Merge pull request #941 from SkillsFundingAgency/CON-2991_Redis-data-…

…protection

Con 2991 redis data protection

azure/template.json

@@ -106,6 +106,10 @@
       "type": "securestring",
       "defaultValue": ""
     },
+    "DataProtectionKeysDatabase": {
+      "type": "string",
+      "defaultValue": ""
+    },
     "ApprenticeshipProgrammesApiBaseUrl": {
       "type": "string",
       "defaultValue": ""
@@ -191,6 +195,7 @@
         "CobrowsingSnippetKey": ""
       }
     },
+
     "FaaConfiguration": {
       "type": "secureObject",
       "defaultValue": {
@@ -621,7 +626,15 @@
                 {
                   "name": "ZenDesk:CobrowsingSnippetKey",
                   "value": "[parameters('ZenDesk').CobrowsingSnippetKey]"
-                }
+                },
+                {
+                  "name": "RedisConnectionSettings:RedisConnectionString",
+                  "value": "[parameters('StorageRedisConnectionString')]"
+                },
+                {
+                  "name": "RedisConnectionSettings:DataProtectionKeysDatabase",
+                  "value": "[parameters('DataProtectionKeysDatabase')]"
+                }                
               ]
             }
           },
@@ -633,11 +646,6 @@
                   "connectionString": "[parameters('LoggingRedisConnectionString')]",
                   "type": "Custom"
                 },
-                {
-                  "name": "StorageRedis",
-                  "connectionString": "[parameters('StorageRedisConnectionString')]",
-                  "type": "Custom"
-                },
                 {
                   "name": "MongoDb",
                   "connectionString": "[concat('mongodb://', variables('CosmosDbName'), ':', reference(variables('CosmosDbName')).outputs.PrimaryMasterKey.value,'@', variables('CosmosDbName'), '.documents.azure.com:10255/?ssl=true&replicaSet=globaldb')]",
@@ -791,7 +799,15 @@
                 {
                   "name": "FaaConfiguration:StorageConnectionString",
                   "value": "[parameters('FaaConfiguration').StorageConnectionString]"
-                }
+                },
+                {
+                  "name": "RedisConnectionSettings:RedisConnectionString",
+                  "value": "[parameters('StorageRedisConnectionString')]"
+                },
+                {
+                  "name": "RedisConnectionSettings:DataProtectionKeysDatabase",
+                  "value": "[parameters('DataProtectionKeysDatabase')]"
+                }    
               ]
             }
           },
@@ -803,11 +819,6 @@
                   "connectionString": "[parameters('LoggingRedisConnectionString')]",
                   "type": "Custom"
                 },
-                {
-                  "name": "StorageRedis",
-                  "connectionString": "[parameters('StorageRedisConnectionString')]",
-                  "type": "Custom"
-                },
                 {
                   "name": "MongoDb",
                   "connectionString": "[concat('mongodb://', variables('CosmosDbName'), ':', reference(variables('CosmosDbName')).outputs.PrimaryMasterKey.value,'@', variables('CosmosDbName'), '.documents.azure.com:10255/?ssl=true&replicaSet=globaldb')]",
@@ -1029,7 +1040,15 @@
                 {
                   "name": "ProviderRelationshipsApiConfiguration:Tenant",
                   "value": "[parameters('ProviderRelationshipsApiConfiguration').Tenant]"
-                }
+                },
+                {
+                  "name": "RedisConnectionSettings:RedisConnectionString",
+                  "value": "[parameters('StorageRedisConnectionString')]"
+                },
+                {
+                  "name": "RedisConnectionSettings:DataProtectionKeysDatabase",
+                  "value": "[parameters('DataProtectionKeysDatabase')]"
+                } 
               ]
             }
           },
@@ -1041,11 +1060,6 @@
                   "connectionString": "[parameters('LoggingRedisConnectionString')]",
                   "type": "Custom"
                 },
-                {
-                  "name": "StorageRedis",
-                  "connectionString": "[parameters('StorageRedisConnectionString')]",
-                  "type": "Custom"
-                },
                 {
                   "name": "MongoDb",
                   "connectionString": "[concat('mongodb://', variables('CosmosDbName'), ':', reference(variables('CosmosDbName')).outputs.PrimaryMasterKey.value,'@', variables('CosmosDbName'), '.documents.azure.com:10255/?ssl=true&replicaSet=globaldb')]",

src/Communication/Communication.Core/Communication.Core.csproj

@@ -22,7 +22,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0-beta2-19270-01" PrivateAssets="All" />
+    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0" PrivateAssets="All" />
     <PackageReference Include="Microsoft.Extensions.Logging" Version="2.1.1" />
     <PackageReference Include="WindowsAzure.Storage" Version="9.3.3" />
 

src/Communication/Communication.Types/Communication.Types.csproj

@@ -22,7 +22,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0-beta2-19270-01" PrivateAssets="All" />
+    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0" PrivateAssets="All" />
   </ItemGroup>
 
 </Project>

src/Employer/Employer.Web/Employer.Web.csproj

@@ -11,6 +11,7 @@
     <PackageReference Include="FluentValidation.AspNetCore" Version="7.5.2" />
     <PackageReference Include="Humanizer.Core.uk" Version="2.7.9" />
     <PackageReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" Version="2.2.5" />
     <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="2.1.10" />
     <PackageReference Include="NWebsec.AspNetCore.Core" Version="2.0.0" />
     <PackageReference Include="NWebsec.AspNetCore.Middleware" Version="2.0.0" />

src/Employer/Employer.Web/Startup.ConfigureServices.cs

@@ -1,4 +1,5 @@
 using Esfa.Recruit.Employer.Web.Configuration;
+using Esfa.Recruit.Shared.Web.Extensions;
 using Esfa.Recruit.Shared.Web.FeatureToggle;
 using Esfa.Recruit.Vacancies.Client.Infrastructure.Client;
 using Microsoft.AspNetCore.Hosting;
@@ -57,7 +58,9 @@ public void ConfigureServices(IServiceCollection services)
 
                 services.AddAuthenticationService(_authConfig, sp.GetService<IEmployerVacancyClient>(), sp.GetService<IRecruitVacancyClient>(), sp.GetService<IHostingEnvironment>());
                 services.AddAuthorizationService();
-            }            
+            }
+
+            services.AddDataProtection(_configuration, _hostingEnvironment, applicationName: "das-employer-recruit-web");
         }
     }
 }

src/Employer/Employer.Web/appsettings.Development.json

@@ -25,9 +25,12 @@
   "Features": {
     "SetNotificationPreferences": true
   },
+  "RedisConnectionSettings": {
+    "RedisConnectionString": "localhost:6379",
+    "DataProtectionKeysDatabase": "abc123"
+  },
   "ConnectionStrings": {
     "Redis": "localhost:6379",
-    "StorageRedis": "localhost:6379",
     "MongoDb": "mongodb://dbadmin:changeme@localhost:27017/admin/?ssl=false&authMechanism=SCRAM-SHA-1",
     "QueueStorage": "UseDevelopmentStorage=true",
     "TableStorage": "UseDevelopmentStorage=true"

src/Employer/Employer.Web/appsettings.json

@@ -39,11 +39,15 @@
     "FindProviderUrl": "https://findapprenticeshiptraining.apprenticeships.education.gov.uk/provider/search",
     "CommitmentsSiteUrl": "https://manage-apprenticeships.service.gov.uk/",
     "NationalMinimumWageRates": "https://www.gov.uk/national-minimum-wage-rates",
-    "EmployerFavouritesUrl": "https://test-employerfavourites.apprenticeships.education.gov.uk"    
+    "EmployerFavouritesUrl": "https://test-employerfavourites.apprenticeships.education.gov.uk"
   },
   "Features": {
     "SetNotificationPreferences": false
   },
+  "RedisConnectionSettings": {
+    "RedisConnectionString": "",
+    "DataProtectionKeysDatabase": ""
+  },
   "ManageApprenticeshipsRoutes": {
     "ManageApprenticeshipSiteAccountsHomeRoute": "/accounts/{0}/teams",
     "ManageApprenticeshipSiteHelpRoute": "/service/help",
@@ -78,7 +82,6 @@
   },
   "ConnectionStrings": {
     "Redis": "",
-    "StorageRedis": "",
     "MongoDb": "",
     "QueueStorage": "",
     "TableStorage": ""

src/Employer/IntegrationTests/IntegrationTests.csproj

@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
     <IsPackable>false</IsPackable>
     <RootNamespace>Esfa.Recruit.Employer.IntegrationTests</RootNamespace>
   </PropertyGroup>

src/Provider/Provider.Web/Provider.Web.csproj

@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
   <PropertyGroup>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
     <UserSecretsId>recruit-provider-web</UserSecretsId>
     <RootNamespace>Esfa.Recruit.Provider.Web</RootNamespace>
   </PropertyGroup>
@@ -17,7 +17,7 @@
     <PackageReference Include="NWebsec.AspNetCore.Mvc.TagHelpers" Version="2.0.0" />
     <PackageReference Include="SFA.DAS.NLog.Targets.Redis" Version="1.2.1" />
     <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.7.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.WsFederation" Version="2.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.WsFederation" Version="2.2.0" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\..\Shared\Recruit.Vacancies.Client\Recruit.Vacancies.Client.csproj" />

src/Provider/Provider.Web/Startup.ConfigureServices.cs

@@ -1,4 +1,5 @@
 using Esfa.Recruit.Provider.Web.Configuration;
+using Esfa.Recruit.Shared.Web.Extensions;
 using Esfa.Recruit.Vacancies.Client.Infrastructure.Client;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Mvc.Razor;
@@ -43,6 +44,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             services.AddMvcService(_hostingEnvironment, _loggerFactory);
+            services.AddDataProtection(_configuration, _hostingEnvironment, applicationName: "das-provider-recruit-web");
 
             services.AddApplicationInsightsTelemetry(_configuration);
 

src/Provider/Provider.Web/appsettings.Development.json

@@ -30,5 +30,9 @@
     "QueueStorage": "UseDevelopmentStorage=true",
     "TableStorage": "UseDevelopmentStorage=true"
   },
-  "UseTableStorageQueryStore": false
+  "UseTableStorageQueryStore": false,
+  "RedisConnectionSettings": {
+    "RedisConnectionString": "localhost:6379",
+    "DataProtectionKeysDatabase": "abc123"
+  }
 }

src/Provider/Provider.Web/appsettings.json

@@ -69,7 +69,6 @@
   },
   "ConnectionStrings": {
     "Redis": "",
-    "StorageRedis": "",
     "MongoDb": "",
     "QueueStorage": "",
     "TableStorage": ""
@@ -93,5 +92,9 @@
     "ClientId": "",
     "ClientSecret": "",
     "ApiBaseUrl": ""
+  },
+  "RedisConnectionSettings": {
+    "RedisConnectionString": "",
+    "DataProtectionKeysDatabase": ""
   }
 }

src/Provider/UnitTests/UnitTests.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
 
     <IsPackable>false</IsPackable>
 

src/QA/QA.Web/QA.Web.csproj

@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
   <PropertyGroup>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
     <UserSecretsId>recruit-qa-web</UserSecretsId>
     <RootNamespace>Esfa.Recruit.Qa.Web</RootNamespace>
   </PropertyGroup>
@@ -10,11 +10,11 @@
   <ItemGroup>
     <PackageReference Include="FluentValidation.AspNetCore" Version="7.5.2" />
     <PackageReference Include="Microsoft.AspNetCore.App" />
-    <PackageReference Include="NLog.Web.AspNetCore" Version="4.8.3"/>
-    <PackageReference Include="SFA.DAS.NLog.Targets.Redis" Version="1.2.1"/>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.WsFederation" Version="2.1.2"/>
-    <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.7.0"/>
-    <PackageReference Include="NWebsec.AspNetCore.Middleware" Version="2.0.0"/>
+    <PackageReference Include="NLog.Web.AspNetCore" Version="4.8.3" />
+    <PackageReference Include="SFA.DAS.NLog.Targets.Redis" Version="1.2.1" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.WsFederation" Version="2.2.0" />
+    <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.7.0" />
+    <PackageReference Include="NWebsec.AspNetCore.Middleware" Version="2.0.0" />
     <PackageReference Include="NWebsec.AspNetCore.Mvc.TagHelpers" Version="2.0.0" />
     <PackageReference Include="Humanizer.Core.uk" Version="2.7.9" />
   </ItemGroup>

src/QA/QA.Web/Startup.ConfigureServices.cs

@@ -7,11 +7,13 @@
 using Esfa.Recruit.QA.Web.Filters;
 using Esfa.Recruit.QA.Web.Orchestrators;
 using Esfa.Recruit.Shared.Web.Configuration;
+using Esfa.Recruit.Shared.Web.Extensions;
 using Esfa.Recruit.Shared.Web.Mappers;
 using Esfa.Recruit.Shared.Web.RuleTemplates;
 using Esfa.Recruit.Shared.Web.Services;
 using Esfa.Recruit.Vacancies.Client.Application.Configuration;
 using Esfa.Recruit.Vacancies.Client.Ioc;
+using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc.Razor;
 using Microsoft.Extensions.Configuration;
@@ -23,15 +25,17 @@ namespace Esfa.Recruit.Qa.Web
     public partial class Startup
     {
         private readonly IConfiguration _configuration;
+        private readonly IHostingEnvironment _hostingEnvironment;
         private readonly AuthenticationConfiguration _authenticationConfig;
         private readonly AuthorizationConfiguration _legacyAuthorizationConfig;
         private readonly AuthorizationConfiguration _authorizationConfig;
         private readonly ExternalLinksConfiguration _externalLinks;
         private readonly ILoggerFactory _loggerFactory;
 
-        public Startup(IConfiguration configuration, ILoggerFactory loggerFactory)
+        public Startup(IConfiguration configuration, IHostingEnvironment env, ILoggerFactory loggerFactory)
         {
             _configuration = configuration;
+            _hostingEnvironment = env;
             _authenticationConfig = _configuration.GetSection("Authentication").Get<AuthenticationConfiguration>();
             _legacyAuthorizationConfig = _configuration.GetSection("LegacyAuthorization").Get<AuthorizationConfiguration>();
             _authorizationConfig = _configuration.GetSection("Authorization").Get<AuthorizationConfiguration>();
@@ -54,6 +58,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             services.AddMvcService(_loggerFactory);
+            services.AddDataProtection(_configuration, _hostingEnvironment, applicationName: "das-qa-recruit-web");
 
             services.AddAntiforgery(
                 options =>

src/QA/QA.Web/appsettings.Development.json

@@ -17,13 +17,16 @@
   "Slack": {
     "FindAnApprenticeshipDetailPrefixUrl": "https://www.findapprenticeship.service.gov.uk/apprenticeship/"
   },
+  "RedisConnectionSettings": {
+    "RedisConnectionString": "localhost:6379",
+    "DataProtectionKeysDatabase": "abc123"
+  },
   "ConnectionStrings": {
     "Redis": "localhost:6379",
-    "StorageRedis": "localhost:6379",
     "MongoDb": "mongodb://dbadmin:changeme@localhost:27017/admin/?ssl=false&authMechanism=SCRAM-SHA-1",
     "QueueStorage": "UseDevelopmentStorage=true",
     "TableStorage": "UseDevelopmentStorage=true",
-    "CommunicationsStorage": "UseDevelopmentStorage=true",
+    "CommunicationsStorage": "UseDevelopmentStorage=true"
   },
   "ExternalLinks": {
     "StaffIdamsUrl": "https://adfs.preprod.skillsfunding.service.gov.uk"

src/QA/QA.Web/appsettings.json

@@ -16,7 +16,6 @@
   },
   "ConnectionStrings": {
     "Redis": "",
-    "StorageRedis": "",
     "MongoDb": "",
     "QueueStorage": "",
     "TableStorage": "",
@@ -52,5 +51,9 @@
   "UseTableStorageQueryStore": false,
   "FaaConfiguration": {
     "StorageConnectionString": ""
+  },
+  "RedisConnectionSettings": {
+    "RedisConnectionString": "",
+    "DataProtectionKeysDatabase": ""
   }
 }

src/QA/UnitTests/UnitTests.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
     <IsPackable>false</IsPackable>
   </PropertyGroup>
 

src/Shared/Recruit.Shared.Web/Configuration/RedisConnectionSettings.cs

@@ -0,0 +1,8 @@
+namespace Esfa.Recruit.Shared.Web.Configuration
+{
+    public class RedisConnectionSettings
+    {
+        public string RedisConnectionString { get; set; }
+        public string DataProtectionKeysDatabase { get; set; }
+    }
+}