Refactored order cancellation workflow + improved security scheme for endpoints (#60)

* Added M2MAccess role

* Improved ApplicationLogicException with exception object

* Redefined roles and policies

* Refactored logic for order cancellation / compensation events

* Updated apigateway Kiota clients

Author: falberthen

src/Core/EcommerceDDD.Core.Infrastructure/Identity/PoliciesAndRoles.cs

@@ -1,8 +1,7 @@
 namespace EcommerceDDD.Core.Infrastructure.Identity;
 
 public class Policies
-{
-    public const string M2MAccess = "M2MAccess";  // Machine to Machine
+{    
     public const string CanRead = "CanRead";
     public const string CanWrite = "CanWrite";
     public const string CanDelete = "CanDelete";
@@ -11,4 +10,5 @@ public class Policies
 public class Roles
 {
     public const string Customer = "Customer";
+	public const string M2MAccess = "M2MAccess";  // Machine to Machine
 }

src/Core/EcommerceDDD.Core.Infrastructure/Identity/TokenRequester.cs

@@ -13,7 +13,7 @@ public class TokenRequester(
 	private readonly IMemoryCache _cache = cache;
 	private readonly IHttpContextAccessor _contextAccessor = httpContextAccessor;
 
-	private const string _applicationKey = "ApplicationToken";
+	private const string _applicationKey = "application_token";
 	private const string _userAccessTokenKey = "access_token";
 
 	// Caching application token

src/Core/EcommerceDDD.Core/Exceptions/Types/ApplicationLogicException.cs

@@ -1,3 +1,3 @@
 namespace EcommerceDDD.Core.Exceptions.Types;
 
-public class ApplicationLogicException(string message) : Exception(message) { }
+public class ApplicationLogicException(string message, Exception? exception = null) : Exception(message, exception) { }

src/Crosscutting/EcommerceDDD.IdentityServer/Configurations/IdentityConfiguration.cs

@@ -81,6 +81,8 @@ public class IdentityConfiguration
 				ClientId = "ecommerceddd.application_client",
 				AllowedGrantTypes = GrantTypes.ClientCredentials,
 				RequireClientSecret = true,
+				AlwaysSendClientClaims = true,
+				ClientClaimsPrefix = string.Empty,
 				ClientSecrets = new List<Secret>
 				{
 					new Secret("secret33587^&%&^%&^f3%%%".Sha256())
@@ -92,7 +94,11 @@ public class IdentityConfiguration
 					_writeScope,
 					_deleteScope
 				},
-				AccessTokenLifetime = 86400
+				AccessTokenLifetime = 86400,
+				Claims = new List<ClientClaim>
+				{
+					new ClientClaim(JwtClaimTypes.Role, Roles.M2MAccess)
+				}
 			}
 		};
 }

src/Crosscutting/EcommerceDDD.ServiceClients/Kiota/Api/Inventory/InventoryRequestBuilder.cs

@@ -1,8 +1,6 @@
 // <auto-generated/>
 #pragma warning disable CS0618
 using EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.CheckStockQuantity;
-using EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.DecreaseStockQuantity;
-using EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.IncreaseStockQuantity;
 using EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item;
 using Microsoft.Kiota.Abstractions.Extensions;
 using Microsoft.Kiota.Abstractions;
@@ -23,16 +21,6 @@ public partial class InventoryRequestBuilder : BaseRequestBuilder
         {
             get => new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.CheckStockQuantity.CheckStockQuantityRequestBuilder(PathParameters, RequestAdapter);
         }
-        /// <summary>The decreaseStockQuantity property</summary>
-        public global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder DecreaseStockQuantity
-        {
-            get => new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder(PathParameters, RequestAdapter);
-        }
-        /// <summary>The increaseStockQuantity property</summary>
-        public global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder IncreaseStockQuantity
-        {
-            get => new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder(PathParameters, RequestAdapter);
-        }
         /// <summary>Gets an item from the EcommerceDDD.ServiceClients.ApiGateway.api.inventory.item collection</summary>
         /// <param name="position">Unique identifier of the item</param>
         /// <returns>A <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.WithProductItemRequestBuilder"/></returns>

src/Crosscutting/EcommerceDDD.ServiceClients/Kiota/Api/Inventory/Item/DecreaseStockQuantity/DecreaseStockQuantityRequestBuilder.cs

@@ -0,0 +1,96 @@
+// <auto-generated/>
+#pragma warning disable CS0618
+using EcommerceDDD.ServiceClients.ApiGateway.Models;
+using Microsoft.Kiota.Abstractions.Extensions;
+using Microsoft.Kiota.Abstractions.Serialization;
+using Microsoft.Kiota.Abstractions;
+using System.Collections.Generic;
+using System.IO;
+using System.Threading.Tasks;
+using System.Threading;
+using System;
+namespace EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity
+{
+    /// <summary>
+    /// Builds and executes requests for operations under \api\inventory\{productId}\decrease-stock-quantity
+    /// </summary>
+    [global::System.CodeDom.Compiler.GeneratedCode("Kiota", "1.0.0")]
+    public partial class DecreaseStockQuantityRequestBuilder : BaseRequestBuilder
+    {
+        /// <summary>
+        /// Instantiates a new <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder"/> and sets the default values.
+        /// </summary>
+        /// <param name="pathParameters">Path parameters for the request</param>
+        /// <param name="requestAdapter">The request adapter to use to execute the requests.</param>
+        public DecreaseStockQuantityRequestBuilder(Dictionary<string, object> pathParameters, IRequestAdapter requestAdapter) : base(requestAdapter, "{+baseurl}/api/inventory/{productId}/decrease-stock-quantity", pathParameters)
+        {
+        }
+        /// <summary>
+        /// Instantiates a new <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder"/> and sets the default values.
+        /// </summary>
+        /// <param name="rawUrl">The raw URL to use for the request builder.</param>
+        /// <param name="requestAdapter">The request adapter to use to execute the requests.</param>
+        public DecreaseStockQuantityRequestBuilder(string rawUrl, IRequestAdapter requestAdapter) : base(requestAdapter, "{+baseurl}/api/inventory/{productId}/decrease-stock-quantity", rawUrl)
+        {
+        }
+        /// <returns>A <see cref="string"/></returns>
+        /// <param name="body">The request body</param>
+        /// <param name="cancellationToken">Cancellation token to use when cancelling requests</param>
+        /// <param name="requestConfiguration">Configuration for the request such as headers, query parameters, and middleware options.</param>
+        /// <exception cref="global::EcommerceDDD.ServiceClients.ApiGateway.Models.ProblemDetails">When receiving a 400 status code</exception>
+#if NETSTANDARD2_1_OR_GREATER || NETCOREAPP3_1_OR_GREATER
+#nullable enable
+        public async Task<string?> PutAsync(global::EcommerceDDD.ServiceClients.ApiGateway.Models.DecreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>>? requestConfiguration = default, CancellationToken cancellationToken = default)
+        {
+#nullable restore
+#else
+        public async Task<string> PutAsync(global::EcommerceDDD.ServiceClients.ApiGateway.Models.DecreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>> requestConfiguration = default, CancellationToken cancellationToken = default)
+        {
+#endif
+            _ = body ?? throw new ArgumentNullException(nameof(body));
+            var requestInfo = ToPutRequestInformation(body, requestConfiguration);
+            var errorMapping = new Dictionary<string, ParsableFactory<IParsable>>
+            {
+                { "400", global::EcommerceDDD.ServiceClients.ApiGateway.Models.ProblemDetails.CreateFromDiscriminatorValue },
+            };
+            return await RequestAdapter.SendPrimitiveAsync<string>(requestInfo, errorMapping, cancellationToken).ConfigureAwait(false);
+        }
+        /// <returns>A <see cref="RequestInformation"/></returns>
+        /// <param name="body">The request body</param>
+        /// <param name="requestConfiguration">Configuration for the request such as headers, query parameters, and middleware options.</param>
+#if NETSTANDARD2_1_OR_GREATER || NETCOREAPP3_1_OR_GREATER
+#nullable enable
+        public RequestInformation ToPutRequestInformation(global::EcommerceDDD.ServiceClients.ApiGateway.Models.DecreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>>? requestConfiguration = default)
+        {
+#nullable restore
+#else
+        public RequestInformation ToPutRequestInformation(global::EcommerceDDD.ServiceClients.ApiGateway.Models.DecreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>> requestConfiguration = default)
+        {
+#endif
+            _ = body ?? throw new ArgumentNullException(nameof(body));
+            var requestInfo = new RequestInformation(Method.PUT, UrlTemplate, PathParameters);
+            requestInfo.Configure(requestConfiguration);
+            requestInfo.Headers.TryAdd("Accept", "application/json, text/plain;q=0.9");
+            requestInfo.SetContentFromParsable(RequestAdapter, "application/json", body);
+            return requestInfo;
+        }
+        /// <summary>
+        /// Returns a request builder with the provided arbitrary URL. Using this method means any other path or query parameters are ignored.
+        /// </summary>
+        /// <returns>A <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder"/></returns>
+        /// <param name="rawUrl">The raw URL to use for the request builder.</param>
+        public global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder WithUrl(string rawUrl)
+        {
+            return new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder(rawUrl, RequestAdapter);
+        }
+        /// <summary>
+        /// Configuration for the request such as headers, query parameters, and middleware options.
+        /// </summary>
+        [Obsolete("This class is deprecated. Please use the generic RequestConfiguration class generated by the generator.")]
+        [global::System.CodeDom.Compiler.GeneratedCode("Kiota", "1.0.0")]
+        public partial class DecreaseStockQuantityRequestBuilderPutRequestConfiguration : RequestConfiguration<DefaultQueryParameters>
+        {
+        }
+    }
+}
+#pragma warning restore CS0618

src/Crosscutting/EcommerceDDD.ServiceClients/Kiota/Api/Inventory/Item/IncreaseStockQuantity/IncreaseStockQuantityRequestBuilder.cs

@@ -0,0 +1,96 @@
+// <auto-generated/>
+#pragma warning disable CS0618
+using EcommerceDDD.ServiceClients.ApiGateway.Models;
+using Microsoft.Kiota.Abstractions.Extensions;
+using Microsoft.Kiota.Abstractions.Serialization;
+using Microsoft.Kiota.Abstractions;
+using System.Collections.Generic;
+using System.IO;
+using System.Threading.Tasks;
+using System.Threading;
+using System;
+namespace EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity
+{
+    /// <summary>
+    /// Builds and executes requests for operations under \api\inventory\{productId}\increase-stock-quantity
+    /// </summary>
+    [global::System.CodeDom.Compiler.GeneratedCode("Kiota", "1.0.0")]
+    public partial class IncreaseStockQuantityRequestBuilder : BaseRequestBuilder
+    {
+        /// <summary>
+        /// Instantiates a new <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder"/> and sets the default values.
+        /// </summary>
+        /// <param name="pathParameters">Path parameters for the request</param>
+        /// <param name="requestAdapter">The request adapter to use to execute the requests.</param>
+        public IncreaseStockQuantityRequestBuilder(Dictionary<string, object> pathParameters, IRequestAdapter requestAdapter) : base(requestAdapter, "{+baseurl}/api/inventory/{productId}/increase-stock-quantity", pathParameters)
+        {
+        }
+        /// <summary>
+        /// Instantiates a new <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder"/> and sets the default values.
+        /// </summary>
+        /// <param name="rawUrl">The raw URL to use for the request builder.</param>
+        /// <param name="requestAdapter">The request adapter to use to execute the requests.</param>
+        public IncreaseStockQuantityRequestBuilder(string rawUrl, IRequestAdapter requestAdapter) : base(requestAdapter, "{+baseurl}/api/inventory/{productId}/increase-stock-quantity", rawUrl)
+        {
+        }
+        /// <returns>A <see cref="string"/></returns>
+        /// <param name="body">The request body</param>
+        /// <param name="cancellationToken">Cancellation token to use when cancelling requests</param>
+        /// <param name="requestConfiguration">Configuration for the request such as headers, query parameters, and middleware options.</param>
+        /// <exception cref="global::EcommerceDDD.ServiceClients.ApiGateway.Models.ProblemDetails">When receiving a 400 status code</exception>
+#if NETSTANDARD2_1_OR_GREATER || NETCOREAPP3_1_OR_GREATER
+#nullable enable
+        public async Task<string?> PutAsync(global::EcommerceDDD.ServiceClients.ApiGateway.Models.IncreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>>? requestConfiguration = default, CancellationToken cancellationToken = default)
+        {
+#nullable restore
+#else
+        public async Task<string> PutAsync(global::EcommerceDDD.ServiceClients.ApiGateway.Models.IncreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>> requestConfiguration = default, CancellationToken cancellationToken = default)
+        {
+#endif
+            _ = body ?? throw new ArgumentNullException(nameof(body));
+            var requestInfo = ToPutRequestInformation(body, requestConfiguration);
+            var errorMapping = new Dictionary<string, ParsableFactory<IParsable>>
+            {
+                { "400", global::EcommerceDDD.ServiceClients.ApiGateway.Models.ProblemDetails.CreateFromDiscriminatorValue },
+            };
+            return await RequestAdapter.SendPrimitiveAsync<string>(requestInfo, errorMapping, cancellationToken).ConfigureAwait(false);
+        }
+        /// <returns>A <see cref="RequestInformation"/></returns>
+        /// <param name="body">The request body</param>
+        /// <param name="requestConfiguration">Configuration for the request such as headers, query parameters, and middleware options.</param>
+#if NETSTANDARD2_1_OR_GREATER || NETCOREAPP3_1_OR_GREATER
+#nullable enable
+        public RequestInformation ToPutRequestInformation(global::EcommerceDDD.ServiceClients.ApiGateway.Models.IncreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>>? requestConfiguration = default)
+        {
+#nullable restore
+#else
+        public RequestInformation ToPutRequestInformation(global::EcommerceDDD.ServiceClients.ApiGateway.Models.IncreaseQuantityInStockRequest body, Action<RequestConfiguration<DefaultQueryParameters>> requestConfiguration = default)
+        {
+#endif
+            _ = body ?? throw new ArgumentNullException(nameof(body));
+            var requestInfo = new RequestInformation(Method.PUT, UrlTemplate, PathParameters);
+            requestInfo.Configure(requestConfiguration);
+            requestInfo.Headers.TryAdd("Accept", "application/json, text/plain;q=0.9");
+            requestInfo.SetContentFromParsable(RequestAdapter, "application/json", body);
+            return requestInfo;
+        }
+        /// <summary>
+        /// Returns a request builder with the provided arbitrary URL. Using this method means any other path or query parameters are ignored.
+        /// </summary>
+        /// <returns>A <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder"/></returns>
+        /// <param name="rawUrl">The raw URL to use for the request builder.</param>
+        public global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder WithUrl(string rawUrl)
+        {
+            return new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder(rawUrl, RequestAdapter);
+        }
+        /// <summary>
+        /// Configuration for the request such as headers, query parameters, and middleware options.
+        /// </summary>
+        [Obsolete("This class is deprecated. Please use the generic RequestConfiguration class generated by the generator.")]
+        [global::System.CodeDom.Compiler.GeneratedCode("Kiota", "1.0.0")]
+        public partial class IncreaseStockQuantityRequestBuilderPutRequestConfiguration : RequestConfiguration<DefaultQueryParameters>
+        {
+        }
+    }
+}
+#pragma warning restore CS0618

src/Crosscutting/EcommerceDDD.ServiceClients/Kiota/Api/Inventory/Item/WithProductItemRequestBuilder.cs

@@ -1,6 +1,8 @@
 // <auto-generated/>
 #pragma warning disable CS0618
+using EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity;
 using EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.History;
+using EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity;
 using Microsoft.Kiota.Abstractions.Extensions;
 using Microsoft.Kiota.Abstractions;
 using System.Collections.Generic;
@@ -15,11 +17,21 @@ namespace EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item
     [global::System.CodeDom.Compiler.GeneratedCode("Kiota", "1.0.0")]
     public partial class WithProductItemRequestBuilder : BaseRequestBuilder
     {
+        /// <summary>The decreaseStockQuantity property</summary>
+        public global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder DecreaseStockQuantity
+        {
+            get => new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.DecreaseStockQuantity.DecreaseStockQuantityRequestBuilder(PathParameters, RequestAdapter);
+        }
         /// <summary>The history property</summary>
         public global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.History.HistoryRequestBuilder History
         {
             get => new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.History.HistoryRequestBuilder(PathParameters, RequestAdapter);
         }
+        /// <summary>The increaseStockQuantity property</summary>
+        public global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder IncreaseStockQuantity
+        {
+            get => new global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.IncreaseStockQuantity.IncreaseStockQuantityRequestBuilder(PathParameters, RequestAdapter);
+        }
         /// <summary>
         /// Instantiates a new <see cref="global::EcommerceDDD.ServiceClients.ApiGateway.Api.Inventory.Item.WithProductItemRequestBuilder"/> and sets the default values.
         /// </summary>