GITBOOK-84: Update cookiebot consent

Author: cornehoskam

13/umbraco-engage/developers/ab-testing/csharp-api.md

@@ -4,38 +4,69 @@ description: >-
   Umbraco Engage C# API.
 ---
 
-# Retrieving A/B test variants in C#
+# Retrieving A/B test variants in C\#
 
 ## Retrieving Active A/B test variants
 
 You can retrieve the active A/B test variants for a visitor in different ways depending on your specific scenario:
 
-* `IAbTestingService.GetCurrentVisitorActiveAbTestVariants()`
-  * Namespace: `Umbraco.Engage.Web.AbTesting`
-  * Returns the active variants for the current visitor on the current page.
-  * Can only be used with an active request context
 * `IAbTestingVisitorService.GetVisitorAbTestVariants(visitorExternalId, pageId, culture, contentTypeId)`
-  * Namespace: `Umbraco.Engage.Business.AbTesting`
+  * Namespace: `Umbraco.Engage.Infrastructure.AbTesting.Services.Interfaces`
   * Retrieves active A/B test variants on a specific page, without requiring a request context.
   * The visitor external id can be retrieved using `IAnalyticsVisitorExternalIdHandler.GetExternalId()`
 * `IAbTestVisitorToVariantManager.GetActiveVisitorVariants(visitorExternalId)`
-  * Namespace: `Umbraco.Engage.Business.AbTesting`
+  * Namespace: `Umbraco.Engage.Infrastructure.AbTesting`
   * Retrieves _all_ active A/B test variants for the given visitor throughout the website.
   * The visitor external id can be retrieved using `IAnalyticsVisitorExternalIdHandler.GetExternalId()`
 
-### Example
+### Example - Getting the A/B test variants for the current visitor
 
-To use these services, inject the specified service into your code. The example below uses `IAbTestingService.GetCurrentVisitorActiveAbTestVariants()` by injecting the service into a controller:
+This example demonstrates how to create a service that retrieves the active A/B test variants for a specific visitor, content, and culture variation. The service wraps the `IAbTestingVisitorService.GetVisitorAbTestVariants()` method, using the current HttpContext and UmbracoContext to obtain the visitor ID and requested content.
 
 ```cs
-using Umbraco.Engage.Business.AbTesting;
-using Umbraco.Engage.Web.AbTesting;
+using Umbraco.Cms.Core.Models.PublishedContent;
+using Umbraco.Cms.Core.Web;
+using Umbraco.Engage.Infrastructure.AbTesting.Models;
+using Umbraco.Engage.Infrastructure.AbTesting.Services.Interfaces;
+using Umbraco.Engage.Infrastructure.Analytics.Collection.Visitor;
 
-public class YourController : SurfaceController
+namespace Umbraco.Example;
+
+public class ExampleService
 {
-    public YourController(IAbTestingService abTestingService)
+    private readonly IHttpContextAccessor _httpContextAccessor;
+    private readonly IUmbracoContextAccessor _umbracoContextAccessor;
+    private readonly IAnalyticsVisitorExternalIdHandler _externalIdHandler;
+    private readonly IAbTestingVisitorService _abTestingVisitorService;
+
+    public ExampleService(
+        IHttpContextAccessor httpContextAccessor,
+        IUmbracoContextAccessor umbracoContextAccessor,
+        IAnalyticsVisitorExternalIdHandler externalIdHandler,
+        IAbTestingVisitorService abTestingVisitorService)
+    {
+        _httpContextAccessor = httpContextAccessor;
+        _umbracoContextAccessor = umbracoContextAccessor;
+        _externalIdHandler = externalIdHandler ;
+        _abTestingVisitorService = abTestingVisitorService;
+    }
+
+    /// <summary>
+    /// Gets the active A/B test variants for the current visitor.
+    /// </summary>
+    /// <returns>Active <see cref="AbTestVariant"/>s for the visitor, or an empty list if unavailable.</returns>
+    public IEnumerable<AbTestVariant> GetCurrentVisitorActiveAbTestVariants()
     {
-        var activeVariantsCurrentVisitor = abTestingService.GetCurrentVisitorActiveAbTestVariants();
+        if (_httpContextAccessor?.HttpContext is not HttpContext httpCtx ||
+            _externalIdHandler.GetExternalId(httpCtx) is not Guid externalId)
+            return [];
+        
+        if (!_umbracoContextAccessor.TryGetUmbracoContext(out var umbCtx) || 
+            umbCtx.PublishedRequest?.Culture is not string culture || 
+            umbCtx.PublishedRequest?.PublishedContent is not IPublishedContent content)
+            return [];
+
+        return _abTestingVisitorService.GetVisitorAbTestVariants(externalId, content.Id, culture, content.ContentType.Id);
     }
 }
 ```

13/umbraco-engage/security-and-privacy/gdpr/how-to-become-gdpr-compliant-using-cookiebot.md

@@ -28,6 +28,7 @@ The rest of the code is deserializing the JSON string stored inside the cookie f
 ```cs
 using System.Text.Json;
 using System.Text.Json.Serialization;
+using System.Text.RegularExpressions;
 using System.Web;
 using Umbraco.Engage.Infrastructure.Permissions.ModulePermissions;
 
@@ -56,7 +57,7 @@ namespace Umbraco.Engage.StarterKit.CookieBot
             return IsAllowed(context, "preferences");
         }
 
-        private bool IsAllowed(HttpContext context, string cookiePermission)
+        public bool IsAllowed(HttpContext context, string cookiePermission)
         {
             // C# Code from CookieBot to check for their cookie
             // https://www.cookiebot.com/en/developer/#h-server-side-usage
@@ -81,34 +82,41 @@ namespace Umbraco.Engage.StarterKit.CookieBot
             return false;
         }
 
-        private bool CheckCookieBotValue(string rawCookieBotConsentValues, string cookiePermissionToCheck)
+        public bool CheckCookieBotValue(string rawCookieBotConsentValues, string cookiePermissionToCheck)
         {
             // Read current user consent in encoded JSON
             // Sample JSON cookie payload
             /*
-            {
-                "stamp": "Ov4gD1JVnDnBaJv8K2wYQlyWlnNlT/AKO768tibZYdQGNj/EolraLw==",
-                "necessary": true,
-                "preferences": true,
-                "statistics": true,
-                "marketing": true,
-                "method": "explicit",
-                "ver": 1,
-                "utc": 1698057791350,
-                "region": "gb"
-            }
+             * {
+             *      stamp:'Ov4gD1JVnDnBaJv8K2wYQlyWlnNlT/AKO768tibZYdQGNj/EolraLw==',
+             *      necessary:true,
+             *      preferences:false,
+             *      statistics:true,
+             *      marketing:false,
+             *      method:'explicit',
+             *      ver:1,
+             *      utc:1698057791350,
+             *      region:'gb'
+             * }
             */
 
             // Decode the consent string
-            var decodedConsent = HttpUtility.UrlDecode(rawCookieBotConsentValues);
+            var rawDecodedConsent = HttpUtility.UrlDecode(rawCookieBotConsentValues);
 
-            if(decodedConsent == null)
+            if(rawDecodedConsent == null)
             {
                 return false;
             }
+            
+            // Because the CookieBot consent cookie is not actually valid JSON, we need to do some preprocessing.
+            // Step 1: Quote property names (e.g., stamp → "stamp")
+            var consentStep1 = Regex.Replace(rawDecodedConsent, @"(?<={|,)\s*(\w+)\s*:", m => $"\"{m.Groups[1].Value}\":");
+
+            // Step 2: Replace single-quoted string values with double quotes
+            var consentStep2 = Regex.Replace(consentStep1, @"'([^']*)'", "\"$1\"");
 
             // Deserialize the consent to a dynamic object
-            var cookieBotConsentValues = JsonSerializer.Deserialize<CookieBotConsent>(decodedConsent);
+            var cookieBotConsentValues = JsonSerializer.Deserialize<CookieBotConsent>(consentStep2);
             if (cookieBotConsentValues == null)
             {
                 // Something went wrong with the cookieConsent deserialization
@@ -142,6 +150,7 @@ namespace Umbraco.Engage.StarterKit.CookieBot
         public bool Necessary { get; set; }
 
         [JsonPropertyName("preferences")]
+
         public bool Preferences { get; set; }
 
         [JsonPropertyName("statistics")]