Merge pull request #7 from TechnologyEnhancedLearning/master

RC hot fix - Merge into releases/Phoenix

Author: binon

.github/azure-pipelines-ci.yml

@@ -0,0 +1,97 @@
+# Agent Queue 'Azure Pipelines' was used with unrecognized Agent Specification, vmImage property must be specified to determine image - https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops&tabs=yaml#software
+variables:
+- name: BuildParameters.RestoreBuildProjects
+  value: '**/*.csproj'
+- name: BuildParameters.TestProjects
+  value: '**/*[Tt]ests/*.csproj'
+trigger:
+  - CI
+name: $(date:yyyyMMdd)$(rev:.r)
+resources:
+  repositories:
+  - repository: self
+    type: git
+    ref: refs/heads/CI
+jobs:
+- job: Job_1
+  displayName: Agent job
+  pool:
+    vmImage: windows-latest
+  steps:
+  - checkout: self
+    clean: true
+    fetchTags: false
+  - task: NodeTool@0
+    displayName: Use Node 12.19
+    inputs:
+      versionSpec: 12.19
+  - task: Npm@1
+    displayName: npm custom
+    inputs:
+      command: custom
+      workingDir: Auth/LearningHub.Nhs.Auth
+      verbose: false
+      customCommand: install -f
+  - task: Npm@1
+    displayName: run webpack build
+    inputs:
+      command: custom
+      workingDir: Auth/LearningHub.Nhs.Auth
+      verbose: false
+      customCommand: run build
+  - task: NuGetToolInstaller@1
+    displayName: Use NuGet 5.8
+    inputs:
+      versionSpec: 5.8
+  - task: NuGetCommand@2
+    displayName: NuGet restore
+    inputs:
+      feedRestore: d99eaf2c-ad74-4a35-876e-f7dc1e45a604
+  - task: DotNetCoreCLI@2
+    displayName: Restore
+    inputs:
+      command: restore
+      projects: $(BuildParameters.RestoreBuildProjects)
+  - task: DotNetCoreCLI@2
+    displayName: Build
+    inputs:
+      projects: $(BuildParameters.RestoreBuildProjects)
+      arguments: --configuration $(BuildConfiguration) /p:Platform=x64
+  - task: DotNetCoreCLI@2
+    displayName: Test
+    enabled: False
+    inputs:
+      command: test
+      projects: $(BuildParameters.TestProjects)
+      arguments: --configuration $(BuildConfiguration)
+  - task: DotNetCoreCLI@2
+    displayName: Publish Auth
+    inputs:
+      command: publish
+      publishWebProjects: false
+      projects: '**/*LearningHub.Nhs.Auth.csproj'
+      arguments: --configuration $(BuildConfiguration) --output $(build.artifactstagingdirectory)/Auth
+      zipAfterPublish: True
+  - task: PublishBuildArtifacts@1
+    displayName: Publish Artifact Auth
+    condition: succeededOrFailed()
+    inputs:
+      PathtoPublish: $(build.artifactstagingdirectory)/Auth
+      ArtifactName: Auth
+      TargetPath: '\\my\share\$(Build.DefinitionName)\$(Build.BuildNumber)'
+  - task: DotNetCoreCLI@2
+    displayName: Publish UserAPI
+    inputs:
+      command: publish
+      publishWebProjects: false
+      projects: '**/*LearningHub.Nhs.UserApi.csproj'
+      arguments: --configuration $(BuildConfiguration) --output $(build.artifactstagingdirectory)/UserAPI
+      zipAfterPublish: True
+  - task: PublishBuildArtifacts@1
+    displayName: Publish Artifact UserAPI
+    condition: succeededOrFailed()
+    inputs:
+      PathtoPublish: $(build.artifactstagingdirectory)/UserAPI
+      ArtifactName: UserAPI
+      TargetPath: '\\my\share\$(Build.DefinitionName)\$(Build.BuildNumber)'
+...

.github/workflows/continuous-integration-workflow.yml

@@ -1,5 +1,5 @@
 name: Continuous Integration
-on: [pull_request]
+on: [push]
 env:
   BuildParameters.RestoreBuildProjects: '**/*.csproj'
   BuildParameters.TestProjects: '**/*[Tt]ests/*.csproj'

Auth/LearningHub.Nhs.Auth/Configuration/WebSettings.cs

@@ -55,5 +55,10 @@ public class WebSettings
         /// Gets or sets the SupportForm.
         /// </summary>
         public string SupportForm { get; set; }
-    }
+
+        /// <summary>
+        /// Gets or sets the SupportFeedbackForm.
+        /// </summary>
+        public string SupportFeedbackForm { get; set; }
+  }
 }

Auth/LearningHub.Nhs.Auth/Controllers/AccountController.cs

@@ -334,6 +334,7 @@ private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl)
 
                 // Base _layout.cshtml template config
                 this.ViewData["AuthMainTitle"] = loginClientTemplate.AuthMainTitle;
+                this.ViewData["ClientUrl"] = loginClientTemplate.ClientUrl;
                 this.ViewData["ClientLogoUrl"] = loginClientTemplate.ClientLogoUrl;
                 this.ViewData["ClientLogoSrc"] = loginClientTemplate.ClientLogoSrc;
                 this.ViewData["ClientLogoAltText"] = loginClientTemplate.ClientLogoAltText;
@@ -380,7 +381,6 @@ private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl)
                 if (client != null)
                 {
                     allowLocal = client.EnableLocalLogin;
-
                     if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any())
                     {
                         providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList();

Auth/LearningHub.Nhs.Auth/Filters/SecurityHeadersAttribute.cs

@@ -37,7 +37,7 @@ public override void OnResultExecuting(ResultExecutingContext context)
 
                 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
                 ////var csp = "default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';";
-                var csp = "object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';";
+                var csp = "object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self';";
                 //// also consider adding upgrade-insecure-requests once you have HTTPS in place for production
                 ////csp += "upgrade-insecure-requests;";
                 //// also an example if you need client images to be displayed from twitter

Auth/LearningHub.Nhs.Auth/Program.cs

@@ -17,7 +17,7 @@
 
 var builder = WebApplication.CreateBuilder(args);
 
-builder.Configuration.AddUserSecrets(string.Empty);
+builder.Configuration.AddUserSecrets("a2ecb5d2-cf13-4551-9cb6-3d86dfbcf8ef");
 
 builder.Logging.ClearProviders();
 

Auth/LearningHub.Nhs.Auth/Styles/sso.scss

@@ -10,22 +10,6 @@ body {
     background-color: $nhsuk-grey-white;
 }
 
-header {
-    background-color: $nhsuk-blue;
-    height: 112px;
-    padding: 0 15px;
-}
-
-footer {
-    background-color: $nhsuk-blue;
-    height: 130px;
-    padding: 0 15px;
-    position: absolute;
-    left: 0;
-    bottom: 0;
-    width: 100%;
-}
-
 a {
     text-decoration: underline;
 }

Auth/LearningHub.Nhs.Auth/Views/Shared/LearningHub/_Layout.cshtml

@@ -38,6 +38,10 @@
   <header class="nhsuk-header" role="banner">
     <partial name="~/Views/Shared/LearningHub/_NavPartial.cshtml" />
   </header>
+  <div class="nhsuk-width-container app-width-container beta-banner">
+    <span class="beta-banner__beta-box">BETA</span>
+    <span class="beta-banner__text">This is a new platform - your <a href="@(settings.Value.SupportFeedbackForm)" target="_blank">feedback</a> will help us to improve it.</span>
+  </div>
   <div class="nhsuk-width-container app-width-container--full">
     <main role="main" id="maincontent" class="nhsuk-main-wrapper app-main-wrapper--no-padding nhsuk-bg-white">
       @RenderBody()

Auth/LearningHub.Nhs.Auth/Views/Shared/LearningHub/_NavPartial.cshtml

@@ -1,24 +1,24 @@
 <div class="nhsuk-width-container nhsuk-header__container app-width-container @PreLoginClass()">
-  <div class="nhsuk-header__logo">
-    <a class="nhsuk-header__link nhsuk-header__link--service " href="/" aria-label="NHS homepage">
-      <svg class="nhsuk-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 40 16" height="40" width="100">
-        <path class="nhsuk-logo__background" fill="#005eb8" d="M0 0h40v16H0z"></path>
-        <path class="nhsuk-logo__text" fill="#fff" d="M3.9 1.5h4.4l2.6 9h.1l1.8-9h3.3l-2.8 13H9l-2.7-9h-.1l-1.8 9H1.1M17.3 1.5h3.6l-1 4.9h4L25 1.5h3.5l-2.7 13h-3.5l1.1-5.6h-4.1l-1.2 5.6h-3.4M37.7 4.4c-.7-.3-1.6-.6-2.9-.6-1.4 0-2.5.2-2.5 1.3 0 1.8 5.1 1.2 5.1 5.1 0 3.6-3.3 4.5-6.4 4.5-1.3 0-2.9-.3-4-.7l.8-2.7c.7.4 2.1.7 3.2.7s2.8-.2 2.8-1.5c0-2.1-5.1-1.3-5.1-5 0-3.4 2.9-4.4 5.8-4.4 1.6 0 3.1.2 4 .6"></path>
-      </svg>
-      <span class="nhsuk-header__service-name">
-        Learning Hub
-      </span>
-    </a>
-  </div>
-  <div class="nhsuk-header__mobile-only-nav">
-  </div>
-  <div class="nhsuk-account__login nhsuk-header__not-mobile">
-  </div>
+    <div class="nhsuk-header__logo">
+        <a class="nhsuk-header__link nhsuk-header__link--service " href="https://@ViewData["ClientUrl"]" aria-label="NHS homepage">
+            <svg class="nhsuk-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 40 16" height="40" width="100">
+                <path class="nhsuk-logo__background" fill="#005eb8" d="M0 0h40v16H0z"></path>
+                <path class="nhsuk-logo__text" fill="#fff" d="M3.9 1.5h4.4l2.6 9h.1l1.8-9h3.3l-2.8 13H9l-2.7-9h-.1l-1.8 9H1.1M17.3 1.5h3.6l-1 4.9h4L25 1.5h3.5l-2.7 13h-3.5l1.1-5.6h-4.1l-1.2 5.6h-3.4M37.7 4.4c-.7-.3-1.6-.6-2.9-.6-1.4 0-2.5.2-2.5 1.3 0 1.8 5.1 1.2 5.1 5.1 0 3.6-3.3 4.5-6.4 4.5-1.3 0-2.9-.3-4-.7l.8-2.7c.7.4 2.1.7 3.2.7s2.8-.2 2.8-1.5c0-2.1-5.1-1.3-5.1-5 0-3.4 2.9-4.4 5.8-4.4 1.6 0 3.1.2 4 .6"></path>
+            </svg>
+            <span class="nhsuk-header__service-name">
+                Learning Hub
+            </span>
+        </a>
+    </div>
+    <div class="nhsuk-header__mobile-only-nav">
+    </div>
+    <div class="nhsuk-account__login nhsuk-header__not-mobile">
+    </div>
 </div>
 @functions {
-  public string PreLoginClass()
-  {
-    if (!User.Identity.IsAuthenticated) return "nhsuk-header__pre-login";
-    return "";
-  }
+    public string PreLoginClass()
+    {
+        if (!User.Identity.IsAuthenticated) return "nhsuk-header__pre-login";
+        return "";
+    }
 }

Auth/LearningHub.Nhs.Auth/Views/Shared/_Signout_Layout.cshtml

@@ -5,53 +5,49 @@
 <!DOCTYPE html>
 <html>
 <head>
-    <meta charset="utf-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>@ViewData["Title"] - Learning Hub Authentication</title>
-
-    <environment include="Development">
-        <link rel="stylesheet" href="~/lib/bootstrap/dist/css/bootstrap.css" />
-        <link rel="stylesheet" type="text/css" href="~/css/site.css" />
-        <link rel="stylesheet" type="text/css" href="~/css/auth.css" />
-        <link rel="stylesheet" type="text/css" href="~/lib/fontawesome-pro-5.9.0/css/all.css" />
-    </environment>
-    <environment exclude="Development">
-        <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css"
-              asp-fallback-href="~/lib/bootstrap/dist/css/bootstrap.min.css"
-              asp-fallback-test-class="sr-only" asp-fallback-test-property="position" asp-fallback-test-value="absolute"
-              crossorigin="anonymous"
-              integrity="sha256-eSi1q2PG6J7g7ib17yAaWMcrr5GrtohYChqibrV7PBE=" />
-
-        <link rel="stylesheet" type="text/css" href="~/css/site.min.css" />
-        <link rel="stylesheet" type="text/css" href="~/css/auth.min.css" />
-        <link rel="stylesheet" type="text/css" href="~/lib/fontawesome-pro-5.9.0/css/all.min.css" />
-    </environment>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>@ViewData["Title"] - Learning Hub Authentication</title>
+  <link rel="stylesheet" type="text/css" href="~/css/site.css" />
+  <link rel="stylesheet" type="text/css" href="~/css/auth.css" />
+  <environment include="Development">
+    <link rel="stylesheet" href="~/lib/bootstrap/dist/css/bootstrap.css" />
+    <link rel="stylesheet" type="text/css" href="~/lib/fontawesome-pro-5.9.0/css/all.css" />
+  </environment>
+  <environment exclude="Development">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css"
+          asp-fallback-href="~/lib/bootstrap/dist/css/bootstrap.min.css"
+          asp-fallback-test-class="sr-only" asp-fallback-test-property="position" asp-fallback-test-value="absolute"
+          crossorigin="anonymous"
+          integrity="sha256-eSi1q2PG6J7g7ib17yAaWMcrr5GrtohYChqibrV7PBE=" />
+    <link rel="stylesheet" type="text/css" href="~/lib/fontawesome-pro-5.9.0/css/all.min.css" />
+  </environment>
 </head>
 <body>
-    <div class="container-fluid">
-        <main role="main" id="maincontent" tabindex="-1">
-            @RenderBody()
-        </main>
-    </div>
+  <div class="container-fluid">
+    <main role="main" id="maincontent" tabindex="-1">
+      @RenderBody()
+    </main>
+  </div>
 
-    <environment include="Development">
-        <script src="~/lib/jquery/dist/jquery.js"></script>
-        <script src="~/lib/bootstrap/dist/js/bootstrap.bundle.js"></script>
-    </environment>
-    <environment exclude="Development">
-        <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"
-                asp-fallback-src="~/lib/jquery/dist/jquery.min.js"
-                asp-fallback-test="window.jQuery"
-                crossorigin="anonymous"
-                integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=">
-        </script>
-        <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.bundle.min.js"
-                asp-fallback-src="~/lib/bootstrap/dist/js/bootstrap.bundle.min.js"
-                asp-fallback-test="window.jQuery && window.jQuery.fn && window.jQuery.fn.modal"
-                crossorigin="anonymous"
-                integrity="sha256-E/V4cWE4qvAeO5MOhjtGtqDzPndRO1LBk8lJ/PR7CA4=">
-        </script>
-    </environment>
-    @RenderSection("Scripts", required: false)
+  <environment include="Development">
+    <script src="~/lib/jquery/dist/jquery.js"></script>
+    <script src="~/lib/bootstrap/dist/js/bootstrap.bundle.js"></script>
+  </environment>
+  <environment exclude="Development">
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"
+            asp-fallback-src="~/lib/jquery/dist/jquery.min.js"
+            asp-fallback-test="window.jQuery"
+            crossorigin="anonymous"
+            integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=">
+    </script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.bundle.min.js"
+            asp-fallback-src="~/lib/bootstrap/dist/js/bootstrap.bundle.min.js"
+            asp-fallback-test="window.jQuery && window.jQuery.fn && window.jQuery.fn.modal"
+            crossorigin="anonymous"
+            integrity="sha256-E/V4cWE4qvAeO5MOhjtGtqDzPndRO1LBk8lJ/PR7CA4=">
+    </script>
+  </environment>
+  @RenderSection("Scripts", required: false)
 </body>
 </html>