Merge pull request #857 from ITfoxtec/qa

Qa

FoxIDs.sln

@@ -73,7 +73,6 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "docs", "docs", "{CB5D86A0-D
 		docs\get-started.md = docs\get-started.md
 		docs\gs-context-handler.md = docs\gs-context-handler.md
 		docs\gs-nemlogin.md = docs\gs-nemlogin.md
-		docs\health.md = docs\health.md
 		docs\howto-connect.md = docs\howto-connect.md
 		docs\howto-environmentlink-foxids.md = docs\howto-environmentlink-foxids.md
 		docs\howto-oidc-foxids.md = docs\howto-oidc-foxids.md
@@ -82,6 +81,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "docs", "docs", "{CB5D86A0-D
 		docs\language.md = docs\language.md
 		docs\logging.md = docs\logging.md
 		docs\login.md = docs\login.md
+		docs\monitoring.md = docs\monitoring.md
 		docs\name-title-icon-css.md = docs\name-title-icon-css.md
 		docs\oauth-2.0.md = docs\oauth-2.0.md
 		docs\oidc.md = docs\oidc.md
@@ -174,8 +174,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "images", "images", "{CB8812
 		docs\images\how-to-context-handler.svg = docs\images\how-to-context-handler.svg
 		docs\images\how-to-environment-link.svg = docs\images\how-to-environment-link.svg
 		docs\images\how-to.vsdx = docs\images\how-to.vsdx
-		docs\images\howto-environmentlink-foxids-app-reg.png = docs\images\howto-environmentlink-foxids-app-reg.png
-		docs\images\howto-environmentlink-foxids-auth-method.png = docs\images\howto-environmentlink-foxids-auth-method.png
+		docs\images\howto-environmentlink-foxids-auth-method-select.png = docs\images\howto-environmentlink-foxids-auth-method-select.png
+		docs\images\howto-environmentlink-foxids-auth-method-y-select.png = docs\images\howto-environmentlink-foxids-auth-method-y-select.png
 		docs\images\howto-oidc-azuread-readredirect.png = docs\images\howto-oidc-azuread-readredirect.png
 		docs\images\howto-oidc-facebook-app-details.png = docs\images\howto-oidc-facebook-app-details.png
 		docs\images\howto-oidc-facebook-config.png = docs\images\howto-oidc-facebook-config.png

docs/app-reg-oauth-2.0.md

@@ -7,7 +7,7 @@ FoxIDs OAuth 2.0 application registration enable you to connect an APIs as [OAut
 ## OAuth 2.0 Resource
 An API is configured as a OAuth 2.0 application registration resource.
 
-- Click New registration and then OAuth 2.0 - Resource (API)
+- Click New application and then OAuth 2.0 - Resource (API)
 - Specify resource (API) name in application registration name.
 - Specify one or more scopes.
 
@@ -18,7 +18,7 @@ A client can subsequently be given access by configuring [resource and scopes](a
 ## Client Credentials Grant
 An application using Client Credentials Grant could be a backend service secured by a client id and secret or key.
 
-- Click New registration and then OAuth 2.0 - Client Credentials Grant
+- Click New application and then OAuth 2.0 - Client Credentials Grant
 - Specify client name in application registration name.
 - Specify client authentication method, default `client secret post`
     - A secret is default generated

docs/auth-method-howto-oidc-facebook.md

@@ -13,7 +13,7 @@ This chapter describes how to configure a connection with OpenID Connect Authori
 **1 - Start by creating an OpenID Connect authentication method in [FoxIDs Control Client](control.md#foxids-control-client)**
 
  1. Navigate to the **Authentication Methods** tab
- 2. Click **New method**
+ 2. Click **New authentication**
  3. Select **OpenID Provider**
  4. Add the **Name** e.g. Facebook
  5. Add the Facebook **Authority**, you can either select to use Facebook login with the `https://www.facebook.com/` authority or Facebook Limited login with the `https://limited.facebook.com/` authority

docs/auth-method-howto-oidc-google.md

@@ -13,7 +13,7 @@ This chapter describes how to configure a connection with OpenID Connect Authori
 **1 - Start by creating an OpenID Connect authentication method in [FoxIDs Control Client](control.md#foxids-control-client)**
 
  1. Navigate to the **Authentication Methods** tab
- 2. Click **New method**
+ 2. Click **New authentication**
  3. Select **OpenID Provider**
  4. Add the **Name** e.g. Google
  5. Add the Google authority `https://accounts.google.com/` in **Authority**

docs/auth-method-howto-saml-2.0-nemlogin.md

@@ -63,7 +63,7 @@ It is subsequently possible to add a secondary certificate and to swap between t
 **1) - Start by creating an SAML 2.0 authentication method in [FoxIDs Control Client](control.md#foxids-control-client)**
 
 1. Select the Authentication methods tab
-2. Click Create authentication method and then SAML 2.0
+2. Click New authentication and then SAML 2.0
 3. Add the name
 4. Select show advanced settings
 5. Select the dot URL binding pattern

docs/get-started.md

@@ -23,7 +23,7 @@ You can select another environment, create a new environment or start building i
 Let's configure the first OpenID Connect application and log in with a test user.  
 You can optionally start by taking a look at the [sample applications](samples.md) which also can be [configured](samples.md#configure-samples-in-foxids-environment) in the you test environment. 
 
-Click `New registration` to configure your OpenID Connect application and select the type of application.
+Click `New application` to configure your OpenID Connect application and select the type of application.
 
 ![New app registration](images/get-started-new-app-reg.png)
 

docs/howto-environmentlink-foxids.md

@@ -1,6 +1,6 @@
 # Connect two environments with Environment Link
 
-FoxIDs environments in the same tenant can be connected with environment links. A Environment Link acts mostly like OpenID Connect but it is simpler to configure and the steps it goes through is faster. 
+FoxIDs environments in the same tenant can be connected with environment links. An Environment Link acts mostly like OpenID Connect but it is simpler to configure and the steps it goes through is faster. 
 
 ![Environment Link](images/how-to-environment-link.svg)
 
@@ -9,36 +9,27 @@ Environment links is fast and secure but can only be used in the same tenant. A
 > Take a look at the sample environment links configuration in FoxIDs Control: [https://control.foxids.com/test-corp](https://control.foxids.com/test-corp)  
 > Get read access with the user `reader@foxids.com` and password `TestAccess!` then e.g., take a look at the `nemlogin` and `Production` environments.
 
-Environment links support login, RP-initiated logout and front-channel logout. Furthermore, it is possible to configure [claim and claim transforms](claim.md), logout session and home realm discovery (HRD) like all other connecting authentication methods and application registrations.
+Environment links support login, logout and single logout and it is possible to configure [claim and claim transforms](claim.md), logout session and home realm discovery (HRD) like all other connecting authentication methods and application registrations.
 
 ## Configure integration
 
-The following describes how to connect two environments called `track_x` and `track_y` where `track_y` become an authentication method on `track_x`.
+The following describes how to connect two environments called `Environment X` and `Environment Y`. The environment `Environment X` will be enabled to login with `Environment Y` as an authentication method.
 
-**1 - Start in the `track_x` environment by creating a Environment Link in [FoxIDs Control Client](control.md#foxids-control-client)**
+**Select in the `Environment X` environment in [FoxIDs Control Client](control.md#foxids-control-client)**
 
-1. Select the Authentication methods tab
-2. Click Create authentication method and then Environment Link
-3. Add the name e.g., `track_y-connection` 
-4. Add the `track_y` environment name
-5. Add the application registration name in the `track_y` environment e.g., `track_x-connection` 
-6. Click Create
-
-![Create Environment Link authentication method](images/howto-environmentlink-foxids-auth-method.png)
-
-**2 - Then go to the `track_y` environment and create a Environment Link in [FoxIDs Control Client](control.md#foxids-control-client)**
+1. Select the **Authentication Methods** tab
+2. Click **New authentication**
+3. Select **Show advanced**  
+4. Select **Environment Link**     
+   ![Select Environment Link authentication method](images/howto-environmentlink-foxids-auth-method-select.png)
 
-1. Select the Applications tab
-2. Click Create application registration and then Environment Link
-3. Add the name e.g., `track_x-connection` 
-4. Add the `track_x` environment name
-5. Add the authentication method name in the `track_x` environment e.g., `track_y-connection` 
-6. Select which authentication methods in the `track_y` environment the user is allowed to use for authentication
+5. Add the name e.g., `Environment X to Y` 
+4. Select the `Environment Y` environment
+   ![Select Environment Link authentication method](images/howto-environmentlink-foxids-auth-method-y-select.png)
 6. Click Create
 
-![Create Environment Link application registration](images/howto-environmentlink-foxids-app-reg.png)
-
 That's it, you are done. 
 
-> Your new authentication method `track_y-connection` can now be selected as an allowed authentication method in the application registrations in you `track_x` environment.  
-> The application registrations in you `track_x` environment can read the claims from your `track_y-connection` authentication method. 
+Your new authentication method `Environment X to Y` can now be selected as an allowed authentication method in the application registrations in you `Environment X` environment.  
+
+You can find the application registration `Environment X to Y` in the `Environment Y` environment where authentication method(s) can be selected.

docs/howto-saml-2.0-context-handler.md

@@ -65,7 +65,7 @@ This guide describe how to setup Context Handler as a SAML 2.0 Identity Provider
 **1 - Start by creating an SAML 2.0 authentication method in [FoxIDs Control Client](control.md#foxids-control-client)**
 
 1. Select the Authentication methods tab
-2. Click Create authentication method and then SAML 2.0
+2. Click New authentication and then SAML 2.0
 3. Add the name
 4. Add the Context Handler IdP metadata in the Metadata URL field  
    Test metadata: `https://n2adgangsstyring.eksterntest-stoettesystemerne.dk/runtime/saml2/metadata.idp`  

src/FoxIDs.Control/Controllers/Client/WController.cs

@@ -1,13 +1,14 @@
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Hosting;
-using System.Globalization;
 using System.Reflection;
-using System;
 using ITfoxtec.Identity;
+using Microsoft.AspNetCore.Diagnostics;
+using System;
+using FoxIDs.Repository;
+using FoxIDs.Models;
 
 namespace FoxIDs.Controllers.Client
-{
+{    
     public class WController : Controller
     {
         private static string indexFile;
@@ -24,15 +25,69 @@ public IActionResult Index()
             return GetProcessedIndexFile();
         }
 
-        private IActionResult GetProcessedIndexFile()
+        [ResponseCache(Location = ResponseCacheLocation.None, NoStore = true)]
+        public IActionResult Error()
+        {
+            var exceptionHandlerPathFeature = HttpContext.Features.Get<IExceptionHandlerPathFeature>();
+            return GetProcessedIndexFile(GetTechnicalError(exceptionHandlerPathFeature?.Error));
+        }
+
+        private string GetTechnicalError(Exception exception)
+        {
+            if (exception != null)
+            {
+                var dataException = FindException<FoxIDsDataException>(exception);
+                if (dataException != null && dataException.StatusCode == DataStatusCode.NotFound)
+                {
+                    return $"Unknown tenant{GetTenantName(dataException)}.";
+                }
+                else
+                {
+                    return exception.Message;
+                }
+            }
+
+            return "Unknown error";
+        }
+
+        private string GetTenantName(FoxIDsDataException dataException)
+        {
+            var eSplit = dataException.Message.Split(':');
+            if (eSplit.Length > 1)
+            {
+                eSplit = eSplit[1].Split('\'');
+                return $" '{eSplit[0]}'";
+            }
+            return string.Empty;
+        }
+
+        private IActionResult GetProcessedIndexFile(string technicalError = null)
         {
             if (indexFile == null)
             {
                 var file = currentEnvironment.WebRootFileProvider.GetFileInfo("index.html");
                 indexFile = System.IO.File.ReadAllText(file.PhysicalPath);
                 indexFile = indexFile.Replace("{version}", GetBuildDate());
             }
-            return Content(indexFile, "text/html");
+            return Content(AddErrorInfo(indexFile, technicalError), "text/HTML");
+        }
+
+        private string AddErrorInfo(string indexFile, string technicalError)
+        {
+            if (technicalError.IsNullOrEmpty())
+            {
+                return indexFile.Replace("{error}", string.Empty);
+            }
+            else
+            {
+                var errorInfo = new ErrorInfo
+                {
+                    CreateTime = DateTimeOffset.Now.ToUnixTimeSeconds(),
+                    RequestId = HttpContext.TraceIdentifier,
+                    TechnicalError = technicalError
+                };
+                return indexFile.Replace("{error}", errorInfo.ToJson());
+            }
         }
 
         private static string GetBuildDate()
@@ -52,5 +107,21 @@ private static string GetBuildDate()
             }
             return default;
         }
+
+        private T FindException<T>(Exception exception) where T : Exception
+        {
+            if (exception is T)
+            {
+                return exception as T;
+            }
+            else if (exception.InnerException != null)
+            {
+                return FindException<T>(exception.InnerException);
+            }
+            else
+            {
+                return null;
+            }
+        }
     }
 }