Ticket ## : Fix UpdatePassword BPMN workflow

Author: habarthierry-hue

src/CaseManagement.BPMN.AspNetCore/Apis/ProcessInstancesController.cs

@@ -64,7 +64,7 @@ public async Task<IActionResult> Search([FromBody] SearchProcessInstancesQuery s
         }
 
         [HttpGet("{id}/start")]
-        [Authorize("Authenticated")]
+        // [Authorize("Authenticated")]
         public async Task<IActionResult> Start(string id, CancellationToken cancellationToken)
         {
             try

src/CaseManagement.BPMN.Host/Bpmns/UpdatePassword.bpmn

@@ -4,7 +4,7 @@
   <message id="humanTaskCreated" name="humanTaskCreated" />
   <process id="Process_1" isExecutable="false">
     <serviceTask id="Task_1hcentk" name="Send Email" implementation="##csharpcallback" cmg:delegateId="SendEmailDelegate">
-      <incoming>Flow_0dts36d</incoming>
+      <incoming>Flow_0c7dmuv</incoming>
     </serviceTask>
     <userTask id="Activity_0fhwdxz" name="Submit Password" implementation="##WsHumanTask" cmg:wsHumanTaskDefName="updatePassword">
       <incoming>Flow_1fdpmlk</incoming>
@@ -25,26 +25,35 @@
     </startEvent>
     <sequenceFlow id="Flow_1fdpmlk" sourceRef="StartEvent_1y45yut" targetRef="Activity_0fhwdxz" />
     <boundaryEvent id="Event_0q7uygb" attachedToRef="Activity_0fhwdxz">
-      <outgoing>Flow_02s526x</outgoing>
+      <outgoing>Flow_1n7tsdg</outgoing>
       <messageEventDefinition id="MessageEventDefinition_135rspe" messageRef="humanTaskCreated" />
     </boundaryEvent>
-    <sequenceFlow id="Flow_02s526x" sourceRef="Event_0q7uygb" targetRef="Activity_0owchb4" />
-    <sequenceFlow id="Flow_0dts36d" sourceRef="Activity_0owchb4" targetRef="Task_1hcentk" />
     <serviceTask id="Activity_0owchb4" name="Generate OTP" implementation="##csharpcallback" cmg:delegateId="GenerateOTPDelegate">
-      <incoming>Flow_02s526x</incoming>
-      <outgoing>Flow_0dts36d</outgoing>
+      <incoming>Flow_1xgm5e7</incoming>
+      <outgoing>Flow_0c7dmuv</outgoing>
+    </serviceTask>
+    <sequenceFlow id="Flow_1xgm5e7" sourceRef="Activity_13pndds" targetRef="Activity_0owchb4" />
+    <sequenceFlow id="Flow_0c7dmuv" sourceRef="Activity_0owchb4" targetRef="Task_1hcentk" />
+    <sequenceFlow id="Flow_1n7tsdg" sourceRef="Event_0q7uygb" targetRef="Activity_13pndds" />
+    <serviceTask id="Activity_13pndds" name="Assign HumanTask" implementation="##csharpcallback" cmg:delegateId="assignHumanTask">
+      <incoming>Flow_1n7tsdg</incoming>
+      <outgoing>Flow_1xgm5e7</outgoing>
     </serviceTask>
   </process>
   <bpmndi:BPMNDiagram id="BpmnDiagram_1">
     <bpmndi:BPMNPlane id="BpmnPlane_1" bpmnElement="Process_1">
-      <bpmndi:BPMNEdge id="Flow_0dts36d_di" bpmnElement="Flow_0dts36d">
-        <omgdi:waypoint x="490" y="350" />
-        <omgdi:waypoint x="490" y="440" />
-      </bpmndi:BPMNEdge>
-      <bpmndi:BPMNEdge id="Flow_02s526x_di" bpmnElement="Flow_02s526x">
+      <bpmndi:BPMNEdge id="Flow_1n7tsdg_di" bpmnElement="Flow_1n7tsdg">
         <omgdi:waypoint x="490" y="208" />
         <omgdi:waypoint x="490" y="270" />
       </bpmndi:BPMNEdge>
+      <bpmndi:BPMNEdge id="Flow_0c7dmuv_di" bpmnElement="Flow_0c7dmuv">
+        <omgdi:waypoint x="720" y="350" />
+        <omgdi:waypoint x="720" y="440" />
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNEdge id="Flow_1xgm5e7_di" bpmnElement="Flow_1xgm5e7">
+        <omgdi:waypoint x="540" y="310" />
+        <omgdi:waypoint x="670" y="310" />
+      </bpmndi:BPMNEdge>
       <bpmndi:BPMNEdge id="Flow_1fdpmlk_di" bpmnElement="Flow_1fdpmlk">
         <omgdi:waypoint x="188" y="150" />
         <omgdi:waypoint x="390" y="150" />
@@ -58,7 +67,7 @@
         <omgdi:waypoint x="720" y="150" />
       </bpmndi:BPMNEdge>
       <bpmndi:BPMNShape id="Activity_1saua76_di" bpmnElement="Task_1hcentk">
-        <omgdc:Bounds x="440" y="440" width="100" height="80" />
+        <omgdc:Bounds x="670" y="440" width="100" height="80" />
       </bpmndi:BPMNShape>
       <bpmndi:BPMNShape id="Activity_1j5vxke_di" bpmnElement="Activity_0fhwdxz">
         <omgdc:Bounds x="390" y="110" width="100" height="80" />
@@ -73,6 +82,9 @@
         <omgdc:Bounds x="152" y="132" width="36" height="36" />
       </bpmndi:BPMNShape>
       <bpmndi:BPMNShape id="Activity_0yn3q1b_di" bpmnElement="Activity_0owchb4">
+        <omgdc:Bounds x="670" y="270" width="100" height="80" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNShape id="Activity_1n5f85d_di" bpmnElement="Activity_13pndds">
         <omgdc:Bounds x="440" y="270" width="100" height="80" />
       </bpmndi:BPMNShape>
       <bpmndi:BPMNShape id="Event_10s7arv_di" bpmnElement="Event_0q7uygb">

src/CaseManagement.BPMN.Host/Delegates/AssignHumanTaskInstanceDelegate.cs

@@ -0,0 +1,114 @@
+using CaseManagement.BPMN.Domains;
+using CaseManagement.BPMN.Exceptions;
+using CaseManagement.BPMN.ProcessInstance.Processors;
+using IdentityModel.Client;
+using Newtonsoft.Json.Linq;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net.Http;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace CaseManagement.BPMN.Host.Delegates
+{
+    public class AssignHumanTaskInstanceDelegate : IDelegateHandler
+    {
+        public async Task<ICollection<MessageToken>> Execute(BPMNExecutionContext context, ICollection<MessageToken> incoming, DelegateConfigurationAggregate delegateConfiguration, CancellationToken cancellationToken)
+        {
+            var user = incoming.FirstOrDefault(i => i.Name == "user");
+            if (user == null)
+            {
+                throw new BPMNProcessorException("user must be passed in the request");
+            }
+
+            var userId = user.GetProperty("userId");
+            if (string.IsNullOrWhiteSpace(userId))
+            {
+                throw new BPMNProcessorException("userId is not passed in the request");
+            }
+
+            var humanTaskInstanceId = incoming.First(i => i.Name == "humanTaskCreated").JObjMessageContent.SelectToken("humanTaskInstance.id").ToString();
+            using (var httpClient = new HttpClient())
+            {
+
+                var parameter = AssignHumanTaskInstanceParameter.Create(delegateConfiguration);
+                var tokenResponse = await httpClient.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
+                {
+                    Address = parameter.TokenUrl,
+                    ClientId = parameter.ClientId,
+                    ClientSecret = parameter.ClientSecret,
+                    Scope = "manage_humantaskinstance"
+                }, cancellationToken);
+                await Claim(httpClient, parameter, humanTaskInstanceId, userId, tokenResponse.AccessToken, cancellationToken);
+                await Start(httpClient, parameter, humanTaskInstanceId, userId, tokenResponse.AccessToken, cancellationToken);
+            }
+
+            ICollection<MessageToken> result = new List<MessageToken>
+            {
+                MessageToken.EmptyMessage(context.Pointer.InstanceFlowNodeId, "assignHumanTaskInstance")
+            };
+            return result;
+        }
+
+        private static async Task Claim(HttpClient httpClient, AssignHumanTaskInstanceParameter parameter, string humanTaskInstanceId, string userId, string accessToken, CancellationToken cancellationToken)
+        {
+            var obj = new JObject
+            {
+                { "userId", userId }
+            };
+            var content = new StringContent(obj.ToString(), Encoding.UTF8, "application/json");
+            var url = parameter.HumanTaskInstanceClaimUrl.Replace("{id}", humanTaskInstanceId);
+            var request = new HttpRequestMessage
+            {
+                Method = HttpMethod.Post,
+                Content = content,
+                RequestUri = new Uri(url)
+            };
+            request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            var httpResponse = await httpClient.SendAsync(request, cancellationToken);
+            httpResponse.EnsureSuccessStatusCode();
+        }
+
+        private static async Task Start(HttpClient httpClient, AssignHumanTaskInstanceParameter parameter, string humanTaskInstanceId, string userId, string accessToken, CancellationToken cancellationToken)
+        {
+            var obj = new JObject
+            {
+                { "userId", userId }
+            };
+            var content = new StringContent(obj.ToString(), Encoding.UTF8, "application/json");
+            var url = parameter.HumanTaskInstanceStartUrl.Replace("{id}", humanTaskInstanceId);
+            var request = new HttpRequestMessage
+            {
+                Method = HttpMethod.Post,
+                Content = content,
+                RequestUri = new Uri(url)
+            };
+            request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            var httpResponse = await httpClient.SendAsync(request, cancellationToken);
+            httpResponse.EnsureSuccessStatusCode();
+        }
+
+        private class AssignHumanTaskInstanceParameter
+        {
+            public string TokenUrl { get; set; }
+            public string ClientId { get; set; }
+            public string ClientSecret { get; set; }
+            public string HumanTaskInstanceClaimUrl { get; set; }
+            public string HumanTaskInstanceStartUrl { get; set; }
+
+            public static AssignHumanTaskInstanceParameter Create(DelegateConfigurationAggregate delegateConfiguration)
+            {
+                return new AssignHumanTaskInstanceParameter
+                {
+                    ClientId = delegateConfiguration.GetValue("clientId"),
+                    ClientSecret = delegateConfiguration.GetValue("clientSecret"),
+                    TokenUrl = delegateConfiguration.GetValue("tokenUrl"),
+                    HumanTaskInstanceClaimUrl = delegateConfiguration.GetValue("humanTaskInstanceClaimUrl"),
+                    HumanTaskInstanceStartUrl = delegateConfiguration.GetValue("humanTaskInstanceStartUrl")
+                };
+            }
+        }
+    }
+}

src/CaseManagement.BPMN.Host/Startup.cs

@@ -198,7 +198,7 @@ private static ConcurrentBag<DelegateConfigurationAggregate> GetDelegateConfigur
             var sendEmailDelegate = DelegateConfigurationAggregate.Create("SendEmailDelegate", typeof(SendEmailDelegate).FullName);
             sendEmailDelegate.AddDisplayName("fr", "Envoyer un email");
             sendEmailDelegate.AddDisplayName("en", "Send email");
-            sendEmailDelegate.AddRecord("httpBody", "Please update the password by clicking on the website {{configuration.Get('humanTaskUrl')}}/humantasks/{{messages.Get('humanTaskCreated', 'humanTaskInstance.fileId')}}/instances/{{messages.Get('humanTaskCreated', 'humanTaskInstance.id')}}?auth=email, the OTP code is {{messages.Get('otp', 'otpCode')}}");
+            sendEmailDelegate.AddRecord("httpBody", "Please update the password by clicking on the website {{configuration.Get('humanTaskUrl')}}/humantaskinstances/{{messages.Get('humanTaskCreated', 'humanTaskInstance.id')}}?auth=email, the OTP code is {{messages.Get('otp', 'otpCode')}}");
             sendEmailDelegate.AddRecord("subject", "Update password");
             sendEmailDelegate.AddRecord("fromEmail", credential.Login);
             sendEmailDelegate.AddRecord("smtpHost", "smtp.gmail.com");
@@ -226,12 +226,22 @@ private static ConcurrentBag<DelegateConfigurationAggregate> GetDelegateConfigur
             generateOTPDelegate.AddRecord("userUrl", "https://localhost:60000/management/users/{id}/otp");
             generateOTPDelegate.AddRecord("scope", "manage_users");
 
+            var assignHumanTaskInstanceDelegate = DelegateConfigurationAggregate.Create("assignHumanTask", typeof(AssignHumanTaskInstanceDelegate).FullName);
+            assignHumanTaskInstanceDelegate.AddDisplayName("fr", "Assigner la tâche humaine");
+            assignHumanTaskInstanceDelegate.AddDisplayName("en", "Assign human task");
+            assignHumanTaskInstanceDelegate.AddRecord("clientId", "humanTaskClient");
+            assignHumanTaskInstanceDelegate.AddRecord("clientSecret", "humanTaskClientSecret");
+            assignHumanTaskInstanceDelegate.AddRecord("tokenUrl", "https://localhost:60000/token");
+            assignHumanTaskInstanceDelegate.AddRecord("humanTaskInstanceClaimUrl", "http://localhost:60006/humantaskinstances/{id}/force/claim");
+            assignHumanTaskInstanceDelegate.AddRecord("humanTaskInstanceStartUrl", "http://localhost:60006/humantaskinstances/{id}/force/start");
+
             return new ConcurrentBag<DelegateConfigurationAggregate>
             {
                 getWeatherInformationDelegate,
                 sendEmailDelegate,
                 updateUserPasswordDelegate,
-                generateOTPDelegate
+                generateOTPDelegate,
+                assignHumanTaskInstanceDelegate
             };
         }
 

src/CaseManagement.BPMN/ProcessInstance/Processors/Activities/Handlers/WsHumanTaskHandler.cs

@@ -66,7 +66,7 @@ public async Task<ICollection<MessageToken>> Execute(BPMNExecutionContext execut
                         Address = _options.OAuthTokenEndpoint,
                         ClientId = _options.ClientId,
                         ClientSecret = _options.ClientSecret,
-                        Scope = "create_humantaskinstance"
+                        Scope = "manage_humantaskinstance"
                     }, token);
                     if (tokenResponse.IsError)
                     {
@@ -91,10 +91,11 @@ public async Task<ICollection<MessageToken>> Execute(BPMNExecutionContext execut
                     var str = await httpResult.Content.ReadAsStringAsync();
                     var o = JObject.Parse(str);
                     var humanTaskInstanceId = o["id"].ToString();
+                    var humanTaskDefId = o["defId"].ToString();
                     executionContext.Instance.UpdateMetadata(pointer.InstanceFlowNodeId, HUMANTASK_INSTANCE_ID_NAME, humanTaskInstanceId);
                     var humanTaskInstance = new JObject();
                     humanTaskInstance.Add("id", humanTaskInstanceId);
-                    humanTaskInstance.Add("fileId", userTask.HumanTaskName);
+                    humanTaskInstance.Add("fileId", humanTaskDefId);
                     var messageContent = new JObject();
                     messageContent.Add("humanTaskInstance", humanTaskInstance);
                     executionContext.Instance.ConsumeMessage(new MessageToken

src/CaseManagement.HumanTask.AspNetCore/Apis/HumanTaskInstancesController.cs

@@ -27,7 +27,7 @@ public HumanTaskInstancesController(IMediator mediator)
         #region Actions
 
         [HttpPost]
-        [Authorize(HumanTaskConstants.ScopeNames.CreateHumanTaskInstance)]
+        [Authorize(HumanTaskConstants.ScopeNames.ManageHumanTaskInstance)]
         public Task<IActionResult> Add([FromBody] CreateHumanTaskInstanceCommand parameter, CancellationToken token)
         {
             parameter.IgnorePermissions = true;
@@ -113,6 +113,25 @@ public async Task<IActionResult> Claim(string id, CancellationToken token)
             }
         }
 
+        [HttpPost("{id}/force/claim")]
+        [Authorize(HumanTaskConstants.ScopeNames.ManageHumanTaskInstance)]
+        public async Task<IActionResult> Claim(string id, [FromBody] ForceClaimHumanTaskInstanceCommand cmd, CancellationToken token)
+        {
+            try
+            {
+                cmd.HumanTaskInstanceId = id;
+                await _mediator.Send(cmd, token);
+                return new NoContentResult();
+            }
+            catch (UnknownHumanTaskInstanceException ex)
+            {
+                return this.ToError(new List<KeyValuePair<string, string>>
+                {
+                    new KeyValuePair<string, string>("bad_request", ex.Message)
+                }, HttpStatusCode.NotFound, Request);
+            }
+        }
+
         [HttpGet("{id}/start")]
         [Authorize("Authenticated")]
         public async Task<IActionResult> Start(string id, CancellationToken token)
@@ -144,6 +163,26 @@ public async Task<IActionResult> Start(string id, CancellationToken token)
             }
         }
 
+
+        [HttpPost("{id}/force/start")]
+        [Authorize(HumanTaskConstants.ScopeNames.ManageHumanTaskInstance)]
+        public async Task<IActionResult> Start(string id, [FromBody] ForceStartHumanTaskInstanceCommand cmd, CancellationToken token)
+        {
+            try
+            {
+                cmd.HumanTaskInstanceId = id;
+                await _mediator.Send(cmd, token);
+                return new NoContentResult();
+            }
+            catch (UnknownHumanTaskInstanceException ex)
+            {
+                return this.ToError(new List<KeyValuePair<string, string>>
+                {
+                    new KeyValuePair<string, string>("bad_request", ex.Message)
+                }, HttpStatusCode.NotFound, Request);
+            }
+        }
+
         [HttpPost("{id}/complete")]
         [Authorize("Authenticated")]
         public async Task<IActionResult> Complete(string id, [FromBody] CompleteHumanTaskInstanceCommand parameter, CancellationToken token)
@@ -309,7 +348,7 @@ private async Task<IActionResult> SharedAdd(CreateHumanTaskInstanceCommand param
             {
                 parameter.Claims = User.GetClaims();
                 var result = await _mediator.Send(parameter, token);
-                return new CreatedResult(string.Empty, new { id = result });
+                return new CreatedResult(string.Empty, result);
             }
             catch (UnknownHumanTaskDefException ex)
             {

src/CaseManagement.HumanTask.AspNetCore/AuthorizationOptionsExtensions.cs

@@ -10,9 +10,9 @@ public static class AuthorizationOptionsExtensions
         public static void AddDefaultHumanTaskAuthorizationPolicy(this AuthorizationOptions opts)
         {
             opts.AddPolicy("Authenticated", p => p.RequireAuthenticatedUser());
-            opts.AddPolicy(HumanTaskConstants.ScopeNames.CreateHumanTaskInstance, p =>
+            opts.AddPolicy(HumanTaskConstants.ScopeNames.ManageHumanTaskInstance, p =>
             {
-                p.RequireClaim("scope", HumanTaskConstants.ScopeNames.CreateHumanTaskInstance);
+                p.RequireClaim("scope", HumanTaskConstants.ScopeNames.ManageHumanTaskInstance);
             });
         }
     }

src/CaseManagement.HumanTask.Host/Startup.cs

@@ -157,6 +157,8 @@ public void ConfigureServices(IServiceCollection services)
                         "bpmnClient",
                         "caseManagementTasklistWebsite",
                         "caseManagementWebsite",
+                        "simpleIdServerWebsite",
+                        "humanTaskClient",
                         "https://localhost:60000",
                         "https://simpleidserver.northeurope.cloudapp.azure.com/openid"
                     },

src/CaseManagement.HumanTask/Authorization/AuthorizationHelper.cs

@@ -116,7 +116,7 @@ protected virtual async Task<bool> IsAuthorized(ICollection<PeopleAssignmentInst
 
         private static bool IsAdmin(IEnumerable<KeyValuePair<string, string>> claims)
         {
-            return claims.Any(_ => _.Key == "scope" && _.Value == HumanTaskConstants.ScopeNames.CreateHumanTaskInstance);
+            return claims.Any(_ => _.Key == "scope" && _.Value == HumanTaskConstants.ScopeNames.ManageHumanTaskInstance);
         }
     }
 }

src/CaseManagement.HumanTask/HumanTaskConstants.cs

@@ -12,7 +12,7 @@ public static class RouteNames
 
         public static class ScopeNames
         {
-            public const string CreateHumanTaskInstance = "create_humantaskinstance";
+            public const string ManageHumanTaskInstance = "manage_humantaskinstance";
         }
     }
 }