All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Updated NuGet packages
- Replaced Postman collections with a Polyglot Notebook solution
- Migrated from .NET 6 to .NET 8
- Migrated docker compose from v1 to v2
- Added SSL Server Validation capability with switched off by default
- Added custom User-Agent header for request filtering on GetClientJwks
- Updated NuGet packages to avoid vulnerabilities
- Location for log file in appsettings file is fixed - Issue 65
- lastUpdated field fixed to populate the correct value
- Remove the old Scope "cdr-register:bank:read" references
- Added property code_challenge_methods_supported in Mock Register
- Audience validations for token endpoint have been fixed
- Refactored code and fixed code smells
- Removed Mock Data Holder Energy mTLS server certificate as Mock Data Holder Banking and Mock Data Holder Energy mTLS server certificates are now combined.
- Certificate DN for Register and Data Holder are updated - Issue 60
- Selflinks to use public host name / secure host name if configured.
- Client_id is now optional in the access token request.
- Removed client certificate thumbprint check from the access token request.
- Accreditation Number format has been updated in seed data.
- Regenerated all mTLS, SSA and TLS certificates to allow for another five years before they expire.
- Append base path to URIs in discovery document
- Links in readme
- Added new API admin/metadata/data-recipients to add or update a Data Recipient into the Register.
- Added new API admin/metadata/data-holders to add or update a Data Holder into the Register.
- Added dynamic base path to allow changes to external facing URLs.
- Retired end of life APIs.
- The 'jti' claim in the client assertion sent to the token endpoint is now checked for re-use. An error is raised if the jti value is re-used
- Register client certificate
- Some error codes that were not aligned with the CDR Register are now aligned
- Database structure to move legal entity status to participation status
- Logging middleware to create a centralised list of all API requests and responses
- Get SSA x-v 1 and 2 now only return banking scopes. x-v 3 still returns banking and energy scopes
- Transactional database tables updated to temporal tables
- Issue occuring when using docker compose eco system. Issue 52
- Removed CDR.Register.IdentityServer project that relied on Identity Server 4 and replaced with CDR.Register.Infosec project.
- Updated package references.
- Fixed incorrect element in Get Data Holder Brands response. Issue 1
- Fixed issue with authorisation scopes for latest version of authenticated register APIs. Get Data Holder Brands and Get SSA.
- First version of the Mock Register deployed into the CDR Sandbox.
- Split the Docker compose functionality. There is now a Docker Compose file to start the mock CDR ecosystem and a Docker Compose file to start the mock register on its own.
- Updated container help instructions
- Updated Read Me
- Updated Certificate Management Read Me
- Build and Test action to archive test results. Add Test Report action.
- Support for multiple industries added to the Mock Register. Banking, Energy, Telco and 'all' are now valid industries for GetDataRecipients, GetDataRecipientsStatus, GetSoftwareProductStatus, GetSoftwareStatementAssertion, GetDataHolderBrands, GetDataHoldersStatus. Banking industry only versions of these APIs are available for backwards compatibility.
- Energy and Telco as supported sectors.
- GetDataHoldersStatus API.
- Data Holder Brands entry to support and represent the upcoming Mock Data Holder Energy.
- Energy scopes for the Mock Data Recipient.
- Upgraded the Mock Register codebase to .NET 6.
- Replaced SQLite database with MSSQL database.
- Changed the TLS certificates for the Mock Register to be signed by the Mock CDR CA.
- Extra steps detailed for using the solution in visual studio, docker containers and docker compose file.
- Regenerated all mTLS, SSA and TLS certificates to allow for another year before they expire.
- docker-compose file to orchestrate mock-register/mock-data-holder/mock-data-recipient containers.
- Updated hosts in seed-data.json and appsettings.Production.json to reflect container names.
- Added docker-compose information to readme file
access_tokenvariable within the Postman collection, to make calling requests that need it easier.
- Bumped
Microsoft.AspNetCore.Authentication.JwtBearerfrom5.0.5to5.0.9due to CVE-2021-34532
- Added an
appsettings.Pipeline.jsonfile to each project to set configuration that can be used in a DevOps build pipeline. - Added
.github\workflows\dotnet.ymlfile to build and test the source code on check in and PR todevelopandmain. - Added
.github\workflows\docker.ymlfile to build the docker container on check in and PR todevelopandmain.
- Updated the
launchSettings.jsonfile for each project to include aProductionandPipelineprofile. - Removed the hardcoded connection string from the integration tests and replaced with configuration.
- Include
industryfield in Get Data Holder Brands response. - Moved PR template to
.github/pull_request_template.mdso that it correctly autofills a new PR. - Fixed when the SonarCloud action runs so that it doesnt error on PRs that aren't allowed access to secrets.
- First release of the Mock Register.