultConfiguration.cs

@@ -56,7 +56,13 @@ public async Task GetSecrets()
         Data.Add("Message:TemplateId", messageSettingsVault.TemplateId);
       }
 
-      if (_secrets.Data.ContainsKey("ConnectionStrings"))
+			if (_secrets.Data.ContainsKey("Email"))
+			{
+				var messageSettingsVault = JsonConvert.DeserializeObject<MessageSettingsVault>(_secrets.Data["Email"].ToString());
+				Data.Add("Email:ApiKey", messageSettingsVault.ApiKey);
+			}
+
+			if (_secrets.Data.ContainsKey("ConnectionStrings"))
       {
         var connectionStringsSettingsVault = JsonConvert.DeserializeObject<ConnectionStringsSettingsVault>(_secrets.Data["ConnectionStrings"].ToString());
         Data.Add("ConnectionStrings:CcsSso", connectionStringsSettingsVault.CcsSso);

Ccs.Ppg.NotificationService.API/Program.cs

@@ -30,9 +30,15 @@
 // Add services to the container.
 builder.Services.ConfigureServices(builder.Configuration);
 
+string startupUrl = Environment.GetEnvironmentVariable("STARTUP_URL");
+if (!string.IsNullOrWhiteSpace(startupUrl))
+{
+  builder.WebHost.UseUrls(startupUrl);
+}
+
 var app = builder.Build();
 
 app.ConfigurePipeline();
 
 
-app.Run();
+app.Run();

Ccs.Ppg.NotificationService.API/Startup.cs

@@ -29,10 +29,7 @@ public static void ConfigureServices(this IServiceCollection services, Configura
 
     public static void ConfigurePipeline(this WebApplication app)
     {
-      if (app.Environment.IsDevelopment())
-      {
-        app.ConfigureSwagger();
-      }
+      app.ConfigureSwagger();
 
       app.UseHttpsRedirection();
 

Ccs.Ppg.NotificationService.API/appsecrets.json

@@ -14,6 +14,9 @@
   },
   "apis": {
     "OrganisationUrl": ""
+  },
+  "Email": {
+    "ApiKey": ""
   }
 }
 

Ccs.Ppg.NotificationService/Ccs.Ppg.NotificationService.csproj

@@ -12,6 +12,9 @@
     <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="6.0.0" />
     <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="6.0.0" />
     <PackageReference Include="Microsoft.Extensions.Http" Version="6.0.0" />
+	<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+	<PackageReference Include="System.Net.Http" Version="4.3.4" />
+	<PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
   </ItemGroup>
 
 </Project>

Ccs.Ppg.NotificationService/Model/EmailInfo.cs

@@ -0,0 +1,16 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Ccs.Ppg.NotificationService.Model
+{
+	public class EmailInfo
+	{
+		[Required(ErrorMessage = "Email is required Ex:UserName@example.com")]
+		public string To { get; set; }
+
+		[Required(ErrorMessage = "Email template is required")]
+		public string TemplateId { get; set; }
+
+		public Dictionary<string, string> BodyContent { get; set; }
+
+	}
+}

Ccs.Ppg.NotificationService/Services/AwsParameterStoreService.cs

@@ -16,12 +16,25 @@ public class AwsParameterStoreService : IAwsParameterStoreService
 
     public AwsParameterStoreService()
     {
-      string env = Environment.GetEnvironmentVariable("VCAP_SERVICES", EnvironmentVariableTarget.Process);
-      var envData = (JObject)JsonConvert.DeserializeObject(env);
-      string setting = JsonConvert.SerializeObject(envData["user-provided"].FirstOrDefault(obj => obj["name"].Value<string>().Contains("ssm-service")));
-      _settings = JsonConvert.DeserializeObject<AmazonSimpleSystemsManagementSettings>(setting.ToString());
-      var credentials = new BasicAWSCredentials(_settings.credentials.aws_access_key_id, _settings.credentials.aws_secret_access_key);
-      _client = new AmazonSimpleSystemsManagementClient(credentials, RegionEndpoint.GetBySystemName(_settings.credentials.region));
+      string accessKeyId = Environment.GetEnvironmentVariable("ACCESSKEYID");
+      string accessKeySecret = Environment.GetEnvironmentVariable("ACCESSKEYSECRET");
+      string region = Environment.GetEnvironmentVariable("REGION");
+
+      // Deployed in cloud foundry then will not get credentials from environment variable
+      if (string.IsNullOrWhiteSpace(accessKeyId) || string.IsNullOrWhiteSpace(accessKeySecret) || string.IsNullOrWhiteSpace(region))
+      {
+        string env = Environment.GetEnvironmentVariable("VCAP_SERVICES", EnvironmentVariableTarget.Process);
+        var envData = (JObject)JsonConvert.DeserializeObject(env);
+        string setting = JsonConvert.SerializeObject(envData["user-provided"].FirstOrDefault(obj => obj["name"].Value<string>().Contains("ssm-service")));
+        _settings = JsonConvert.DeserializeObject<AmazonSimpleSystemsManagementSettings>(setting.ToString());
+
+        accessKeyId = _settings.credentials.aws_access_key_id;
+        accessKeySecret = _settings.credentials.aws_secret_access_key;
+        region = _settings.credentials.region;
+      }
+
+      var credentials = new BasicAWSCredentials(accessKeyId, accessKeySecret);
+      _client = new AmazonSimpleSystemsManagementClient(credentials, RegionEndpoint.GetBySystemName(region));
     }
 
     public async Task<List<Parameter>> GetParameters(string path)

Ccs.Ppg.NotificationService/Services/EmailProviderService.cs

@@ -0,0 +1,42 @@
+using Ccs.Ppg.NotificationService.Model;
+using Ccs.Ppg.NotificationService.Services.IServices;
+using Microsoft.Extensions.Configuration;
+using Newtonsoft.Json;
+using Notify.Client;
+using Notify.Models.Responses;
+
+namespace Ccs.Ppg.NotificationService.Services
+{
+   public class EmailProviderService : IEmailProviderService
+	{
+		private readonly IConfiguration _configuration;
+		private readonly IHttpClientFactory _httpClientFactory;
+
+		public EmailProviderService(IConfiguration configuration, IHttpClientFactory httpClientFactory)
+		{
+			_configuration = configuration;
+			_httpClientFactory = httpClientFactory;
+		}
+		public async Task SendEmailAsync(EmailInfo emailInfo)
+		{
+			try
+			{ 
+			var apiKey = _configuration["Email:ApiKey"];
+
+			var client = _httpClientFactory.CreateClient();
+			var httpClientWithProxy = new HttpClientWrapper(client);
+				var notificationClient = new NotificationClient(httpClientWithProxy, apiKey);
+				var bodyContent = new Dictionary<string, dynamic>();
+				emailInfo.BodyContent.ToList().ForEach(pair => bodyContent.Add(pair.Key, pair.Value));
+        EmailNotificationResponse response = await notificationClient.SendEmailAsync(emailInfo.To, emailInfo.TemplateId, bodyContent);
+			}
+			catch (Exception ex)
+			{
+				Console.WriteLine(ex);
+				throw new Exception(ex.Message);
+			}
+		}
+	}
+}
+
+

Ccs.Ppg.NotificationService/Services/IServices/IEmailProviderService.cs

@@ -0,0 +1,14 @@
+using Ccs.Ppg.NotificationService.Model;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Ccs.Ppg.NotificationService.Services.IServices
+{
+	public interface IEmailProviderService
+	{
+		Task SendEmailAsync(EmailInfo emailInfo);
+	}
+}

Ccs.Ppg.NotificationService/Startup.cs

@@ -16,6 +16,7 @@ public static void AddServices(this IServiceCollection services, IConfiguration
     {
       services.AddScoped<IMessageProviderService, MessageProviderService>();
       services.AddScoped<IAwsParameterStoreService, AwsParameterStoreService>();
+      services.AddScoped<IEmailProviderService, EmailProviderService>();
     }
   }
 }

Ccs.Ppg.Utility.Authorization/Ccs.Ppg.Utility.Authorization.csproj

@@ -19,14 +19,15 @@
 		<PackageReference Include="Microsoft.AspNetCore.Routing" Version="2.2.2" />
 		<PackageReference Include="Microsoft.AspNetCore.Routing.Abstractions" Version="2.2.0" />
 		<PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
+		<PackageReference Include="System.Text.Encodings.Web" Version="7.0.0" />
 	</ItemGroup>
 
 	<ItemGroup>
 		<ProjectReference Include="..\Ccs.Ppg.Utility.Cache\Ccs.Ppg.Utility.Cache.csproj" Pack="true" PackagePath="/lib">
 			<Pack>true</Pack>
 			<IncludeAssets>all</IncludeAssets>
 		</ProjectReference>
-		<ProjectReference Include="..\Ccs.Ppg.Utility.Exceptions\Ccs.Ppg.Utility.Exceptions.csproj" Pack="true"  PackagePath="/lib">
+		<ProjectReference Include="..\Ccs.Ppg.Utility.Exceptions\Ccs.Ppg.Utility.Exceptions.csproj" Pack="true" PackagePath="/lib">
 			<IncludeAssets>all</IncludeAssets>
 		</ProjectReference>